Group admission control apparatus and methods

US 7,751,569 B2
Filed: 11/19/2002
Issued: 07/06/2010
Est. Priority Date: 11/19/2002
Status: Active Grant

First Claim

Patent Images

1. A method for admission control for a group, said group comprising a plurality of members and having a group key used for encryption of messages, said method comprising the steps of:

a first party to be admitted to the group;

receiving, from a group administrator, a first key, wherein said first key is an updated group key, said updated group key being sent from the administrator, to the plurality of members;

receiving, from the group administrator, a second key unique to said first party; and

verifying group membership by receiving a challenge and replying to said challenge, wherein said replying to said challenge is performed by modifying data by the use of a one-way function having said first key as an input.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention uses a group key management scheme for admission control while enabling various conventional approaches toward establishing peer-to-peer security. Various embodiments of the invention can provide peer-to-peer confidentiality and authenticity, such that other parties, such as group members, can not understand communications not intended for them. A group key may be used in combination with known unicast security protocols to establish, implicitly or explicitly, proof of group membership together with bi-lateral secure communication.

17 Citations

View as Search Results

14 Claims

1. A method for admission control for a group, said group comprising a plurality of members and having a group key used for encryption of messages, said method comprising the steps of:
- a first party to be admitted to the group;
  
  receiving, from a group administrator, a first key, wherein said first key is an updated group key, said updated group key being sent from the administrator, to the plurality of members;
  
  receiving, from the group administrator, a second key unique to said first party; and
  
  verifying group membership by receiving a challenge and replying to said challenge, wherein said replying to said challenge is performed by modifying data by the use of a one-way function having said first key as an input.
- View Dependent Claims (2, 3)
- - 2. The method of claim 1, wherein said first key is updated at least once during a predetermined time interval.
  - 3. The method of claim 1, wherein said step of verifying group membership is performed anonymously.

4. A method for admission control for a group, said group comprising a plurality of members and having a group key used for encryption of messages, said method comprising the steps of:
- enabling a first party to verify group membership to at least one of the plurality of members by;
  
  sending a first key to the first party, wherein said first key is an updated group key;
  
  sending a second key to said first party; and
  
  sending said first key to the plurality of members of said group;
  
  whereinsaid second key is unique to said first party,wherein,said first party verifies group membership by receiving a challenge and replying to said challenge, said replying to said challenge is performed by modifying data by the use of a one-way function having said first key as an input.
- View Dependent Claims (5)
- - 5. The method of claim 4, wherein said first key is updated at least once during a predetermined time interval.

6. An electronic device, comprising:
- an admission control facility for controlling access to a group, said group comprising a plurality of members and having a group key used for encryption of messages, said admission control facility comprising;
  
  a receiver adapted to receive a request from a first party for admission to said group; and
  
  a sender adapted to enable said first party to verify group membership to at least one of the plurality of members by sending a first key and a second key to said first party, whereinsaid first key is an updated group key and is sent to said plurality of members;
  
  said second key is unique to first said party and is sent exclusively to said first party; and
  
  said first party verifies group membership by receiving a challenge and replying to said challenge, said replying to said challenge is performed by modifying data by use of a one-way function having said first key as an input.
- View Dependent Claims (7, 8, 9, 10, 11, 12, 13)
- - 7. The electronic device of claim 6, wherein said first key is updated upon addition of at least one member to said group.
  - 8. The electronic device of claim 6, wherein said first key is updated upon removal of at least one member from said group.
  - 9. The electronic device of claim 6, wherein said sender is adapted to send said first key at least once during a predetermined time interval to said members of said group.
  - 10. The electronic device of claim 6, wherein said first key is updated at least once during a predetermined time interval.
  - 11. The electronic device of claim 6 wherein the admission control facility is a server.
  - 12. The electronic device of claim 6 wherein the admission control facility is a web server.
  - 13. The electronic device of claim 6 wherein the admission control facility is an intermediary between a client and a server.

14. An electronic device holding computer-executable instructions for performing a method of admission control for a group, comprising the steps of:
- enabling a first party to verify group membership to at least one of the plurality of members by;
  
  sending a first key to the first party, wherein said first key is an updated group key;
  
  sending a second key to said first party; and
  
  sending said first key to the plurality of members of said group;
  
  whereinsaid second key is unique to said first party,wherein,said first party verifies group membership by receiving a challenge and replying to said challenge, said replying to said challenge is performed by modifying data by the use of a one-way function having said first key as an input.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Oracle America, Inc. (Oracle Corporation)
Original Assignee
Oracle America, Inc. (Oracle Corporation)
Inventors
Caronni, Germano, Scott, Glenn C.
Primary Examiner(s)
Zand; Kambiz
Assistant Examiner(s)
Tran; Tongoc

Application Number

US10/299,454
Publication Number

US 20040096063A1
Time in Patent Office

2,786 Days
Field of Search

713/163, 713/171, 713/155, 380/278, 380/45, 380/281, 380/284, 380/279, 380/44, 380/277
US Class Current

380/277
CPC Class Codes

H04L 2209/42   Anonymization, e.g. involvi...

H04L 2209/60   Digital content management,...

H04L 9/0833   involving conference or gro...

H04L 9/0891   Revocation or update of sec...

Group admission control apparatus and methods

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

17 Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

Group admission control apparatus and methods

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

17 Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links