Adaptive encryption
First Claim
Patent Images
1. An adaptive encryption apparatus, the apparatus comprising:
- memory that stores a sensitivity level in association with a data resource, wherein the sensitivity level is further associated with an encryption technique; and
an access filter executable by a processor to;
determine a trust level of a user based on at least an identification technique used to identify the user and a network path used by the user to request the data resource,authorize the user to access a requested data resource based on at least the determined trust level and the sensitivity level associated with the requested data resource stored in memory, andencrypt a session for providing the requested data resource, the session being encrypted based on an encryption technique associated with the sensitivity level of the requested data resource.
28 Assignments
0 Petitions
Accused Products
Abstract
A scalable access filter is used in a virtual private network to control access by users at clients in the network to information resources provided by servers in the network. Access is permitted or denied according to access policies which define access in terms of the user groups and information sets. The access filter in the path performs the access check, encrypts and authenticates the request.
128 Citations
17 Claims
-
1. An adaptive encryption apparatus, the apparatus comprising:
-
memory that stores a sensitivity level in association with a data resource, wherein the sensitivity level is further associated with an encryption technique; and an access filter executable by a processor to; determine a trust level of a user based on at least an identification technique used to identify the user and a network path used by the user to request the data resource, authorize the user to access a requested data resource based on at least the determined trust level and the sensitivity level associated with the requested data resource stored in memory, and encrypt a session for providing the requested data resource, the session being encrypted based on an encryption technique associated with the sensitivity level of the requested data resource. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A method for adaptive encryption in sessions providing data resources, the method comprising:
-
assigning a sensitivity level to a data resource in a database in memory, wherein the sensitivity level is further associated with an encryption technique; and executing instructions stored in memory, wherein execution of the instructions by a processor; determines a trust level of a user based at least on an identification technique used to identify the user and a network path used by the user to request the data resource, the determination of the trust level taking place at an access filter; determines authorization of a user to access a requested data resource based on at least the determined trust level and the sensitivity level associated with the requested data resource, the determination of the authorization taking place at the access filter; and encrypts a session for providing the requested data resource to the authorized user, the session being encrypted based on an encryption technique associated with the sensitivity level of the requested data resource, the encryption taking place at the access filter. - View Dependent Claims (7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A non-transitory computer-readable storage medium, having embodied thereon a program, the program being executable by a processor to perform a method for adaptive encryption in sessions providing data resources, the method comprising:
-
assigning a sensitivity level to a data resource in a database, wherein the sensitivity level is further associated with an encryption technique; determining a trust level of a user based at least on an identification technique used to identify the user and a network path used by the user to request the data resource; determining authorization of a user to access a requested data resource based on at least the determined trust level and the sensitivity level associated with the requested data resource; and encrypting a session for providing the requested data resource to the authorized user, the session being encrypted based on an encryption technique associated with the sensitivity level of the requested data resource. - View Dependent Claims (16, 17)
-
Specification