Method and apparatus for trust based routing in data networks

US 7,984,294 B1
Filed: 04/14/2005
Issued: 07/19/2011
Est. Priority Date: 04/14/2005
Status: Active Grant

First Claim

Patent Images

1. A method for determining a trust level of a path through a plurality of routers of the Internet by an endpoint, comprising:

transmitting a path setup message requesting a path reservation for a first path through a subset of the routers of the Internet;

receiving in response to transmission of the path setup message a trust level message containing trust level information inserted by each router in the first path through the subset whereby the trust level information comprises the individual trust level of each router in the first path through the Internet; and

evaluating the inserted trust level information to determine if the first path through the Internet has a sufficient trust level.

View all claims

24 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and apparatus determine a trust level of a path through a plurality of routers by an endpoint by transmitting a path setup message requesting a path reservation for a first path through a subset of the routers, by receiving in response to transmission of the path setup message a trust level message containing trust level information inserted by each router in the first path through the subset, and by evaluating the inserted trust level information to determine if the first path has a sufficient trust level. Another method and apparatus gather trust level information from a router by receiving a trust level message into which a trust level of the router can be inserted, by inserting trust level information of the router into the trust level message, and by re-transmitting the trust level message on a designated path.

Citations

18 Claims

1. A method for determining a trust level of a path through a plurality of routers of the Internet by an endpoint, comprising:
- transmitting a path setup message requesting a path reservation for a first path through a subset of the routers of the Internet;
  
  receiving in response to transmission of the path setup message a trust level message containing trust level information inserted by each router in the first path through the subset whereby the trust level information comprises the individual trust level of each router in the first path through the Internet; and
  
  evaluating the inserted trust level information to determine if the first path through the Internet has a sufficient trust level.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1 wherein the evaluating comprises determining trust level using at least one of geographic location information, certificates signed by certificate authority, or identities of known routers.
  - 3. The method of claim 2 wherein the geographic location information is at least one of global positioning satellite information, location information certified by a certificate authority, or relative geographic location information based on a network address of a router.
  - 4. The method of claim 1 further comprises re-performing the transmitting, receiving, and evaluating for a second path upon the evaluating determining that the first path does not have a sufficient trust level.
  - 5. The method of claim 4 wherein the evaluating determines insufficient trust level if one router in the subset failed to insert any trust level information.
  - 6. An apparatus for implementing the method of claim 1.

7. A method for gathering trust level information from a router in the Internet, comprising:
- receiving a trust level message into which a trust level of the router can be inserted;
  
  inserting trust level information of the router into the trust level message whereby the trust level defines the trust level of the router; and
  
  re-transmitting the trust level message on a designated path through the Internet.
- View Dependent Claims (8, 9, 10)
- - 8. The method of claim 7 wherein the inserting comprises determining trust level using at least one of geographic location information, certificates signed by certificate authority, or identity of the router.
  - 9. The method of claim 8 wherein the geographic location information is at least one of global positioning satellite information, location information certified by a certificate authority, or relative geographic location information based on a network address of a router.
  - 10. An apparatus for implementing the method of claim 7.

11. A non-transitory computer-readable medium for determining a trust level of a path through a plurality of routers of the Internet by an endpoint, comprising non-transitory computer-executable instructions configured for:
- transmitting a path setup message requesting a path reservation for a first path through a subset of the routers of the Internet;
  
  receiving in response to transmission of the path setup message a trust level message containing trust level information inserted by each router in the first path through the subset whereby the trust level information comprises the individual trust level of each router in the first path through the Internet; and
  
  evaluating the inserted trust level information to determine if the first path through the Internet has a sufficient trust level.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The non-transitory computer-readable medium of claim 11 wherein the computer-non-transitory-executable instructions for evaluating comprise computer-non-transitory-executable instructions for determining trust level using at least one of geographic location information, certificates signed by certificate authority, or identities of known routers.
  - 13. The non-transitory computer-readable medium of claim 12 wherein the geographic location information is at least one of global positioning satellite information, location information certified by a certificate authority, or relative geographic location information based on a network address of a router.
  - 14. The non-transitory computer-readable medium of claim 11 further comprises non-transitory computer-executable instructions for re-performing the non-transitory computer-executable instructions for transmitting, receiving, and evaluating for a second path upon the non-transitory computer-executable instructions for evaluating determining that the first path does not have a sufficient trust level.
  - 15. The non-transitory computer-readable medium of claim 14 wherein the non-transitory computer-executable instructions for evaluating determine insufficient trust level if one router in the subset failed to insert any trust level information.

16. A non-transitory computer-readable medium for gathering trust level information from a router in the Internet, comprising non-transitory computer-executable instructions configured for:
- receiving a trust level message into which a trust level of the router can be inserted;
  
  inserting trust level information of the router into the trust level message whereby the trust level defines the trust level of the router; and
  
  re-transmitting the trust level message on a designated path through the Internet.
- View Dependent Claims (17, 18)
- - 17. The non-transitory computer-readable medium of claim 16 wherein the non-transitory computer-executable instructions for inserting comprise non-transitory computer-executable instructions for determining trust level using at least one of geographic location information, certificates signed by certificate authority, or identity of the router.
  - 18. The non-transitory computer-readable medium of claim 17 wherein the geographic location information is at least one of global positioning satellite information, location information certified by a certificate authority, or relative geographic location information based on a network address of a router.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Avaya Incorporated
Original Assignee
Avaya Incorporated
Inventors
Schreuder, James, Scholte, Alexander Martin, Minhazuddin, Muneyb, Goringe, Christopher Michael
Primary Examiner(s)
Davis, Zachary A
Assistant Examiner(s)
PAN, JOSEPH T

Application Number

US11/106,314
Time in Patent Office

2,287 Days
Field of Search

713/1, 713/2, 713/188, 713/194, 713/166, 713/152, 380/200, 380/201, 380/255, 380/277, 380/239, 726/2, 726/14, 709/227, 709/238, 709/239
US Class Current

713/166
CPC Class Codes

H04L 45/02   Topology update or discovery

H04L 47/724   at intermediate nodes, e.g....

H04L 63/0823   using certificates cryptogr...

H04L 63/20   for managing network securi...

Method and apparatus for trust based routing in data networks

First Claim

24 Assignments

0 Petitions

Accused Products

Abstract

Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for trust based routing in data networks

First Claim

24 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links