Establishing secure communication sessions in a communication network

US 8,156,536 B2
Filed: 12/01/2006
Issued: 04/10/2012
Est. Priority Date: 12/01/2006
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

issuing a request from a first communication device in a communication network to establish a communication session with a second communication device in the communication network, the request containing a first security level associated with a first party at the first communication device;

receiving, by the first communication device, a response to the request from the second communication device, the response containing a second security level associated with a second party at the second communication device;

identifying a security level for communications during the session based on the first and second security levels, wherein if the second security level matches the first security level, the first security level is identified as the security level for the session, if the second security level is a higher security level than the first security level, the first security level is identified as the security level for the session, and if the second security level is a lower security level than the first security level, the second security level is identified as the security level for the session; and

establishing the session, via the network, at the identified security level.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In one embodiment, a method for establishing a session between a first party and a second party in a communication network comprises issuing a request to establish the session with the second party, the request containing a first security level associated with the first party. A response is received to the request from the second party, the response containing a second security level associated with the second party. A security level for the session is identified from the first security level and the second security level and the session established at the identified security level.

51 Citations

View as Search Results

20 Claims

1. A method comprising:
- issuing a request from a first communication device in a communication network to establish a communication session with a second communication device in the communication network, the request containing a first security level associated with a first party at the first communication device;
  
  receiving, by the first communication device, a response to the request from the second communication device, the response containing a second security level associated with a second party at the second communication device;
  
  identifying a security level for communications during the session based on the first and second security levels, wherein if the second security level matches the first security level, the first security level is identified as the security level for the session, if the second security level is a higher security level than the first security level, the first security level is identified as the security level for the session, and if the second security level is a lower security level than the first security level, the second security level is identified as the security level for the session; and
  
  establishing the session, via the network, at the identified security level.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 18, 19, 20)
- - 2. A method as defined in claim 1 further comprising:
    - providing an indication of the identified security level at the first communication device.
  - 3. A method as defined in claim 2 wherein the indication is an audio indication.
  - 4. A method as defined as defined in claim 2 wherein the indication is a visual indication.
  - 5. A method as defined in claim 1 further comprising:
    - verifying that the second party is authorized to communicate at the second security level.
  - 6. A method as defined in claim 5 wherein the response from the second communication device contains an assertion that indicates the second party is entitled to establish a session at the second security level, and wherein verifying further comprises:
    - determining if the assertion is true.
  - 7. A method as defined in claim 6 further comprising:
    - abandoning establishment of the session if the assertion contained in the response is determined to be not true.
  - 8. A method as defined in claim 6 wherein determining comprises:
    - generating a request to verify the assertion;
      
      forwarding the request to a node in the communication network to verify the assertion; and
      
      receiving a response from the node indicating results of the verification of the assertion.
  - 18. A method of claim 1, wherein the first and second parties are users of the communication network.
  - 19. A method of claim 1, wherein at least one of the first or second parties are processors in or coupled to the first or second communication devices.
  - 20. The method of claim 1, wherein receiving a response to the request from the second communication device comprises:
    - receiving a response containing a second security level associated with a second party at the second communication device that is based on the first security level contained in the request.

9. A node in a communication network comprising:
- a network interface configured to receive, from a second communication device, a response to a request sent from a first communication device to the second communication device to establish a communication session in the communication network, the request containing a first security level associated with a first party at the first communication device and the response containing a second security level associated with a second party at the second communication device; and
  
  processing circuitry configured to identify a security level for communications during the session based on the first and second security levels, wherein if the second security level matches the first security level, the first security level is identified as the security level for the session, if the second security level is a higher security level than the first security level, the first security level is identified as the security level for the session, and if the second security level is a lower security level than the first security level, the second security level is identified as the security level for the session, and to establish the session at the identified security level.
- View Dependent Claims (10, 11, 12, 13, 14)
- - 10. A node as defined in claim 9 wherein the processing circuitry is further configured to:
    - provide an indication of the identified security level.
  - 11. A node as defined in claim 10 wherein the indication is at least one of an audio indication or a visual indication.
  - 12. A node as defined in claim 9 wherein the processing circuitry is further configured to verify that the second party is authorized to communicate at the second security level.
  - 13. A node as defined in claim 12 wherein the response from the second communication device contains an assertion that indicates the second party is entitled to establish a session at the second security level, and wherein the processing circuitry is further configured to determine if the assertion is true.
  - 14. A node as defined in claim 13 wherein the processing circuitry is further configured to abandon establishment of the session if the assertion contained in the response is determined to be not true.

15. A method comprising:
- receiving a request from a third party to join an established communication session between first and second communication devices, wherein the request comprising a security level associated with the third party;
  
  determining if the third party is permitted to join the session based on the security level associated with the third party and based on a security level of the established session;
  
  allowing the third party to join the established session based on the determination;
  
  broadcasting an identity of the third party to the first and second communication devices; and
  
  upgrading the security level of the established session to a higher security level if all participants of the session have access to the higher security level.
- View Dependent Claims (16, 17)
- - 16. A method as defined claim 15 further comprising:
    - providing an audio indication of the higher security level to the participants.
  - 17. A method as defined in claim 15 further comprising:
    - providing a visual indication of the higher security level to the participants.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Original Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Inventors
Polk, James M.
Primary Examiner(s)
Arani, Taghi
Assistant Examiner(s)
Jeudy, Josnel

Application Number

US11/607,404
Publication Number

US 20080133761A1
Time in Patent Office

1,957 Days
Field of Search

726 12- 14, 726 1- 4, 726 27- 30, 709/225, 709/228, 709/229, 713150-154, 713165-172
US Class Current

726/1
CPC Class Codes

H04L 63/0428   wherein the data content is...

H04L 65/1069   Session establishment or de...

H04L 65/1104   Session initiation protocol...

Establishing secure communication sessions in a communication network

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

51 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

Establishing secure communication sessions in a communication network

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

51 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others