Method and apparatus for synchronizing an adaptable security level in an electronic communication

US 8,245,279 B2
Filed: 08/19/2004
Issued: 08/14/2012
Est. Priority Date: 08/19/2003
Status: Active Grant

First Claim

Patent Images

1. A method of synchronizing parameters between a sender and at least one recipient in a communication system, said method comprising:

said sender preparing a message having a header, wherein said message is divided into at least one frame;

said sender determining one or more parameters for each frame of said message on a frame-by-frame basis based on known requirements of the sender and said at least one recipient, wherein said one or more parameters comprises a security level;

said sender individually associating with each frame, an indication of said one or more parameters, thereby allowing each frame to indicate different parameters to adapt to the nature of each frame on said frame-by-frame basis;

said sender sending each frame of said message to said at least one recipient according to said one or more parameters for that frame;

each said at least one recipient;

receiving a protected message at a second layer of said recipient corresponding to a second layer of said sender;

obtaining an initial message from said protected message using cryptographic processing based on said security level using a shared key; and

passing said initial message and an indication of said security level to a first layer of said recipient corresponding to said first layer of said sender for checking that said security level meets predetermined security requirements; and

said sender receiving a feedback response from each of said at least one recipient acknowledging receipt of said message, said feedback response being required by said sender from said each of said at least one recipient to confirm receipt of said message, said feedback response further comprising status information regarding said parameters for said each of said at least one recipient to thereby provide said status information to said sender at the same time as an existing acknowledgement required by said sender to confirm receipt of said message without requiring a dedicated channel and without requiring a separate communication.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method of communicating in a secure communication system, comprises the steps of assembling as message at a sender, then determining a security level, and including an indication of the security level in a header of the message. The message is then sent to a recipient.

47 Citations

View as Search Results

28 Claims

1. A method of synchronizing parameters between a sender and at least one recipient in a communication system, said method comprising:
- said sender preparing a message having a header, wherein said message is divided into at least one frame;
  
  said sender determining one or more parameters for each frame of said message on a frame-by-frame basis based on known requirements of the sender and said at least one recipient, wherein said one or more parameters comprises a security level;
  
  said sender individually associating with each frame, an indication of said one or more parameters, thereby allowing each frame to indicate different parameters to adapt to the nature of each frame on said frame-by-frame basis;
  
  said sender sending each frame of said message to said at least one recipient according to said one or more parameters for that frame;
  
  each said at least one recipient;
  
  receiving a protected message at a second layer of said recipient corresponding to a second layer of said sender;
  
  obtaining an initial message from said protected message using cryptographic processing based on said security level using a shared key; and
  
  passing said initial message and an indication of said security level to a first layer of said recipient corresponding to said first layer of said sender for checking that said security level meets predetermined security requirements; and
  
  said sender receiving a feedback response from each of said at least one recipient acknowledging receipt of said message, said feedback response being required by said sender from said each of said at least one recipient to confirm receipt of said message, said feedback response further comprising status information regarding said parameters for said each of said at least one recipient to thereby provide said status information to said sender at the same time as an existing acknowledgement required by said sender to confirm receipt of said message without requiring a dedicated channel and without requiring a separate communication.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
- - 2. A method according to claim 1 wherein each of said frames is selectively protected by a different type of security feature.
  - 3. A method according to claim 1 further comprising:
    - said at least one recipient receiving said frames of said message from said sender;
      
      said at least one recipient extracting said indication of said one or more parameters from said frames; and
      
      said at least one recipient checking said parameters to ensure such parameters satisfy predetermined requirements and rejecting respective frames if said parameters do not satisfy said predetermined requirements.
  - 4. A method according to claim 3 wherein said message is protected by said sender prior to sending said message using one or more of encryption, signing and data authentication and operated on by said at least one recipient using one or more of decryption, verification and authentication subsequent to extracting said indication of said security level.
  - 5. A method according to claim 3 wherein said message is encrypted by said sender prior to sending said message and is decrypted by said at least one recipient subsequent to extracting said indication of said security level.
  - 6. A method according to claim 3 wherein said message is signed by said sender prior to sending said message and is authenticated by said at least one recipient subsequent to extracting said indication of said security level.
  - 7. A method according to claim 3 wherein said at least one recipient sends said feedback response subsequent to checking said parameters, said feedback response including an update of said known requirements.
  - 8. A method according to claim 1 wherein said message is protected by said sender prior to sending said message using one or more of encryption, signing and data authentication.
  - 9. A method according to claim 1 wherein said known requirements include predetermined security requirements for one or more of said at least one recipient and said sender.
  - 10. A method according to claim 9 wherein said parameters are chosen to meet all of said predetermined security requirements.
  - 11. A method according to claim 1 further comprising updating said known requirements according to said feedback response.
  - 12. A method according to claim 1 wherein said method of communicating is performed between said sender and a group of recipients, said method comprising determining said one or more parameters based on requirements of said sender and said group, sending said message to said group of recipients, receiving said feedback response from each member of said group, and updating said known requirements of said group based on said feedback responses.
  - 13. A method according to claim 12 wherein said known requirements are based on said sender only.
  - 14. A method according to claim 12 wherein said sender and said group are of the same entity, said method thus providing a self synchronization of said parameters of said sender.
  - 15. A method according to claim 12 wherein said group comprises multiple groups and a central node intermediate of said sender and said multiple groups, said central node receiving multiple feedback responses from said multiple groups and communicating a single feedback response to said sender for updating said known requirements of said group.
  - 16. A method according to claim 1, wherein said known requirements comprises known security requirements, and said status information comprises an indication of security requirements of said each of said at least one recipient.
  - 17. A method according to claim 16 wherein said indication of said security level is represented by one or more security bits.
  - 18. A method according to claim 16, wherein said sender determines said security level at said first layer of said sender;
    - and wherein said method further comprises;
      
      said sender generating said protected message at a second layer of said sender using a shared key; and
      
      sending said frames at said second layer of said sender.
  - 19. A method according to claim 1, further comprising incorporating said indication of said one or more parameters in said frame.
  - 20. A method according to claim 1, wherein said feedback response comprises a secure acknowledgement message.
  - 21. A method according to claim 1, wherein said feedback response enables a self-synchronization for said status information.

22. A method of synchronizing parameters between a sender and at least one recipient in a communication system, said method comprising:
- each said at least one recipient receiving a message from said sender, said messaging having a header wherein said message is divided into at least one frame, each frame having associated therewith, one or more parameters determined by said sender on a frame-by-frame basis based on known requirements of the sender and said at least one recipient thereby allowing each frame to individually indicate different parameters to adapt to the nature of each frame on said frame-by-frame basis, wherein said one or more parameters comprises a security level;
  
  each said at least one recipient determining said one or more parameters from a respective frame;
  
  each said at least one recipient checking said one or more parameters to ensure said one or more parameters satisfy predetermined requirements and rejecting a corresponding frame if said one or more parameters do not satisfy said predetermined requirements;
  
  each said at least one recipient;
  
  receiving a protected message at a second layer of said recipient corresponding to a second layer of said sender;
  
  obtaining an initial message from said protected message using cryptographic processing based on said security level using a shared key; and
  
  passing said initial message and an indication of said security level to a first layer of said recipient corresponding to said first layer of said sender for checking that said security level meets predetermined security requirements;
  
  each said at least one recipient preparing a feedback response to acknowledge receipt of said message, said feedback response being required by said sender from each of said at least one recipient to confirm receipt of said message, said feedback response further comprising status information regarding said parameters for said at least one recipient to thereby provide said status information to said sender at the same time as an existing acknowledgement mechanism required by said sender to confirm receipt of said message without requiring a dedicated channel and without requiring a separate communication; and
  
  each said at least one recipient sending said feedback response via a feedback channel provided by said existing acknowledgement mechanism required by said sender.
- View Dependent Claims (23, 24, 25, 26)
- - 23. A method according to claim 22, wherein said one or more parameters comprises a security level, said known requirements comprises known security requirements, and said status information comprises an indication of security requirements of said each of said at least one recipient.
  - 24. A method according to claim 22, wherein said determining said one or more parameters comprises extracting an indication of said one or more parameters from said frame.
  - 25. A method according to claim 22, wherein said feedback response comprises a secure acknowledgement message.
  - 26. A method according to claim 22, wherein said feedback response enables a self-synchronization for said status information.

27. A non-transitory computer readable medium comprising computer executable instructions for communicating between a sender and at least one recipient in a communication system, said non-transitory computer readable medium comprising instructions for:
- said sender preparing a message having a header, wherein said message is divided into at least one frame;
  
  said sender determining one or more parameters for each frame of said message on a frame-by-frame basis based on known requirements of the sender and said at least one recipient, wherein said one or more parameters comprises a security level;
  
  said sender individually associating with each frame, an indication of said one or more parameters, thereby allowing each frame to indicate different parameters to adapt to the nature of each frame on said frame-by-frame basis;
  
  said sender sending each frame of said message to said at least one recipient according to said one or more parameters for that frame;
  
  said at least one recipient;
  
  receiving a protected message at a second layer of said recipient corresponding to a second layer of said sender;
  
  obtaining an initial message from said protected message using cryptographic processing based on said security level using a shared key; and
  
  passing said initial message and an indication of said security level to a first layer of said recipient corresponding to said first layer of said sender for checking that said security level meets predetermined security requirements; and
  
  said sender receiving a feedback response from each of said at least one recipient acknowledging receipt of said message, said feedback response being required by said sender from said each of said at least one recipient to confirm receipt of said message, said feedback response further comprising status information regarding said parameters for said each of said at least one recipient to thereby provide said status information to said sender at the same time as an existing acknowledgement required by said sender to confirm receipt of said message without requiring a dedicated channel and without requiring a separate communication.

28. A non-transitory computer readable medium comprising computer executable instructions for communicating between a sender and at least one recipient in a communication system, said non-transitory computer readable medium comprising instructions for:
- each said at least one recipient receiving a message from said sender, said message having a header wherein said message is divided into at least one frame, each frame having associated therewith, one or more parameters determined by said sender on a frame-by-frame basis based on known requirements of the sender and said at least one recipient thereby allowing each frame to individually indicate different parameters to adapt to the nature of each frame on said frame-by-frame basis, wherein said one or more parameters comprises a security level;
  
  each said at least one recipient determining said one or more parameters from a respective frame;
  
  each said at least one recipient checking said one or more parameters to ensure said one or more parameters satisfy predetermined requirements and rejecting a corresponding frame if said one or more parameters do not satisfy said predetermined requirements;
  
  each said at least one recipient;
  
  receiving a protected message at a second layer of said recipient corresponding to a second layer of said sender;
  
  obtaining an initial message from said protected message using cryptographic processing based on said security level using a shared key; and
  
  passing said initial message and an indication of said security level to a first layer of said recipient corresponding to said first layer of said sender for checking that said security level meets predetermined security requirements;
  
  each said at least one recipient preparing a feedback response to acknowledge receipt of said message, said feedback response being required by said sender from each of said at least one recipient to confirm receipt of said message, said feedback response further comprising status information regarding said parameters for said at least one recipient to thereby provide said status information to said sender at the same time as an existing acknowledgement mechanism required by said sender to confirm receipt of said message without requiring a dedicated channel and without requiring a separate communication; and
  
  each said at least one recipient sending said feedback response via a feedback channel provided by said existing acknowledgement mechanism required by said sender.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Blackberry Limited
Original Assignee
Certicom Corporation (Blackberry Limited)
Inventors
Struik, Marinus
Primary Examiner(s)
LOUIE, OSCAR A

Application Number

US10/921,161
Publication Number

US 20050081032A1
Time in Patent Office

2,917 Days
Field of Search

None
US Class Current

726/3
CPC Class Codes

H04L 63/04   for providing a confidentia...

H04L 63/0428   wherein the data content is...

H04L 63/0876   based on the identity of th...

H04L 63/105   Multiple levels of security

H04L 63/123   received data contents, e.g...

H04L 63/162   at the data link layer

Method and apparatus for synchronizing an adaptable security level in an electronic communication

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

47 Citations

28 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for synchronizing an adaptable security level in an electronic communication

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

47 Citations

28 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links