Layer-independent security for communication channels
First Claim
1. A method for providing communication protocol layer independent security for data transmitted between a first process, executing on a first network node, and a second process, executing on a second network node, wherein the first network node and the second network node each support at least one common communication protocol layer, the method comprising the steps of:
- establishing a Java secure channel between the first network node and the second network node;
establishing a first Java stream between the first process and the Java secure channel;
establishing a second Java stream between the second process and the Java secure channel;
in response to the data being written to the first Java stream, encrypting the data to generate encrypted data, the encrypting of the data being performed independent of any communication protocol layers used to transport the encrypted data from the first network node to the second network node;
causing the encrypted data to be transmitted from the first network node to the second network node according to the at least one communication protocol layer supported by the first and second network nodes; and
in response to the encrypted data being read from the second Java stream, decrypting the encrypted data to recover decrypted data which is identical to the data on the first network node before the data was written to the first Java stream, the decrypting of the encrypted data being performed independent of any communication protocol layers used to transport the encrypted data from the first network node to the second network node.
2 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus for providing layer-independent secure network communication is provided. According to an embodiment of the invention, a transmission medium is provided between a first network node and a second network node. Both the first network node and the second network node support at least one common communication protocol. A Java output stream is established between a first process executing on the first network node and the transmission medium. Also, a Java input stream is established between a second process executing on the second multi-layered node and the transmission medium. Data to be transmitted from the first process to the second process is encrypted by the first process and written to the Java output stream. The data is transmitted to the second network node. Then the data is read from the Java input stream by the second process and decrypted.
-
Citations
20 Claims
-
1. A method for providing communication protocol layer independent security for data transmitted between a first process, executing on a first network node, and a second process, executing on a second network node, wherein the first network node and the second network node each support at least one common communication protocol layer, the method comprising the steps of:
-
establishing a Java secure channel between the first network node and the second network node; establishing a first Java stream between the first process and the Java secure channel; establishing a second Java stream between the second process and the Java secure channel; in response to the data being written to the first Java stream, encrypting the data to generate encrypted data, the encrypting of the data being performed independent of any communication protocol layers used to transport the encrypted data from the first network node to the second network node; causing the encrypted data to be transmitted from the first network node to the second network node according to the at least one communication protocol layer supported by the first and second network nodes; and in response to the encrypted data being read from the second Java stream, decrypting the encrypted data to recover decrypted data which is identical to the data on the first network node before the data was written to the first Java stream, the decrypting of the encrypted data being performed independent of any communication protocol layers used to transport the encrypted data from the first network node to the second network node. - View Dependent Claims (2, 3)
-
-
4. A non-transitory computer-readable medium carrying one or more sequences of one or more instructions for providing communication protocol layer independent security for data transmitted between a first process, executing on a first network node, and a second process, executing on a second network node, wherein the first network node and the second network node each support at least one common communication protocol layer, the one or more sequences of one or more instructions including instructions which, when executed by one or more processors, cause the one or more processors to perform the steps of:
-
establishing a Java secure channel between the first network node and the second network node; establishing a first Java stream between the first process and the Java secure channel; establishing a second Java stream between the second process and the Java secure channel; in response to the data being written to the first Java stream, encrypting the data to generate encrypted data, the encrypting of the data being performed independent of any communication protocol layers used to transport the encrypted data from the first network node to the second network node; causing the encrypted data to be transmitted from the first network node to the second network node according to the at least one communication protocol layer supported by the first and second network nodes; and in response to the encrypted data being read from the second Java stream, decrypting the encrypted data to recover decrypted data which is identical to the data on the first network node before the data was written to the first stream, the decrypting of the encrypted data being performed independent of any communication protocol layers used to transport the encrypted data from the first network node to the second network node. - View Dependent Claims (5, 6)
-
-
7. A computer data signal embodied on a non-transitory computer-readable medium and representing sequences of instructions which, when executed by one or more processors, provide communication protocol layer independent security for data transmitted between a first process, executing on a first network node, and a second process, executing on a second network node, according to at least one common communication protocol layer supported by the first and second network nodes, by performing the steps of:
-
establishing a Java secure channel between the first network node and the second network node; establishing a first Java stream between the first process and the Java secure channel; establishing a second Java stream between the second process and the Java secure channel; in response to the data being written to the first Java stream, encrypting the data to generate encrypted data, the encrypting of the data being performed independent of any communication protocol layers used to transport the encrypted data from the first network node to the second network node; causing the encrypted data to be transmitted from the first network node to the second network node according to the at least one communication protocol layer supported by the first and second network nodes; and in response to the encrypted data being read from the second Java stream, decrypting the encrypted data to recover decrypted data which is identical to the data on the first network node before the data was written to the first Java stream, the decrypting of the encrypted data being performed independent of any communication protocol layers used to transport the encrypted data from the first network node to the second network node. - View Dependent Claims (8, 9)
-
-
10. A method for providing communication protocol layer independent security for data transmitted by a process executing on a network node, the method comprising the steps of:
-
a) establishing a first Java stream between the process and a Java secure channel; and b) in response to the data being written to the first Java stream, encrypting the data to generate encrypted data, the encrypting of the data being performed independent of any communication protocol layers used to transport the encrypted data on the Java secure channel. - View Dependent Claims (11)
-
-
12. A method for providing communication protocol-independent security for data transmitted between a first node and a second node, the method comprising the steps of:
-
establishing a Java secure channel between a first network node and a second network node; establishing a first Java stream from a first process to the Java secure channel after the establishment of the Java secure channel, wherein the first Java stream is encrypted after the first process and before entering the Java secure channel and the encrypted first Java stream is independent of any communication protocol layers; and establishing a second Java stream from the Java secure channel to a second process after the establishment of the Java secure channel, wherein the second Java stream is decrypted after the Java secure channel and before entering the second process.
-
-
13. The method of clam 12, further comprising
connecting the Java secure channel to a third Java stream, wherein the third Java stream provides for the transmission of data according to a specific communication protocol layer.
-
14. A non-transitory computer-readable medium carrying one or more sequences of one or more instructions for providing communication protocol-layer independent security for data transmitted between a first node and a second node, the one or more sequences of one or more instructions including instructions which, when executed by one or more processors, cause the one or more processors to perform the steps of:
-
establishing a Java secure channel between a first network node and a second network node; establishing a first Java stream from a first process to the Java secure channel after the establishment of the Java secure channel, wherein the first Java stream is encrypted after the first process and before entering the Java secure channel and the encrypted first Java stream is independent of any communication protocol layers; and establishing a second Java stream from the Java secure channel to a second process after the establishing of the Java secure channel, wherein the second Java stream is decrypted after the Java secure channel and before entering the second process. - View Dependent Claims (15)
-
-
16. A communications network providing communication protocol-independent security for data, comprising:
-
a first network node; a second network node; a Java secure channel between the first network node and the second network node; a first Java stream between a first process of the first node and the Java secure channel, wherein the first process encrypts the first Java stream independent of any communication protocol layers; and a second Java stream between the Java secure channel and a second process of the second node, wherein the second process decrypts the second Java stream. - View Dependent Claims (17, 18)
-
-
19. A computer data signal embodied in a non-transitory computer-readable medium and representing sequences of instructions which, when executed by one or more processors, provide communication protocol independent security for data transmitted between a first node and second node, by performing the steps of:
-
establishing a Java secure channel between a first network node and a second network node; establishing a first Java stream from a first process to the Java secure channel after the establishment of the Java secure channel, wherein the first Java stream is encrypted after the first process and before entering the Java secure channel and the encrypted first Java stream is independent of any communication protocol layers; and establishing a second Java stream from the Java secure channel to a second process after the establishment of the Java secure channel, wherein the second Java stream is decrypted after the Java secure channel and before entering the second process. - View Dependent Claims (20)
-
Specification