Apparatus and system for asymmetric security

US 8,392,700 B2
Filed: 07/02/2008
Issued: 03/05/2013
Est. Priority Date: 09/23/2004
Status: Expired due to Fees

First Claim

Patent Images

1. An apparatus to facilitate asymmetric security, the apparatuscomprising:

a storage device storing executable code;

a processor executing the executable code, the executable code performing operations comprising;

receiving a first message at a first security level from a first node, the first security level selected from a plurality of available security levels in accordance with a sensitivity level of the first message;

transmitting a second message at a second security level to the first node in response to receiving the first message, the second security level selected from the plurality of available security levels in accordance with a sensitivity level of the second message;

wherein each of the plurality of available security levels are defined in a dynamically updateable security level definition, the dynamically updateable security level definition indicating security features dynamically applicable to each security level; and

communicating the second security level to-the first node.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An apparatus and system are disclosed for asymmetric security in data communications between two or more nodes. Asymmetric security within data communications refers to sending and receiving messages at different security levels. The apparatus includes a receiving module, a transmission module, and a communication module. The receiving module receives a first message at a first security level from a first node. A security level may be defined by implementation of one or more security features, including encryption, digital signatures, and/or other security features. The transmission module transmits a second message at a second security level to the first node in response to receiving the first message. The first and second messages may be communicated during a single communication session. The communication module communicates the second security level to the first node. The communication may be directly between two nodes or may occur via a broker or other intermediate node.

44 Citations

20 Claims

1. An apparatus to facilitate asymmetric security, the apparatuscomprising:
- a storage device storing executable code;
  
  a processor executing the executable code, the executable code performing operations comprising;
  
  receiving a first message at a first security level from a first node, the first security level selected from a plurality of available security levels in accordance with a sensitivity level of the first message;
  
  transmitting a second message at a second security level to the first node in response to receiving the first message, the second security level selected from the plurality of available security levels in accordance with a sensitivity level of the second message;
  
  wherein each of the plurality of available security levels are defined in a dynamically updateable security level definition, the dynamically updateable security level definition indicating security features dynamically applicable to each security level; and
  
  communicating the second security level to-the first node.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The apparatus of claim 1, the operations further communicating the second security level to the first node by a security level indicator coupled to the second message.
  - 3. The apparatus of claim 1, the operations further communicating the second security level to the first node during a handshaking operation between the first node and a second node.
  - 4. The apparatus of claim 1, the operations further detecting the first security level of the first message.
  - 5. The apparatus of claim 1, the operations further processing the first message.
  - 6. The apparatus of claim 1, the operations further applying the security features to the second message according to the second security level.
  - 7. The apparatus of claim 6, the operations further encrypting the second message.
  - 8. The apparatus of claim 6, the operations further digitally signing the second message.
  - 9. The apparatus of claim 1, the operations further defining the security level definition descriptive of the first security level and the second security level.
  - 10. The apparatus of claim 9, the operations further dynamically updating the security level definition during a current communication session.

11. A system to facilitate asymmetric security, the system comprising:
- a first node configured to transmit a first message at a first security level, the first security level descriptive of a first encryption level and a first digital signature level, the first security level selected from a plurality of available security levels in accordance with a sensitivity level of the first message;
  
  a second node configured to receive the first message from the first node and to transmit a second message at a second security level to the first node in response to receiving the first message, the second security level descriptive of a second encryption level and a second digital signature level, the second security level selected from the plurality of available security levels in accordance with a sensitivity level of the second message;
  
  wherein each of the plurality of available security levels are defined in a dynamically updateable security level definition, the dynamically updateable security level definition indicating security features dynamically applicable to each security level; and
  
  wherein the first node and the second node each comprise a storage device storing executable code and a processor executing the executable code.
- View Dependent Claims (12)
- - 12. The system of claim 11, further comprising an intermediate node coupled between the first node and the second node, the intermediate node configured to receive the first message from the first node and transmit the first message to the second node, the intermediate node further configured to receive the second message from the second node and transmit the second message to the first node.

13. A memory device embodying a program of machine-readable instructions executed by a digital processing apparatus to perform operations to facilitate asymmetric security, the operations comprising:
- receiving a first message at a first security level from a first node, the first security level selected from a plurality of available security levels in accordance with a sensitivity level of the first message;
  
  transmitting a second message at a second security level to the first node in response to receiving the first message, the second security level selected from the plurality of available security levels in accordance with a sensitivity level of the second message;
  
  wherein each of the plurality of available security levels are defined in a dynamically updateable security level definition, the dynamically updateable security level definition indicating security features dynamically applicable to each security level; and
  
  communicating a security level indicator to the first node, the security level indicator indicating the second security level.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
- - 14. The memory device of claim 13, wherein the instructions further comprise an operation to couple the security level indicator to the second message.
  - 15. The memory device of claim 13, wherein the instructions further comprise an operation to communicate the second security level to the first node during a handshaking operation between the first node and a second node.
  - 16. The memory device of claim 13, wherein the instructions further comprise an operation to detect the first security level of the first message.
  - 17. The memory device of claim 13, wherein the instructions further comprise an operation to dynamically update the security level definition for the first message during a current communication session.
  - 18. The memory device of claim 17, wherein the instructions further comprise an operation to communicate the updated security level definition to the first node during the current communication session.
  - 19. The memory device of claim 13, wherein the instructions further comprise an operation to communicate the second message in a synchronous communication environment.
  - 20. The memory device of claim 13, wherein the instructions further comprise an operation to communicate the second message in an asynchronous communication environment.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Ahuja, Pratima, Khangaonkar, Manoj, Zhang, Kai Mike
Primary Examiner(s)
Shan, April

Application Number

US12/167,204
Publication Number

US 20080285752A1
Time in Patent Office

1,707 Days
Field of Search

380/255, 713/150, 713/151, 726/24, 709/237, 705/79
US Class Current

713/151
CPC Class Codes

G06Q 20/027 involving a payment switch ...

H04L 63/105 Multiple levels of security

Apparatus and system for asymmetric security

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

44 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

Apparatus and system for asymmetric security

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

44 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others