Local area network
First Claim
Patent Images
1. A method performed by a first communication device in an ad-hoc network, the method comprising:
- the first communication device identifying a first trust group associated with a first level of trust, the first trust group including a first subset of communication devices in the ad-hoc network;
the first communication device identifying a second trust group associated with a second, lower level of trust, the second trust group including a second subset of communication devices in the ad-hoc network;
the first communication device receiving, from a second communication device in the first trust group, a first cryptographic group key generated by the second communication device;
the first communication device receiving, from a third communication device in the second trust group, a second cryptographic group key generated by the third communication device;
based on the first level of trust associated with the first trust group, the first communication device designating the first cryptographic group key to be used for both encrypting and decrypting communications with the second communication device; and
based on the second, lower level of trust associated with the second trust group, the first communication device designating the second cryptographic group key not to be used for encrypting communications with the third communication device.
7 Assignments
0 Petitions
Accused Products
Abstract
A method and system for distributed security for a plurality of devices in a communication network, each of the devices being responsible for generating, distributing and controlling its own keys for access to the communication network and using the keys to establish a trusted network, each device'"'"'s membership to the communication network being checked periodically by other devices by using a challenge response protocol to establish which devices are allowed access to the communication network and the trusted network.
27 Citations
16 Claims
-
1. A method performed by a first communication device in an ad-hoc network, the method comprising:
-
the first communication device identifying a first trust group associated with a first level of trust, the first trust group including a first subset of communication devices in the ad-hoc network; the first communication device identifying a second trust group associated with a second, lower level of trust, the second trust group including a second subset of communication devices in the ad-hoc network; the first communication device receiving, from a second communication device in the first trust group, a first cryptographic group key generated by the second communication device; the first communication device receiving, from a third communication device in the second trust group, a second cryptographic group key generated by the third communication device; based on the first level of trust associated with the first trust group, the first communication device designating the first cryptographic group key to be used for both encrypting and decrypting communications with the second communication device; and based on the second, lower level of trust associated with the second trust group, the first communication device designating the second cryptographic group key not to be used for encrypting communications with the third communication device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A communication device comprising a processor and memory, the memory comprising computer executable instructions that when executed by the processor, perform operations for communicating in an ad-hoc network, the operations comprising:
-
identifying a first trust group associated with a first level of trust, the first trust group including a first subset of communication devices in the ad-hoc network; identifying a second trust group associated with a second, lower level of trust, the second trust group including a second subset of communication devices in the ad-hoc network; receiving, from a second communication device in the first trust group, a first cryptographic group key generated by the second communication device; receiving, from a third communication device in the second trust group, a second cryptographic group key generated by the third communication device; based on the first level of trust associated with the first trust group, designating the first cryptographic group key to be used for both encrypting and decrypting communications with the second communication device; and based on the second, lower level of trust associated with the second trust group, designating the second cryptographic group key not to be used for encrypting communications with the third communication device. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
Specification