System and methods for trusted internet domain networking
First Claim
Patent Images
1. A method of performing a trusted dynamic host configuration protocol (DHCPT), comprising:
- receiving a trusted dynamic host configuration protocol request message and a trust token associated with the request message from a computing device, wherein the request message was created in and transmitted from a trusted security zone of the computing device, wherein the request message requests a trusted internet protocol (IP) address and trusted internet domain routing information for the computing device, and wherein the trusted security zone of the computing device is implemented in a processor chipset of the computing device and the trusted security zone of the computing device comprises a trusted execution environment and a secure partition of hardware and software resources;
in response to determining the computing device has the trusted security zone and in response to confirming a continuity of trust of the request message based on examining the trust token associated with the request message to verify the trust token associated with the request message was created in and transmitted from the trusted security zone of the computing device, allocating a trusted internet protocol address and determining trusted internet domain routing information for the computing device, wherein the allocating and determining are performed by a dynamic host configuration protocol server executing in a trusted security zone of the server; and
transmitting a response message comprising the trusted internet protocol address and trusted internet domain routing information and a trust token associated with the response message to the computing device over a trusted end-to-end communication link,wherein a continuity of trust of the response message is confirmed based on examining the trust token associated with the response message before the computing device is configured based on the response message,wherein the trusted internet protocol address is one of a plurality of trusted internet protocol addresses that are not accessible to computing devices that are not coupled to a trusted internet domain, andwherein the trusted internet domain routing information comprises trusted internet protocol addresses of trusted network nodes that promote routing in the trusted internet domain,receiving a non-trusted dynamic host configuration protocol request message from a second computing device; and
in response to determining the non-trusted request message was not created in and sent from a trusted security zone of the second computing device, sending an invitation to send a trusted dynamic host configuration protocol request message, to the second computing device, or transmitting a second internet protocol address and second routing information to the second computing device over a non-trusted communication link.
6 Assignments
0 Petitions
Accused Products
Abstract
A method of performing a trusted dynamic host configuration protocol (DHCPT). The method comprises receiving a trusted dynamic host configuration protocol request message, wherein the request message was created in and transmitted from a trusted security zone of a computing device, and wherein the request message requests an internet protocol (IP) address and routing information for the computing device, allocating an internet protocol address and determining routing information for the computing device, wherein the allocating and determining are performed by a dynamic host configuration protocol server while executing in a trusted security zone of the server, and transmitting the internet protocol address and routing information to the computing device over a trusted end-to-end communication link.
201 Citations
11 Claims
-
1. A method of performing a trusted dynamic host configuration protocol (DHCPT), comprising:
-
receiving a trusted dynamic host configuration protocol request message and a trust token associated with the request message from a computing device, wherein the request message was created in and transmitted from a trusted security zone of the computing device, wherein the request message requests a trusted internet protocol (IP) address and trusted internet domain routing information for the computing device, and wherein the trusted security zone of the computing device is implemented in a processor chipset of the computing device and the trusted security zone of the computing device comprises a trusted execution environment and a secure partition of hardware and software resources; in response to determining the computing device has the trusted security zone and in response to confirming a continuity of trust of the request message based on examining the trust token associated with the request message to verify the trust token associated with the request message was created in and transmitted from the trusted security zone of the computing device, allocating a trusted internet protocol address and determining trusted internet domain routing information for the computing device, wherein the allocating and determining are performed by a dynamic host configuration protocol server executing in a trusted security zone of the server; and transmitting a response message comprising the trusted internet protocol address and trusted internet domain routing information and a trust token associated with the response message to the computing device over a trusted end-to-end communication link, wherein a continuity of trust of the response message is confirmed based on examining the trust token associated with the response message before the computing device is configured based on the response message, wherein the trusted internet protocol address is one of a plurality of trusted internet protocol addresses that are not accessible to computing devices that are not coupled to a trusted internet domain, and wherein the trusted internet domain routing information comprises trusted internet protocol addresses of trusted network nodes that promote routing in the trusted internet domain, receiving a non-trusted dynamic host configuration protocol request message from a second computing device; and in response to determining the non-trusted request message was not created in and sent from a trusted security zone of the second computing device, sending an invitation to send a trusted dynamic host configuration protocol request message, to the second computing device, or transmitting a second internet protocol address and second routing information to the second computing device over a non-trusted communication link. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method of performing a trusted dynamic host configuration protocol (DHCPT), comprising:
-
receiving a trusted dynamic host configuration protocol request message and a trust token associated with the request message from a computing device, wherein the request message was created in and transmitted from a trusted security zone of the computing device, wherein the request message requests an internet protocol (IP) address and routing information for the computing device, and wherein the trusted security zone of the computing device is implemented in a processor chipset of the computing device and the trusted security zone of the computing device comprises a trusted execution environment and a secure partition of hardware and software resources; in response to determining the computing device has the trusted security zone and in response to confirming a continuity of trust of the request message based on examining the trust token associated with the request message to verify the trust token associated with the request message was created in and transmitted from the trusted security zone of the computing device, allocating an internet protocol address and determining routing information for the computing device, wherein the allocating and determining are performed by a dynamic host configuration protocol server executing in a trusted security zone of the server; transmitting a response message comprising the internet protocol address and routing information and a trust token associated with the response message to the computing device over a trusted end-to-end communication link, wherein a continuity of trust of the response message is confirmed based on examining the trust token associated with the response message before the computing device is configured based on the response message; receiving a non-trusted dynamic host configuration protocol request message from a second computing device; and in response to determining the non-trusted request message was not created in and sent from a trusted security zone of the second computing device, sending an invitation to send a trusted dynamic host configuration protocol request message, to the second computing device, or transmitting a second internet protocol address and second routing information to the second computing device over a non-trusted communication link. - View Dependent Claims (8, 9, 10, 11)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeT-Mobile Innovations LLC (Deutsche Telekom AG)
-
Original AssigneeSprint Communications Company LP (Deutsche Telekom AG)
-
InventorsPaczkowski, Lyle W., Parsel, William M., Persson, Carl J., Schlesener, Matthew C.
-
Primary Examiner(s)SHAW, BRIAN F
-
Application NumberUS13/610,856Time in Patent Office637 DaysField of Search726/1, 726/3, 726/4, 726/5, 713/168, 713/170US Class Current726/4CPC Class CodesG06F 21/57 Certifying or maintaining t...H04L 61/5014 using dynamic host configur...H04L 63/105 Multiple levels of securityH04L 63/205 involving negotiation or de...
