Methods, systems and computer program products for authenticating computer processing devices and transferring both encrypted and unencrypted data therebetween

US 9,106,617 B2
Filed: 03/10/2009
Issued: 08/11/2015
Est. Priority Date: 03/10/2009
Status: Active Grant

First Claim

Patent Images

1. A method of transferring a set of data from a remote monitoring device to a central monitoring unit that is remote from the remote monitoring device, the method comprising:

establishing a communication link over a communication network between the remote monitoring device and the central monitoring unit;

performing an authentication process to authenticate the remote monitoring device to the central monitoring unit;

dividing the set of data into a first data subset and a second data subset at the remote monitoring device, wherein the first data subset comprises control data that describes the second data subset;

wherein the first data subset further comprises first raw data collected by the remote monitoring device and wherein the second data subset comprises second raw data collected by the remote monitoring device;

after said authentication process, encrypting the first data subset at the remote monitoring device using an encryption key provided by the central monitoring unit as part of the authentication process to provide an encrypted data set;

transmitting the encrypted data set from the remote monitoring device to the central monitoring unit over the communication link;

receiving a message over the communication link from the central monitoring unit indicating that the control data has been validated by the central monitoring unit; and

in response to the message from the central monitoring unit indicating that the control data has been validated, transferring the second data subset from the remote monitoring device to the central monitoring unit over the communication link without encrypting the second data subset.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods for transferring a set of data from a first processing device to a second processing device are provided. Pursuant to these methods a secure shell (“SSH”) authentication is performed to authenticate a first user that is logged onto the first processing device to a second user that is logged onto the second processing device. The set of data is divided into a first data subset and a second data subset. The first data subset is encrypted to provide an encrypted data set. The encrypted data set is transferred from the first processing device to the second processing device. The second data subset is also transferred from the first processing device to the second processing device, but without encrypting the second data subset. Related data transfer systems and computer program products are also provided.

229 Citations

17 Claims

1. A method of transferring a set of data from a remote monitoring device to a central monitoring unit that is remote from the remote monitoring device, the method comprising:
- establishing a communication link over a communication network between the remote monitoring device and the central monitoring unit;
  
  performing an authentication process to authenticate the remote monitoring device to the central monitoring unit;
  
  dividing the set of data into a first data subset and a second data subset at the remote monitoring device, wherein the first data subset comprises control data that describes the second data subset;
  
  wherein the first data subset further comprises first raw data collected by the remote monitoring device and wherein the second data subset comprises second raw data collected by the remote monitoring device;
  
  after said authentication process, encrypting the first data subset at the remote monitoring device using an encryption key provided by the central monitoring unit as part of the authentication process to provide an encrypted data set;
  
  transmitting the encrypted data set from the remote monitoring device to the central monitoring unit over the communication link;
  
  receiving a message over the communication link from the central monitoring unit indicating that the control data has been validated by the central monitoring unit; and
  
  in response to the message from the central monitoring unit indicating that the control data has been validated, transferring the second data subset from the remote monitoring device to the central monitoring unit over the communication link without encrypting the second data subset.
- View Dependent Claims (2, 3, 4, 5, 15)
- - 2. The method of claim 1, wherein the second data subset comprises data that is forwarded to the remote monitoring device as unencrypted data.
  - 3. The method of claim 1, wherein the data set is transferred from the remote monitoring device to the central monitoring unit without exchanging any passwords between the remote monitoring device and the central monitoring unit.
  - 4. The method of claim 1, wherein the remote monitoring device passes a secure shell key to the central monitoring unit, and wherein the central monitoring unit sends authentication information to the remote monitoring device in response to receipt of the secure shell key.
  - 5. The method of claim 1, wherein, for at least some of the set of data, the data which is part of the first data subset and the data which is part of the second data subset is determined by a user of the remote monitoring device.
  - 15. The method, of claim 1, wherein the control data comprises one of a file name, file header information and file size information.

6. A data processing device, comprising:
- a data collection unit to receive raw data from an external monitoring system, wherein the raw data comprises first raw data and second raw data;
  
  a data transfer unit to generate control information that facilitates transfer of the raw data to a central monitoring unit;
  
  an input/output port to establish a communication link with the central monitoring unit over a communication network;
  
  an authentication unit to authenticate the data processing device to the central monitoring unit using an authentication protocol;
  
  an encryption unit to encrypt the control information and the first raw data received by the data collection unit using an encryption key provided by the central monitoring unit using the authentication protocol after authentication of the data processing device to provide encrypted control information and encrypted first raw data; and
  
  a transmitter to transmit the encrypted control information and the encrypted first raw data to the central monitoring unit over the communication link; and
  
  wherein the data transfer unit is further to receive a message from the central monitoring unit over the communication link indicating that the control information has been validated by the central monitoring unit; and
  
  wherein the transmitter is further to transmit the second raw data received by the data collection unit from the data processing device to the central monitoring unit over the communication link without encrypting the second raw data in response to the message from the central monitoring unit indicating that the control data has been validated.
- View Dependent Claims (7, 8, 9, 16)
- - 7. The data processing device of claim 6, wherein the data collection unit is to receive unencrypted data from the external monitoring system.
  - 8. The data processing device of claim 6, wherein the transmitter and the authentication unit are to transmit the received data and the control information to the central monitoring unit without exchanging any passwords between the data processing device and the central monitoring unit.
  - 9. The data processing device of claim 6, wherein the data processing device is to pass a secure shell key to the central monitoring unit, and wherein the central monitoring unit is to send authentication information to the data processing device in response to receipt of the secure shell key.
  - 16. The data processing device of claim 6, wherein the control information comprises one of a file name, file header information and file size information.

10. A computer program product for transferring a set of data from a remote monitoring device to a central monitoring unit, the computer program product comprising a tangible, non-transitory computer readable medium having computer readable program code embodied in the computer readable medium, the computer readable program code when executed by a processor causes the processor to perform a method comprising:
- establishing a communication link over a communication network between the remote monitoring device and the central monitoring unit;
  
  performing an authentication process to authenticate the remote monitoring device to the central monitoring unit;
  
  dividing the set of data into a first data subset and a second data subset at the remote monitoring device, wherein the first data subset comprises control data that describes the second data subset;
  
  wherein the first data subset further comprises first raw data collected by the remote monitoring device and wherein the second data subset comprises second raw data collected by the remote monitoring device;
  
  after said authentication process, encrypting the first data subset at the remote monitoring device using an encryption key provided by the central monitoring unit as part of the authentication process to provide an encrypted data set;
  
  transferring the encrypted data set from the remote monitoring device to the central monitoring unit over the communication link;
  
  receiving a message from the central monitoring unit over the communication link indicating that the control data has been validated by the central monitoring unit; and
  
  transferring the second data subset from the remote monitoring device to the central monitoring unit over the communication link without encrypting the second data subset in response to the message from the central monitoring unit indicating that the control data has been validated.
- View Dependent Claims (11, 12, 13, 14, 17)
- - 11. The computer program product of claim 10, wherein the method further comprises receiving the second data subset at the remote monitoring device as unencrypted data.
  - 12. The computer program product of claim 10, wherein the method further comprises transferring the data set from the remote monitoring device to the central monitoring unit without exchanging any passwords between the remote monitoring device and the central monitoring unit.
  - 13. The computer program product of claim 10, wherein the method further comprises including in the first data subset data that sets up transfer of a file from the remote monitoring device to the central monitoring unit and including in the second data subset the data that comprises the file.
  - 14. The computer program product of claim 10, wherein the method further comprises passing a secure shell key from the remote monitoring device to the central monitoring unit, and receiving authentication information from the central monitoring unit in response to receipt of the secure shell key.
  - 17. The computer program product of claim 10, wherein the control data comprises one of a file name, file header information and file size information.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
AT&T Intellectual Property I LP (AT&T, Inc.)
Original Assignee
AT&T Intellectual Property I LP (AT&T, Inc.)
Inventors
Kshirsagar, Madhukar, Joshi, Ajay
Primary Examiner(s)
Kim, Jung
Assistant Examiner(s)
LEUNG, ROBERT B

Application Number

US12/400,913
Publication Number

US 20100235635A1
Time in Patent Office

2,345 Days
Field of Search

713/168, 713/151, 380/283
US Class Current

1/1
CPC Class Codes

H04L 63/0428   wherein the data content is...

H04L 63/0435   wherein the sending and rec...

H04L 63/08   for authentication of entit...

H04L 63/12   Applying verification of th...

Methods, systems and computer program products for authenticating computer processing devices and transferring both encrypted and unencrypted data therebetween

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

229 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Methods, systems and computer program products for authenticating computer processing devices and transferring both encrypted and unencrypted data therebetween

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

229 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links