Method and apparatus for providing identity based encryption in distributed computations

US 9,166,953 B2
Filed: 10/31/2011
Issued: 10/20/2015
Est. Priority Date: 10/31/2011
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

segmenting a computation closure into at least a first part and one or more second parts, wherein the computation closure comprises a computation procedure and inter-process relations and inter-process communications;

encrypting the one or more second parts using the first part as a public key based on an identity-based encryption; and

determining one or more anonymization policies associated with the identity-based encryption, the computation closure, the first part, the one or more second parts, or a combination thereof,wherein the encryption is based, at least in part, on the one or more anonymization policies.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An approach is provided for providing identity based encryption in distributed computations. An identity based encryption platform causes, at least in part, a segmentation of a computation closure into at least a first part and one or more second parts. The identity based encryption platform also causes, at least in part, an encryption of the one or more second parts using the first part as a public key of an identity-based encryption.

Citations

18 Claims

1. A method, comprising:
- segmenting a computation closure into at least a first part and one or more second parts, wherein the computation closure comprises a computation procedure and inter-process relations and inter-process communications;
  
  encrypting the one or more second parts using the first part as a public key based on an identity-based encryption; and
  
  determining one or more anonymization policies associated with the identity-based encryption, the computation closure, the first part, the one or more second parts, or a combination thereof,wherein the encryption is based, at least in part, on the one or more anonymization policies.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1 further comprising:
    - determining one or more criteria for executing the computation closure, the one or more second parts, or a combination thereof;
      
      (b) one or more processes for determining the one or more criteria;
      
      (c) or a combination thereof; and
      
      including the one or more criteria, the one or more processes, or a combination in the first part,wherein the executed state is a reflection of results of executing computations in the computation closure on data in the computation closure.
  - 3. The method of claim 2 further comprising:
    - publishing the first part, the encrypted one or more second parts, or a combination for access by one or more subscribing devices.
  - 4. The method of claim 3 further comprising:
    - processing capability information associated with the one or more subscribing devices to determine whether the one or more subscribing devices decrypt the one or more encrypted second parts for execution.
  - 5. The method of claim 4, wherein the capability information is based, at least in part, on energy consumption information, security enforcement information, one or more privacy policies, computational resource information, bandwidth availability information, or a combination thereof.
  - 6. The method of claim 2, wherein the one or more subscribing devices include, at least in part, one or more components of one or more levels of a computational architecture.
  - 7. The method of claim 6 further comprising:
    - determining the one or more anonymization policies based, at least in part, on a concatenation of the one or more level-specific anonymization policies associated with the one or more levels of the computational architecture.
  - 8. The method of claim 1, wherein the segmentation, the encryption, or a combination thereof of the computation closure is based, at least in part, on one or more cost functions, one or more functional flow maps, or a combination thereof associated with the computation closure.
  - 9. The method of claim 1, wherein the encryption is further based, at least in part, on one or more private keys.

10. An apparatus comprising:
- at least one processing device; and
  
  at least one memory including computer program code for one or more programs,the at least one memory and the computer program code configured to, with the at least one, processing device, cause the apparatus to perform at least the following,cause a segmentation of a computation closure into at least a first part and one or more second parts, wherein the computation closure comprises a computation procedure and inter-process relations and inter-process communications;
  
  cause an encryption of the one or more second parts using the first part as a public key based on an identity-based encryption; and
  
  determine one or more anonymization policies associated with the identity-based encryption, the computation closure, the first part, the one or more second parts, or a combination thereof,wherein the encryption is based, at least in part, on the one or more anonymization policies.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. The apparatus of claim 10, wherein the apparatus is further causedto:
    - determine (a) one or more criteria for executing the computation closure, the one or more second parts, or a combination thereof;
      
      (b) one or more processes for determining the one or more criteria;
      
      (c) or a combination thereof; and
      
      cause an inclusion of the one or more criteria, the one or more processes, or a combination in the first part,wherein the executed state is a reflection of results of executing computations in the computation closure on data in the computation closure.
  - 12. The apparatus of claim 11, wherein the apparatus is further caused to:
    - cause a publication of the first part, the encrypted one or more second parts, or a combination for access by one or more subscribing devices.
  - 13. The apparatus of claim 12, wherein the apparatus is further caused to:
    - process or facilitate a processing of capability information associated with the one or more subscribing devices to determine whether the one or more subscribing devices can decrypt the one or more encrypted second parts for execution.
  - 14. The apparatus of claim 13, wherein the capability information is based, at least in part, on energy consumption information, security enforcement information, one or more privacy policies, computational resource information, bandwidth availability information, or a combination thereof.
  - 15. The apparatus of claim 12, wherein the one or more subscribing devices include one or more components of one or more levels of a computational architecture.
  - 16. The apparatus of claim 15, wherein the apparatus is further caused to:
    - determine the one or more anonymization policies based, at least in part, on a concatenation of the one or more level-specific anonymization policies associated with the one or more levels of the computational architecture.
  - 17. The apparatus of claim 10, wherein the segmentation, the encryption, or a combination thereof of the computation closure is based, at least in part, on one or more cost functions, one or more functional flow maps, or a combination thereof associated with the computation closure.
  - 18. The apparatus of claim 10, wherein the encryption is further based, at least in part, on one or more private keys.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nokia Technologies Oy (Nokia Corporation)
Original Assignee
Nokia Technologies Oy (Nokia Corporation)
Inventors
Luukkala, Vesa-Veikko, Sovio, Sampo Juhani, Kaaja, Jari-Jukka Harald, Boldyrev, Sergey
Primary Examiner(s)
Gergiso, Techane

Application Number

US13/285,254
Publication Number

US 20130108040A1
Time in Patent Office

1,450 Days
Field of Search

380/30
US Class Current

1/1
CPC Class Codes

G06F 21/602   Providing cryptographic fac...

G06F 21/6254   by anonymising data, e.g. d...

G06F 2221/2107   File encryption

G06F 2221/2109   Game systems

G06F 2221/2113   Multi-level security, e.g. ...

G06F 2221/2117   User registration

G06F 2221/2149   Restricted operating enviro...

H04L 2209/42   Anonymization, e.g. involvi...

H04L 63/04   for providing a confidentia...

H04L 63/0421   Anonymous communication, i....

H04L 67/1097   for distributed storage of ...

H04L 9/0847   involving identity based en...

H04L 9/3073   involving pairings, e.g. id...

Method and apparatus for providing identity based encryption in distributed computations

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for providing identity based encryption in distributed computations

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links