Secure end-to-end communication system
First Claim
Patent Images
1. A method, comprising:
- receiving first data from an internal network of a first data source;
loading, by a key manager, a first set of keys into a first security device associated with the first data source;
encrypting the first data with the first set of keys using the first security device;
receiving, by transport network equipment from the first security device, the encrypted first data;
sending, by the transport network equipment, over an external network, the encrypted first data to an external site that stores data received from each of a plurality of data sources;
after the sending to the external site, requesting the encrypted first data from the external site;
in response to the requesting, receiving, by the transport network equipment, over the external network, the encrypted first data;
decrypting, by the first security device using the first set of keys, the received encrypted first data; and
providing, from the first security device, the decrypted first data to the internal network.
1 Assignment
0 Petitions
Accused Products
Abstract
A secure end-to-end communication system is implemented via one or more security processing devices. In one embodiment, a method includes: loading, by a key manager, a first set of keys into a security device; encrypting first data with the first set of keys using the security device; and sending, over a network, the encrypted first data to an external site or a mobile device. The method may further include: requesting the encrypted data from the external site or mobile device; receiving, over the network, the encrypted first data; and decrypting the received encrypted first data with the first set of keys using the security device.
63 Citations
20 Claims
-
1. A method, comprising:
-
receiving first data from an internal network of a first data source; loading, by a key manager, a first set of keys into a first security device associated with the first data source; encrypting the first data with the first set of keys using the first security device; receiving, by transport network equipment from the first security device, the encrypted first data; sending, by the transport network equipment, over an external network, the encrypted first data to an external site that stores data received from each of a plurality of data sources; after the sending to the external site, requesting the encrypted first data from the external site; in response to the requesting, receiving, by the transport network equipment, over the external network, the encrypted first data; decrypting, by the first security device using the first set of keys, the received encrypted first data; and providing, from the first security device, the decrypted first data to the internal network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method, comprising:
-
loading, by a first key manager, a first set of keys into a first security device; decrypting, by the first security device using the first set of keys, first data obtained from a data storage; encrypting, by a second security device, the first data using a second set of keys; receiving, by transport network equipment from the second security device, the encrypted first data; and sending, by the transport network equipment, over an external network, the encrypted first data to an external site that stores data received from each of a plurality of data sources. - View Dependent Claims (10, 11, 12, 13)
-
-
14. A system, comprising:
-
transport network equipment configured to communicate with an external site that stores encrypted data provided from each of a plurality of data sites, including a first data site; a security device, coupled to receive first data from an internal network of the first data site, the security device configured to; encrypt the first data with a first set of keys, provide the encrypted first data for sending by the transport network equipment over an external network for storage the external site, receive, via the transport network equipment, over the external network, the encrypted first data from the external site, decrypt, using the first set of keys, the received encrypted first data, and provide the decrypted first data to the internal network; and a first key manager configured to load the first set of keys into the security device. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification