Method and apparatus for providing network communication association information to applications and services
First Claim
1. A method operational on a transmitting terminal, the method comprising:
- collecting security information for one or more network communication associations across one or more layers distinct from an application layer, the one or more network communication associations having been previously established with one or more receiving terminals;
collecting feedback information from one or more applications regarding a history of positive or negative communications with the one or more receiving terminals;
assessing level of trust information for at least one of the one or more network communication associations based on the feedback information, wherein the level of trust information is based on a type of authentication used to create the one or more network communication associations previously established with the one or more receiving terminals;
determining a level of strength information for the one or more network communication associations based on the security information and the level of trust information; and
providing the security information, the level of trust information, and the level of strength information to a requesting application of the transmitting terminal, the requesting application configured to;
(a) compare the level of strength information to a set of policies and select a secure network communication association, from the one or more network communication associations, to send data to a receiving terminal if a desired security level is met based on the security information, the level of trust information, and the comparison, and(b) establish a secure network communication association if the requesting application determines that security levels of the one or more network communication associations fail to meet a desired security level.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and method are provided that allow an application on a first terminal to inquire about available network communication associations that it can use to send data to another terminal, thereby avoiding the establishment of a new network communication association with the other terminal. A security information module may serve to collect and/or store information about available network communication associations between the first terminal and another terminal across different layers. The security information module may also assess a trust level for the network communication associations based on security mechanisms used to establish each association and/or past experience information reported for these network communication associations. Upon receiving a request for available network communication associations, the security information module provides this to the requesting application which can use it to establish communications with a corresponding application on the other terminal.
-
Citations
30 Claims
-
1. A method operational on a transmitting terminal, the method comprising:
-
collecting security information for one or more network communication associations across one or more layers distinct from an application layer, the one or more network communication associations having been previously established with one or more receiving terminals; collecting feedback information from one or more applications regarding a history of positive or negative communications with the one or more receiving terminals; assessing level of trust information for at least one of the one or more network communication associations based on the feedback information, wherein the level of trust information is based on a type of authentication used to create the one or more network communication associations previously established with the one or more receiving terminals; determining a level of strength information for the one or more network communication associations based on the security information and the level of trust information; and providing the security information, the level of trust information, and the level of strength information to a requesting application of the transmitting terminal, the requesting application configured to; (a) compare the level of strength information to a set of policies and select a secure network communication association, from the one or more network communication associations, to send data to a receiving terminal if a desired security level is met based on the security information, the level of trust information, and the comparison, and (b) establish a secure network communication association if the requesting application determines that security levels of the one or more network communication associations fail to meet a desired security level. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. An access terminal, comprising:
-
a communication interface for communication with a receiving terminal; a processing circuit coupled to the communication interface, the processing circuit configured to; collect security information for one or more network communication associations across one or more layers distinct from an application layer, the one or more network communication associations having been previously established with one or more receiving terminals; collect feedback information from one or more applications regarding a history of positive or negative communications with the one or more receiving terminals; assess level of trust information for at least one of the one or more network communication associations based on the feedback information, wherein the level of trust information is based on a type of authentication used to create the one or more network communication associations previously established with the one or more receiving terminals; determine a level of strength information for the one or more network communication associations based on the security information and the level of trust information; and provide the security information, the level of trust information, and the level of strength information to a requesting application of the access terminal, the requesting application configured to; (a) compare the level of strength information to a set of policies and select a secure network communication association, from the one or more network communication associations, to send data to the receiving terminal if a desired security level is met based on the security information, the level of trust information, and the comparison, and (b) establish a secure network communication association if the requesting application determines that security levels of the one or more network communication associations fail to meet a desired security level. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23)
-
-
24. An access terminal, comprising:
-
means for collecting security information for one or more network communication associations across one or more layers distinct from an application layer, the one or more network communication associations having been previously established with one or more receiving terminals; means for collecting feedback information from one or more applications regarding a history of positive or negative communications with the one or more receiving terminals; means for assessing level of trust information for at least one of the one or more network communication associations based on the feedback information, wherein the level of trust information is based on a type of authentication used to create the one or more network communication associations previously established with the one or more receiving terminals; means for determining a level of strength information for the one or more network communication associations based on the security information and the level of trust information; and means for providing the security information, the level of trust information, and the level of strength information to a requesting application of the access terminal, the requesting application configured to; (a) compare the level of strength information to a set of policies and select a secure network communication association, from the one or more network communication associations, to send data to a receiving terminal if a desired security level is met based on the security information, the level of trust information, and the comparison, and (b) establish a secure network communication association if the requesting application determines that security levels of the one or more network communication associations fail to meet a desired security level. - View Dependent Claims (25, 26, 27, 28)
-
-
29. A processor comprising:
a processing circuit configured to; collect security information for one or more network communication associations across one or more layers distinct from an application layer, the one or more network communication associations having been previously established with one or more receiving terminals; collect feedback information from one or more applications regarding a history of positive or negative communications with the one or more receiving terminals; assess level of trust information for at least one of the one or more network communication associations based on the feedback information, wherein the level of trust information is based on a type of authentication used to create the one or more network communication associations previously established with the one or more receiving terminals; determine a level of strength information for the one or more network communication associations based on the security information and the level of trust information; and provide the security information, the level of trust information, and the level of strength information to a requesting application of a transmitting terminal, the requesting application configured to; (a) compare the level of strength information to a set of policies and select a secure network communication association, from the one or more network communication associations, to send data to a receiving terminal if a desired security level is met based on the security information, the level of trust information, and the comparison, and (b) establish a secure network communication association if the requesting application determines that security levels of the one or more network communication associations fail to meet a desired security level.
-
30. A non-transitory computer-readable storage medium comprising instructions for facilitating use of pre-established network communication associations to send data from an access terminal, the instructions which when executed by a processor causes the processor to:
-
collect security information for one or more network communication associations across one or more layers distinct from an application layer, the one or more network communication associations having been previously established with one or more receiving terminals; collect feedback information from one or more applications regarding a history of positive or negative communications with the one or more receiving terminals; assess level of trust information for at least one of the one or more network communication associations based on the feedback information, wherein the level of trust information is based on a type of authentication used to create the one or more network communication associations previously established with the one or more receiving terminals; determine a level of strength information for the one or more network communication associations based on the security information and the level of trust information; and provide the security information, the level of trust information, and the level of strength information to a requesting application of the access terminal, the requesting application configured to; (a) compare the level of strength information to a set of policies and select a secure network communication association, from the one or more network communication associations, to send data to a receiving terminal if a desired security level is met based on the security information, the level of trust information, and the comparison, and (b) establish a secure network communication association if the requesting application determines that security levels of the one or more network communication associations fail to meet a desired security level.
-
Specification