Key encryption system, method, and network devices
First Claim
1. In a system comprising at least one encryption device and at least one transport device, a method of controlling access to a first plurality of functions of the at least one encryption device and access to a second plurality of functions of the at least one transport device, the first plurality of functions comprising a function for controlling security of customer data transmitted across a network, the method comprising:
- providing a customer with access to at least some functions of the first plurality of functions, the at least some of the first plurality of functions comprising said function for controlling security of customer data transmitted across a network;
providing a network service provider with restricted access to a subset of the first plurality of functions, the subset of the first plurality of functions comprising at least one of the first plurality of functions and excluding said function for controlling security of customer data transmitted across a network; and
,providing the network service provider with access to at least some functions of the second plurality of functions,wherein the providing a customer with access to at least some functions of the first plurality of functions comprises;
responsive to receiving first requests from users of the customer, providing first instructions intended for the at least one encryption device for controlling access to the at least some functions of the first plurality of functions;
wherein the providing a network service provider with restricted access to a subset of the first plurality of functions comprises;
responsive to receiving second request from users of the network service provider, providing second instructions intended for that at least one encryption device for controlling access to the subset of the first plurality of functions; and
,wherein the providing the network service provider with access to at least dome functions of the second plurality of functions comprises;
responsive to receiving third request from the users of the network service provider, providing third instruction intended for the at least one transport device for controlling access to the at least some functions of the second plurality of functions.
3 Assignments
0 Petitions
Accused Products
Abstract
A network includes encryption devices at customer sites and transport devices provide transport functionality for encrypted data for transmission across networks. A method of controlling access to a first plurality of functions of the encryption devices and access to a second plurality functions of the transport devices is disclosed. The method involves providing a customer with access to at least some of the first plurality of functions and providing a network service provider with access to at least some of the second plurality of functions. The method also involves providing the network service provider with restricted access to a first subset of the first plurality of functions and/or providing the network service provider with restricted access to a second subset of the second plurality of functions. This allows the customer and the service provider to share access to hardware resources such as the encryption devices and the transport devices.
19 Citations
26 Claims
-
1. In a system comprising at least one encryption device and at least one transport device, a method of controlling access to a first plurality of functions of the at least one encryption device and access to a second plurality of functions of the at least one transport device, the first plurality of functions comprising a function for controlling security of customer data transmitted across a network, the method comprising:
-
providing a customer with access to at least some functions of the first plurality of functions, the at least some of the first plurality of functions comprising said function for controlling security of customer data transmitted across a network; providing a network service provider with restricted access to a subset of the first plurality of functions, the subset of the first plurality of functions comprising at least one of the first plurality of functions and excluding said function for controlling security of customer data transmitted across a network; and
,providing the network service provider with access to at least some functions of the second plurality of functions, wherein the providing a customer with access to at least some functions of the first plurality of functions comprises; responsive to receiving first requests from users of the customer, providing first instructions intended for the at least one encryption device for controlling access to the at least some functions of the first plurality of functions; wherein the providing a network service provider with restricted access to a subset of the first plurality of functions comprises; responsive to receiving second request from users of the network service provider, providing second instructions intended for that at least one encryption device for controlling access to the subset of the first plurality of functions; and
,wherein the providing the network service provider with access to at least dome functions of the second plurality of functions comprises; responsive to receiving third request from the users of the network service provider, providing third instruction intended for the at least one transport device for controlling access to the at least some functions of the second plurality of functions. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. In a system comprising at least one encryption device and at least one transport device, a method of controlling access to a first plurality of functions of the at least one encryption device and access to a second plurality of functions of the at least one transport device, the second plurality of functions comprising a transport function necessary for providing network service offered by a network service provider, the method comprising:
-
providing a customer with access to at least some functions of the first plurality of functions; providing the customer with access to a subset of the second plurality of functions, the subset of the second plurality of functions comprising at least one of the second plurality of functions and excluding said transport function necessary for providing network service offered by a network service provider; and
,providing a network service provider with access to at least some functions of the second plurality of functions, the at least some functions of the second plurality of functions comprising said transport function necessary for providing network service offered by a network service provider, wherein the providing a customer with access to at least some functions of the first plurality of functions comprises; responsive to receiving first request from users of the customer, providing first instructions intended for the at least one encryption device for controlling access to the at least some functions of the first plurality of functions; wherein the providing the customer with access to a subset of the second plurality of functions comprises; responsive to receiving second request from the users of the customer, providing second instructions intended for the at least one transport device for controlling access to the subset of the second plurality of functions; and
,wherein the providing a network service provider with access to at least some of the second plurality of functions comprises; responsive to receiving third requests from users of the network service provider, providing third instructions intended for the at least one transport device for controlling access to the at least some functions of the second plurality of functions. - View Dependent Claims (19)
-
-
20. A network device for controlling access to a first plurality of functions of at least one encryption device and access to a second plurality functions of at least one transport device, the first plurality of functions comprising a function for controlling security of customer data transmitted across a network, the network device comprising:
an encryption management unit for, responsive to receiving first requests from the users of a customer, providing first instructions intended for the at least one encryption device for controlling access to at least some functions of the first plurality of functions, the at least some of the first plurality of functions comprising said function for controlling security of customer data transmitted across a network and, responsive to receiving second requests from users of a network service provider, providing second instructions intended for the at least one encryption device for controlling access a subset of the first plurality of functions, the subset comprising at least one of the first plurality of functions and excluding said function for controlling security of customer data transmitted across a network; and
,a transport management unit for, responsive to receiving third requests from the users of the network service provider, providing third instructions intended for the at least one transport device for controlling access to at least some functions of the second plurality of functions; and
,a communications interface for receiving the first requests, the second requests, and the third requests and for transmitting the first instructions, the second instructions, and the third instructions. - View Dependent Claims (21, 22)
-
23. A network device for controlling access to a first plurality of functions of at least one encryption device and access to a second plurality functions of at least one transport device, the second plurality functions comprising a transport function necessary for providing network service offered by a network service provider, the network device comprising:
-
an encryption management unit for, responsive to receiving first requests from users of a customer, providing first instructions intended for the at least one encryption device for controlling access to at least some functions of the first plurality of functions; and
,a transport management unit for, responsive to receiving second requests from users of the network service provider, providing second instructions intended for the at least one transport device for controlling access to at least some of the second plurality of functions, the at least some of the second plurality of functions comprising said transport function necessary for providing network service offered by a network service provider and, responsive to receiving third requests from the users of the customer, providing third instructions intended for the at least one transport device for controlling access to a subset of the second plurality of functions, the subset comprising at least one of the second plurality of functions and excluding said transport function necessary for providing network service offered by a network service provider; and
,a communications interface for receiving the first requests, the second requests, and the third requests and for transmitting the first instructions, the second instructions, and the third instructions. - View Dependent Claims (24, 25)
-
-
26. An article of manufacture comprising:
-
a non-transitory computer usable medium having computer readable program code means embodied therein for controlling access to a first plurality of functions of at least one encryption device and access to a second plurality of functions of at least one transport device, the first plurality of functions comprising a function for controlling security of customer data transmitted across a network, the computer readable code means in said article of manufacture comprising; computer readable code means for providing a customer with access to at least some functions of the first plurality of functions; computer readable code means for providing a network service provider with restricted access to a subset of the first plurality of functions, the subset of the first plurality of functions comprising at least one of the first plurality of functions and excluding said function for controlling security of customer data transmitted across a network; and
,computer readable code means for providing the network service provider with access to at least some functions of the second plurality of functions, the at least some functions of the second plurality of functions comprising said function for controlling security of customer data transmitted across a network, wherein the providing a customer with access to at least some functions of the first plurality of functions comprises; responsive to receiving first requests from users of the customer, providing first instructions intended for the at least one encryption device for controlling access to the at least some functions of the first plurality of functions; wherein the providing a network service provider with restricted access to a subset of the first plurality of functions comprises; responsive to receiving second requests from users of the network service provider, providing second instructions intended for the at least one encryption device for controlling access to the subset of the first plurality of functions; and
,wherein the providing the network service provider with access to at least some of the second plurality of functions, comprises; responsive to receiving third requests from the users of the network service provider, providing third instructions intended for the at least one transport device for controlling access to the at least some functions of the second plurality of functions.
-
Specification