Security level and status exchange between TCP/UDP client(s) and server(s) for secure transactions
First Claim
1. A system, comprising a processor and logic integrated with and/or executable by the processor, the logic being configured to:
- identify a security issue affecting a first peer in one or more secure transmission control protocol/user datagram protocol (TCP/UDP) sessions;
inform a second peer about the security issue using the first peer of the one or more TCP/UDP sessions by causing the first peer to send a packet from the first peer to the second peer, the first peer being aware of the security issue prior to informing the second peer about the security issue, and the packet comprising an indication of the security issue in a TCP header of the packet;
receive a second packet at the first peer indicating that the security issue has been acknowledged by the second peer, the second packet comprising a second TCP header having a security acknowledgement flag set therein to indicate that the security issue has been acknowledged by the second peer, wherein the security acknowledgement flag is stored within a reserve field of the second TCP header; and
perform at least one action to resolve and/or avoid the security issue in response to identifying and/or being informed about the security issue at the first peer, the at least one action comprising informing, via a socket call or an extension of a socket call, one or more applications operating on the second peer via the one or more TCP/UDP sessions to limit information exchange based on a severity of the security issue.
2 Assignments
0 Petitions
Accused Products
Abstract
According to one embodiment, a system includes a processor and logic integrated with and/or executable by the processor, the logic being configured to identify a security issue affecting a first peer in one or more secure transmission control protocol/user datagram protocol (TCR/UDP) sessions, inform a second peer about the security issue using the first peer of the one or more TCP/UDP sessions, and perform at least one action in response to identifying and/or being informed about the security issue. In another embodiment, a method for providing a secure TCP/UDP session includes identifying a security issue affecting a first peer in one or more TCP/UDP sessions, informing a second peer about the security issue using the first peer of the one or more TCP/UDP sessions, and performing at least one action in response to identifying and/or being informed about the security issue.
16 Citations
20 Claims
-
1. A system, comprising a processor and logic integrated with and/or executable by the processor, the logic being configured to:
-
identify a security issue affecting a first peer in one or more secure transmission control protocol/user datagram protocol (TCP/UDP) sessions; inform a second peer about the security issue using the first peer of the one or more TCP/UDP sessions by causing the first peer to send a packet from the first peer to the second peer, the first peer being aware of the security issue prior to informing the second peer about the security issue, and the packet comprising an indication of the security issue in a TCP header of the packet; receive a second packet at the first peer indicating that the security issue has been acknowledged by the second peer, the second packet comprising a second TCP header having a security acknowledgement flag set therein to indicate that the security issue has been acknowledged by the second peer, wherein the security acknowledgement flag is stored within a reserve field of the second TCP header; and perform at least one action to resolve and/or avoid the security issue in response to identifying and/or being informed about the security issue at the first peer, the at least one action comprising informing, via a socket call or an extension of a socket call, one or more applications operating on the second peer via the one or more TCP/UDP sessions to limit information exchange based on a severity of the security issue. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method for providing a secure transmission control protocol/user datagram protocol (TCP/UDP) session, the method comprising:
-
identifying a security issue affecting a first peer in one or more TCP/UDP sessions; informing a second peer about the security issue using the first peer of the one or more TCP/UDP sessions by causing the first peer to send a packet from the first peer to the second peer, the first peer being aware of the security issue prior to informing the second peer about the security issue, wherein the packet comprises one or more type-length-value (TLV) elements indicating a severity of the security issue, the one or more TLV elements being stored in a TCP header of the packet; and performing at least one action in response to identifying and/or being informed about the security issue. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19)
-
-
20. A computer program product for providing a secure transmission control protocol/user datagram protocol (TCP/UDP) session, the computer program product comprising a non-transitory computer readable storage medium having program code embodied therewith, the program code readable/executable by a processor to:
-
identify, using the processor, a security issue affecting a first peer in one or more TCP/UDP sessions; inform, using the processor, a second peer about the security issue by causing the first peer to send a packet from the first peer to the second peer, the first peer being aware of the security issue prior to informing the second peer about the security issue, and the packet comprising an indication of the security issue in a TCP header of the packet; receive, using the processor, a packet at the first peer indicating that the security issue has been acknowledged by the second peer, the packet comprising a TCP header having a security acknowledgement flag set therein to indicate that the security issue has been acknowledged by the second peer, wherein the security acknowledgement flag is stored within a reserve field of the TCP header; and perform, using the processor, at least one action to resolve and/or avoid the security issue in response to identifying and/or being informed about the security issue at the first peer and/or the second peer, the at least one action comprising informing, via a socket call or an extension of a socket call, one or more applications operating on the second peer via the one or more TCP/UDP sessions to limit information exchange based on a severity of the security issue.
-
Specification