Method and apparatus for providing an adaptable security level in an electronic communication

US 10,637,869 B2
Filed: 10/05/2018
Issued: 04/28/2020
Est. Priority Date: 04/13/2006
Status: Active Grant

First Claim

Patent Images

1. A first device, comprising:

at least one hardware processor; and

a non-transitory computer-readable storage medium coupled to the at least one hardware processor and storing programming instructions for execution by the at least one hardware processor, wherein the programming instructions, when executed, cause the at least one hardware processor to perform operations comprising;

assembling a data stream, wherein the data stream comprise a frame, the frame having a header and data;

determining, by the first device, a security level for the frame;

incorporating, by the first device, in the header, an indication of a frame type and an indication of the security level; and

forwarding, by the first device, the frame to a second device, wherein the frame type is associated with a policy, and the policy indicates a minimum security level for the frame type, the frame being acceptable by the second device if the security level meets the minimum security level and the frame being not acceptable by the second device if the security level does not meet the minimum security level.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method of communicating in a secure communication system, comprises the steps of assembling a message at a sender, then determining a frame type, and including an indication of the frame type in a header of the message. The message is then sent to a recipient and the frame type used to perform a policy check.

112 Citations

17 Claims

1. A first device, comprising:
- at least one hardware processor; and
  
  a non-transitory computer-readable storage medium coupled to the at least one hardware processor and storing programming instructions for execution by the at least one hardware processor, wherein the programming instructions, when executed, cause the at least one hardware processor to perform operations comprising;
  
  assembling a data stream, wherein the data stream comprise a frame, the frame having a header and data;
  
  determining, by the first device, a security level for the frame;
  
  incorporating, by the first device, in the header, an indication of a frame type and an indication of the security level; and
  
  forwarding, by the first device, the frame to a second device, wherein the frame type is associated with a policy, and the policy indicates a minimum security level for the frame type, the frame being acceptable by the second device if the security level meets the minimum security level and the frame being not acceptable by the second device if the security level does not meet the minimum security level.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The first device according to claim 1, wherein the second device:
    - receives the frame;
      
      determines the frame type from the header; and
      
      correlates the frame type to the policy to determine if the frame is acceptable for at least one attribute of the frame.
  - 3. The first device according to claim 2, wherein the second device accepts the frame if the policy is met, and rejects the frame if the policy is not met.
  - 4. The first device according to claim 2, wherein the header includes a representation of a key and the policy indicates an acceptable frame type for the key.
  - 5. The first device according to claim 2, wherein the policy indicates frame types vulnerable to an attack where one or more combinations of security features of the frame are present, and the second device rejects the frame if one of the one or more combinations is found.
  - 6. The first device according to claim 2, wherein the indication of the security level includes one or more security bits indicative of the security level, and the second device extracts the security bits to determine the security level.
  - 7. The first device according to claim 2, wherein the policy comprises a look up table correlating the frame type to the at least one attribute.
  - 8. The first device according to claim 1 wherein the frame further comprises a footer comprising one or more bits representing an error code.
  - 9. The first device according to claim 1 wherein the header comprises a key identifier, a representation of a key corresponding to the key identifier, and an originator for determining an acceptability of the frame type.

10. A second device, comprising:
- at least one hardware processor; and
  
  a non-transitory computer-readable storage medium coupled to the at least one hardware processor and storing programming instructions for execution by the at least one hardware processor, wherein the programming instructions, when executed, cause the at least one hardware processor to perform operations comprising;
  
  receiving, at the second device and from a first device, a frame having a header and data, the header including an indication of a frame type and an indication of a security level;
  
  determining, by the second device, the frame type from the header;
  
  correlating, by the second device, the frame type to a policy, wherein the policy indicates a minimum security level for the frame type; and
  
  determining, by the second device and based on the policy, whether to accept the frame type according to whether the security level meets the minimum security level.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
- - 11. The second device according to claim 10, the operations further comprising accepting the frame if the policy is met, and rejecting the frame if the policy is not met.
  - 12. The second device according to claim 10, wherein the header includes a representation of a key and the policy indicates an acceptable frame type for the key.
  - 13. The second device according to claim 10, wherein the policy indicates frame types vulnerable to an attack where one or more combinations of security features of the frame are present, and the operations comprises rejecting the frame if one of the one or more combinations is found.
  - 14. The second device according to claim 10, wherein the indication of the security level includes one or more security bits indicative of the security level, and the operations further comprises extracting the security bits to determine the security level.
  - 15. The second device according to claim 10, wherein the policy comprises a look up table correlating the frame type to at least one attribute.
  - 16. The second device according to claim 10, wherein the frame further comprises a footer comprising one or more bits representing an error code.
  - 17. The second device according to claim 10, wherein the header comprises a key identifier, a representation of a key corresponding to the key identifier, and an originator for determining an acceptability of the frame type.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Blackberry Limited
Original Assignee
Blackberry Limited
Inventors
Struik, Marinus
Primary Examiner(s)
Pyzocha, Michael

Application Number

US16/153,676
Publication Number

US 20190052646A1
Time in Patent Office

571 Days
Field of Search
US Class Current
CPC Class Codes

H04L 63/0227   Filtering policies mail mes...

H04L 63/105   Multiple levels of security

H04L 63/12   Applying verification of th...

H04L 63/1441   Countermeasures against mal...

H04L 63/20   for managing network securi...

Method and apparatus for providing an adaptable security level in an electronic communication

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

112 Citations

17 Claims

Specification

Use Cases

Quick Links

Others

Method and apparatus for providing an adaptable security level in an electronic communication

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

112 Citations

17 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others