Communication system and security assurance device

US 20060048228A1
Filed: 08/26/2005
Published: 03/02/2006
Est. Priority Date: 08/30/2004
Status: Active Grant

First Claim

Patent Images

1. A communication system comprising:

first communication device;

second communication device which communicates with the first communication device; and

a security assurance device which assures security during communication with the second communication device, wherein;

the second communication device transmits notification information for notifying its own security during communication to the security assurance device;

the security assurance device receives the notification information, verifies security of the second communication device during communication based upon the notification information, and, if the security during communication is confirmed, generates security assurance information which proves security during communication and transmits it to the second communication device;

the second communication device receives the security assurance information, and transmits the security assurance information to the first communication device according to a connection request from the first communication device; and

the first communication device, after the connection request to the second communication device, receives the security assurance information from the second communication device, and verifies security during communication with the second communication device based upon the security assurance information.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A communication system and a security assurance device are proposed, which are capable of assuring that a target party for communication is implementing security countermeasures. A server 3 transmits information 104 necessary for AC issuance to a security assurance authority 2. The security assurance authority 2 verifies the security of the server 3 during communication based upon this information necessary for AC issuance 104. And, when the security of the server 3 during communication is confirmed, the security assurance authority 2 issues an AC 105 which proves the security of the server 3 during communication, and transmits it to the server 3. Upon receipt of this AC 105, the server 3 transmits the AC 105 to a client 4, according to a connection request from the client 4. And, upon receipt of this AC 105, the client 4 verifies the security during communication of the server 3, based upon the AC 105.

183 Citations

39 Claims

1. A communication system comprising:
- first communication device;
  
  second communication device which communicates with the first communication device; and
  
  a security assurance device which assures security during communication with the second communication device, wherein;
  
  the second communication device transmits notification information for notifying its own security during communication to the security assurance device;
  
  the security assurance device receives the notification information, verifies security of the second communication device during communication based upon the notification information, and, if the security during communication is confirmed, generates security assurance information which proves security during communication and transmits it to the second communication device;
  
  the second communication device receives the security assurance information, and transmits the security assurance information to the first communication device according to a connection request from the first communication device; and
  
  the first communication device, after the connection request to the second communication device, receives the security assurance information from the second communication device, and verifies security during communication with the second communication device based upon the security assurance information.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 13, 14, 15, 16, 17, 22, 23)
- - 2. A communication system according to claim 1, wherein:
    - the second communication device and the security assurance device process bidirectional authentication; and
      
      after the bi-directional authentication, the security assurance device transmits operation information for operation and control of the second communication device to the second communication device, and, along with receiving the notification information from the second communication device which has created the notification information based upon the operation information, verifies security during communication with the second communication device, based upon the notification information.
  - 3. A communication system according to claim 1, wherein:
    - the second communication device and the security assurance device processes bi-directional authentication;
      
      after the bi-directional authentication, the second communication device creates the notification information and transmits the notification information to the security assurance device; and
      
      the security assurance device receives the notification information and verifies security during communication with the second communication device, based upon the notification information.
  - 4. A communication system according to claim 1, wherein:
    - the second communication device comprises a security countermeasure system;
      
      along a program which possesses an anti-tamper characteristic, the second communication device checks status of the security countermeasure system, and creates state information which is related to the state and transmits the state information to the security assurance device; and
      
      the security assurance device receives the state information, and verifies the security during communication with the second communication device, based upon the notification information and the state information.
  - 5. A communication system according to claim 1, wherein:
    - the second communication device comprises a security countermeasure system;
      
      the security assurance device makes an attack upon the second communication device based upon pattern information which specifies most up to date attack pattern;
      
      the security countermeasure system detects the attack by the security assurance device, based upon the pattern information which the security countermeasure system possesses in advance;
      
      the second communication device transmits attack detection information which specifies that attack has been detected by the security countermeasure system to the security assurance device; and
      
      the security assurance device receives the attack detection information, and, instead of the notification information, verifies security during communication with the second communication device, based upon the attack detection information and the pattern information.
  - 6. A communication system according to claim 1, wherein:
    - the second communication device comprises a security countermeasure system; and
      
      the notification information includes information which specifies that communication is being monitored by the security countermeasure system.
  - 7. A communication system according to claim 1, wherein:
    - the second communication device further transmits to the security assurance device recognizability information which proves its own recognizability; and
      
      the security assurance device further verifies, upon receipt of the recognizability information, recognizability of the second communication device based upon the recognizability information, and, if recognizability and security during communication of the second communication device are confirmed, generates the security assurance information and transmits the security assurance information to the second communication device.
  - 8. A communication system according to claim 1, wherein:
    - the second communication device further transmits, upon a connection request from the first communication device, recognizability information which proves its own recognizability to the first communication device; and
      
      the first communication device further receives, after the connection request to the second communication device, the recognizability information from the second communication device, and verifies recognizability of the second communication device, based upon the recognizability information.
  - 9. A communication system according to claim 1, wherein:
    - the second communication device appends a tag for identification to the notification information, and transmits it to the security assurance device; and
      
      the security assurance device identifies upon receipt of the notification information, the notification information based upon the tag, verifies the security during communication of the second communication device based upon the notification information, and, if security during communication is confirmed, transmits the security assurance information to the second communication device.
  - 10. A communication system according to claim 1, wherein:
    - the second communication device comprises a security countermeasure system, checks status of the security countermeasure system, and transmits state information which specifies the status to the security assurance device;
      
      the security assurance device verifies upon receipt of the state information, the security during communication with the second communication device based upon the state information, and, if security during communication is confirmed, creates the security assurance information and transmits the security assurance information to the second communication device; and
      
      the second communication device comprises a means for checking state of the security countermeasure system within a security chip which has an anti-tampering characteristic.
  - 11. A communication system according to claim 1, wherein:
    - the second communication device comprises a security countermeasure system, checks status of the security countermeasure system, and transmits state information which specifies the state to the security assurance device;
      
      the security assurance device verifies, upon receipt of the state information, the security during communication with the second communication device based upon the state information, and, if security during communication is confirmed, creates the security assurance information and transmits it to the second communication device; and
      
      the second communication device comprises a hash value means which is for checking the state of the security countermeasure system and which is stored within a security chip which has anti-tampering characteristic.
  - 13. A communication system according to claim 1 or claim 12, wherein:
    - the security assurance information includes at least one among a group consisting of information which specifies the second communication device, information which specifies the security assurance device, information which specifies when the security assurance information was created, information which specifies period of validity of the security assurance information, various information which relates to algorithm for generating the security assurance information, information which indicates that the second communication device is monitoring communication with the security countermeasure system, information which specifies the security countermeasure system, and information which specifies a monitoring policy.
  - 14. A communication system according to claim 1 or claim 12, wherein:
    - the first communication device requests the security assurance device to make judgment of validity of the security assurance information; and
      
      the security assurance device further makes judgment of validity of the security assurance information after receiving request from the first communication device.
  - 15. A communication system according to claim 14, wherein the security assurance device further encrypts, along with storing abrogation information in which security countermeasure information which specifies the type of security countermeasure and information which indicates validity of the security countermeasure information are in mutual correspondence, security countermeasure information of the second communication device which is included in the notification information and appends the security countermeasure information to the security assurance information, and transmits the security assurance information to the second communication device, and, if there is a request from the first communication device for a judgment of the validity of the security assurance information, decrypts the security countermeasure information in the security assurance information, and judges the validity of the security assurance information based upon the security countermeasure information after decryption and the abrogation information.
  - 16. A communication system according to claim 14, wherein:
    - the security assurance device further appends to the security assurance information, along with storing abrogation information in which security countermeasure information which specifies type of security countermeasure, identification information which identifies the type, and information which indicates the validity of the type are in mutual correspondence, the identification information in correspondence to the security countermeasure information for the second communication device which is included in the notification information and transmits to the second communication device, and, if there is a request from the first communication device for judgment of validity of the security assurance information, judge validity of the security assurance information based upon the identification information within the security assurance information and the abrogation information.
  - 17. A communication system according to any one of claim 4 through claim 6, wherein:
    - the security countermeasure system includes at least one among a group consisting of an intrusion detection system, a virus detection system, a firewall, and a quarantine system.
  - 22. A communication system according to claim 16, wherein:
    - in the abrogation information, a plurality of the identification information which are different are linked to the type which is same one.
  - 23. A communication system according to claim 16, wherein:
    - in the abrogation information, the types and the identification numbers which identify the types are set in mutual correspondence to one another, and, when appending the identification numbers, the identification numbers are appended so that all the types, which are in correspondence to all identification numbers lower than an abrogated identification number which is appended to the type which has been abrogated, are in the state of being abrogated.

12. A communication system, comprising:
- first communication device;
  
  second communication device which processes communication with the first communication device; and
  
  a security assurance device which assures security during communication with the second communication device, and wherein the second communication device transmits security assurance information which proves security of the second communication device during communication to the security assurance device;
  
  the security assurance device receives the security assurance information, appends signature information to the security assurance information, and transmits the security assurance information to the second communication device;
  
  the second communication device receives the security assurance information, and transmits the security assurance information with the signature that is appended to the first communication device in response to a connection request from the first communication device; and
  
  the first communication device receives, after the connection request to the second communication device, the security assurance information from the second communication device, and verifies security during communication with the second communication device based upon the security assurance information and the signature information which has been appended to the security assurance information.
- View Dependent Claims (18, 19, 20, 21)
- - 18. A communication system according to claim 12, wherein:
    - the second communication device comprises a security countermeasure system;
      
      the security assurance device makes an attack upon the second communication device based upon pattern information which specifies most up to date attack pattern;
      
      the security countermeasure system detects the attack by the security assurance device, based upon the pattern information which the security countermeasure system possesses in advance;
      
      the second communication device transmits attack detection information which specifies that an attack is detected by the security countermeasure system to the security assurance device; and
      
      the security assurance device receives the attack detection information, and, based upon the attack detection information and the pattern information, verifies security during communication with the second communication device, and, if security during communication with the second communication device is confirmed, appends the signature information to the security assurance information, and transmits to the second communication device.
  - 19. A communication system according to claim 12, wherein:
    - the second communication device transmits to the security assurance device the security assurance information which proves security during communication and which includes information in which tags for recognition is appended to notification information that is for notifying security of the second communication device during communication; and
      
      the security assurance device recognizes, upon receipt of the security assurance information, the notification information based upon the tags, verifies security during communication with the second communication device based upon the notification information, and, if security during communication is confirmed, appends signature information to the security assurance information, and transmits the security assurance information to the second communication device.
  - 20. A communication system according to claim 12, wherein:
    - the second communication device transmits to the security assurance device the security assurance information which includes state information which specifies status of a security countermeasure system possessed by the second communication device;
      
      the security assurance device verifies, upon receipt of the security assurance information, security during communication with the second communication device based upon the state information which is included in the security assurance information, and, if security during communication is confirmed, appends signature information to the security assurance information, and transmits the security assurance information to the second communication device; and
      
      a means for checking status of the security countermeasure system is comprised, within the second communication device, upon an internal security chip which has anti-tampering characteristic.
  - 21. A communication system according to claim 12, wherein:
    - the second communication device transmits to the security assurance device the security assurance information which includes state information indicating the status of a security countermeasure system which the second communication device possesses;
      
      the security assurance device verifies, upon receipt of the security assurance information, security during communication with the second communication device based upon the state information which is included in the security assurance information, and, if security during communication is confirmed, appends signature information to the security assurance information, and transmits the security assurance information to the second communication device; and
      
      in the second communication device, a hash value means for checking status of the security countermeasure system is stored within a security chip which has an anti-tampering characteristic.

24. A security assurance device included in a communication system which comprises a first communication device, and a second communication device which processes communication with the first communication device according to a connection request from the first communication device, the security assurance device assuring security during communication with the second communication device, comprising:
- a reception means which receives notification information which is transmitted by the second communication device, and which notifies security during communication with the second communication device;
  
  a verification means which verifies the security during communication with the second communication device based upon the notification information;
  
  an attestation information generation means which generates, if security during communication with the second communication device is confirmed by the verification means, security assurance information which proves security during communication; and
  
  a transmission means which transmits the security assurance information to the second communication device.
- View Dependent Claims (25, 26, 27, 28, 29, 30, 32, 33, 34, 36, 37, 38, 39)
- - 25. A security assurance device according to claim 24, wherein:
    - the security assurance device processes bi-directional authentication with the second communication device, and, after the bi-directional authentication, transmits actuation information for controlling and operating the second communication device to the second communication device, and, based upon the actuation information, along with receiving the notification information from the second communication device which has created the notification information, verifies the security during communication of the second communication device, based upon the notification information.
  - 26. A security assurance device according to claim 24, wherein:
    - the security assurance device processes bidirectional authentication with the second communication device, and, after the bi-directional authentication, along with receiving the notification information from the second communication device which has created the notification information, verifies security during communication with the second communication device, based upon the notification information.
  - 27. A security assurance device according to claim 24, further comprising:
    - an attack generation means which generates an attack packet based upon pattern information which specifies most up to date attack pattern, wherein;
      
      the transmission means transmits the attack packet to the second communication device;
      
      the reception means receives from the second communication device attack detection information which indicates an attack which is detected by a security countermeasure system provided to the second communication device, and which is based upon the attack packet; and
      
      the verification means verifies the security during communication with the second communication device, based upon the attack detection information and the pattern information instead of the notification information.
  - 28. A security assurance device according to claim 24, wherein:
    - the notification information includes information which specifies the fact that the second communication device is monitoring communication with a security countermeasure system.
  - 29. A security assurance device according to claim 24, wherein:
    - the reception means further receives recognizability attestation information, transmitted by the second communication device, which proves recognizability of the second communication device;
      
      the verification means further verifies the recognizability of the second communication device based upon the recognizability attestation information; and
      
      the attestation information generation means generates the security assurance information, if recognizability and security during communication of the second communication device with the verification means are confirmed.
  - 30. A security assurance device according to claim 24, wherein:
    - to the notification information which is transmitted by the second communication device, a tag is appended for identification; and
      
      the attestation information generation means identifies the notification information based upon the tag, verifies security during communication with the second communication device based upon the notification information, and creates the security assurance information if security during communication is confirmed.
  - 32. A security assurance device according to claim 24 or claim 31, further comprising:
    - a validity determination means which distinguishes the validity of the security assurance information, after receiving a request to distinguish the validity of the security assurance information from the first communication device.
  - 33. A security assurance device according to claim 24 or claim 31, wherein:
    - the security assurance information includes at least one of a group consisting of information which specifies the second communication device, information which specifies the security assurance device, information which specifies when the security assurance information was created, information which specifies the period of validity of the security assurance information, various information which relates to an algorithm for generating the security assurance information, information which specifies that the second communication device is monitoring communication with a security countermeasure system, information which specifies the security countermeasure system, and information which specifies a monitoring policy.
  - 34. A security assurance device according to one of claim 27 or claim 28, wherein:
    - the security countermeasure system includes at least one of a group consisting of an intrusion detection system, a virus detection system, a firewall, and a quarantine system.
  - 36. A security assurance device according to claim 32, further comprising a storage means which stores abrogation information in which security countermeasure information which specifies the type of security countermeasure information and information which indicates the validity of the security countermeasure information are in mutual correspondence, wherein:
    - the attestation information generation means further encrypts security countermeasure information of the second communication device which is included in the notification information, and appends to the security assurance information; and
      
      the validity determination means further decrypts, if there is a request from the first communication device for a judgment of validity of the security assurance information, the security countermeasure information in the security assurance information, and judges validity of the security assurance information based upon the security countermeasure information after decryption and the abrogation information.
  - 37. A security assurance device according to claim 32, wherein:
    - the security assurance device further comprises a storage means which stores abrogation information in which security countermeasure information which specifies the type of security countermeasure, identification information which identifies the type, and information which specifies the validity of the type are in mutual correspondence;
      
      the attestation information generation means further appends, to the security assurance information, the identification information in correspondence to security countermeasure information for the second communication device which is included in the notification information; and
      
      the validity determination means further judges, if there is a request from the first communication device for judgment of validity of the security assurance information, validity of the security assurance information based upon the identification information within the security assurance information and the abrogation information.
  - 38. A security assurance device according to claim 37, wherein:
    - in the abrogation information, a plurality of the identification information which are different are set in correspondence to the type which is same one.
  - 39. A security assurance device according to claim 37, wherein:
    - in the abrogation information, the types and the identification numbers which identify the types are set in mutual correspondence to one another, and, when appending the identification numbers, the identification numbers are appended so that all the types, which are in correspondence to all identification numbers lower than an abrogated identification number which is appended to the type which has been abrogated, are in the state of being abrogated.

31. A security assurance device included in a communication system which comprises a first communication device, and a second communication device which performs communication with the first communication device according to a connection request from the first communication device, the security assurance device assuring security during communication with the second communication device, comprising:
- a reception means which receives security assurance information which is transmitted by the second communication device, and which notifies security during communication with the second communication device;
  
  a signature information appending means which appends signature information to the security assurance information; and
  
  a transmission means which transmits the security assurance information to which the signature information is appended, to the second communication device.
- View Dependent Claims (35)
- - 35. A security assurance device according to claim 31, further comprising an attack generation means which generates an attack packet based upon pattern information which specifies most up to date attack pattern, wherein:
    - the transmission means transmits the attack packet to the second communication device;
      
      the reception means receives from the second communication device attack detection information which indicates an attack which is detected by a security countermeasure system comprised by the second communication device, and which has been based upon the attack packet; and
      
      the verification means verifies the security during communication of the second communication device, based upon, instead of the notification information, the attack detection information and the pattern information, and, if security during communication of the second communication device is confirmed, appends the signature information to the security assurance information, and transmits to the second communication device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
KDDI Corporation, KEIO University
Original Assignee
KDDI Corporation KEIO University
Inventors
Isohara, Takamasa, Tanaka, Toshiaki, Miyake, Yutaka, Sasase, Iwao, Takemori, Keisuke

Granted Patent

US 7,673,334 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/22
CPC Class Codes

G06F 21/577   Assessing vulnerabilities a...

H04L 63/0823   using certificates cryptogr...

H04L 9/002   Countermeasures against att...

H04L 9/3247   involving digital signatures

H04L 9/3263   involving certificates, e.g...

H04L 9/3273   for mutual authentication n...

H04L 9/40   Network security protocols

Communication system and security assurance device

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

183 Citations

39 Claims

Specification

Use Cases

Quick Links

Others

Communication system and security assurance device

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

183 Citations

39 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others