System and method for leveraging network topology for enhanced security

US 7,697,420 B1
Filed: 04/15/2003
Issued: 04/13/2010
Est. Priority Date: 04/15/2002
Status: Active Grant

First Claim

Patent Images

1. A method for securing communications from unintended access in an ad-hoc communications network, said network including a plurality of nodes for transmitting and receiving signals to and from other nodes in said network, the method comprising:

determining multiple routes from a source node to a destination node, wherein each of the multiple routes is different from one another based on varying at least one intermediate node with which each of the multiple routes is composed;

establishing a plurality of variable communication paths each comprising one of the multiple routes between the source node and the destination node for at least one data packet transmission;

dividing each data packet into a plurality of data sub-packets; and

communicating each of the plurality of data sub-packets via a unique associated variable communication path, wherein each intermediate node in each of the multiple routes of the associated variable communication paths is prevented from intercepting all of the at least one packet of data.

View all claims

8 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for locating and using multiple routes to transmit sub-packets of data from a source node to a destination node in an ad-hoc network, thus preventing intermediate nodes in any one transmission path from intercepting a useful amount of information. The system and method routes communications between a source node and a destination node via multiple routes, selected in a random fashion. Further protection is achieved by breaking data packets into sub-packets requiring reassembly at the destination node.

81 Citations

View as Search Results

20 Claims

1. A method for securing communications from unintended access in an ad-hoc communications network, said network including a plurality of nodes for transmitting and receiving signals to and from other nodes in said network, the method comprising:
- determining multiple routes from a source node to a destination node, wherein each of the multiple routes is different from one another based on varying at least one intermediate node with which each of the multiple routes is composed;
  
  establishing a plurality of variable communication paths each comprising one of the multiple routes between the source node and the destination node for at least one data packet transmission;
  
  dividing each data packet into a plurality of data sub-packets; and
  
  communicating each of the plurality of data sub-packets via a unique associated variable communication path, wherein each intermediate node in each of the multiple routes of the associated variable communication paths is prevented from intercepting all of the at least one packet of data.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. A method as claimed in claim 1, further comprising:
    - varying at least one intermediate node with which each of the multiple routes is composed by excluding each intermediate node previously used in at least one of the multiple routes.
  - 3. A method as claimed in claim 2, further comprising:
    - replacing said excluded intermediate node with a node not previously used in at least one of the multiple routes.
  - 4. A method as claimed in claim 1, further comprising:
    - varying at least one intermediate node with which each of the multiple routes is composed to prevent at least one intermediate node of each of the multiple routes to have access to at least two consecutive data sub-packets.
  - 5. A method as claimed in claim 1, further comprising:
    - varying at least one intermediate node with which each of the multiple routes is composed to prevent at least one intermediate node of each of the multiple routes to have access to at least a variable number of consecutive data sub-packets.
  - 6. A method as claimed in claim 5, further comprising:
    - calculating said variable number of consecutive data sub-packets based on a variable function performed at a routing layer.
  - 7. A method as claimed in claim 5, further comprising:
    - calculating said variable number of consecutive data sub-packets as a random number ranging between a lower limit and an upper limit value.
  - 8. A method as claimed in claim 1, wherein said division occurs at a media access control layer.
  - 9. A method as claimed in claim 1, further comprising:
    - reassembling said plurality of data sub-packets into said data packet at said destination node.

10. A system for securing communications from unintended access in an ad-hoc communications network, said network including a plurality of nodes for transmitting and receiving signals to and from other nodes in said network, the system comprising:
- a first node, for determining multiple routes from a source node to a destination node, wherein each of the multiple routes is different from one another based on varying at least one intermediate node with which each of the multiple routes is composed;
  
  said first node further for establishing a plurality of variable communication paths each comprising one of the multiple routes between the source node and the destination node for at least one data packet transmission; and
  
  said first node further for dividing each data packet into a plurality of data sub-packets and communicating each of the plurality of data sub-packets via a unique associated variable communication path, wherein each intermediate node in each of the multiple routes of the associated variable communication paths is prevented from intercepting all of the at least one packet of data.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. A system as claimed in claim 10, wherein:
    - said first node varies at least one intermediate node with which each of the multiple routes is composed by excluding each intermediate node previously used in at least one of the multiple routes.
  - 12. A system as claimed in claim 11, wherein:
    - said first node replaces said excluded intermediate node with a node not previously used in at least one of the multiple routes.
  - 13. A system as claimed in claim 10, wherein:
    - said first node varies at least one intermediate node with which each of the multiple routes is composed to prevent at least one intermediate node of each of the multiple routes to have access to at least two consecutive data sub-packets.
  - 14. A system as claimed in claim 10, wherein:
    - said first node varies at least one intermediate node with which each of the multiple routes is composed to prevent at least one intermediate node of each of the multiple routes to have access to at least a variable number of consecutive data sub-packets.
  - 15. A system as claimed in claim 14, wherein:
    - said first node further for calculating said variable number of consecutive data sub-packets based on a variable function performed at a routing layer.
  - 16. A system as claimed in claim 14, wherein:
    - said first node further for calculating said variable number of consecutive data sub-packets as a random number ranging between a lower limit and an upper limit value.
  - 17. A system as claimed in claim 10, wherein said division occurs at media access control layer.
  - 18. A system as claimed in claim 10, wherein:
    - said first node reassembles said plurality of data sub-packets into said data packet at said destination node.

19. A method, comprising;
- determining multiple routes from a source node to a destination node for at least one data packet transmission, wherein each of the multiple routes is different from one another based on varying at least one intermediary node with which each of the multiple routes is composed;
  
  dividing each data packet into a plurality of data sub-packets;
  
  selecting a first one of the multiple routes to transmit a first data sub-packet from the source node to the destination node and communicating the first data sub-packet via the first one of the multiple routes; and
  
  selecting a second one of the multiple routes to transmit a second data sub-packet from the source node to the destination node and communicating the second data sub-packet via the second one of the multiple routes, thereby preventing an intermediate node in any of the multiple routes from intercepting complete packet of data.

20. A method comprising:
- dividing a communication into a plurality of data packets;
  
  determining multiple routes from a source node to a destination node for each of the plurality of data packets, wherein each of the multiple routes is different from one another based on varying at least one intermediary node with which each of the multiple routes is composed;
  
  dividing each data packet into a plurality of data sub-packets;
  
  selecting a first one of the multiple routes to transmit a first series of data sub-packets from the source node to the destination node and communicating the first series of data sub-packets via the first one of the multiple routes; and
  
  selecting a second one of the multiple routes to transmit a second series of data sub-packets from the source node to the destination node and communicating the second series of data sub-packets via the second one of the multiple routes, thereby preventing an intermediate node in any of the multiple routes from intercepting complete packet of data.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
ARRIS Enterprises LLC (CommScope Holding Company, Inc.)
Original Assignee
MeshNetworks, Inc. (Motorola Solutions, Inc.)
Inventors
Stanforth, Peter J., Garahi, Masood
Primary Examiner(s)
Kumar, Pankaj
Assistant Examiner(s)
SMITH, MARCUS

Application Number

US10/413,567
Time in Patent Office

2,555 Days
Field of Search

370254-257, 370/328, 370/338, 370/400, 370/401
US Class Current

370/229
CPC Class Codes

H04L 45/00   Routing or path finding of ...

H04L 45/24   Multipath

H04L 45/243   using M+N parallel active p...

H04L 63/18   using different networks or...

H04W 40/02   Communication route or path...

H04W 84/18   Self-organising networks, e...

System and method for leveraging network topology for enhanced security

First Claim

8 Assignments

0 Petitions

Accused Products

Abstract

81 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

System and method for leveraging network topology for enhanced security

First Claim

8 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

81 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others