Layer-independent security for communication channels

US 8,255,680 B1
Filed: 06/26/1997
Issued: 08/28/2012
Est. Priority Date: 06/26/1997
Status: Expired due to Fees

First Claim

Patent Images

1. A method for providing communication protocol layer independent security for data transmitted between a first process, executing on a first network node, and a second process, executing on a second network node, wherein the first network node and the second network node each support at least one common communication protocol layer, the method comprising the steps of:

establishing a Java secure channel between the first network node and the second network node;

establishing a first Java stream between the first process and the Java secure channel;

establishing a second Java stream between the second process and the Java secure channel;

in response to the data being written to the first Java stream, encrypting the data to generate encrypted data, the encrypting of the data being performed independent of any communication protocol layers used to transport the encrypted data from the first network node to the second network node;

causing the encrypted data to be transmitted from the first network node to the second network node according to the at least one communication protocol layer supported by the first and second network nodes; and

in response to the encrypted data being read from the second Java stream, decrypting the encrypted data to recover decrypted data which is identical to the data on the first network node before the data was written to the first Java stream, the decrypting of the encrypted data being performed independent of any communication protocol layers used to transport the encrypted data from the first network node to the second network node.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and apparatus for providing layer-independent secure network communication is provided. According to an embodiment of the invention, a transmission medium is provided between a first network node and a second network node. Both the first network node and the second network node support at least one common communication protocol. A Java output stream is established between a first process executing on the first network node and the transmission medium. Also, a Java input stream is established between a second process executing on the second multi-layered node and the transmission medium. Data to be transmitted from the first process to the second process is encrypted by the first process and written to the Java output stream. The data is transmitted to the second network node. Then the data is read from the Java input stream by the second process and decrypted.

33 Citations

View as Search Results

20 Claims

1. A method for providing communication protocol layer independent security for data transmitted between a first process, executing on a first network node, and a second process, executing on a second network node, wherein the first network node and the second network node each support at least one common communication protocol layer, the method comprising the steps of:
- establishing a Java secure channel between the first network node and the second network node;
  
  establishing a first Java stream between the first process and the Java secure channel;
  
  establishing a second Java stream between the second process and the Java secure channel;
  
  in response to the data being written to the first Java stream, encrypting the data to generate encrypted data, the encrypting of the data being performed independent of any communication protocol layers used to transport the encrypted data from the first network node to the second network node;
  
  causing the encrypted data to be transmitted from the first network node to the second network node according to the at least one communication protocol layer supported by the first and second network nodes; and
  
  in response to the encrypted data being read from the second Java stream, decrypting the encrypted data to recover decrypted data which is identical to the data on the first network node before the data was written to the first Java stream, the decrypting of the encrypted data being performed independent of any communication protocol layers used to transport the encrypted data from the first network node to the second network node.
- View Dependent Claims (2, 3)
- - 2. The method of claim 1, further including the steps ofperforming a communication protocol layer specific encryption of data to be sent across the communication channel at the first network node, andperforming a communication protocol layer specific decryption of data received from the communication channel at the second network node.
  - 3. The method of claim 1,wherein the method further comprises the step of connecting the Java secure channel to a third Java stream, andwherein the third Java stream provides for the transmission of data according to a specific communication protocol layer.

4. A non-transitory computer-readable medium carrying one or more sequences of one or more instructions for providing communication protocol layer independent security for data transmitted between a first process, executing on a first network node, and a second process, executing on a second network node, wherein the first network node and the second network node each support at least one common communication protocol layer, the one or more sequences of one or more instructions including instructions which, when executed by one or more processors, cause the one or more processors to perform the steps of:
- establishing a Java secure channel between the first network node and the second network node;
  
  establishing a first Java stream between the first process and the Java secure channel;
  
  establishing a second Java stream between the second process and the Java secure channel;
  
  in response to the data being written to the first Java stream, encrypting the data to generate encrypted data, the encrypting of the data being performed independent of any communication protocol layers used to transport the encrypted data from the first network node to the second network node;
  
  causing the encrypted data to be transmitted from the first network node to the second network node according to the at least one communication protocol layer supported by the first and second network nodes; and
  
  in response to the encrypted data being read from the second Java stream, decrypting the encrypted data to recover decrypted data which is identical to the data on the first network node before the data was written to the first stream, the decrypting of the encrypted data being performed independent of any communication protocol layers used to transport the encrypted data from the first network node to the second network node.
- View Dependent Claims (5, 6)
- - 5. The non-transitory computer-readable medium of claim 4, wherein the non-transitory computer-readable medium further includes instructions for performing the steps ofperforming a communication protocol layer specific encryption of the data on the first network node, andperforming a communication protocol layer specific decryption of the data on the second network node.
  - 6. The non-transitory computer-readable medium of claim 4,wherein the non-transitory computer-readable medium further includes instructions for connecting the Java secure channel to a third Java stream, andwherein the third Java stream provides for the transmission of data according to a specific communication protocol layer.

7. A computer data signal embodied on a non-transitory computer-readable medium and representing sequences of instructions which, when executed by one or more processors, provide communication protocol layer independent security for data transmitted between a first process, executing on a first network node, and a second process, executing on a second network node, according to at least one common communication protocol layer supported by the first and second network nodes, by performing the steps of:
- establishing a Java secure channel between the first network node and the second network node;
  
  establishing a first Java stream between the first process and the Java secure channel;
  
  establishing a second Java stream between the second process and the Java secure channel;
  
  in response to the data being written to the first Java stream, encrypting the data to generate encrypted data, the encrypting of the data being performed independent of any communication protocol layers used to transport the encrypted data from the first network node to the second network node;
  
  causing the encrypted data to be transmitted from the first network node to the second network node according to the at least one communication protocol layer supported by the first and second network nodes; and
  
  in response to the encrypted data being read from the second Java stream, decrypting the encrypted data to recover decrypted data which is identical to the data on the first network node before the data was written to the first Java stream, the decrypting of the encrypted data being performed independent of any communication protocol layers used to transport the encrypted data from the first network node to the second network node.
- View Dependent Claims (8, 9)
- - 8. The computer data signal of claim 7, wherein the computer sequence of instructions further includes instructions for performing the steps ofperforming a communication protocol layer specific encryption of the data on the first network node, andperforming a communication protocol layer specific decryption of the data on the second network node.
  - 9. The computer data signal of claim 7,wherein the computer sequence of instructions further includes instructions for connecting the Java secure channel to a third Java stream, andwherein the third Java stream provides for the transmission of data according to a specific communication protocol layer.

10. A method for providing communication protocol layer independent security for data transmitted by a process executing on a network node, the method comprising the steps of:
- a) establishing a first Java stream between the process and a Java secure channel; and
  
  b) in response to the data being written to the first Java stream, encrypting the data to generate encrypted data, the encrypting of the data being performed independent of any communication protocol layers used to transport the encrypted data on the Java secure channel.
- View Dependent Claims (11)
- - 11. The method of claim 10,wherein the method further comprises the step of connecting the Java secure channel to a second Java stream, andwherein the second Java stream provides for the transmission of data according to a specific communication protocol layer.

12. A method for providing communication protocol-independent security for data transmitted between a first node and a second node, the method comprising the steps of:
- establishing a Java secure channel between a first network node and a second network node;
  
  establishing a first Java stream from a first process to the Java secure channel after the establishment of the Java secure channel, wherein the first Java stream is encrypted after the first process and before entering the Java secure channel and the encrypted first Java stream is independent of any communication protocol layers; and
  
  establishing a second Java stream from the Java secure channel to a second process after the establishment of the Java secure channel, wherein the second Java stream is decrypted after the Java secure channel and before entering the second process.

13. The method of clam 12, further comprisingconnecting the Java secure channel to a third Java stream, whereinthe third Java stream provides for the transmission of data according to a specific communication protocol layer.

14. A non-transitory computer-readable medium carrying one or more sequences of one or more instructions for providing communication protocol-layer independent security for data transmitted between a first node and a second node, the one or more sequences of one or more instructions including instructions which, when executed by one or more processors, cause the one or more processors to perform the steps of:
- establishing a Java secure channel between a first network node and a second network node;
  
  establishing a first Java stream from a first process to the Java secure channel after the establishment of the Java secure channel, wherein the first Java stream is encrypted after the first process and before entering the Java secure channel and the encrypted first Java stream is independent of any communication protocol layers; and
  
  establishing a second Java stream from the Java secure channel to a second process after the establishing of the Java secure channel, wherein the second Java stream is decrypted after the Java secure channel and before entering the second process.
- View Dependent Claims (15)
- - 15. The non-transitory computer-readable medium of claim 14, wherein the non-transitory computer-readable medium further includes instructions for:
    - connecting the Java secure channel to a third Java stream, whereinthe third Java stream provides for the transmission of data according to a specific communication protocol layer.

16. A communications network providing communication protocol-independent security for data, comprising:
- a first network node;
  
  a second network node;
  
  a Java secure channel between the first network node and the second network node;
  
  a first Java stream between a first process of the first node and the Java secure channel, wherein the first process encrypts the first Java stream independent of any communication protocol layers; and
  
  a second Java stream between the Java secure channel and a second process of the second node, wherein the second process decrypts the second Java stream.
- View Dependent Claims (17, 18)
- - 17. The communication network of claim 16, wherein at least one of the encryption of the first stream and the decryption of the second stream is specific to a communication protocol layer.
  - 18. The communication network of claim 16, further comprising a third Java stream that provides for the transmission of data according to a specific communication protocol layer.

19. A computer data signal embodied in a non-transitory computer-readable medium and representing sequences of instructions which, when executed by one or more processors, provide communication protocol independent security for data transmitted between a first node and second node, by performing the steps of:
- establishing a Java secure channel between a first network node and a second network node;
  
  establishing a first Java stream from a first process to the Java secure channel after the establishment of the Java secure channel, wherein the first Java stream is encrypted after the first process and before entering the Java secure channel and the encrypted first Java stream is independent of any communication protocol layers; and
  
  establishing a second Java stream from the Java secure channel to a second process after the establishment of the Java secure channel, wherein the second Java stream is decrypted after the Java secure channel and before entering the second process.
- View Dependent Claims (20)
- - 20. The computer data signal of claim 19, wherein the computer sequence of instructions further includes instructions for:
    - connecting the Java secure channel to a third Java stream, whereinthe third Java stream provides for the transmission of data according to a specific communication protocol layer.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Oracle America, Inc. (Oracle Corporation)
Original Assignee
Oracle America, Inc. (Oracle Corporation)
Inventors
Gong, Li
Primary Examiner(s)
Shiferaw, Eleni
Assistant Examiner(s)
CALLAHAN, PAUL E

Application Number

US08/883,636
Time in Patent Office

5,542 Days
Field of Search

380/49, 380/37, 380/42, 380/9, 395/200.61, 395/200.6, 395/200.59, 395/200.49, 713/151, 713/152, 713/153, 726/3
US Class Current

713/153
CPC Class Codes

H04L 63/04   for providing a confidentia...

H04L 63/168   above the transport layer

H04L 9/40   Network security protocols

Layer-independent security for communication channels

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

33 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Layer-independent security for communication channels

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

33 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links