Patent application number | Description | Published |
20090150668 | SYSTEM AND METHOD FOR IMPLEMENTING SECURITY OF MULTI-PARTY-COMMUNICATION - A system and method for implementing security of multi-party communication is disclosed in the disclosure. The system mainly includes a group key management unit and a record protocol unit. The method mainly includes when the system runs in the centralized group key management mode, the Group Controller and Key Server (GCKS) establishes and stores a Group Security Association, the GCKS negotiates with the group members to establish an Initiation Security Association, under the protection of the Initiation Security Association, the group members obtain the Group Security Association from GCKS. When the system runs in the distributed group key management mode, a Group Security Association is established by all the group members together at the beginning of the group communication. The system runs in the application process space and can provide an application program (or application protocol) with the function of the group key management and data security of the multi-party communication in the form of the standard Application Programming Interface (API). | 06-11-2009 |
20090190764 | METHOD AND SYSTEM OF KEY SHARING - The present disclosure provides a method and system of key sharing, the method includes: transmitting, by a group member, a key information request to a neighbor group member; transmitting, by the neighbor group member, the requested key information to the group member, upon receiving the key information request. The system includes: a requester group member and a responder group member. With the method and system of the disclosure, it may improve the reliability and availability of group key and/or auxiliary key distribution, which avoids the bottleneck in service performance and network bandwidth that may occur when all the group members obtain the key from the key server. | 07-30-2009 |
20090271612 | METHOD, SYSTEM AND DEVICE FOR REALIZING MULTI-PARTY COMMUNICATION SECURITY - A method for realizing multi-party communication security includes: performing identification authentication and negotiating to create an initiation session through running the transport layer security protocol or datagram transport layer security protocol by a Group Control and Keying Server and a group member device; distributing a group session and a rekeying session to the group member device through running a group key management sub-protocol on the Group Control and Keying Server and the group member devices; rekeying through running the group key management sub-protocol on the Group Control and Keying Server and the group member devices, when a rekeying event is detected by the Group Control and Keying Server. A relevant multi-party communication security system and a device are further provided in the present invention. | 10-29-2009 |
20090292914 | NODES AND SYSTEMS AND METHODS FOR DISTRIBUTING GROUP KEY CONTROL MESSAGE - Nodes, systems and methods for distributing a group key control message are disclosed. The system mainly includes a root node and child nodes. The apparatus includes a distribution tree establishment node. The method mainly includes: establishing a distribution tree for the group key control message in the group key management system, a root node delivering the group key control message to the child nodes according to the distribution tree; the child nodes receiving the group key control message delivered from the root node, forwarding or locally processing the received group key control message. With the present disclosure, a replication/distribution mechanism for the group key control message is established within the group key management system, thereby eliminating the dependence of the group key management system on the deployed environment multicast service, and improving the availability and expansibility of the group key management system. | 11-26-2009 |
20100040236 | METHOD, SYSTEM AND DEVICE FOR GENERATING GROUP KEY - A method for generating a group key are provided in the field of network communications. The method includes the following steps: Group members select DH secret values and generate DH public values. An organizer generates an intermediate message and broadcasts a DH public value and the intermediate message. The group members generate a group key according to a DH secret value selected by the organizer and DH public values of the other group members except the organizer. A system for generating a group key and communication devices are also disclosed in the present invention. | 02-18-2010 |
20100122084 | METHOD, APPARATUS AND SYSTEM FOR REGISTERING NEW MEMBER IN GROUP KEY MANAGEMENT - A method for registering a new member in group key management is disclosed. An agent is deployed on the local network that requires the automatic group key management service; the agent receives an original registration request message sent by a new member in the local network, encapsulates the original registration request message and an information indicating the new member into a first request message, and sends the first request message to a Group Controller Key Server (GCKS); and the agent receives a first response message returned by the GCKS, extracts the information indicating the new member and the original response message carrying the processing result of request from the first response message, and sends the original response message to the new member according to the information indicating the new member. Apparatuses and system for registering a new member in group key management are also disclosed. According to the present invention, a new member that joins a network can be registered automatically. | 05-13-2010 |
20100185850 | METHOD AND DEVICE FOR AUTHENTICATING LEGAL NEIGHBOR IN GROUP KEY MANAGEMENT - Method and device for authenticating a legal neighbor in group key management (GKM) are disclosed. The method includes: members on a local network that needs the automatic GKM service store a group shared key and a group authentication algorithm; an authenticating member receives a first authentication value and authentication information of an authenticated member sent from the authenticated member, where the first authentication value is calculated by the authenticated member by using the group shared key and the authentication information of the authenticated member according to the group authentication algorithm; the authenticating member calculates a second authentication value by using the authentication information of the authenticated member and the group shared key according to the group authentication algorithm; the authenticating member authenticates the authenticated member as a legal neighbor when confirming that the first authentication value is the same as the second authentication value. | 07-22-2010 |
20110072157 | METHOD, DEVICE, AND COMMUNICATIONS SYSTEM FOR MANAGING QUERYING MAPPING INFORMATION - The present invention discloses a method, a device, and a communications system for managing and querying mapping information. The method for managing mapping information includes: signing a mapping information pair by using a private key of a certificate corresponding to a prefix in the mapping information pair to generate a signed mapping pair; submitting the signed mapping pair to a registration agent (RA) in a transit network; and sharing, by the RA, the signed mapping pair with other RAs through data synchronization. With the mapping information management method, data transmission method, devices and communications system provided by the present invention, the security of mapping information in registration, query, and synchronization operations is guaranteed. | 03-24-2011 |