Processing

Please wait...

Settings

Settings

Goto Application

1. WO2020206370 - DISCOVERING TRUSTWORTHY DEVICES USING ATTESTATION AND MUTUAL ATTESTATION

Publication Number WO/2020/206370
Publication Date 08.10.2020
International Application No. PCT/US2020/026742
International Filing Date 03.04.2020
IPC
H04L 29/06 2006.01
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
29Arrangements, apparatus, circuits or systems, not covered by a single one of groups H04L1/-H04L27/136
02Communication control; Communication processing
06characterised by a protocol
G06F 21/53 2013.01
GPHYSICS
06COMPUTING; CALCULATING OR COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
52during program execution, e.g. stack integrity, buffer overflow or preventing unwanted data erasure
53by executing in a restricted environment, e.g. sandbox or secure virtual machine
G06F 21/44 2013.01
GPHYSICS
06COMPUTING; CALCULATING OR COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
30Authentication, i.e. establishing the identity or authorisation of security principals
44Program or device authentication
H04L 12/24 2006.01
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
12Data switching networks
02Details
24Arrangements for maintenance or administration
H04L 12/751 2013.01
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
12Data switching networks
70Packet switching systems
701Routing or path finding
751Topology update or discovery
H04W 84/18 2009.01
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
WWIRELESS COMMUNICATION NETWORKS
84Network topologies
18Self-organising networks, e.g. ad hoc networks or sensor networks
CPC
G06F 21/445
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
30Authentication, i.e. establishing the identity or authorisation of security principals
44Program or device authentication
445by mutual authentication, e.g. between devices or programs
G06F 21/53
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
52during program execution, e.g. stack integrity ; ; Preventing unwanted data erasure; Buffer overflow
53by executing in a restricted environment, e.g. sandbox or secure virtual machine
H04L 41/12
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
41Arrangements for maintenance or administration or management of packet switching networks
12network topology discovery or management
H04L 45/02
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
45Routing or path finding of packets in data switching networks
02Topology update or discovery
H04L 63/0853
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
08for supporting authentication of entities communicating through a packet data network
0853using an additional device, e.g. smartcard, SIM or a different communication terminal
H04L 63/0869
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
08for supporting authentication of entities communicating through a packet data network
0869for achieving mutual authentication
Applicants
  • CISCO TECHNOLOGY, INC. [US]/[US]
Inventors
  • SHETH, Sujal
  • BHANDARI, Shwetha Subray
  • VOIT, Eric
  • SULZEN, William F.
  • BROCKNERS, Frank
Agents
  • MCKNIGHT, Brian
Priority Data
16/839,57603.04.2020US
62/829,99805.04.2019US
62/830,01805.04.2019US
Publication Language English (EN)
Filing Language English (EN)
Designated States
Title
(EN) DISCOVERING TRUSTWORTHY DEVICES USING ATTESTATION AND MUTUAL ATTESTATION
(FR) DÉCOUVERTE DE DISPOSITIFS FIABLES AU MOYEN D'UNE ATTESTATION ET D'UNE ATTESTATION MUTUELLE
Abstract
(EN)
Systems, methods, and computer-readable media for discovering trustworthy devices through attestation and authenticating devices through mutual attestation. A relying node in a network environment can receive attestation information from an attester node in the network environment as part of a unidirectional push of information from the attester node according to a unidirectional link layer communication scheme. A trustworthiness of the attester node can be verified by identifying a level of trust of the attester node from the attestation information. Further, network service access of the attester node through the relying node in the network environment can be controlled based on the level of trust of the attester node identified from the attestation information.
(FR)
L'invention concerne des systèmes, des procédés et des supports lisibles par ordinateur permettant de découvrir des dispositifs fiables à l'aide de dispositifs d'attestation et d'authentification au moyen d'une attestation mutuelle. Un nœud d'appui dans un environnement de réseau peut recevoir des informations d'attestation d'un nœud d'attestation dans l'environnement de réseau dans le cadre d'un transfert unidirectionnel d'informations à partir du nœud d'attestation selon un schéma de communication par couche de liaison unidirectionnelle. Une fiabilité du nœud d'attestation peut être vérifiée en identifiant un niveau de confiance du nœud d'attestation à partir des informations d'attestation. De plus, l'accès au service réseau du nœud d'attestation au moyen du nœud d'appui dans l'environnement de réseau peut être commandé d'après le niveau de confiance du nœud d'attestation identifié à partir des informations d'attestation.
Latest bibliographic data on file with the International Bureau