Patent · US Active

Selectively loading security enforcement points with security association information

US8199916B2 · kind B2 · utility

0Cited by

10References

15Claims

0Family size

Assignee

International Business Machines Corporation · US

Inventors

Christopher Meyer · Vestal, US
Wuchieh J. Jong · Raleigh, US
Linwood H. Overby, Jr. · Raleigh, US

Key dates

Filing date	Dec 26, 2007
Grant date	Jun 12, 2012
Priority date	—
Expiry date	Apr 11, 2031

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/164
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

A method, network element, and computer storage program product, are provided for selectively loading a communication network security enforcement point (“SEP”) with security association (“SA”) information for inspection of encrypted data in a secure, end-to-end communications path. At least one encrypted data packet is received. It is determined that SA information for decrypting the at least one encrypted data packet fails to exist locally at the SEP. A request is sent to a communication network key server for SA information associated with the at least one encrypted data packet. The SA information associated with the at least one encrypted data packet is received from the communication network key server.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.