CA2321407A1 - Security mechanisms and architecture for collaborative systems using tuple space - Google Patents

Security mechanisms and architecture for collaborative systems using tuple space Download PDF

Info

Publication number
CA2321407A1
CA2321407A1 CA002321407A CA2321407A CA2321407A1 CA 2321407 A1 CA2321407 A1 CA 2321407A1 CA 002321407 A CA002321407 A CA 002321407A CA 2321407 A CA2321407 A CA 2321407A CA 2321407 A1 CA2321407 A1 CA 2321407A1
Authority
CA
Canada
Prior art keywords
tuple space
sites
secure
effecting
agents
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CA002321407A
Other languages
French (fr)
Other versions
CA2321407C (en
Inventor
Ahmed Karmouch
Tom Gray
Serge Mankovskii
Cui Zheng
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
University of Ottawa
Mitel Cloud Services Inc
Original Assignee
University of Ottawa
Mitel Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by University of Ottawa, Mitel Corp filed Critical University of Ottawa
Publication of CA2321407A1 publication Critical patent/CA2321407A1/en
Application granted granted Critical
Publication of CA2321407C publication Critical patent/CA2321407C/en
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0471Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload applying encryption by an intermediary, e.g. receiving clear information at the intermediary and encrypting the received information at the intermediary before forwarding
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/062Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0272Virtual private networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0869Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/102Entity profiles
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1458Denial of Service
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1466Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks

Abstract

According to the present invention, a virtual network communication system is provided for effecting secure communications between user agents at differen t sites within said virtual network, comprising at least one Private Tuple Space within each of the sites for effecting intra-site communications between the agents, a Shared Tuple Space for effecting inter-site communications between different sites, and a Coordinator Manager within each of the sites for receiving user initiat ed communication requests from the Private Tuple Space to communicate between user agents at the different sites, authenticating the requests and in response dynamically creating and managing instances of Coordinators at each of the different sit es which embed messages from the user agents in secure tuples using multi-layered encryption and exchange the secure tuples over the Shared Tuple Space.
CA002321407A 1999-10-05 2000-09-28 Security mechanisms and architecture for collaborative systems using tuple space Expired - Lifetime CA2321407C (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
GB9923544A GB2355140B (en) 1999-10-05 1999-10-05 Security mechanism and architecture for collaborative software systems using tuple space
GB9923544.2 1999-10-05

Publications (2)

Publication Number Publication Date
CA2321407A1 true CA2321407A1 (en) 2001-04-05
CA2321407C CA2321407C (en) 2005-05-17

Family

ID=10862162

Family Applications (1)

Application Number Title Priority Date Filing Date
CA002321407A Expired - Lifetime CA2321407C (en) 1999-10-05 2000-09-28 Security mechanisms and architecture for collaborative systems using tuple space

Country Status (3)

Country Link
US (1) US7055170B1 (en)
CA (1) CA2321407C (en)
GB (1) GB2355140B (en)

Families Citing this family (21)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
AU742639B3 (en) * 2001-02-15 2002-01-10 Ewise Systems Pty Limited Secure network access
GB2375264B (en) 2001-05-02 2004-10-13 Mitel Knowledge Corp Remote assembly of messages for distributed applications
US7656794B2 (en) * 2002-01-24 2010-02-02 General Instrument Corporation Method and apparatus for authenticated quality of service reservation
GB0218716D0 (en) 2002-08-12 2002-09-18 Mitel Knowledge Corp Privacy and security mechanism fo presence systems with tuple spaces
GB0218710D0 (en) 2002-08-12 2002-09-18 Mitel Knowledge Corp Personalizable and customizable feature execution for ip telephony using operational semantics and deontic task trees
US7702729B2 (en) * 2003-04-08 2010-04-20 Johanson Bradley E Event heap: a coordination infrastructure for dynamic heterogeneous application interactions in ubiquitous computing environments
US8171474B2 (en) * 2004-10-01 2012-05-01 Serguei Mankovski System and method for managing, scheduling, controlling and monitoring execution of jobs by a job scheduler utilizing a publish/subscription interface
US7464267B2 (en) * 2004-11-01 2008-12-09 Innomedia Pte Ltd. System and method for secure transmission of RTP packets
US20080022353A1 (en) * 2006-03-06 2008-01-24 Tresys Technology, Llc Framework to simplify security engineering
US20090077480A1 (en) * 2007-06-19 2009-03-19 Caunter Mark Leslie Apparatus and method of managing electronic communities of users
US20090063423A1 (en) * 2007-06-19 2009-03-05 Jackson Bruce Kelly User interfaces for service object located in a distributed system
KR20090044437A (en) * 2007-10-31 2009-05-07 성균관대학교산학협력단 Method and system for controlling access for mobile agents in home network environments
US8977710B2 (en) * 2008-06-18 2015-03-10 Qualcomm, Incorporated Remote selection and authorization of collected media transmission
US8060603B2 (en) 2008-06-18 2011-11-15 Qualcomm Incorporated Persistent personal messaging in a distributed system
US20090319385A1 (en) * 2008-06-18 2009-12-24 Jackson Bruce Kelly Monetizing and prioritizing results of a distributed search
US20090320097A1 (en) * 2008-06-18 2009-12-24 Jackson Bruce Kelly Method for carrying out a distributed search
US8266477B2 (en) * 2009-01-09 2012-09-11 Ca, Inc. System and method for modifying execution of scripts for a job scheduler using deontic logic
US8832798B2 (en) 2011-09-08 2014-09-09 International Business Machines Corporation Transaction authentication management including authentication confidence testing
US8590018B2 (en) 2011-09-08 2013-11-19 International Business Machines Corporation Transaction authentication management system with multiple authentication levels
US9460311B2 (en) * 2013-06-26 2016-10-04 Sap Se Method and system for on-the-fly anonymization on in-memory databases
US11334353B2 (en) * 2017-05-18 2022-05-17 Nec Corporation Multiparty computation method, apparatus and program

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4845749A (en) * 1987-12-21 1989-07-04 Bell Communications Research, Inc. Secure teleconferencing system
US5974420A (en) * 1998-01-27 1999-10-26 International Business Machines Corporation Information exchange operator for a tuplespace
US6170061B1 (en) * 1998-02-04 2001-01-02 3Com Corporation Method and system for secure cable modem registration
US6553402B1 (en) * 1999-05-05 2003-04-22 Nextpage, Inc. Method for coordinating activities and sharing information using a data definition language

Also Published As

Publication number Publication date
GB2355140B (en) 2003-09-03
GB9923544D0 (en) 1999-12-08
CA2321407C (en) 2005-05-17
US7055170B1 (en) 2006-05-30
GB2355140A (en) 2001-04-11

Similar Documents

Publication Publication Date Title
CA2321407A1 (en) Security mechanisms and architecture for collaborative systems using tuple space
US6363154B1 (en) Decentralized systems methods and computer program products for sending secure messages among a group of nodes
CA2604926C (en) System topology for secure end-to-end communications between wireless device and application data source
US6718387B1 (en) Reallocating address spaces of a plurality of servers using a load balancing policy and a multicast channel
RU2289886C2 (en) Method, bridge, and system for data transfer between public data network device and intercom network device
JP2003503950A (en) Distributed group key management scheme for secure many-to-many communication
WO1998058473A3 (en) Network security and integration method and system
GB2386291B (en) Integrated procedure for partitioning network data services among multiple subscribers
WO2004060042A3 (en) System for digital rights management using distributed provisioning and authentication
CA2293419A1 (en) Architecture for virtual private networks
WO2004068722A3 (en) Method and apparatus for secure communications and resource sharing between anonymous non-trusting parties with no central administration
CA2462448A1 (en) Access and control system for network-enabled devices
WO2003038578A8 (en) User access control to distributed resources on a data communications network
ATE355684T1 (en) DEVICE FOR REALIZING VIRTUAL PRIVATE NETWORKS
EP1396979A3 (en) System and method for secure group communications
NZ333220A (en) Providing anonymous data transfer in GSM mobile phone system by authenticating mobile station without using unique identifier
WO2001043358A3 (en) Truly anonymous communications using supernets, with the provision of topology hiding
CA2327078A1 (en) Secure session management and authentication for web sites
CA2241052A1 (en) Application level security system and method
JP2003513513A (en) Arrangement and methods in communication networks
AU2001240383A1 (en) Secure network resource access system
PL367749A1 (en) System and method for responding to resource requests in distributed computer networks
WO2001043393A3 (en) Decoupling access control from key management in a network
RU2005132301A (en) SECURITY IN ARRIVAL LOCALIZATION NETWORKS
CN100596068C (en) Safety multicast method based on protocol of conversation initialization

Legal Events

Date Code Title Description
EEER Examination request
MKEX Expiry

Effective date: 20200928