CA2321407A1 - Security mechanisms and architecture for collaborative systems using tuple space - Google Patents
Security mechanisms and architecture for collaborative systems using tuple space Download PDFInfo
- Publication number
- CA2321407A1 CA2321407A1 CA002321407A CA2321407A CA2321407A1 CA 2321407 A1 CA2321407 A1 CA 2321407A1 CA 002321407 A CA002321407 A CA 002321407A CA 2321407 A CA2321407 A CA 2321407A CA 2321407 A1 CA2321407 A1 CA 2321407A1
- Authority
- CA
- Canada
- Prior art keywords
- tuple space
- sites
- secure
- effecting
- agents
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0471—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload applying encryption by an intermediary, e.g. receiving clear information at the intermediary and encrypting the received information at the intermediary before forwarding
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/062—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0272—Virtual private networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0869—Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/102—Entity profiles
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/123—Applying verification of the received information received data contents, e.g. message integrity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1466—Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
Abstract
According to the present invention, a virtual network communication system is provided for effecting secure communications between user agents at differen t sites within said virtual network, comprising at least one Private Tuple Space within each of the sites for effecting intra-site communications between the agents, a Shared Tuple Space for effecting inter-site communications between different sites, and a Coordinator Manager within each of the sites for receiving user initiat ed communication requests from the Private Tuple Space to communicate between user agents at the different sites, authenticating the requests and in response dynamically creating and managing instances of Coordinators at each of the different sit es which embed messages from the user agents in secure tuples using multi-layered encryption and exchange the secure tuples over the Shared Tuple Space.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
GB9923544A GB2355140B (en) | 1999-10-05 | 1999-10-05 | Security mechanism and architecture for collaborative software systems using tuple space |
GB9923544.2 | 1999-10-05 |
Publications (2)
Publication Number | Publication Date |
---|---|
CA2321407A1 true CA2321407A1 (en) | 2001-04-05 |
CA2321407C CA2321407C (en) | 2005-05-17 |
Family
ID=10862162
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CA002321407A Expired - Lifetime CA2321407C (en) | 1999-10-05 | 2000-09-28 | Security mechanisms and architecture for collaborative systems using tuple space |
Country Status (3)
Country | Link |
---|---|
US (1) | US7055170B1 (en) |
CA (1) | CA2321407C (en) |
GB (1) | GB2355140B (en) |
Families Citing this family (21)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
AU742639B3 (en) * | 2001-02-15 | 2002-01-10 | Ewise Systems Pty Limited | Secure network access |
GB2375264B (en) | 2001-05-02 | 2004-10-13 | Mitel Knowledge Corp | Remote assembly of messages for distributed applications |
US7656794B2 (en) * | 2002-01-24 | 2010-02-02 | General Instrument Corporation | Method and apparatus for authenticated quality of service reservation |
GB0218716D0 (en) | 2002-08-12 | 2002-09-18 | Mitel Knowledge Corp | Privacy and security mechanism fo presence systems with tuple spaces |
GB0218710D0 (en) | 2002-08-12 | 2002-09-18 | Mitel Knowledge Corp | Personalizable and customizable feature execution for ip telephony using operational semantics and deontic task trees |
US7702729B2 (en) * | 2003-04-08 | 2010-04-20 | Johanson Bradley E | Event heap: a coordination infrastructure for dynamic heterogeneous application interactions in ubiquitous computing environments |
US8171474B2 (en) * | 2004-10-01 | 2012-05-01 | Serguei Mankovski | System and method for managing, scheduling, controlling and monitoring execution of jobs by a job scheduler utilizing a publish/subscription interface |
US7464267B2 (en) * | 2004-11-01 | 2008-12-09 | Innomedia Pte Ltd. | System and method for secure transmission of RTP packets |
US20080022353A1 (en) * | 2006-03-06 | 2008-01-24 | Tresys Technology, Llc | Framework to simplify security engineering |
US20090077480A1 (en) * | 2007-06-19 | 2009-03-19 | Caunter Mark Leslie | Apparatus and method of managing electronic communities of users |
US20090063423A1 (en) * | 2007-06-19 | 2009-03-05 | Jackson Bruce Kelly | User interfaces for service object located in a distributed system |
KR20090044437A (en) * | 2007-10-31 | 2009-05-07 | 성균관대학교산학협력단 | Method and system for controlling access for mobile agents in home network environments |
US8977710B2 (en) * | 2008-06-18 | 2015-03-10 | Qualcomm, Incorporated | Remote selection and authorization of collected media transmission |
US8060603B2 (en) | 2008-06-18 | 2011-11-15 | Qualcomm Incorporated | Persistent personal messaging in a distributed system |
US20090319385A1 (en) * | 2008-06-18 | 2009-12-24 | Jackson Bruce Kelly | Monetizing and prioritizing results of a distributed search |
US20090320097A1 (en) * | 2008-06-18 | 2009-12-24 | Jackson Bruce Kelly | Method for carrying out a distributed search |
US8266477B2 (en) * | 2009-01-09 | 2012-09-11 | Ca, Inc. | System and method for modifying execution of scripts for a job scheduler using deontic logic |
US8832798B2 (en) | 2011-09-08 | 2014-09-09 | International Business Machines Corporation | Transaction authentication management including authentication confidence testing |
US8590018B2 (en) | 2011-09-08 | 2013-11-19 | International Business Machines Corporation | Transaction authentication management system with multiple authentication levels |
US9460311B2 (en) * | 2013-06-26 | 2016-10-04 | Sap Se | Method and system for on-the-fly anonymization on in-memory databases |
US11334353B2 (en) * | 2017-05-18 | 2022-05-17 | Nec Corporation | Multiparty computation method, apparatus and program |
Family Cites Families (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4845749A (en) * | 1987-12-21 | 1989-07-04 | Bell Communications Research, Inc. | Secure teleconferencing system |
US5974420A (en) * | 1998-01-27 | 1999-10-26 | International Business Machines Corporation | Information exchange operator for a tuplespace |
US6170061B1 (en) * | 1998-02-04 | 2001-01-02 | 3Com Corporation | Method and system for secure cable modem registration |
US6553402B1 (en) * | 1999-05-05 | 2003-04-22 | Nextpage, Inc. | Method for coordinating activities and sharing information using a data definition language |
-
1999
- 1999-10-05 GB GB9923544A patent/GB2355140B/en not_active Expired - Lifetime
-
2000
- 2000-09-28 CA CA002321407A patent/CA2321407C/en not_active Expired - Lifetime
- 2000-09-29 US US09/676,838 patent/US7055170B1/en not_active Expired - Lifetime
Also Published As
Publication number | Publication date |
---|---|
GB2355140B (en) | 2003-09-03 |
GB9923544D0 (en) | 1999-12-08 |
CA2321407C (en) | 2005-05-17 |
US7055170B1 (en) | 2006-05-30 |
GB2355140A (en) | 2001-04-11 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CA2321407A1 (en) | Security mechanisms and architecture for collaborative systems using tuple space | |
US6363154B1 (en) | Decentralized systems methods and computer program products for sending secure messages among a group of nodes | |
CA2604926C (en) | System topology for secure end-to-end communications between wireless device and application data source | |
US6718387B1 (en) | Reallocating address spaces of a plurality of servers using a load balancing policy and a multicast channel | |
RU2289886C2 (en) | Method, bridge, and system for data transfer between public data network device and intercom network device | |
JP2003503950A (en) | Distributed group key management scheme for secure many-to-many communication | |
WO1998058473A3 (en) | Network security and integration method and system | |
GB2386291B (en) | Integrated procedure for partitioning network data services among multiple subscribers | |
WO2004060042A3 (en) | System for digital rights management using distributed provisioning and authentication | |
CA2293419A1 (en) | Architecture for virtual private networks | |
WO2004068722A3 (en) | Method and apparatus for secure communications and resource sharing between anonymous non-trusting parties with no central administration | |
CA2462448A1 (en) | Access and control system for network-enabled devices | |
WO2003038578A8 (en) | User access control to distributed resources on a data communications network | |
ATE355684T1 (en) | DEVICE FOR REALIZING VIRTUAL PRIVATE NETWORKS | |
EP1396979A3 (en) | System and method for secure group communications | |
NZ333220A (en) | Providing anonymous data transfer in GSM mobile phone system by authenticating mobile station without using unique identifier | |
WO2001043358A3 (en) | Truly anonymous communications using supernets, with the provision of topology hiding | |
CA2327078A1 (en) | Secure session management and authentication for web sites | |
CA2241052A1 (en) | Application level security system and method | |
JP2003513513A (en) | Arrangement and methods in communication networks | |
AU2001240383A1 (en) | Secure network resource access system | |
PL367749A1 (en) | System and method for responding to resource requests in distributed computer networks | |
WO2001043393A3 (en) | Decoupling access control from key management in a network | |
RU2005132301A (en) | SECURITY IN ARRIVAL LOCALIZATION NETWORKS | |
CN100596068C (en) | Safety multicast method based on protocol of conversation initialization |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
EEER | Examination request | ||
MKEX | Expiry |
Effective date: 20200928 |