公开(公告)号：US20150058913A1

公开(公告)日：2015-02-26

申请号：US13973109

申请日：2013-08-22

Applicant: Cisco Technology, Inc.

Inventor： Thamilarasu Kandasamy ,  Ly Loi ,  Rajeshwar Singh Jenwar

IPC: H04L29/06

CPC classification number: H04L63/061 ,  H04L9/14 ,  H04L63/20

Abstract: Techniques are presented for establishing context awareness during first negotiation of secure key exchange. These techniques may be embodied as a method, apparatus or instructions in a computer-readable storage media. At a first network device, a message is received from a second network device as part of an initial exchange of information of a secure key exchange, the message containing information indicating one or more secure key exchange policies acceptable to the second network device and defining one or more associated security parameters. The message further contains context-specific information identifying a context of the second network device. The first network device selects a secure key exchange policy for communicating with the second network device based upon the context-specific information and sends a response message to the second network device containing the selected secure key exchange policy. If the context was understood, the response message also includes context-specific information.

Abstract translation: 提出了在安全密钥交换的首次协商期间建立上下文感知的技术。 这些技术可以体现为计算机可读存储介质中的方法，装置或指令。 在第一网络设备处，作为安全密钥交换的信息的初始交换的一部分，从第二网络设备接收消息，该消息包含指示第二网络设备可接受的一个或多个安全密钥交换策略的信息，并且定义一个 或更多相关的安全参数。 该消息还包含识别第二网络设备的上下文的上下文特定信息。 第一网络设备基于上下文特定信息选择用于与第二网络设备进行通信的安全密钥交换策略，并向包含所选择的安全密钥交换策略的第二网络设备发送响应消息。 如果上下文被理解，响应消息还包括上下文特定信息。

公开(公告)号：US09124564B2

公开(公告)日：2015-09-01

申请号：US13973109

申请日：2013-08-22

Applicant: Cisco Technology, Inc.

Inventor： Thamilarasu Kandasamy ,  Ly Loi ,  Rajeshwar Singh Jenwar

IPC: H04L29/06 ,  H04L9/14

CPC classification number: H04L63/061 ,  H04L9/14 ,  H04L63/20

Abstract: Techniques are presented for establishing context awareness during first negotiation of secure key exchange. These techniques may be embodied as a method, apparatus or instructions in a computer-readable storage media. At a first network device, a message is received from a second network device as part of an initial exchange of information of a secure key exchange, the message containing information indicating one or more secure key exchange policies acceptable to the second network device and defining one or more associated security parameters. The message further contains context-specific information identifying a context of the second network device. The first network device selects a secure key exchange policy for communicating with the second network device based upon the context-specific information and sends a response message to the second network device containing the selected secure key exchange policy. If the context was understood, the response message also includes context-specific information.

Abstract translation: 提出了在首次协商安全密钥交换时建立上下文感知的技术。 这些技术可以体现为计算机可读存储介质中的方法，装置或指令。 在第一网络设备处，作为安全密钥交换的信息的初始交换的一部分，从第二网络设备接收消息，该消息包含指示第二网络设备可接受的一个或多个安全密钥交换策略的信息，并且定义一个 或更多相关的安全参数。 该消息还包含识别第二网络设备的上下文的上下文特定信息。 第一网络设备基于上下文特定信息选择用于与第二网络设备进行通信的安全密钥交换策略，并向包含所选择的安全密钥交换策略的第二网络设备发送响应消息。 如果上下文被理解，响应消息还包括上下文特定信息。