公开(公告)号：US09130937B1

公开(公告)日：2015-09-08

申请号：US13042300

申请日：2011-03-07

申请人： Jason E. Ostermann ,  Teresa M. Bieda ,  Matthew J. Hicks ,  Alan T. Huch ,  Richard J. Ernst ,  Shelli J. Richard

发明人： Jason E. Ostermann ,  Teresa M. Bieda ,  Matthew J. Hicks ,  Alan T. Huch ,  Richard J. Ernst ,  Shelli J. Richard

IPC分类号： G06F17/00 ,  H04L29/06 ,  H04L12/417 ,  G06F21/60

CPC分类号： H04L63/10 ,  G06F21/33 ,  G06F21/60 ,  H04L12/417 ,  H04L63/0227 ,  H04L63/029 ,  H04L63/0807 ,  H04L63/102 ,  H04L63/105 ,  H04L63/108 ,  H04L63/12 ,  H04L63/16 ,  H04L63/168

摘要： In certain embodiments, a method includes receiving a message at a first network interface of a first node. The first network interface communicates with a first network while a second network interface communicates with a second network. The method includes determining a set of expected tokens and an expected order of tokens. A plurality of tokens are accessed that were generated for the message, each of the plurality of tokens associated with a policy service of a plurality of policy services. The method includes generating a plurality of decrypted tokens from the plurality of tokens using a first parameter associated with the plurality of policy services and validating the decrypted tokens by comparing the decrypted tokens to the set of expected tokens. In response to validating the decrypted tokens and determining that the decrypted tokens are in the expected order, an approval is generated.

摘要翻译： 在某些实施例中，一种方法包括在第一节点的第一网络接口处接收消息。 第一网络接口与第一网络通信，而第二网络接口与第二网络通信。 该方法包括确定一组预期令牌和令牌的期望顺序。 访问为消息生成的多个令牌，多个令牌中的每一个令牌与多个策略服务的策略服务相关联。 该方法包括使用与多个策略服务相关联的第一参数从多个令牌生成多个解密令牌，并通过将解密的令牌与预期令牌集进行比较来验证解密的令牌。 响应于验证解密的令牌并确定解密的令牌处于预期顺序，生成批准。