Appeal 2007-2120
Application 09/911,149
STATEMENT OF THE CASE
Appellants invented a method for establishing secure communications
between computers via a network. The invention uses a security standards
framework (“IPSec”) that allows a system to select required security
protocols, determine the appropriate security algorithm, and implement any
required cryptographic keys. To this end, data structures known as security
associations (SAs) are utilized which comprise predetermined data fields: (1)
the IP destination address; (2) security protocol; and (3) a Security
Parameter Index (SPI).1
The SAs are stored in a Security Association Database (SAD).
Conventionally, accessing the SAD involved creating a hash key from the
three values constituting the SA to hash into the SAD and thereafter
conducting a linear search for a match.2
The claimed invention, however, improves on this approach by
assigning the specific memory address value of the stored SA as the SPI
value. Such an improvement eliminates the need for elaborate and time
consuming SAD table lookup algorithms. The invention also allows fast and
efficient SA lookup without significantly impacting memory access
bandwidth (Specification 4:5-26, 10:22-26).
Claim 1 is illustrative with the relevant limitations in dispute
emphasized:
1 The SPI is a randomly generated 32-bit value that distinguishes among
different SAs established at the same destination address and using the same
security protocol (Specification 3:3-6).
2 See generally Specification 1:15 - 3:24.
2
Page: Previous 1 2 3 4 5 6 7 8 Next
Last modified: September 9, 2013