摘要 |
A security system for securing data paths in a network responds to events to change parameters of the security features in use. For example, it can change the type of encryption algorithm being used, or parameters of the encryption algorithm such as the key length or number of rounds of negotiation, or it can change a data transfer protocol. Events which the security system can respond to include user action, such as logging on to a more expensive service or moving their network location, or date or time, or patterns of usage in the network. The system processes incoming data using rules to determine a response. Parameters are changed by outputting configuration data to communication devices attached to the network, such as the head end and television receivers in a digital television system. In a preferred form of the system, the parameters of the security features in use can be dependent on network location, introducing diversity to the system which makes the security more difficult to penetrate.
|