System and method for providing unified transport and security protocols

摘要

The system and method described herein may provide unified transport and security protocols. In particular, the unified transport and security protocols may include a Secure Frame Layer transport and security protocol that includes stages for initially configuring a requester device and a responder device, identifying the requester device and the responder device to one another, and authenticating message frames communicated between the requester device and the responder device. Additionally, the unified transport and security protocols may further include a Secure Persistent User Datagram Protocol that includes modes for processing message frames received at the requester device and the responder device, recovering the requester device in response to packet loss, retransmitting lost packets sent between the requester device and the responder device, and updating location information for the requester device to restore a communications session between the requester device and the responder device.

主权项

1. A responder device for facilitating mutual authentication of data packets exchanged between the responder device and a requester device, the responder device comprising:
a memory configured to store a first value, the first value uniquely corresponding to the requester device; and responder logic configured to execute on the responder device and cause the responder device to: receive a first set of one or more data packets from the requester device; authenticate the first set of one or more data packets are from the requester device by determining whether the first set of the one or more data packets include the first value as stored in the memory; discard the one or more data packets if the first set of the one or more data packets are not authenticated as being from the requester device; obtain one or more secrets included in the first set of the one or more data packets and calculate a second value based on the one or more secrets, the second value being calculated to facilitate the requester device to authenticate data packets are from the responder device; generate a second set of one or more data packets, the second set of the one or more data packets including the second value; transmit the second set of the one or more data packets to the requester device; update a location of the requester device in response to the first set of the one or more data packets including an update request; and cause the responder device to trigger a recovery mode in response to receiving a predetermined number of subsequent data packets are not authenticated as being from the requester device.