Routing systems and methods

US 10,375,088 B2
Filed: 08/14/2015
Issued: 08/06/2019
Est. Priority Date: 06/04/2015
Status: Active Grant

First Claim

Patent Images

1. An apparatus comprising:

a network interface connected to a public computer network;

a secure system comprising one or more memory devices storing data;

a routing system disposed between the network interface and the secure system;

the routing system wherein (1) a first unidirectional communication channel enables communication from the network interface to the routing system, (2) a second unidirectional communication channel enables communication from the routing system to the network interface, (3) a third unidirectional communication channel enables communication from the secure system to the routing system, and (4) a fourth unidirectional communication channel enables communication from the routing system to the secure system;

the routing system wherein the first, second, third, and fourth unidirectional communication channels each includes an air gap;

the routing system wherein the air gap for the first and third unidirectional communication channels includes a video display monitor and a machine vision interface interpreting one or more images displayed on the video display monitor;

the routing system wherein the air gap for the second and fourth unidirectional communication channels includes a virtual keyboard and mouse interface; and

the routing system accessing the data in the secure system and communicating the data to the network interface.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Example routing systems and methods are described. In one implementation, an apparatus includes a network interface, a secure system, and a routing system disposed between the network interface and the secure system. The routing system communicates with the network interface along a first data transmission channel and communicates with the secure system along a second data transmission channel. The secure system is not visible from the network interface. The routing system accesses data in the secure system and communicates the data to the network interface.

Citations

16 Claims

1. An apparatus comprising:
- a network interface connected to a public computer network;
  
  a secure system comprising one or more memory devices storing data;
  
  a routing system disposed between the network interface and the secure system;
  
  the routing system wherein (1) a first unidirectional communication channel enables communication from the network interface to the routing system, (2) a second unidirectional communication channel enables communication from the routing system to the network interface, (3) a third unidirectional communication channel enables communication from the secure system to the routing system, and (4) a fourth unidirectional communication channel enables communication from the routing system to the secure system;
  
  the routing system wherein the first, second, third, and fourth unidirectional communication channels each includes an air gap;
  
  the routing system wherein the air gap for the first and third unidirectional communication channels includes a video display monitor and a machine vision interface interpreting one or more images displayed on the video display monitor;
  
  the routing system wherein the air gap for the second and fourth unidirectional communication channels includes a virtual keyboard and mouse interface; and
  
  the routing system accessing the data in the secure system and communicating the data to the network interface.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 12)
- - 2. The apparatus of claim 1, wherein the routing system communicates data from the network interface to the secure system.
  - 3. The apparatus of claim 1, wherein data transmitted to and from a client device coupled with the network interface via the public computer network is encrypted by the routing system.
  - 4. The apparatus of claim 1, wherein the routing system is further configured to use an instruction set based on one or more lookup tables, wherein operations of the routing system are based on commands included in the instruction set.
  - 5. The apparatus of claim 4, wherein the routing system is further configured to ignore commands outside of the instruction set.
  - 6. The apparatus of claim 1, wherein the routing system isolates and protects the secure system from attacks via the network interface.
  - 7. The apparatus of claim 1, further comprising a connection between the routing system and a mobile telecommunications network, wherein the connection between the routing system and the mobile telecommunications network is used to perform supplementary authentication for a user wishing to access the secure system.
  - 8. The apparatus of claim 1, wherein the secure system is a secure database.
  - 12. The apparatus of claim 1, wherein the routing system initiates a symbolic https connection with a client device communicatively coupled to the network interface.

9. A method comprising:
- receiving, at a terminal including a video display monitor, a request to access data in a secure database;
  
  translating, by the terminal, the request to access data in the secure database;
  
  communicating, via a first unidirectional communication channel, the translated request from the terminal to a routing system, the first unidirectional communication channel including an air gap comprising the video display monitor and a machine vision interface interpreting one or more images displayed on the video display monitor;
  
  the routing system accessing the requested data in the secure database based on the translated request;
  
  the routing system communicating the requested data to the terminal via a second unidirectional communication channel, the second unidirectional channel including an air gap comprising a virtual keyboard and mouse interface;
  
  the terminal translating the data received from the routing system; and
  
  the terminal communicating the requested data to a source of the request.
- View Dependent Claims (10, 11, 13, 14, 15, 16)
- - 10. The method of claim 9, wherein translating the request includes rendering the request on the video display monitor, and wherein the routing system reads the translated request from the video display monitor via the machine vision interface.
  - 11. The method of claim 9, wherein the routing system communicates the requested data to the terminal via the virtual keyboard and mouse interface.
  - 13. The method of claim 9, wherein the routing system uses an instruction set based on one or more lookup tables.
  - 14. The method of claim 13, further comprising ignoring, by the routing system, any instructions outside of the instruction set.
  - 15. The method of claim 9, further comprising initiating, by the routing system, a symbolic https connection with a client device associated with the request.
  - 16. The method of claim 15, further comprising encrypting, using a public and private key system, data associated with the symbolic https connection by the routing system.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Vm-Robot, Inc.
Original Assignee
Vm-Robot, Inc.
Inventors
Black, Alistair, Swarup, Ashitosh
Primary Examiner(s)
King, John B
Assistant Examiner(s)
Dhruv, Darshan I

Application Number

US14/827,144
Publication Number

US 20160359874A1
Time in Patent Office

1,453 Days
Field of Search
US Class Current
CPC Class Codes

H04L 45/00   Routing or path finding of ...

H04L 63/02   for separating internal fro...

H04L 63/0281   Proxies

H04L 63/18   using different networks or...

H04W 12/069   using certificates or pre-s...

Routing systems and methods

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Routing systems and methods

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links