Context-aware network and situation management for crypto-partitioned networks
First Claim
Patent Images
1. A method for providing network management, the method comprising:
- gathering first network information from first network elements in one or more trusted networks;
receiving second network information through a one-way guard, the second information from second network elements in one or more untrusted networks;
correlating one or more data flows associated with the first network information to one or more encrypted data tunnels associated with the second network information to form fused network information;
generating a cross-domain network topology for the one or more trusted networks and the one or more untrusted networks based on the fused network information, wherein the cross-domain network topology depicts at least one of the one or more data flows in the trusted network as being contained in at least one of the one or more encrypted data tunnels based on the correlation of the one or more data flows in the trusted network to the one or more encrypted data tunnels in the untrusted network; and
managing at least one of the second network elements identified in the cross-domain topology.
1 Assignment
0 Petitions
Accused Products
Abstract
This disclosure describes a context aware scalable dynamic network whereby network information concerning network elements in an untrusted (Black) network are gathered by network sensors, stored at a network sensor collector, and sent to another network sensor collector in a trusted (Red) network through a one-way guard. At the Red network, the network information from the Black network may be combined with network information from one or more Red networks. The combined network information may then be used to visualize a cross-domain network topology of both Red and Black networks, and to implement network management functions.
-
Citations
20 Claims
-
1. A method for providing network management, the method comprising:
-
gathering first network information from first network elements in one or more trusted networks; receiving second network information through a one-way guard, the second information from second network elements in one or more untrusted networks; correlating one or more data flows associated with the first network information to one or more encrypted data tunnels associated with the second network information to form fused network information; generating a cross-domain network topology for the one or more trusted networks and the one or more untrusted networks based on the fused network information, wherein the cross-domain network topology depicts at least one of the one or more data flows in the trusted network as being contained in at least one of the one or more encrypted data tunnels based on the correlation of the one or more data flows in the trusted network to the one or more encrypted data tunnels in the untrusted network; and managing at least one of the second network elements identified in the cross-domain topology. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. An apparatus comprising:
a computing device located in a first trusted network of one or more trusted networks, the computing device executing a network management system, the computing device comprising; a database configured to store network information; and one or more processors configured to; gather first network information from first network elements in the one or more trusted networks; receive second network information through a one-way guard, the second information from second network elements in one or more untrusted networks; correlate one or more data flows associated with the first network information to one or more encrypted data tunnels associated with the second network information to form fused network information; generate a cross-domain network topology for the one or more trusted networks and the one or more untrusted networks based on the fused network information, wherein the cross-domain network topology depicts at least one of the one or more data flows in the trusted network as being contained in at least one of the one or more encrypted data tunnels based on the correlation of the one or more data flows in the trusted network to the one or more encrypted data tunnels in the untrusted network; and manage at least one of the second network elements identified in the cross-domain topology. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
-
18. A computer-readable storage medium storing instructions that, when executed, cause one or more processors to:
-
gather first network information from first network elements in one or more trusted networks; receive second network information through a one-way guard, the second information from second network elements in one or more untrusted networks receive at least the second network information through a one-way guard; correlate one or more data flows associated with the first network information to one or more encrypted data tunnels associated with the second network information to form fused network information; generate a cross-domain network topology for the one or more trusted networks and the one or more untrusted networks based on the fused network information, wherein the cross-domain network topology depicts at least one of the one or more data flows in the trusted network as being contained in at least one of the one or more encrypted data tunnels based on the correlation of the one or more data flows in the trusted network to the one or more encrypted data tunnels in the untrusted network; and manage at least one of the second network elements identified in the cross-domain topology. - View Dependent Claims (19, 20)
-
Specification