Protection of security critical data in networks
First Claim
1. Network system comprising at least one central unit ZE, at least one service unit SE physically connected with ZE and an arbitrary number of physically with ZE connected peripheral units PE1 . . . n, wherein ZE executes at least one thread—
- called central process or thread—
, SE executes at least one thread S called critical service—
, the peripheral or central units execute an arbitrary number of peripheral threads and wherein at least one critical service can build-up or accept at least one standing logical bidirectional communication connection to or from at least one central process, and wherein on top of said connection(s) between the critical service(s) and the central process(es) no further connections can be build-up or accepted by threads running on SE, and wherein direct logical communication connections between peripheral threads running on a peripheral or a central unit and ZE can be established, such that data stored on SE is accessible for the central processes only via a critical service and for the peripheral processes only via a central process and a critical service.
0 Assignments
0 Petitions
Accused Products
Abstract
Existing network systems based upon the client/server principle require on the server side the provision of open connection endpoints. The large number of server processes implies a large number of open connection endpoints. Each open connection endpoint is also a potential target for an ill-minded attacker. The present invention minimizes the risk of a break-in into a network with security critical data.
This problem is solved by minimizing the number of open connection endpoints, the temporary opening of selected connection endpoints and the random choice of the local identifications of the opened connection endpoints. Additionally, security critical data is isolated onto machines, which after build-up of predefined standing connections do not provide any open connection endpoints or establish further connections. This prohibits the build-up of uncontrolled connections to units storing security critical data and still offers the controlled access of the security critical data within the network. Security critical services are able to provide different protocols for different connections and allow the remote administration of the security critical data without granting normal clients access to administrative protocols or functions. Individual protocols or individual functions of individual protocols can be activated, deactivated, dynamically loaded or released into or out of the addressable memory of a security critical service during normal operation.
23 Citations
36 Claims
-
1. Network system comprising at least one central unit ZE, at least one service unit SE physically connected with ZE and an arbitrary number of physically with ZE connected peripheral units PE1 . . . n, wherein ZE executes at least one thread—
- called central process or thread—
, SE executes at least one thread S called critical service—
, the peripheral or central units execute an arbitrary number of peripheral threads and wherein at least one critical service can build-up or accept at least one standing logical bidirectional communication connection to or from at least one central process, and wherein on top of said connection(s) between the critical service(s) and the central process(es) no further connections can be build-up or accepted by threads running on SE, and wherein direct logical communication connections between peripheral threads running on a peripheral or a central unit and ZE can be established, such that data stored on SE is accessible for the central processes only via a critical service and for the peripheral processes only via a central process and a critical service. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36)
- called central process or thread—
Specification