Multilevel secure network access system
First Claim
1. A method of allowing access by a workstation connected to a first network of a highest security level, to information in a second network of a lower security level, the method comprising the steps of:
- routing connections for input devices for the workstation to a proxy in the second network;
establishing a remotable session in the second network;
connecting the input devices to the remotable session through the proxy in the second network so that the input devices are operable to control applications running in the remotable session;
sending output from the remotable session through the proxy in the second network to a proxy in the first network through a diode that ensures that information only flows in one direction; and
forwarding the output from the proxy in the first network to a remote session viewer at the workstation.
3 Assignments
0 Petitions
Accused Products
Abstract
Multilevel secure network access system. A workstation can access information having two or more different security classifications stored on servers within networks. Servers of one security classification are isolated from servers of another security classification by each type of server being disposed within its own isolated network or network segment. A switching unit controls input device access from a workstation. Data diodes between the networks in combination with proxy software located within each network keep data isolated. The viewing of information from at least some of the networks is accomplished through so-called “thin” or “ultra-thin” client software installed on the workstation. The use of such an ultra-thin enclave client minimizes the amount of data stored on the workstation and therefore any commingling of data of different security levels at the workstation. It also allows commercial off-the-shelf (COTS) software to be used without modification.
290 Citations
16 Claims
-
1. A method of allowing access by a workstation connected to a first network of a highest security level, to information in a second network of a lower security level, the method comprising the steps of:
-
routing connections for input devices for the workstation to a proxy in the second network;
establishing a remotable session in the second network;
connecting the input devices to the remotable session through the proxy in the second network so that the input devices are operable to control applications running in the remotable session;
sending output from the remotable session through the proxy in the second network to a proxy in the first network through a diode that ensures that information only flows in one direction; and
forwarding the output from the proxy in the first network to a remote session viewer at the workstation. - View Dependent Claims (2)
-
-
3. Apparatus for allowing access by a workstation connected to a first network of a highest security level, to information in a second network of a lower security level, the apparatus comprising:
-
means for routing connections for input devices for the workstation to a proxy in the second network;
means for establishing a remotable session in the second network;
means for connecting the input devices to the remotable session through the proxy in the second network so that the input devices are operable to control applications running in the remotable session;
means for sending output from the remotable session through the proxy in the second network to a proxy in the first network through a diode that ensures that information only flows in one direction; and
means for forwarding the output from the proxy in the first network to a remote session viewer at the workstation.
-
-
4. A system for selectively allowing access by a workstation connected to a plurality of networks to information in a network of the highest security level or in a selected network from one or more other networks of lower security levels, the system comprising:
-
a switching unit for selectively routing connections for input devices to the workstation or to the selected network;
a plurality of programmable computer systems disposed in the plurality of networks, each of the programmable computer systems operable to execute applications under the control of the workstation;
a plurality of diode servers disposed one each in each of the plurality of networks, each diode server in the one or more other networks connected to the switching unit and at least one programmable computer system and operable as a proxy to connect the switching unit to a remotable session in the selected network, a selected diode server further operable to forward output from the remotable session to the network of the highest security level for display in a remote session viewer at the workstation; and
one or more diodes disposed one each between a diode server in one of the one or more other networks and a diode server in the network of the highest security level so that information can flow only from the selected network to the network of the highest security level.
-
-
5. A method of operating a server to proxy access by a workstation connected to a first network of a highest security level, to information in a second network of a lower security level, the method comprising the steps of:
-
establishing a remotable session in the second network;
connecting the input devices to the remotable session through the server so that the input devices are operable to control applications running in the remotable session; and
sending output from the remotable session to the first network through a diode that ensures that information only flows from the server in the second network to the first network. - View Dependent Claims (6)
-
-
7. A computer program product for enabling a server to proxy access by a workstation connected to a first network of a highest security level, to information in a second network of a lower security level, the computer program product including a computer program comprising:
-
instructions for establishing a remotable session in the second network;
instructions for connecting the input devices to the remotable session through the server so that the input devices are operable to control applications running in the remotable session; and
instructions for sending output from the remotable session to the first network through a diode that ensures that information only flows from the server in the second network to the first network. - View Dependent Claims (8, 9, 10)
-
-
11. Apparatus for granting access by a workstation connected to a first network of a highest security level, to information in a second network of a lower security level, the apparatus comprising:
-
means for establishing a remotable session in the second network;
means for connecting the input devices to the remotable session so that the input devices are operable to control applications running in the remotable session; and
means for sending output from the remotable session to the first network through a diode that ensures that information only flows from the second network to the first network. - View Dependent Claims (13, 16)
-
-
12. A programmed computer system which is operable to proxy access by a workstation connected to a first network of a highest security level, to information in a second network of a lower security level by performing the steps of:
-
establishing a remotable session in the second network;
connecting the input devices to the remotable session through the server so that the input devices are operable to control applications running in the remotable session; and
sending output from the remotable session to the first network through a diode that ensures that information only flows from the server in the second network to the first network.
-
-
14. A system for allowing access by a workstation connected to a first network of a highest security level, to information in a second network of a lower security level, the system comprising:
-
a diode handler object for communicating between the system and a diode that allows information to flow in only one direction; and
a proxy server object for interconnecting the diode handler object to a remotable session viewer in the workstation.
-
-
15. A system for allowing access by a workstation connected to a first network of a highest security level, to information in a second network of a lower security level, the system comprising:
-
a diode handler object for communicating between the system and a diode that allows information to flow in only one direction;
a proxy client object for interconnecting the diode handler object to a remotable session; and
a switch handler object connected to the proxy client object for communicating between the proxy client object and a switching unit.
-
Specification