Physical switched network security

US 20020133717A1
Filed: 03/13/2001
Published: 09/19/2002
Est. Priority Date: 03/13/2001
Status: Abandoned Application

First Claim

Patent Images

1. A system for securing a private network of computer resources accessible to users of an external communications network, comprising:

a private network gateway, and a circuit switch;

the private network gateway connected in series with the circuit switch between the external communications network and the private network, and the private network gateway including an intruder detector which produces an alarm output when intruder activity is detected; and

the circuit switch selectively disconnecting the external communications network from the private network responsive to the alarm output of the intruder detector.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A security system for a communications network includes a system which audits and monitors network activity for an intruder. The system also includes a circuit switch which makes and breaks a physical connection between an external portion of the communications network and a private portion of the communications network. The auditing and monitoring system is connected to the circuit switch, preferably through a back channel inaccessible to an intruder, to control the circuit switch to disconnect the intruder from the private portion of the communications network and to connect the intruder to a decoy in a substantially undetectable manner.

Citations

17 Claims

1. A system for securing a private network of computer resources accessible to users of an external communications network, comprising:
- a private network gateway, and a circuit switch;
  
  the private network gateway connected in series with the circuit switch between the external communications network and the private network, and the private network gateway including an intruder detector which produces an alarm output when intruder activity is detected; and
  
  the circuit switch selectively disconnecting the external communications network from the private network responsive to the alarm output of the intruder detector.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 14, 15, 16, 17)
- - 2. The system of claim 1, further comprising:
    - a decoy computer resource connected to the circuit switch;
      
      the circuit switch selectively connecting the private network gateway to the decoy computer resource responsive to the alarm output of the intruder detector.
  - 3. The system of claim 2, wherein the circuit switch transfers the connection of the private network gateway from the private network to the decoy computer resource in a time period not noticeable to a human user.
  - 4. The system of claim 3, wherein the time period is less than 100 mS.
  - 5. The system of claim 4, wherein the time period is less than 100 μ
    - S.
  - 6. The system of claim 5, wherein the time period is less than 100 nS.
  - 7. The system of claim 6, wherein the time period is about 90 nS.
  - 8. The system of claim 1, wherein the circuit switch connects a digital input signal to a digital output signal through a digital circuit switch matrix.
  - 9. The system of claim 1, wherein the circuit switch connects an input signal to an output signal through an analog circuit switch matrix.
  - 10. The system of claim 1, wherein the circuit switch connects an optical input signal to an optical output signal through an optical circuit switch matrix.
  - 11. The system of claim 1, wherein the circuit switch is located on premises containing equipment of the external communications network.
  - 12. The system of claim 1, wherein the circuit switch is located on premises containing equipment of the private network.
  - 14. The system of claim 13, wherein the time period is less than 100 mS.
  - 15. The system of claim 14, wherein the time period is less than 100 μ
    - S.
  - 16. The system of claim 15, wherein the time period is less than 100 nS.
  - 17. The system of claim 16, wherein the time period is about 90 nS.

13. A method of securing a private network of computer resources accessible to users of an external communications network, comprising:
- detecting an intruder to the private network from the external communications network;
  
  generating an alarm signal responsive to the step of detecting; and
  
  reconnecting the intruder from the private network to a decoy resource in a time period not noticeable to the intruder.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Tech Laboratories, Inc. (Renewal Fuels, Inc.)
Original Assignee
Tech Laboratories, Inc. (Renewal Fuels, Inc.)
Inventors
Grisafi, Salvatore, Ciongoli, Bernard M.

Application Number

US09/808,102
Publication Number

US 20020133717A1
Time in Patent Office

Days
Field of Search
US Class Current

713/201
CPC Class Codes

H04L 63/0209   Architectural arrangements,...

H04L 63/1408   by monitoring network traff...

H04L 63/1491   using deception as counterm...

Physical switched network security

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Physical switched network security

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links