Multi-level security network system

US 20030005331A1
Filed: 08/22/2001
Published: 01/02/2003
Est. Priority Date: 08/06/1998
Status: Active Grant

First Claim

Patent Images

1. A security device for connecting a host computer from a host bus to a computer network, the security device comprising a local bus, a network interface connecting said local bus to the computer network, and a two-port memory device connecting said local bus to the host bus.

View all claims

16 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A network prevents unauthorized users from gaining access to confidential information. The network has various workstations and servers connected by a common medium and through a router to the Internet. The network has two major components, a Network Security Center (NSC) and security network interface cards or devices. The NSC is an administrative workstation through which the network security officer manages the network as a whole as well as the individual security devices. The security devices are interposed between each of workstation, including the NSC, and the common medium and operate at a network layer (layer 3) of the protocol hierarchy. The network allows trusted users to access outside information, including the Internet, while stopping outside attackers at their point of entry. At the same time, the network limits an unauthorized insider to information defined in their particular security profile. The user may select which virtual network to access at any given time. The result is trusted access to multiple secure Virtual Private Networks (VPN), all from a single desktop machine.

164 Citations

53 Claims

1. A security device for connecting a host computer from a host bus to a computer network, the security device comprising a local bus, a network interface connecting said local bus to the computer network, and a two-port memory device connecting said local bus to the host bus.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 14, 15, 16, 17, 18, 20, 21, 22, 23, 24, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49)
- - 2. The security device of claim 1, wherein the two-port memory device has two bus interfaces, a first interface for communicating with the host bus and a second interface for communicating with the local bus.
  - 3. The security device of claim 2, wherein information to be passed between the host bus and the local bus can not be simultaneously located on the first interface and the second interface.
  - 4. The security device of claim 2, wherein information to be transmitted from a sending host to a receiving host is written from the host bus to the first interface, then read from the first interface to the second interface.
  - 5. The security device of claim 1, wherein the two-port memory device comprises a two-port RAM.
  - 6. The security device of claim 1, further comprising an internal system memory connected to said local bus for storing information for said firmware and said interface.
  - 7. The security device of claim 1, further comprising a cipher unit connected to the local bus.
  - 8. The security device of claim 1, further comprising an authentication interface unit for authenticating a computer user.
  - 9. The security device of claim 1, wherein said interface comprises a network coprocessor.
  - 10. The security device of claim 1, wherein the network comprises a local area, Ethernet or token ring network.
  - 11. The security device of claim 1, further comprising a central processing unit for implementing firmware.
  - 12. The security device of claim 1, wherein security is implemented at a network layer of protocol hierarchy.
  - 14. The method of claim 13, wherein the step of implementing security mechanisms comprises the steps of determining if the receiving computer is in a transmit list and consistent with a transmit security window and, if both conditions are not satisfied then terminating the transmission of information, otherwise encrypting the information to be transmitted.
  - 15. The method of claim 14, wherein the steps of determining if the receiving computer is in a transmit list and consistent with a transmit security window comprises the steps of performing discretionary access control and mandatory access control, respectively.
  - 16. The method of claim 13, further comprising the step of generating an audit in addition to terminating the flow of information.
  - 17. The method of claim 13, wherein security is implemented at a network layer of protocol hierarchy.
  - 18. The method of claim 19, the method being implemented by security devices, one security device connected to each one the sending computer and the receiving computer.
  - 20. The method of claim 19, wherein the step of implementing security mechanisms comprises the steps of determining if the transmitting computer is in a receive list and consistent with a receive security window and, if both conditions are not satisfied then terminating the transmission of information, otherwise decrypting the information to be received.
  - 21. The method of claim 20, wherein the steps of determining if the transmitting computer is in a receive list and consistent with a receive security window comprises the steps of performing discretionary access control and mandatory access control, respectively.
  - 22. The method of claim 19, further comprising the step of generating an audit in addition to terminating the flow of information.
  - 23. The method claim 19, wherein security is implemented at a network layer of protocol hierarchy.
  - 24. The method of claim 19, the method being implemented by security devices, one security device connected to each one the sending computer and the receiving computer.
  - 26. The network of claim 25, wherein the at least one destination comprises at least one other host computer of the network or the untrusted line.
  - 27. The network of claim 25, the security device implementing security mechanisms when the host computer connects to a trusted destination.
  - 28. The network of claim 25, the security device not implementing security mechanisms when the host computer connects to an untrusted destination.
  - 29. The network of claim 25, wherein the untrusted line comprises the Internet.
  - 30. The network of claim 25, wherein a user cannot simultaneously communicate with a trusted destination and an untrusted destination.
  - 31. The network of claim 25, wherein a user is prevented from simultaneously connecting to destinations having different security levels.
  - 32. The network of claim 25, wherein a user can only select one profile at a time.
  - 33. The network of claim 25, wherein the user profiles define virtual private networks of communication comprising subsets of host computers.
  - 34. The network of claim 25, wherein security is implemented at a network layer of protocol hierarchy.
  - 35. The network of claim 25, wherein at least one user profile has only one destination.
  - 36. The network of claim 25, wherein the destination in a user'"'"'s profile correspond to a level of security granted the user.
  - 37. The network of claim 25, wherein the security devices are integrated with the associated host computer.
  - 39. The method of claim 38, wherein the at least one destination comprises at least one other host computer of the network or the untrusted line.
  - 40. The method of claim 38, further comprising the step of implementing a security mechanism when the host computer connects to a trusted destination.
  - 41. The method of claim 38, further comprising the step of not implementing security mechanisms when the host computer connects to an untrusted destination.
  - 42. The method of claim 38, wherein the untrusted line comprises the Internet.
  - 43. The method of claim 38, wherein a user cannot simultaneously communicate with a trusted destination and an untrusted destination.
  - 44. The method of claim 38, wherein a user is prevented from simultaneously connecting to destinations having different security levels.
  - 45. The method of claim 38, wherein a user can only select one profile at a time.
  - 46. The method of claim 38, wherein the user profiles define virtual private networks of communication comprising subsets of host computers.
  - 47. The method of claim 38, wherein security is implemented at a network layer of protocol hierarchy.
  - 48. The method of claim 38, wherein at least one user profile has only one destination.
  - 49. The method of claim 38, wherein the destination in a user'"'"'s profile correspond to a level of security granted the user.

13. A method for controlling a sending computer to transmit information to a receiving computer over a computer network, the method comprising:
- receiving the information to be transmitted to the receiving computer from the sending computer;
  
  implementing security mechanisms to determine whether communication is authorized from the sending computer to the receiving computer and, if not, then terminating the transmission of information and, if so, then encrypting the information to be transmitted; and
  
  , transmitting the encrypted information to the receiving computer over the computer network.

19. A method for controlling a receiving computer to receive information transmitted from a transmitting computer over a computer network, the method comprising:
- receiving the information to be received by the receiving computer from the computer network;
  
  implementing security mechanisms to determine whether communication is authorized from the sending computer to the receiving computer and, if not, then terminating the transmission of information and, if so, then decrypting the information to be received; and
  
  , transmitting the decrypted information to the receiving computer for reception thereof.

25. A secure network having a plurality of host computers accessible to users and connected to a network medium that has access to an untrusted line, the secure network comprising:
- a network security controller for enabling a security officer to generate at least one user profile for each user, each user profile defining at least one destination which the user is authorized to access; and
  
  , security devices connected to the network medium for receiving the user profiles generated at the network security controller, each security device associated with one host computer, each security device having an authorization device for authorizing users at the associated host computer, the security device permitting the authorized user, via the associated host computer, to select a user'"'"'s profile associated with the user and for restricting access of the host computer to the at least one destination defined in the selected user'"'"'s profile.

38. A method for operating a network having a plurality of host computers accessible to users and connected to a network medium that has access to an untrusted line, the method comprising:
- generating at least one user profile for each user, each user profile defining at least one destination which the user is authorized to access;
  
  authorizing a user at a host computer;
  
  determining, at the host computer, the at least one user is profile associated with the authorized user;
  
  permitting, at the host computer, the authorized user to select a user'"'"'s profile associated with the user; and
  
  restricting access of the host computer to the at least one destination defined in the selected user'"'"'s profile.

50. A multi-level secure network having a plurality of host computers accessible to users and connected to a network medium that has access to an untrusted line, the secure network comprising a security device coupled between at least one host computer and the network medium which operates at a network layer communications protocol and a network security controller for controlling the security device to establish connections to the network medium.
- View Dependent Claims (51, 52, 53)
- - 51. The multi-level secure network of claim 50, wherein the network security controller audits events.
  - 52. The multi-level secure network of claim 50, wherein the security device prevents simultaneous connection to a trusted line and an untrusted line.
  - 53. The multi-level secure network of claim 50, wherein the security device prevents simultaneous connection between lines of different security levels.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
API Cryptek, Inc. (API Technologies Corporation)
Original Assignee
Cryptek Incorporated (API Technologies Corporation)
Inventors
Williams, Timothy C.

Granted Patent

US 7,069,437 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/201
CPC Class Codes

H04L 63/0218   Distributed architectures, ...

H04L 63/0272   Virtual private networks

H04L 63/0428   wherein the data content is...

H04L 63/105   Multiple levels of security

H04L 63/164   at the network layer

H04L 63/20   for managing network securi...

H04L 69/12   Protocol engines

Multi-level security network system

First Claim

16 Assignments

0 Petitions

Accused Products

Abstract

164 Citations

53 Claims

Specification

Solutions

Use Cases

Quick Links

Multi-level security network system

First Claim

16 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

164 Citations

53 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links