Management of trusted flow system
First Claim
1. A secured network management system for managing the communications of data packets, the system comprising:
- a plurality of trusted flow generator (TFG) subsystems;
a plurality of trusted tag checker (TTC) subsystems;
a plurality of secure management server (SMS) subsystems;
wherein each of the TFG subsystems sends and receives messages and selectively generates a security tag, responsive to compliance logic for association with each respective one of the data packets;
wherein each of the TTC subsystems sends and receives messages and selectively generates a comparison tag for comparison to the security tag for each respective one of the data packets;
a communications network for coupling the data packets, the plurality of TFG subsystems, and the plurality of TTC subsystems; and
wherein each of the TFG subsystems is comprised of logic comprised of packet processing, rules of transmission and security tag generation.
3 Assignments
0 Petitions
Accused Products
Abstract
This invention discloses a method and system for detecting and reacting to unexpected communications patterns. The system consists of a plurality of end stations and a plurality of network interfaces, such that, the network interface is capable of determining the authenticity of the program used by the end station to generate and send data packets. The system further consists of a plurality of secure management servers, which continuously exchange management messages with the network interfaces. Consequently, the secure management servers have the information for detecting unexpected communications patterns. The method allows the control of end stations, and when an unexpected communication pattern is detected, selectively only packets from authenticated programs can be allowed to be transmitted.
44 Citations
85 Claims
-
1. A secured network management system for managing the communications of data packets, the system comprising:
-
a plurality of trusted flow generator (TFG) subsystems;
a plurality of trusted tag checker (TTC) subsystems;
a plurality of secure management server (SMS) subsystems;
wherein each of the TFG subsystems sends and receives messages and selectively generates a security tag, responsive to compliance logic for association with each respective one of the data packets;
wherein each of the TTC subsystems sends and receives messages and selectively generates a comparison tag for comparison to the security tag for each respective one of the data packets;
a communications network for coupling the data packets, the plurality of TFG subsystems, and the plurality of TTC subsystems; and
wherein each of the TFG subsystems is comprised of logic comprised of packet processing, rules of transmission and security tag generation. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27)
-
-
28. A secured network management system for managing the communications of data packets, the system comprising:
-
a plurality of trusted flow generator (TFG) subsystems;
a plurality of trusted tag checker (TTC) subsystems;
a plurality of secure management server (SMS) subsystems;
wherein each of the TFG subsystems sends and receives messages and selectively generates a security tag, responsive to compliance logic for association with each respective one of the data packets;
a communications network for coupling the data packets, the plurality of the TFG subsystems, and the plurality of the TTC subsystems;
wherein each of the TFG subsystems is comprised of logic comprised of packet processing, rules of transmission and security tag generation. - View Dependent Claims (29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43)
-
-
44. A secured network management method for managing the communications of data packets, the method comprising:
-
sending and receiving messages from at least one trusted flow generator (TFG) subsystem, and selectively generating a security tag, responsive to compliance logic for association with each respective one of the data packets;
sending and receiving messages and selectively generating a comparison tag for comparison to the security tag for each respective one of the data packets in at least one trusted tag checker (TTC) subsystem;
coupling the data packets, the plurality of TFG subsystems, and the plurality of TTC subsystems via a communications network; and
providing logic for packet processing, rules of transmission and security tag generation. - View Dependent Claims (45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70)
-
-
71. A secured network management method for managing the communications of data packets, the method comprising:
-
sending and receiving messages and selectively generating a security tag, responsive to compliance logic for association with each respective one of the data packets, within each of a plurality of trusted flow generator (TFG) subsystems;
coupling a communications network via the data packets, the plurality of TFG subsystems, and a plurality of trusted tag checker (TTC) subsystems; and
wherein each of the TFG subsystems is comprised of logic comprised of packet processing, rules of transmission and security tag generation. - View Dependent Claims (72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84, 85)
-
Specification