Management of trusted flow system

US 20030177383A1
Filed: 08/14/2002
Published: 09/18/2003
Est. Priority Date: 03/16/2002
Status: Active Grant

First Claim

Patent Images

1. A secured network management system for managing the communications of data packets, the system comprising:

a plurality of trusted flow generator (TFG) subsystems;

a plurality of trusted tag checker (TTC) subsystems;

a plurality of secure management server (SMS) subsystems;

wherein each of the TFG subsystems sends and receives messages and selectively generates a security tag, responsive to compliance logic for association with each respective one of the data packets;

wherein each of the TTC subsystems sends and receives messages and selectively generates a comparison tag for comparison to the security tag for each respective one of the data packets;

a communications network for coupling the data packets, the plurality of TFG subsystems, and the plurality of TTC subsystems; and

wherein each of the TFG subsystems is comprised of logic comprised of packet processing, rules of transmission and security tag generation.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

This invention discloses a method and system for detecting and reacting to unexpected communications patterns. The system consists of a plurality of end stations and a plurality of network interfaces, such that, the network interface is capable of determining the authenticity of the program used by the end station to generate and send data packets. The system further consists of a plurality of secure management servers, which continuously exchange management messages with the network interfaces. Consequently, the secure management servers have the information for detecting unexpected communications patterns. The method allows the control of end stations, and when an unexpected communication pattern is detected, selectively only packets from authenticated programs can be allowed to be transmitted.

44 Citations

View as Search Results

85 Claims

1. A secured network management system for managing the communications of data packets, the system comprising:
- a plurality of trusted flow generator (TFG) subsystems;
  
  a plurality of trusted tag checker (TTC) subsystems;
  
  a plurality of secure management server (SMS) subsystems;
  
  wherein each of the TFG subsystems sends and receives messages and selectively generates a security tag, responsive to compliance logic for association with each respective one of the data packets;
  
  wherein each of the TTC subsystems sends and receives messages and selectively generates a comparison tag for comparison to the security tag for each respective one of the data packets;
  
  a communications network for coupling the data packets, the plurality of TFG subsystems, and the plurality of TTC subsystems; and
  
  wherein each of the TFG subsystems is comprised of logic comprised of packet processing, rules of transmission and security tag generation.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27)
- - 2. The system as in claim 1, wherein at least one of the TTC subsystem sends a count message that provides a report of a count of how many TFG subsystems are coupled for transmission of the data packets to the respective at least one of the TTC subsystems.
  - 3. The system as in claim 2, wherein the TTC subsystems upon receiving the count messages from at least one of the TTC subsystems sum them up into a TTC count.
  - 4. The system as in claim 3, wherein responsive to the TTC count exceeding a predefined threshold the TTC subsystem sends a notification message to the SMS subsystem.
  - 5. The system as in claim 4, wherein responsive to the notification message the SMS subsystem sends a disable message to selected ones of the TTC subsystems.
  - 6. The system as in claim 1, wherein the SMS subsystem sends an update information to the rules of transmission and security tag generation of selected one of the TFG subsystems.
  - 7. The system as in claim 1, wherein the SMS subsystem sends renewal information to the rules of transmission and security tag generation of selected one of the TFG subsystems.
  - 8. The system as in claim 1, wherein there are a first group of the data packets which are communicated with respective ones of the security tags;
    - and wherein there are a second group of the data packets which are communicated without respective ones of the security tags.
  - 9. The system as in claim 1, wherein the SMS subsystem sends and receives management massages.
  - 10. The system as in claim 1, wherein the SMS subsystem further comprising of a plurality of management module;
    - wherein selected ones of the plurality of management modules operate on at least one of a dedicated computing subsystem, and a TTC subsystem.
  - 11. The system as in claim 1, further comprising:
    - wherein at least one of the security management servers (SMS) is coupled to the communication network which sends and receives messages; and
      
      wherein the SMS is responsive to the received messages for controlling the flow of the data packets on the communications network.
  - 12. The system as in claim 11, wherein there are a plurality of TTC subsystems, each of which provides a respective report count message;
    - and wherein the SMS subsystem is responsive to the report count messages from the plurality of TTC subsystems for controlling flow of the data packets in the communications network.
  - 13. The system as in claim 12, wherein the SMS subsystem is disabling and enabling the flow of the data packets responsive to the report count messages.
  - 14. The system as in claim 12, wherein the SMS subsystem provides for limiting to a predefined number the flow of the data packets responsive to the report count messages.
  - 15. The system as in claim 12, wherein the SMS subsystem provides for selectively disabling and enabling at least one of:
    - first group of the data packets and second group of the data packets.
  - 16. The system as in claim 15, wherein the first group of the data packets is originated from a set of premium users.
  - 17. The system as in claim 12, wherein the SMS subsystem is limiting to a predefined number at least one of:
    - a first group of the data packets and a second group of the data packets.
  - 18. The system as in claim 11, wherein the SMS monitors the received messages from the TTC subsystems to detect an attack pattern responsive to attack analysis logic.
  - 19. The system as in claim 18, wherein the attack analysis logic is responsive to input from at least one of:
    - type of data packets sent by the TFG subsystems, type of data packets received by the TTC subsystems, number of data packets sent by the TFG subsystems, rate of data packets sent by the TFG subsystems, number of data packets received by the TTC subsystems, rate of data packets received by the TTC subsystems, sources of data packets sent by the TFG subsystems, sources of data packets received by the TTC subsystems, destinations of data packets sent by the TFG subsystems, destinations of data packets received by the TTC subsystems, routes of data packets sent by the TFG subsystems, and routes of data packets received by the TTC subsystems.
  - 20. The system as in claim 19, wherein the attack analysis logic is responsive to the input for determining selected control messages to be sent to respected ones of plurality of the TTC subsystems and respected ones of plurality of the TFG subsystems.
  - 21. The system as in claim 19, wherein the attack analysis logic, responsive to the input, determines an attack location.
  - 22. The system as in claim 21, wherein the attack analysis logic sends selected control messages responsive to the attack location.
  - 23. The system as in claim 22, wherein the selected control messages determine for each of the TTC subsystems at least one of:
    - disabling the first group of the data packets, disabling the second group of the data packets, enabling the first group of the data packets, enabling the second group of the data packets, limiting the first group of the data packets, and limiting the second group of the data packets.
  - 24. The system as in claim 20, wherein the selected control messages provide for at least one of:
    - disabling the first group of the data packets, disabling the second group of the data packets, enabling the first group of the data packets, enabling the second group of the data packets, limiting the first group of the data packets, and limiting the second group of the data packets.
  - 25. The system as in claim 20, wherein the selected control messages determine for each of the TFG subsystems at least one of:
    - disabling the first group of the data packets, disabling the second group of the data packets, enabling the first group of the data packets, enabling the second group of the data packets, limiting the first group of the data packets, and limiting the second group of the data packets.
  - 26. The system as in claim 20, wherein the selected control messages determine for each of the TTC subsystems at least one of:
    - disabling the first group of the data packets, disabling the second group of the data packets, enabling the first group of the data packets, enabling the second group of the data packets, limiting the first group of the data packets, and limiting the second group of the data packets.
  - 27. The system as in claim 1, wherein the send and receive messages contain at least on of:
    - an authentication field, a digital signature field, a time-stamp field, an encrypted field, an encrypted portion of the message, and a keying information field.

28. A secured network management system for managing the communications of data packets, the system comprising:
- a plurality of trusted flow generator (TFG) subsystems;
  
  a plurality of trusted tag checker (TTC) subsystems;
  
  a plurality of secure management server (SMS) subsystems;
  
  wherein each of the TFG subsystems sends and receives messages and selectively generates a security tag, responsive to compliance logic for association with each respective one of the data packets;
  
  a communications network for coupling the data packets, the plurality of the TFG subsystems, and the plurality of the TTC subsystems;
  
  wherein each of the TFG subsystems is comprised of logic comprised of packet processing, rules of transmission and security tag generation.
- View Dependent Claims (29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43)
- - 29. The system as in claim 28, wherein the TFG subsystem is further comprised of a TFG challenge controller comprising a communication subsystem for interaction with users and programs that produce inputs for packet processing.
  - 30. The system as in claim 29, wherein the communication subsystem sends a challenge message to users and programs that produce inputs for packet processing.
  - 31. The system as in claim 30, wherein the challenge message is comprised of at least one of:
    - a cryptographic field, an encryption field, a clear text field, a request for users to perform a task using a keyboard, a request for users to perform a task using a mouse, a request for users to perform a task using a biometrics reader, a request for users to perform a task using a terminal input function, requesting an answer to a verbal question, requesting an answer to an audiovisual question, requesting an answer to a previously stored data item, requesting an answer related to published information within the user and the program computing subsystems, requesting payment, requesting digital form of payment, requesting a credit card number, requesting information retrievable from a smart card, requesting information retrievable from a portable device, an activation of a sensor enabling the receipt of sensory information, and requesting information based on means of computing received from the SMS subsystem.
  - 32. The method as in claim 28, wherein the TFG challenge controller receives a response message from users and programs that produce input for packet processing.
  - 33. The system as in claim 32, wherein the response message is comprised of at least one of:
    - a cryptographic field, an encryption field, a clear text field, a response to a request for users to perform a task using a keyboard, a response to a request for users to perform a task using a mouse, a response to a request for users to perform a task using a biometrics reader, a response to a request for users to perform a task using a terminal input function, a response to a message requesting an answer to a verbal question, a response to a message requesting an answer to an audiovisual question, a response to a message requesting an answer to a previously stored data item, a response to a message requesting an answer related to published information within the user and the program computing subsystems, a response with payment, a response with a digital form of payment, a response with a credit card number, a response with information retrievable from a smart card, a response with information retrievable from a portable device, a response with a signal, a response with a radio signal, a response with a wireless signal, a response with an RF information, a response with an IR information, response with sensory information, response with audio information, response with olfactory information, and an answer to a message requesting information based on means of computing received from the SMS subsystem.
  - 34. The system as in claim 28, wherein the TFG challenge controller provides for user and program input to be used in packet processing responsive to a response message received from user and program.
  - 35. The system as in claim 28, wherein the TFG challenge controller does not allow user and program input to be used in packet processing responsive to a response message received from user and program.
  - 36. The system of claim 33, wherein the TFG subsystems selectively generates data packets with security tags responsive to the response messages.
  - 37. The system as in claim 36, wherein the TTC subsystem validates the data packet by analyzing the security tag responsive to receiving the data packet from the TFG subsystem.
  - 38. The system as in claim 37, further comprising:
    - means for mapping the data packet with security tags to a first communications class of service responsive to the validating the data packet and verifying the respective security tag; and
      
      means for mapping the data packet to a second communications class of service responsive to the validating the data packet with security tags resulting in failed verifying of the security tag.
  - 39. The system as in claim 38, wherein the first communications class of service is coupling the data packet for further communication therefrom.
  - 40. The system as in claim 39, wherein the second communications class of service is denial of further communication therefrom.
  - 41. The system as in claim 39, wherein the second communications class of service is local storage without further transmission.
  - 42. The system as in claim 39, wherein the second communications class of service is at a lower priority level than the first communications class of service.
  - 43. The system as in claim 42, wherein the priorities are determined responsive to set bits within the data packet.

44. A secured network management method for managing the communications of data packets, the method comprising:
- sending and receiving messages from at least one trusted flow generator (TFG) subsystem, and selectively generating a security tag, responsive to compliance logic for association with each respective one of the data packets;
  
  sending and receiving messages and selectively generating a comparison tag for comparison to the security tag for each respective one of the data packets in at least one trusted tag checker (TTC) subsystem;
  
  coupling the data packets, the plurality of TFG subsystems, and the plurality of TTC subsystems via a communications network; and
  
  providing logic for packet processing, rules of transmission and security tag generation.
- View Dependent Claims (45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70)
- - 45. The method as in claim 44, further comprising:
    - sending a count message from at least one of the TTC subsystems that provides a report of a count of how many TFG subsystems are coupled for transmission of the data packets to the respective at least one of the TTC subsystems.
  - 46. The method as in claim 45, further comprising:
    - receiving the count messages from at least one of the TTC subsystems; and
      
      summing up the count messages into a TTC count.
  - 47. The method as in claim 46, further comprising:
    - sending a notification message responsive to the TTC count exceeding a predefined threshold.
  - 48. The method as in claim 47, further comprising:
    - sending a disable message to selected ones of the TTC subsystems responsive to the notification message.
  - 49. The method as in claim 44, further comprising:
    - sending update information to the rules of transmission and security tag generation of selected one of the TFG subsystems.
  - 50. The method as in claim 44, further comprising:
    - sending renewal information to the rules of transmission and security tag generation of selected one of the TFG subsystems.
  - 51. The method as in claim 44, further comprising:
    - communicating a first group of the data packets with respective ones of the security tags; and
      
      communicating a second group of the data packets without respective ones of the security tags.
  - 52. The method as in claim 44, wherein at least one of the SMS subsystems sends and receives management massages.
  - 53. The method as in claim 44, wherein the SMS subsystem is further comprised of a plurality of management modules;
    - wherein selected ones of the plurality of management modules operate on at least one of;
      
      a dedicated computing subsystem, one of the TTC subsystems.
  - 54. The method as in claim 44, further comprising:
    - coupling to the communication network, for sending and receiving messages; and
      
      controlling the flow of the data packets on the communications network responsive to the received messages.
  - 55. The method as in claim 54, wherein there are a plurality of the TTC subsystems, each of which provides a respective report count message;
    - the method further comprising;
      
      controlling flow of the data packets in the communications network responsive to the report count messages from the plurality of the TTC subsystems.
  - 56. The method as in claim 55, further comprising:
    - disabling and enabling the flow of the data packets responsive to the report count messages.
  - 57. The method as in claim 55, further comprising:
    - limiting to a predefined number the flow of the data packets responsive to the report count messages.
  - 58. The method as in claim 55, further comprising:
    - disabling and enabling at least one of;
      
      a first group of the data packets and a second group of the data packets.
  - 59. The method as in claim 58, wherein the first group of the data packets originated from a set of premium users.
  - 60. The method as in claim 55, further comprising:
    - limiting to a predefined number at least one of;
      
      a first group of the data packets and a second group of the data packets.
  - 61. The method as in claim 54, further comprising:
    - monitoring the received messages from the TTC subsystems to detect an attack pattern responsive to the attack analysis logic.
  - 62. The method as in claim 61, wherein the attack analysis logic gets as input at least one of:
    - type of data packets sent by the TFG subsystems, type of data packets received by the TTC subsystems, number of data packets sent by the TFG subsystems, rate of data packets sent by the TFG subsystems, number of data packets received by the TTC subsystems, rate of data packets received by the TTC subsystems, sources of data packets sent by the TFG subsystems, sources of data packets received by the TTC subsystems, destinations of data packets sent by the TFG subsystems, destinations of data packets received by the TTC subsystems, routes of data packets sent by the TFG subsystems, and routes of data packets received by the TTC subsystems.
  - 63. The method as in claim 62, further comprising:
    - determining selected control messages to be sent to respective ones of the plurality of the TTC subsystems and respective ones of the plurality of the TFG subsystems by the attack analysis logic responsive to its input.
  - 64. The method as in claim 62, further comprising:
    - determining an attack location responsive to the input to the attack analysis logic.
  - 65. The method as in claim 64, further comprising:
    - sending selected control messages from the attack analysis logic responsive to the attack location.
  - 66. The method as in claim 65, wherein the selected control messages determine for each of the TTC subsystems at least one of:
    - disabling the first group of the data packets, disabling the second group of the data packets, enabling the first group of the data packets, enabling the second group of the data packets, limiting the first group of the data packets, and limiting the second group of the data packets.
  - 67. The method as in claim 63, wherein the selected control messages determine at least one of:
    - disabling the first group of the data packets, disabling the second group of the data packets, enabling the first group of the data packets, enabling the second group of the data packets, limiting the first group of the data packets, and limiting the second group of the data packets.
  - 68. The method as in claim 63, wherein the selected control messages determine for each TFG subsystem at least one of:
    - disabling the first group of the data packets, disabling the second group of the data packets, enabling the first group of the data packets, enabling the second group of the data packets, limiting the first group of the data packets, and limiting the second group of the data packets.
  - 69. The method as in claim 63, wherein the selected control messages determine for each TTC subsystem at least one of:
    - disabling the first group of the data packets, disabling the second group of the data packets, enabling the first group of the data packets, enabling the second group of the data packets, limiting the first group of the data packets, and limiting the second group of the data packets.
  - 70. The method as in claim 44, wherein the send and receive messages contain at least on of:
    - an authentication field, a digital signature field, a time-stamp field, an encrypted field, an encrypted portion of the message, and a keying information field.

71. A secured network management method for managing the communications of data packets, the method comprising:
- sending and receiving messages and selectively generating a security tag, responsive to compliance logic for association with each respective one of the data packets, within each of a plurality of trusted flow generator (TFG) subsystems;
  
  coupling a communications network via the data packets, the plurality of TFG subsystems, and a plurality of trusted tag checker (TTC) subsystems; and
  
  wherein each of the TFG subsystems is comprised of logic comprised of packet processing, rules of transmission and security tag generation.
- View Dependent Claims (72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84, 85)
- - 72. The method as in claim 71, further comprising:
    - controlling interaction with users and programs that produce inputs for packet processing via a TFG challenge controller communication subsystem that sends a challenge message to users and programs that produce inputs for packet processing.
  - 73. The method as in claim 72, wherein challenge message comprising at least one of:
    - a cryptographic field, an encryption field, a clear text field, a request for users to perform a task using a keyboard, a request for users to perform a task using a mouse, a request for users to perform a task using a biometrics reader, a request for users to perform a task using a terminal input function, requesting an answer to a verbal question, requesting an answer to an audiovisual question, requesting an answer to a previously stored data item, requesting an answer related to published information within the user and the program computing subsystems, requesting payment, requesting digital form of payment, requesting a credit card number, requesting information retrievable from a smart card, requesting information retrievable from a portable device, an activation of a sensor enabling the receipt of sensory information, and requesting information based on means of computing received from the SMS subsystem.
  - 74. The method as in claim 72, wherein the TFG challenge controller receives a response message from users and programs that produce input for packet processing.
  - 75. The method as in claim 74, wherein the response message is comprised of at least one of:
    - a cryptographic field, an encryption field, a clear text field, a response to a request for users to perform a task using a keyboard, a response to a request for users to perform a task using a mouse, a response to a request for users to perform a task using a biometrics reader, a response to a request for users to perform a task using a terminal input function, a response to a message requesting an answer to a verbal question, a response to a message requesting an answer to an audiovisual question, a response to a message requesting an answer to a previously stored data item, a response to a message requesting an answer related to published information within the user and the program computing subsystems, a response with payment, a response with a digital form of payment, a response with a credit card number, a response with information retrievable from a smart card, a response with information retrievable from a portable device, a response with a signal, a response with a radio signal, a response with a wireless signal, a response with an RF information, a response with an IR information, response with sensory information, response with audio information, response with olfactory information, and an answer to a message requesting information based on means of computing received from the SMS subsystem.
  - 76. The method as in claim 72, further comprising:
    - utilizing user and program input in packet processing responsive to a response message received from user and program.
  - 77. The method as in claim 72, further comprising:
    - preventing utilization of user and program input in packet processing responsive to a response message received from user and program.
  - 78. The method of claim 75, further comprising:
    - selectively generating data packets with security tags responsive to the response messages.
  - 79. The method as in claim 78, further comprising:
    - validating the data packet by analyzing the security tag responsive to receiving the data packet.
  - 80. The method as in claim 79, further comprising:
    - mapping the data packet with security tags to a first communications class of service responsive to the validating the data packet and verifying the respective security tag; and
      
      mapping the data packet to a second communications class of service responsive to the validating the data packet with security tags resulting in failed verifying of the security tag.
  - 81. The method as in claim 80, further comprising:
    - coupling the data packet for further communication therefrom in the first communications class of service.
  - 82. The method as in claim 81, further comprising:
    - denying further communication therefrom in the second communications class of service.
  - 83. The method as in claim 81, further comprising:
    - providing local storage of the data packet without further transmission in the second communications class of service.
  - 84. The method as in claim 81, further comprising:
    - providing the second communications class of service at a lower priority level than the first communications class of service.
  - 85. The method as in claim 84, further comprising:
    - determining relative priorities of the first and the second communications class of service responsive to set bits within the data packet.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Attestwave LLC (Jeffrey M. Gross)
Original Assignee
Trustedflow Systems, Inc.
Inventors
Ofek, Yoram, Yung, Marcel Mordechay

Granted Patent

US 7,305,704 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/200
CPC Class Codes

G06F 21/14   against software analysis o...

H04L 47/10   Flow control; Congestion co...

H04L 47/193   at the transport layer, e.g...

H04L 47/27   Evaluation or update of win...

H04L 47/283   in response to processing d...

H04L 63/0227   Filtering policies mail mes...

H04L 63/10   for controlling access to d...

H04L 69/16   Implementation or adaptatio...

H04L 69/161   Implementation details of T...

H04L 69/163   In-band adaptation of TCP d...

Y04S 40/20   Information technology spec...

Y10S 707/99939   Privileged access

Management of trusted flow system

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

44 Citations

85 Claims

Specification

Solutions

Use Cases

Quick Links

Management of trusted flow system

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

44 Citations

85 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links