System, method and apparatus for securing network data
First Claim
1. A system for securing network data, comprising:
- a network;
first and second storage elements;
a network server in communication with said network and said first storage element; and
a database server in communication with said first storage element and said second storage element, wherein the first storage element receives and stores data from said network server in a first predetermined location and from said database server in a second predetermined location, wherein said network server is capable of accessing the data stored by said first storage element in the second predetermined location, and wherein said database server is capable of accessing the data stored by said first storage element in the first predetermined location, such that said network server and said database server are capable of exchanging data via said first storage element without creating a concurrent operating session between said network server and said database server.
1 Assignment
0 Petitions
Accused Products
Abstract
The system, method and apparatus for securing network data of the present invention provide security for internal networks by utilizing a common storage element for the exchange of data between the external and internal components, without creating a concurrent session between the external and internal components. In addition, when the protocol of the external network is Internet Protocol (IP), the protocol used for the internal network may be a non-IP messaging protocol that is a more secure protocol than IP, and insulates the internal network from the type of attacks that are common in IP networks. These security measures may be implemented without a significant change to the hardware or software elements of the internal or external networks, and, therefore, without adding significant cost to the network administration and without the network performance degradation that is characteristic of conventional security measures.
40 Citations
29 Claims
-
1. A system for securing network data, comprising:
-
a network;
first and second storage elements;
a network server in communication with said network and said first storage element; and
a database server in communication with said first storage element and said second storage element, wherein the first storage element receives and stores data from said network server in a first predetermined location and from said database server in a second predetermined location, wherein said network server is capable of accessing the data stored by said first storage element in the second predetermined location, and wherein said database server is capable of accessing the data stored by said first storage element in the first predetermined location, such that said network server and said database server are capable of exchanging data via said first storage element without creating a concurrent operating session between said network server and said database server. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A method for securing network data, comprising:
-
receiving data from a network server in a first predetermined location of a first storage element;
receiving data from a database server in a second predetermined location of the first storage element;
accessing the data stored in the second predetermined location of the first storage element by the network server; and
accessing the data stored in the first predetermined location of the first storage element by the database server;
wherein the network server and the database server exchange data via the first storage element without creating a concurrent operating session between the network server and the database server. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23)
-
-
24. An apparatus for securing network data, comprising:
-
a network supporting communication via Internet Protocol (IP);
a storage area network comprising a plurality of storage devices, wherein said storage area network is capable of supporting communication via a non-IP messaging protocol;
a storage element;
a database server in communication with said storage area network and said storage element via the non-IP messaging protocol, and wherein said database server is capable of transmitting and receiving metadata that at least partially defines associated data; and
a network server in communication with said network via IP and said storage element via the non-IP messaging protocol, and wherein said network server is capable of transmitting and receiving metadata that at least partially defines associated data;
wherein said storage element receives and stores data from said network server in a first predetermined location and from said database server in a second predetermined location;
wherein said storage element further receives and stores network metadata from said network server in a third predetermined location, wherein the network metadata defines the first predetermined location at which the data that is also received from said network server is stored, and wherein said database server accesses the network metadata from the third predetermined location to obtain the first predetermined location of the data; and
wherein said storage element also receives and stores database metadata from said database server in a fourth predetermined location, wherein the database metadata defines the second predetermined location at which the data that is also received from said database server is stored, and wherein said network server accesses the database metadata from the fourth predetermined location to obtain the second predetermined location of the data, such that said network server and said database server are capable of exchanging data via said storage element without creating a concurrent operating session between said network server and said database server. - View Dependent Claims (25, 26, 27, 28, 29)
-
Specification