Secure network access devices with data encryption
First Claim
1. A method of establishing a secure point to point link comprising:
- initiating a trusted link by authenticating a trusted partner;
encrypting data to be sent on the trusted link;
sending the encrypted data on the trusted link;
policing the trusted link by verifying that the trusted partner remains connected to the trusted link and that other un-trusted clients are not connected to the trusted link; and
if the trusted partner becomes disconnected from the trusted link or if an un-trusted client is connected to the trusted link, ceasing to send the encrypted data on the trusted link.
1 Assignment
0 Petitions
Accused Products
Abstract
Secure point to point network communications. Secure point to point network communications are accomplished by sending data across a secure link. Trusted partners at the link are matched to each other. To ensure that no un-trusted partners are on the link, authentication is performed. One of the points may be a secure tap. The secure tap authenticates a trusted partner by receiving a hardware embedded encryption key or value derived from the hardware embedded encryption key from the trusted partner. Data sent on the trusted link is encrypted to prevent interception of the data. The secure tap polices the link to ensure that no un-trusted partners are attached to the link and that the trusted partner is not removed from the link. If un-trusted partners are added to the link or trusted partners removed from the link, the secure tap ceases sending data.
-
Citations
25 Claims
-
1. A method of establishing a secure point to point link comprising:
-
initiating a trusted link by authenticating a trusted partner;
encrypting data to be sent on the trusted link;
sending the encrypted data on the trusted link;
policing the trusted link by verifying that the trusted partner remains connected to the trusted link and that other un-trusted clients are not connected to the trusted link; and
if the trusted partner becomes disconnected from the trusted link or if an un-trusted client is connected to the trusted link, ceasing to send the encrypted data on the trusted link. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A secure network interface device for use in a secure point to point link, the network interface device comprising:
-
a first interface for receiving encrypted network traffic;
logic for decrypting the encrypted network traffic coupled to the first interface, wherein the logic comprises a hardware embedded encryption key matched to a network device that sends the encrypted network traffic; and
a second interface coupled to the logic and a host for delivering the decrypted network traffic to the host device. - View Dependent Claims (10, 11)
-
-
12. A secure network traffic distribution device for use in a secure point to point link, the secure network traffic distribution device comprising:
-
an input configured to receive network traffic;
an encryption module coupled to the input, the encryption module comprising a first hardware embedded encryption key used to encrypt network traffic, the first hardware embedded encryption key matched to a device that is configured to receive encrypted network traffic from the secure network traffic distribution device; and
an output port coupled to the encryption module, the output port configured to transmit encrypted network traffic. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
-
-
25. A secure tap comprising:
-
an input configured to receive network traffic;
an encryption module coupled to the input, the encryption module comprising a first hardware embedded encryption key used to encrypt network traffic, the first hardware embedded encryption key matched to a device that is configured to receive encrypted network traffic from the secure tap; and
an output port coupled to the encryption module, the output port configured to transmit encrypted network traffic.
-
Specification