Secure data communication system
First Claim
1. Apparatus for providing a secure interface between an open network and a trusted network or device comprising:
- a network security engine for providing an interface between said open network and said trusted network or device; and
a secure processing unit;
said secure processing unit for communicating with a supplier of software and data for said secure processing unit for controlling said secure processing unit;
said secure processing unit communicating with said security engine to control functions and data of said security engine to provide a highly reliable network security engine.
1 Assignment
0 Petitions
Accused Products
Abstract
This invention relates to methods and apparatus for securing communications between an open multimedia network and a trusted multimedia network. A multimedia boundary controller controls the communications between the two networks in order to intercept corrupting data such as viruses. The boundary controller contains an open network security engine for providing normal security and a trusted network security engine for implementing special software to provide additional protection. The unit is controlled by a secure processing unit which can prevent unwanted information from getting into the trusted network security engine and the trusted multimedia network. The secure processing unit communicates with a manufacturer of security software over the open network using encrypted messages. The encryption key is shared between the multimedia boundary controller and the manufacturer of software and is stored in a durable memory which can only be used directly by the secure processor'"'"'s encryption software and hardware. Advantageously, this arrangement provides a high level of security for communications to and from a trusted multimedia network.
-
Citations
12 Claims
-
1. Apparatus for providing a secure interface between an open network and a trusted network or device comprising:
-
a network security engine for providing an interface between said open network and said trusted network or device; and
a secure processing unit;
said secure processing unit for communicating with a supplier of software and data for said secure processing unit for controlling said secure processing unit;
said secure processing unit communicating with said security engine to control functions and data of said security engine to provide a highly reliable network security engine. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method of providing a secure interface between an open network and a trusted network or device comprising:
-
routing data over a trusted network security engine between said open network and said trusted network or device; and
controlling said trusted network security engine from a secure processing unit;
communicating between said secure processing unit and a supplier of software and data for said secure interface for controlling said secure processing unit;
communicating from said secure processing unit to said trusted network security engine to control functions and data of said trusted network security engine to provide a highly reliable trusted network security engine. - View Dependent Claims (8, 9, 10, 11, 12)
-
Specification