Method and apparatus for packet source validation architecture system for enhanced Internet security
First Claim
1. A check and balance system for enhanced Internet security, comprising:
- a. a system to insert a packet source validation code in the header of the packets entering the Internet;
b. an adaptation of major routers of the Internet, the adaptation checks the presence of a source validation code in the header of a packet and routs only those packets that have the source validation code;
c. the major router adaptation after checking the presence of the source validation code, verifies the source validation code with reference to a key server.
0 Assignments
0 Petitions
Accused Products
Abstract
A Packet Source Validation Architecture (PSVA) system for enhanced Internet Security that validates the source of all data packets that enter and propagate in the global computer network is disclosed. The PSVA system includes: (i) a system means to insert a source validation code in the header of the packets entering the Internet, (ii) a system means wherein the source validation code does not identity the source of the packets to anyone except to a law-enforcement agency, (iii) a system means to transport such a packet from the sending computer to the destination computer over the existing global computer network, (iv) a means for packet receiving clients to forward the validation code therein to law-enforcement agencies, when an identified type of harm is detected in the data of the received packets. The PSVA system is made up of, (i) a distributed set of key servers and (ii) an adaptation of the major routers of the Internet, and an adaptation of the Sending and receiving client servers. For an embodiment limited to e-mail security, the PSVA system is made up of, (i) a distributed set of key servers, (ii) an adaptation of the mail servers, and (iii) and adaptation of sending mail clients, where for implementation all mail servers do not need to be adapted at the same time.
-
Citations
19 Claims
-
1. A check and balance system for enhanced Internet security, comprising:
-
a. a system to insert a packet source validation code in the header of the packets entering the Internet;
b. an adaptation of major routers of the Internet, the adaptation checks the presence of a source validation code in the header of a packet and routs only those packets that have the source validation code;
c. the major router adaptation after checking the presence of the source validation code, verifies the source validation code with reference to a key server. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method of enhanced security for the global computer network made up of a group of major routers for routing data packets across the network from a sending device to a receiving device comprising the steps of:
-
a. inserting a secret source validation code key in each packet header by the sending device;
b. verifying the code key with a key server database by the first root router to receive the packet, and discarding those packets without a validated code key;
c. replacing the code key with a reference number for those packets with a validated key;
d. setting a validation bit in the header and routing the packets, wherein the validation bit being used by other routers to not repeat validation steps. - View Dependent Claims (9, 10)
-
-
11. A digital key system for enhanced e-mail security comprising:
-
a. a key server, wherein the server adapted to receive calls from telephone network and screen calls with a call security function;
b. the key server further adapted with a key generation function, a key distribution function, and a key validation function. - View Dependent Claims (12, 13, 14, 15)
-
-
16. A mail server, security features in the mail server, comprising:
-
a. a mail security function that (i) receives an incoming e-mail file made up one or more data packets, (ii) saves the packets in a temporary area of the memory and extracts from the header of the packets, a data string made up of a country code, an area code and an encrypted validation code, and (iii) sends these to a pre-identified key server for the specific country code and the area code;
b. the mail security function awaits a response from the key server, (i) without receiving an OK response from the key server discarding all the packets of the file, and (ii) with receiving an OK response from the key server, saving the file name and the encrypted validation code in a security cookie, and (iii) forwards the e-mail file to a an e-mail client.
-
-
17. The claim as in 16, further comprising:
the mail server forwards the e-mail file to the mail clients with an annotation that the message has either been validated or not validated.
-
18. The claim as in 16, an adapted mail program in a mail sending client, as part of an enhanced security, comprising:
-
a a function that inputs a random code and a caller id made up of country code, area code and a telephone number;
b. a function that encrypts the called id and the random code using the random code as an encryption key, then labeled as the encrypted validation code; and
c. a function that embeds country code, area code, and the encrypted validation code in the header of each outgoing packet from the mail program.
-
-
19. The claim as in 18, the adapted mail program in a mail receiving client, as part of an enhanced security, comprising:
-
a. a function that saves data packets of an incoming e-mail file in a temporary area of memory and extracts a data string that has country code, area code and an encrypted validation code in the header of the packet;
b. a function compares with the encrypted validation codes in a pre-stored mail security cookie, and when not being successfully compared, sends the area code and the encrypted validation code to a pre-identified key server for the specific country code and the area code;
b. the mail receiving client, (i) without receiving an OK from the key server discarding all the packets of the file, and (ii) with receiving an OK from the key server, saving the file name and the encrypted validation code in the mail security cookie, (iii) and resume the normal operation of the mail program.
-
Specification