Mixed enclave operation in a computer network
First Claim
1. A system for communicating over a network having a plurality of secured users utilizing multi-level network security devices and a plurality of unsecured users employing no network security devices, the system comprising:
- a first multi-level network security device configured to;
intercept a message from a first user; and
discard the message if the message violates security parameters;
wherein in a first mode, the first multi-level network security device is configured to send the message to a second user, and wherein in a second mode, the first multi-level network security device comprises an encryptor configured to encrypt the message and send the encrypted message to a second multi-level network security device.
3 Assignments
0 Petitions
Accused Products
Abstract
A method is disclosed for mixed enclave operation of a computer network with users employing a multi-level network security interface and users without any network security interface. Either the network security user selects or the network security interface automatically selects whether communications are permissible with other unsecured users. Where a mixed enclave operation is selected, the network security user identifies when communications are being undertaken with another secured user or a non-secured user. Communications with a non-secured user at a lower security level entail securing the data residing with the secured user from transmission back to the non-secured user.
105 Citations
20 Claims
-
1. A system for communicating over a network having a plurality of secured users utilizing multi-level network security devices and a plurality of unsecured users employing no network security devices, the system comprising:
-
a first multi-level network security device configured to;
intercept a message from a first user; and
discard the message if the message violates security parameters;
wherein in a first mode, the first multi-level network security device is configured to send the message to a second user, and wherein in a second mode, the first multi-level network security device comprises an encryptor configured to encrypt the message and send the encrypted message to a second multi-level network security device. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system for mixed enclave communications over a network having both secured and unsecured users, the system comprising:
-
a network security device configured to permit communication over the network between one of the secured users and one of the unsecured users, and further configured to dynamically determine whether a user initiating communication is one of the secured users or one of the unsecured users;
wherein the network security device is configured to use association establishment messages sent over the network for the secured users in authenticating each other, and wherein the network security device is configured to use association establishment messages for the secured users exchanging security parameters. - View Dependent Claims (9, 10, 11, 12)
-
-
13. A method for establishing association over a network between a plurality of secured users utilizing multi-level network security devices and a plurality of unsecured users, the method comprising:
-
receiving and storing at a first security device a message from a source user to a destination user;
transmitting from the first security device an association request message to a destination user upon receipt of the message;
receiving an association grant message in response to the association request message from a second security device after the second security device has determined that an association between the source user and the destination user is permitted, wherein no other security devices exist between the destination user and the second security device; and
sending the stored message to the second security device. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
-
Specification