Method and system to provide secure data connection between creation points and use points

US 20070061870A1
Filed: 09/14/2006
Published: 03/15/2007
Est. Priority Date: 09/15/2005
Status: Abandoned Application

First Claim

Patent Images

1. A method of creating a secure network access method, called virtual security domain, on a computing device, the method comprising:

defining a particular virtual security domain on the computing device, the particular virtual security domain includes a list of users as the virtual security domain members, a secure network configuration, a unique domain encrypt key, and a set of access policies for accessing the secure data and communication channels;

validating, when a user is making a request to enter the virtual security domain, only a domain member with a proper access privilege can enter the domain and access the network and secured content;

monitoring, after a validated user enters the virtual security domain, when a piece of secure content in virtual security domain is accessed by an application, that the application cannot leak any part of the secure content outside of the virtual security domain;

monitoring, during the period when the piece of content is decrypted, operations of the computing device that are capable of producing one of a complete copy and a partial copy of the piece of content;

determining, when an operation to produce a copy of the content is detected, to disallow the operation if the application and/or the operation is not permitted according to the access policies; and

copying, if the copy operation is not disallowed, the piece of content within the particular domain so that the copied piece of content is stored in secured format.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system for creating a secure network access method is provided. The system creates a secure network environment beyond the traditional network endpoints to include the contents transferred through the secure network, stored in the endpoint machine, and utilized by the applications residing on the endpoint machine.

43 Citations

View as Search Results

18 Claims

1. A method of creating a secure network access method, called virtual security domain, on a computing device, the method comprising:
- defining a particular virtual security domain on the computing device, the particular virtual security domain includes a list of users as the virtual security domain members, a secure network configuration, a unique domain encrypt key, and a set of access policies for accessing the secure data and communication channels;
  
  validating, when a user is making a request to enter the virtual security domain, only a domain member with a proper access privilege can enter the domain and access the network and secured content;
  
  monitoring, after a validated user enters the virtual security domain, when a piece of secure content in virtual security domain is accessed by an application, that the application cannot leak any part of the secure content outside of the virtual security domain;
  
  monitoring, during the period when the piece of content is decrypted, operations of the computing device that are capable of producing one of a complete copy and a partial copy of the piece of content;
  
  determining, when an operation to produce a copy of the content is detected, to disallow the operation if the application and/or the operation is not permitted according to the access policies; and
  
  copying, if the copy operation is not disallowed, the piece of content within the particular domain so that the copied piece of content is stored in secured format.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1 further comprises of a domain specification, which includes (a) a list of users and machines identities as the domain members, (b) trusted network access addresses and communication channels, (c) access policies of the domain secure contents stored in the client machine, (d) domain identity, (e) domain encryption key.
  - 3. The method of claim 1 further comprising creating a security layer on the domain client'"'"'s computing device, the accessing, verifying, monitoring, determining and copying steps being performed by the security layer wherein the security layer has a local copy of the domain specification so that the access policy in the domain specification is validated during the operation of the particular virtual security domain.
  - 4. The method of claim 1 further comprises of a domain proxy server, controlling, validating and redirecting network access based on the domain specifications of a list of virtual security domains.
  - 5. The method of claim 3 further comprising a set of secure communication channels, each between two domain clients'"'"' computing devices or a domain client'"'"'s computing device and a domain proxy server, through which the data transfer is encrypted by a unique encryption key.
  - 6. The method of claim 3 further comprising creating an encrypted storage in the client'"'"'s computing device, storing any contents received from the secure channels, where any secured contents received and stored in the client machine will be protected under encryption and access control to prevent leakage outside of the secure domain.
  - 7. The method of claim 6 further comprising automatically tagging of any application as “
    - contaminated”
      
      if the application either (a) receives data from the secure communication channel, or (b) accesses data stored in the local secured store, or (c) receive data through any inter-process communication means from a contaminated process;
      
      furthermore, preventing any contaminated process either sending data to any non-secure channel, or storing to any storage device other than the encrypted storage.
  - 8. The method of claim 1 further comprises of a domain policy computing device, through which a user, a.k.a. the virtual security domain administrator, can define and configure the domain specification, and under which the real-time management of the domain proxy server and the secure layer in the domain clients'"'"' computing devices can be easily performed.
  - 9. The method of claim 3 further comprising communicating, with a remote domain policy computing device, to perform the following two tasks:
    - (1) receive the latest domain specification, and (2) sending audit records indicating any illegal attempt to transfer secure contents outside of the domain.
  - 10. The method of claim 3 further comprising transferring the domain specification from the remote domain policy computing device to the computing devices. The transferred domain specification can be optionally persisted in an encrypted form on the domain client'"'"'s computing device so that the access control and secure communication channel can still function within a predefined off-line duration setting in the domain specification.
  - 11. The method of claim 8, wherein encrypting the domain specification and encrypted storage content using an encryption key further comprising generating a unique encryption key and a unique domain identifier for each virtual security domain so that the secure environment is separated by domain boundary.

12. An apparatus for securing a virtual security domain on a computing device, the apparatus comprising:
- one or more applications executed by a processing unit of the domain client'"'"'s computing device that perform operations on the secure channels or the encrypted storage in a virtual security domain;
  
  an operating system executed by the processing unit of the computing device;
  
  a supervisor unit being executed by the processing unit of the computing device, the supervisor unit in between the one or more applications and the operating system to maintain the security of the data stored in the encrypted storage with respect to the access policy defined in the domain specification;
  
  the supervisor unit further comprising means for accessing the encrypted storage by a user application in access policy wherein the content is decrypted while being accessed, means for verifying, when a piece of content is accessed by an application, means for monitoring, during the period when the piece of content is decrypted, operations of the computing device that are capable of producing one of a complete copy and a partial copy of the piece of content, means for determining, when an operation to produce a copy of the content is detected, to disallow the sending through un-secure channels or copying to storage device outside of the encrypted storage if contaminated.
- View Dependent Claims (13, 14, 15, 16, 17, 18)
- - 13. The apparatus of claim 12 further comprising a supervisor unit on the computing device, the supervisor unit having a local copy of the domain specification for the virtual security domain, the supervisor unit including the accessing means, the verifying means, the monitoring means, the determining means and the copying means.
  - 14. The apparatus of claim 13 further comprising a remote domain policy computing device and wherein the supervisor unit further comprises means for communicating, with the remote domain policy computing device, to receive the domain specification.
  - 15. The apparatus of claim 14, wherein the remote domain policy computing device further comprises a database management system that stores one or more domain specifications for one or more virtual security domain, a random number generator to generate a unique domain encryption key upon virtual security domain creation so that data in each virtual security domain is separately secured, and a web user interface that permits a user to manage the remote domain policy computing device.
  - 16. The apparatus of claim 15, wherein each access policy further comprises one or more rules that determine a set of access policy of a particular user using a set of factors, the set of factors further comprising an identity of each user, an identity to an application, a previous access history of the running application instance, a time, a place where the access takes place, and a path of accessing the piece of content.
  - 17. The apparatus of claim 16, wherein the monitoring means further comprises means for automatically tagging applications as “
    - contaminated”
      
      if the application either (a) received data from a secure channel, or (b) access encrypted storage, or (c) receive data through inter-process communication from a contaminated process.
  - 18. The apparatus of claim 13 further comprising two or more computing devices whose users are each a member of a virtual security domain with a unique encryption key and a set of secure channels between the two or more computing devices using the unique encryption key, wherein the secure channels further comprises one of a network channel and an email channel.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Annsheng Ting, Tipin Chang
Original Assignee
Annsheng Ting, Tipin Chang
Inventors
Chang, Tipin, Ting, Annsheng

Application Number

US11/521,419
Publication Number

US 20070061870A1
Time in Patent Office

Days
Field of Search
US Class Current

726/3
CPC Class Codes

H04L 63/101 Access control lists [ACL]

H04L 63/102 Entity profiles

Method and system to provide secure data connection between creation points and use points

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

43 Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system to provide secure data connection between creation points and use points

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

43 Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links