High-assurance web-based configuration of secure network server
First Claim
Patent Images
1. A method of configuring a secure network server comprising the following steps:
- (a) downloading modified configuration data to a web server that is within the non-trusted security functionality of a first secure network server having trusted security functionality and non-trusted security functionality;
(b) reviewing said modified configuration data using a command line interface that is within the trusted security functionality of said first secure network server; and
(c) configuring said first secure network server or a second secure network server connected to said first secure network server in accordance with said modified configuration data in response to the input, via said command line interface, of command data indicating acceptance of said modified configuration data by an administrative user.
2 Assignments
0 Petitions
Accused Products
Abstract
A secure network server having an embedded Hyper-Text Transfer Protocol (HTTP) server that is not within its trusted security functionality and that is used to configure the SNS security and networking features.
-
Citations
20 Claims
-
1. A method of configuring a secure network server comprising the following steps:
-
(a) downloading modified configuration data to a web server that is within the non-trusted security functionality of a first secure network server having trusted security functionality and non-trusted security functionality;
(b) reviewing said modified configuration data using a command line interface that is within the trusted security functionality of said first secure network server; and
(c) configuring said first secure network server or a second secure network server connected to said first secure network server in accordance with said modified configuration data in response to the input, via said command line interface, of command data indicating acceptance of said modified configuration data by an administrative user. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
- 10. A secure network server having trusted security functionality and non-trusted security functionality, comprising a web server that is within the non-trusted security functionality, an IP router interface that is within the trusted security functionality and a command line interface that is within the trusted security functionality, wherein said HTTP web server receives configuration data via said IP router interface and uses a trusted process to place that configuration data into temporary storage, the secure network server being programmed to configure itself or another secure network server connected thereto in accordance with said configuration data in response to the input, via said command line interface, of command data indicating acceptance of said configuration data by an administrative user.
-
15. A method of configuring a secure network server comprising the following steps:
-
(a) sending configuration data from a web browser that is within the non-trusted security functionality of a computer to a web server that is within the non-trusted security functionality of a first secure network server, the computer being connected to said first secure network server via a network;
(b) reviewing said configuration data using a command line interface that is within the trusted security functionality of said first secure network server; and
(c) configuring said first secure network server or a second secure network server connected to said first secure network server in accordance with said configuration data in response to the input, via said command line interface, of command data indicating acceptance of said configuration data by an administrative user. - View Dependent Claims (16)
-
- 17. A system comprising first and second secure network servers connected by a trunk line, and first and second networks connected via said second secure network server, said first and second networks operating at different security levels, wherein each of said first and second secure network servers has trusted security functionality and non-trusted security functionality, said first secure network server comprising a web server that is within the non-trusted security functionality, an IP router interface that is within the trusted security functionality and a command line interface that is within the trusted security functionality, wherein said HTTP web server receives configuration data via said IP router interface and uses a trusted process to place that modified configuration data into temporary storage, said first secure network server being programmed to configure itself or said second secure network server in accordance with said configuration data in response to the input, via said command line interface, of command data indicating acceptance of said configuration data by an administrative user.
Specification