Methods and apparatus for physical layer security of a network communications link

US 20070240213A1
Filed: 03/15/2006
Published: 10/11/2007
Est. Priority Date: 03/15/2006
Status: Active Grant

First Claim

Patent Images

1. A method of operating a communications port of a network communications device, comprising:

maintaining capability information indicating that under normal operating conditions a communications link coupled to the communications port is capable of operating in a secure mode in which communications signals of the communications link are unintelligible to an intruder having an unauthorized physical connection to the communications link;

detecting occurrence of a link event of a type that can invoke an automatic communications-mode control mechanism to change the operating of the communications link to a non-secure mode in which communications signals of the communications link are intelligible to such an intruder; and

based on the capability information, responding to the detected occurrence of the link event by preventing the automatic communications mode control mechanism from changing the operating of the communications link to the non-secure mode.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A communications port of a network communications device maintains capability information indicating that under normal operating conditions a communications link is capable of operating in a secure mode in which communications signals of the communications link are unintelligible to an intruder having an unauthorized physical connection (e.g. tap) to the communications link. During operation, the port detects occurrence of a link event of a type that can invoke an automatic communications-mode control mechanism to change the operating of the communications link to a non-secure mode in which communications signals of the communications link are intelligible to such an intruder. An example is Ethernet auto-negotiation which can change from relatively secure 1000BaseT signaling to relatively non-secure 10/100BaseT signaling. Based on the capability information, the port responds to the link event by preventing the automatic communications mode control mechanism from changing the operating of the communications link to the non-secure mode.

Citations

44 Claims

1. A method of operating a communications port of a network communications device, comprising:
- maintaining capability information indicating that under normal operating conditions a communications link coupled to the communications port is capable of operating in a secure mode in which communications signals of the communications link are unintelligible to an intruder having an unauthorized physical connection to the communications link;
  
  detecting occurrence of a link event of a type that can invoke an automatic communications-mode control mechanism to change the operating of the communications link to a non-secure mode in which communications signals of the communications link are intelligible to such an intruder; and
  
  based on the capability information, responding to the detected occurrence of the link event by preventing the automatic communications mode control mechanism from changing the operating of the communications link to the non-secure mode.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 2. A method according to claim 1, wherein the secure mode includes simultaneous transmission on the communications link by the communications port and an end device coupled to the communications link such that the communications signals of the communications link represent an electrical summation of respective signals transmitted by the communications port and the end device, and further comprising performing an echo cancellation at the communications port to subtract the signal transmitted by the communications port from the communications signals of the communications link and thereby recover data transmitted by the end device.
  - 3. A method according to claim 2, wherein the communications link comprises a number of twisted pairs and transmission on the communications link comprises (1) demultiplexing a single data signal into the number of partial data signals and (2) transmitting each partial data signal over a corresponding one of the twisted pairs.
  - 4. A method according to claim 3, wherein the non-secure mode includes transmission by the communications port and the end device on only respective mutually exclusive ones of the twisted pairs.
  - 5. A method according to claim 4, wherein at least one of the twisted pairs is unused for transmission in the non-secure mode but used for transmission in the secure mode, and wherein the link event includes the occurrence of a fault on the at least one of the twisted pairs.
  - 6. A method according to claim 1, wherein the communications port is explicitly identified as a secure port of the network communications device by one of (setting personality information, having a secure class of end device attached to the communications link, and having an end device attached to the communications link explicitly identify itself as secure).
  - 7. A method according to claim 1, wherein the link event is selected from the group consisting of:
    - (link down, link data errors, and drop in amplitude of the communications signals).
  - 8. A method according to claim 1, wherein the link event includes the detection of potential changes to the link as reported by time-domain reflectometry.
  - 9. A method according to claim 1, wherein the communications port includes power circuitry operative to supply power to an end device attached to the communications link, and wherein the link event is selected from the group consisting of:
    - (a mismatch between an amount of power supplied to communications link by the power circuitry and an amount of power known to be drawn by the end device, and a sudden drop in an amount of power being supplied by power circuitry).
  - 10. A method according to claim 1, further including reporting the link event to a system manager responsible for determining whether the link event occurred due to activity of such an intruder, and wherein preventing the automatic communications mode control mechanism from changing the operating of the communications link to the non-secure mode can be overridden by the system manager.
  - 11. A method according to claim 1, further comprising responding to the detected occurrence of the link event by permitting only limited use of the communications link in a manner relatively insensitive to the security risk presented by such an intruder.
  - 12. A method according to claim 11, wherein the limited use includes use for emergency-related purposes.
  - 13. A method according to claim 1, wherein the automatic communications-mode control mechanism comprises an auto-negotiation process conducted between the communications port and an end device coupled to the communications link, the auto-negotiation process being conducted in a secure mode to impede the detection of the content of the auto-negotiation process.
  - 14. A method according to claim 13, wherein standard auto-negotiation pulses are employed to serve as energy indicators indicating the presence of the powered device, and non-standard signals are employed to serve as link negotiators to force operation of the communications link in the secure mode.
  - 15. A method according to claim 1, wherein one of (inline power detection and classification identification networks, and single pair identity networks discovered using time-domain reflectometry), are operative to enable the bypassing of the automatic communications-mode control mechanism completely and force operation of the communications link in the secure mode.
  - 16. A method according to claim 1, further comprising responding to the detected occurrence of the link event by supplying the communications link with fictitious data to fool such an intruder into thinking that the intrusion attempt is successful.

17. A method of operating a powered communications port of a network communications device, comprising:
- monitoring an actual amount of power delivered to a powered device via a communications link connected to the powered communications port;
  
  maintaining information specifying an expected amount of power expected to be provided to the powered device via the communications link;
  
  comparing the actual and expected amounts of power to determine whether there is a discrepancy indicating that an intruder may have established a power-draining unauthorized physical connection to the communications link; and
  
  upon determining that there is such a discrepancy between the actual and expected amounts of power, initiating a security action to protect the communications link from unauthorized use by such an intruder.
- View Dependent Claims (18, 19, 20, 21, 22)
- - 18. A method according to claim 17, wherein maintaining information comprises maintaining a current profile describing a pattern of use of power by the powered device.
  - 19. A method according to claim 18, wherein the current profile is maintained by the network communications device independently of the attachment of the powered device.
  - 20. A method according to claim 18, wherein the current profile is communicated to the network communications device by the powered device.
  - 21. A method according to claim 17 wherein the security action includes requiring that the powered device identify a cause for a change in an amount of power required by the powered device within a predetermined interval.
  - 22. A method according to claim 17 wherein the powered device is only permitted to exchange data with the network communications device if the powered communications port is supplying operating power to the powered device.

23. A communications port of a network communications device, comprising:
- a memory operative to maintain capability information indicating that under normal operating conditions a communications link coupled to the communications port is capable of operating in a secure mode in which communications signals of the communications link are unintelligible to an intruder having an unauthorized physical connection to the communications link; and
  
  control circuitry and specialized physical-layer (PHY) circuitry co-operative (1) to detect occurrence of a link event of a type that can invoke an automatic communications-mode control mechanism to change the operating of the communications link to a non-secure mode in which communications signals of the communications link are intelligible to such an intruder, and (2) based on the capability information, to respond to the detected occurrence of the link event by preventing the automatic communications mode control mechanism from changing the operating of the communications link to the non-secure mode.
- View Dependent Claims (24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38)
- - 24. A communications port according to claim 23, wherein the secure mode includes simultaneous transmission on the communications link by the communications port and an end device coupled to the communications link such that the communications signals of the communications link represent an electrical summation of respective signals transmitted by the communications port and the end device, and further comprising performing an echo cancellation at the communications port to subtract the signal transmitted by the communications port from the communications signals of the communications link and thereby recover data transmitted by the end device.
  - 25. A communications port according to claim 24, wherein the communications link comprises a number of twisted pairs, and further comprising (1) a demultiplexer operative to demultiplex a single data signal into the number of partial data signals and (2) drivers operative to transmit respective ones of the partial data signals over corresponding ones of the twisted pairs.
  - 26. A communications port according to claim 25, wherein the non-secure mode includes transmission by the communications port and the end device on only respective mutually exclusive ones of the twisted pairs.
  - 27. A communications port according to claim 26, wherein at least one of the twisted pairs is unused for transmission in the non-secure mode but used for transmission in the secure mode, and wherein the link event includes the occurrence of a fault on the at least one twisted pairs.
  - 28. A communications port according to claim 23, wherein the communications port is explicitly identified as a secure port of the network communications device by one of (setting personality information, having a secure class of end device attached to the communications link, and having an end device attached to the communications link explicitly identify itself as secure.
  - 29. A communications port according to claim 23, wherein the link event is selected from the group consisting of:
    - (link down, link data errors, and drop in amplitude of the communications signals).
  - 30. A communications port according to claim 23, wherein the link event includes the detection of potential changes to the link as reported by time-domain reflectometry.
  - 31. A communications port according to claim 23, further comprising power circuitry operative to supply power to an end device attached to the communications link, and wherein the link event is selected from the group consisting of:
    - (a mismatch between an amount of power supplied to communications link by the power circuitry and an amount of power known to be drawn by the end device, and a sudden drop in an amount of power being supplied by power circuitry).
  - 32. A communications port according to claim 23, wherein the control circuitry is further operative to report the link event to a system manager responsible for determining whether the link event occurred due to activity of such an intruder, and wherein preventing the automatic communications mode control mechanism from changing the operating of the communications link to the non-secure mode can be overridden by the system manager.
  - 33. A communications port according to claim 23, wherein the control circuitry is further operative to respond to the detected occurrence of the link event by permitting only limited use of the communications link in a manner relatively insensitive to the security risk presented by such an intruder.
  - 34. A communications port according to claim 23, wherein the limited use includes use for emergency-related purposes.
  - 35. A communications port according to claim 23, wherein the automatic communications-mode control mechanism comprises an auto-negotiation process conducted between the communications port and an end device coupled to the communications link, the auto-negotiation process being conducted in a secure mode to impede the detection of the content of the auto-negotiation process.
  - 36. A communications port according to claim 35, wherein standard auto-negotiation pulses are employed to serve as energy indicators indicating the presence of the powered device, and non-standard signals are employed to serve as link negotiators to force operation of the communications link in the secure mode.
  - 37. A communications port according to claim 23, wherein one of (inline power detection and classification identification networks, and single pair identity networks discovered using time-domain reflectometry), are operative to enable the bypassing of the automatic communications-mode control mechanism completely and force operation of the communications link in the secure mode.
  - 38. A communications port according to claim 23, further comprising responding to the detected occurrence of the link event by supplying the communications link with fictitious data to fool such an intruder into thinking that the intrusion attempt is successful.

39. A powered communications port of a network communications device, comprising:
- control circuitry; and
  
  specialized physical-layer (PHY) circuitry;
  
  the control circuitry and specialized physical-layer (PHY) circuitry being co-operative to;
  
  monitor an actual amount of power delivered to a powered device via a communications link connected to the powered communications port;
  
  maintain information specifying an expected amount of power expected to be provided to the powered device via the communications link;
  
  compare the actual and expected amounts of power to determine whether there is a discrepancy indicating that an intruder may have established a power-draining unauthorized physical connection to the communications link; and
  
  upon determining that there is such a discrepancy between the actual and expected amounts of power, initiate a security action to protect the communications link from unauthorized use by such an intruder.
- View Dependent Claims (40, 41, 42, 43, 44)
- - 40. A powered communications port according to claim 39, wherein maintaining information comprises maintaining a current profile describing a pattern of use of power by the powered device.
  - 41. A powered communications port according to claim 40, wherein the current profile is maintained by the network communications device independently of the attachment of the powered device.
  - 42. A powered communications port according to claim 40, wherein the current profile is communicated to the network communications device by the powered device.
  - 43. A powered communications port according to claim 39 wherein the security action includes requiring that the powered device identify a cause for a change in an amount of power required by the powered device within a predetermined interval.
  - 44. A powered communications port according to claim 39 wherein the powered device is only permitted to exchange data with the network communications device if the powered communications port is supplying operating power to the powered device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Original Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Inventors
Karam, Roger, Beliles, Robert

Granted Patent

US 7,752,672 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/22
CPC Class Codes

H04L 12/40   Bus networks

H04L 12/40136   Nodes adapting their rate t...

H04L 63/1441   Countermeasures against mal...

Methods and apparatus for physical layer security of a network communications link

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

44 Claims

Specification

Solutions

Use Cases

Quick Links

Methods and apparatus for physical layer security of a network communications link

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

44 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links