Communications Systems Firewall
First Claim
1. A method of providing communications network security, the method comprising the steps of:
- receiving a series of one or more protocol transmission units;
forwarding only protocol transmission units which are invalid with respect to the definition of the protocol.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods, apparatus, programs and signals for providing communications network security. The approach is based on using established “standard” protocols, but packets (or cells or frames) are deliberately malformed by the sender, optionally according to a predetermined rule (for example by inverting a packet check digit). A filter forwards only packets identified as being invalid, optionally in accordance with the rule; packets which are valid with respect to the “standard” protocol are dropped. The filter is preferably implemented in hardware to mitigate the risk of its being compromised by a malicious attack.
-
Citations
20 Claims
-
1. A method of providing communications network security, the method comprising the steps of:
-
receiving a series of one or more protocol transmission units; forwarding only protocol transmission units which are invalid with respect to the definition of the protocol. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A communications system comprising:
a filter arranged to receive a series of one or more protocol transmission units and to forward only those protocol transmission units which are invalid with respect to the definition of the protocol. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
15. A program for a computer, the program comprising code portions arranged to:
-
receive a series of one or more protocol transmission units; forward only protocol transmission units which are invalid with respect to the definition of the protocol. - View Dependent Claims (16)
-
-
17. A signal for transmission over a communications network, the signal comprising:
a series of one or more protocol transmission units, the series comprising predominantly protocol transmission units which are invalid with respect to the definition of the protocol. - View Dependent Claims (18)
-
19. A compound signal for transmission over a communications network, the signal comprising:
-
an input signal comprising a series of one or more protocol transmission units, the series comprising predominantly protocol transmission units which are invalid with respect to the definition of the protocol; an output signal comprising a series of protocol transmission units, the series consisting of those protocol transmission units in the first input signal which are invalid. - View Dependent Claims (20)
-
Specification