DISTRIBUTED SECURITY ARCHITECTURE
First Claim
1. A distributed security architecture comprising:
- a mobile anti-tamper hardware policy enforcement point that is configured to control communication behaviors of a mobile client by enforcing communication policies within a policy decision point;
a mobile anti-tamper hardware policy decision point that is encapsulated within the mobile anti-tamper hardware policy enforcement point;
a policy exchange channel for policy distribution nodes which is configured to at least one of distribute and update communication and routing security policies to the mobile client;
a contextual manager that is configured to handle system-wide status change update signaling; and
a mobility authentication manager which is configured to provide mobile clients with registration and credential/role assignments based on mobile access policies;
wherein the distributed security architure is configured to provide discretionary open system inteconnection layer 3.5 policy-based secure routing, and discretionary open system inteconnection layer 2 policy-based mandatory access control address filtering to achieve secure communication and computing for layers 4, 5, 6, and 7.
1 Assignment
0 Petitions
Accused Products
Abstract
A distributed security architecture may include: a mobile anti-tamper hardware policy enforcement point configured to control communication behaviors of a mobile client by enforcing communication policies within a policy decision point; a mobile anti-tamper hardware policy decision point encapsulated within the mobile anti-tamper hardware policy enforcement point; a policy exchange channel for policy distribution modes configured to distribute and/or update communication and routing security policies to the mobile client; a contextual manager configured to handle system-wide status change update signaling; and a mobility authentication manager configured to provide mobile clients with registration and credential/role assignments based on mobile access policies. The distributed security architure may be configured to provide open system inteconnection layer 3.5 policy-based secure routing, and open system inteconnection layer 2 policy-based mandatory access control address filtering to provide secure communication and computing for layers 4, 5, 6, and 7.
-
Citations
14 Claims
-
1. A distributed security architecture comprising:
-
a mobile anti-tamper hardware policy enforcement point that is configured to control communication behaviors of a mobile client by enforcing communication policies within a policy decision point; a mobile anti-tamper hardware policy decision point that is encapsulated within the mobile anti-tamper hardware policy enforcement point; a policy exchange channel for policy distribution nodes which is configured to at least one of distribute and update communication and routing security policies to the mobile client; a contextual manager that is configured to handle system-wide status change update signaling; and a mobility authentication manager which is configured to provide mobile clients with registration and credential/role assignments based on mobile access policies; wherein the distributed security architure is configured to provide discretionary open system inteconnection layer 3.5 policy-based secure routing, and discretionary open system inteconnection layer 2 policy-based mandatory access control address filtering to achieve secure communication and computing for layers 4, 5, 6, and 7. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method of implementing policies to mobile clients comprising:
-
providing a secure mobile routing policy; providing a packet discrimination policy; and distributing the secure mobile routing policy and the packet discrimination policy to the mobile clients.
-
-
12. A method for creating a hardware and software combined solution comprising:
-
providing a hardware and software combined solution; providing open system interconnection layer processing; and implementing the open system interconnection layer processing into the hardware and software combined solution. - View Dependent Claims (13)
-
-
14. A method of defining a packet discrimination policy comprising:
-
providing specifications of packets that should be received by mobile clients; and using these packets received by the mobile clients to create a protocol session at an open system interconnection layer 4.
-
Specification