SYSTEM AND METHOD FOR ROUTING-BASED INTERNET SECURITY
First Claim
1. A method for improving the security of transferring a message including a succession of message elements from a sender location to a recipient location over multiple paths in the Internet using a plurality of intermediate servers, wherein the sender location, the recipient location and the servers are each associated with an IP (Internet Protocol) address for being addressable in the Internet, the method comprising:
- (a) partitioning the message into a plurality of message slices, each message slice containing at least one of the message elements;
(b) assigning to one or more of said message slices the address of a selected intermediate server; and
(c) sending the one or more of said message slices together with the IP address of the recipient location to the intermediate server to which the message slice is assigned.
1 Assignment
0 Petitions
Accused Products
Abstract
Method and system for improving the security of storing digital data in a memory or its delivery as a message over the Internet from a sender to a receiver using one or more hops is disclosed. The message is split at the sender into multiple overlapping or non-overlapping slices according to a slicing scheme, and the slices are encapsulated in packets each destined to a different relay server as an intermediate node according to a delivery scheme. The relay servers relay the received slices to another other relay server or to the receiver. Upon receiving all the packets containing all the slices, the receiver combines the slices reversing the slicing scheme, whereby reconstructing the message sent.
391 Citations
212 Claims
-
1. A method for improving the security of transferring a message including a succession of message elements from a sender location to a recipient location over multiple paths in the Internet using a plurality of intermediate servers, wherein the sender location, the recipient location and the servers are each associated with an IP (Internet Protocol) address for being addressable in the Internet, the method comprising:
-
(a) partitioning the message into a plurality of message slices, each message slice containing at least one of the message elements; (b) assigning to one or more of said message slices the address of a selected intermediate server; and (c) sending the one or more of said message slices together with the IP address of the recipient location to the intermediate server to which the message slice is assigned. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87, 88, 89, 90, 91, 92, 93, 94, 95, 96, 97, 98)
-
-
99. A method for improving the security of transferring a message composed of a succession of message elements from a sender to a recipient, the message is partitioned into multiple message slices each including one or more message elements and carried over a distinct path in the Internet, the sender, the recipient and the servers are each associated with an IP (Internet Protocol) address for being addressable in the Internet, the method [executed by the recipient] comprising the steps of:
-
(a) receiving packets including said message slices; (b) identifying the message slices received in the packets; (c) determining that all message slices were received; and (d) reconstructing at least part of the message [before the partitioning].
-
-
100. An apparatus for connecting to a processor and to a location-addressable memory having an address space, the memory is connectable to the processor via a bus of a first type, the apparatus comprising:
-
a first port couplable to a first bus of said first type for connecting to said processor; a first interface coupled to said first port for receiving a first address word in said address space from said processor; a second port couplable to a second bus for connecting to said memory; a second interface coupled to said second port for transmitting a second address word in said address space to said memory; and a scrambler coupled between said first and second interfaces for converting said first address word to said second address word distinct from said first address word. - View Dependent Claims (101, 102, 103, 104, 105, 106, 107, 108, 109, 110, 111, 112, 113, 114, 115, 116, 117, 118, 119, 120, 121, 122, 123, 124, 125, 126, 127, 128, 129, 130, 131, 132, 133, 134, 135, 136, 137, 138, 139, 140, 141, 142, 143, 144, 145, 146, 147, 148, 149, 150, 151, 152, 153, 154, 155, 156, 157, 158, 159, 160, 161, 162, 163, 164, 165, 166, 167, 168, 169, 170, 171, 172, 173, 174, 175, 176, 177, 178, 179, 180, 181, 182, 183, 184, 185, 186, 187, 188, 189, 190, 191, 192, 193, 194, 195, 196, 197, 198, 199, 200, 201, 202, 203)
-
-
204. An apparatus for connecting to a processor and to a location-addressable memory capable of storing data words in an address space, the memory is connectable to the processor via a bus of a first type, the apparatus comprising:
-
a first port connectable to a first bus of said first type; a first interface coupled to said first port for receiving a first data word associated with an address in said address space; a second port connectable to a second bus; a second interface coupled to said second port for transmitting a second data word associated with said address; and a scrambler connected between said first and second interfaces for converting said first data word to said second data word distinct from said first data word; wherein one of said first and second buses is connectable to a processor and the other is connectable to a memory.
-
-
205. A method for relaying a message from a sender to a recipient, the sender and the recipient are each associated with an IP (Internet Protocol) address for being addressable in the Internet, the method [executed by an intermediate server] comprising the steps of:
-
receiving a packet from the sender, the packet includes as a payload the message and the recipient IP address; extracting and identifying the message, the sender IP address and the recipient IP address from the received packet; and sending the message together with the sender IP address to the recipient or to an intermediate server. - View Dependent Claims (206, 207, 208, 209, 210, 211, 212)
-
Specification