POLYMORPHIC ASSURED NETWORK

US 20120227091A1
Filed: 03/01/2012
Published: 09/06/2012
Est. Priority Date: 03/01/2011
Status: Abandoned Application

First Claim

Patent Images

1. A method for networked communications comprising:

pre-configuring a network communications path between two endpoints, the network communications path being suitable for communications between the two endpoints;

pre-configuring at least one different network communications path between the two endpoints, each of the at least one different network communication paths being suitable for communications between the two endpoints; and

periodically redirecting communications between the two endpoints from one of the network communications path and the at least one different network communications path to another of the network communications path and the at least one different network communications path.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Described herein are devices and techniques for implementing a polymorphic network adapted to change network path configurations among a number of pre-determined network path configurations in response to a perceived threat. Such perceived threats can include detection of an unknown process, or simply according to some schedule, or randomly to prevent or otherwise reduce susceptibility to such perceived threats. Multiple (e.g., redundant) network communications paths can be pre-configured between two endpoints. Network communications between the two endpoints can be periodically redirected, for example, in response to a perceived threat or according to one or more rules and/or a schedule to otherwise avoid a perceived threat. A system adapted to permit such pre-configuration of multiple network paths can include an access restrictor in communication with a network configuration controller to prohibit unauthorized pre-configuration of the network paths.

11 Citations

View as Search Results

16 Claims

1. A method for networked communications comprising:
- pre-configuring a network communications path between two endpoints, the network communications path being suitable for communications between the two endpoints;
  
  pre-configuring at least one different network communications path between the two endpoints, each of the at least one different network communication paths being suitable for communications between the two endpoints; and
  
  periodically redirecting communications between the two endpoints from one of the network communications path and the at least one different network communications path to another of the network communications path and the at least one different network communications path.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, wherein each of the network communications path and the at least one different network communications path is selected from a plurality of pre-authorized network communications paths.
  - 3. The method of claim 2, wherein generation of pre-authorized network communications paths comprises subjecting such network communications paths responsive to an authorization control feature.
  - 4. The method of claim 3, wherein the authorization control feature comprises orthogonal authentication.
  - 5. The method of claim 1, wherein the network communications path and the at least one different network communications path provide redundant network communications paths between the two endpoints.
  - 6. The method of claim 5, wherein the redundant network communications paths between the two endpoints encompass different intermediate network communications nodes.
  - 7. The method of claim 5, wherein at least one network communications node in each of the network communications path and the at least one different network communications path between the two endpoints comprises a respective state-maintaining node adapted to maintain state information for an active one of the network communications path and the at least one different network communications path.
  - 8. The method of claim 7, wherein state information is substantially continuously updated on more than one of the network communications path and the at least one different network communications path.
  - 9. The method of claim 1, wherein the act of redirecting communications comprises:
    - detecting appearance of a non pre-authorized process; and
      
      redirecting communications between the two endpoints from one of the network communications path and the at least one different network communications path to another of the network communications path and the at least one different network communications path responsive to detecting appearance of a non-pre-authorized process.

10. A network control system, comprising:
- a network pre-configuration controller in communication with a communications network and adapted to permit pre-configuration of a plurality of network paths between at least two endpoints;
  
  an access restrictor in communication with the network configuration controller and adapted to prohibit unauthorized pre-configuration of the plurality of network paths;
  
  an electronically accessible memory in communication with the network configuration controller storing the plurality of pre-configured network paths between at least two endpoints; and
  
  a network configuration controller in communication with the electronically accessible memory and adapted for configuring network communications between the at least two endpoints according to a pre-configured one of the plurality of network paths.
- View Dependent Claims (11, 12, 13, 14, 15, 16)
- - 11. The network control system of claim 10, wherein at least one of the network pre-configuration controller and the network configuration controller comprises a secure processor.
  - 12. The network control system of claim 10, wherein at least one of the network pre-configuration controller and the network configuration controller is collocated with one of the at least two endpoints.
  - 13. The network control system of claim 10, further comprising at least one respective state-maintaining node for each network path of the pre-configured plurality of network paths.
  - 14. The network control system of claim 13, further comprising communications path between each of the at least one respective state-maintaining nodes of each network path of the pre-configured plurality of network paths, whereby each of the at least one respective state-maintaining nodes comprises state information corresponding to an active network path of the pre-configured plurality of network paths.
  - 15. The network control system of claim 10, wherein the network pre-configuration controller comprises the network configuration controller.
  - 16. The network control system of claim 10, wherein the access restrictor comprises means for orthogonal authentication.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
ANGEL Secure Networks, Inc.
Original Assignee
ANGEL Secure Networks, Inc.
Inventors
Smith, Fred Hewitt

Application Number

US13/410,257
Publication Number

US 20120227091A1
Time in Patent Office

Days
Field of Search
US Class Current

726/4
CPC Class Codes

H04L 41/0663   Performing the actions pred...

H04L 45/24   Multipath

H04L 63/14   for detecting or protecting...

POLYMORPHIC ASSURED NETWORK

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

11 Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

POLYMORPHIC ASSURED NETWORK

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

11 Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links