Operational methods for a secure node in a computer network
First Claim
1. A method of operating a secure node in a computer network, said method comprising steps of:
- (a) performing a trusted process on said secure node, said trusted process associating security attributes with data provided thereby;
(b) establishing a security kernel for managing communications with other nodes on said network, said security kernel associating communication security attributes with network communication channels; and
(c) determining whether said trusted process data security attributes are compatible with said communication security attributes.
3 Assignments
0 Petitions
Accused Products
Abstract
A computer network (20) including secure nodes (26) and unsecured nodes (28). The secure nodes (26) may communicate private data without compromising security provisions. The secure nodes (26) include a security kernel (36) that implements communication security provisions and a trusted operating system (40) that imposes computer data security provisions. A trusted interface (44) is used to transfer data between the trusted operating system (40) and the security kernel (36). In addition, this interface (44) insures that computer security attributes are compatible with communication security attributes. If incompatibilities are discovered, requested communications are thwarted and audit records for the security linkage violations are recorded.
194 Citations
27 Claims
-
1. A method of operating a secure node in a computer network, said method comprising steps of:
-
(a) performing a trusted process on said secure node, said trusted process associating security attributes with data provided thereby; (b) establishing a security kernel for managing communications with other nodes on said network, said security kernel associating communication security attributes with network communication channels; and (c) determining whether said trusted process data security attributes are compatible with said communication security attributes. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A method of operating a computer network having unsecured communication links to remotely store secure mail data, said method comprising steps of:
-
(a) posting a security certificate from a destination node at a common node; (b) requesting to transmit mail data from a source node to said destination node via remote storage in a mail server node; (c) obtaining, at said source node in response to said requesting step, said security certificate from said common node; (d) encrypting said mail data in response to said security certificate to provide encrypted mail data; and (e) sending, after said step (d), said encrypted mail data to said mail server node for storage therein. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21)
-
-
22. A method of operating a secure node in a computer network, said method comprising steps of:
-
(a) running a trusted operating system which manages an application that transmits data away from said secure node, said trusted operating system associating data security attributes with said data; (b) establishing a security kernel for managing communication channels with other nodes on said network, said security kernel associating communication security attributes with said communication channels; (c) evaluating, in an interface between said trusted operating system and said security kernel, a request from said application to transmit said data to a destination entity; and (d) determining, in said interface, whether said data security attributes are compatible with said communication security attributes. - View Dependent Claims (23, 24, 25, 26, 27)
-
Specification