Method and apparatus for secure data packet bus communication
First Claim
1. A method for providing secure data communication, the method comprising the steps of:
- providing a communication channel;
providing a plurality of ports on said communication channel;
providing a plurality of users, each of said users being connected to one of said plurality of ports and communicating between each other through said plurality of ports and over said communication channel;
transmitting a data packet over said communication channel from one port to another port for said communicating, the data packet being transmitted with a destination address;
providing a security module connected to said communication channel and to said plurality of ports;
said security module reading the contents of the data packet;
said security module retrieving previously stored information regarding eligibility of said plurality of ports to receive the data packet;
said security module sending an security message to said plurality of ports, said security message indicating a group of said plurality of ports eligible to receive the data packet;
each of said plurality of ports reading said security message;
said each of said plurality of ports comparing said security message with a plurality of ID codes of said respective port, and determining if said respective port is one of said eligible ports indicated by said security message;
said respective port blocking the data packet from reaching a respective connected user if said respective port is not one of said eligible ports;
said respective port passing the data packet to said respective connected user if said respective port is one of said eligible ports.
7 Assignments
0 Petitions
Accused Products
Abstract
A method and system for secured data communication where a plurality of users communicate through ports on a common communication channel. The users communicate by transmitting and receiving data packets. The data packets are transmitted with a variety of fields of information, including but not limited to a destination address, a source address and a source port ID. A security module is connected to the common communication channel and reads the data packet contents and the source port ID. The security module then checks this information to see if the data packet is eligible to be transmitted on the common communication channel and to check which ports are eligible to receive the data packet. If the data packet is not eligible to be transmitted on the common communication channel, the security module destroys the data packet. The security module also sends out a security message on a security channel indicating which ports are eligible to receive the data packet. Each port reads the security message on the security channel and either passes the data packet to the respective user or blocks the data packet if the port is not one of the eligible ports.
-
Citations
10 Claims
-
1. A method for providing secure data communication, the method comprising the steps of:
-
providing a communication channel; providing a plurality of ports on said communication channel; providing a plurality of users, each of said users being connected to one of said plurality of ports and communicating between each other through said plurality of ports and over said communication channel; transmitting a data packet over said communication channel from one port to another port for said communicating, the data packet being transmitted with a destination address; providing a security module connected to said communication channel and to said plurality of ports; said security module reading the contents of the data packet; said security module retrieving previously stored information regarding eligibility of said plurality of ports to receive the data packet; said security module sending an security message to said plurality of ports, said security message indicating a group of said plurality of ports eligible to receive the data packet; each of said plurality of ports reading said security message; said each of said plurality of ports comparing said security message with a plurality of ID codes of said respective port, and determining if said respective port is one of said eligible ports indicated by said security message; said respective port blocking the data packet from reaching a respective connected user if said respective port is not one of said eligible ports; said respective port passing the data packet to said respective connected user if said respective port is one of said eligible ports. - View Dependent Claims (2, 3, 4)
-
-
5. A method for providing secure data communication, the method comprising the steps of:
-
providing a communication channel; providing a plurality of ports on said communication channel; transmitting a data packet over said communication channel from one port to another port, the data packet being transmitted with a source port ID; providing a security module connected to said communication channel and to said plurality of ports; said security module reading the data packet and said source port ID of the data packet; said security module retrieving previously stored information regarding eligibility of said source port ID and the data packet to transmit over said communication channel; said security module destroying the data packet if one of the data packet and said source port ID are not eligible to transmit onto said communication channel. - View Dependent Claims (6, 7, 8)
-
-
9. A system for providing secure data communication to a plurality of users, the apparatus comprising:
-
a communication channel; a plurality of users transmitting and receiving data packets over said communication channel, a data packet being transmitted with a source address, a destination address and a source port ID; a plurality of port means connected to said plurality of users and said communication channel, said plurality of port means being for communication between the users through said plurality of port means and over said communication channel; a security module connected to said communication channel and including security processor means for reading said source port ID and said data packet, said security processor means retrieving previously stored information regarding eligibility of said source port ID and said data packet to transmit over said communication channel, said security processor means destroying said data packet if one of said data packet and said source port ID are not eligible to transmit onto said communication channel, said security processor means also retrieving previously stored information regarding eligibility of said plurality of port means to receive said data packet, said security processor means generating an security message indicating a group of said plurality of ports eligible to receive the data packet; security channel means connected to said security processor means and for conveying said security message from said security processor means to said plurality of port means; port processor means contained in each of said plurality of port means and for reading said security message, comparing said security message with a port ID of a respective port, and determining if said respective port is one of said eligible ports indicated by said security message, said port processor means blocking said data packet from reaching a respective connected user if said respective port is not one of said eligible ports, said port processor means passing said data packet to said respective connected user if said respective port is one of said eligible ports. - View Dependent Claims (10)
-
Specification