Mixed enclave operation in a computer network with multi-level network security
First Claim
1. A method for communicating on a network having a secured plurality of users utilizing multi-level network security devices, each multi-level network security device being operable in a first and second mode, respectively, and an unsecured plurality of users employing no network security devices, said method comprising the steps of:
- sending a communication from any first user;
intercepting said communication by a first multi-level network security device;
discarding said communication if said communication violates security parameters associated with said first multi-level network security device; and
,in said first mode, sending said communication from said first multi-level network security device to any second user; and
,in said second mode, encrypting said communication using said first multi-level network security device, sending said encrypted communication to a second multi-level network security device, decrypting said communication using said second multi-level network security device, and sending said decrypted communication from said second multi-level network security device to a third user selected from said secured plurality of users.
4 Assignments
0 Petitions
Accused Products
Abstract
A method is disclosed for mixed enclave operation of a computer network with users employing a multi-level network security interface and users without any network security interface. Either the network security user selects or the network security interface automatically selects whether communications are permissible with other unsecured users. Where a mixed enclave operation is selected, the network security user identifies when communications are being undertaken with another secured user or a non-secured user. Communications with a non-secured user at a lower security level entail securing the data residing with the secured user from transmission back to the non-secured user.
-
Citations
20 Claims
-
1. A method for communicating on a network having a secured plurality of users utilizing multi-level network security devices, each multi-level network security device being operable in a first and second mode, respectively, and an unsecured plurality of users employing no network security devices, said method comprising the steps of:
-
sending a communication from any first user; intercepting said communication by a first multi-level network security device; discarding said communication if said communication violates security parameters associated with said first multi-level network security device; and
,in said first mode, sending said communication from said first multi-level network security device to any second user; and
,in said second mode, encrypting said communication using said first multi-level network security device, sending said encrypted communication to a second multi-level network security device, decrypting said communication using said second multi-level network security device, and sending said decrypted communication from said second multi-level network security device to a third user selected from said secured plurality of users. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A method for mixed enclave communications over a network including both secured and unsecured users, said method comprising the steps of:
-
permitting communications over the network between one of said secured users and one of said unsecured users; discovering dynamically by said secured user whether a user initiating communications is one of said secured users or one of said unsecured users; and
,controlling passage of information between said one of said secured users and said one of said unsecured users for securing given information residing with said one of said secured users against transference to said one of said unsecured users when not permissible. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification