System and method of communicating between trusted and untrusted computer systems
First Claim
Patent Images
1. A composite computer network, comprising:
- a trusted computer network having internal secure administrative control and access for users connected to said trusted computer network;
an untrusted computer network having internal unsecure administrative control and access for users connected to said untrusted computer network; and
a plurality of firewall systems for providing controlled access between said trusted computer network and said untrusted computer network where a first firewall system is connected to said trusted computer network and a second firewall system is connected to said untrusted computer network, said plurality of firewall systems each including a secure application layer bridge which establishes a transparent connection across the plurality of firewall systems to automatically validate communication between said untrusted computer network and said trusted computer network once validation with one firewall system is accomplished.
6 Assignments
0 Petitions
Accused Products
Abstract
A computer network comprising a trusted computer network (16), and an untrusted computer network (17). A plurality of firewall systems (21) provide controlled access between the trusted computer network and the first untrusted computer network. An Application layer bridge (22) establishes a transparent virtual circuit across the plurality of firewalls (21).
150 Citations
3 Claims
-
1. A composite computer network, comprising:
-
a trusted computer network having internal secure administrative control and access for users connected to said trusted computer network; an untrusted computer network having internal unsecure administrative control and access for users connected to said untrusted computer network; and a plurality of firewall systems for providing controlled access between said trusted computer network and said untrusted computer network where a first firewall system is connected to said trusted computer network and a second firewall system is connected to said untrusted computer network, said plurality of firewall systems each including a secure application layer bridge which establishes a transparent connection across the plurality of firewall systems to automatically validate communication between said untrusted computer network and said trusted computer network once validation with one firewall system is accomplished.
-
-
2. A method for network communication, comprising the steps of:
-
providing a first trusted computer network having internal secure administrative control and access for users connected to the first trusted computer network; providing an untrusted computer network having internal unsecure administrative control and access for users connected to the untrusted computer network; controlling access between the first trusted computer network and the untrusted computer network with a plurality of firewall systems where a first firewall system is connected to the first trusted computer network and a second firewall system is connected to the untrusted computer network and the first firewall system is connected to the second firewall system through a second trusted computer network; and establishing a transparent connection across the plurality of firewall systems with a secure application layer bridge within each firewall system that automatically validates communication between the untrusted computer network and the first trusted computer network once validation with one firewall system is accomplished.
-
-
3. A composite computer network, comprising:
-
a first trusted computer network having internal secure administrative control and access for users connected to said first trusted computer network; an untrusted computer network having internal unsecure administrative control and access for users connected to said untrusted computer network; a first firewall system coupled to said first trusted computer network and including a first secure application layer bridge; a second firewall system coupled to said untrusted computer network and including a second secure application layer bridge; and a second trusted computer network coupled to said first and second firewall systems to provide a communication link between said first trusted computer system and said untrusted computer system through said first and second firewall systems, said communication link being automatically validated through said first secure application layer bridge once validation with said second secure application layer bridge is accomplished.
-
Specification