System for providing secure internetwork by connecting type enforcing secure computers to external network for limiting access to data based on user and process access rights
First Claim
1. A system for secure internetwork communication across an external network, the system comprising:
- first and second internal networks;
first and second secure computers connected to the external network, wherein said first and second secure computers are type enforcing secure computers capable of recognizing data of varying sensitivity and of limiting access to data based on both user access rights and process access rights and wherein the first and second secure computers include;
an internal network interface; and
an external network interface for secure transfer of data from the first secure computer to the second secure computer over the external network, wherein the external network interface includes means for encrypting data to be transferred from the first secure computer to the second secure computer;
a first computing system, wherein the first computing system includes a first client subsystem connected over the first internal network to the internal network interface of the first secure computer, wherein the first client subsystem includes means for secure transfer of data between the first computing system and the first secure computer; and
a second computing system, wherein the second computing system includes a second client subsystem connected over the second internal network to the internal network interface of the second secure computer, wherein the second client subsystem includes means for secure transfer of data between the second computing system and the second secure computer.
7 Assignments
0 Petitions
Accused Products
Abstract
A system and method for the secure transfer of data between a workstation connected to a private network and a remote computer connected to an unsecured network. A secure computer is inserted into the private network to serve as the gateway to the unsecured network and a client subsystem is added to the workstation in order to control the transfer of data from the workstation to the secure computer. The secure computer includes a private network interface connected to the private network, an unsecured network interface connected to the unsecured network, wherein the unsecured network interface includes means for encrypting data to be transferred from the first workstation to the remote computer, a server function for transferring data between the private network interface and the unsecured network interface and a filter function for filtering data transferred between the remote computer and the workstation.
699 Citations
21 Claims
-
1. A system for secure internetwork communication across an external network, the system comprising:
-
first and second internal networks; first and second secure computers connected to the external network, wherein said first and second secure computers are type enforcing secure computers capable of recognizing data of varying sensitivity and of limiting access to data based on both user access rights and process access rights and wherein the first and second secure computers include; an internal network interface; and an external network interface for secure transfer of data from the first secure computer to the second secure computer over the external network, wherein the external network interface includes means for encrypting data to be transferred from the first secure computer to the second secure computer; a first computing system, wherein the first computing system includes a first client subsystem connected over the first internal network to the internal network interface of the first secure computer, wherein the first client subsystem includes means for secure transfer of data between the first computing system and the first secure computer; and a second computing system, wherein the second computing system includes a second client subsystem connected over the second internal network to the internal network interface of the second secure computer, wherein the second client subsystem includes means for secure transfer of data between the second computing system and the second secure computer. - View Dependent Claims (2)
-
-
3. A secure computing system, comprising:
-
an internal network; an external network; first and second secure computers connected across the external network, wherein the first and second secure computers comprise encryption means for encrypting and decrypting data transferred between said first and second secure computers and wherein the first secure computer further comprises means for establishing an assured pipeline between processes operating on said internal network and processes operating on said external network; and a workstation connected across the internal network to said first secure computer, wherein the workstation includes means for encrypting and decrypting data transferred between said workstation and said first secure computer. - View Dependent Claims (4, 5, 6)
-
-
7. A method of transferring data between a first and a second network connected by an external network, wherein the first network comprises a first workstation connected to a first secure computer server and wherein the second network comprises a second workstation connected to a second secure computer server, wherein each secure computer server comprises a trusted subsystem, first encryption means for encrypting and decrypting data transferred between the secure computer server and its respective workstation and second encryption means for encrypting and decrypting data transferred between the secure computer server and the external network, the method comprising the steps of:
-
establishing an authenticated and protected interaction between the first workstation and the first secure computer server; establishing an assured pipeline between processes operating on said first network and processes operating on said external network; sending data from the first workstation to the first secure computer server; passing the data received from the first workstation through the assured pipeline; selecting an authentication and protection mechanism for interaction on the external network; encrypting, via the second encryption means of the first secure computer server, the data received from the first workstation through the assured pipeline; and sending the encrypted data over the external network to the second secure computer server.
-
-
8. A secure server, comprising:
-
a processor; an internal network interface, connected to the processor for communicating on an internal network; and an external network interface, connected to the processor for communicating on an external network; wherein the processor includes server program code for transferring data between the internal and external network interfaces via an assured pipeline and security policy program code for enforcing a Type Enforcement security mechanism to restrict access of a process received from the external network to data stored on the internal network. - View Dependent Claims (9, 10, 11)
-
-
12. A secure server for use in controlling access to data stored within an internal network, comprising:
-
administrative and operational kernels, wherein the operational kernel includes security policy program code for enforcing a Type Enforcement security mechanism to restrict access of a process received from the external network to data stored on the internal network; and wherein the administrative kernel is restricted to execution only while isolated from the internal network.
-
-
13. A secure wide-area access system, comprising:
-
a secure computer; an internal network; and a workstation connected across the internal network to the secure computer; wherein the secure computer comprises an internal network interface, a public network interface, public network program code used to communicate through the public network interface to a public network, private network program code used to communicate through the internal network interface to the workstation and security policy program code for enforcing a Type Enforcement security mechanism to restrict access of a process to data. - View Dependent Claims (14, 15)
-
-
16. A method of protecting a computer system connected to an unsecured external network, wherein the computer system includes a plurality of workstations connected to a private network, the method comprising the steps of:
-
providing a secure computer, wherein the secure computer comprises security policy program code for enforcing a Type Enforcement security mechanism to restrict access of a process to data; connecting the Type Enforcement based secure computer to the private network; and establishing an assured pipeline for the transfer of data and programs between the private network and the external network through the secure computer, wherein the step of establishing an assured pipeline includes the steps of; i) placing processes within domains, wherein the step of placing processes within domains includes the step of assigning processes received from the external network to an external domain; ii) assigning types to files; and iii) restricting access by processes within the external domain to certain file types. - View Dependent Claims (17)
-
-
18. A system for transferring data between a workstation connected to an internal network and a remote computer connected to an external network, the system comprising:
-
a secure computer, wherein the secure computer includes; an internal network interface connected to the internal network; and an external network interface connected to the external network, wherein the external network interface includes means for encrypting data to be transferred from the workstation to the remote computer; means for establishing an assured pipeline between said internal network interface and said external network interface; a server function for transferring data between the internal network interface and the external network interface, wherein the server function includes means for establishing an assured pipeline between said internal network interface and said external network interface; and filter means for filtering data transferred between the remote computer and the workstation. - View Dependent Claims (19, 20, 21)
-
Specification