Embedded security processor
First Claim
1. An apparatus comprising:
- a processor;
a first network interface for connecting a system to a first network;
a second network interface for connecting the system to a second network; and
an embedded security processor coupled to the processor, to the first network interface, and to the second network interface, the embedded security processor ensuring that communications between the first and second networks are secure; and
at least one control signal coupled to the processor and to the embedded security processor, the processor controlling the operation of the embedded security processor via the at least one control signal and disabling the embedded security processor via the at least one control signal when the processor detects at least one predetermined error condition.
1 Assignment
0 Petitions
Accused Products
Abstract
An embedded security processor is used in conjunction with a main processor to provide security for a computer system that is accessible via a computer network. In a preferred embodiment of the present invention, an expansion board is provided that has an embedded security processor dedicated to network communications security tasks. The embedded security processor is controlled by the main processor and intercepts all communications from external untrusted or unverified network systems (i.e., unsecure networks) and verifies that the attempted communication is permissible before allowing the external network communication traffic to access the main processor, or other networked computer resources accessible via a secure network.
424 Citations
38 Claims
-
1. An apparatus comprising:
-
a processor; a first network interface for connecting a system to a first network; a second network interface for connecting the system to a second network; and an embedded security processor coupled to the processor, to the first network interface, and to the second network interface, the embedded security processor ensuring that communications between the first and second networks are secure; and at least one control signal coupled to the processor and to the embedded security processor, the processor controlling the operation of the embedded security processor via the at least one control signal and disabling the embedded security processor via the at least one control signal when the processor detects at least one predetermined error condition. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A method for providing firewall protection between a first network and a second network, the method comprising the steps of:
-
initiating a connection on one of the first and second networks, the first and second networks being coupled to an apparatus, the apparatus including an embedded security processor coupled to the first network and to the second network, the embedded security processor coupled to a processor; and using the processor to disable the embedded security processor when the processor detects an unauthorized attempt by one of the first and second network to access the other network. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22)
-
-
23. A method for providing firewall protection between a first network and a second network, the method comprising the steps of:
-
initiating a connection on one of the first and second networks, the first and second networks being coupled to an apparatus, the apparatus including an embedded security processor coupled to the first network and to the second network, the embedded security processor coupled to a processor; and the embedded security processor ensuring that communications between the first network and the second network are secure providing at least one control signal to the processor and to the embedded security processor, the processor controlling the operation of the embedded security processor via the at least one control signal and disabling the embedded security processor via the at least one control signal when the processor detects at least one security-relevant condition. - View Dependent Claims (24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38)
-
Specification