Secure server utilizing separate protocol stacks

US 5,913,024 A
Filed: 02/09/1996
Issued: 06/15/1999
Est. Priority Date: 02/09/1996
Status: Expired due to Term

First Claim

Patent Images

1. A secure commerce server system, comprising:

a plurality of regions or burbs, including an internal burb and an external burb, wherein processes bound to one burb cannot communicate directly to processes and data objects bound to other burbs, and wherein the internal burb includes a first protocol stack and the external burb includes a second protocol stack separate from the first protocol stack;

a commerce server, wherein processes and data objects associated with the commerce server are bound to the external burb;

an administration server, wherein processes and data objects associated with the administration server are bound to the internal burb; and

means for restricting communication between the external burb and the administration server so that the administration server cannot be manipulated by a process bound to the external burb;

wherein the means for restricting communication include;

means for examining a message received by the administration server; and

means for routing the message up through the first protocol stack to a process bound to the first burb, transferring the message to a process bound to the second burb and routing the message down through the second protocol stack to the second network interface.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A secure commerce server system and method. A secure commerce server system includes a plurality of regions or burbs, including an internal burb and an external burb, a commerce server and an administration server. Processes and data objects associated with the administration server are bound to the internal burb. Processes and data objects associated with the commerce server are bound to the external burb. Processes bound to one burb cannot communicate directly to processes and data objects bound to other burbs. The administration server cannot be manipulated by a process bound to the external burb.

182 Citations

9 Claims

1. A secure commerce server system, comprising:
- a plurality of regions or burbs, including an internal burb and an external burb, wherein processes bound to one burb cannot communicate directly to processes and data objects bound to other burbs, and wherein the internal burb includes a first protocol stack and the external burb includes a second protocol stack separate from the first protocol stack;
  
  a commerce server, wherein processes and data objects associated with the commerce server are bound to the external burb;
  
  an administration server, wherein processes and data objects associated with the administration server are bound to the internal burb; and
  
  means for restricting communication between the external burb and the administration server so that the administration server cannot be manipulated by a process bound to the external burb;
  
  wherein the means for restricting communication include;
  
  means for examining a message received by the administration server; and
  
  means for routing the message up through the first protocol stack to a process bound to the first burb, transferring the message to a process bound to the second burb and routing the message down through the second protocol stack to the second network interface.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The commerce server system according to claim 1 wherein the administration server includes means for reading and writing a configuration file used to configure the commerce server.
  - 3. The commerce server system according to claim 1 wherein the administration server includes means for starting and stopping the commerce server.
  - 4. The commerce server system according to claim 1 wherein the commerce server system further includes a CGI processor for executing CGI scripts, wherein the plurality of burbs further includes a cgix burb and wherein the CGI processor is bound to the cgix burb and all CGI scripts are restricted to operating within said cgix burb.
  - 5. The commerce server system according to claim 1 wherein the means for restricting communication includes means for enforcing a type enforcement mechanism to restrict communication between burbs.

6. A method of conducting electronic commerce over a plurality of networks, including an external network and an internal network, wherein the internal network includes an administration server, the method comprising the steps of:
- connecting a network interface to each of the plurality of networks, wherein the step of connecting includes the steps of connecting a first network interface to the external network and a second network interface to the internal network;
  
  defining a plurality of burbs, wherein the plurality of burbs includes a first and a second burb, wherein the first burb includes a first protocol stack and the second burb includes a second protocol stack separate from the first protocol stack;
  
  assigning each of the network interfaces to one of the plurality of burbs, wherein more than one network interface can be assigned to a particular burb, wherein the step of assigning includes the steps of assigning the first network interface to the first burb and the second network interface to the second burb;
  
  binding processes to burbs;
  
  receiving an electronic commerce request from the external network; and
  
  transferring the electronic commerce request to the administration server, wherein the step of transferring includes the steps of;
  
  routing the electronic commerce request up through the first protocol stack to a process bound to the first burb;
  
  sending the electronic commerce request to a process bound to the second burb; and
  
  routing the message down through the second protocol stack to the second network interface.
- View Dependent Claims (7, 8, 9)
- - 7. The method according to claim 6, wherein the step of binding processes to burbs includes the steps of:
    - preventing a process from accessing burbs other than the burb to which the process is bound;
      
      limiting transfer of incoming packets such that incoming packets can only go to processes bound to the burb associated with the network interface the packet arrived on;
      
      defining a proxy; and
      
      ensuring that data passing from the first network interface to the second network interface must pass through the proxy before moving from the first burb to the second burb.
  - 8. The method according to claim 6, wherein each burb has its own routing table and wherein the step of sending the electronic commerce request to a process bound to the second burb includes the step of examining an incoming packet to determine if its destination is an address in the first burb'"'"'s routing table.
  - 9. The method according to claim 6, wherein the step of binding processes to burbs includes the steps of:
    - defining a plurality of types;
      
      assigning each data object to one of the plurality of types, wherein the step of assigning data objects includes defining type enforcement rules for accesses by processes to said data objects; and
      
      applying a type enforcement check of accesses by processes to data objects.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
McAfee, LLC
Original Assignee
Secure Computing Corporation (McAfee, LLC)
Inventors
Green, Michael W., Jensen, Andrew W.
Primary Examiner(s)
Beausoliel, Jr., Robert W.
Assistant Examiner(s)
WRIGHT, NORMAN M

Application Number

US08/605,320
Time in Patent Office

1,222 Days
Field of Search

395/186, 395/187.01
US Class Current

726/3
CPC Class Codes

G06F 9/468   Specific access rights for ...

G06Q 20/40   Authorisation, e.g. identif...

H04L 41/28   Restricting access to netwo...

H04L 63/0227   Filtering policies mail mes...

H04L 63/0281   Proxies

H04L 63/10   for controlling access to d...

H04L 67/02   based on web technology, e....

H04L 69/16   Implementation or adaptatio...

H04L 69/161   Implementation details of T...

H04L 69/162   involving adaptations of so...

H04L 69/329   in the application layer [O...

H04L 9/40   Network security protocols

Secure server utilizing separate protocol stacks

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

182 Citations

9 Claims

Specification

Use Cases

Quick Links

Others

Secure server utilizing separate protocol stacks

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

182 Citations

9 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others