Enhanced security network time synchronization device and method
First Claim
1. A method of determining time in a host coupled to a network having one or more accurate time keepers comprising the steps of:
- requesting time from an external server via an entity operating in an external portion of a firewall system;
receiving a communication in the external portion of the firewall system from the external server containing an indication of time; and
adjusting a clock register based upon the indication of time received from the external server wherein the clock register may be read by entities operating in an internal portion of the firewall system which entities may not directly communicate with the entity operating in the external portion of the firewall system.
7 Assignments
0 Petitions
Accused Products
Abstract
An external portion or burb of a host computer receives messages from external servers representative of accurate time from one or more peer computers coupled by a network. A process called a client on the external burb processes the messages and then accurately sets a host computer clock. Processes called servers running on an internal burb which may not communicate directly with peers, then access the clock to obtain a correct indication of network time without having to communicate directly with the peer computers. The time is then provided to internal clients. This allows a host computer without an expensive clock to update its clock and enable it to provide accurate time to processes running on the host.
-
Citations
29 Claims
-
1. A method of determining time in a host coupled to a network having one or more accurate time keepers comprising the steps of:
-
requesting time from an external server via an entity operating in an external portion of a firewall system; receiving a communication in the external portion of the firewall system from the external server containing an indication of time; and adjusting a clock register based upon the indication of time received from the external server wherein the clock register may be read by entities operating in an internal portion of the firewall system which entities may not directly communicate with the entity operating in the external portion of the firewall system. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A storage medium having a computer program stored thereon for causing a suitably programmed host system to determine time from a network having one or more accurate time keepers, by performing the following steps when such program is executed on the system:
-
requesting time from an external server via the program operating in an external portion of a firewall in the system; receiving a communication in the external portion of the firewall system from the external server containing an indication of time; and adjusting a clock register based upon the indication of time received from the external server wherein the clock register may be read by entities operating in an internal portion of the firewall system which entities may not directly communicate with the program operating in the external portion of the firewall system. - View Dependent Claims (9, 10, 11, 12)
-
-
13. A method of determining time in a host coupled to a network having one or more accurate time keepers comprising the steps of:
-
periodically requesting time from plural external servers via an entity operating in an external portion of a firewall system; receiving communications in the external portion of the firewall system from the external servers containing an indication of time; validating the communications received; and adjusting a clock register based upon authenticated indications of time received from the external servers wherein the clock register may be read by entities operating in an internal portion of the firewall system which entities may not directly communicate with the entity operating in the external portion of the firewall system. - View Dependent Claims (14, 15)
-
-
16. A security system on a host computer coupled to an external network comprising:
-
an external portion that communicates with other systems coupled to the external network, at least one of which is capable of providing an indication of current time; a process running in the external portion of the host computer that requests time from another system coupled to the external network and receives such indications of current time; and said process adjusting a clock register based upon the indication of time received from the external server wherein the clock register may be read by entities operating in an internal portion of the firewall system which entities may not directly communicate with the process operating in the external portion of the firewall system. - View Dependent Claims (17, 18, 19, 20, 21, 22)
-
-
23. A security system in a host coupled to a network having one or more accurate time keepers, the security system comprising:
-
a processor; a memory coupled to the processor; an external burb; an internal burb; a daemon operating as a client in the external burb that periodically requests time from plural external servers; the daemon running from the memory on the processor that receives communications from the external servers containing a indications of time; the daemon validating the communications received; and the daemon adjusting a clock register based upon authenticated indications of time received from the external servers wherein the clock register may be read by entities operating in an internal burb of the security system which entities may not directly communicate with the daemon operating in the external portion of the firewall system.
-
-
24. A method of determining time in a host coupled to at least two distinct networks having one or more accurate time keepers comprising the steps of:
-
requesting time from a first server on a first network via an entity operating in a first portion of a firewall system; receiving a communication in the first portion of the firewall system from the first server containing an indication of time; and adjusting a clock register based upon the indication of time received from the first server wherein the clock register may be read by entities operating in a second portion of the firewall system coupled to a second distinct network, which entities may not directly communicate with the entity operating in the first portion of the firewall system. - View Dependent Claims (25, 26, 27, 28, 29)
-
Specification