Communication network having packetized security codes and a system for detecting security breach locations within the network
DCFirst Claim
1. A communication network, comprising:
- at least one intermediate module linked between an entry module and an exit module;
wherein said entry module is coupled to assign and transfer a security code and an identification number to a packet of data, and wherein said entry module comprises;
a decoder;
a storage device configured with a set of bits;
an entry compare unit coupled between the decoder and the storage device for comparing the identification number with the set of bits to determine if the packet of data will be transferred to the communication network as a secured packet having the security code and the identification number within a header of the packet, and wherein the secured packet further includes a trailer that include;
a first grouping of bits reserved for a count number of the number of intermediate modules through which the secured packet traverses;
a second grouping of bits reserved for an identifying number of each intermediate module traversed; and
an exit compare unit within the exit module coupled to compare the security code and the identification number before transferring the packet of data from the communication network.
5 Assignments
Litigations
0 Petitions
Accused Products
Abstract
Architectures, systems, and methods are provided for securing and prioritizing packets of data sent through a communication network. Each packet is assigned a security code and priority code as it enters the network. The security code or priority code may remain the same or change as it travels from node-to-node across the network. By assigning security and priority codes to each packet, maximum bandwidth allocation can be achieved among the nodes in a packet-switched environment. The assigned security and priority codes enter and travel through the network according to modules which have a hierarchical class or grouping. Thus, the security and priority information may be sent solely within one class or among classes depending on where, within the classes the data path exists. In this manner, a specified quality of service can be achieved to ensure the data path is secured dynamically as it travels from node to node, and also to determine which packet among several is to be forwarded across a shared resource of that network.
-
Citations
6 Claims
-
1. A communication network, comprising:
-
at least one intermediate module linked between an entry module and an exit module;
wherein said entry module is coupled to assign and transfer a security code and an identification number to a packet of data, and wherein said entry module comprises;
a decoder;
a storage device configured with a set of bits;
an entry compare unit coupled between the decoder and the storage device for comparing the identification number with the set of bits to determine if the packet of data will be transferred to the communication network as a secured packet having the security code and the identification number within a header of the packet, and wherein the secured packet further includes a trailer that include;
a first grouping of bits reserved for a count number of the number of intermediate modules through which the secured packet traverses;
a second grouping of bits reserved for an identifying number of each intermediate module traversed; and
an exit compare unit within the exit module coupled to compare the security code and the identification number before transferring the packet of data from the communication network. - View Dependent Claims (2, 3, 4, 5, 6)
a storage device containing a module security code; and
an intermediate compare unit coupled to receive the secured packet and compare the security code against the module security code to define a secured path through the communication network.
-
-
5. The communication network as recited in claim 4, wherein the secured path is one that extends through the intermediate modules, each of which is assigned a set of bits which matches a set of bits within the security code.
-
6. The communication network as recited in claim 4, wherein the secured path is one that extends through the intermediate modules, each of which is assigned a set of bits which is of equal or greater value to a set of bits within the security code.
Specification