Method and apparatus for verifying the integrity and security of computer networks and implementation of counter measures
First Claim
Patent Images
1. A security system for a computer network, the network having a plurality of devices connected thereto, at least some of the devices having security-related functions, the security system comprising:
- (a) a security subsystem associated with at least some of the devices in the network which tests the integrity of the security-related functions;
(b) a master system which monitors the integrity of the security subsystem and receives and stores results of the integrity testing of the devices having security-related functions; and
(c) a secure link connected between the security subsystem and the master system, the master system monitoring the integrity of the security subsystem and receiving the results of the integrity testing of the devices having security-related functions through the first secure link, wherein one of the master system and the security subsystem further monitors whether a device having security-related functions responds to said one of the master system and the security subsystem, and wherein one of the security subsystem and the master system takes action when no response is detected.
5 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus for verifying the integrity of devices on a target network having two components: a subsystem connected to the target network, and a master system, isolated therefrom by a secure link. The topological and hierarchical relationship of the of the devices to each other improves stability of the apparatus. Random testing of target network devices by the subsystem and random testing of the subsystem by the master system provide verification and independent self-checking.
36 Citations
16 Claims
-
1. A security system for a computer network, the network having a plurality of devices connected thereto, at least some of the devices having security-related functions, the security system comprising:
-
(a) a security subsystem associated with at least some of the devices in the network which tests the integrity of the security-related functions; (b) a master system which monitors the integrity of the security subsystem and receives and stores results of the integrity testing of the devices having security-related functions; and (c) a secure link connected between the security subsystem and the master system, the master system monitoring the integrity of the security subsystem and receiving the results of the integrity testing of the devices having security-related functions through the first secure link, wherein one of the master system and the security subsystem further monitors whether a device having security-related functions responds to said one of the master system and the security subsystem, and wherein one of the security subsystem and the master system takes action when no response is detected. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A security system for a computer network, the network having a plurality of devices connected thereto, the security system comprising:
-
(a) a security subsystem connected to at least some of the devices in the network, the security subsystem configured to monitor activities of the at least some devices on the network, and detect attacks on the at least some devices; (b) a master system which monitors the integrity of the security subsystem and registers information pertaining to attacks detected by the security subsystem; and (c) a first secure link connected between the security subsystem and the master system, the master system monitoring the integrity of the security subsystem and receiving the information pertaining to the attacks through the first secure link, wherein one of the master system and the security subsystem further monitors whether the device responds to one of the master system and the security subsystem, and wherein one of the security subsystem and the master system takes action when no response is detected.
-
-
9. A security system for a computer network, the network having a plurality of devices connected thereto, the security system comprising:
-
(a) a security subsystem connected to at least some of the devices in the network, the security subsystem configured to monitor activities of the at least some devices on the network and detect attacks on the at least some devices; (b) a master system which monitors the integrity of the security subsystem and registers information pertaining to attacks detected by the security subsystem; and (c) a first secure link connected between the security subsystem and the master system, the master system monitoring the integrity of the security subsystem and receiving the information pertaining to the attacks through the first secure link, wherein the master system further monitors whether the security subsystem responds to the master system, the master system taking action if no response is detected. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
Specification