Secure network architecture method and apparatus
First Claim
1. A system for providing security in a network comprising a plurality of network resources each having a communication profile and a unique identifier, each network resource being connected to communicate with another network resource only if permitted by the communication profile of each network resource.
1 Assignment
0 Petitions
Accused Products
Abstract
A secure network architecture method and apparatus that provides security at all levels of the network. The system and method of the present invention provides communications profiles for all network resources that uniquely identify the individual network resources and provide for absolute object identity. Communications over the network are managed at all levels by the network resources themselves by virtue of individual communications profiles that are policed by arbitrators and network resources alike.
-
Citations
77 Claims
- 1. A system for providing security in a network comprising a plurality of network resources each having a communication profile and a unique identifier, each network resource being connected to communicate with another network resource only if permitted by the communication profile of each network resource.
-
26. A method for establishing secure communication comprising:
-
establishing a communications profile and a unique identifier on a plurality of network resources on the network; and transmitting communications from a network resource only if permitted by the network resource'"'"'s communication profile. - View Dependent Claims (27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 77)
-
-
46. Apparatus for guaranteeing absolute object identity comprising:
-
a generator generating unique random numbers; a central directory connected to the generator to receive the unique random numbers from the generator;
the central directory including means to provide a loader applet which incorporates at least one of the unique random numbers;
at least one arbitrator connected to the central directory to receive the loader applet; andat least one network resource communicating with said at least one arbitrator to receive said loader applet. - View Dependent Claims (47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57)
-
-
58. A method for establishing absolute object identity comprising:
-
generating unique random numbers;
transmitting the unique random numbers to a central directory;creating in said central directory communication profiles incorporating said unique random numbers; providing said communication profiles to at least one arbitrator; and transferring different communication profiles from said arbitrator to each of a plurality of network resources for establishing a unique identity for each network resource. - View Dependent Claims (59, 60, 61, 62)
-
-
63. A method for creating absolute object identity for objects on a network comprising:
- creating a plurality of unique numbers;
conveying the unique numbers to a central directory; creating in the central directory plurality communication profiles, each based in part on a corresponding unique number, each communication profile comprising at least a receive profile, a transmit profile, and unique identifier; and supplying an individual communication profile to each of a plurality of network resources on the network. - View Dependent Claims (64, 65, 66, 67, 68)
- creating a plurality of unique numbers;
-
69. A system for controlling communication between network resources, comprising:
-
a plurality of arbitrators; a plurality of network resources in communication with each of said arbitrators, each arbitrator and each of said network resources incorporating a corresponding communication profile for controlling receipt and transmission of communications; and a central directory connected to each of said arbitrators for supplying said corresponding communication profiles to said arbitrators and said network resources. - View Dependent Claims (70, 71, 72, 73, 74, 75, 76)
-
Specification