Network element and method for controlling access to low level computer system services
First Claim
1. A network element comprising:
- data transfer means configured to download a driver from a network server via a data transmission network;
an interface unit configured to transmit and receive data to and from an external unit, to transmit a signal to the external unit, said signal being indicative of attachment of the external unit to the network element, to automatically initiate the downloading of the driver in response to information obtained in a response signal from the external unit, said information indicating the presence of a new application in the external unit, and to obtain from the external unit an address from which the driver is to be downloaded;
control means configured to check that the origin of the downloaded driver has been verified prior to executing one or more functions in the restricted library;
wherein said control means comprises;
said driver configured to modify one or more commands received into a format required by the external unit, to invoke one or more functions in a restricted library in the network element to control the operation of the external unit, invoke one or more functions in a standard library in the network element; and
wherein an origin of said downloaded driver is verified using at least an electronic signature.
11 Assignments
0 Petitions
Accused Products
Abstract
A solution for controlling activities to be carried out in a network element in a flexible and safe manner. A data transmission network includes a network element, which includes data transfer means for transmitting and receiving data from the data transmission network, which data includes one or more commands: processing means for processing the data provided in a specified format; and control means for modifying the received command into a format required by the processing means. The control means includes a driver the origin of which can be verified with the help of an electronic signature; and one or more functions that control the operation of the processing means, which can only be initiated by the driver the origin of which has been verified with the help of the electronic signature.
-
Citations
12 Claims
-
1. A network element comprising:
-
data transfer means configured to download a driver from a network server via a data transmission network; an interface unit configured to transmit and receive data to and from an external unit, to transmit a signal to the external unit, said signal being indicative of attachment of the external unit to the network element, to automatically initiate the downloading of the driver in response to information obtained in a response signal from the external unit, said information indicating the presence of a new application in the external unit, and to obtain from the external unit an address from which the driver is to be downloaded; control means configured to check that the origin of the downloaded driver has been verified prior to executing one or more functions in the restricted library; wherein said control means comprises; said driver configured to modify one or more commands received into a format required by the external unit, to invoke one or more functions in a restricted library in the network element to control the operation of the external unit, invoke one or more functions in a standard library in the network element; and wherein an origin of said downloaded driver is verified using at least an electronic signature. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A data transmission network, comprising a network element, which network element comprises:
-
a data transfer device configured to download a driver from a network server via a data transmission network; an interface unit configured to transmit a signal to an external unit, said signal being indicative of attachment of the external unit to the network element, to automatically initiate the downloading of the driver in response to information obtained in a response signal from the external unit, said information indicating the presence of a new application in the external unit, to obtain from the external unit an address for the downloading of the driver, transmit and receive data to and from the external unit, which data comprises one or more commands, the external unit processing data provided in a required format; a control unit configured to check that the origin of the downloaded driver has been verified prior to executing one or more functions in the restricted library; wherein said control unit comprises; said driver configured to modify at least one received command into the format required by the external unit, to invoke one or more functions in a restricted library in said network element to control the operation of said external unit, invoke one or more functions in a standard library in said network element; and wherein the origin of said downloaded driver is verified using at least an electronic signature. - View Dependent Claims (9, 10, 11)
-
-
12. A method for processing data, the method comprising:
-
sending to an external unit a signal indicative of attachment of the external unit to a network element; receiving a response signal from said external unit to the network element; receiving an address from which a driver is to be downloaded from an external unit; downloading said driver from a data transmission network to said network element in response to information obtained in a response signal from the external unit, said information indicating the presence of a new application in the external unit; verifying an origin of the driver using at least an electronic signature; executing an application in the network element; the application issuing a command to the driver; the driver modifying the command into a format required by an external unit; the driver calling a function in a restricted library to control the operation of the external unit; and checking that the origin of the driver has been verified prior to executing the function.
-
Specification