Encapsulation of secure encrypted data in a deployable, secure communication system allowing benign, secure commercial transport
First Claim
1. A method of cloaking encrypted data, comprising:
- receiving one of voice over IP (VoIP) data, voice over frame relay (VoFR), or voice over ATM (VoATM) data routed by a data router adapted to output a serial data stream;
encrypting said serial data stream into encrypted data using a Type 1 encryption unit;
encapsulating said encrypted data into IP packets;
forming a first tunnel for an overall IP link;
forming a second tunnel between a first IP encapsulator anda second IP encapsulator; and
transmitting said IP packets of encrypted data on a public IP network.
7 Assignments
0 Petitions
Accused Products
Abstract
Sensitive, Type 1 KIV-encrypted data is encapsulated into IP packets in a remotely deployed, secure communication system. The IP packets are addressed to a matching IP encapsulator/decapsulator device over the public Internet or other IP protocol network, that then passes it to a similar Type 1 KIV device for decryption. Thus, sensitive, encrypted data is made to appear as if it were any other commercial network data, cloaking it in the vast and busy world of the Internet. The present invention is embodied in a system that provides secure Voice-Over-IP (VOIP), video and data network functionality in a single, small size deployable case, to a remote user. Most importantly, the embodiment allows for the routing of bulk encrypted (i.e., secure) data over a public network, e.g., the Internet.
26 Citations
23 Claims
-
1. A method of cloaking encrypted data, comprising:
-
receiving one of voice over IP (VoIP) data, voice over frame relay (VoFR), or voice over ATM (VoATM) data routed by a data router adapted to output a serial data stream; encrypting said serial data stream into encrypted data using a Type 1 encryption unit; encapsulating said encrypted data into IP packets; forming a first tunnel for an overall IP link; forming a second tunnel between a first IP encapsulator and a second IP encapsulator; and transmitting said IP packets of encrypted data on a public IP network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. Apparatus for cloaking encrypted data in a deployable, secure communication terminal, comprising:
-
means for receiving one of voice over IP (VoIP) data, voice over frame relay (VoFR), or voice over ATM (VoATM) data routed by a data router adapted to output a serial data stream; means for encrypting said serial data stream into encrypted data using a Type 1 encryption unit; means for encapsulating said encrypted data into IP packets; means for forming a first tunnel for an overall IP link; and means for forming a second tunnel between a first IP encapsulator and a second IP encapsulator; and means for transmitting said IP packets of encrypted data on a public IP network. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A secure communications device, comprising:
-
means for receiving one of voice over IP (VoIP) data, voice over frame relay (VoFR), or voice over ATM (VoATM) data stream routed by a data router adapted to output a serial data stream; means for encrypting said serial data stream using a Type 1 encryption unit, into an encrypted data stream; means for encapsulating said encrypted data stream for transmission to another secure communications device using IP protocol; means for forming a first tunnel for an overall IP link; means for forming a second tunnel between a first IP encapsulator and a second IP encapsulator; and means for routing said encapsulated, encrypted data stream over an Internet. - View Dependent Claims (21, 22, 23)
-
Specification