Data synchronization for a secure electronic device

US 7,681,230 B2
Filed: 02/28/2006
Issued: 03/16/2010
Est. Priority Date: 02/28/2006
Status: Active Grant

First Claim

Patent Images

1. A method for secure synchronization of data contained on a network-attached device and a network server, comprising:

establishing a device-to-device single-level secure processing state as between said network attached-device and said network server at a first defined security access level by(a) authenticating a user, said network attached device, and said network server;

(b) determining an assigned security access level for said user from among a plurality of possible user security access levels; and

(c) determining if said first defined security access level at which said user requests to sign on is lesser than or equal to said assigned security access level of said user;

selecting said network server to have a multi-level secure operating system and a multi-level secure file system;

selecting said network-attached device to have a multi-level secure operating system and a multi-level secure file system;

signing said user onto a computer network at said first defined security access level using at least one of said network attached device and said network server;

synchronizing a first plurality of managed data objects stored on said network attached device and said network server at said first defined security access level;

determining if said user is authorized to access a second defined security access level provided in said multi-level secure file system of said network server and said multi-level secure file system of said network attached device; and

automatically repeating said synchronizing step for said second defined security access level.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Method for synchronizing stored data in one device (102, 106, 202, 206, 210) with other devices (102, 106, 202, 206, 210) at multiple levels of security classification. The methods and systems disclosed herein can advantageously utilize unique protocols and, optionally, cryptographic technologies to effect data synchronization in a secure manner.

44 Citations

View as Search Results

17 Claims

1. A method for secure synchronization of data contained on a network-attached device and a network server, comprising:
- establishing a device-to-device single-level secure processing state as between said network attached-device and said network server at a first defined security access level by(a) authenticating a user, said network attached device, and said network server;
  
  (b) determining an assigned security access level for said user from among a plurality of possible user security access levels; and
  
  (c) determining if said first defined security access level at which said user requests to sign on is lesser than or equal to said assigned security access level of said user;
  
  selecting said network server to have a multi-level secure operating system and a multi-level secure file system;
  
  selecting said network-attached device to have a multi-level secure operating system and a multi-level secure file system;
  
  signing said user onto a computer network at said first defined security access level using at least one of said network attached device and said network server;
  
  synchronizing a first plurality of managed data objects stored on said network attached device and said network server at said first defined security access level;
  
  determining if said user is authorized to access a second defined security access level provided in said multi-level secure file system of said network server and said multi-level secure file system of said network attached device; and
  
  automatically repeating said synchronizing step for said second defined security access level.
- View Dependent Claims (2)
- - 2. The method according to claim 1, wherein said synchronizing step is performed by a direct connection between said network attached device and said network server, exclusive of any intermediate computer network.

3. A method for secure synchronization of data contained on a network-attached device and a network server, comprising:
- establishing a device-to-device single-level secure processing state as between said network attached-device and said network server at a first defined security access level by(a) authenticating a user, said network attached device, and said network server;
  
  (b) determining an assigned security access level for said user from among a plurality of possible user security access levels; and
  
  (c) determining if said first defined security access level at which said user requests to sign on is lesser than or equal to said assigned security access level of said user;
  
  synchronizing a first plurality of managed data objects stored on said network attached device and said network server at said first defined security access levelestablishing a second device to device single-level secure processing state as between said network-attached device and a locally-connected device that is locally connected to said network-attached device exclusive of any network connection, said network attached device and said locally-connected device connected at a second defined security access level;
  
  selecting said network server to have a combination of an operating system and a file system selected from the group consisting of (a) a single-level secure operating system and a single-level secure file system, (b) a single level secure operating system and a multi-level secure file system, and (c) a multi-level secure operating system and a multi-level secure file system;
  
  selecting said network-attached device to have a single-level secure operating system and a single-level secure file system;
  
  selecting said locally connected device to have a single-level secure operating system and a single-level secure file system;
  
  automatically synchronizing a second plurality of managed data objects stored on said network-attached device and said locally connected device at said second defined security access level;
  
  automatically re-synchronizing said first plurality of managed data objects stored on said network-attached device and said network server.
- View Dependent Claims (4)
- - 4. The method according to claim 3, wherein said establishing of said second device to device single-level secure processing state further comprises authenticating at least said locally connected device.

5. A method for secure synchronization of data contained on a network-attached device and a network server, comprising:
- establishing a device-to-device single-level secure processing state as between said network attached-device and said network server at a first defined security access level by(a) authenticating a user, said network attached device, and said network server;
  
  (b) determining an assigned security access level for said user from among a plurality of possible user security access levels; and
  
  (c) determining if said first defined security access level at which said user requests to sign on is lesser than or equal to said assigned security access level of said user;
  
  synchronizing a first plurality of managed data objects stored on said network attached device and said network server at said first defined security access levelestablishing a second device to device single-level secure processing state as between said network-attached device and a locally-connected device that is locally connected to said network-attached device exclusive of any network connection, said network attached device and said locally-connected device connected at a second defined security access level;
  
  selecting said network server to have a combination of an operating system and a file system selected from the group consisting of (a) a single level secure operating system and a multi-level secure file system, and (b) a multi-level secure operating system and a multi-level secure file system;
  
  selecting said network-attached device to have a single-level secure operating system and a multi-level secure file system;
  
  selecting said locally connected device to have a single-level secure operating system, and a multi-level secure file system;
  
  prior to establishing said second device to device single-level secure processing state as between said network-attached device and a locally-connected device, determining if said locally-connected device supports said second defined security access level associated with said second device to device single level secure processing state;
  
  automatically synchronizing a second plurality of managed data objects stored on said network-attached device and said locally connected device at said second defined security access level;
  
  automatically re-synchronizing said first plurality of managed data objects stored on said network-attached device and said network server.
- View Dependent Claims (6, 7)
- - 6. The method according to claim 5, further comprising:
    - selecting said locally connected device to have a single-level secure operating system, and a single-level secure file system;
      
      automatically synchronizing a second plurality of managed data objects stored on said network-attached device and said locally connected device at said second defined security access level;
      
      automatically re-synchronizing said first plurality of managed data objects stored on said network-attached device and said network server;
      
      signing said user off of said computer network in response to a first user request;
      
      in response to a second user request, signing said user back onto said computer network at a third security access level using network-attached device; and
      
      synchronizing a third plurality of managed data objects stored on said network-attached device and said network server at said third defined security access level provided in said multi-level secure file system of said network server and said multi-level secure file system of said network attached device.
  - 7. The method according to claim 5, further comprising:
    - signing said user off of said computer network in response to a first user request;
      
      in response to a second user request, signing said user back onto said computer network at a third security access level using network-attached device; and
      
      synchronizing a third plurality of managed data objects stored on said network-attached device and said network server at said third defined security access level provided in said multi-level secure file system of said network server and said multi-level secure file system of said network attached device.

8. A method for secure synchronization of data contained on a network-attached device and a network server, comprising:
- establishing a device-to-device single-level secure processing state as between said network attached-device and said network server at a first defined security access level by(a) authenticating a user, said network attached device, and said network server;
  
  (b) determining an assigned security access level for said user from among a plurality of possible user security access levels; and
  
  (c) determining if said first defined security access level at which said user requests to sign on is lesser than or equal to said assigned security access level of said user;
  
  establishing a second device to device single-level secure processing state as between said network-attached device and a locally-connected device that is locally connected to said network-attached device exclusive of any network connection, said network attached device and said locally-connected device connected at a second defined security access level;
  
  selecting said network server to have a multi-level secure operating system and a multi-level secure file system;
  
  selecting said network-attached device to have a multi-level secure operating system and a multi-level secure file system;
  
  selecting said locally connected device to have a single-level secure operating system, and a single-level secure file system;
  
  synchronizing a first plurality of managed data objects stored on said network attached device and said network server at said first defined security access levelautomatically synchronizing a second plurality of managed data objects stored on said network-attached device and said locally connected device at said second defined security access level.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16, 17)
- - 9. The method according to claim 8, further comprising the step of automatically establishing said second device to device single level secure processing state prior to synchronizing said second plurality of managed data objects, and automatically terminating said second device to device single level secure processing state after synchronizing said second plurality of managed data objects.
  - 10. The method according to claim 9, further comprising automatically re-synchronizing said first plurality of managed data objects stored on said network-attached device and said network server.
  - 11. The method according to claim 10, further comprising:
    - automatically modifying an access level of said network attached device to a third defined security access level in said multi-level secure file system of said network-attached device;
      
      automatically modifying an access level of said network server to said third defined security access level in said multi-level secure file system of said network server; and
      
      synchronizing a third plurality of managed data objects stored on said network-attached device and said network server at said third defined security access level.
  - 12. The method according to claim 8, further comprising selecting said locally connected device to have a combination of operating system and file system selected from the group consisting of (a) a single-level secure operating system, and a multi-level secure file system, and (b) a multi-level secure operating system, and a multi-level secure file system.
  - 13. The method according to claim 12, further comprising:
    - determining if said locally-connected device supports said second defined security level;
      
      automatically synchronizing a second plurality of managed data objects stored on said network-attached device and said locally connected device at said second defined security access level.
  - 14. The method according to claim 13, further comprising automatically re-synchronizing said first plurality of managed data objects stored on said network-attached device and said network server.
  - 15. The method according to claim 14, further comprising:
    - automatically modifying an access level of said network attached device to a third defined security access level in said multi-level secure file system of said network-attached device;
      
      automatically modifying an access level of said network server to said third defined security access level in said multi-level secure file system of said network server; and
      
      synchronizing a third plurality of managed data objects stored on said network-attached device and said network server at said third defined security access level.
  - 16. The method according to claim 13, further comprising the step of automatically establishing said second device to device single level secure processing state prior to synchronizing said second plurality of managed data objects, and automatically terminating said second device to device single level secure processing state after synchronizing said second plurality of managed data objects.
  - 17. The method according to claim 16, further comprising automatically setting an access level of said locally connected device in response to a command from said network attached device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Harris Global Communications, Inc. (L3Harris Technologies, Inc.)
Original Assignee
Harris Corporation (L3Harris Technologies, Inc.)
Inventors
O'Brien, Terence W.
Primary Examiner(s)
Barron, Jr.; Gilberto
Assistant Examiner(s)
Davanlou; Soheila

Application Number

US11/363,604
Publication Number

US 20070204331A1
Time in Patent Office

1,477 Days
Field of Search

726/4, 726/17, 726/27, 726/28, 726/29, 726/30, 726/21, 713/166
US Class Current

726/4
CPC Class Codes

H04L 63/105 Multiple levels of security

Data synchronization for a secure electronic device

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

44 Citations

17 Claims

Specification

Use Cases

Quick Links

Others

Data synchronization for a secure electronic device

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

44 Citations

17 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others