Diagnosability enhancements for multi-level secure operating environments
First Claim
1. A method for diagnosing transport failures of a data packet in a multi-level secure network, said method comprising:
- a) remotely activating a software-based probe at an access control decision point of said network in response to an activation of a first command at a debug station, wherein said software-based probe is capable of identifying an error message for a multi-level trusted networking error, and said access control decision point being an interface in said network that is responsible for enforcing a security policy;
b) detecting a data transport failure of said data packet being transmitted between two or more computer systems, said detection using a kernel program operating on a microprocessor to trace the data transport failure, said data transport failure resulting from a violation of a security policy of said network;
c) identifying an error message in response to said data transport failure, said identifying being facilitated by said software-based probe that is configured to monitor threads of at the interface, said error message comprising information identifying said data packet and indicating a cause of said data transport failure;
d) displaying said error message at said debug station of said network in response to activation of a second command at the debug station;
e) restricting said activation of said second command to users of an appropriate authority, wherein enforcing said restricting comprises requiring a predetermined user identification and password, andf) remotely deactivating the software-based probe upon diagnosing transport failures so as to allow the network to operate without the software-based probe being activated.
2 Assignments
0 Petitions
Accused Products
Abstract
A method and system for capturing and reporting debug information regarding data transport failures in a multi-level secure operating environment. A process available only to a trusted system administrator is activated causing probe activation. The data transport command is repeated. The process probes the locations where the data packets move across environment boundaries of the secure network. When the data stops being transported, the process captures the relevant information on the type of failure, its cause, the address where it occurred and the possible consequence. The captured information can then be displayed to an appropriately credentialed administrator through a password-protected command for debug. The probes are then deactivated.
19 Citations
8 Claims
-
1. A method for diagnosing transport failures of a data packet in a multi-level secure network, said method comprising:
-
a) remotely activating a software-based probe at an access control decision point of said network in response to an activation of a first command at a debug station, wherein said software-based probe is capable of identifying an error message for a multi-level trusted networking error, and said access control decision point being an interface in said network that is responsible for enforcing a security policy; b) detecting a data transport failure of said data packet being transmitted between two or more computer systems, said detection using a kernel program operating on a microprocessor to trace the data transport failure, said data transport failure resulting from a violation of a security policy of said network; c) identifying an error message in response to said data transport failure, said identifying being facilitated by said software-based probe that is configured to monitor threads of at the interface, said error message comprising information identifying said data packet and indicating a cause of said data transport failure; d) displaying said error message at said debug station of said network in response to activation of a second command at the debug station; e) restricting said activation of said second command to users of an appropriate authority, wherein enforcing said restricting comprises requiring a predetermined user identification and password, and f) remotely deactivating the software-based probe upon diagnosing transport failures so as to allow the network to operate without the software-based probe being activated. - View Dependent Claims (2, 3)
-
-
4. A multi-level secure network system comprising:
-
a router comprising a plurality of interfaces for passing data packets there through and for enforcing a security policy on said data packets; a plurality of software-based probes associated with said interfaces, said plurality of software-based probes configured for detecting data packet transmit failures between two or more computer systems linked by said router resulting from a violation of a security policy enforced by said interfaces and for identifying information associated with said data packet transmit failures, the detecting using a kernel program operating on a microprocessor to trace the data transport failure by monitoring threads one or more of the plurality of interfaces of the router; and a debug console for remote activating and remote deactivating said software-based probes, the activating through the debug console defining which of the plurality of interfaces of the router should be active with the software-based probes, the debug console displaying said information, and the remote deactivating of the software-based probe enabling operation of the interface without the kernel program tracing threads; wherein said debug console displays said information in response to a second command and use of said second command is restricted based on user identification and password at said debug console. - View Dependent Claims (5, 6, 7, 8)
-
Specification