Methods and apparatus for physical layer security of a network communications link

US 7,752,672 B2
Filed: 03/15/2006
Issued: 07/06/2010
Est. Priority Date: 03/15/2006
Status: Active Grant

First Claim

Patent Images

1. A method of operating a communications port of a network communications device, comprising:

maintaining capability information indicating that under normal operating conditions a communications link coupled to the communications port is capable of operating in a secure mode in which communications signals of the communications link are unintelligible to an intruder having an unauthorized physical connection to the communications link;

detecting occurrence of a link event of a type that can invoke an automatic communications-mode control mechanism to change the operating of the communications link to a non-secure mode in which communications signals of the communications link are intelligible to such an intruder; and

based on the capability information, responding to the detected occurrence of the link event by preventing the automatic communications mode control mechanism from changing the operating of the communications link to the non-secure mode, wherein the automatic communications-mode control mechanism comprises an auto-negotiation process conducted between the communications port and an end device coupled to the communications link, the auto-negotiation process being conducted in a secure mode to impede the detection of the content of the auto-negotiation process, and wherein standard auto-negotiation pulses are employed to serve as enemy indicators indicating the presence of the powered device, and non-standard signals are employed to serve as link negotiators to force operation of the communications link in the secure mode.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A communications port of a network communications device maintains capability information indicating that under normal operating conditions a communications link is capable of operating in a secure mode in which communications signals of the communications link are unintelligible to an intruder having an unauthorized physical connection (e.g. tap) to the communications link. During operation, the port detects occurrence of a link event of a type that can invoke an automatic communications-mode control mechanism to change the operating of the communications link to a non-secure mode in which communications signals of the communications link are intelligible to such an intruder. An example is Ethernet auto-negotiation which can change from relatively secure 1000BaseT signaling to relatively non-secure 10/100BaseT signaling. Based on the capability information, the port responds to the link event by preventing the automatic communications mode control mechanism from changing the operating of the communications link to the non-secure mode.

Citations

28 Claims

1. A method of operating a communications port of a network communications device, comprising:
- maintaining capability information indicating that under normal operating conditions a communications link coupled to the communications port is capable of operating in a secure mode in which communications signals of the communications link are unintelligible to an intruder having an unauthorized physical connection to the communications link;
  
  detecting occurrence of a link event of a type that can invoke an automatic communications-mode control mechanism to change the operating of the communications link to a non-secure mode in which communications signals of the communications link are intelligible to such an intruder; and
  
  based on the capability information, responding to the detected occurrence of the link event by preventing the automatic communications mode control mechanism from changing the operating of the communications link to the non-secure mode, wherein the automatic communications-mode control mechanism comprises an auto-negotiation process conducted between the communications port and an end device coupled to the communications link, the auto-negotiation process being conducted in a secure mode to impede the detection of the content of the auto-negotiation process, and wherein standard auto-negotiation pulses are employed to serve as enemy indicators indicating the presence of the powered device, and non-standard signals are employed to serve as link negotiators to force operation of the communications link in the secure mode.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. A method according to claim 1, wherein the secure mode includes simultaneous transmission on the communications link by the communications port and an end device coupled to the communications link such that the communications signals of the communications link represent an electrical summation of respective signals transmitted by the communications port and the end device, and further comprising performing an echo cancellation at the communications port to subtract the signal transmitted by the communications port from the communications signals of the communications link and thereby recover data transmitted by the end device.
  - 3. A method according to claim 2, wherein the communications link comprises a number of twisted pairs and transmission on the communications link comprises (1) demultiplexing a single data signal into the number of partial data signals and (2) transmitting each partial data signal over a corresponding one of the twisted pairs.
  - 4. A method according to claim 3, wherein the non-secure mode includes transmission by the communications port and the end device on only respective mutually exclusive ones of the twisted pairs.
  - 5. A method according to claim 4, wherein at least one of the twisted pairs is unused for transmission in the non-secure mode but used for transmission in the secure mode, and wherein the link event includes the occurrence of a fault on the at least one of the twisted pairs.
  - 6. A method according to claim 1, wherein the communications port is explicitly identified as a secure port of the network communications device by one of (setting personality information, having a secure class of end device attached to the communications link, and having an end device attached to the communications link explicitly identify itself as secure).
  - 7. A method according to claim 1, wherein the link event is selected from the group consisting of:
    - (link down, link data errors, and drop in amplitude of the communications signals).
  - 8. A method according to claim 1, wherein the link event includes the detection of potential changes to the link as reported by time-domain reflectometry.
  - 9. A method according to claim 1, wherein the communications port includes power circuitry operative to supply power to an end device attached to the communications link, and wherein the link event is selected from the group consisting of:
    - (a mismatch between an amount of power supplied to communications link by the power circuitry and an amount of power known to be drawn by the end device, and a sudden drop in an amount of power being supplied by power circuitry).
  - 10. A method according to claim 1, further including reporting the link event to a system manager responsible for determining whether the link event occurred due to activity of such an intruder, and wherein preventing the automatic communications mode control mechanism from changing the operating of the communications link to the non-secure mode can be overridden by the system manager.
  - 11. A method according to claim 1, further comprising responding to the detected occurrence of the link event by permitting only limited use of the communications link to reduce a security risk presented by such an intruder.
  - 12. A method according to claim 11, wherein the limited use includes use for emergency-related purposes.
  - 13. A method according to claim 1, wherein one of (inline power detection and classification identification networks, and single pair identity networks discovered using time-domain reflectometry), are operative to enable the bypassing of the automatic communications-mode control mechanism completely and force operation of the communications link in the secure mode.
  - 14. A method according to claim 1, further comprising responding to the detected occurrence of the link event by supplying the communications link with fictitious data to fool such an intruder into thinking that the intrusion attempt is successful.

15. A communications port of a network communications device, comprising:
- a memory operative to maintain capability information indicating that under normal operating conditions a communications link coupled to the communications port is capable of operating in a secure mode in which communications signals of the communications link are unintelligible to an intruder having an unauthorized physical connection to the communications link; and
  
  control circuitry and specialized physical-layer (PHY) circuitry co-operative (1) to detect occurrence of a link event of a type that can invoke an automatic communications-mode control mechanism to change the operating of the communications link to a non-secure mode in which communications signals of the communications link are intelligible to such an intruder, and (2) based on the capability information, to respond to the detected occurrence of the link event by preventing the automatic communications mode control mechanism from changing the operating of the communications link to the non-secure mode,wherein the automatic communications-mode control mechanism comprises an auto-negotiation process conducted between the communications port and an end device coupled to the communications link, the auto-negotiation process being conducted in a secure mode to impede the detection of the content of the auto-negotiation process, and wherein standard auto-negotiation pulses are employed to serve as energy indicators indicating the presence of the powered device, and non-standard signals are employed to serve as link negotiators to force operation of the communications link in the secure mode.
- View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28)
- - 16. A communications port according to claim 15, wherein the secure mode includes simultaneous transmission on the communications link by the communications port and an end device coupled to the communications link such that the communications signals of the communications link represent an electrical summation of respective signals transmitted by the communications port and the end device, and further comprising performing an echo cancellation at the communications port to subtract the signal transmitted by the communications port from the communications signals of the communications link and thereby recover data transmitted by the end device.
  - 17. A communications port according to claim 16, wherein the communications link comprises a number of twisted pairs, and further comprising (1) a demultiplexer operative to demultiplex a single data signal into the number of partial data signals and (2) drivers operative to transmit respective ones of the partial data signals over corresponding ones of the twisted pairs.
  - 18. A communications port according to claim 17, wherein the non-secure mode includes transmission by the communications port and the end device on only respective mutually exclusive ones of the twisted pairs.
  - 19. A communications port according to claim 18, wherein at least one of the twisted pairs is unused for transmission in the non-secure mode but used for transmission in the secure mode, and wherein the link event includes the occurrence of a fault on the at least one twisted pairs.
  - 20. A communications port according to claim 15, wherein the communications port is explicitly identified as a secure port of the network communications device by one of (setting personality information, having a secure class of end device attached to the communications link, and having an end device attached to the communications link explicitly identify itself as secure.
  - 21. A communications port according to claim 15, wherein the link event is selected from the group consisting of:
    - (link down, link data errors, and drop in amplitude of the communications signals).
  - 22. A communications port according to claim 15, wherein the link event includes the detection of potential changes to the link as reported by time-domain reflectometry.
  - 23. A communications port according to claim 15, further comprising power circuitry operative to supply power to an end device attached to the communications link, and wherein the link event is selected from the group consisting of:
    - (a mismatch between an amount of power supplied to communications link by the power circuitry and an amount of power known to be drawn by the end device, and a sudden drop in an amount of power being supplied by power circuitry).
  - 24. A communications port according to claim 15, wherein the control circuitry is further operative to report the link event to a system manager responsible for determining whether the link event occurred due to activity of such an intruder, and wherein preventing the automatic communications mode control mechanism from changing the operating of the communications link to the non-secure mode can be overridden by the system manager.
  - 25. A communications port according to claim 15, wherein the control circuitry is further operative to respond to the detected occurrence of the link event by permitting only limited use of the communications link to reduce a security risk presented by such an intruder.
  - 26. A communications port according to claim 15, wherein the limited use includes use for emergency-related purposes.
  - 27. A communications port according to claim 15, wherein one of (inline power detection and classification identification networks, and single pair identity networks discovered using time-domain reflectometry), are operative to enable the bypassing of the automatic communications-mode control mechanism completely and force operation of the communications link in the secure mode.
  - 28. A communications port according to claim 15, further comprising responding to the detected occurrence of the link event by supplying the communications link with fictitious data to fool such an intruder into thinking that the intrusion attempt is successful.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Original Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Inventors
Beliles, Robert Pryor Jr., Karam, Roger
Primary Examiner(s)
Arani; Taghi T
Assistant Examiner(s)
LEE, JASON T

Application Number

US11/375,991
Publication Number

US 20070240213A1
Time in Patent Office

1,574 Days
Field of Search

726/4, 726 23- 25, 726/26, 709223-225, 713187-188
US Class Current

726/25
CPC Class Codes

H04L 12/40   Bus networks

H04L 12/40136   Nodes adapting their rate t...

H04L 63/1441   Countermeasures against mal...

Methods and apparatus for physical layer security of a network communications link

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

28 Claims

Specification

Solutions

Use Cases

Quick Links

Methods and apparatus for physical layer security of a network communications link

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

28 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links