Secure communication system

US 8,219,799 B1
Filed: 04/25/2008
Issued: 07/10/2012
Est. Priority Date: 04/25/2008
Status: Active Grant

First Claim

Patent Images

1. A secure communication system for securely routing data between a plurality of communication entities, the secure communication system comprising:

a communications processor configured to manage a control flow and routing of data within the secure communication system;

a plurality of data protocol interfaces that are configured to be in communication with the plurality of communication entities and connected to the communications processor, wherein the plurality of data protocol interfaces includes an internet data protocol interface configured to receive and transmit data in an internet data transfer protocol, and wherein the plurality of data protocol interfaces includes a non-internet data protocol interface configured to receive and transmit data in a non-internet data transfer protocol;

a data transfer protocol converter connected between the communications processor and the non-internet data protocol interface, the data transfer protocol converter configured to convert data in an internet data transfer protocol to data in the non-internet data transfer protocol; and

a security component connected via a secure communication system network to the communications processor and the data transfer protocol converter, the security component configured to verify a security level of the data received by one of the plurality of data protocol interfaces and to preserve separation of first level classified data and second level classified data routed through the secure communication system.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A secure communication system that includes a communication processor, an internet protocol converter that converts data to and from its original protocol to internet protocol, an encryptor/decryptor to provide additional security for communications that are routed through the secure communication system, and a cryptography module and other logic that identifies the security classification of data and verifies the cryptographic keys of the source, in the communication, and of the destination. An additional security processor may be provided as required by secure communication standards. The secure communication system may also include an a internet router that routes the data through the secure communication system. The communication processor provides real-time control and can change a source or destination, an encryption key, a security level, the protocol of a communication in response to sensor data received from a communicating entity or from command signals from a connected or remote control system.

59 Citations

View as Search Results

29 Claims

1. A secure communication system for securely routing data between a plurality of communication entities, the secure communication system comprising:
- a communications processor configured to manage a control flow and routing of data within the secure communication system;
  
  a plurality of data protocol interfaces that are configured to be in communication with the plurality of communication entities and connected to the communications processor, wherein the plurality of data protocol interfaces includes an internet data protocol interface configured to receive and transmit data in an internet data transfer protocol, and wherein the plurality of data protocol interfaces includes a non-internet data protocol interface configured to receive and transmit data in a non-internet data transfer protocol;
  
  a data transfer protocol converter connected between the communications processor and the non-internet data protocol interface, the data transfer protocol converter configured to convert data in an internet data transfer protocol to data in the non-internet data transfer protocol; and
  
  a security component connected via a secure communication system network to the communications processor and the data transfer protocol converter, the security component configured to verify a security level of the data received by one of the plurality of data protocol interfaces and to preserve separation of first level classified data and second level classified data routed through the secure communication system.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 26, 28)
- - 2. The secure communication system of claim 1, wherein the non-internet data transfer protocol is a satellite communication protocol.
  - 3. The secure communication system of claim 1, wherein the non-internet data transfer protocol is a VHF-UHF radio communication protocol.
  - 4. The secure communication system of claim 1, wherein the non-internet data transfer protocol is an analog voice protocol.
  - 5. The secure communication system of claim 1, wherein the non-internet data transfer protocol is a common data link protocol.
  - 6. The secure communication system of claim 1, wherein the non-internet data transfer protocol is a digital signal protocol.
  - 7. The secure communication system of claim 1, wherein the internet data transfer protocol is a digital signal protocol.
  - 8. The secure communication system of claim 7, wherein the digital signal protocol is a voice internet protocol.
  - 9. The secure communication system of claim 1, wherein the non-internet data transfer protocol is an analog signal protocol.
  - 10. The secure communication system of claim 1, wherein the non-internet data transfer protocol is a sensor data protocol of a condition of one or more of the plurality of communication entities.
  - 11. The secure communication system of claim 1, further comprising:
    - one or more internet protocol routers connected via the secure communication system network to the data transfer protocol converter and the communications processor for routing data in an internet data transfer protocol within the secure communication system.
  - 12. The secure communication system of claim 11, further comprising:
    - the secure chassis providing a backplane and a plurality of slots for a plurality of circuit cards, andthe plurality of data protocol interfaces, the data transfer protocol converter, the security component, and the one or more internet protocol routers are electrically fixed on the one or more circuit cards within the secure chassis.
  - 13. The secure communication system of claim 1, wherein the security component is configured to determine the security level of the data.
  - 14. The secure communication system of claim 13, further comprising:
    - a cryptographic module connected via the secure communication system network to one of the plurality of data protocol interfaces, the cryptographic module configured to verify cryptographic keys of a source entity of the plurality of communication entities, the data, and a destination entity of the plurality of communication entities.
  - 15. The secure communication system of claim 14, wherein when the cryptographic keys of the source entity, the data, or the destination entity cannot be verified, the data is not routed in the secure communication system.
  - 16. The secure communication system of claim 1, wherein the security component further comprises:
    - an encryptor connected on the secure communication system network that encrypts data in the internet data transfer protocol for routing within the secure communication system.
  - 17. The secure communication system of claim 16, wherein the security component further comprises:
    - a decryptor connected on the secure communication system network that decrypts data in the internet data transfer protocol.
  - 18. The secure communication system of claim 1, wherein the security component further comprises a proprietary security processor to further ensure protection of the security level of data routed within the secure communication system.
  - 19. The secure communication system of claim 18, wherein the data received from a source entity of the plurality of communication entities is in a satellite communication data transfer protocol.
  - 20. The secure communication system of claim 19, wherein the proprietary security processor is a HAIPE.
  - 21. The secure communication system of claim 20, wherein the HAIPE is on a circuit card mounted in a slot of a secure chassis, the secure chassis further comprising at least one satellite communication data protocol interface and the data transfer protocol converter.
  - 26. The secure communication system of claim 1, wherein the first level classified data is unclassified data.
  - 28. The secure communication system of claim 1, further comprising a plurality of input/output modules that are connected to the plurality of data protocol interfaces, wherein the plurality of input/output modules are configured to securely route data within the secure communication system via the secure communication network.

22. A dynamic secure communication system for securely routing data between a plurality of communication entities, the dynamic secure communication system comprising:
- a communication processor connected to a secure communication system network, the secure communication network connecting;
  
  a plurality of data protocol interfaces that are configured to receive and transmit data in a plurality of data transfer protocols, at least one data protocol interface for each data transfer protocol, wherein the plurality of data protocol interfaces includes an internet data protocol interface configured to receive data in an internet data transfer protocol, and wherein the plurality of data protocol interfaces includes a non-internet data protocol interface configured to receive and transmit data in a non-internet data transfer protocol;
  
  a data transfer protocol converter that is configured to convert data in an internet data transfer protocol to a non-internet data transfer protocol;
  
  one or more security components that are configured to determine and verify security parameters of the data and to preserve separation of first level classified data and second level classified data routed through the dynamic secure communication system,wherein the communication processor is in communication with one or more communicating entities that receive or transmit data in one of the plurality of data-transfer protocols;
  
  and the communication processor, in response to data received and in real-time reconfigures one or more of;
  
  the plurality of data protocol interfaces;
  
  the data transfer protocol converter;
  
  orthe one or more security components
  
  to manage communications by;
  
  receiving or transmitting the data to different communicating entities;
  
  changing the data transfer protocol of the data;
  
  orchanging a security parameter of the data.
- View Dependent Claims (23, 24, 25, 27, 29)
- - 23. The dynamic secure communication system of claim 22, wherein the data transfer protocols comprise:
    - a satellite communication data transfer protocol, a UHF-VHF signal data transfer protocol, a radio communication data transfer protocol, an internet data transfer protocol, an analog signal data transfer protocol, a digital signal data transfer protocol, a voice data transfer protocol, or a sensor data transfer protocol.
  - 24. The dynamic secure communication system of claim 23, wherein the one or more communicating entities comprise unmanned communicating entities including:
    - satellites, unmanned aircraft, unmanned ground vehicles, unmanned marine craft, and manned communicating entities included manned ground vehicles, manned marine craft, manned aircraft fixed ground stations, and mobile ground stations.
  - 25. The dynamic secure communication system of claim 24, wherein the one or more unmanned communicating entities share a control system with one or more manned communicating entities.
  - 27. The dynamic secure communication system of claim 22, wherein the first level classified data is unclassified data.
  - 29. The dynamic secure communication system of claim 22, further comprising a plurality of input/output modules that are connected to the plurality of data protocol interfaces, wherein the plurality of input/output modules are configured to securely route data within the secure communication system via the secure communication network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Lockheed Martin Corporation (Martin Marietta Corporation)
Original Assignee
Lockheed Martin Corporation (Martin Marietta Corporation)
Inventors
Lucchesi, Frank A., Wolff, Christopher T., Byrnes, Jeffrey J.
Primary Examiner(s)
Hoffman, Brandon
Assistant Examiner(s)
Ambaye, Samuel

Application Number

US12/109,867
Time in Patent Office

1,537 Days
Field of Search

713/153, 713/150, 713/151, 713/152
US Class Current

713/153
CPC Class Codes

H04L 63/0485   Networking architectures fo...

H04L 63/105   Multiple levels of security

H04L 63/302   gathering intelligence info...

H04L 67/12   specially adapted for propr...

H04L 67/565   Conversion or adaptation of...

Secure communication system

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

59 Citations

29 Claims

Specification

Solutions

Use Cases

Quick Links

Secure communication system

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

59 Citations

29 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links