Methods of securely controlling through one or more separate private networks an internet-connected computer having one or more hardware-based inner firewalls or access barriers
First Claim
1. A method of securely controlling through two private networks a computer configured to operate as a general purpose computer and configured for connection to the Internet, said computer comprising:
- at least one network connection configured for connection to at least a public network of computers including the Internet, said at least one network connection being located in at least one public unit of said computer,at least an additional and separate first private network connection configured for connection to at least a separate, first private network of computers, at least said first separate private network connection being located in at least a first protected private unit of said computer, andat least a first inner hardware-based access barrier or inner hardware-based firewall that is located between and communicatively connects at least said first protected private unit of said computer and said at least one public unit of said computer;
wherein said first private unit, said public unit and said two separate network connections are separated by at least said first inner hardware-based access barrier or inner hardware-based firewall;
at least said first protected private unit of the computer includes at least a first microprocessor or core or processing unit,said at least one public unit of the computer includes at least a second microprocessor or core or processing unit, configured to operate as a general purpose microprocessor or core or processing unit,said second microprocessor or core or processing unit is separate from said first inner hardware-based access barrier or inner hardware-based firewall,at least a separate, second inner hardware-based access barrier or inner hardware-based firewall that protects at least a separate, second private network connection configured for connection to at least a separate, second private network of computers, at least said second private network connection being located in at least a second protected private unit of said computer; and
said second protected private unit of the computer includes at least a third microprocessor or core or processing unit; and
said method comprising the steps of;
controlling at least one operation of said computer from said first private network of computers, said operation including at least transmitting data and/or code from said first private network of computers to said first separate private network connection in said first protected private unit of said computer;
receiving said data and/or code by said first microprocessor or core or processing unit in said first protected private unit of said computer;
transmitting data and/or code by said first microprocessor or core or processing unit in said first protected private unit to at least a part of said public unit;
controlling at least one operation of said computer from said second private network of computers, said operation including at least transmitting data and/or code from said second private network of computers to said second private network connection in said second protected private unit of said computer; and
receiving said data and/or code in at least a part of said second protected private unit of said computer from said second private network of computers, said part of said second protected private unit including at least said third microprocessor or core or processing unit; and
transmitting data and/or code by said third microprocessor or core or processing unit through said second inner hardware-based access barrier or inner hardware-based firewall to at least a part of said public unit or said first protected private unit.
0 Assignments
0 Petitions
Accused Products
Abstract
A method of securely controlling through a private network a computer protected by a hardware-based inner access barrier or firewall and optionally configured to operate as a general purpose computer connected to the Internet, comprising: two separate network connections separated by an inner hardware-based access barrier or inner hardware-based firewall protecting a private network connection configured for connection to a private network of computers but not protecting a public network connection configured for connection to a public network configured to include the Internet, the method including the step of controlling at least one operation of the computer, the control being provided through the private network and the operation involving data and/or code transmitted to the public network. Another method includes the step of controlling an operation of a second or third private protected unit of the computer, the control being provided through a second or third private network, respectively.
71 Citations
27 Claims
-
1. A method of securely controlling through two private networks a computer configured to operate as a general purpose computer and configured for connection to the Internet, said computer comprising:
-
at least one network connection configured for connection to at least a public network of computers including the Internet, said at least one network connection being located in at least one public unit of said computer, at least an additional and separate first private network connection configured for connection to at least a separate, first private network of computers, at least said first separate private network connection being located in at least a first protected private unit of said computer, and at least a first inner hardware-based access barrier or inner hardware-based firewall that is located between and communicatively connects at least said first protected private unit of said computer and said at least one public unit of said computer; wherein said first private unit, said public unit and said two separate network connections are separated by at least said first inner hardware-based access barrier or inner hardware-based firewall; at least said first protected private unit of the computer includes at least a first microprocessor or core or processing unit, said at least one public unit of the computer includes at least a second microprocessor or core or processing unit, configured to operate as a general purpose microprocessor or core or processing unit, said second microprocessor or core or processing unit is separate from said first inner hardware-based access barrier or inner hardware-based firewall, at least a separate, second inner hardware-based access barrier or inner hardware-based firewall that protects at least a separate, second private network connection configured for connection to at least a separate, second private network of computers, at least said second private network connection being located in at least a second protected private unit of said computer; and said second protected private unit of the computer includes at least a third microprocessor or core or processing unit; and said method comprising the steps of; controlling at least one operation of said computer from said first private network of computers, said operation including at least transmitting data and/or code from said first private network of computers to said first separate private network connection in said first protected private unit of said computer; receiving said data and/or code by said first microprocessor or core or processing unit in said first protected private unit of said computer; transmitting data and/or code by said first microprocessor or core or processing unit in said first protected private unit to at least a part of said public unit; controlling at least one operation of said computer from said second private network of computers, said operation including at least transmitting data and/or code from said second private network of computers to said second private network connection in said second protected private unit of said computer; and receiving said data and/or code in at least a part of said second protected private unit of said computer from said second private network of computers, said part of said second protected private unit including at least said third microprocessor or core or processing unit; and transmitting data and/or code by said third microprocessor or core or processing unit through said second inner hardware-based access barrier or inner hardware-based firewall to at least a part of said public unit or said first protected private unit. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method of securely controlling through two private networks a computer configured to operate as a general purpose computer and configured for connection to the Internet, said computer comprising:
-
at least one network connection configured for connection to at least a public network of computers including the Internet, said at least one network connection being located in at least one public unit of said computer, at least an additional and separate first private network connection configured for connection to at least a separate, first private network of computers, at least said first separate private network connection being located in at least a first protected private unit of said computer, and at least a first inner hardware-based access barrier or inner hardware-based firewall that is located between and communicatively connects at least said first protected private unit of said computer and said at least one public unit of said computer; wherein said first private unit, said public unit and said two separate network connections are separated by at least said first inner hardware-based access barrier or inner hardware-based firewall; at least said first protected private unit of the computer includes at least a first microprocessor or core or processing unit, said at least one public unit of the computer includes at least a second microprocessor or core or processing unit, configured to operate as a general purpose microprocessor or core or processing unit, said second microprocessor or core or processing unit is separate from said first inner hardware-based access barrier or inner hardware-based firewall, at least a separate, second inner hardware-based access barrier or inner hardware-based firewall that protects at least a separate, second private network connection configured for connection to at least a separate, second private network of computers, at least said second private network connection being located in at least a second protected private unit of said computer; and said second protected private unit of the computer includes at least a third microprocessor or core or processing unit; said second protected private unit of said computer being located between said first protected private unit and said public unit of said computer; and said method comprising the steps of; controlling at least one operation of said computer from said second private network of computers, said operation including at least transmitting data and/or code from said second private network of computers to said second separate private network connection in said second protected private unit of said computer; receiving said data and/or code in at least a part of said second protected private unit of said computer from said second private network of computers, said part of said second protected private unit including at least said third microprocessor or core or processing unit; and transmitting data and/or code by said third microprocessor or core or processing unit through said second inner hardware-based access barrier or firewall to at least a part of said public unit or said first protected private unit. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A method for an operator using at least one private network to securely control at least two computers of at least one cloud or other array or cluster of two or more computers, said computers being configured to operate as general purpose computers and configured for connection to the Internet, each of said at least two computers comprising:
-
at least one network connection configured for connection to at least a public network of computers including the Internet, said at least one network connection being located in at least one public unit of said computer, at least one additional and separate private network connection configured for connection to at least a separate, private network of computers, said at least one additional and separate private network connection being located in at least one protected private unit of said computer, and at least one inner hardware-based access barrier or inner hardware-based firewall that is located between and communicatively connects said at least one protected private unit of said computer and said at least one public unit of said computer; wherein said private and public units and said two separate network connections are separated by said at least one inner hardware-based access barrier or inner hardware-based firewall; said at least one protected private unit of the computer includes at least a first microprocessor or core or processing unit, said at least one public unit of the computer includes at least a second microprocessor or core or processing unit, configured to operate as a general purpose microprocessor or core or processing unit, and said second microprocessor or core or processing unit is separate from said inner hardware-based access barrier or inner hardware-based firewall; and said method comprising the steps of; controlling at least one operation of each of said at least two computers from said private network of computers, said operation including at least transmitting data and/or code from said operator through said private network of computers to said separate private network connection in said protected private unit of each of said at least two computers; receiving said data and/or code by said first microprocessor or core or processing unit in said protected private unit of each of said at least two computers; and transmitting data and/or code by said first microprocessor or core or processing unit in said protected private unit to at least a part of said public unit of each of said at least two computers. - View Dependent Claims (14, 15, 16, 17, 18, 19)
-
-
20. A method of at least a first computer securely controlling through a private network at least a second computer, said computers including personal computers, tablets, smartphones, or other general purpose computers and said computers being configured for connection to the Internet, each of said computers comprising:
-
at least one network connection configured for connection to at least a public network of computers including the Internet, said at least one network connection being located in at least one public unit of said computer, at least one additional and separate private network connection configured for connection to at least a separate, private network of computers, said at least one additional and separate private network connection being located in at least one protected private unit of said computer, and at least one inner hardware-based access barrier or inner hardware-based firewall that is located between and communicatively connects said at least one protected private unit of said computer and said at least one public unit of said computer; wherein said private and public units and said two separate network connections are separated by said at least one inner hardware-based access barrier or inner hardware-based firewall; said at least one protected private unit of the computer includes at least a first microprocessor or core or processing unit, said at least one public unit of the computer includes at least a second microprocessor or core or processing unit, configured to operate as a general purpose microprocessor or core or processing unit, and said second microprocessor or core or processing unit is separate from said inner hardware-based access barrier or inner hardware-based firewall; and said method comprising the steps of; controlling by at least said first computer at least one operation of said second computer through said private network of computers, said control including at least transmitting data and/or code by said first microprocessor or core or processing unit in said protected private unit of at least said first computer to said separate private network connection in said protected private unit of at least said first computer; transmitting data and/or code from said separate private network connection in said protected private unit of at least said first computer through said private network of computers to said separate private network connection in said protected private unit of at least said second computer; and receiving said data and/or code by said first microprocessor or core or processing unit in said protected private unit of at least said second computer from said separate private network connection in said protected private unit of at least said second computer; and transmitting said data and/or code by said first microprocessor or core or processing unit in said protected private unit to at least a part of said public unit in said second computer. - View Dependent Claims (21, 22, 23, 24, 25, 26)
-
-
27. A method of at least a first computer securely controlling through a private network at least a second computer, said computers being configured for connection to the Internet, each of said computers comprising:
-
at least one network connection configured for connection to at least a public network of computers including the Internet, said at least one network connection being located in at least one public unit of said computer, at least one additional and separate private network connection configured for connection to at least a separate, private network of computers, said at least one additional and separate private network connection being located in at least one protected private unit of said computer, and at least one inner hardware-based access barrier or inner hardware-based firewall that is located between and communicatively connects said at least one protected private unit of said computer and said at least one public unit of said computer; wherein said private and public units and said two separate network connections are separated by said at least one inner hardware-based access barrier or inner hardware-based firewall; said at least one protected private unit of the computer includes at least a first microprocessor or core or processing unit, said at least one public unit of the computer includes at least a second microprocessor or core or processing unit, configured to operate as a general purpose microprocessor or core or processing unit, and said second microprocessor or core or processing unit is separate from said inner hardware-based access barrier or inner hardware-based firewall; and said method comprising the steps of; controlling by at least said first computer at least one operation of said second computer through said private network of computers, said control including at least transmitting data and/or code by said first microprocessor or core or processing unit in said protected private unit of at least said first computer to said separate private network connection in said protected private unit of at least said first computer; transmitting data and/or code from said separate private network connection in said protected private unit of at least said first computer through said private network of computers to said separate private network connection in said protected private unit of at least said second computer; and receiving said data and/or code by said first microprocessor or core or processing unit in said protected private unit of at least said second computer from said separate private network connection in said protected private unit of at least said second computer; and transmitting said data and/or code by said first microprocessor or core or processing unit in said protected private unit to at least a part of said public unit in said second computer.
-
Specification