Context-aware network and situation management for crypto-partitioned networks
First Claim
Patent Images
1. An apparatus comprising:
- a computing device located in a trusted network, the computing device executing a network management system, the computing device comprising;
at least one processor; and
a memory storing instructions that, when executed, cause the at least one processor to;
access network information from the trusted network;
access network information from an untrusted network;
correlate one or more data flows in the trusted network to one or more encrypted data tunnels in the untrusted network to form fused network information; and
generate a cross-domain network topology for the trusted network and the untrusted network based on the fused network information.
0 Assignments
0 Petitions
Accused Products
Abstract
This disclosure describes a context aware scalable dynamic network whereby network information concerning network elements in an untrusted (Black) network are gathered by network sensors, stored at a network sensor collector, and sent to another network sensor collector in a trusted (Red) network through a one-way guard. At the Red network, the network information from the Black network may be combined with network information from one or more Red networks. The combined network information may then be used to visualize a cross-domain network topology of both Red and Black networks, and to implement network management functions.
-
Citations
17 Claims
-
1. An apparatus comprising:
a computing device located in a trusted network, the computing device executing a network management system, the computing device comprising; at least one processor; and a memory storing instructions that, when executed, cause the at least one processor to; access network information from the trusted network; access network information from an untrusted network; correlate one or more data flows in the trusted network to one or more encrypted data tunnels in the untrusted network to form fused network information; and generate a cross-domain network topology for the trusted network and the untrusted network based on the fused network information. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
12. A method comprising:
-
accessing network information from a trusted network; accessing network information from an untrusted network; correlating one or more data flows in the trusted network to one or more encrypted data tunnels in the untrusted network to form fused network information; and generating a cross-domain network topology for the trusted network and the untrusted network based on the fused network information. - View Dependent Claims (13, 14)
-
-
15. An apparatus comprising:
-
a database configured to store network information from a trusted network and network information from an untrusted network; and a computing device located in the trusted network, the computing device executing a network management system, the network management system configured to; correlate one or more data flows in the trusted network to one or more encrypted data tunnels in the untrusted network to form fused network information; and generate a cross-domain network topology for the trusted network and the untrusted network based on the fused network information.
-
-
16. A non-transitory computer-readable storage medium storing instructions that, when executed, cause one or more processors of a device to:
-
access network information from a trusted network; access network information from an untrusted network; correlate one or more data flows in the trusted network to one or more encrypted data tunnels in the untrusted network to form fused network information; and generate a cross-domain network topology for the trusted network and the untrusted network based on the fused network information. - View Dependent Claims (17)
-
Specification