System and method for routing-based internet security

US 9,762,547 B2
Filed: 09/22/2014
Issued: 09/12/2017
Est. Priority Date: 12/22/2010
Status: Active Grant

First Claim

Patent Images

1. An apparatus for connecting to a processor and to a location-addressable memory having an address space, the memory is connectable to the processor via a serial bus of a first type, the apparatus comprising:

a first port couplable to a first serial bus of said first type for connecting to said processor;

a first interface coupled to said first port for receiving a first address word in said address space from said processor, the first address word consists of a sequence of bits, wherein each of the bits is associated with a level of significance;

a second port couplable to a second serial bus for connecting to said memory;

a second interface coupled to said second port for transmitting a second address word in said address space to said memory, the second address word consists of a sequence of bits, wherein each of the bits is associated with a level of significance;

a scrambler coupled between said first and second interfaces for converting using a one-to-one mapping said first address word to said second address word that is distinct from said first address word by re-arranging the sequence of at least two bits in said first address word;

a first serializer and first de-serializer coupled between said first interface and said scrambler, for converting to parallel the digital data received from said first interface and for serializing the digital data received from said scrambler; and

a second serializer and second de-serializer coupled between said second interface and said scrambler, for converting to parallel the digital data received from said second interface and for serializing the digital data received from said scrambler,wherein the converting comprises changing the significance level of at least two bits in said first address word.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Method and system for improving the security of storing digital data in a memory or its delivery as a message over the Internet from a sender to a receiver using one or more hops is disclosed. The message is split at the sender into multiple overlapping or non-overlapping slices according to a slicing scheme, and the slices are encapsulated in packets each destined to a different relay server as an intermediate node according to a delivery scheme. The relay servers relay the received slices to another other relay server or to the receiver. Upon receiving all the packets containing all the slices, the receiver combines the slices reversing the slicing scheme, whereby reconstructing the message sent.

345 Citations

97 Claims

1. An apparatus for connecting to a processor and to a location-addressable memory having an address space, the memory is connectable to the processor via a serial bus of a first type, the apparatus comprising:
- a first port couplable to a first serial bus of said first type for connecting to said processor;
  
  a first interface coupled to said first port for receiving a first address word in said address space from said processor, the first address word consists of a sequence of bits, wherein each of the bits is associated with a level of significance;
  
  a second port couplable to a second serial bus for connecting to said memory;
  
  a second interface coupled to said second port for transmitting a second address word in said address space to said memory, the second address word consists of a sequence of bits, wherein each of the bits is associated with a level of significance;
  
  a scrambler coupled between said first and second interfaces for converting using a one-to-one mapping said first address word to said second address word that is distinct from said first address word by re-arranging the sequence of at least two bits in said first address word;
  
  a first serializer and first de-serializer coupled between said first interface and said scrambler, for converting to parallel the digital data received from said first interface and for serializing the digital data received from said scrambler; and
  
  a second serializer and second de-serializer coupled between said second interface and said scrambler, for converting to parallel the digital data received from said second interface and for serializing the digital data received from said scrambler,wherein the converting comprises changing the significance level of at least two bits in said first address word.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87, 88, 89, 90, 91, 92, 93, 94, 95, 96, 97)
- - 2. The apparatus according to claim 1, wherein said scrambler is based only on electrical connections.
  - 3. The apparatus according to claim 1, wherein said scrambler is based on logic gates implementing a Boolean function.
  - 4. The apparatus according to claim 3, wherein said scrambler is based on discretely packaged logic gates.
  - 5. The apparatus according to claim 3, wherein said scrambler is based on Programmable Logic Device (PLD).
  - 6. The apparatus according to claim 3, wherein said scrambler is based on a memory.
  - 7. The apparatus according to claim 3, wherein said scrambler is based on a processor.
  - 8. The apparatus according to claim 1, wherein said conversion is according to a pre-set conversion scheme.
  - 9. The apparatus according to claim 8, wherein said conversion scheme is programmable.
  - 10. The apparatus according to claim 9, wherein said conversion scheme is programmable by said processor.
  - 11. The apparatus according to claim 10, wherein said scrambler coupled to said first serial bus for being addressable by said processor.
  - 12. The apparatus according to claim 1, wherein said second serial bus type is of the same type of said first serial bus.
  - 13. The apparatus according to claim 1, wherein said second serial bus type is distinct from said first bus type.
  - 14. The apparatus according to claim 1, further including said memory.
  - 15. The apparatus according to claim 14, wherein said memory is based on electrostatic, ferroelectric, magnetic, acoustic, optical, chemical, electronic, electric, or mechanical storage medium.
  - 16. The apparatus according to claim 14, wherein said memory is file-addressable or content-addressable.
  - 17. The apparatus according to claim 14, wherein said apparatus is part of a Network-attached Storage (NAS) or a Storage Area Network (SAN).
  - 18. The apparatus according to claim 14, wherein said memory is a once written memory.
  - 19. The apparatus according to claim 14, wherein said memory is connectable to said processor to be read from, or written to, via the second serial bus.
  - 20. The apparatus according to claim 1, further comprising a power supply having a power port couplable to be powered from a power source, said power supply having one or more Direct Current (DC) outputs for powering at least part of said memory.
  - 21. The apparatus according to claim 20, further comprising a power connector for connecting to said power source, and wherein said power port is coupled to said power connector.
  - 22. The apparatus according to claim 21, wherein said second bus is based on a cable carrying a power signal, wherein said apparatus further comprising a bus connector for connecting to said cable, and wherein said power port is coupled to said bus connected for powering said power supply from said power signal.
  - 23. The apparatus according to claim 1, wherein said memory is a sequential accessed memory.
  - 24. The apparatus according to claim 1, wherein said memory is location-based, randomly-accessed, and can be written multiple times.
  - 25. The apparatus according to claim 1, wherein said memory is based on semiconductor storage medium.
  - 26. The apparatus according to claim 25, wherein said memory is volatile.
  - 27. The apparatus according to claim 26, wherein said memory is one out of:
    - RAM, SRAM, DRAM, TTRAM and Z-RAM.
  - 28. The apparatus according to claim 25, wherein said memory is non-volatile.
  - 29. The apparatus according to claim 28, wherein said memory is one out of:
    - ROM, PROM, EPROM and EEROM.
  - 30. The apparatus according to claim 25, wherein said memory is based on Flash technology.
  - 31. The apparatus according to claim 30, wherein said memory is a SSD drive or USB ‘
    - Thumb’
      
      drive.
  - 32. The apparatus according to claim 1, wherein said memory is based on non-volatile magnetic storage medium.
  - 33. The apparatus according to claim 32, wherein said memory is an Hard Disk Drive (HDD).
  - 34. The apparatus according to claim 1, wherein said memory is based on an optical storage medium.
  - 35. The apparatus according to claim 34, wherein said storage medium is recordable and removable, and wherein said memory includes an optical disk drive.
  - 36. The apparatus according to claim 35, wherein said storage medium is one out of:
    - CD-RW, DVD-RW, DVD+RW, DVD-RAM and BD-RE.
  - 37. The apparatus according to claim 35, wherein said storage medium is readable and removable, and wherein said memory includes an optical disk drive.
  - 38. The apparatus according to claim 37, wherein said storage medium is one out of:
    - CD-ROM, BD-ROM and DVD-ROM.
  - 39. The apparatus according to claim 1, wherein said memory form factor is an Integrated Circuit (IC), a Printed Circuit Board (PCB) on which one or more ICs are mounted, or a box-shaped enclosure.
  - 40. The apparatus according to claim 1, wherein said first or said second bus is a Personal Area Network (PAN) or a Wide Area Network (WAN) communication link.
  - 41. The apparatus according to claim 1, wherein said first or said second bus is a Local Area Network (LAN) communication link.
  - 42. The apparatus according to claim 41, wherein said first or said second bus is based on Ethernet and is substantially compliant to IEEE 802.3 standard.
  - 43. The apparatus according to claim 42, wherein said first or said second bus is based on one out of:
    - 100BaseT/TX, 1000BaseT/TX, 10 gigabit Ethernet substantially according to IEEE Std 802.3ae-2002as standard, 40 Gigabit Ethernet, and 100 Gigabit Ethernet substantially according to IEEE P802.3ba standard.
  - 44. The apparatus according to claim 1 further comprising encryptor/decryptor using an encryption scheme coupled between said first and second interfaces, for encrypting and decrypting digital data between said first and second buses.
  - 45. The apparatus according to claim 44, wherein said encryption scheme is based on Advanced Encryption Standard (AES) 128, 192 or 256 bits.
  - 46. The apparatus according to claim 1, wherein said first or said second bus is based on a multi-drop or a daisy-chain topology.
  - 47. The apparatus according to claim 1, wherein said first or said second bus is based on a point-to-point connection.
  - 48. The apparatus according to claim 6, wherein said first or said second bus employs master/slave scheme.
  - 49. The apparatus according to claim 6, wherein said first or said second bus is based on full-duplex communication.
  - 50. The apparatus according to claim 6, wherein said first or said second bus is based on half-duplex communication.
  - 51. The apparatus according to claim 1, wherein said first or said second serial bus is a wired-based, and point-to-point, and wherein a timing, clocking or strobing signal is carried over dedicated wires.
  - 52. The apparatus according to claim 1, wherein said first or said second serial bus is a wired-based, and point-to-point, and wherein a timing, clocking or strobing signal is carried using a self-clocking scheme.
  - 53. The apparatus according to claim 1, wherein said first or said second serial bus medium is based on a fiber-optics cable, and wherein said apparatus respectively further comprising a fiber-optics connector for connecting to said fiber-optics cable.
  - 54. The apparatus according to claim 1, wherein said first or said second bus medium is based on conductors.
  - 55. The apparatus according to claim 54, wherein said first or said second bus medium is based on a bus cable including multiple wires, and wherein said apparatus further comprising a bus connector for connecting to said bus cable.
  - 56. The apparatus according to claim 55, wherein said bus cable is further carrying one or more power signals.
  - 57. The apparatus according to claim 56, wherein said power signal is powering at least part of the apparatus.
  - 58. The apparatus according to claim 55, wherein said one or more power signals are Direct Current (DC) type and are carried over dedicated wires.
  - 59. The apparatus according to claim 58, wherein said one or more power signals are Direct Current (DC) type and are carried over the same wires carrying digital data, and wherein said apparatus further comprising a power/data splitter arrangement having first, second and third ports, wherein only digital data signal is passed between said first and second ports, and only power signal is passed between said first and third ports, and wherein said first port is coupled to said bus connector.
  - 60. The apparatus according to claim 58, wherein said power and digital data signals are carried using Frequency Division Multiplexing (FDM), where the digital data signal is carried over a frequency band above and distinct from the power signal.
  - 61. The apparatus according to claim 60, wherein said power/data splitter comprising a High Pass Filter (HPF) between said first and second ports and a Low Pass Filter (LPF) between said first and third ports.
  - 62. The apparatus according to claim 60, wherein said power/data splitter comprising a transformer and a capacitor connected to the transformer windings.
  - 63. The apparatus according to claim 59, wherein said power and digital data signals are carried using phantom scheme.
  - 64. The apparatus according to claim 63, wherein said power/data splitter comprising at least two transformer having a center-tap connection.
  - 65. The apparatus according to claim 64, wherein said power and digital data signals are carried substantially according to IEEE 802.3af-2003 or IEEE 802.3at-2009 standards.
  - 66. The apparatus according to claim 56, wherein the apparatus is connected for at least in part supply said power signal.
  - 67. The apparatus according to claim 66, wherein said one or more power signals are Direct Current (DC) type and are carried over dedicated wires.
  - 68. The apparatus according to claim 66, wherein said one or more power signals are Direct Current (DC) type and are carried over the same wires carrying digital data, and wherein said apparatus further comprising a power/data combiner arrangement having first, second and third ports, wherein only digital data signal is passed between said first and second ports, and only power signal is passed between said first and third ports, and wherein said first port is coupled to said bus connector.
  - 69. The apparatus according to claim 68, wherein said power and digital data signals are carried using Frequency Division Multiplexing (FDM), where the digital data signal is carried over a frequency band above and distinct from the power signal.
  - 70. The apparatus according to claim 69, wherein said power/data combiner comprising a High Pass Filter (HPF) between said first and second ports and a Low Pass Filter (LPF) between said first and third ports.
  - 71. The apparatus according to claim 69, wherein said power/data combiner comprising a transformer and a capacitor connected to the transformer windings.
  - 72. The apparatus according to claim 68, wherein said power and digital data signals are carried using phantom scheme.
  - 73. The apparatus according to claim 72, wherein said power/data combiner comprising at least two transformer having a center-tap connection.
  - 74. The apparatus according to claim 73, wherein said power and digital data signals are carried substantially according to IEEE 802.3af-2003 or IEEE 802.3at-2009 standards.
  - 75. The apparatus according to claim 1 further implemented as a separate physical entity.
  - 76. The apparatus according to claim 75, further implemented in the form of a die, an Integrated Circuit (IC), a box-shaped enclosure or a Printed Circuit Board (PCB) carrying ICs and other electronic components, a plug-in card or a removable enclosure.
  - 77. The apparatus according to claim 1 further integrated with said memory.
  - 78. The apparatus according to claim 1 further integrated with said processor.
  - 79. The apparatus according to claim 1 further integrated with an intermediate device.
  - 80. The apparatus according to claim 79 further integrated with the intermediate device, wherein said intermediate device is one of a hub, a switch, a router and a bus expander.
  - 81. The apparatus according to claim 1, wherein said first bus or said second bus is based on a cable.
  - 82. The apparatus according to claim 81, wherein said cable includes conductive wires or is a fiber-optic cable.
  - 83. The apparatus according to claim 81, wherein said first interface or said second interface comprising a transmitter and a receiver coupled to said connector for respectively transmitting to, and receiving from, said cable.
  - 84. The apparatus according to claim 83, wherein said transmitter uses differential signaling, emphasis shaping, and self-clocking line-code.
  - 85. The apparatus according to claim 84, wherein said transmitter further employs error detection, alignment, clock-correction or channel-bonding.
  - 86. The apparatus according to claim 83, wherein said receiver uses equalization, impedance matching termination, and Phase Locked Loop (PLL).
  - 87. The apparatus according to claim 86, wherein said receiver further uses decoding and detecting encoding-based errors.
  - 88. The apparatus according to claim 1, further integrated with said processor or said memory.
  - 89. The apparatus according to claim 88, further comprising a component shared with said processor or said memory.
  - 90. The apparatus according to claim 89, further comprising a single enclosure housing said first and second ports, said first and second and said scrambler, said enclosure further housing said processor or said memory.
  - 91. The apparatus according to claim 89, further comprising a power supply for powering at least part of the apparatus, said power supply connected to power said processor or said memory.
  - 92. The apparatus according to claim 89, further comprising components mounted on a substrate, and wherein said substrate is used to support said processor or said memory.
  - 93. A set of two or more apparatuses each according to claim 1, wherein said apparatuses use scramblers having implementing the same scrambling schemes.
  - 94. The set according to claim 93, wherein said apparatuses are mechanically attached.
  - 95. The set according to claim 94, wherein said apparatuses are mechanically detachable.
  - 96. A set of the apparatus of claim 1 and a memory, wherein said apparatus is formed as a plug-in and removable unit with said memory.
  - 97. A set of the apparatus of claim 1 and a computer including said processor, wherein said apparatus is formed as a plug-in and removable unit with said computer.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
May Patents Ltd.
Original Assignee
May Patents Ltd.
Inventors
Binder, Yehuda
Primary Examiner(s)
SHOLEMAN, ABU S

Application Number

US14/492,551
Publication Number

US 20150012757A1
Time in Patent Office

1,086 Days
Field of Search

713190, 709217
US Class Current
CPC Class Codes

G06F 21/602   Providing cryptographic fac...

G06F 21/78   to assure secure storage of...

G06F 21/80   in storage media based on m...

G06F 21/85   interconnection devices, e....

G06F 7/58   Random or pseudo-random num...

H04L 51/046   Interoperability with other...

H04L 63/0281   Proxies

H04L 63/0428   wherein the data content is...

H04L 63/18   using different networks or...

H04L 67/63   Routing a service request d...

System and method for routing-based internet security

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

345 Citations

97 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for routing-based internet security

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

345 Citations

97 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links