NETWORK SECURITY DEVICE AND METHOD
First Claim
1. A peripheral device for enabling a user to commence a session with a network, comprising:
- a security device comprising;
an immutable memory element that comprises first information including an application software that initiates a security operation;
a persistent memory element that comprises second information to enable the security device to configure the peripheral device to access a different network;
a volatile memory element that comprises third information, including data for authentication, where the third information is erased from the volatile memory at a completion of a connection session; and
an enclosure for enclosing the immutable memory element, the persistent memory element, and the volatile memory element.
1 Assignment
0 Petitions
Accused Products
Abstract
The invention describes a method for hardening a security mechanism against physical intrusion and substitution attacks. A user establishes a connection between a network peripheral device and a network via a security mechanism. The security mechanism includes read only memory (ROM) that contains code that initiates operation of the mechanism and performs authentication functions. A persistent memory contains configuration information. A volatile memory stores user and device identification information that remains valid only for a given session and is erased thereafter to prevent a future security breach. A tamper-evident enclosure surrounds the memory elements, which if breached, becomes readily apparent to the user.
70 Citations
20 Claims
-
1. A peripheral device for enabling a user to commence a session with a network, comprising:
a security device comprising; an immutable memory element that comprises first information including an application software that initiates a security operation; a persistent memory element that comprises second information to enable the security device to configure the peripheral device to access a different network; a volatile memory element that comprises third information, including data for authentication, where the third information is erased from the volatile memory at a completion of a connection session; and an enclosure for enclosing the immutable memory element, the persistent memory element, and the volatile memory element. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
-
20. A method for facilitating a connection session between a network peripheral device and a network, comprising:
-
deploying a security device within the network peripheral device; accessing an immutable memory element within the security device that comprises first information including an application software that initiates a security operation; accessing a persistent memory element within the security device that comprises second information to enable the security device to configure the peripheral device to access a different network; accessing a volatile memory element within the security device that comprises third information, including data for authentication; and erasing the third information at a completion of a connection session.
-
Specification