SYSTEM AND METHOD FOR AN ENDPOINT HARDWARE ASSISTED NETWORK FIREWALL IN A SECURITY ENVIRONMENT
First Claim
1. At least one computer-readable medium that includes code for execution and when executed by at least one processor is operable to perform operations to:
- receive a traffic flow at a tamper resistant environment on a host from an application executing on the host, wherein the tamper resistant environment is separated from an operating system of the host;
create a modified traffic flow by adding information associated with the application to the received traffic flow and by adding a device identifier of the host to the received traffic flow; and
send the modified traffic flow to a server.
11 Assignments
0 Petitions
Accused Products
Abstract
A method is provided in one example embodiment and includes receiving a traffic flow at a tamper resistant environment from an application, where the tamper resistant environment is separated from a host operating system. The method also includes applying a security token to the traffic flow and sending the traffic flow to a server. In specific embodiments, a security module may add information about the application to traffic flow. A trapping module may monitor for a memory condition and identify the memory condition. The trapping module may also, responsive to identifying the memory condition, initiate a virtual environment for the application, and check the integrity of the traffic flow.
10 Citations
25 Claims
-
1. At least one computer-readable medium that includes code for execution and when executed by at least one processor is operable to perform operations to:
-
receive a traffic flow at a tamper resistant environment on a host from an application executing on the host, wherein the tamper resistant environment is separated from an operating system of the host; create a modified traffic flow by adding information associated with the application to the received traffic flow and by adding a device identifier of the host to the received traffic flow; and send the modified traffic flow to a server. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. An apparatus, comprising:
-
at least one processor; and a security engine including a tamper resistant environment coupled to the at least one processor to; receive a traffic flow from an application executing on the apparatus, wherein the tamper resistant environment is separated from an operating system of the apparatus; create a modified traffic flow by adding information associated with the application to the received traffic flow and by adding a device identifier of the apparatus to the received traffic flow; and send the modified traffic flow to a server. - View Dependent Claims (16, 17, 18, 19, 20)
-
-
21. A method comprising:
-
receiving a traffic flow at a tamper resistant environment on a host from an application executing on the host, wherein the tamper resistant environment is separated from an operating system of the host; creating a modified traffic flow by adding information associated with the application to the received traffic flow and by adding a device identifier of the host to the received traffic flow; and sending the modified traffic flow to a server. - View Dependent Claims (22, 23, 24, 25)
-
Specification