Communication network intended for secure transmissions
First Claim
1. Apparatus for a communication network for secure transmission of speech and data, including different types of subscriber terminals (1-4) and switching modules (7-8), where subscriber lines (23-26) connect each subscriber terminal with a switching module and transmission links (19-22) connect switching modules to other switching modules in the network, where transmission links and subscriber lines each carry one or more communication channels, and where the apparatus comprises:
- cryptographic devices (13-15) to undertake cryptographic transformations of information transmitted through the network, and where at least one of the cryptographic devices is constituted by a cryptographic-pool device having a number of cryptographic modules (35) wherein the cryptographic-pool device is physically separated from the switching modules (7,
8), and wherein the cryptographic-pool device communicates with the switching modules by means of interface signals wherein the cryptographic-pool device is responsive to at least one of a plurality of devices including subscriber terminals, switching modules and selected network equipment, wherein at least one of the cryptographic-pool devices (13-15) is within a security guard (9 or
10) connected between a switching module (7 or
8) and the network.
1 Assignment
0 Petitions
Accused Products
Abstract
A secure communications network having different types of subscriber terminals (1-4) and switching modules (7-8) connected to other switching modules in the network includes cryptographic devices (13-15) where at least one of the cryptographic devices is a cryptographic-pool device having a number of cryptographic modules (35) wherein the cryptographic-pool device is physically separated from the switching modules (7,8), and wherein at least one of the cryptographic-pool devices (13-18) is within a security guard (9 or 10) connected between a switching module (7 or 8) and the network. A security guard may include routing devices (32,31) or handling control signals that specify protection criteria. A managing device (30) may also be included within a security guard for deciding the manner for carrying a communication channel through the security guard and for setting out rules for governing security-guard decision-making. The managing device may be selectively controlled both on-line and off-line.
21 Citations
17 Claims
-
1. Apparatus for a communication network for secure transmission of speech and data, including different types of subscriber terminals (1-4) and switching modules (7-8), where subscriber lines (23-26) connect each subscriber terminal with a switching module and transmission links (19-22) connect switching modules to other switching modules in the network, where transmission links and subscriber lines each carry one or more communication channels, and where the apparatus comprises:
- cryptographic devices (13-15) to undertake cryptographic transformations of information transmitted through the network, and where at least one of the cryptographic devices is constituted by a cryptographic-pool device having a number of cryptographic modules (35) wherein the cryptographic-pool device is physically separated from the switching modules (7,
8), and wherein the cryptographic-pool device communicates with the switching modules by means of interface signals wherein the cryptographic-pool device is responsive to at least one of a plurality of devices including subscriber terminals, switching modules and selected network equipment, wherein at least one of the cryptographic-pool devices (13-15) is within a security guard (9 or
10) connected between a switching module (7 or
8) and the network. - View Dependent Claims (2, 3, 4, 5, 6, 7)
- cryptographic devices (13-15) to undertake cryptographic transformations of information transmitted through the network, and where at least one of the cryptographic devices is constituted by a cryptographic-pool device having a number of cryptographic modules (35) wherein the cryptographic-pool device is physically separated from the switching modules (7,
-
8. Apparatus for a communication network for protected transmission of speech and data, including subscriber terminals (1-4) and switching modules (7-8), where subscriber lines (23-26) connect each subscriber terminal with a switching module and transmission links (19-22) connect switching modules to other switching modules in the network where transmission links and subscriber lines are arranged to carry one or more communication channels, where the apparatus comprises:
- cryptographic devices (13-15) to undertake cryptographic transformations of information transmitted through the network, and where at least one of the cryptographic devices includes a cryptographic-pool device having a number of cryptographic modules (35) wherein the cryptographic-pool device is physically separated from the switching modules (7,
8), and wherein the cryptographic-pool device communicates with the switching modules by means of interface signals wherein the cryptographic-pool device is responsive to subscriber terminals, from switching modules and from selected network equipment, wherein at least one of the cryptographic-pool devices (13-15) is within a security guard (9,
10) wherein the security guard (9,
10) is a stand-alone like device arranged in at least one of the transmission links (19/20, 22/21) of the switching modules (7,
8) and comprises a managing device (30) for monitoring signalling information on one of a plurality of signalling channels (38,
39) for detecting a communication channel that has been selected for cryptographic transformation, and a data packet that has been selected for protection, and for signalling the selected protection by sending control signals to routing devices (32,
31) and cryptographic modules (35) of a security guard, and for specifying the protection criteria, for selectively transmitting protected information between any two terminals. - View Dependent Claims (9, 10, 11, 12, 13, 14)
- cryptographic devices (13-15) to undertake cryptographic transformations of information transmitted through the network, and where at least one of the cryptographic devices includes a cryptographic-pool device having a number of cryptographic modules (35) wherein the cryptographic-pool device is physically separated from the switching modules (7,
-
15. Apparatus for a communication network for secure transmission of speech and data, including different types of subscriber terminals (1-4) and switching modules (7-8), where subscriber lines (23-26) connect each subscriber terminal with a switching module and transmission links (19-22) connect switching modules to other switching modules in the network, where transmission links and subscriber lines each carry one or more communication channels, and where the apparatus comprises:
- cryptographic devices (13-15) to undertake cryptographic transformations of information transmitted through the network, and where at least one of the cryptographic devices is constituted by a cryptographic-pool device having a number of cryptographic modules (35) wherein the cryptographic-pool device is physically separated from the switching modules (7,
8), and wherein the cryptographic-pool device communicates with the switching modules by means of interface signals wherein the cryptographic-pool device is responsive to at least one of a plurality of devices including subscriber terminals, switching modules and selected network equipment, wherein at least one of the cryptographic-pool devices (13-15) is within a security guard (9 or
10) connected between a switching module (7 or
8) and the network wherein the security guard (9 or
10) includes a managing device (30) for specifying criteria for a communication channel subjected to cryptographic transformation and for a data packet on a virtual communication channel subjected to protection, wherein the managing device (30) is for setting out rules for governing security-guard decision-making, and is for being maintained both on-line and off-line. - View Dependent Claims (16)
- cryptographic devices (13-15) to undertake cryptographic transformations of information transmitted through the network, and where at least one of the cryptographic devices is constituted by a cryptographic-pool device having a number of cryptographic modules (35) wherein the cryptographic-pool device is physically separated from the switching modules (7,
-
17. Apparatus for a communication network for protected transmission of speech and data, including subscriber terminals (1-4) and switching modules (7-8), where subscriber lines (23-26) connect each subscriber terminal with a switching module and transmission links (19-22) connect switching modules to other switching modules in the network, where transmission links and subscriber lines are arranged to carry one or more communication channels, where the apparatus comprises:
- cryptographic devices (13-15) to undertake cryptographic transformations of information transmitted through the network, and where at least one of the cryptographic devices (13-15) includes a cryptographic-pool device (13-15) having a number of cryptographic modules (35) wherein the cryptographic-pool device is physically separated from the switching modules (7,
8), and wherein the cryptographic-pool device communicates with the switching modules by means of interface signals wherein the cryptographic-pool device is responsive to at least one of a plurality of devices including subscriber terminals, switching modules and selected network equipment, wherein at least one of the cryptographic-pool devices is within a security guard (9,
10) wherein the security guard (9,
10) is a stand-alone like device arranged in at least one of the transmission links (19/20, 22/21) of the switching modules (7,
8) and comprises a managing device (30) for monitoring signalling information on one of a plurality of signalling channels (38,
39) for detecting a communication channel selected for cryptographic transformation, and a data packet selected for protection, and for signalling the selected protection by sending control signals to routing devices (32,
31) and cryptographic modules (35) of a security guard, and for specifying the protection criteria, for selectively transmitting protected information between any two terminals, wherein the managing device (30) is selectively controlled both on-line and off-line.
- cryptographic devices (13-15) to undertake cryptographic transformations of information transmitted through the network, and where at least one of the cryptographic devices (13-15) includes a cryptographic-pool device (13-15) having a number of cryptographic modules (35) wherein the cryptographic-pool device is physically separated from the switching modules (7,
Specification