Apparatus and method for providing network security

US 5,940,591 A
Filed: 10/03/1996
Issued: 08/17/1999
Est. Priority Date: 07/11/1991
Status: Expired due to Term

First Claim

Patent Images

1. A multi-level network security apparatus for a computer network having at least one user coupled thereto, the at least one user selected from a group consisting of a host computer and a second untrusted network, comprising:

a secure network interface unit (SNIU) having a first port for coupling to said at least one user and a second port for directly connecting to the computer network which operates at a user layer communications protocol, said SNIU providing security control by controlling access to the computer network at least one of the layers above the transport layer of the communications protocol,wherein the SNIU is implemented to create a global security perimeter for end-to-end communications and wherein the computer network may be individually secure or non-secure without compromising security of communications within said global security perimeter; and

a security management architecture, including a security manager (SM) coupled to said SNIU for causing said SNIU to be initialized, operated and configured for protecting the security communications transmitted through said SNIU, said SM capable of implementing at least one of a plurality of security policies.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A multi-level security apparatus and method for a network employs a secure network interface unit (SNIU) coupled between each host or user computer unit and a network, and a security management (SM) architecture, including a security manager (SM) coupled to the network, for controlling the operation and configuration of the SNIUs coupled to the network. Each SNIU is operative at a session level of interconnection which occurs when a user on the network is identified and a communication session is to commence. When an SNIU is implemented at each computer unit on the network, a global security perimeter is provided. In a preferred embodiment, the SNIU is configured to perform a defined session level protocol (SLP), including the core functions of user interface, session manager, dialog manager, association manager and data sealer, and network interface. The SM architecture is implemented to ensure user accountability, configuration management, security administration, and validation key management on the network. The SM functions are distributed over three platforms, i.e., a SNIU security manager (SSM), an area security manager (ASM), and a network security manager (NSM).

470 Citations

54 Claims

1. A multi-level network security apparatus for a computer network having at least one user coupled thereto, the at least one user selected from a group consisting of a host computer and a second untrusted network, comprising:
- a secure network interface unit (SNIU) having a first port for coupling to said at least one user and a second port for directly connecting to the computer network which operates at a user layer communications protocol, said SNIU providing security control by controlling access to the computer network at least one of the layers above the transport layer of the communications protocol,wherein the SNIU is implemented to create a global security perimeter for end-to-end communications and wherein the computer network may be individually secure or non-secure without compromising security of communications within said global security perimeter; and
  
  a security management architecture, including a security manager (SM) coupled to said SNIU for causing said SNIU to be initialized, operated and configured for protecting the security communications transmitted through said SNIU, said SM capable of implementing at least one of a plurality of security policies.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 44)
- - 2. The network security apparatus according to claim 1, wherein said plurality of security policies is selected from the group consisting of discretionary access control, mandatory access control, object reuse, labeling, denial of service detection, data type integrity, cascading control and covert channel use detection.
  - 3. The network security apparatus according to claim 1, said SNIU further comprising an association manager operable to establish and control a user session at a session layer of interconnection between the at least one user and the network.
  - 4. The network security apparatus according to claim 3, said SNIU further comprising a dialog manager in communication with said association manager and said security manager for setting up, controlling, and terminating a data path established in said SNIU.
  - 5. The network security apparatus according to claim 1, said SNIU further comprising a session manager for identifying a user requesting access to the network.
  - 6. The network security apparatus according to claim 1, said SNIU further comprising an association manager which operates to establish and control a user session at a session layer of interconnection between the at least one user and the network if the at least one user is verified for access.
  - 7. The network security apparatus according to claim 1, wherein said SNIU further comprises means for performing a defined trusted session layer protocol (TSP), said TSP constituting said user layer communications protocol.
  - 8. The network security apparatus according to claim 1, wherein said SNIU is operable to prevent covert information flow within said global security perimeter for end-to-end communications.
  - 9. The network security apparatus according to claim 1, wherein said SNIU includes a data sealer for validating data transmitted through said SNIU.
  - 10. The network security apparatus according to claim 1, wherein functions of said SM comprise exchanging data and commands with said SNIU, performing initialization, configuration control, access control, sealer key management, and audit alarms.
  - 44. The apparatus of claim 4, wherein said means for performing said SM functions are distributed over three platforms, i.e., a SNIU security manager (SSM), an area security manager (ASM) and a network security manager (NSM), wherein an NSM associated with said untrusted network and said SNIU and a second NSM associated with said second network and said remote SNIU both operate to control and initialize said remote SNIU.

11. A method of providing multi-level network security for a computer network having at least one user coupled thereto, the at least one user selected from a group consisting of a host computer and at least a second network, said method comprising steps of:
- coupling a secure network interface unit (SNIU) to said at least one user and directly to the computer network which operates at a user layer communications protocol, said SNIU providing security control by controlling access to the computer network at at least one of the layers above the transport layer of the communications protocol,whereby the SNIU is implemented to create a global security perimeter for end-to-end communications and wherein the computer network may be individually secure or non-secure without compromising security of communications within said global security perimeter; and
  
  ,performing security management utilizing a security manager (SM) connected to said SNIU for causing said SNIU to be operated and configured for protecting the security communications transmitted through said SNIU between the at least one user and the computer network, said SM capable of implementing at least one of a plurality of security policies.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 12. The method of providing network security according to claim 11, wherein said plurality of security policies is selected from the group consisting of discretionary access control, mandatory access control, object reuse, labeling, denial of service detection, data type integrity, cascading control and covert channel use detection.
  - 13. The method of providing network security according to claim 11, wherein said step of performing security management further comprises the step of establishing a defined trusted session layer protocol (TSP) through said SNIU, said TSP constituting said user layer communications protocol.
  - 14. The method of providing network security according to claim 11, further comprising the step of controlling a data path established in said SNIU.
  - 15. The method of providing network security according to claim 11, further comprising the step of identifying a user requesting access to the computer network.
  - 16. The method of providing network security according to claim 11, further comprising the step of controlling a user session at a session layer of interconnection between the at least one user and the computer network if the at least one user is verified for access.
  - 17. The method of providing network security according to claim 11, wherein functions of said SM comprises a SNIU security manager (SSM), and area security manager (ASM), and a network security manager (NSM).
  - 18. The method of providing network security according to claim 11, further comprising the step of preventing covert information flow within said global security perimeter for end-to-end communications.
  - 19. The method of providing network security according to claim 11, wherein said SNIU includes a data sealer for validating data transmitted through said SNIU.
  - 20. The method of providing network security according to claim 11, wherein functions of said SM comprise exchanging data and commands with said SNIU, performing initialization, configuration control, access control, sealer key management, and audit alarms.

21. A method of providing multi-level network security for a computer network having at least one user coupled thereto, the at least one user selected from a group consisting of a host computer and at least a second network, said method comprising steps of:
- coupling a secure network interface unit (SNIU) to at least one user and directly to the computer network, and establishing a session layer interconnection between the at least one user and the computer network,whereby the SNIU is implemented to create a global security perimeter for end-to-end communications and wherein the computer network may be individually secure or non-secure without compromising security of communications within said global security perimeter; and
  
  ,performing security management utilizing a security manager (SM) for causing said SNIU to be operated and configured for controlling access to the computer network at or above the session layer by verifying at or above the session layer if an identified user is authorized for access to the computer network.
- View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30)
- - 22. The method of providing network security according to claim 21, wherein said plurality of security policies is selected from the group consisting of discretionary access control, mandatory access control, object reuse, labeling, denial of service detection, data type integrity, cascading control and covert channel use detection.
  - 23. The method of providing network security according to claim 21, wherein said step of performing security management further comprises the step of establishing a defined trusted session layer protocol (TSP) through said SNIU, said TSP constituting said user layer communications protocol.
  - 24. The method of providing network security according to claim 21, further comprising the step of controlling a data path established in said SNIU.
  - 25. The method of providing network security according to claim 21, further comprising the step of identifying a user requesting access to the computer network.
  - 26. The method of providing network security according to claim 21, further comprising the step of controlling a user session at a session layer of interconnection between the at least one user and the computer network if the at least one user is verified for access.
  - 27. The method of providing network security according to claim 21, wherein functions of said SM comprises a SNIU security manager (SSM), and area security manager (ASM), and a network security manager (NSM).
  - 28. The method of providing network security according to claim 21, further comprising the step of preventing covert information flow within said global security perimeter for end-to-end communications.
  - 29. The method of providing network security according to claim 21, wherein said SNIU includes a data sealer for validating data transmitted through said SNIU.
  - 30. The method of providing network security according to claim 21, wherein functions of said SM comprise exchanging data and commands with said SNIU, performing initialization, configuration control, access control, sealer key management, and audit alarms.

31. A network security apparatus for providing secure communication of information communicated via an untrusted network, said apparatus comprising:
- at least one secure network interface unit (SNIU) coupled between a host computer and said untrusted network, said SNIU performing user authentication and bidirectional multi-level access control for information communicated via the untrusted network, said SNIU supporting accountability, data integrity, data confidentiality and network resource access policies on a per user basis, whereby said host computer and said untrusted network may be individually secure or non-secure without compromising security of communication of information communicated via the untrusted network.
- View Dependent Claims (32, 33, 34, 35, 36, 37, 38, 39, 40)
- - 32. The network security apparatus according to claim 31, wherein said network resource access policy include discretionary access control and mandatory access control.
  - 33. The network security apparatus according to claim 31, wherein said accountability policy includes auditing.
  - 34. The network security apparatus according to claim 31, said accountability, data integrity, data confidentiality and network resource access policies include labeling, cascading control, and covert channel use detection.
  - 35. The network security apparatus according to claim 31, further comprising a security manager for causing said SNIU to be initialized, operated, and configured for protecting the security communications transmitted through said SNIU.
  - 36. The network security apparatus according to claim 35, said SNIU further comprising an association manager operable to establish and control a user session layer of interconnection between the computer host and the untrusted network.
  - 37. The network security apparatus according to claim 36, said SNIU further comprising a dialog manager in communication with said association manager and said security manager for setting up, controlling, and terminating a data path established in said SNIU.
  - 38. The network security apparatus according to claim 31, said SNIU further comprising a session manager for identifying a user requesting access to the untrusted network.
  - 39. The network security apparatus according to claim 35, said SNIU further comprising an association manager which operates to establish and control a user session at a session layer of interconnection between the computer host and the untrusted network if the user is verified.
  - 40. The network security apparatus according to claim 31, wherein said SNIU further comprises means for performinig a defined trusted session layer protocol (TSP), said TSP constituting a user layer communications protocol.

41. A network security system for providing secure communication of information communicated via an untrusted network, said system comprising:
- a plurality of secure network interface units (SNIUs) each coupled between a respective host computer and said untrusted network, each said SNIU performing user authentication and bidirectional multi-level access control for information communicated via the untrusted network, said SNIU supporting accountability, data integrity, data confidentiality and network resource access policies on a per user basis, whereby said host computer and said untrusted network may be individually secure or non-secure without compromising security of information communicated via the untrusted network; and
  
  a security management architecture including a security manager (SM) coupled to each said SNIU having means for causing each SNIU to be initialized, operated and configured for protecting the security communications transmitted through each said SNIU, said SM capable of implementing at least one of a plurality of security policies.
- View Dependent Claims (42)
- - 42. The network security system according to claim 41, wherein at least one of said plurality of SNIUs is operative to act as a gateway between networks.

43. A multi-level network security apparatus for communicating over an untrusted network between a computer user and at least a second network, comprising:
- a secure network interface unit (SNIU) coupled at a first port to said computer user and at a second port to said untrusted network, said SNIU providing security control by controlling access and communications to the untrusted network, said SNIU operable to initialize and maintain a communication path across the untrusted network and said at least one second network with a remote SNIU for passing data therebetween;
  
  said remote SNIU coupled directly between said untrusted network and said second network and operable as a gateway to communicate with said SNIU over said communication path to transceive data at said second network when said second network uses different security labeling than said untrusted network;
  
  wherein each SNIU is implemented to create a global security perimeter for end-to-end communications; and
  
  a security management architecture including a security manager (SM) coupled to each said SNIU having means for causing each SNIU to be initialized, operated and configured for protecting the security communications transmitted through each said SNIU, said SM capable of implementing at least one of a plurality of security policies.

45. A multi-level network security apparatus for communicating over an untrusted network between a computer user and at least a second network, comprising:
- a secure network interface unit (SNIU) coupled at a first port to said computer user and at a second port to said untrusted network, said SNIU providing security control by controlling access and communications to the untrusted network, said SNIU operable to initialize and maintain a communication path across the untrusted network and said at least one second network with a remote SNIU for passing data therebetween via duplex, simplex, or multicast communications means;
  
  said remote SNIU coupled directly between said untrusted network and said second network and operable as a router to communicate with said SNIU over said communication path to transceive data at said second network when said second network uses the same security labeling as said untrusted network and operates at different protection levels;
  
  wherein each SNIU is implemented to create a global security perimeter for end-to-end communications; and
  
  a security management architecture including a security manager (SM) coupled to each said SNIU having means for causing each SNIU to be initialized, operated and configured for protecting the security communications transmitted through each said SNIU, said SM capable of implementing at least one of a plurality of security policies.

46. A method for providing multi-level network security for an untrusted computer network having at least one host computer associated with a user coupled thereto, said method comprising the steps of:
- coupling a secure network interface unit (SNIU) between said at least one host computer and said untrusted network,establishing a session layer interconnection between said at least one host computer and the untrusted network,performing user authentication and bi-directional multi-level access control for information communicated via said untrusted network utilizing said SNIU; and
  
  performing security management by providing accountability, data integrity, data confidentiality, and network resource access policies on a per user basis, whereby said host computer and said untrusted network may be individually secure or non-secure without compromising security of communication of information communicated via the untrusted network.
- View Dependent Claims (47, 48, 49, 50, 51, 52)
- - 47. The method of providing network security according to claim 46, wherein said step of performing security management further comprises the step of establishing a defined trusted session layer protocol (TSP) through said SNIU, said TSP constituting user layer communications protocol.
  - 48. The method of providing network security according to claim 46, further comprising the step of controlling a data path established in said SNIU.
  - 49. The method of providing network security according to claim 46, further comprising the step of identifying a user associated with a host computer requesting access to the network.
  - 50. The method of providing network security according to claim 49, further comprising the step of controlling a user session at a session layer of interconnection between the at least one host computer and the untrusted network if the associated user is verified for access.
  - 51. The method of providing network security according to claim 46, wherein the step of performing security management further comprises preventing covert information flow within a global security perimeter associated with the SNIU for end-to-end communications.
  - 52. The method of providing network security according to claim 46, wherein functions of said security management comprise exchanging data and commands with said SNIU, performing initialization, configuration control, access control, sealer key management, and audit alarms.

53. A network security apparatus for providing secure communication of information communicated via an untrusted network, said apparatus comprising:
- bidirectional means for performing user authentication and bidirectional multi-level access control for information communicated via the untrusted network;
  
  security means for causing said bi-directional means to be initialized, operated, and configured for protecting the security communications transmitted to said bi-directional means, said security means capable of implementing at least one of a plurality security policies on a per user basis, wherein said bidirectional means is coupled between a host computer and said untrusted network, whereby said host computer and said untrusted network may be individually secure or non-secure without compromising security of communication of information communicated by said untrusted network.
- View Dependent Claims (54)
- - 54. A network security apparatus according to claim 53, wherein said plurality of security policies is selected from a group consisting of discretionary access control, mandatory access control, labeling, denial of service detection, data typing integrity, cascading control, and covert channel use detection.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Round Rock Research LLC
Original Assignee
ITT Corporation (ITT, Inc.)
Inventors
Boyle, John M., Snow, David W., Maiwald, Eric S.
Primary Examiner(s)
ELISCA, PIERRE E

Application Number

US08/720,906
Time in Patent Office

1,048 Days
Field of Search

395/200.06, 395/187.01, 395/186, 395/188.01, 395/200.55, 395/200.59, 340/825.34, 340/825.3, 380/49, 380/25, 380/4, 380/3, 380/23, 364/284.4, 711/163
US Class Current

726/3
CPC Class Codes

G06F 21/6218   to a system of files or obj...

G06F 2211/009   Trust

G06F 2221/2101   Auditing as a secondary aspect

G06F 2221/2113   Multi-level security, e.g. ...

H04L 41/0893   Assignment of logical group...

H04L 41/0894   Policy-based network config...

H04L 41/28   Restricting access to netwo...

H04L 63/0442   wherein the sending and rec...

H04L 63/0823   using certificates cryptogr...

H04L 63/105   Multiple levels of security

H04L 69/08   Protocols for interworking;...

H04L 69/327   in the session layer [OSI l...

H04L 9/40   Network security protocols

Apparatus and method for providing network security

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

470 Citations

54 Claims

Specification

Solutions

Use Cases

Quick Links

Apparatus and method for providing network security

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

470 Citations

54 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links