Stand alone security device for computer networks
First Claim
1. A secured network interface unit (SNIU) for providing multi-level security on a network having a plurality of secured and unsecured users comprising:
- network interface means for communicating with other SNIUs, and intercepting and retransmitting packets on said network, wherein said packets correspond to a message sent between a source and destination user, both selected from said plurality of secured and unsecured users;
means for identifying said source and destination users;
associating means for dynamically determining whether another SNIU is affiliated with said destination user, and dynamically creating an association with said other SNIU if one does not already exist;
said association including security and encryption data relating to both said source and destination users;
a trusted computing base for determining whether said message, if retransmitted to said destination user, will violate security parameters; and
,cryptographic means for encrypting messages sent to, and decrypting messages received from said other SNIU affiliated with said destination user.
3 Assignments
0 Petitions
Accused Products
Abstract
A secured network interface unit (SNIU) for providing multi-level security on a network having a plurality of secured and unsecured users including: network interface means for communicating on the network; identifying the source and destination of a message intercepted on the network; determining the security levels of each of the plurality of users; a trusted computing base for determining whether the message, if transmitted to the destination user, will violate security parameters; and, cryptographically encrypting messages sent to, and decrypting messages received from another SNIU affiliated with the destination user.
155 Citations
23 Claims
-
1. A secured network interface unit (SNIU) for providing multi-level security on a network having a plurality of secured and unsecured users comprising:
-
network interface means for communicating with other SNIUs, and intercepting and retransmitting packets on said network, wherein said packets correspond to a message sent between a source and destination user, both selected from said plurality of secured and unsecured users; means for identifying said source and destination users; associating means for dynamically determining whether another SNIU is affiliated with said destination user, and dynamically creating an association with said other SNIU if one does not already exist;
said association including security and encryption data relating to both said source and destination users;a trusted computing base for determining whether said message, if retransmitted to said destination user, will violate security parameters; and
,cryptographic means for encrypting messages sent to, and decrypting messages received from said other SNIU affiliated with said destination user. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method of providing multilevel security network on a network having a plurality of users comprising:
-
transmitting a first message over said network from a first user selected from said plurality intended for a second user selected from said plurality; intercepting said first message with a first multilevel security network interface unit (SNIU); transmitting second and third messages over said network from said first SNIU intended for said second user; intercepting said second and third messages, and saving said second message, utilizing a second SNIU; transmitting fourth and fifth messages over said network intended for said second user utilizing said second SNIU; receiving said fourth and fifth messages at said second user, and causing said second user to ignore said fourth message and respond to said fifth message by transmitting a sixth message over said network intended for said second SNIU; receiving said sixth message with said second SNIU and transmitting a seventh message over said network intended for said first SNIU; receiving said seventh message with said first SNIU, and transmitting an eighth message over said network from said first SNIU intended for said second SNIU; receiving said eighth message with said second SNIU; and
,transmitting said first message over said network from said second SNIU, and intended for said second user. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
-
-
23. A secured network interface unit (SNIU) for providing multi-level security on a network having a plurality of secured and unsecured users comprising:
-
network interface means for communicating on said network; means for identifying the source and destination of a message intercepted on said network; means for determining the security levels of each of said plurality of users; a trusted computing base for determining whether said message, if transmitted to said destination user, will violate security parameters; and
, cryptographic means for encrypting messages sent to, and decrypting messages received from another SNIU affiliated with said destination user.
-
Specification