System and method for providing multi-level security in computer devices utilized with non-secure networks
July 30, 2016. Estimated Expiration Date is calculated based on simple USPTO term provisions. It does not account for terminal disclaimers, term adjustments, failure to pay maintenance fees, or other factors which might affect the term of a patent.Patent ReferencesRemote trusted path mechanism for telnet Computer network operating with multilevel hierarchical security with selectable common trust realms and corresponding security protocols System and method for controlling the use of a computer Method and apparatus for key-management scheme for use with internet protocols at site firewalls Apparatus and method for providing multi-level security for communication among computers and terminals on a network Method for providing a security facility for a network of management servers utilizing a database of trust relations to verify mutual trust relations between management servers Patent #: 5619657 InventorsAssigneeApplicationNo. 688543 filed on 07/30/1996US Classes:709/225, Computer network access regulating709/229, Network resources access controlling709/250NETWORK-TO-COMPUTER INTERFACINGExaminersPrimary: Lall, Parshotam S.Assistant: Vu, Viet D. Attorney, Agent or FirmInternational ClassG06F 013/00AbstractA multi-level network security system is disclosed for a computer host device coupled to at least one computer network. The system including a secure network interface Unit (SNIU) contained within a communications stack of the computer device that operates at a user layer communications protocol. The SNIU communicates with other like SNIU devices on the network by establishing an association, thereby creating a global security perimeter for end-to-end communications and wherein the network may be individually secure or non-secure without compromising security of communications within the global security perimeter. The SNIU includes a host/network interface for receiving messages sent between the computer device and network. The interface operative to convert the received messages to and from a format utilized by the network. A message parser for determining whether the association already exists with another SNIU device. A session manager coupled to said network interface for identifying and verifying the computer device requesting access to said network. The session manager also for transmitting messages received from the computer device when the message parser determines the association already exists. An association manager coupled to the host/network interface for establishing an association with other like SNIU devices when the message parser determines the association does not exist. | |
