Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Central trusted authority provides computer authentication
Reexamination Certificate
1998-11-24
2002-03-05
Peeso, Thomas R. (Department: 2132)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Central trusted authority provides computer authentication
C713S151000, C713S153000, C380S255000
Reexamination Certificate
active
06353886
ABSTRACT:
This application claims priority from previously filed Canadian application serial number 2,228,687 filed on Feb. 4, 1998.
FIELD OF THE INVENTION
This invention relates generally to communications networks and more particularly to a secured virtual private network (SVPN).
BACKGROUND OF THE INVENTION
In general form, computer networks are composed of a set of resource entities such as servers, printers, gateways, modems, etc.; a set of requestor entities such as users, user groups, and programs that access resources to retrieve data or manage resources; and means of communicating between the two sets of entities including, for example the network itself, routers, protocols, etc. Network nodes often belong to more than one of the above sets. The relationship between the resource entity set and the requestor entity set is often subject to a set of rules hereinafter referred to as “network policies.” Network policies also comprise, for example, information regarding behavior of resources.
Network security data is a very common form of network policy data. Network security data may be considered as a collection of data records stored in an electronic medium. Records may contain any data item regarding requesters, resources, or the relationship therebetween. Examples of such records include: access rights, logging of successful or unsuccessful access to a device, billing of usage to a user's cost center, user password expiration date, restriction of access to certain hours, restriction of access to users physically located within a building, device status information, time related routing information, and so forth.
Network entities may query the policy database and determine actions to conform to the policy. For example, Windows 95® allows a user to disable or enable dial-up access. Depending on the configuration settings—policies—dial-up access is permitted or restricted. Also, user identities may be verified by information in the policy database. This data commonly relates to access codes or passwords. Users may create or receive access keys allowing them access to a predetermined set of resources. Many implementations exist for this conceptual policy database. Examples of such arrangements are Windows NT® domain administration system and Unix® Network Information Service (NIS). Those systems however, suffer an inherent weakness: if the policy database is compromised, the network security as a whole is compromised. Therefore, common practice restricts policy database modifications to local or highly secure access only. The benefits of a secure policy database having remote administration capabilities are obvious. Also, a more flexible policy implementation system would be beneficial. Generally policies are stored and implemented local to a single system. Referring to the example of the Windows 95® operating system, all policies are executed local to the system such that access is permitted or denied on the one computer system and storage media and peripherals connected thereto. This type of architecture increases system security, often at the expense of flexibility.
Connecting geographically separate computer systems or networks together is a common business need. Often the best interface for such a connection is for the remote system or network to appear as if it were on the local network. In many cases the most cost-effective medium for connecting remote systems is a public network such as the Internet, public switched telephone networks or other common carrier data networks. A common method for providing a network-like connection using a public network is known as Virtual Private Network (VPN). Basically, a VPN provides a means of transparent communication through a public network. This results in remote workstations and/or remote sections of the network appearing physically connected to the network through dedicated communication cables. Users using workstations at different physical locations separated by the public network are often provided with little indication of the public network—to them, the public network is merely another “cable.”
In many cases VPNs compromise data security and integrity by exposing network communications and networks involved to unauthorized intrusion. In order to increase security the Internet Engineering Task Force (IETF) has developed the IPSEC standard. IPSEC is an extension to TCP/IP that utilizes data encryption methods and digital certificates mechanisms to positively verify an identity of a user or a workstation. While the IPSEC is specific to the TCP/IP protocol suite, the certificates, encryption mechanisms and general principles stipulated in IPSEC are also applicable to other computer communication networks. Implementation of IPSEC results in a Secure Virtual Private Network or SVPN.
The common implementation of a secured VPN calls for a security gateway to be placed at the interface point between the secured network and the public, unsecured network. Data and access rights on the secured side of the security gateway are controlled using conventional network access control methods while data flow to and from the unsecured network is encrypted and controlled by the gateway. Data is permitted to flow between the secured and unsecured networks according to network policies.
Part of the IETF development relies on digital certificates. A digital certificate is a method that binds an identity to a public key and optionally added information. Certification occurs in conjunction with a certificate authority (CA), a computer system trusted and capable of tagging the original sender public key for later verification. For example, the key is encrypted using a private key of the CA and using its associated public key, the data is decrypted. This verifies that the data was encoded by the CA. Certificates and certificate authorities are well known in the art, one method of which has been codified in international standard X.509 (ITU 1993, ISO/IEC 9594-8). For the purpose of this document the deposition of information to create a digital certificate is referred to as certification and verification that certified data was certified by the trusted CA is referred to as verification or authentication.
Unfortunately, many commonly available network policy features are not available using SVPN's. Also, flexibility is often compromised to ensure security and vice versa. For example, when a single network administrator or group cannot securely administer an entire network due to network complexity, network administration is decentralized and the weakest network security becomes the level of security for the network; when the network has many sub-networks all joined through the internet, this often results in either a low level of security or very little flexibility.
It would be advantageous to provide a high degree of flexibility, and a broad range of network features, while maintaining high level of security in a VPN environment.
SUMMARY OF THE INVENTION
The current invention seeks to increase flexibility in configuration of a network, a VPN or a SVPN while providing very high security levels. The invention achieves that goal by utilizing digital certificates for storage and transport of network policies.
While certificates are well known for identification and authentication of a user identity, the invention utilizes certificates to store policy related data, and thus implements a network policy system using digital certificates. These certificates are referred to as attribute certificates. Attribute certificates certifies data or attributes instead of a public key. By using an attribute certificate containing similar policy data the invention allows each valid policy data record to be verified as coming from an authorized network manager, and thus valid for implementation on the network. This prevents insertion of fake policy records into the database and thus significantly increases network security. Additionally, the association of policy records with persons authorized to issue those records, (i.e. network managers) is guaranteed by the Certi
Howard Brett
Kierstead Paul
Marcotte Lucien
Pereira Roy
Robison Andrew
Alcatel Canada Inc.
Blake Cassels & Graydon LLP
Peeso Thomas R.
LandOfFree
Method and system for secure network policy implementation does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and system for secure network policy implementation, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and system for secure network policy implementation will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2880068