Information security – Access control or authentication – Network
Reexamination Certificate
2000-04-27
2008-03-11
Truong, T. B. (Department: 2135)
Information security
Access control or authentication
Network
C726S004000, C726S009000, C726S017000, C714S733000, C702S118000
Reexamination Certificate
active
07343622
ABSTRACT:
A multi-level secure multi-processor computer architecture. The inventive architecture provides an inexpensive security solution for integrated avionics and includes a plurality of nodes. The nodes are connected via a switch in a network configuration over which data is routed using labels. The switch is controlled to facilitate secure communication of data between the nodes. In the illustrative embodiment, the network is a Fibre Channel network including plural switches in which a system manager node serves to control routing between nodes based on a security policy. Each node has a central processing unit. The system manager is implemented as a node and sets up routing tables for selective connection of the nodes via the switch. The label assignments are stored in Fibre Channel network interface cards disposed on each node. The system manager also sets up label routing tables that authorize the interconnection of selective nodes. The label routing tables are stored in the switch, which in the illustrative implementation is a crossbar switch having a plurality of switch protocol controllers and switch control units. The label assignments and label routing tables are stored in a label authorization table stored in the system manager. After a secure startup, the system allows for communication in accordance with a security policy between nodes to which trusted and/or untrusted hardware is connected and running under trusted and/or untrusted software applications. The software applications may run on commercial off-the-shelf (COTS) operating systems.
REFERENCES:
patent: 4608684 (1986-08-01), Upp
patent: 4958341 (1990-09-01), Hemmady et al.
patent: 5280529 (1994-01-01), Nost
patent: 5519704 (1996-05-01), Farinacci et al.
patent: 5842040 (1998-11-01), Hughes et al.
patent: 6088770 (2000-07-01), Tarui et al.
patent: 6108787 (2000-08-01), Anderson et al.
patent: 6188698 (2001-02-01), Galand et al.
patent: 6271946 (2001-08-01), Chang et al.
patent: 6400713 (2002-06-01), Thomas et al.
patent: 6457051 (2002-09-01), Riddle et al.
patent: 6574221 (2003-06-01), Petersen
patent: 6597692 (2003-07-01), Venkitakrishnan
patent: 6600744 (2003-07-01), Carr et al.
patent: 6625650 (2003-09-01), Stelliga
Shared Resource Management For Integrated Avionics Systems; Greg McIntire; Texas Instruments Incoporated, Plano, Texas; 0-7803-2425-0/94—1994 IEEE; p. 626-629.
Alkov Leonard A.
Raytheon Company
Truong T. B.
LandOfFree
Multi-level secure multi-processor computer architecture does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Multi-level secure multi-processor computer architecture, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Multi-level secure multi-processor computer architecture will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3970158