Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Protection at a particular protocol layer
Reexamination Certificate
1999-02-22
2001-12-18
Wright, Norman Michael (Department: 2785)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Protection at a particular protocol layer
C709S201000
Reexamination Certificate
active
06332195
ABSTRACT:
BACKGROUND OF THE INVENTION
1. Field of the Invention
The present invention relates to computer security, and more particularly, to an apparatus and method for providing increased computer security to commercial transactions across the Internet.
2. Background Information
There has been an explosion in the growth of computer networks as organizations realize the benefits of networking their personal computers and workstations. Increasingly, these networks are falling prey to malicious outsiders who hack into the network, reading and sometimes destroying sensitive information. Exposure to such attacks has increased as companies connect to outside systems such as the Internet.
To protect themselves from attacks by malicious outsiders, organizations are turning to mechanisms for increasing network security. One such mechanism is described in “SYSTEM AND METHOD FOR PROVIDING SECURE INTERNETWORK SERVICES”, U.S. patent application Ser. No. 08/322078 filed Oct. 12, 1994 by Boebert et al., the discussion of which is hereby incorporated by reference. Boebert teaches that modifications can be made to the kernel of the operating system in order to add type enforcement protections to the operating system kernel. This protection mechanism can be added to any other program by modifications to the program code made prior to compiling. It cannot, however, be used to add type enforcement protection to program code after that program code has been compiled.
As use of the Internet has grown, companies are increasingly interested in providing goods and services across the Internet. Software companies such as Netscape have responded by providing commerce server software. Such software typically will be partitioned into a commerce server which is accessible to the Internet shopper and an administration server which is used to maintain the commerce server and which, for security reasons, must be kept inaccessible to all but system administrators. Security mechanisms used to date have not sufficiently protected the administration server from malicious attack. What is needed is a system and method for protecting the administration servers of systems used in Internet commerce from malicious attack.
SUMMARY OF THE INVENTION
The present invention is a secure commerce server system and method. A secure commerce server system includes a plurality of regions or burbs, including an internal burb and an external burb, a commerce server and an administration server. Processes and data objects associated with the administration server are bound to the internal burb. Processes and data objects associated with the commerce server are bound to the external burb. Processes bound to one burb cannot communicate directly to processes and data objects bound to other burbs. The administration server cannot be manipulated by a process bound to the external burb.
REFERENCES:
patent: 3956615 (1976-05-01), Anderson et al.
patent: 4104721 (1978-08-01), Markstein et al.
patent: 4177510 (1979-12-01), Appell et al.
patent: 4442484 (1984-04-01), Childs, Jr. et al.
patent: 4584639 (1986-04-01), Hardy
patent: 4621321 (1986-11-01), Boebert et al.
patent: 4648031 (1987-03-01), Jenner
patent: 4661951 (1987-04-01), Segarra
patent: 4701840 (1987-10-01), Boebert et al.
patent: 4713753 (1987-12-01), Boebert et al.
patent: 4870571 (1989-09-01), Frink
patent: 4885789 (1989-12-01), Burger et al.
patent: 4888801 (1989-12-01), Foster et al.
patent: 4914568 (1990-04-01), Kodosky et al.
patent: 4914590 (1990-04-01), Loatman et al.
patent: 5093914 (1992-03-01), Coplien et al.
patent: 5124984 (1992-06-01), Engel
patent: 5153918 (1992-10-01), Tuai
patent: 5204961 (1993-04-01), Barlow
patent: 5228083 (1993-07-01), Lozowick et al.
patent: 5251131 (1993-10-01), Masand et al.
patent: 5263147 (1993-11-01), Francisco et al.
patent: 5272754 (1993-12-01), Boebert
patent: 5276735 (1994-01-01), Boebert et al.
patent: 5276789 (1994-01-01), Besaw et al.
patent: 5303303 (1994-04-01), White
patent: 5305385 (1994-04-01), Schanning et al.
patent: 5311593 (1994-05-01), Carmi
patent: 5329623 (1994-07-01), Smith et al.
patent: 5333266 (1994-07-01), Boaz et al.
patent: 5355474 (1994-10-01), Thuraisngham et al.
patent: 5359659 (1994-10-01), Rosenthal
patent: 5377349 (1994-12-01), Motomura
patent: 5377354 (1994-12-01), Scannell et al.
patent: 5414833 (1995-05-01), Hershey et al.
patent: 5416842 (1995-05-01), Aziz
patent: 5418951 (1995-05-01), Damashek
patent: 5455828 (1995-10-01), Zisapel
patent: 5485460 (1996-01-01), Schrier et al.
patent: 5511122 (1996-04-01), Atkinson
patent: 5530758 (1996-06-01), Marino, Jr. et al.
patent: 5548507 (1996-08-01), Martino et al.
patent: 5548646 (1996-08-01), Aziz et al.
patent: 5550984 (1996-08-01), Gelb
patent: 5555346 (1996-09-01), Gross et al.
patent: 5566170 (1996-10-01), Bakke et al.
patent: 5583940 (1996-12-01), Vidrascu et al.
patent: 5586260 (1996-12-01), Hu
patent: 5604490 (1997-02-01), Blakley, III et al.
patent: 5606668 (1997-02-01), Shwed
patent: 5615340 (1997-03-01), Dai et al.
patent: 5619648 (1997-04-01), Canale et al.
patent: 5623601 (1997-04-01), Vu
patent: 5632011 (1997-05-01), Landfield et al.
patent: 5634084 (1997-05-01), Malsheen et al.
patent: 5636371 (1997-06-01), Yu
patent: 5644571 (1997-07-01), Seaman
patent: 5671279 (1997-09-01), Elgamal
patent: 5673322 (1997-09-01), Pepe et al.
patent: 5684951 (1997-11-01), Goldman et al.
patent: 5689566 (1997-11-01), Nguyen et al.
patent: 5699513 (1997-12-01), Feigen et al.
patent: 5706507 (1998-01-01), Schloss
patent: 5708780 (1998-01-01), Levergood et al.
patent: 5715466 (1998-02-01), Flanagan et al.
patent: 5717913 (1998-02-01), Driscoll
patent: 5720035 (1998-02-01), Allegre et al.
patent: 5724425 (1998-03-01), Chang et al.
patent: 5781550 (1998-07-01), Templin et al.
patent: 0420779 (1991-04-01), None
patent: 0 554 182 A1 (1993-04-01), None
patent: 686906 (1995-05-01), None
patent: 0720333 (1996-07-01), None
patent: 0 743 777 A2 (1996-11-01), None
patent: 2238212 (1991-05-01), None
patent: 2287619 (1995-09-01), None
patent: 96/13113 (1996-05-01), None
patent: 96/31035 (1996-10-01), None
patent: 96/35994 (1996-11-01), None
patent: 97/13340 (1997-04-01), None
patent: 97/16911 (1997-05-01), None
patent: 97/23972 (1997-07-01), None
patent: 97/26731 (1997-07-01), None
patent: 97/26734 (1997-07-01), None
patent: 97/26735 (1997-07-01), None
patent: 97/29413 (1997-08-01), None
International Search Report, PCT Application No. PCT/US 95/12681, 8 p., (mailed Apr. 9, 1996).
News Release: “100% of Hackers Failed to Break Into One Internet Site Protected by Sidewinder(tm)”, Secure Computing Corporation, (Feb. 16, 1995).
News Release: “Internet Security System Given ‘Product of the Year’ Award”, Secure Computing Corporation, (Mar. 28, 1995).
News Release: “SATAN No Threat to Sidewinder(tm)”, Secure Computing Corporation, (Apr. 26, 1995).
“Answers to Frequently Asked Questions About Network Security”,Secure Computing Corporation, p. 1-41 & p. 1-16, (Sep. 25, 1994).
“Sidewinder Internals”, Product Information, Secure Computing Corporation, 16 p., (Oct. 1994).
“Special Report: Secure Computing Corporation and Network Security”,Computer Select, 13 p., (Dec. 1995).
Adam, J.A., “Meta-Matrices”,IEEE Spectrum, p. 26-27, (Oct. 1992).
Adam, J.A., “Playing on the Net”,IEEE Spectrum, p. 29, (Oct. 1992).
Ancilotti, P., et al., “Language Features for Access Control”,IEEE Transactions on Software Engineering, SE-9, 16-25, (Jan. 1983).
Atkinson, R., “IP Authentication Header”, Network Working Group, Request For Comment No. 1826, http/ds.internic.net/rfc/rfc1826.txt, 9 p., (Aug. 1995).
Atkinson, R., “IP Encapsulating Security Payload (ESP)”, Network Working Group, Request For Comment No. 1827, http//ds.internic.net/rfc/rfc1827.txt, 12 p., (Aug. 1995).
Atkinson, R., “Security Architecture for the Internet Protocol”, Network Working Group, Reqest for Comment No. 1825, http//ds.internic.net/rfc/rfc1825.txt, 21 p., (Aug. 1995).
Baclace, P.E., “Competitive Agents for Information Filtering”,Communications of the ACM, 35, p 50, (Dec. 1992).
Badger, L., et al., “Practical Domain and Type Enforcement for UNI
Green Michael W.
Jensen Andrew W.
Schwegman Lundberg Woessner & Kluth P.A.
Secure Computing Corporation
Wright Norman Michael
LandOfFree
Secure server utilizing separate protocol stacks does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Secure server utilizing separate protocol stacks, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Secure server utilizing separate protocol stacks will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2599351