WO2004021406A3 - Method and apparatus for multi-level security implementation - Google Patents

Method and apparatus for multi-level security implementation Download PDF

Info

Publication number
WO2004021406A3
WO2004021406A3 PCT/US2003/027354 US0327354W WO2004021406A3 WO 2004021406 A3 WO2004021406 A3 WO 2004021406A3 US 0327354 W US0327354 W US 0327354W WO 2004021406 A3 WO2004021406 A3 WO 2004021406A3
Authority
WO
WIPO (PCT)
Prior art keywords
level security
processors
security implementation
different classification
classification levels
Prior art date
Application number
PCT/US2003/027354
Other languages
French (fr)
Other versions
WO2004021406A2 (en
Inventor
Peter O Luthi
Original Assignee
Bae Systems Information
Peter O Luthi
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Bae Systems Information, Peter O Luthi filed Critical Bae Systems Information
Priority to AU2003263040A priority Critical patent/AU2003263040A1/en
Priority to EP03791993.3A priority patent/EP1546896B1/en
Publication of WO2004021406A2 publication Critical patent/WO2004021406A2/en
Publication of WO2004021406A3 publication Critical patent/WO2004021406A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0485Networking architectures for enhanced packet encryption processing, e.g. offloading of IPsec packet processing or efficient security association look-up
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/105Multiple levels of security
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2113Multi-level security, e.g. mandatory access control
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0464Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload using hop-by-hop encryption, i.e. wherein an intermediate entity decrypts the information and re-encrypts it before forwarding it
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general

Abstract

A method of operating a multi-level security system including the steps of providing a plurality of processors (54, 60, 68, 69). At least some of said processors (54, 60) are equipped with a data card (56, 62) which permits simultaneous processing of different classification levels (58, 64) of information and the dynamic reallocation of processors to different classification levels.
PCT/US2003/027354 2002-08-29 2003-08-29 Method and apparatus for multi-level security implementation WO2004021406A2 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
AU2003263040A AU2003263040A1 (en) 2002-08-29 2003-08-29 Method and apparatus for multi-level security implementation
EP03791993.3A EP1546896B1 (en) 2002-08-29 2003-08-29 Method and apparatus for multi-level security implementation

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
US40675802P 2002-08-29 2002-08-29
US60/406,758 2002-08-29
US10/334,318 2002-12-31
US10/334,318 US7958351B2 (en) 2002-08-29 2002-12-31 Method and apparatus for multi-level security implementation

Publications (2)

Publication Number Publication Date
WO2004021406A2 WO2004021406A2 (en) 2004-03-11
WO2004021406A3 true WO2004021406A3 (en) 2005-02-03

Family

ID=31981100

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2003/027354 WO2004021406A2 (en) 2002-08-29 2003-08-29 Method and apparatus for multi-level security implementation

Country Status (4)

Country Link
US (1) US7958351B2 (en)
EP (1) EP1546896B1 (en)
AU (1) AU2003263040A1 (en)
WO (1) WO2004021406A2 (en)

Families Citing this family (29)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1447928A1 (en) * 2003-02-13 2004-08-18 Harman/Becker Automotive Systems (Becker Division) GmbH Receiver for TV and/or radio programs and method for monitoring TV and/or radio programs
US20040225883A1 (en) * 2003-05-07 2004-11-11 Weller Michael K. Method and apparatus providing multiple single levels of security for distributed processing in communication systems
US8640194B2 (en) * 2004-08-25 2014-01-28 Nec Corporation Information communication device and program execution environment control method
US8281132B2 (en) * 2004-11-29 2012-10-02 Broadcom Corporation Method and apparatus for security over multiple interfaces
US7477913B2 (en) * 2005-04-04 2009-01-13 Research In Motion Limited Determining a target transmit power of a wireless transmission according to security requirements
US7734933B1 (en) * 2005-06-17 2010-06-08 Rockwell Collins, Inc. System for providing secure and trusted computing environments through a secure computing module
WO2007013051A1 (en) * 2005-07-25 2007-02-01 Surf Communication Solutions, Ltd. Communication processor board
US8060744B2 (en) * 2006-03-23 2011-11-15 Harris Corporation Computer architecture for an electronic device providing single-level secure access to multi-level secure file system
US8127145B2 (en) * 2006-03-23 2012-02-28 Harris Corporation Computer architecture for an electronic device providing a secure file system
US8041947B2 (en) * 2006-03-23 2011-10-18 Harris Corporation Computer architecture for an electronic device providing SLS access to MLS file system with trusted loading and protection of program execution memory
US7979714B2 (en) * 2006-06-02 2011-07-12 Harris Corporation Authentication and access control device
US8239916B2 (en) * 2006-11-06 2012-08-07 At&T Intellectual Property I, L.P. Methods, data processing systems, and computer program products for assigning privacy levels to data elements
DE102007060675A1 (en) * 2007-06-11 2008-12-18 Rohde & Schwarz Gmbh & Co. Kg Device and method for processing data streams
US8826231B1 (en) * 2010-06-28 2014-09-02 The Boeing Company Methods and systems for deploying software applications
US9191200B1 (en) * 2010-10-07 2015-11-17 L-3 Communications Corp. System and method for changing the security level of a communications terminal during operation
CN103037364A (en) * 2012-12-12 2013-04-10 青岛天信通软件技术有限公司 Secret communication method
US9374344B1 (en) 2013-03-29 2016-06-21 Secturion Systems, Inc. Secure end-to-end communication system
US9355279B1 (en) 2013-03-29 2016-05-31 Secturion Systems, Inc. Multi-tenancy architecture
US9798899B1 (en) 2013-03-29 2017-10-24 Secturion Systems, Inc. Replaceable or removable physical interface input/output module
US9317718B1 (en) 2013-03-29 2016-04-19 Secturion Systems, Inc. Security device with programmable systolic-matrix cryptographic module and programmable input/output interface
US9524399B1 (en) * 2013-04-01 2016-12-20 Secturion Systems, Inc. Multi-level independent security architecture
GB2533098B (en) * 2014-12-09 2016-12-14 Ibm Automated management of confidential data in cloud environments
US9660966B1 (en) * 2015-09-10 2017-05-23 Rockwell Collins, Inc. Multilevel secure communication systems with encryption based separation
US11283774B2 (en) 2015-09-17 2022-03-22 Secturion Systems, Inc. Cloud storage using encryption gateway with certificate authority identification
US10708236B2 (en) 2015-10-26 2020-07-07 Secturion Systems, Inc. Multi-independent level secure (MILS) storage encryption
US10999262B1 (en) * 2017-04-24 2021-05-04 Architecture Technology Corporation High assurance tactical cross-domain hub
US10762183B1 (en) 2017-04-24 2020-09-01 Architecture Technology Corporation Secure authentication using biometric factors
WO2022087206A1 (en) * 2020-10-23 2022-04-28 Secturion Systems, Inc. Multi-independent level security for high performance computing and data storage systems
US11947655B1 (en) 2021-02-02 2024-04-02 Architecture Technology Corporation Secure authentication using companion trust

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5530758A (en) * 1994-06-03 1996-06-25 Motorola, Inc. Operational methods for a secure node in a computer network
US6098133A (en) * 1997-11-28 2000-08-01 Motorola, Inc. Secure bus arbiter interconnect arrangement
US6216196B1 (en) * 1999-05-14 2001-04-10 Ariel Corporation System and method for multiple device drivers to arbitrate for a single device

Family Cites Families (21)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4328542A (en) 1979-11-07 1982-05-04 The Boeing Company Secure implementation of transition machine computer
US5504814A (en) 1991-07-10 1996-04-02 Hughes Aircraft Company Efficient security kernel for the 80960 extended architecture
US7137011B1 (en) * 1993-09-01 2006-11-14 Sandisk Corporation Removable mother/daughter peripheral card
US6272639B1 (en) * 1996-07-30 2001-08-07 Micron Technology, Inc. Mixed enclave operation in a computer network
US5692124A (en) * 1996-08-30 1997-11-25 Itt Industries, Inc. Support of limited write downs through trustworthy predictions in multilevel security of computer network communications
US6308080B1 (en) * 1997-05-16 2001-10-23 Texas Instruments Incorporated Power control in point-to-multipoint systems
US6041035A (en) * 1997-06-30 2000-03-21 Rockwell Collins, Inc. Open system modular electronics architecture
US6044349A (en) * 1998-06-19 2000-03-28 Intel Corporation Secure and convenient information storage and retrieval method and apparatus
US6304973B1 (en) * 1998-08-06 2001-10-16 Cryptek Secure Communications, Llc Multi-level security network system
US6836847B1 (en) * 1999-03-05 2004-12-28 The Johns Hokins University Software protection for single and multiple microprocessor systems
US6597692B1 (en) 1999-04-21 2003-07-22 Hewlett-Packard Development, L.P. Scalable, re-configurable crossbar switch architecture for multi-processor system interconnection networks
US7343622B1 (en) 2000-04-27 2008-03-11 Raytheon Company Multi-level secure multi-processor computer architecture
US7213023B2 (en) 2000-10-16 2007-05-01 University Of North Carolina At Charlotte Incremental clustering classifier and predictor
JP4089171B2 (en) * 2001-04-24 2008-05-28 株式会社日立製作所 Computer system
US7043596B2 (en) * 2001-08-17 2006-05-09 Sun Microsystems, Inc. Method and apparatus for simulation processor
US6868309B1 (en) * 2001-09-24 2005-03-15 Aksys, Ltd. Dialysis machine with symmetric multi-processing (SMP) control system and method of operation
US7178033B1 (en) * 2001-12-12 2007-02-13 Pss Systems, Inc. Method and apparatus for securing digital assets
US6973544B2 (en) 2002-01-09 2005-12-06 International Business Machines Corporation Method and apparatus of using global snooping to provide cache coherence to distributed computer nodes in a single coherent system
US7020753B2 (en) * 2002-01-09 2006-03-28 Sun Microsystems, Inc. Inter-domain data transfer
US7398293B2 (en) * 2002-04-17 2008-07-08 Dell Products L.P. System and method for using a shared bus for video communications
US7885409B2 (en) * 2002-08-28 2011-02-08 Rockwell Collins, Inc. Software radio system and method

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5530758A (en) * 1994-06-03 1996-06-25 Motorola, Inc. Operational methods for a secure node in a computer network
US6098133A (en) * 1997-11-28 2000-08-01 Motorola, Inc. Secure bus arbiter interconnect arrangement
US6216196B1 (en) * 1999-05-14 2001-04-10 Ariel Corporation System and method for multiple device drivers to arbitrate for a single device

Also Published As

Publication number Publication date
AU2003263040A8 (en) 2004-03-19
US20040044902A1 (en) 2004-03-04
EP1546896B1 (en) 2013-04-10
EP1546896A4 (en) 2010-12-15
US7958351B2 (en) 2011-06-07
AU2003263040A1 (en) 2004-03-19
WO2004021406A2 (en) 2004-03-11
EP1546896A2 (en) 2005-06-29

Similar Documents

Publication Publication Date Title
WO2004021406A3 (en) Method and apparatus for multi-level security implementation
AU2003277508A1 (en) Learning/thinking machine and learning/thinking method based on structured knowledge, computer system, and information generation method
AU2003290236A1 (en) Computer system and method for business data processing
TW376498B (en) Information devices which select and use one out of a plurality of encryption utilization protocols for protecting copyrights of digital productions
EP1549055A4 (en) Data processing device, data processing method, computer program, and data processing system
EP1505765A4 (en) Data processing system, data processing device, data processing method, and computer program
EP1507212A4 (en) Information processing apparatus, information processing method, content distributing apparatus, content distributing method, and computer program
WO2003050661A3 (en) Processing data
WO2005124630A3 (en) Transaction accounting processing system and approach
WO2004070558A3 (en) Method and apparatus to identify a work received by a processing system
EP0652668A3 (en) System and method for exchanging computer data processing capabilities.
CA2229025A1 (en) Incorporating invariances by preprocessing for kernel-based methods
EP1507435A4 (en) Information processing system, information processing device, and information processing method
WO2003065299A3 (en) Card personalization system and method
WO2003078006A3 (en) Method, apparatus and article employing multiple machine-readable indicia on playing cards
WO2005045601A3 (en) System for activation of multiple cards
EP1571835A4 (en) Information processing device and information processing method, information processing system, recording medium, and program
WO2005106529A3 (en) Relational millimeter-wave interrogating
SG101991A1 (en) Data processing system, data processing method, data processing apparatus, license system, and program providing medium
DE69924166D1 (en) Data processing apparatus, display system and method, and storage medium
TW200606816A (en) Method of and system for classification of an audio signal
EP1505518A4 (en) Information management system, information processing device, information processing method, information processing program, and recording medium
EP1517245A4 (en) Content-related information providing apparatus, content-related information providing method, electronic bulletin board system, and computer program
HK1078205A1 (en) Method and system for efficiently retrieving secured data by securely pre-processing provided access information
WO2004046890A3 (en) Method and system for processing sales process information, for sales process configuration, for sales process integration, and for modeling sales processes

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LU MC NL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
WWE Wipo information: entry into national phase

Ref document number: 2003791993

Country of ref document: EP

WWP Wipo information: published in national office

Ref document number: 2003791993

Country of ref document: EP

NENP Non-entry into the national phase

Ref country code: JP

WWW Wipo information: withdrawn in national office

Country of ref document: JP