Information flow enforcement for IP domain in multilevel secure systems
US10986076B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Jun 28, 2019 |
| Grant date | Apr 20, 2021 |
| Priority date | — |
| Expiry date | Oct 21, 2039 |
Classification
- Technology area (CPC Y)Emerging Cross-Sectional Technologies
- CPC primaryY02D10/00
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A multilevel security (MLS) network is disclosed. The MLS network includes untrusted nodes (UTN) capable of receiving messages en route from a source node to a destination node, each message having an unencrypted outer header, an encrypted inner header, and a data payload. UTNs route messages toward their destination as directed by the outer header. Global trusted nodes (GTN) decrypt a portion of the inner header to validate source and destination information before routing the message forward. GTNs further modify the outer header to obfuscate source and destination information from the UTNs. Local trusted nodes (LTN) serve as gateway nodes into a local network. LTNs also validate source and destination information to regulate admission to the local network. LTNs include an address manager which decrypts an additional portion of the inner header to read local address data and generates local messages for routing through the local network.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.