Secure network interface device

Assignee

• BAE Systems Information and Electronic Systems Integration Inc. · US

Inventors

• Michael K. Weller · Stroudsburg, US
• Jeffrey B. Canter · West Orange, US

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06F2221/2113
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

An interface device for a protected workstation or host has a network interface for connection to a multi-level secure network, a first address corresponding to a guard control port, and a second address corresponding to a guard data port. A transport guard in the device has a control component coupled to the guard control port for processing configuration data sent to the first address and producing a desired security configuration, a guard component coupled to the output of the control component and to the guard data port of the network interface, and a host interface coupled to the guard component for exchanging data with the protected host. Only when permitted by the desired security configuration, the guard component passes network data addressed to the second address of the network interface to the host interface, and passes outbound data from the host interface to the network through the guard data port.