Abstract: The method for roaming in a network environment utilizes a token created by a first bridge device. The token comprises an identity of a context associated with the mobile device. The first bridge device creates the token and securely provides it to the mobile device. When the mobile device roams to a second bridge device in the network, the token is securely provided to the second bridge device. The second bridge device uses the token to establish to the first bridge device that it is a genuine agent of the mobile device. Once the first bridge authenticates the second bridge device's authority, it securely sends the context associated with the mobile device to the second bridge device. The second bridge device uses the context to properly connect the mobile device to the network. In this manner, secure roaming within a bridged network is provided.

Abstract: The present invention provides an improved method and system for controlling packet flow through a protocol stack. The system comprises the layer manager which interfaces with each stack layer. The layer manager handles the packet flow to the stack layers. For a new packet path to be supported, only the Layer Manager needs to be modified, not the stack layers. This makes the implementation of the layers in the protocol stack easier. In an alternative embodiment, the layer manager comprises a plurality of protocol descriptor lists for supported services and uses these lists to route a packet to the appropriate stack layer. With this alternative embodiment, new stack layers may be inserted into the protocol stack without the need to modify the existing stack layers.

Abstract: The present invention provides a method and system for controlling packet flow through a protocol stack. The method includes: receiving a packet by a layer manager, wherein the layer manager may interface with each layer of the protocol stack; determining a service associated with the packet by the layer manager; accessing a list of layers of the protocol stack for the service by the layer manager; and routing the packet to a layer of the protocol stack according to the list. The layer manager comprises a plurality of protocol descriptor lists for supported services and uses these lists to route a packet to the appropriate stack layer. In this manner, the stack layers need not have knowledge of the other layers or of the proper routing of the packet. This makes the implementation of the layers in the protocol stack easier.

Abstract: The method for roaming in a network environment utilizes a token created by a first bridge device. The token comprises an identity of a context associated with the mobile device. The first bridge device creates the token and securely provides it to the mobile device. When the mobile device roams to a second bridge device in the network, the token is securely provided to the second bridge device. The second bridge device uses the token to establish to the first bridge device that it is a genuine agent of the mobile device. Once the first bridge authenticates the second bridge device's authority, it securely sends the context associated with the mobile device to the second bridge device. The second bridge device uses the context to properly connect the mobile device to the network. In this manner, secure roaming within a bridged network is provided.

Abstract: The present invention provides a method for performing local due diligence for accepting certificates. The method creates override certificates which add or modify at least one attribute of a certificate issued by a third party for a remote user, based upon due diligence performed locally. In this manner, finer control than accepting or rejecting a certificate is provided to a local user. The local user can also accept certificates absent a trusted third party. The method thus adds flexibility in the acceptance of certificates in a network.

Abstract: A method and system for structuring an object in security policies of a computer system includes: receiving a request to access a virtual volume with a virtual name; mapping the virtual name to the real object; and providing the real object. The method and system uses virtual objects which map to real objects in a computer system. The access control mediator grants or denies access to a virtual object using a discretionary or a mandatory policy. A virtual name is mapped to a real object. This mapping is transparent to the subject. In this manner, security policies can be enforced over objects stored in file systems without regard to the policies of the file systems. The system can also be used as a gateway to remote file systems built on top of existing file systems. These advantages provide more flexibility in controlling a subject's access to real objects.

Abstract: The method for configuring encryption strengths for data includes: providing a piece of the data with a sensitivity level; authenticating a remote user with a clearance level for accessing the data; selecting an encryption strength for the piece of the data based on the clearance level of the remote user, if the clearance level of the remote user allows access to the piece of the data with the sensitivity level; encrypting the piece of the data; and providing access to the encrypted piece of the data to the remote user. Remote users have varying levels of clearance to access data. Data is assigned varying sensitivity levels. Each clearance level allows the remote user to access data at that sensitivity level or below. The strength of the data encryption is based upon the remote user's clearance level or a requested session sensitivity level. Access control to data is thus more flexible.

Abstract: A method and system for graphical administration of security policies in a computer system includes: displaying a graphical representation of at least one subject; displaying a graphical representation of at least one object; displaying a graphical representation of a security policy; and dragging and dropping the graphical representation of the at least one subject and the graphical representation of the at least one object into the graphical representation of the security policy, where the dragging and dropping grants the at least one subject access to the at least one object under the security policy. Graphical representations of subjects, objects, and policies are used in a graphical user interface (GUI). A user can administrate the subjects and objects by performing a “drag and drop” of their graphical representations into the graphical representation of a policy. In this manner, users need not have extraordinary training or skills to administrate security policies.

Abstract: A trusted workstation includes a network interface card (NIC) with trusted computing base (TCB) extensions that provide for securely booting the workstation and performing subsequent receive and transmit packet filtering in support of a network's system architecture requirements. The NIC includes a send address confirm circuit which includes a trusted source address (e.g., a MAC address) uniquely associated with the trusted workstation. For each packet to be transmitted from the trusted workstation over the network, the NIC first checks the source address inserted in the packet by the NIC driver running in the user session to be sure that the driver inserted source address is to equal to the trusted address resident. Thus, if untrusted software on the workstation attempts mischiefly transmit a forged packet with a source address other than the trusted source address, the NIC prohibits transmission of the packet with the forged source address.

Abstract: The present invention provides a method and system for controlling packet flow through a protocol stack. The method includes: receiving a packet by a layer manager, wherein the layer manager may interface with each layer of the protocol stack; determining a service associated with the packet by the layer manager; accessing a list of layers of the protocol stack for the service by the layer manager; and routing the packet to a layer of the protocol stack according to the list. The layer manager comprises a plurality of protocol descriptor lists for supported services and uses these lists to route a packet to the appropriate stack layer. In this manner, the stack layers need not have knowledge of the other layers or of the proper routing of the packet. This makes the implementation of the layers in the protocol stack easier.

Abstract: The present invention provides a method and system for instrumenting protocol stack components. The method includes: receiving data from a first stack component of the protocol stack by a layer manager; analyzing the data for instrumentation information by the layer manager; and routing the data to a second stack component of the protocol stack by the layer manager. The system comprises a layer manager which interfaces with each stack component and handles the data flow to the stack components. To instrument the protocol stack, the layer manager is instrumented without the need to instrument the stack, components. In this manner, the instrumentation of the protocol stack is simplified, and the amount of code required to capture and analyze the data is reduced.

Abstract: The present invention provides an improved method and system for controlling packet flow through a protocol stack. The system comprises the layer manager which interfaces with each stack layer. The layer manager handles the packet flow to the stack layers. For a new packet path to be supported, only the Layer Manager needs to be modified, not the stack layers. This makes the implementation of the layers in the protocol stack easier. In an alternative embodiment, the layer manager comprises a plurality of protocol descriptor lists for supported services and uses these lists to route a packet to the appropriate stack layer. With this alternative embodiment, new stack layers may be inserted into the protocol stack without the need to modify the existing stack layers.

Abstract: A method and system for access control within a protocol stack includes: receiving a request to perform an operation at a layer of the protocol stack; calling an access mediator; determining if the request is to be granted based upon a predetermined security policy by the access mediator; and providing the determination by the access mediator. The Access Mediator is a software which embodies the rules of a predetermined security policy. In the preferred embodiment, the security policy is subject (people) based. The rules of the security policy determines which subjects can have access to which objects (data) to perform a requested operation (read/write). The Access Mediator is called to determine whether or not a request to perform an operation is to be granted based upon the security policy. In this manner, access control is provided within the protocol stack.

Abstract: A trusted workstation includes a network interface card (NIC) with trusted computing base (TCB) extensions that provide for securely booting the workstation and performing subsequent receive and transmit packet filtering in support of a network's system architecture requirements. The NIC includes a send address confirm circuit which includes a trusted source address (e.g., a MAC address) uniquely associated with the trusted workstation. For each packet to be transmitted from the trusted workstation over the network, the NIC first checks the source address inserted in the packet by the NIC driver running the user session to be sure that the driver inserted source address is equal to the trusted address resident. Thus, if untrusted software on the workstation attempts mischiefly transmit a forged packet with a source address other than the trusted source address, the NIC prohibits transmission of the packet with the forged source address.