Patent
Multi-level secure (MLS) information network
Michael K. Weller,Tarachrand A. Mangra,Joseph A. Litzinger,Sanket J. Shah +3 more
- 28 Apr 2006
86
TL;DR: In this paper, a transport guard within a memory partition logically partitions a protected application running in the partition and a networking stack, and defines ports for the transport guard including (i) an application port for forwarding data to and receiving data from the application, (ii) a data port for receiving data addressed to the application from the networking stack and (iii) a control port for supplying configuration data to the Transport Guard.
read more
Abstract: A method of enforcing a network security policy including mandatory access control (MAC), discretionary access control (DAC) and integrity control for a secure information network, includes operating a transport guard within a memory partition logically between a protected application running in the partition and a networking stack, and defining ports for the transport guard including (i) an application port for forwarding data to and receiving data from the application, (ii) a data port for receiving data addressed to the application from the networking stack, and for sending data originating from the application to the stack, and (iii) a control port for supplying configuration data to the transport guard. The configuration data corresponds to MAC, DAC and integrity control policies specified by the network for the protected application. The transport guard limits data flow between its protected application and the data ports accordingly.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
Patent
Automated Device Provisioning and Activation
Gregory G. Raleigh
- 15 Nov 2012
TL;DR: In this paper, the authors propose a method comprising providing a plurality of links to end-user devices communicatively coupled to a network system, a particular link of the plurality supporting control-plane communications between the network system and a particular user over one or more wireless access networks, the message comprising payload for delivery to the particular user and an identifier identifying a particular device agent on the particular enduser device.
483
Patent
Service Plan Design, User Interfaces, Application Programming Interfaces, and Device Management
Gregory G. Raleigh,Jose Tellado,Jeffrey Green,James Lavine,Justin James,Laurent An Minh Nguyen,Russell Bertrand Carter +6 more
- 23 Jan 2013
TL;DR: In this paper, the authors present methods, systems, and apparatuses to enable subscribers of mobile wireless communication devices to view, research, select and customize service plans; to create and manage device groups, share and set permission controls for service plans among devices in device groups; to manage communication services through graphical user interfaces; to sponsor and promote service plans.
428
Patent
Device-Assisted Services for Protecting Network Capacity
Gregory G. Raleigh,Alireza Raissinia,James Lavine +2 more
- 25 May 2011
TL;DR: In this article, a device assisted service (DAS) for protecting network capacity is provided, which includes monitoring a network service usage activity of the communications device in network communication and classifying the network service activity for differential network access control for protecting the network capacity.
400
Patent
System and Method for Providing User Notifications
Gregory G. Raleigh,James Lavine,Jeffrey Green,Alireza Raissinia +3 more
- 04 Oct 2011
TL;DR: In this article, an end user device associated with a service plan having a limit on usage of a network service, the method comprising storing one or more notification actions corresponding to one-or more notification requests; performing a device action that reflects a past or intended use of the network service; receiving one of the one or multiple notification requests from a network element in response to the device action; performing one of several notification actions, the notification action causing the user device to retrieve at least a portion of a notification message associated with the status of the use.
381
Patent
Intermediate networking devices
Gregory G. Raleigh,Vien-Phuong Nguyen,Lisa Stark,Jose Tellado +3 more
- 05 Dec 2013
TL;DR: In this paper, a wireless communication device comprising of one or more network modems enabling the wireless communication devices to communicate over a first wireless network, one or multiple processors configured to execute a set of instructions, when executed by the processors, causes processors to: establish a first connection between the wireless communications device and a first end-point device; establish a second connection between a second-end-device; and apply a first control to traffic transmitted by or to the first endpoint device.
246
References
Patent
System for providing secure internetwork by connecting type enforcing secure computers to external network for limiting access to data based on user and process access rights
William E. Boebert,Clyde O. Rogers,Glenn Andreas,Scott W. Hammond,Mark P. Gooderum +4 more
- 12 Oct 1994
TL;DR: In this paper, a system and method for the secure transfer of data between a workstation connected to a private network and a remote computer connected to an unsecured network is presented.
334
Patent
System and method for providing multi-level security in computer devices utilized with non-secure networks
James M. Holden,Stephen E. Levin,James O. Nickel,Edwin H. Wrench +3 more
- 30 Jul 1996
TL;DR: In this article, a multi-level network security system for a computer host device coupled to at least one computer network is described, which includes a secure network interface unit (SNIU) contained within a communications stack of the computer device that operates at a user layer communications protocol.
195
Patent
Method and system for establishing a security perimeter in computer networks
James M. Holden,Stephen E. Levin,James O Nickel,Edwin H. Wrench +3 more
- 11 Jul 2007
TL;DR: In this paper, a multi-level network security system for a computer host device coupled to at least one computer network is described, which includes a secure network interface unit (SNIU) contained within a communications stack of the computer device that operates at a user layer communications protocol.
180
Patent
Using trusted associations to establish trust in a computer network
John M. Boyle,James M. Holden,Stephen E. Levin,Eric S. Maiwald,James O. Nickel,David W. Snow,Edwin H. Wrench +6 more
- 30 Jul 1996
TL;DR: In this article, a method for establishing trusted communications with associations for communications between users on an Internet Protocol based computer network is described, which entails the first user determining the Internet Protocol (IP) address of a second user on the computer network through the use of Address Resolution Protocol (ARP) and reverse address resolution Protocol (RARP).
133
Patent
Mixed enclave operation in a computer network with multi-level network security
James M. Holden,Stephen E. Levin,Edwin H. Wrench,David W. Snow +3 more
- 30 Jul 1996
TL;DR: In this article, a method for mixed enclave operation of a computer network with users employing a multi-level network security interface and users without any network security interfaces is presented, where the network security user identifies when communications are being undertaken with another secured user or a non-secured user.
125
Related Papers (5)
Shinji Ito,Kunihiko Miyazaki,Isao Echizen +2 more
- 14 Feb 2002
Patrick Michael LiVecchi
- 27 Jun 2007
Timothy C. Williams
- 21 Jul 1999
Tony L. Johnson,Greg L. Shelton +1 more
- 27 Jun 2005