SOFTWARE CREDENTIAL TOKEN PROCESS, SOFTWARE, AND DEVICE

    公开(公告)号:US20230179420A1

    公开(公告)日:2023-06-08

    申请号:US18145841

    申请日:2022-12-22

    Abstract: Embodiments for a computer readable medium including a software module are provided. The software module causes one or more processing devices to obtain a biometric identifier from a user. Access to a resource is requested by providing a software credential token and the biometric identifier. The software credential token corresponds to a hardware credential token, and the hardware credential token is one of a set of hardware credential tokens that are used to access the resource. An indication that access to the resource has been granted is received and after receiving the indication an indication that the access to the resource has been revoked is received. After receiving the indication that access to the resource has been revoked, a biometric identifier is re-obtained from a user and access to the resource is re-requested by providing a software credential token and the re-obtained biometric identifier.

    HIGH-ASSURANCE MULTI-DOMAIN NETWORK SWITCH
    2.
    发明申请

    公开(公告)号:US20200267044A1

    公开(公告)日:2020-08-20

    申请号:US16813142

    申请日:2020-03-09

    Abstract: Embodiments for a method of implementing multiple domains in a network switching device are disclosed. The method includes assigning a plurality of hardware ports to a plurality of domains. Ports are assigned to at least two of the plurality of domains, and none of the ports are concurrently assigned to multiple domains. The method also includes loading rules for forwarding packets between the plurality of ports into a data plane. The rules direct the data plane to forward only between ports in a common domain of the plurality of domains. The method also includes assuring that a packet received at any port assigned to a first domain is not sent in legible form from any port assigned to a second domain if an error causes the data plane to forward or request forwarding the packet to any port assigned to a second domain.

    Systems and methods for secure data transport

    公开(公告)号:US10652220B1

    公开(公告)日:2020-05-12

    申请号:US15975610

    申请日:2018-05-09

    Abstract: Disclosed herein are embodiments of systems, methods, and products comprise a computing device, which provides a secure data transport service (SecureX) for data packets traversing from an end user device (EUD) to a mission network over untrusted networks. The disclosed SecureX module may be software product running on the EUD and on a SecureX appliance fronting the mission network. The SecureX module on the EUD compresses the data packets by removing header fields that are constant over the same packet flow and double encrypts the data packets with different cryptographic keys. The SecureX on the EUD transmits the double compressed encrypted data packets over the untrusted network. The SecureX appliance receives the double compressed encrypted data packets, decrypts the data packets and decompresses the data packets to recreate the original data packets. The SecureX appliance transmits the original data packets to the mission network.

    High-assurance multi-domain network switch

    公开(公告)号:US10587450B1

    公开(公告)日:2020-03-10

    申请号:US15583661

    申请日:2017-05-01

    Abstract: Embodiments for a method of implementing multiple domains in a network switching device are disclosed. The method includes assigning a plurality of hardware ports to a plurality of domains. Ports are assigned to at least two of the plurality of domains, and none of the ports are concurrently assigned to multiple domains. The method also includes loading rules for forwarding packets between the plurality of ports into a data plane. The rules direct the data plane to forward only between ports in a common domain of the plurality of domains. The method also includes assuring that a packet received at any port assigned to a first domain is not sent in legible form from any port assigned to a second domain if an error causes the data plane to forward or request forwarding the packet to any port assigned to a second domain.

    Pre-placed messages
    5.
    发明授权

    公开(公告)号:US10581564B1

    公开(公告)日:2020-03-03

    申请号:US15926978

    申请日:2018-03-20

    Abstract: Embodiments for a communication enhancement module for a first communicating device are disclosed. The communication enhancement module includes instructions thereon. The instructions cause the communication enhancement module to receive an activation message from a data terminal of the first communicating device. The activation message is sent from a communication enhancement module of a second communicating device. In response to receiving the activation message, a set of pre-placed messages is identified to which the activation message is assigned. A set of messages is generated corresponding to the set of pre-placed messages. Each message in the set of messages conforms to a communication protocol used by the second communicating device for messages sent to the first communicating device. The set of messages indicate that the set of messages originated at the second communicating device. The set of messages is sent to a main processing module of the first communicating device.

    IGMP group leave message blocking

    公开(公告)号:US10574688B1

    公开(公告)日:2020-02-25

    申请号:US15611106

    申请日:2017-06-01

    Abstract: A method of cyber-attack protection is provided. The method includes receiving one or more internet group management protocol (IGMP) membership report messages on one or more ports of a network switch. A table is maintained associating each of the one or more ports to the one or more group addresses of which any hosts coupled to that port are members. An IGMP group leave message is received at a first port of the network switch. A group address in the group leave message is compared to all group addresses associated in the table with the first port. If the group address in the group leave message does not match any group address associated with the first port, the group leave message is dropped without being acted on in accordance with IGMP.

    Systems and methods for receiving secure data

    公开(公告)号:US11968193B1

    公开(公告)日:2024-04-23

    申请号:US17986691

    申请日:2022-11-14

    Abstract: Disclosed herein are embodiments of systems, methods, and products comprise a computing device, which provides a secure data transport service (SecureX) for data packets traversing from an end user device (EUD) to a mission network over untrusted networks. The disclosed SecureX module may be software product running on the EUD and on a SecureX appliance fronting the mission network. The SecureX module on the EUD compresses the data packets by removing header fields that are constant over the same packet flow and double encrypts the data packets with different cryptographic keys. The SecureX on the EUD transmits the double compressed encrypted data packets over the untrusted network. The SecureX appliance receives the double compressed encrypted data packets, decrypts the data packets and decompresses the data packets to recreate the original data packets. The SecureX appliance transmits the original data packets to the mission network.

    High-assurance VLAN switch
    8.
    发明授权

    公开(公告)号:US11968176B1

    公开(公告)日:2024-04-23

    申请号:US17815329

    申请日:2022-07-27

    Abstract: Embodiments for a method of implementing multiple domains in a network switching device are disclosed. The method includes assigning a plurality of hardware ports to a plurality of domains. Ports are assigned to at least two of the plurality of domains, and none of the ports are concurrently assigned to multiple domains. The method also includes loading rules for forwarding packets between the plurality of ports into a data plane. The rules direct the data plane to forward only between ports in a common domain of the plurality of domains. The method also includes assuring that a packet received at any port assigned to a first domain is not sent in legible form from any port assigned to a second domain if an error causes the data plane to forward or request forwarding the packet to any port assigned to a second domain.

    Network sensing for cloud data synchronization

    公开(公告)号:US11503119B1

    公开(公告)日:2022-11-15

    申请号:US17537457

    申请日:2021-11-29

    Abstract: Disclosed herein are embodiments of a cloud data synchronization system enabling an user operating a mobile client device to download mission-specific data sets from a fixed cloud-based server system to a database of the mobile client device, and then use the downloaded data sets independently on the mobile client device when the mobile client device is disconnected from a network connecting to the fixed cloud-based server system. When connectivity to the fixed cloud-based server system is re-established by the mobile client device in an intermittent and bandwidth-limited communication network environment, the fixed cloud-based server system may provide bi-directional data synchronization between records of the fixed cloud-based server system and the mobile client device to update the data sets on the fixed cloud-based server system and the mobile client device while operating in the intermittent and bandwidth-limited communication network environment.

    Cloud data synchronization based upon network sensing

    公开(公告)号:US10986182B1

    公开(公告)日:2021-04-20

    申请号:US16773744

    申请日:2020-01-27

    Abstract: Disclosed herein are embodiments of a cloud data synchronization system enabling an user operating a mobile client device to download mission-specific data sets from a fixed cloud-based server system to a database of the mobile client device, and then use the downloaded data sets independently on the mobile client device when the mobile client device is disconnected from a network connecting to the fixed cloud-based server system. When connectivity to the fixed cloud-based server system is re-established by the mobile client device in an intermittent and bandwidth-limited communication network environment, the fixed cloud-based server system may provide bi-directional data synchronization between records of the fixed cloud-based server system and the mobile client device to update the data sets on the fixed cloud-based server system and the mobile client device while operating in the intermittent and bandwidth-limited communication network environment.

Patent Agency Ranking