| 发明名称 | Method and apparatus for cyber security | ||
| 摘要 | Aspects of the disclosure provide a network interface device for use in an electronic device. The network interface device includes multiple systems and can be configured to perform multiple levels of security functions. In an example, the network interface device includes a first system and a second system. The first system includes a first interface configured to couple the first system with a host system of the electronic device, a second interface configured to couple the first system with an external electronic device, and first integrated circuits configured to monitor and filter traffic flowing between the external electronic device and the host system of the electronic device. The second system includes second integrated circuits. The network interface device also includes a communication channel between the first system and the second system. The second system is configured to send control information to and receive status information from the first system via the communication channel. | ||
| 申请公布号 | US9065799(B2) | 申请公布日期 | 2015.06.23 |
| 申请号 | US201113087998 | 申请日期 | 2011.04.15 |
| 申请人 | LOCKHEED MARTIN CORPORATION | 发明人 | Vanderpol Mathew;Hellbusch Seth A.;Hale Robert W. |
| 分类号 | H04L29/06;G06F21/55;G06F21/85 | 主分类号 | H04L29/06 |
| 代理机构 | Oblon, McClelland, Maier & Neustadt, L.L.P. | 代理人 | Oblon, McClelland, Maier & Neustadt, L.L.P. |
| 主权项 | 1. A network interface device for use in an electronic device, comprising: a first system that includes: a first interface configured to couple the first system with a host system of the electronic device;a second interface configured to couple the first system with an external electronic device; andfirst integrated circuits configured to monitor and filter traffic flowing between the external electronic device and the host system of the electronic device without relying on an operating system of the host system, a second system having second integrated circuits, a communication channel between the first system and the second system, the communication channel including a first shared memory configured to be accessible by both the first system and the second system, and a second shared memory configured to have a first portion configured to be accessible by both the first system and the second system, and a second portion configured to be accessible by the second system and to not be accessible by the first system, wherein the second system is configured to send control information to the first system to control the first system, and receive status information from the first system via the communication channel, the traffic, flowing between the external electronic device and the host system and monitored by the first system, is isolated from the second system, the second system is configured to monitor the first portion of the second shared memory that is used by the first system, and the communication channel is configured to provide mutual exclusion to enable only one system of the first system and the second system access to a same region of the first shared memory at a time. | ||
| 地址 | Bethesda MD US | ||