发明名称 Storage area network external security device
摘要 An external security device is provided in the communication path between devices of different security levels. A higher security device needs only to trust the security of the external device, rather than relying on operating system and file system software that cannot be assured. The external security device blocks access requests that may be using covert channels, but returns status information that indicates that the request is successful. The external security device may then audit access requests to provide a higher level of accountability. The external security device also handles data duplication to prevent or significantly reduce the threat of traffic analysis.
申请公布号 US8832842(B1) 申请公布日期 2014.09.09
申请号 US200310680579 申请日期 2003.10.07
申请人 Oracle America, Inc. 发明人 Hughes James P.
分类号 G06F11/00;G06F21/56;G06F21/60;H04L29/06 主分类号 G06F11/00
代理机构 Brooks Kushman P.C. 代理人 Brooks Kushman P.C.
主权项 1. A method for preventing communication through covert channels, the method comprising: providing a security device between a higher level security device and a lower level security device, wherein the higher level security device is a storage device; detecting, by the security device, an access request from one of the devices to the other of the devices, wherein the access request is an attempt to write malicious code, an attempt to access management and non-data channels, or an attempt to maliciously modify the storage device; blocking, by the security device, the access request such that in response to the access request, no access is granted; and returning, by the security device, status information that indicates that the access request is successful if no access is granted.
地址 Redwood City CA US