1. Field of the Invention
This invention relates to computer communication networks, and more particularly to a system for securing communications between devices connected to a ring network.
2. Description of Related Art
As computers become increasingly relied upon to perform diverse functions, the necessity to share information and resources between computers is also increasing. Computer networks are a common means for accomplishing the necessary interconnection between computers which allow such sharing to take place. Computer networks allow one computer or terminal (a "node") to pass information to another computer or terminal ("node") for the purpose of performing operations for which the receiving node is more appropriate. Additionally, information may be passed from local nodes to central processing and storage centers. An example of such a network is the automatic teller machines (ATMs) installed at many banks today.
One of the biggest concerns of managers of such networks, after network operational availability ("uptime"), is ensuring the security of the network, i.e., protecting the network from intentional penetration by unauthorized users. There are many ways to provide security for networks. The effectiveness of most of these security means depends upon the configuration of the particular network to be secured. One known means for securing a network is to provide end-to-end encryption. Such end-to-end encryption requires each message that is transmitted from one node on the network to another node on the network to be encrypted such that only authorized nodes can send and receive messages. The receiving node, upon receipt of an encrypted message, must decode the message based upon the encoding method used. However, use of such an end-to-end encryption scheme is costly, difficult to manage, and slow. A preferred method is to have the network provide the security means.
Networks often comprise multiple subnetworks having bridges and routers interconnecting them. Security can be added to the bridges and routers such that they do not allow unauthorized traffic onto a network. However, this does not prevent a node from receiving messages that are not intended for that node. The problem of preventing unauthorized nodes from receiving messages intended only for authorized nodes is a substantial one, since "snooping" using an unauthorized node could reveal very sensitive information, including user passwords and file contents being transferred across the network. For example, a disgruntled employee who legitimately has access to the network may gain much greater access than necessary. This could unnecessarily jeopardize highly sensitive information. This problem is exacerbated by the ease with which network analyzers and other low-cost network monitoring devices can be obtained and connected to networks having hubs with ports which interconnect subnetworks of nodes within the network. Connection of such network monitoring devices permits an intruder to monitor the traffic on the network and decode the higher layer protocols (usually available from the analyzer). This would allow an intruder, for example, to do such things as monitor specific conversations between users and hosts as users log-on, revealing to the intruder the users' passwords and other information necessary to log-on to hosts.
An approach to the security problem which is less cumbersome than end-to-end encryption is implemented in bussed network configurations, such as Ethernet. FIG. 1 illustrates the configuration of a typical bussed network. All incoming data from any port 101 of the hub 100 that is transmitting is put onto the hub bus 102 in the form of frames, and then broadcast out to all the ports 101 on port busses 105. To provide security, a "thrasher" circuit 103 is inserted between the hub's bus 102 and each port 101. The hub 100 determines the address(es) of the nodes 104 on a particular port 101a. When a frame is to be transmitted out onto that port 101a, the thrasher circuit 103a coupled to that port compares the destination of the frame with the nodes 104 connected to that port 101a. If the port 101a is connected to a node or nodes 104 which are intended to receive the frame (e.g., the frame is addressed to one or more nodes, the frame is a multicast intended for all nodes 104, or the frame is a management frame) the frame is transmitted; otherwise the thrasher circuit 103 "thrashes" the frame (i.e., makes it unintelligible before the frame is transmitted through port 101a). Hence, the thrasher circuit 103a ensures that nodes connected to the port 101a can only read frames that are authorized for the nodes of that port 101a.
While this solution provides added security in bussed networks, it is not possible to implement the thrasher circuit described above in ring networks or other shared media access networks in which a node inspects and possibly modifies information before it is transmitted to a next node sharing the media, hereinafter called a ring. FIG. 2 is an illustration of a prior art ring network. In ring networks, all nodes 204 are daisy-chained such that a message frame must go through each node 204 in a sequential manner. Hence, if a frame is thrashed by a thrasher circuit associated with a port 201 of a hub 200, it will be thrashed for all other nodes 204 associated with other ports 201 that are connected to the network further downstream.
Thus, there remains a need for a security system that is compatible with ring networks and which does not rely upon end-to-end encryption of the message. The present invention provides a fast, inexpensive, and easily implemented security system that fills this need.