The present invention relates generally to the field of computer networking, and more particularly to the implementation of secure network management functions within network interface devices.
Network interface devices, such as modems and Ethernet controllers provide a physical and logical connection between a network station and a network. Typical network stations include host computers, routers, and network servers. A network interface device is treated as part of the network station""s physical and logical structure, on the same logical level as the network station""s CPU, memory, and disk devices. A network interface device is also assumed to be a physical or link layer device within the Open Systems Interconnection (OSI) seven layer model of network architecture. The primary function of a network interface device is to translate data contained within the internal memory of the computer into a frame or packet suitable for transmission on the appropriate network, and to perform the reverse conversion upon receipt of a valid frame from the network. Modems, which are considered network interface devices for asynchronous access, may implement link-level data compression and error correction as part of this conversion and transmit/receive process.
The increased use of network applications and environments has led to great increases in the volume of traffic between computers over networks. Not only has the volume of network traffic increased, but the complexity of network transactions has increased as well. Many network applications now allow users to perform commercial or fee-based transactions which require the exchange or payment of money. Such applications often involve the transmission of confidential information, such as credit card or subscriber identification numbers. This increased use and complexity of network applications necessitates greater resource and access control over the computers and routers on a network in order to ensure that network traffic flows efficiently and that messages are transmitted securely. Current network interface devices lack certain essential features which are increasingly being required in modern network environments. These features include the ability to have a remote network station control the network interface of a host computer, and the ability to provide a logical representation of network services even when the host computer is disconnected from the network.
There are currently no Transmission Control Protocol/Internet Protocol (TCP/IP) fielded networked systems that provide secure and reliable in-band, network-based control of network interface devices within network stations. Some systems allow control from the network station to the remote server, for example, a telephone customer using the *69 call return feature to fetch information from the local telephone company switch. However, these systems do not allow remote server or network control over the network interface device within the network station. Such control is useful because it would allow a central network entity to control network traffic characteristics, such as bandwidth usage by stations on the network. However access to the network interface device from devices on the network other than the host computer within which the interface device resides raises several security concerns. Insecure access to the network interface device from the network may allow undesired exposure of data or sensitive information. It may also allow an improper configuration to be set which may result in a misdirection or even loss of data. It is thus desirable to provide a network interface device which allows secure control over operational characteristics of the network interface device from remote devices on the network.
Present networked systems also fail to provide secure and reliable local representation of network services within a network interface device for a host computer. In an environment in which a host computer accesses a fee-based application from a remote server, the network interface device (which is under the complete control of the network station) cannot contain any state information or object of value such as licenses, payment data or electronic rights-to-use, because this information can be modified, created (spoofed) or destroyed by the host computer. In current systems, electronic objects of value are stored in a secure manner on another station on the network, such as the remote server, and the host computer is required to use a network protocol such as Remote Procedure Call (RPC) to acquire the object from the remote server""s secure storage system. These systems require that a network connection be maintained between the host computer and remote server during the time that the application is executed on the host computer, and also that the remote server and host computer transmit sensitive information (i.e., the license or payment data) over the network. These systems thus introduce connectivity and security constraints to a network application environment. It is thus further desirable to provide a network interface device which allows secure representation of network services to a host computer even when the host computer is disconnected from the network.
In addition, network interface devices in the prior art have various other disadvantages which are overcome by the present invention, as described in the detailed description which follows.
The present invention discloses a method and apparatus for securely controlling a local network device from a network, and providing network services to a host computer without requiring a network connection. The network interface device contains a secure language processor. The secure language processor verifies commands sent from the network to the host processor and provides an embedded, robust environment which allows for secure access and control over resources within the network interface device, and the storage of sensitive information within the network interface device.
In one particular embodiment of the present invention, the secure language processor is implemented within a Java(trademark) language interpreter (Java is a trademark of Sun Microsystems). The Java language interpreter utilizes the Java programming language and application level support for digital signatures to receive and verify control commands sent to the host computer from a remote network device. This control command could request the execution of a local function such as a reduction in bandwidth consumption, or the change in network addressing or connectivity. The Java language interpreter also provides control over embedded non-volatile memory for storing objects of value, and a restricted interface. This mechanism allows a network interface device to represent and proxy for services available on a network, even when the local device is disconnected from the network.