Reliance on computing devices such as computers, personal data assistants, wireless phones, and other systems in the workplace continues to increase. Use of computing devices such as desktop computers, laptop computers, personal data assistants, and the like are commonplace in the workplace. These devices are becoming more sophisticated and generate requests for an ever widening variety of information sources using a variety of protocols. With this increased access comes security risks, viral invasions, corporate espionage, abuse of systems, and network instability. Also, marketers manipulate this vulnerability in an effort to reach users and send them unwanted e-mail and other e-publications.
Owners of LANs must balance between granting employees unfettered access to the Internet, such as the use of localized e-mail software, remote e-mail provided by a service provider, or even file sharing. To restrict Internet connections often results in restricting employee access to valuable work tools, which hinders work performance. Unrestricted access may result in abuses, leaks of information, and corporate espionage. Restricted access may require setting up password protections, only granting access to approved sites and approved users, and deploying resources to secure networks and data. For instance, owners of LANs must find indirect ways to restrict access to an on-line auction website while allowing the same individual to purchase plane tickets for employers or employees on a substantially similar website. Owners must allow salesmen to access product pricing information while preventing other employees from doing so, all under the umbrella of a single network. With this increased access have come security risks, such as viruses and worms, corporate espionage, hacking, “spam,” and other types of abuses. Exploitation in light of these risks can be extremely costly and even threaten the survival of companies and organizations. LAN NAs may also wish to share part of the information found and stored on the LAN with external users without unwillingly granting access to other parts of the core proprietary business information stored on the LAN. Currently, hardware such as firewalls offers limited connection control regardless of the type of data requested or if a user is allowed or accredited by the LAN NA to access the data.
In tandem with increased technological demands and data growth, the need for LAN ITEs and NAs to provide increased security and control access of LAN users increases proportionally. LAN ITEs and NAs must be able to grant partial access to users based on certain predetermined parameters. For example, a first user may be given unrestricted rights to surf the Internet, another be granted the limited right to send but not receive e-mail attachments, while yet another user may be restricted to use where files can only be downloaded and stored on a local server. Network owners need to decide how “open” or “closed” their networks will be. The more open a network is, the more access users have to the information they need, but the more vulnerable the network is to the problems mentioned above. Conversely, a closed network is less vulnerable, but it is also less usable by both a local LAN user and an external network user trying to access data located on the LAN.
LAN ITEs and NAs must be able to authenticate users logging into the LAN to control the data stream by assigning each user limited access in a secure fashion. To protect data and restrict access to protected information, LAN NAs must also ensure that no user is able to obtain valuable trade secrets by falsifying an identity or logging into the LAN after the termination of employment. LAN ITEs and NAs must also control so that when outside access is granted, it is carefully done instead of simply having to select if access is granted to an outside user or if the access is denied.
Some enterprises have implemented collaborative web services with the goal of creating a web services interface across trusted domain boundaries to reduce unnecessary barriers. Those techniques have been used to reduce authentification burdens on users and computer systems administrators. Under the single sign-on (“SSO”) process, a new user is required to enter information in a data field and to be validated by the domain owner. Once accomplished, a temporary password and a code name is provided to the user. Many websites where monthly memberships are required operate under this model. Users are granted a specific level of access, and if the password is stolen or lost, the network then becomes vulnerable. For instance, if a newspaper sells an on-line subscription to a user, it is frequently unable to grant limited access to its content, and to determine if the user is in fact the right individual, the server owner may control the location from which access is obtained, and most importantly, determine whether multiple users are jointly using the same password from different locations.
Network owners have controlled access from outside their organizations by using firewalls with basic port connectivity access, and from within their organizations by limiting which application are installed on user devices. These device-level solutions are easily circumvented; even an inexperienced user can install an e-mail client or web browser or gain access to a device that has these applications installed. Passwords are also notoriously easy to discover. To address the shortcomings of the many existing traditional approaches, key-based cryptography algorithms have been developed.
Generally these cryptographic algorithms are either symmetric, where a key can both encrypt and decrypt a message, or asymmetric, where a public key is used to encrypt a data stream and a private key is used to decrypt the same stream. The use of symmetric systems presents serious limitations. These systems require significant processing time to determine prime number sequence keys, which must be updated continuously to prevent newer and more powerful systems from reconstructing the sequences. In addition, once a key is lost or stolen, the chain of data transfer is corrupted and must be replaced.
The latest version of cryptographic systems, based on asymmetric algorithms like Pretty Good Privacy™, use a public key infrastructure (“PKI”). These systems also use hash functions and symmetric functions. In PKI, the public key is used and distributed to establish a secure data communication channel thought key exchanges among the users. Each user is given a private and a public key. The public key is shared, whereas the private key must be held in confidence. If a user loses his private key, only a single new public key associated with that particular user must be recalculated.
A LAN NA wishing for users to communicate securely needs to provide and/or manage private and public keys for all users, creating an additional security risk. In a secure communication, a party uses the other party's public key to encrypt the message to be decrypted by the other party. The use of PKI creates a new problem: how can a user know he is using a second user's public key, not that of a third party? If a pirate substitutes a recipient's public key with his own public key, the sender is fooled into encrypting the data in such a way that only the pirate is able to read. Authentification of public keys has become a necessary part of secure transactions, and one of the most common solutions is the use of digital signatures.
A neutral third party, called a Certification Authority (“CA”), is able to maintain an index of public keys and serves to certify a public key by encrypting it with its own public key. A user applies for a digital certificate from the CA, requesting a target public key. Upon verification of the identity of the requestor, the CA sends a digital certificate. Current standards for issuing a digital certificate are X.500 and X.509. The certificate normally contains information such as the signature of the CA, the public key desired, and the identity of the CA. Using the public key of the CA, the user then decrypts the certificate to extract the desired public key.
A digital signature is a code that can be attached to an electronically transmitted message to guarantee that the sending party is really who he claims to be. Most PKI-based certificates use a private key to create a hash value generated with the message, which is called the digital signature. Without the digital signature, it is still possible for a pirate to interfere with the encrypted message by removing lines within the unknown text. By using the hash table along with the digital signature, once an entity receives an encrypted message, the user is then able to recreate the hash table by applying the public key to the encrypted message and use the CA's public key to verify the completeness of the encrypted data. The hash table allows for verification of noninterference with the encrypted data, though the private key is still required by the recipient to decrypt the data stream.
As a result of this well-established PKI and Certification system, a plurality of public and private keys must be managed to send and receive information from a plurality of sources. In addition, the services of a CA must be used to validate each user's public keys. Such security management can prove to be burdensome, and it becomes even more so when the keys are compromised and must be managed from within a LAN for users requesting information from numerous external sites. Site security-management designs often result in an all-or-nothing grant of access for external users, this user either possesses a digital certificate to access an application and a password to logon past the firewall.
What is needed is a system that allows a LAN ITE and NA to increase LAN security by offering local CA-type possibilities to users of a LAN and to uses external to the LAN on a remote network. To accelerate the complicated permissions system granted to a plurality of users, each having different authorization levels, the disclosure must allow LAN ITEs and NAs to issue individual permissions and certificates while working closely in relationship with a CA as a third party. What is also needed is a system to manage public and private keys on a local level to enable association of protection levels based on file type, file protocol, or even file name specificities.
The system must also enable NAs and ITEs to protect their LANs against internal and external threats, and in doing so, control the flow of information and how open or closed the networks are to any type of user such as local LAN users and remote network users. The system must control the spread of viruses, worms, and must forestall the interference of hackers and pirates. The system must also prevent users from accessing unauthorized data and sharing such information on local servers. The disclosure also relates to a system to increase productivity by preventing a high volume of spam and unauthorized use by employees of websites, personal e-mail, and chat.