1. Field of the Invention
This invention relates generally to computer and communication networks, and more specifically, to handling of encrypted data in a deployable communication system used to provide secure voice, video and data services to multiple remote users.
2. Background of Related Art
FIG. 5 is a depiction of a conventional deployable secure communication system providing voice communications.
In particular, as shown in FIG. 5, a secure encryption module such as defined by KIV-7 standards 912 with suitable interface hardware is utilized in a direct connection path between a remote user 910 and a wireless connection to a similarly secure receiver via a satellite antenna 914. In the conventional system of FIG. 5, a conventional ISDN phone 910 is at the remote user end, and an ISDN link is utilized between the KIV-7 encryption module 912, and a suitable satellite two-way communication transceiver and antenna 914.
In operation, voice data is generated by a suitable ISDN telephone 910, and is encrypted by the Type 1 encryption unit 912. The encryption unit 912 has a serial data output, e.g., a synchronous serial output such as is defined by RS-530 standards.
The serial data passed from the encryption unit 912 is converted into an ISDN data stream by a suitable serial-to-ISDN converter 917, and transmitted in a secure environment over a physically secure satellite, e.g., an M4 INMARSAT satellite terminal.
The conventional communications terminal shown in FIG. 5 provides voice communications from a single ISDN phone 910. The ISDN standard allows up to two voice channels, together with a small control data channel. However, there are growing needs for computer data (e.g., from a laptop computer) to be communicated from a remote, deployable, secure communications terminal through a secure, encrypted means.
FIG. 6 is a depiction of a conventional deployable secure communication system allowing both voice and data communications.
In particular, as shown in FIG. 6, a voice data path is provided by an ISDN telephone 910, which generates a serial data stream that is encrypted through a Type 1 encryption unit 912a, e.g., a KIV-7 encryption unit. Additionally, an Ethernet 10 BaseT serial data stream is generated by a laptop computer 111, and encrypted by a similar Type 1 encryption unit, e.g., another KIV-7 encryption unit 912b. The two encrypted serial data streams from the KIV-7 units 912a, 912b are then multiplexed together, converted back into a suitable post-encryption ISDN data stream by a serial to ISDN converter 917, and passed on to the Inmarsat satellite terminal 914 for transmission to a satellite network.
It is vitally important that encryption units 912 stay physically secured, to maximize protection of the information being passed thereover. Also, to further maximize protection of the information, the satellite terminal 914 is conventionally set up and maintained within a secure environment, and travels with the secure encryption module.
It is also vitally important that secure communications terminals, particularly those communication terminals that are intended to be deployed in a military environment, be as small as possible. Conventional systems are typically physically large, e.g., the size of a van, due in significant part to the need for two separate Type 1 encryption units 912a, 912b in a secure, deployable communications terminal to handle two serial data streams providing both voice and data support.
There is always a need for a smaller, more lightweight, more easily portable and more easily deployable communication system.