1. Technical Field
This invention generally relates to computer security, and more specifically relates to a computer security system for computers connected to an Intranet, the Internet, the world-wide web, or other computer networks.
2. Background Art
The development of the EDVAC computer system of 1948 is often cited as the beginning of the computer era. Since that time, computer systems have evolved into extremely sophisticated devices, and computer systems may be found in many different settings. Computer systems typically include a combination of hardware (e.g., semiconductors, circuit boards, etc.) and software (e.g., computer programs). As advances in semiconductor processing and computer architecture push the performance of the computer hardware higher, more sophisticated computer software has evolved to take advantage of the higher performance of the hardware, resulting in computer systems today that are much more powerful that just a few years ago.
Other changes in technology have also profoundly affected how we use computers. For example, the widespread proliferation of computers has prompted the development of computer networks that allow computers to communicate quickly and efficiently with each other. With the introduction of the personal computer (PC), computing became accessible to large numbers of people. Networks for personal computers were developed to allow individual users to communicate with each other. In this manner, a large number of people within a company or other organization could communicate at the same time with a software application running on one computer system.
One significant computer network that has become very popular is the Internet. The Internet grew out of the modem proliferation of computers and networks and has currently evolved into a sophisticated worldwide network of computer systems linked together. The Internet is considered an "unsecure" network because anyone with the necessary computer equipment has access to the information that is transmitted on the Internet. If an individual wishes to protect their transmitted information from being received or intercepted by unauthorized individuals, then additional software or hardware must be provided.
In addition to the Internet and other types of public networks, private computer networks presently exist in many different forms and serve many purposes. For example, there are credit card computer networks which direct network traffic to banks for authorizations and transaction posting, there are university computer networks which maintain student or scientific research information, and there are many private company computer networks which contain a variety of proprietary information.
Another recent development in the area of computer networks is the proliferation of "Intranets." Intranets are typically networks of computer workstations, and/or computer resources or systems that belong to a single company, division, or branch of a company. Intranets are considered "secure" networks because they are typically connected to an outside or external network via a security system that restricts access to only authorized users. Intranets are considered to be more secure than other types of public computer networks because they can be isolated from other, outside networks. The rapid expansion of computer networks and the technological advances in communication equipment promises to bring even more connectivity to computer networks through such mechanisms as cable modems, computerized home televisions, and direct access multimedia services.
Along with the explosive growth experienced by computer networks in the past few years, an ever increasing concern is the need to provide enhanced security protection for networked computer systems and resources. In particular, where private computer resources (i.e., software applications, data files, World Wide Web pages, etc.) are accessed using standard Internet communication tools, security must be provided to protect the private resources from unauthorized access. This involves ensuring that access to networked resources is granted only to approved users, whether the users are within a company or external to the company. For example, many companies have remote offices or branches located in various parts of the country. Each office or branch may operate and maintain a computer network and each of these local computer networks may be interconnected in a company-wide computer network or tied together via the Internet. It is often desirable in this type of computer network environment to prevent unauthorized access to one of the local computer networks from another of the local computer networks and also to restrict access by unauthorized Internet users.
This network communication technique is often used on private computer networks as well. Private computer networks are often linked to other private computer networks, such as in a company where multiple user groups exist in the organization with corresponding multiple computer networks. The risk of break-ins and computer misuse in one private network by users of another private network is also present. For example, a disgruntled employee working from a local area network (LAN) in one organization of the company may break into the private computer network of another organization with the company and cause files to be altered or erased. Alternatively, someone may introduce viruses or other illicit and destructive computer programs such as Trojan horses or worms into the network environment.
Another network communication security issue that should be addressed when transmitting sensitive information is the unavoidable problem of an authorized party examining communications in transit whenever a public or unsecure network is used. Data to be sent from one location to another is divided or broken down into "packets." The packets are individually routed or sent over the network and then reassembled at the appropriate destination. As part of the communication transmission process, certain information regarding the origin, destination, and contents of a transmission is packaged and sent along with the actual data packets being transmitted. By examining or "sniffing" the packet and utilizing the packet information, unscrupulous intruders can mimic legitimate network communication traffic and gain access to otherwise secure networks.
One popular solution used to provide computer network security for communication over unsecure networks is known as a "firewall." A firewall is a separate computer system with a dedicated microprocessor that can be used to provide certain types of security. The firewall computer system is usually placed into the computer network so that it is logically located between the protected system and the unsecure network. The firewall can be configured to provide various types of network communication security for the protected system. The use of firewalls is well known in the art and various types of firewalls can be implemented in different ways.
The most common and simplest type of firewall is one that simply does packet filtering. This type of firewall can block undesirable in-coming traffic while allowing outgoing traffic to continue to be processed. Packet filtering firewalls are relatively inexpensive since most network routers currently provide the ability to specify various rules for filtering in-coming packets. Unfortunately, a packet-filtering firewall system suffers from a number of significant drawbacks. These drawbacks include little or no activity logging, exposure of Internet addresses and other network information to public access, and the complex filtering scenarios typically required to handle communications with multiple computer systems.
Another common firewall system is called a dual-homed gateway firewall. A dual-homed gateway consists of a system with two network interfaces that requires that all network communication traffic between the secure network and the unsecure network must pass through the gateway. Normal packet routing and forwarding features are disabled, so an alternative communication mechanism such as proxies or servers must be used. Depending on the availability of proxies and servers, this type of firewall can be very restrictive. In addition, because all network communication traffic must pass through the gateway, overall throughput and system performance may suffer.
While useful, the addition of a firewall computer system generally introduces a significant level of complexity into a network environment. No matter which type of firewall system is utilized, security concerns common to firewall systems in general remain. For example, the firewall computer system must be secured in a protected location where physical access can be controlled. Otherwise, the protected system may be compromised by a direct physical attack on the firewall computer system. Firewall systems must be initially set-up or configured, and occasionally must be reconfigured as the network environment and the nature of the protected systems changes and develops. The initial set-up will typically include installing the operating system, installing the communication software, and customizing the operating system for the specific network environment. The reconfiguration process, whereby the system parameters are changed or otherwise updated, is typically time-consuming and may introduce inadvertent security errors.
In addition, for the sake of convenience, it is often desirable to monitor and control the activity of the firewall system from a remote location. However, remote access capability opens the firewall computer system up to the possibility of tampering or unauthorized access by a system intruder such as a hacker or cracker. After breaking into private computer networks, crackers have been able to erase files or disks, cancel programs, retrieve sensitive information and even introduce computer viruses. Skilled intruders can also disable monitoring and logging facilities so that their presence is undetected. Intruders will then reconfigure the firewall system so as to allow undesirable network communication traffic through the firewall, thereby compromising the security of the protected system.
Without improved methods for providing security and protection for networked computer resources, computer systems will remain less secure and open to potentially devastating attacks, even if protected by a standard firewall system. As businesses increasingly utilize public networks such as the Internet to provide site-to-site connectivity, a common need exists to increase the level of protection available with firewalls, thereby more effectively protecting the networked computer resources. Without a mechanism that is capable of providing increased levels of security between computer systems and resources currently available via networks, network communications and transactions between network users and remote locations will be subject to unnecessary compromise.