Current packet, cell, and/or frame-based networks; network elements; network analyzers; and/or other network equipment and tools use standardized packet structures, methods, rules, and/or protocols as is well known to practitioners skilled in the art, e.g., ANSI standards, IEEE standards, such as IEEE 802 standards, IEEE 803 standards, and/or IETF (Internet Engineering Task Force) standards. This includes, but is not limited to standard preambles, headers, packet structures, protocols, header lookup methods, prioritization, transmission, encryption, decryption, routing, switching, and/or reception methods.
Packet switching devices, networks, methods, and architectures examine the packet structure for packet and protocol rule validation. These devices, methods, and architectures include, but are not limited to packet, cell, frame-style, synchronous, asynchronous, store-and-forward, cut-through, wireless, wired, optical, storage, processor-to-processor, grid computing, point-to-point, mesh, ring, contention, and/or non-contention networks. When packets and/or protocols adhere to standard rules, the packets, cells, and/or frames are detected, intercepted, interpreted, switched and/or routed normally. When packets and/or protocols violate these standard rules, then various mechanisms for handling rule violations may take place, including but not limited to packet discard.
It is well-known to those skilled in the art, that standard packets, cells, frames, and/or other information structures have standard rules which enable them to be processed as valid by switches, routers, network analyzers (for example, protocol analyzers), and/or other various network equipment, including authorized and/or unauthorized snoopers, sniffers, and/or other detectors. However, when rule violations occur in these standard packets, frames, cells, and/or other information structures, then standard switches, routers, and/or other network equipment detect the rule violation(s), assume that an error has occurred which makes the packet, cell, and/or frame invalid, and discards the packet, frame, cell and/or other information structure.
Encryption and/or decryption methods for communication and/or other information structures are also well known to those skilled in the art, e.g., well-known encryption methods exist such as DES, 3DES, AES, IPSEC, VPN, LEAP, EAP, RADIUS, WEP, RSA, RC4, SSL, etc. However, these methods are generally used to encrypt valid data in the packet and/or information structure itself, as opposed to being used to create and/or construct invalid packet structures and/or information structures themselves.
Various encoding methods are also well know to those skilled in the art, e.g., spread spectrum, wavelets, ultra wideband, discrete multi-tone, etc.
Concurrently, various methods, devices, network elements, architectures, and systems exist for time-based packet, frame, and/or cell switching/routing as described in U.S. Pat. No. 6,611,519, “Layer One Switching in a Packet, Cell, or Frame-based Network,” by Howe, which is hereby incorporated by reference; U.S. patent application Ser. No. 10/947,487 entitled “Time-Scheduled and Time-Reservation Packet Switching,” filed Sep. 22, 2004, which is hereby incorporated by reference; as well as U.S. Provisional Patent Application No. 60/097,138, filed Aug. 19, 1998 by Howe, which is hereby incorporated by reference; United States Patent and Trademark Office Disclosure Document No. 431129, entitled “Fast, Guaranteed, On-Time Delivery of Real-Time Streaming Data in a Packet Switching Network,” by Howe, which is hereby incorporated by reference; and United States Patent and Trademark Office Disclosure Document No. 500305, entitled “Layer One Switching in a Packet, Cell, or Frame-based Network,” by Howe, which is hereby incorporated by reference.
This application claims the benefit of United States Patent and Trademark Office Disclosure Document No. 431129, entitled “Fast, Guaranteed, On-Time Delivery of Real-Time Streaming Data in a Packet Switching Network,” which was filed in the United States Patent Office via US Certified Express Mail on Feb. 2, 1998, and received by the USPTO on Feb. 9, 1998. Said Disclosure Document No. 431129 was subsequently retained and referenced to said parent patent application Ser. No. 09/375,135, and is hereby incorporated by reference.
This application also claims the benefit of United States Patent and Trademark Office Disclosure Document No. 500305, entitled “Layer One Switching in a Packet, Cell, or Frame-based Network,” which was filed in the United States Patent Office via US Certified Express Mail on Sep. 24, 2001, and received by the USPTO on Sep. 25, 2001. Said Disclosure Document No. 500305 is requested to be retained and referenced to this present Continuation-In-Part application, and is also hereby incorporated by reference.
These time-oriented approaches enable a packet, cell, frame, and/or other information structure, data structure, or format to be transferred, switched, and/or routed based upon time instead of (or in addition to) using information obtained from the packet header. Thus, these time-based routing techniques enable switching/routing of a totally-encrypted packet (including encrypted headers) through multiple-hops without having to decrypt the packet (and/or header) to determine the next hop.
Currently, there exists a need for security in packet, cell, and/or frame-based networks, including but not limited to, point-to-point networks, multi-hop networks, land-based networks, wired networks, wireless networks, optical networks, mobile networks, RFID networks, inter-chip (inter-processor) networks, grid-computing networks, storage networks, and/or any other type of communication and/or information network. The desire for security is expressed in, but is not limited to, the following needs:                Total invisibility (or “cloaking”) of a secure packet, cell, and/or frame (“stealth packet”) from unauthorized devices (including, but not limited to network monitors, analyzers, taps, and/or network radar) that might snoop and/or sniff the network.        If the packet is somewhat visible, then the packet should appear to be random noise, and not appear to be organized information.        If the packet appears to be organized information, the packet should violate various standard rules, so that it does not appear to be a packet, and is discarded.        If the packet is visible and/or appears to be information, then the packet should be totally encrypted, including headers and trailers, such that even source and/or destination are unknown to unauthorized devices that are able to intercept the packet, cell, and/or frame information.        If the packet is detectable, then its relationship to other related packets should not be detectable, e.g., packet 22 of a session should not be able to be related to another packet which is packet 23 (or any other packet from the same session). Similar sources and/or destinations, priorities, sessions, count numbers, etc., should not be identifiable, as they may lead to breaking the encryption algorithms and/or keys.        The packet should not require decryption at each node in the network for a multi-hop network, in order to be routable to the next node in the network.        If a packet is to be delivered within a secure network, then the secured (“stealth”) packet should not be able to exit the secure network, even if the secure network is connected to one or more non-secure networks.        There should be guaranteed reliable information delivery, even when the network is under attack from viruses, data storms, loading, congestion, denial-of-service attacks, etc. Reliable delivery should be guaranteed even through loading, congestion, attacks, and/or other contention in point-to-point networks and mesh networks, as well as in shared-media networks such as wireless, CSMA/CA (Carrier Sense Multiple Access/Collision Avoidance), local area networks, CSMA/CD (Carrier Sense Multiple Access/Collision Detection, Ethernet, ring networks, Token-Ring, Aloha, any other wireless, wired, optical, and/or any other shared media networks which may experience congestion, collision, contention, and/or delays. This guaranteed delivery also should be achievable under loading, congestion, and/or contention for resources inside a switch, router, server, storage unit, and/or any other communication device, including but not limited to: input lines, input queues, priority queues, address lookup mechanisms, priority lookup mechanisms, switching fabrics, output queues, output lines, or any other resource sharing mechanisms in data switching or routing.        