The Open Systems Interconnection model (OSI model) is a conceptual model that characterizes and standardizes the communication functions of a telecommunication or computing system without regard to their underlying internal structure and technology. The OSI model provides for the interoperability of diverse communication systems with standard protocols. The model partitions a communication system into a set of seven abstraction layers. Each of the layer serves the layer above it and is served by the layer below it. For example, a layer that provides error-free communications across a network provides the path needed by applications above it, while it calls the next lower layer to send and receive packets that comprise the contents of that path. Two instances at the same layer are visualized as connected by a horizontal connection in that layer. The seven layers of the OSI model are 7—Application, 6—Presentation, 5—Session, 4—Transport, 3—Network, 2—Data link, and 1—Physical, where layer 1 (Physical) is the lowest level.
The physical layer defines: the electrical and physical specifications of a data connection; the relationship between a device and a physical transmission medium (e.g., a copper or fiber optical cable, radio frequency) and includes the layout of pins, voltages, line impedance, cable specifications, signal timing and similar characteristics for connected devices and frequency (5 GHz or 2.4 GHz etc) for wireless devices; defines transmission mode (i.e., simplex, half duplex, full duplex); and defines the network topology as bus, mesh, or ring being some of the most common. The physical layer of Parallel SCSI operates in this layer, as do the physical layers of Ethernet and other local-area networks, such as Token Ring, FDDI, ITU-T G.hn, and IEE 802.11 (Wi-Fi), as well as personal area networks such as Bluetooth and IEEE 802.15.4.
The data link layer provides node-to-node data transfer—a link between two directly connected nodes, and detects and possibly corrects errors that may occur in the physical layer. The data link layer defines the protocol to establish and terminate a connection between two physically connected devices, and also defines the protocol for flow control between devices. IEEE 802 divides the data link layer into two sublayers: Media Access Control (MAC) layer—responsible for controlling how devices in a network gain access to data and permission to transmit it, and Logical Link Control (LLC) layer—responsible for identifying Network layer protocols and then encapsulating them and controls error checking and packet synchronization.
The network layer provides the functional and procedural means of transferring variable length data sequences (called datagrams) from one node to another connected to the same network, and translates a logical network address into a physical machine address. A network is a medium to which many nodes can be connected, on which every node has an address and which permits nodes connected to the network to transfer messages to other nodes connected to the network by merely providing the content of a message and the address of the destination node and letting the network find the way to deliver (“route”) the message to the destination node. In addition to message routing, the network may implement message delivery by splitting the message into several fragments, delivering each fragment by a separate route and reassembling the fragments, report delivery errors, etc.
The transport layer provides the functional and procedural means of transferring variable-length data sequences from a source to a destination host via one or more networks, while maintaining the quality of service functions. An example of a transport-layer protocol in the standard Internet stack is Transmission Control Protocol (TCP), usually built on top of the Internet Protocol (IP). The transport layer controls the reliability of a given link through flow control, segmentation/desegmentation, and error control. Some protocols are state- and connection-oriented. This means that the transport layer can keep track of the segments and retransmit those that fail. The transport layer also provides the acknowledgement of the successful data transmission and sends the next data if no errors occurred. The transport layer creates packets out of the message received from the application layer. Packetizing is a process of dividing the long message into smaller messages.
The session layer controls the dialogues (connections) between computers, and establishes, manages, and terminates the connections between the local and remote application. The session layer provides for full-duplex, half-duplex, or simplex operation, and establishes check pointing, adjournment, termination, and restart procedures. The session layer is commonly implemented explicitly in application environments that use remote procedure calls.
The presentation layer establishes context between application-layer entities, in which the application-layer entities may use different syntax and semantics if the presentation service provides a big mapping between them. If a mapping is available, presentation service data units are encapsulated into session protocol data units, and passed down the protocol stack. The presentation layer provides independence from data representation (e.g., encryption) by translating between application and network formats. The presentation layer transforms data into the form that the application accepts. This layer formats and encrypts data to be sent across a network, and is sometimes called the syntax layer.
The application layer is the OSI layer closest to the end user, which means both the OSI application layer and the user interact directly with the software application. The application layer interacts with software applications that implement a communicating component. Such application programs fall outside the scope of the OSI model. Application-layer functions typically include identifying communication partners, determining resource availability, and synchronizing communication. When identifying communication partners, the application layer determines the identity and availability of communication partners for an application with data to transmit. When determining resource availability, the application layer must decide whether sufficient network or the requested communication exists. In synchronizing communication, all communication between applications requires cooperation that is managed by the application layer. The application layer supports application and end-user processes. Communication partners are identified, quality of service is identified, user authentication and privacy are considered, and any constraints on data syntax are identified. Everything at the application layer is application-specific.
Network input and output (I/O) is frequently a bottleneck in distributed applications. The I/O bottleneck is primarily due to the multiple layers of the Open Systems Interconnection (OSI) model or Ethernet communications where each network packet is enclosed in multiple envelopes for Level 2, Level 3, and Level 4 communications. The multiple layers of the communication models and standards also cause additional central processing unit (CPU) overhead to perform packet repackaging and communication encryption. While the use of the cloud provides significant agility and flexibility, as well as being highly manageable through the isolation provided by the cloud, where communication between cloud nodes often does not even have to go through a network outside of the cloud, overhead is still present.
Data storage is typically optimized in different ways as consistency, availability, and partition tolerance are not available in a single type of data storage as shown by the CAP theorem first advanced by Eric Brewster (University of California at Berkeley). In theoretical computer science, the CAP theorem, also known as Brewer's theorem, states that it is impossible for a distributed computer system to simultaneously provide all three of the following guarantees: consistency (all nodes see the same data at the same time), availability (a guarantee that every request receives a response about whether it succeeded or failed), and partition tolerance (the system continues to operate despite arbitrary message loss or failure of part of the system). An additional property that has proven to be a constraint for the optimization of data storage is scalability. Thus a Hadoop database is quite different from a traditional transactional database. Apache Hadoop is an open-source software framework for distributed storage and distributed processing of Big Data on clusters of commodity hardware. Its Hadoop Distributed File System (HDFS) splits files into large blocks (default 64 MB or 128 MB) and distributes the blocks amongst the nodes in the cluster. For processing the data, the Hadoop Map/Reduce ships code (specifically Jar files) to the nodes that have the required data and the nodes then process the data in parallel. The Hadoop approach takes advantage of data locality, in contrast to conventional highly parallel computing (HPC) architecture which usually relies on a parallel file system (compute and data separated, but are connected with high-speed networking). Endpoints in computer networks are the most vulnerable and unprotected portion in a network, and over 70% of data breaches occur at the endpoints. Targeted cyber-attacks have the ability to side step traditional detection-based security defenses, rendering antivirus software ineffective, with detection rates of only 25% to 50% which are not good enough. The low detection rates of viruses and cyber-attacks cause enterprises to be caught in a never-ending, costly cycle of chasing false positives, getting compromised, and re-imaging PCs.
Currently, there are several computer security products available that protect user endpoints from advanced malware, zero-day threats and drive-by attack, while allowing employees to safely use the internet, email and removable media, without putting an enterprise at risk.
Bufferzone® offers isolation within an operating system (OS), with access configured by a user. However, user configuration may allow for a security breach/data leak if a user either makes a mistake or deliberately weakens security controls. Bufferzone® works in conjunction with the Windows OS kernel, and as such is subject to changes within OS, and can be uninstalled. Additionally, malicious patches to an OS could potentially interfere with software integrity. The Bufferzone® approach includes identification, securing through keeping different application functions within different containers, all within one OS. Each security point must be classified as either in a secure container or an insecure container. From an engineering point of view, the number of permutations to be managed could well be significant, and certain situations may not have a pre-defined classification. Disposition may be difficult, because classification may depend on specific user environment. Additionally, the Bufferzone® technology runs as a user application, and as such is visible to the user, fully integrated, and not transparent.
Bromium® secures endpoint computers through micro-virtualization, using a micro-virtual machine (VM) for each process, where template end-caching to accelerate running processes in a micro-VM guarantees isolation of processes, and even if the specific process is affected, the overall system is not affected. For example, every time a user opens an email or browses the web or shares files, the Bromium® software isolates the task in a micro-virtual machine (micro-VM), and once the task is completed, the micro-VM is discarded, malware and all. However, the Bromium® approach needs to be applied to EVERY POSSIBLE permutation, making it extremely complex to implement. Handling each new platform may require specialized engineering and encoding. Additionally, the Bromium® method causes a significant performance hit, requiring additional resources (1 GB to cache templates=micro VMs). Specific models are required to accelerate the micro-virtualization process. Despite Bromium's unique ability to secure policy, Bromium's biggest weakness is that it cannot handle security policy on a macro level, presenting additional challenges to flexibility and usability.
An additional network security approach that relies on virtualization is Moka5 of Moka5, Inc. Moka5 is within the OS, and is actually enabled by the Windows kernel driver. Moka5 works through splitting layers within the OS, a layer for user applications, for user settings, for corporate applications and settings, and so on. Unlike Bufferzone®, Moka5's layering is horizontal, not vertical. The Moka5 software's main concept is the managing of a user interface across multiple computer nodes. The personalized desktop (layer) of a specific user can be decoupled, and run in multiple environments. Layering the OS allows consistent management of base layers, and enables many features. However, since the installation is within the OS, isolation is not complete, and Moka5 cannot provide full assurance on the macro level. Additionally, Moka5 requires software deployment of agents on multiple computing nodes. Different platform/environment/configuration requires specialized software extensions (modules) to enable functionality.
Furthermore, the OSI network model has proven to be insecure since nodes on the network are open with only a firewall to protect them. Currently most networks are protected through firewalls using techniques called white listing and black listing (on various levels such as physical, Internet protocol (IP) addresses, host names, and protocols) as well as intrusion detection by detecting unwanted network activity and stopping it in real time. However, these techniques do not provide the level of security that is called a level of assurance, and an intruder can impersonate other devices by duplicating the addresses/names, replaying network packets, or tricking a user into downloading malware that would initiate connection from within. It is possible to secure the traffic using methods like Secure Sockets Layer (SSL) tunnels but those add significant overhead in comparison to regular network communications in term of throughput, CPU and memory utilization. As signature of attacks are frequently mutating software, methods in updating time measures are required. In terms of software configurations, the software configurations are themselves often subject to disabling and modification attacks.
Bifurcation is the combining of two operating systems (OS) called a host and a guest, and a bifurcated operating system is the subject of U.S. Pat. No. 8,843,926 that issued on Sep. 23, 2014 entitled “Guest Operating System Using Virtualized Network Communication”, commonly owned by the assignee of this application and herein incorporated by reference in its entirety. The host OS is hardware based and generates a virtual machine program that runs the guest OS. The guest OS is the user interface level, and handles every user instruction and productivity programs such as word processors, spreadsheets, presentation software, and Web browser. While the user is unaware of the host OS existence, every process goes through the host OS. The host OS is a static structure that is preinstalled in the operating hardware as read only. All updates that a user does are saved as added layers on top of the original settings of the host OS. On system restart, the hardware loads the host OS as originally pre-installed, and the update layers are then applied over the original host OS. An algorithm identifies redundancies in the update layers and consolidates them. If malware is loaded on to a computer, the system automatically restores itself deleting the one or more update layers containing the malware. The bifurcated OS provides a secure computer system that does not require user-initiated system software maintenance.
A bifurcated OS provides security advantages to computers and networks since user content and the controlling operating system are physically and logically separated and therefore a controlling device cannot be compromised by outside security attacks via a content provider network. The increased level of operating security, from man in the middle, spyware, malware, phishing, and other illicit attacks on user devices, through the use of a bifurcation lend itself not only to adding just richness from a content aggregation point of view, but provides new devices, with novel functions applicable to e-commerce. In addition, potential data leaks are prevented through an anti-bridging policy. A current weakness of e-commerce is the weak level of authentication of both client and vendor which stops many consumers from wider acceptance of the use of electronic transactions because of fear of stolen identity. Hardware bifurcation serves a triple function of: 1) providing additional factors in authentication (distributing authentication through multiple authentication channels, using the static location of hardware component as an actor in authentication, monitoring movement of purchaser, ability to complete transaction in store); 2) bifurcating/distributing a transaction, for example a user could initiate as an e-transaction and complete as in-store transaction, which could solve the problem of caching credit card information into a phone; and 3) credentials and personal information are protected from malware/phishing from Internet sources since credentials and personal information are not stored in the hardware layer that communicates/interfaces with the Internet.
However, current implementations of a network controller in the bifurcated operating system have the following disadvantages and drawbacks including: low speed, high utilization of the central processor unit (CPU) usage—less then 10% of allowed bandwidth; support for only outbound connections, support for only IPv4 and TCP; and security limitations (man-the-middle attacks are possible).
Thus, there is a need for effective, secure, fast, and efficient methods and systems to accelerate network communication while protecting against unauthenticated network traffic and optimizing data storage, while providing network security. There further exists a need for bifurcated function operation between two layers so as to allocate computation between the two layers to operate on data without the speed bottleneck that is currently created by such functions operating as a unified function within a single layer.