With the advent of computer networks has come the problem of secure communication over a network. In addition, it is important in networks dealing with critical transactions that an organization or individual have controls over who can send what information over the network and, as an added precaution, what network resources shall be permitted to accept what kinds of information.
Network architectures have been the subject of a great deal of inventive effort. For example, U.S. Pat. No. 5,548,726 to Pettus was granted for a “System For Activating New Service in Client Server Network by Reconfiguring the Multi-layer Network Protocol Stack Dynamically Within the Server Node.” This patent allows a client, in a client server network, to access remote services by means of a communications directory located in each node of the network. The activities of the client are then controlled by the server which allows only certain activities to take place. Thus the client is effectively controlled by the server.
U.S. Pat. No. 5,577,209 to Boyle et al. was granted for an “Apparatus Invented for Providing Multi-level Security for Communication Among Computers and Terminals on a Network.” This system is a multi-level security system employing a secure network interface unit between each host computer, user computer and the network. This system also provides for security management architecture for controlling operation and configuration of the secure network interface units. Each secure network interface unit is configured to perform certain defined activities. Thus, control in the network is achieved by virtue of a secure network interface unit. Presumably limitations on the activities of workstations on the network are also controlled by the secure network interface unit.
Other types of architectures have attempted to control processing on the network by imparting to servers or network computers certain controls over the processing taking place on the network. U.S. Pat. No. 5,355,453 to Rew et al. describes a system where all networks are connected to a network controller unit for controlling what traffic is permitted on the network.
U.S. Pat. No. 5,287,537 to Newmark et al was granted for “Distributing Processing System Having a Plurality of Computers Each Using Identical Retaining Information to Identify Another Computer for Executing a Received Command.” This system causes a computer that receives a command to forward that command to another if the first computer can not fulfill the command. The emphasis here is on the ability to shift processing to computers that can perform the desired task.
U.S. Pat. No. 5,502,576 to Ramsay et al was granted for a “Method and Apparatus for the Transmission, Storage, and Retrieval of Documents in An Electronic Domain.” This patent has a particular structure that facilitates processing time and achieves higher bandwidth over a network. Traffic on the network is concerned with maximizing the bandwidth of information that is sent over the network.
U.S. Pat. No. 5,109,385 to Tseung was granted for a “Guaranteed Reliable Broadcast Network.” This patent introduces a concept of an “arbitrator node” which manages traffic over the network in order to guarantee that a message is received by a particular network resource even though the resource may be busy, slow, or temporarily out of service. Thus the arbitrator node performs the function of a “traffic cop.”
Other patents in the network security arena relate to methodologies of encryption, for example U.S. Pat. No. 5,295,188 to Wilson et al for “Public Encryption and Decryption Circuitry and Method,” U.S. Pat. No. 5,351,293 to Michener et al for a “System Method and Apparatus for Authenticating an Encrypted Signal,” and U.S. Pat. No. 5,226,079 to Holloway for “Non-repudiation in Computer Networks.”
Other patents have been granted for authentication and signature verification. For example, U.S. Pat. No. 5,189,700 to Blandford was granted for “Devices to 1) Supply Authenticated Time and 2) Time Stamp and Authenticate Digital Documents,” and U.S. Pat. No. 4,326,098 to Bouricius et al was granted for a “High Security System for Electronic Signature Verification.” These and other tools provide certain software solutions whereby one party can sign a digital document and another party can authenticate from the source that the message is truly from a desired party.
These various approaches deal with control over the messages on a network as well as various forms of centralized control over traffic on the network.