WO2008042318A2 - Systems and methods for management of secured networks with distributed keys - Google Patents

Abstract

System and method for providing secure interactivity and management between points on a network. In one embodiment, the method includes the steps of providing a communication network having a network infrastructure and a secure network topography between a multiplicity of policy enforcement points (PEPs). The method also includes a user providing at least one policy definition to a management and policy (MAP) server in communication with at least one key authonty point (KAP). The KAP generates and distributes keys to the PEPS consistent with the MAP policy. The PEPs enforce the policy by providing secure communication across the network topography.

Description

SYSTEMS AND METHODS FOR MANAGEMENT OF SECURED NETWORKS WITH DISTRIBUTED KEYS BACKGROUND OF THE INVENTION

1. Field of the Invention The present invention relates generally to secure communication and/or interaction within a secure network. More particularly, the present invention relates to systems and methods for simplified management of secured networks with distributed keys and management of same for a data and/or communications network.

2. Description of the Prior Art Generally, current security solutions for networks include discrete solutions provided by security software and encryption algorithms and keys generated therefrom, network infrastructure, information technology (IT) infrastructure, and other enabling infrastructure, such as those provided by hardware and software for particular applications. Typically, changes to security solutions and even modifications within an existing security solution for a network requires complex adaptation and changes to the existing infrastructure, or are so cumbersome that use of encryption and security throughout most network activity is not commercially feasible or manageable.

Additionally, prior art secure network systems and methods require complex steps and configurations to arrange secure associations for devices to be operable for data access and communication across devices within a secure network. In particular, for establishing a full mesh for secure network communication between a multiplicity of points and corresponding devices, the number of keys required to be distributed is N(N-I) and secure associations 2N(N- 1), where N is the number of devices at points within the network. For even a reasonably small network where N is between 10-1000, the configuration and steps required to provide security of communication and data for a full mesh is commercially impractical; this decreases the likelihood that security will be applied and used regularly and widespread across the network. Therefore, security is actually diminished because full mesh is not commercially reasonable to manage and use in the normal course of business for even medium to large networks.

Other prior art key distribution provides for key management for multicasting, such as IPSec policy managers that define gateways within secure networks.

By way of example, current practice for providing secure group communications is represented by US Patent Application Publication No. 2004/0044891 for "System and method for secure group communications" by Hanzlik et al. published on March 4, 2004 relating to implementation of a virtual private network group having a plurality of group nodes, a policy server, and shared keys for sharing encrypted secure communication information among the group nodes.

Thus, there remains a need for flexible, dynamic software-based security solutions that overlay onto existing network architecture without requiring complex changes to the hardware and network, IT and/or enabling infrastructure.

With the advent of the Internet, people are able to communicate with others without geographical limitations. Communication over the Internet has enabled people to work from remote locations, access information that would normally not be available from these locations.

The Internet has also opened up a new frontier for online media delivery such as music and video. It has also enabled applications such as video conferencing and virtual private networking.

With the increased availability and variety of applications on the Internet, security is a major concern. If the communication between people is not secure, others can intercept and listen or view the conversations, view emails, join conferences, and gain access to secure documents and information. There are a number of solutions that address the problem of securing communication over the internet. The most common approach is to encrypt the communication so that only authorized users, or users that should receive and view the communication, can decrypt the communication. The users can also be authorized prior to sending them the encrypted information. This usually entails exchanging information with the users to be authorized to verify that they are who they claim to be. These techniques use cryptographic keys that are used to encrypt/decrypt the communication and/or verify and authorize users that have access to the communication.

The Internet Engineering Task Force (IETF) has defined a number of standards and RFCs to address this problem. However, these solutions, for example IPSec, are designed to enable one-to-one communication and are more concerned with the exact standards of carrying out encryption and authentication for secure message exchange.

The use of keys or the solutions provided by the IETF require that communication with each user or recipient by encrypted with a key. There are a number of key encryption techniques that can be used, such as symmetric or asymmetric techniques. As the number of recipients grows in a secure communication, for example, as in multicast applications such as conferencing and media broadcasting, the processing overhead required to encrypt the communication with each recipient grows. This also increases load on the hardware required to support the delivery of such applications to the recipients. Apart from supporting the actual delivery of the applications and media to multiple recipients, hardware and/or software is required that tracks users who should receive the content. In some cases, users may have different access levels and should only be allowed to view some content. In case of VPNs, users should be allowed to files based on their permission levels. Such types of applications require extra processing and when coupled with the increased load because of the large number of encryption/decryption operations being performed, can really slow down the operation of the server or servers providing such applications.

Another important aspect in the delivery of these applications is the management of keys. Keys are regularly sent to the recipients so that they can successfully authenticate themselves and decrypt the content. Key management requires keys to be generated for the recipients and distributed to them. The method in which the content is distributed may require a unique key for each recipient, or may support the use of common keys for multiple recipients. Further, keys need to be updated frequently since old keys may expire or may become available to users not intended to receive the keys, or rogue users. Also, recipients may support different key encryption / decryption algorithms. This requires multiple implementations of key encryption/decryption schemes. Finally, in distributing keys to the recipients, the keys may be intercepted and used by rogue users. Hence, the keys need to be encrypted themselves so that rogue users cannot decrypt and use them.

Hence, there is a clear need for a solution that will simplify the process of securing communication over unsecured mediums such as the internet. The solution should be able to reduce the number of encryption and decryption operations needed to securely transmit information to multiple recipients. It should also be able to manage individual user preferences and access levels. Further, the solution should be easy to implement using existing infrastructure and should be able to function with current standards of encryption and authentication. Additionally, the solution should be easy to manage and deploy. The system should be able to efficiently manage the generation and distribution of keys. It should enable access to the resources or content that is protected on the basis access levels assigned to users.

Other prior art key distribution provides for key management for multicasting, such as IPSec policy managers that define gateways within secure networks. By way of example, current practice for providing secure group communications is represented by US Patent Application Publication No. 2004/0044891 for "System and method for secure group communications" by Hanzlik et al. published on March 4, 2004 relating to implementation of a virtual private network group having a plurality of group nodes, a policy server, and shared keys for sharing encrypted secure communication information among the group nodes.

Computer network traffic is normally sent unsecured without encryption or strong authentication by a sender and a receiver. This allows the traffic to be intercepted, inspected, modified or redirected. Either the sender or the receiver can falsify their identity. In order to allow private traffic to be sent in a secure manner, a number of security schemes have been proposed and are in use. Some are application dependent, as with a specific program performing password authentication. Others such as (TLS) are designed to provide comprehensive security to whole classes of traffic such as Hypertext Transfer Protocol (HTTP) (i.e., web pages) and File Transfer Protocol (FTP), i.e., files.

Internet Security (IPsec) was developed to address a broader security need. (See Demystifying the IPsec Puzzle, Frankel, S., Artech House (2001)) As the majority of network traffic today is over Internet Protocol (IP), IPsec was designed to provide encryption and authentication services to this type of traffic regardless of the application or the transport protocol. This is done in IPsec tunnel mode by encrypting a data packet (if encryption is required), performing a secure hash (authentication) on the packet, then wrapping the resulting packet in a new IP packet indicating it has been secured using IPsec.

Normally, the shared keys used by IPSec are established one of the two ways: manually or using the Internet Key Exchange (IKE) protocol. In load-balanced or highly redundant networks where traffic can be sent and/or received through multiple paths, there are no single pairs of Policy Enforcement Points (PEP) that can perform negotiation or be selected as the source or destination in the tunnel head as required by IKE. As such, in highly complex mesh networks, for example, where there are a number of networks and endpoints, the number of the policy required on each PEP becomes extremely large and management become more difficult with increasing scale as the number of networks increase.

Therefore, some networks implemented data protection managing technologies to resolve these problems while maintaining the existing IKE/IPSec gateway functionality. An example of this is disclosed in U.S. Provisional Application No. 60/813,766 filed on June 14, 2006, the entire teachings of which are hereby incorporated by reference. Such a data protection managing technology separates policy management, key generation and distribution from policy enforcement and handles extremely large number of network. This works either for multiple paths in a redundant network or for many networks in a multicast scenario. In addition, the data protection managing technology greatly simplifies policy generation by grouping networks and Policy Enforcement Points (PEPs). Despite the advantages of data protection, and improved management of key generation and distribution, there are a number of situations where a user may need to interface with a standard IKE device for use in the secure network. In addition to supporting legacy devices, this may be needed to detect Network Address Translation (NAT) between a remote client and a gateway of the secure network. Also, it could be useful in applying IKE for authentication.

Standard IKE, however, is insufficient for distributing keys to multiple PEPs units. IKE works only with point to point connections, with keys installed on each endpoint. Furthermore, standard key distribution using data protection managers does not suffice because it does not provide an interface to standard IKE systems and cannot detect NAT devices. Where a key authority point (KAP) is provided as a solution to the foregoing systems and methods for providing secure network communication, the KAP is the central generator, distributor and repository for keys and policies for securing a network or networks via a set of policy enforcement points. If communication with the KAP were to fail, through network failure or KAP failure, secure networks would be unable to rekey themselves and communication would fail. In addition, new policies could not be sent to the network compromising network security.

A number of issues make securing a backup KAP difficult. By way of example, simply providing a duplicate KAP using clustering technology (e.g., the Linux High Availability system) involves sharing the secure keys across two devices over open communication. For security purposes, the keys should be stored in hardware and only communicated using the encryption key for the PEPs. A backup server using iSCSI (such as Distributed Replicated Block) suffers a similar limitation. On recovery, the backup KAP must be able to securely take over the network, ensuring it has the current keys and status information, without interrupting traffic in the network. The backup scheme for the KAP must be fully automated to ensure rapid backup and to preclude any state lockup during any transition no matter how complex. While it is acceptable for limited communication to both primary and backup be made (such as sending policies), the solution must not duplicate all traffic from primary and backup or the network will be overwhelmed. In any case, the solution must be robust enough to handle any single failure in communication, device functionality, and recovery without regard to timing.

Thus, there further remains a need for a network security solution having simplified, effective key generation and distribution across the network and across security protocols. SUMMARY OF THE INVENTION

The present invention provides systems and methods for simplified management of secured networks with distributed keys and management of same for a data and/or communications network, including transporting keys between security protocols and providing a back-up for a key authority point providing key generation and distribution throughout a network.

A first aspect of the present invention provides a system for simple management of secure networks including at least one management server constructed and configured for communication through network channels to at least one point on the network including remote communication device(s) operating from policy enforcement point (PEP)s, each having at least one key generated and distributed by at least one key authority point (KAP) with associated policies provided by a management and policy (MAP) server to ensure secure association within the network. Another aspect of the present invention provides methods for distributing keys to end point communication devices through network channels including providing a server-based key management system from a server on the network, the server distributing keys to authenticated devices requesting secure access to the network, wherein the keys are distributed through previously authenticated authorized PEPs that provide for cross-communication with each other by operating on secured channels within the network.

In a preferred embodiment, the present invention provides systems and methods for providing a secure mesh network including at least one management server constructed and configured for communication through network channels to a multiplicity of policy end points (PEPs) on the network including remote communication device(s) each having at least one key provided through at least one key authority point (KAP) with associated policies provided and managed by a MAP to ensure secure association within the network, wherein the steps include a device on the network requesting a mesh configuration, automatically authenticating and authorizing the device(s) through the MAP and KAP secure communication and distribution of keys to the PEPs to enable secure activity with corresponding devices. Thus, the present invention provides automatic security solutions for enterprise data and communications management within a secure network wherein the policies and keys are managed and distributed by MAP and KAPs, respectively, to PEPs for automatically configuring a mesh within the network for authenticated and authorized communication across a network topography via PEPs. The present invention provides systems and methods for simplified management of secured networks with distributed keys and management of same from a universal key authority point (KAP) for a data and/or communications network.

Another aspect of the present invention provides a system for management of secure networks including at least one management and policy (MAP) server constructed and configured for communication through a network a universal key authority point (KAP) on the network, wherein the universal KAP is operable to generate and distribute keys based upon the policy communicated to the KAP by the MAP, and wherein the keys are provided to a multiplicity of policy enforcement point (PEP)s to ensure secure association across PEPs within the network.

Still another aspect of the present invention provides methods for generating and distributing keys to end point communication devices operable on the network through PEPs, wherein the keys are generated and distributed from a universal KAP based upon policy according to a MAP server. In another embodiment, the present invention provides systems and methods for providing a secure network and subnets including at least one management and policy (MAP) server constructed and configured for communication through a universal key authority point (KAP) that generates and distributes keys to policy enforcement points (PEPs) distributed across the network, the KAP generating at least one key according to MAP policy or policies to ensure secure association through the PEPs within the network, wherein the key generation and distribution operation by the KAP are automatic, based upon PEP request and MAP policy.

In another embodiment, the present invention further provides automatic security solutions for enterprise data and communications management within a secure network wherein the policies and keys are managed and distributed by a MAP and a universal KAP, respectively, to PEPs for automatically configuring secure network topography for authenticated and authorized communication across PEPs.

Additionally, the invention is directed to a method for providing network security comprising a step of configuring a remote network to engage network security negotiation with a local network. The method further includes a step of configuring a first security policy of a security component within the local network to pass through a network security negotiating communication between the local network and the remote network, and a step of establishing a network security negotiation between the remote network and a security parameter generator via the security component. The security parameter generator can be located within the local network and configured to provide secure communication with the remote network. In a first preferred embodiment, the method can further include a step of establishing a secure association between the remote network and the local network. The step of establishing a secure association between the remote network and the local network can include one or more authentication mechanisms. Another embodiment of the invention is an apparatus for providing network security comprising a remote network configured to engage network security negotiation with a local network. The apparatus further includes a security component within the local network with a security policy that can pass through a network security negotiating communication from the remote network, and a security parameter generator configured to provide a secure communication with the remote network via the security component. The security component can be located within the local network.

This invention is unique because it allows an IPsec tunnel traffic to a local PEP(s), where the traffic is not addressed to the PEP by the use of an IKE device located behind the PEP(s), and by the secure transmission of policies and keys to the PEP(s) after IKE negotiation.

The present invention provides systems and methods for providing back-up for a key authority point (KAP) to ensure management of secured networks with distributed keys and management of same for a data and/or communications network.

The present invention further provides a system for management of secure networks including at least one management and policy (MAP) server constructed and configured for communication through a network via at least one key authority point (KAP) on the network, wherein the KAP is operable to generate and distribute keys based upon the policy communicated to the KAP by the MAP, and wherein the keys are provided to a multiplicity of policy enforcement point (PEP)s to ensure secure association across PEPs within the network, further including a back-up for the KAP to provide operability and rekeying without compromising network security in the event of a network or KAP failure.

Another aspect of the present invention provides methods for providing a back-up to the KAP for generating and distributing keys or rekeying for PEPs, wherein the keys are generated and distributed from a KAP based upon policy according to a MAP server, and the back-up functions to support the same policy following network or KAP failure.

Yet another aspect of the present invention provides a method or an apparatus for communicating security policy information between at least one Key Authority Point (KAP) and at least one Policy Enforcement Point (PEP), thereby eliminating the need to manually install security policies on each network device. The policies are, instead, defined in a high level manner. The at least one KAP then generates detailed policy information based on the high level definitions, and distributes the detailed policy information (in a format that conforms to an Application Programming Interface (API)) to the at least one PEP over a network. The detailed policy information is received and stored at the at least one PEP. In one embodiment, the policy communicating method communicates a policy name, server information, transaction information, and transaction details. The server information may specify one of the at least one KAPs from which the policy is being communicated. The transaction information may specify a deferred reload time, a transaction type, or both. The transaction type may correspond with the type of information that is contained in the transaction details, such as a "replace" transaction. The transaction details may include details for a particular type of transaction, such as a "replace" transaction. Included in the transaction details may be a set of security policy rules, which may contain zero or more policy rules. A policy action may be specified within a policy rule. Finally, the present invention further provides for at least one encrypting / decrypting unit that receives symmetric keys from a key authority point (KAP) within a secure network having a software operating on a management and policy server (MAP) in communication with the KAP for providing key(s) to policy enforcement points (PEPs) on the network and at least one common key to encryption/decryption units for facilitating encrypting and decrypting packets and transmitting the packets securely through the network, including load balancing of the encryption/decryption functions and multicasting of the packets. The symmetric key distributed by the KAP is the common key used to encrypt traffic.

These and other aspects of the present invention will become apparent to those skilled in the art after a reading of the following description of the preferred embodiment when considered with the drawings, as they support the claimed invention. BRIEF DESCRIPTION OF THE DRAWINGS

Figure l is a schematic of general PRIOR ART network security system arrangement.

Figure 2 is a schematic showing a centralized software solution for providing and managing security for data and communications of a network in accordance with an embodiment of the present invention.

Figure 3 is a schematic diagram for the intelligent overlay of the present invention, and the MAP, KAP, PEP components.

Figure 4 is a schematic diagram showing universal KAP for network protection. Figure 5 is a schematic showing the KAP for universal on-demand key generation services for all security needs.

Figure 6 is a schematic diagram showing KAPs, PEPs and MAP nodes in a distributed network, in accordance with an embodiment of the present invention

Figure 7 is a schematic of PRIOR ART secure network mesh requirements. Figure 8 is a schematic of EDPM solution using the intelligent overlay according to the present invention.

Figure 9 is a schematic of a hub and spoke network scenario that is secured and managed in an embodiment of the present invention. Figure 10 is a schematic of a mesh network scenario that is secured and managed in an embodiment of the present invention.

Figure 11 is a schematic of a multicast network scenario that is secures and managed in an embodiment of the present invention.

Figure 12 is a schematic of a point to point network scenario that is secured and managed in an embodiment of the present invention.

Figure 13 is a schematic system level diagram of an IKE negotiation scenario between a local network interfacing with a standard IKE device in a remote network.

Figure 14 is a flow diagram of the steps performed in connection with the IKE negotiation scenario of Figure 13. Figure 15 is a flow diagram for methods of back-up KAP functionality according to the present invention.

Figure 16 is a network diagram of an example wide area data communications network implementing an embodiment of the present invention.

Figure 17 is a block diagram that illustrates the hierarchical relationship between policy management, policy/key generation and distribution, and policy enforcement in accordance with an embodiment of the present invention.

Figure 18 is a block diagram of an example API for a transaction in accordance with an embodiment of the present invention.

Figure 19 is a block diagram of an example policy rule as part of a transaction details component of an API for a "replace" transaction in accordance with an embodiment of the present invention.

Figure 20 is a schematic of the overall system, in accordance with an embodiment of the present invention.

Figure 21 is a schematic of a portion of a network having a 10 Gb encryption arrangement according to the present invention.

Figure 22 is a schematic showing groups of paired encryption/decryption units within a system according to the present invention. DETAILED DESCRIPTION In the following description, like reference characters designate like or corresponding parts throughout the several views. Also in the following description, it is to be understood that such terms as "forward," "rearward," "front," "back," "right," "left," "upwardly," "downwardly," and the like are words of convenience and are not to be construed as limiting terms. For purposes of explaining aspects of various embodiments of the present invention, the following terms are defined and used herein:

The term "encryption" includes aspects of authentication, entitlement, data integrity, access control, confidentiality, segmentation, information control, and combinations thereof. Authentication includes the use of keys to sign packets to ensure that the packets have not been tampered with.

"Securing" implies both encrypting data in transit and authenticating that data to ensure that the data has not been manipulated in transit.

A "secure tunnel" between two devices ensures that data passing between the two devices is secured. A "security policy" (or simply "policy") for a secure tunnel defines data (or "traffic") to be secured by a source IP address, a destination IP address, a port number and/or a protocol. The security policy also defines a type of security to be performed.

A "key" for a secure tunnel is a secret information used to encrypt or to decrypt (or to authenticate and to verify) data in one direction of traffic in the secure tunnel. The "policies" for a secure tunnel define the traffic to be secured by source and destination IP address, port, and/or protocol. They also define the type of security to be performed.

A "security association" (SA) consists of all the information needed to characterize and exchange protected communications. Each SA includes various pieces of information that the IPsec procession routines can use to determine whether the SA is eligible to be applied to a particular inbound or outbound message. Each such item can have a specific value or values, to narrowly define those messages to which the SA applies; or a wildcard value, to indicate that an item is not relevant in evaluating traffic for the SA.

A "security group" (SG) is a collection of member end-nodes or subnets which are permitted to access or otherwise communicate with one another. A security policy may be configured with a security group and end nodes associated with that group. Further details of a preferred embodiment for configuring and distributing a security policy with a security group are contained in a co-pending United States Provisional Patent Application No. [ ] entitled MULTIPLE SECURITY GROUPS WITH COMMON KEYS ON DISTRIBUTED NETWORKS, filed [ ], assigned to CipherOptics, Inc., and which is hereby incorporated by reference in its entirety.

A security manager (SM) is a data processing device, typically a PC or a workstation, through which an administrative user can input and configure security policies 20. The SM 12 also acts as a secure server to store and provide access to such policies by other elements of the system.

A "Policy Enforcement Point" (PEP) is a software module that executes in a Security Gateway (SGW) on the data path that performs packet encryption and decryption as well as IPsec header generation on packets requiring security. It also passes or drops packets, and may be configured to perform additional functionality such as Static NAT or fragmentation. It is typically configured with security policies and SAs with security parameters indices (SPIs), and keys for encrypting and decrypting inbound and outbound packets a device that secures the data based on the policy.

A "Key Authorization Point" (KAP) is a module that creates the keys for some portion of security for a given tunnel. In IKE, this is done in coordination with a single peer as each side agrees on outbound and inbound keys. This might also be a single unit generating keys for traffic between a number of units. Or it may be a single SGW generating a key for outbound traffic on a given tunnel. This module also insures that all connections to a tunnel between SGWs have keys necessary to encrypt and decrypt data between the endpoints. In IKE, this is done as part of the phase 2 key exchange between two peers. It could also be a unit sharing its keys with another unit, or a device sharing keys with a group of SGW units. Note that the key distribution must be securely protected to prevent eavesdropping, tampering and to assure that the key exchange is with an authorized party, either through IKE Phase 1 (as in standard IKE) or with an established IKE tunnel passing the keys under Phase 2 as with normally encrypted traffic. One skilled the art will readily recognize the key distribution can be secured through other means. For example, the key distribution may be secured through TLS.

The present invention provides a powerful key and policy management software-based solution that enables secure data access and user interactions, and that enables users to securely access and interact with data they need and are authorized to access on predetermined, regular, and/or transactional bases from any point on the network without requiring changes in the existing infrastructure. The present invention system and methods controls and manages the establishment and activity for trusted, secure connections across a network that are created by end point security technologies. This flexible software solution does not require a separate infrastructure to affect changes in network access, key or policy management. Preferably, the system and methods of the present invention provide a network- independent solution layer or overlay that functions over the existing network infrastructure to control the policies, secure associations (SAs), and keys enabling secure communications and data access to authorized users at any point within the network. Because the present invention establishes an independent solution layer or overlay, it provides for essentially unlimited scalability and address management that is commercially practical to implement network-wide for all secure communication, data access, applications, and devices. Also, this flexible software overlay functions to provide dynamic modifications in real time without requiring changes to existing infrastructure or hardware. Therefore, use and implementation of the present invention is not limited to traditional networking or infrastructure.

The present invention provides a method and a system for automatically securing communication between two or more nodes in a distributed network. A distributed network comprises multiple nodes that are interconnected by multiple routers, bridges, and in different network topologies. In a distributed network, a node may be part of a smaller network such as an office LAN, or even a single node directly connected to the internet. The node can be connected to an unprotected network such as the internet either directly or through a gateway, router, firewall and other such devices that allow one or more nodes to connect to a network via a single point. The nodes can be computing devices such as laptops, desktops, handheld devices, mobile devices, cable access systems, and other devices capable of connecting to a network, or a network or such devices.

These nodes communicate with each other, or servers providing services such as web pages, email, voice over internet protocol (VoEP), video broadcasting, multicasting applications, streaming audio or video via unprotected networks. In certain cases, when the communication is between two nodes that are using the same network, this communication may be protected. However, most of the communication over the internet is unprotected. This means that the communication can be intercepted by anyone. This communication is protected by using cryptographic keys. One or more nodes are grouped together so that they communicate over the unprotected networks via a policy enforcement point (PEP). There are several such PEPs in the distributed network. The PEPs receives policies from a management and policy server (MAP). The MAP defines the policies that govern the communication of the PEPs and the nodes under the PEPs. There are one or more key authority points (KAP) that communicate with the MAP and generate cryptographic keys for PEPs. There are several configurations that are possible for arranging PEPs and KAPs within a network according to the present invention. By way of example, the system is operable for multiple Key Authority Points (KAPs) for one or more PEPs. Alternatively, the system and methods are functional where there is a single KAP that provides the keys for all the PEPs in a distributed network.

Based on the policies received from the MAP, the KAP generates cryptographic keys for each of the PEPs within its network as defined by the MAP. The PEPs use the cryptographic keys to encrypt communication from the nodes and networks that they protect to unprotected networks, decrypt communication from unprotected networks to the nodes and networks that they protect or both. All KAPs receive the policy definition from a single MAP. This policy definition informs the KAP which PEP it is responsible for, which networks the PEPs protect, and which KAP units they use. The KAP distributes the keys and policies associated with its networks and nodes to the appropriate PEPs.

In one embodiment, the KAPs send cryptographic keys to the PEPs. These keys are encrypted at the KAP with an encrypting key. The encrypting key is a pre-shared private key. The KAPs have a secure hardware module that stores the pre-shared private key and encrypts the cryptographic keys. The secure hardware module is tamper-proof and disables access if the KAP is attacked. The use of the secure hardware module prevents exposure of the cryptographic keys in memory or backplane, where they can be accessed in clear text. The secure hardware module's tamper proof feature enables it to shut down when it detects that it has been removed from the KAP. Hence, during attack, the cryptographic keys cannot be accessed, since they are stored in the secure hardware module which shuts down when it detects attack. Attack can be in the form of removal of the secure hardware module so that its memory can be independently accessed to gain access to the cryptographic key.

The present invention provides management techniques or methods and systems to provide secure networks with distributed keys wherein the key sharing and distribution is simplified, i.e., management of key sharing and distribution is handled by a MAP in secure communication with key authority point(s) (KAP) that generate the keys in accordance with communicated MAP policy or policies. The KAPs define the internet protocol (IP) address and name for each policy enforcement point (PEP), which define the nodes of the network. The KAP obtains IP address and name for each PEP automatically from the MAP. Then the KAPs define network sets, which include the list of networks or IP addresses that are protected by a given set of PEPs. The KAPs then distributes keys to the authenticated and authorized PEPs according to the prior step. In one embodiment of the present invention, when two PEPs are protecting the subnet, then the KAP provides the network set to be equivalent to the network.

By way of example, in a mesh network configuration, wherein five (5) PEPs are included in the mesh, the mesh is fully interconnected automatically via a hub and spoke arrangement wherein the hubs are the PEPs and secure communication functions across network channels therebetween. One group of a network set is the hub, and the rest are spokes. In a secure mesh of this configuration, hubs are authorized to communication or "talk" to spokes but not spokes to spokes. According to the present invention, if there are two (2) network sets, then they are treated as a single entity and a multicast of data or communication is automatically operable on that secure network.

In a multicast arrangement, the destination on a secure network is always a multicast or a broadcast. In a multicast, a source and at least one destination is involved, or both, which is a conference. Preferably the systems and methods of the present invention are applicable and operable over existing network management schemes without requiring a change in the hardware or configuration of the network.

In a particular embodiment as applied to IPSec, grouping of PEPs and KAPs in networks is protected, wherein the grouping is considered one entity that can be used in the policy. This provides for key sharing for multiple paths on PEPs and key distributors according to the present invention. This support for KAP and multiple PEPs provides for automatic predetermination of the configuration of the secure network.

More particularly, the present invention provides systems and methods for simplified management of secured networks with distributed keys and management of same for a data and/or communications network.

In such a system for simplified management of secure networks including at least one management server constructed and configured for communication through at least one network to at least one point or node on the network or subnets including remote communication device(s) each having at least one key with associated policies to ensure secure association within the network with other devices thereon.

Another aspect of the present invention provides methods for distributing keys to end point communication devices through network channels including providing a server-based key management system from a server on the network, the server including software operating thereon for providing a MAP having at least one policy or policies for distributing keys through at least one KAP to a multiplicity of policy end points (PEPs) on the network authenticated PEPs or nodes requesting secure access to the network, wherein the keys are distributed through previously authenticated authorized PEPs operating on a secured network.

In a preferred embodiment, the present invention provides systems and methods for providing a secure mesh network including at least one management server constructed and configured for communication through network channels to a multiplicity of PEPs on the network including nodes having remote communication device(s) each having at least one key, or a single key provided to more than one PEP, the key(s) provided through a key authority point (KAP) with associated policies managed by a MAP to ensure secure association within the network, wherein the steps include a device on the network requesting a mesh configuration, automatically authenticating and authorizing the device(s) through the MAP and KAP secure communication and distribution of keys to the PEPs and corresponding devices.

Thus, the present invention provides automatic security solutions for enterprise data and communications management within a secure network wherein the policies and keys are managed and distributed by MAP and KAPs, respectively, to PEPs for automatically configuring a network topography within the network for secure communication and/or data access by authenticated and authorized communication devices operating on the network.

The present invention provides a simplifying method to configure security settings for networks and subnets. Preferably, the system wherein the method is applied includes network sets having nodes distributed across the network. The policy enforcement points (PEPs) protect the nodes and provide security across the network and nodes using keys for security authorization and for encryption/decryption that are provided to the PEPs by at least one key authority point (KAP).

The system and method of the present invention are operable for a user to combine network sets to form a network topography wherein nodes across the network are functional to communicate across the network with other nodes and/or networks. By way of example, network topographies are selected from arrangements such as a mesh, hub-and-spoke, point-to- point, and combinations thereof. A network topography for a mesh arrangement provides for any node across the network to communicate directly to any other node within that network. A hub-and-spoke arrangement provides for communication from hub to spoke and spoke to hub, but does not permit hub-to-hub or spoke-to-spoke interaction. In the case of multicast, networks or nodes across a network are operable to function as senders, receivers, or both.

Significantly, systems and methods according to the present invention provide for a single configuration point for the combined network sets based upon the type of policy and/or type of encryption. Settings for the combined network set are defined by the MAP and pushed out through the MAP to KAP to PEPs for enforcement at the PEP level of the network without the user having to manually configure each node or network set within the network. This is uniquely provided by the present invention for the EDPM scenario wherein an entire network is configured and functions to provide a secure network for enterprise data policy management through a single MAP to KAP to a multiplicity of PEPs automatically, based upon the policy established at the MAP, which provides for key generation and distribution through the KAP to any PEPs authenticated and authorized according to the policy, regardless of the network configuration or topography. The nodes or network sets are combinable and configurable or re- configurable for cross communication based upon the established policy pushed down from the MAP to the KAP, they keys from which enable the communication at any PEP.

As best seen in Figure 2, a schematic shows a centralized software solution for providing and managing security for data and communications of a network in accordance with an embodiment of the present invention. The central node of this schematic provides the security of the network, wherein the EDPM (enterprise data protection management) technology includes the software overlay and becomes the central control and management solution for any network, without changing the network, IT, or enabling infrastructure represented by the outer nodes on this diagram. Within each of the nodes on this diagram, commercial product and/or software providers that are traditionally operating within those infrastructure areas are listed; these are representative of types of commercial providers in the space and are not intended to be limited thereto. This integrateable software security solution layer of the present invention enables centralized policy management, centralized key authority, group policy management with access control, universal key authority and distribution, open protocol via an intelligent overlay architecture for flexible and dynamic changes that are independent of the infrastructure. Thus, the intelligent overlay software according to the present invention provides a transparent security utility for any network, but is also not limited to networks; while typically in this detailed description of the present invention the solution overlay is described for a network, in addition to network security, the overlay software solution is operable for entitlement, authentication, access control, data integrity, confidentiality, segmentation, information control, compliance, information and/or flows, applications, database access, storage networks, IT infrastructure, communications networks such as cellular, and combinations thereof in addition to network, data and communication security. Significantly, multiple security solutions can be combined together with the present invention overlay on a common infrastructure.

Figure 3 shows a schematic diagram for the intelligent overlay of the present invention, including a management and policy server (MAP), at least one key authority point (KAP), that is designed to communicate through and open API to at least one policy enforcement point (PEP), wherein the MAP provides a centralized or distributed management arrangement having a single interface for policy definition and enforcement that operates to authenticate each PEP through existing AAA or other authentication services, and that pushes and enforces policy with the KAPs. The MAP is preferably centralized to coordinate policy and entitlements from one source, and ties in existing AAA services and NMS.

The KAPs function as a distribution layer; they are the key authority for the PEPs to generate and distribute security associations (SAs) and keys to PEPs, monitoring PEP operation, supporting tunnel, transport, and network modes, and allow distributed and redundant deployment of keys to PEPs, and combinations thereof. The PEPs are hardware or software- based PEPs, providing support for clients, blades, and appliances. The PEP policy and keys are enforced by the KAPs, while a PEP authenticates KAP. The KAP ensures that keys are sent only to the right places within the network, which provides for manageable scalability regardless of the number of PEPs or SAs required.

Furthermore, in a preferred embodiment of the present invention, the KAP is a universal KAP within the EDPM, and provides universal key generation and distribution services for the PEPs on the network. As such, the universal KAP ensures network infrastructure protection, Ethernet protection, disk protection, server protection, email protection, notebook computer protection, application protection, 802. IAE protection, IPSEC protection, database protection, SSL protection, other protection and combinations thereof, as shown in the schematic of Figure 4. According to the present invention, the KAP provides universal on-demand key generation services for all security needs, including secure information such as data rights, email, messaging, and identity; secure infrastructure such as database, data center storage, lifecycle management, and applications; and secure interaction such as transactions, endpoint security, web browsing, and on-line collaboration, and Figure 6 is a schematic diagram showing KAPs, PEPs and MAP nodes in a distributed network, in accordance with an embodiment of the present invention. A management and policy (MAP) server 604 and a key authority point (KAP) 606 are connected to a network node 608. Network node 608 connects to a policy enforcement point (PEP) 610. PEPs 612, 614 and 616 are also connected to PEP 610 via an unprotected network 618. Unprotected network 618 is a network of interconnected nodes and smaller networks, such as the internet or a local LAN or WAN. PEPs 612, 614 and 618 are connected to network nodes 620, 622 and 624 respectively. The network nodes may be individual network points or can be access points to sub-networks 626, 628 and 630. KAP 106 generates and sends keys to PEPs 610, 612, 614 and 616. The keys enable PEPs to encrypt and/or authorize communication between the PEPs 610, 612, 614 and 618 and the nodes behind the PEPs. In an alternate embodiment, MAP 604 and KAP 606 are implemented as programs that reside on network node 608. The software overlay solution ensures flexibility for multi-vendor support as illustrated in Figure 2 representative vendors, wherein this support flexibility is designed in through API according to an embodiment of the present invention. Significantly, network security is enforced at every end point or PEP on the network level through an open API; PEPs include any end point, by way of example and not limitation, mobile devices such as PDAs, storage, servers, VPN clients, and networking, and combinations thereof.

By sharp contrast to the prior art illustrated in Figure 7 PRIOR ART, wherein encryption in traditional data protection requires a large number of policies to provide a full mesh of secure interconnectivity, twice that number of security associations (SAs) for the same, and significant change to the network is required, the intelligent overlay for secure networks according to the present invention using EDPM requires a small, limited number of policies and SAs for a full mesh, and no change to the network infrastructure is required, as illustrated by the schematic of Figure 8. Alternative embodiments of the neworks using EDPM include but are not limited to a hierarchical structure, multicast group, and broadcast group. Figures 9-12 show schematics of various network configurations that are managed and protected by embodiments of the present invention.

Thus, the present invention provides a system for providing secure networks including a communication network having a network infrastructure; and an intelligent software overlay operating on a server in connection to the network for providing security for the network; wherein the intelligent software overlay further includes: a management and policy (MAP) server coupled to the network for communication with at least one key authority point (KAP), wherein the MAP includes at least one policy for providing secure association (SA) within the network; wherein the at least one KAP is operable to generate and manage keys provided to a multiplicity of policy end points (PEPs) through an open API; and wherein the intelligent overlay to the network independent of the network infrastructure, thereby providing a secure, flexible network security solution. This intelligent overlay provides centralized management by software over the hardware and network infrastructure without changing it, and is dynamically modifiable to reconfigure secure PEP interactivity without requiring change to the network infrastructure. The present invention also provides a method for providing secure interactivity between points on a network including the steps of: providing a communication network having a network infrastructure between at least two policy end points (PEPs); providing an intelligent software overlay that is independent of the network infrastructure, the software overlay operating on a server in connection to the network for providing security for the network; wherein the intelligent software overlay further includes: a management and policy (MAP) server coupled to the network for communication with at least one key authority point (KAP); the MAP establishing and managing at least one policy for providing secure association (SA) between PEPs within the network; the KAP generating and managing keys and providing them to the PEPs through an open API; and the PEPs having secure exchange over the network using the keys provided by the

KAP.

Preferably, the system and methods of the present invention provide a network- independent solution layer or overlay that functions over the existing network infrastructure to control the policies, secure associations (SAs), and keys provided by a universal key authority point (KAP) to a multiplicity of policy enforcement points (PEPs) for enabling secure communications and data access to authorized users at any point within the network to other points, based upon the policies managed and provided by a management and policy server (MAP). The present invention provides for essentially unlimited scalability and address management that is commercially practical to implement network-wide for all secure communication, data access, applications, and devices, regardless of the type or form of encryption used by a particular device or hardware within the network. Also, the flexible software overlay for MAP and KAP functions within the system provides for dynamic modifications in real time without requiring changes to existing infrastructure or hardware, and without regard to the form of encryption thereon. Therefore, use and implementation of the present invention is not limited to traditional networking or infrastructure and is not limited to a single encryption form or type.

The present invention provides a method and a system for automatically securing communication between two or more nodes in a distributed network that use a single shared key or separate keys generated and distributed by a universal key authority point based upon a policy or policies managed by a management and policy server for the entire network.

A distributed network includes multiple nodes that are interconnected by multiple routers, bridges, etc. and that may be connected in a variety of different network topologies. In a distributed network, a node may be part of a smaller network such as an office LAN, or even a single node directly connected to the internet. The node can be connected to an unprotected network such as the Internet either directly or through a gateway, router, firewall and/or other such devices that allow one or more nodes to connect to a network via a single point. The nodes include computing devices such as, by way of example and not limitation, laptops, desktops, handheld devices, mobile devices, cable access systems, and other devices capable of connecting to a network, or a network of such devices.

These nodes communicate with each other, or servers providing services such as web pages, email, voice over internet protocol (VoIP), video broadcasting, multicasting applications, streaming audio or video via unprotected networks. In certain cases, when the communication is between two nodes that are using the same network, this communication may be protected. However, most of the communication over the internet is unprotected. This means that the communication can be intercepted by anyone. This communication is protected by using cryptographic keys. One or more nodes are grouped together so that they communicate over the unprotected networks via at least one policy enforcement point (PEP). Typically there are several PEPs in a distributed network. The PEPs receives policies from a management and policy server (MAP). The MAP defines the policies that govern the communication of the PEPs and the nodes under the PEPs. There are one or more key authority points (KAP) that communicate with the MAP and generate one or more cryptographic keys for PEPs. There are several configurations operable for arranging PEPs and KAPs within a network according to the present invention. By way of example, the system is operable for multiple KAPs, including peer KAPs, for one or more PEPs. Alternatively, the system and methods are functional where there is a single KAP that provides the keys for all the PEPs in a distributed network.

Based on the policies received from the MAP, the universal KAP of the present invention generates one or more cryptographic keys for each of the PEPs, or a single key to be shared by PEPs, within its network as defined by the MAP. The PEPs use the cryptographic keys to encrypt communication from the nodes and networks that they protect to unprotected networks, decrypt communication from unprotected networks to the nodes and networks that they protect or both. The universal KAP receives the policy definition from a single MAP. This policy definition informs the KAP about the PEPs it is responsible for, which networks the PEPs protect, and which KAP units they use. The KAP distributes the keys and policies associated with its networks and nodes to the appropriate PEPs.

In a system according to the present invention, a user defines the global networks and the MAP policy is established consistent with those definitions. The MAP then pushes down a meta policy to a universal KAP, which turns it into specific policies and corresponding keys for individual PEPs within the network. In one embodiment, the PEPs use a tunnel mode that includes a separate header for source and destination to provide a gateway for point to point connection. The inner header is copied to an outer header so that the same source and destination and layer 2 address is provided. This enables its use for load balancing or multicasting because the universal KAP and keys provided thereby to the PEPs provide for secure associations and communication across the network regardless of the form of encryption. The key(s) provided by the KAP enable any authorized PEP to communicate securely on the network even if the routing or distribution channel is modified for load balancing or multicasting.

In one embodiment, the universal KAP sends cryptographic keys to the PEPs or to peer KAPs based upon the policy communicated to the KAP by the MAP. Peer KAPs provide for separate distributors for separate networks. The keys are encrypted at the universal KAP with an encrypting key, which may include a pre-shared private key. Preferably, the universal KAP includes a secure hardware module that stores the pre-shared private key and encrypts the cryptographic keys. The secure hardware module is tamper-proof and disables access if the KAP is attacked. The use of the secure hardware module prevents exposure of the cryptographic keys in memory or backplane, where they can be accessed in clear text. The secure hardware module's tamper-proof feature enables it to shut down when it detects that it has been removed from the KAP. Hence, during attack, the cryptographic keys cannot be accessed, since they are stored in the secure hardware module which shuts down when it detects attack. Attack can be in the form of removal of the secure hardware module so that its memory can be independently accessed to gain access to the cryptographic key. In any case, the keys provided by the KAP to the PEPs or to peer KAPs provide for secure, authorized communication across the network regardless of the form of encryption used by devices and/or hardware at nodes on the network.

The present invention provides management techniques or methods and systems to provide secure networks with distributed keys wherein the key sharing and distribution is simplified, i.e., management of key sharing and distribution is handled by a MAP in secure communication with key authority point(s) (KAP) that generate the keys in accordance with communicated MAP policy or policies. The KAPs define the internet protocol (IP) address and name for each policy enforcement point (PEP), which define the nodes of the network. The KAP obtains IP address and name for each PEP automatically from a cryptoview software program. Then the KAP defines network sets, which include the list of networks or IP addresses that are protected by a given set of PEPs; peer KAPs provide for separate distributors for separate networks and corresponding PEPs. The universal KAP then distributes keys to the authenticated and authorized PEPs or peer KAPs according to the prior step. In one embodiment of the present invention, when two PEPs are protecting the subnet, then the KAP provides the network set to be equivalent to the network.

By way of example, in a mesh network configuration, wherein five (5) PEPs are included in the mesh, the mesh is fully interconnected automatically via a hub and spoke arrangement wherein the hubs are the PEPs and secure communication functions across network channels therebetween. One group of a network set is the hub, and the rest are spokes. In a secure mesh of this configuration, hubs are authorized to communication or "talk" to spokes but not spokes to spokes. According to the present invention, if there are two (2) network sets, then they are treated as a single entity and a multicast of data or communication is automatically operable on that secure network.

In a multicast arrangement, the destination on a secure network is always a multicast or a broadcast. In a multicast, a source and at least one destination is involved, or both, which is a conference.

Preferably the systems and methods of the present invention are applicable and operable over existing network management schemes without requiring a change in the hardware or configuration of the network.

In a particular embodiment as applied to IPSec, grouping of PEPs and KAPs in networks is protected, wherein the grouping is considered one entity that can be used in the policy. This provides for key sharing for multiple paths on PEPs and key distributors according to the present invention. This support for KAP and multiple PEPs provides for automatic predetermination of the configuration of the secure network.

More particularly, present invention provides systems and methods for simplified management of secured networks with distributed keys and management of same for a data and/or communications network through a universal KAP to PEPs or to peer KAPs for separate networks.

In such a system for simplified management of secure networks including at least one management server constructed and configured for communication through at least one network to at least one point or node on the network or subnets including remote communication device(s) each having at least one key, or a single key for multiple PEPs, with associated policies to ensure secure association within the network with other devices thereon.

Another aspect of the present invention provides methods for distributing keys to end point communication devices through network channels including providing a server-based key management system from a server on the network, the server including software operating thereon for providing a MAP having at least one policy or policies for distributing keys through a universal KAP to a multiplicity of policy end points (PEPs) and/or to peer KAPs on the network for authenticated devices requesting secure access to the network, wherein the keys are distributed through previously authenticated authorized PEPs operating on the secured network.

In a preferred embodiment, the present invention provides systems and methods for providing a secure mesh network including at least one management server constructed and configured for communication through network channels to a multiplicity of PEPs on the network including nodes having remote communication device(s) each having at least one key, or a single key for several PEPs, the key(s) provided through the universal KAP for a given network, with associated policies managed by a MAP to ensure secure association within that network, wherein the steps include a device on the network requesting a particular network configuration or topography, automatically authenticating and authorizing the PEPs and corresponding nodes and their respective device(s) through the MAP and KAP secure communication and distribution of keys to the PEPs, regardless of the encryption form used for any given device or hardware at the nodes. Thus, the present invention provides automatic security solutions for enterprise data and communications management within a secure network wherein the policies and keys are managed and distributed by MAP and universal KAPs, respectively, to PEPs for automatically configuring a network topography within the network for secure communication and/or data access by authenticated and authorized communication nodes and devices operating on the network.

The present invention provides a simplifying method to configure security settings for networks and subnets. Preferably, the system wherein the method is applied includes network sets having nodes distributed across the network. The policy enforcement points (PEPs) protect the nodes and provide security across the network and nodes using keys for security authorization and for encryption/decryption that are provided to the PEPs by the universal KAP, directly or indirectly.

The system and method of the present invention are operable for a user to combine network sets to form a network topography wherein nodes across the network are functional to communicate across the network with other nodes and/or networks. By way of example, network topographies are selected from arrangements such as a mesh, hub-and-spoke, point-to- point, and combinations thereof. A network topography for a mesh arrangement provides for any node across the network to communicate directly to any other node within that network. A hub-and-spoke arrangement provides for communication from hub to spoke and spoke to hub, but does not permit hub-to-hub or spoke-to-spoke interaction. In the case of multicast, networks or nodes across a network are operable to function as senders, receivers, or both. Where separate networks are provided, separate distributors or KAPs are operable to distribute the keys and policies from the universal KAP to the PEPs on those networks.

Significantly, systems and methods according to the present invention provide for a single configuration point for the combined network sets based upon the type of policy but not being dependent upon the type or form of encryption at any node or for any packet or data communicated on the network. Settings for the combined network set are defined by the MAP and pushed out through the MAP to KAP to PEPs for enforcement at the PEP level of the network without the user having to manually configure each node or network set within the network. This is uniquely provided by the present invention for the EDPM scenario wherein an entire network is configured and functions to provide a secure network for enterprise data policy management through a single MAP to KAP to a multiplicity of PEPs automatically, based upon the policy established at the MAP, which provides for key generation and distribution through the KAP to any PEPs authenticated and authorized according to the policy, regardless of the network configuration or topography. The nodes or network sets are combinable and configurable or re-configurable for cross communication based upon the established policy pushed down from the MAP to the KAP, the keys from which enable the communication at any PEP.

As best seen in Figure 2, a schematic shows a centralized software solution for providing and managing security for data and communications of a network in accordance with an embodiment of the present invention. The central node 202 of this schematic provides the security of the network, wherein the EDPM (enterprise data protection management) technology includes the software overlay and becomes the central control and management solution for any network, without changing the network, IT, or enabling infrastructure represented by the outer nodes on this diagram. Within each of the nodes on this diagram, commercial product and/or software providers that are traditionally operating within those infrastructure areas are listed; these are representative of types of commercial providers in the space and are not intended to be limited thereto. This integrateable software security solution layer of the present invention enables centralized policy management, centralized key authority, group policy management with access control, universal key authority and distribution, open protocol via an intelligent overlay architecture for flexible and dynamic changes that are independent of the infrastructure. Thus, the intelligent overlay software according to the present invention provides a transparent security utility for any network, but is also not limited to networks; while typically in this detailed description of the present invention the solution overlay is described for a network, in addition to network security, the overlay software solution is operable for entitlement, authentication, access control, data integrity, confidentiality, segmentation, information control, compliance, information and/or flows, applications, database access, storage networks, IT infrastructure, communications networks such as cellular, and combinations thereof in addition to network, data and communication security. Significantly, multiple security solutions can be combined together with the present invention overlay on a common infrastructure.

Figure 3 shows a schematic diagram for the intelligent overlay of the present invention, including a management and policy server (MAP), at least one key authority point (KAP), that is designed to communicate through and open API to at least one policy enforcement point (PEP). MAP 302 provides a centralized or distributed management arrangement having a single interface for policy definition and enforcement that operates to authenticate each PEP 306 through existing AAA or other authentication services, and that pushes and enforces policy with the KAPs 304. The MAP 302 is preferably centralized to coordinate policy and entitlements from one source, and ties in existing AAA services and NMS. The KAPs 304 function as a distribution layer; they are the key authority for the PEPs

306 to generate and distribute security associations (SAs) and keys to PEPs, monitoring PEP operation, supporting tunnel, transport, and network modes, and allow distributed and redundant deployment of keys to PEPs, and combinations thereof. The PEPs 306 are hardware or software- based PEPs, providing support for clients, blades, and appliances. The PEP policy and keys are enforced by the KAPs 304, while a PEP 306 authenticates KAP 304. The KAP 304 ensures that keys are sent only to the right places within the network, which provides for manageable scalability regardless of the number of PEPs 306 or SAs required.

Furthermore, in a preferred embodiment of the present invention, the KAP is a universal KAP within the EDPM, and provides universal key generation and distribution services for the PEPs on the network. As such, the universal KAP ensures network infrastructure protection, Ethernet protection, disk protection, server protection, email protection, notebook computer protection, application protection, 802. IAE protection, IPSEC protection, database protection, SSL protection, other protection and combinations thereof, as shown in the schematic of Figure 4. According to the present invention, the KAP provides universal on-demand key generation services for all security needs, including secure information such as data rights, email, messaging, and identity; secure infrastructure such as database, data center storage, lifecycle management, and applications; and secure interaction such as transactions, endpoint security, web browsing, and on-line collaboration, and combinations thereof, as illustrated in the schematic of Figure 5. The software overlay solution ensures flexibility for multi-vendor support as illustrated in Figure 2 representative vendors, wherein this support flexibility is designed in through API according to an embodiment of the present invention. Significantly, network security is enforced at every end point or PEP on the network level through an open API; PEPs include any end point, by way of example and not limitation, mobile devices such as PDAs, storage, servers, VPN clients, and networking, and combinations thereof.

Figure 6 is a schematic diagram showing KAPs, PEPs and MAP nodes in a distributed network, in accordance with an embodiment of the present invention. A management and policy (MAP) server 604 and a key authority point (KAP) 606 are connected to a network node 608. Network node 608 connects to a policy enforcement point (PEP) 610. PEPs 612, 614 and 616 are also connected to PEP 610 via an unprotected network 618. Unprotected network 618 is a network of interconnected nodes and smaller networks, such as the internet or a local LAN or WAN. PEPs 612, 614 and 618 are connected to network nodes 620, 622 and 624 respectively. The network nodes may be individual network points or can be access points to sub-networks 626, 628 and 630. KAP 606 generates and sends keys to PEPs 610, 612, 614 and 616. The keys enable PEPs to encrypt and/or authorize communication between the PEPs 610, 612, 614 and 618 and the nodes behind the PEPs. In an alternate embodiment, MAP 604 and KAP 606 are implemented as programs that reside on network node 608.

By sharp contrast to the prior art illustrated in Figure 7 (Prior Art), wherein encryption in traditional data protection requires a large number of policies to provide a full mesh of secure interconnectivity, twice that number of security associations (SAs) for the same, and significant change to the network is required, the intelligent overlay for secure networks according to the present invention using EDPM requires a small, limited number of policies and SAs for a full mesh, and no change to the network infrastructure is required, as illustrated by the schematic of Figure 8. Alternative embodiments of the neworks using EDPM include but are not limited to a hierarchical structure, multicast group, and broadcast group.

Thus, the present invention provides a system for providing secure networks including a communication network having a network infrastructure; and an intelligent software overlay operating on a server in connection to the network for providing security for the network; wherein the intelligent software overlay further includes: a management and policy (MAP) server coupled to the network for communication with at least one key authority point (KAP), wherein the MAP includes at least one policy for providing secure association (SA) within the network; wherein the at least one KAP is operable to generate and manage keys provided to a multiplicity of policy end points (PEPs) through an open API; and wherein the intelligent overlay to the network independent of the network infrastructure, thereby providing a secure, flexible network security solution. This intelligent overlay provides centralized management by software over the hardware and network infrastructure without changing it, and is dynamically modifiable to reconfigure secure PEP interactivity without requiring change to the network infrastructure. The present invention also provides a method for providing secure interactivity between points on a network including the steps of: providing a communication network having a network infrastructure between at least two policy end points (PEPs); providing an intelligent software overlay that is independent of the network infrastructure, the software overlay operating on a server in connection to the network for providing security for the network; wherein the intelligent software overlay further includes: a management and policy (MAP) server coupled to the network for communication with at least one key authority point (KAP), including a universal KAP; the MAP establishing and managing at least one policy for providing secure association (SA) between PEPs within the network; the universal KAP generating and managing keys and providing them to the PEPs and/or to peer KAPs through an open API; and the PEPs having secure exchange over the network using the keys provided directly or indirectly by the KAP, regardless of the form of encryption on any device or corresponding node on the network.

As set forth hereinabove, the system and methods of the present invention provide for functional, dynamic security groups on a given network both inside and outside organizational boundaries and across geographical locations. The result is a flexible security solution that is operable to be responsive to different security requirements for different groups of users and applications.

In a system according to the present invention, a user defines the global networks and the MAP policy is established consistent with those definitions. The MAP then pushes down a meta policy to at least one KAP, which turns it into specific policies and corresponding keys for individual PEPs within the network. In one embodiment, the PEPs use a tunnel mode that includes a separate header for source and destination to provide a gateway for point to point connection. The inner header is copied to an outer header so that the same source and destination and layer 2 address is provided. This enables its use for load balancing or multicasting because the universal KAP and keys provided thereby to the PEPs provide for secure associations and communication across the network regardless of the form of encryption. The key(s) provided by the KAP enable any authorized PEP to communicate securely on the network even if the routing or distribution channel is modified for load balancing or multicasting.

The system for providing secure networks includes a communication network having a network infrastructure and software operating on a management and policy (MAP) server in connection to the network for providing security for the network; at least two key authority points (KAPs), including a primary KAP and a back-up KAP, wherein the MAP includes at least one policy for providing secure association (SA) between policy enforcement points (PEPs) having nodes within the network. The primary KAP is operable to generate, distribute, and manage key(s) communicated to the multiplicity of PEPs and the back-up KAP is operable to function as the primary KAP in any event that prevents the primary KAP from functioning to ensure that the network automatically provides a network topography of secure communication based upon the policy and keys distributed to the PEPs for any encryption form at the nodes.

In the event that the back-up KAP is required to take over functions for a non-functioning or missing primary KAP, the back-up KAP is operable to force a re-key for all policies upon taking over functions for the primary KAP; thereafter, the primary KAP is operable to use re-key to recover. Advantageously, the back-up KAP is operable to gain full knowledge of the network and store keys without transferring keys or interrupting traffic on the network.

The present invention also provides a method for providing secure interactivity between points on a network including the steps of: providing a communication network having a network infrastructure between at least two policy end points (PEPs); providing an intelligent software overlay that is independent of the network infrastructure, the software overlay operating on a server in connection to the network for providing security for the network; wherein the intelligent software overlay further includes: a management and policy (MAP) server coupled to the network for communication with at least two key authority points (KAPs), including a primary and a back-up KAP; the MAP establishing and managing at least one policy for providing secure association (SA) between PEPs within the network; the primary KAP generating, distributing, and managing keys and providing them to the

PEPs and/or to peer KAPs through an open API; the PEPs having secure exchange over the network using the keys provided directly or indirectly by the KAP, regardless of the form of encryption on any device or corresponding node on the network; and the back-up KAP functioning identically to the primary KAP in the event of the primary KAP being inoperable or unable to function normally.

The state functioning of the primary and backup KAP is described below and illustrated in the flow diagram of Figure 15: 1. Backup/primary should be in configuration of KAP.

An implementation could be done where the setting of backup or primary was in the metapolicy sent from the MAP.

2. Create KAP running state: BackupWaiting BackupRunning

PrimaryRunning PrimaryWaiting This is preferably best done adding an item to KGDPStatus.

3. Add message BackupCompareStatus(KGDPStatus status) which returns getCoreStatus (no node information).

KGDPStatus status BackupCompareStatus(KGDPStatus status)

Sends the sender's status from getCoreStatus()

The receiver should check the name and version with the receiver's getCoreStatus():

If these do not match and if the sender's timestamp is older, the receiver should sent DistributePolicyMessage(meta,deployedStatus) with its metapolicy.

Note: This should be sent independent of returning from the BackupCompareStatus() call (e.g. a separate thread).

Note: We may need to change the status timestamp to use the meta install time.

Returns the receiver's status from getCoreStatus() In all cases, on unit startup, this should block until the metapolicy has been loaded from the file (either success or fail).

This is to ensure the information returned in status is current.

4. Power up in waiting state based on primary/backup configuration. On power up, load the stored metapolicy and state and determine if the KAP is primary or backup.

In backup, do not call _manager.start(). Enter the running state accordingly PrimaryWaiting BackupWaiting

5. State activities

PrimaryWaiting (Entered only at startup)

Load metapolicy and state. If no metapolicy or no backup defined in metapolicy:

Enter PrimaryRunning state

Continue with installlnitialMetapolicy using the metapolicy loaded from the file (if any).

If backup in metapolicy:

Proceed with installlnitialMetapolicy through createComrnunicationDestinations(). Send backup KAP BackupCompareStatus(coreStatus). We can use the blocking call here.

(Note: Primary only sends BackupCompareStatus on metapolicy load - not on a periodic basis.)

Don't call _manager.start() yet

If no reply in timeout period:

Enter PrimaryRunning state Continue with installlnitialMetapolicy using the metapolicy loaded from the file.

If in the returned status, the metapolicy name and version match the stored info:

Enter PrimaryRunning state

Continue with installlnitialMetapolicy using the metapolicy loaded from the file.

If in the returned status, the metapolicy does not match and is older: Set independent call to DistributePolicyMessage to the backup KAP with the stored metapolicy.

Enter PrimaryRunning state

Continue with installlnitialMetapolicy using the metapolicy loaded from the file.

If the returned status has a new metapolicy name or version: Enter PrimaryRunning state

Remove the metapolicy loaded from the file (set _meta to null)

Continue with installlnitialMetapolicy.

Note this will start the KAP with no loaded policies waiting for a new metapolicy.

The backup should see the mismatch and send a new metapolicy. Note that the primary stays in PrimaryWaiting and not monitoring the message queue (no

_manager.start() call) until a timeout or a reply occurs.

Received messages:

GetStatus:

Return getCoreStatus while in PrimaryWaiting. BackupCompareStatusCstatus)

Compare status and, if backup older, send DistributePolicyMessage(currentMetapo]icy, deployedStatus).

Reply with getCoreStatus() Place other messages on the queue as they are now.

PrimaryRunning: Same as current.

BackupCompareStatus(status)

Compare status and, if backup older, send DistributePolicyMessage(currentMetapolicy, deployedStatus). Reply with getCoreStatus()

BackupWaiting

On entry: clearExistingMetapolicy to delete nodes, policies and keys.

At defined interval: Send BackupCompareStatus(coreStatus) to primary KAP

If no reply after backup wait timeout (configured), enter BackupRunning state.

If metapolicy matches but deploy status has changed to DEPLOYED, store this in the state file.

If the primary metapolicy doesn't match and is older, send DistributePolicyMessage(currentMetapolicy, deployedStatus).

Note: Even if primary gets another from MAP at the same time, it will just ignore one as a repeat.

Received messages:

GetStatus: Return getCoreStatus.

BackupCompareStatus(status)

Compare status and, if backup older, send DistributePolicyMessage(currentMetapolicy, deployedStatus).

If metapolicy matches but deploy status has changed to DEPLOYED, store this in the state file.

Reply with getCoreStatus() distributeNewPolicy(meta)

Check, store and update status with name as is done now.

Note: Don't put message on queue. Ignore other messages but reply appropriately.

BackupRunning

On entry:

Call KGDPManager.startO Subsequently, behave exactly as the primary (same as now) except as noted below.

At defined interval:

Send BackupCompareStatus(coreStatus) to primary KAP

If primary replies:

If the primary metapolicy doesn't match and is older, send DistributePolicyMessage(currentMetapolicy, deployedStatus).

Enter BackupWaiting state

Received messages:

GetStatus:

Return getCoreStatus. BackupCompareStatus(status)

If the primary metapolicy doesn't match and is older, send DistributePolicyMessage(currentMetapolicy, deployedStatus).

If metapolicy matches but deploy status has changed to DEPLOYED, store this in the state file. Enter BackupWaiting state

Reply with getCoreStatus()

Other messages handled as current (as PrimaryRunning)

6. Modify MAP and peer KAPs to send all messages to backup as well as to primary.

As set forth hereinabove, the system and methods of the present invention provide for functional, dynamic security groups on a given network both inside and outside organizational boundaries and across geographical locations, including full KAP functionality using a primary and back-up KAP to ensure uninterrupted traffic. The result is a flexible security solution that is operable to be responsive to different security requirements for different groups of users and applications, all while providing back-up KAP functionality without interrupting network traffic or transferring keys.

Figure 13 illustrates an example wide area data communications network 100 implementing an embodiment of the present invention. In the network 100, Local network 50 generally includes a number of data processors and data processing functions including end nodes 10 (i.e. 10-A-l), Security Manager (SM) 12, a KAP 14, an inter-networking devices 16-A (such as a router or a switch), and one or more PEPs 20- A-I and 20-A-2.

Typically, the network 100 has at least one other location, Remote Network 60.

Remote Network 60 also includes end nodes 10 (i.e. 10-B-l), an inter-networking devices 16-B (such as a router or a switch). A standard IKE stack (not shown) resides, for example, on the end nodes 10-B-l and 10-B-2. Remote Network 60 can further include IP-masquerading devices such as network address translation 30.

The end notes 10-A-l, 10-A-2, 10-B-l, 10-B-2... (collectively, end nodes 10) in Remote Network 60 and Local Network 50 may be typically client computers, such as Personal Computers (PCs), workstations, Personal Digital Assistants (PDAs), digital mobile telephones, wireless network-enabled devices and the like. Additionally, the end nodes 10 may be also be file servers, video set top boxes, other data processing machines, or any other device capable of being networked from which messages are originated and to which messages are destines.

Messages (or traffic) sent to and from the end nodes 10 typically take the form of data packets in the well known Internet Protocol (IP) packet format. As is well known in the art, an IP packet may encapsulate other networking protocols such as the Transmission Control

Protocol (TCP), the user Datagram Protocol (UDP), or other lower and higher level networking protocols.

As addressed earlier, in contrast to networks implementing data protection managing technologies that can work either for multiple paths in a redundant network or for many networks in a multicast scenario, an end node with standard IKE stacks located in Remote

Network 60 is insufficient for distributing keys to multiple PEP 20 units. The system implemented in a standard IKE stack is a point-to-point connection with keys installed on each point. The end node 10-B-l, for example, is not configured to copy the inner address to the outer header of an IP address. For the same reason, Remote Network 60 cannot support multicast traffic.

The embodiment shown in Figure 13 solves this problem associated with standard IKE stacks by extending the concept of IKE to allow distribution of keys and policies to multiple devices using the distributed key protocol, thereby providing an interface between the local network with data protection managing technologies and the remote IKE stack. A single device in Local Network 50 using IKE can provide the IKE interface to the end nodes 10-B-l and 10-B- 2.

As well known in the art, IKE is done in two phases. In a first phase (IKE Phase 1), a connection between Local Network 50 and Remote Network 60 is started in the clear. Using public key cryptographic mechanisms, where two parties can agree on a secret key by exchanging public data without a third party being able to determine the key, each party can determine a secret for use in the negotiation. Public key cryptography requires each party either share secret information (pre-shared key) or exchange public keys for which they retain a private, matching, key. This is normally done with certificates (Public Key Infrastructure or PKI). Either of these methods authenticates the identity of the peer to some degree.

Once a secret has been agreed upon in IKE Phase 1, a second phase (IKE Phase 2) can begin where the specific secret and cryptographic parameters of a specific tunnel are developed. All traffic in phase 2 negotiations are encrypted by the secret from phase 1. When these negotiations are complete, a set of secrets and parameters for security have been agreed upon by the two parties and IPsec secured traffic can commence.

Referring to Figure 13, when the policies are deployed, the SM 12 sends meta- policies 22 to a KAP 14. The meta-policies contain all the information regarding each policy that was defined in the SM. This information includes the types of policies for handling received traffic: clear, drop, or IPsec; the KAP 14 required for each policy; and the PEPs 20-A-l, 20-A-2 that will require the policies and keys. This information can be defined by using an SM user interface.

For any transfer of data between two PEPs where one PEP passes encrypted data over an unsecured network to anther PEP, both PEPs must share a key. One PEP uses the shared key to encrypt the data for transmission over the unsecured network, while the second PEP uses the key shared with the first PEP to decrypt the data.

Figure 14 illustrates an example process 200 for the steps performed in connection with the IKE negotiation scenario in accordance with one embodiment. In step 201, the policy of the PEPs 20-A-l, 20-A-2 is configured to allow IKE traffic (UDP port 500) to pass through the KAP 14. Step 205 establishes a network security negotiation such as IKE between KAP 14 of Local Network 50 and IKE stack in Remote Network 60. In continuing the network security negotiation, the process 200 uses standard mechanisms such as certificates, preshared keys, nonce, Kerberos token, hash/notification, and signatures as indicated in step 210. Next, in step 215, the KAP 14 creates a new policy. This policy is deployed to the PEPs 20-A-a, 20-A-2, including local and remote IP addresses or ranges for the encrypted traffic, remote tunnel IP address, selector sections, policy settings, encryption and authentication keys and the SPI, and expiration time.

Referring to both Figures 13 and 14, once a security tunnel is created between Remote Network 60 and Local Network 50, traffic can proceed from Remote Network 50 through any of the protecting PEPs 20-A-l, 20-A-2 and encrypted packet is exchanged as in step 220. In step 225, the encrypted packet is decrypted according to the new policy upon receipt of the packet. Although the packet is address to the KAP 14, the new policy at the PEPs strips the outer header during the decryption so that the packet would not be directed to the KAP 14. In step 240, the decrypted packet originated from Remote Network 60 is sent to an appropriate end node located in Local Network 50. In step 230, Remote Network 60 and Local Network 50 optionally renegotiate IPSec SAs. The process 200 periodically repeats the steps 205, 210, 215, 220 and 225.

If Remote Network 60 is equipped with located behind a Network Address Translator 30 (NAT), Local Network 50 can be standard IPsec NAT Traversal 16 (IKE NAT-T). Although

NATs help concerve the remaining IP address space, they also introduce problems for end-to-end protocols such as IPsec. With IPsec NAT-T 16, Local Network 50 is capable during the IPsec negotiation process automatically to determine:

- Whether both Remote Network 60, the initiating IPsec peer, and Local Network 50, the responding IPsec peer, can perform IPsec NAT-T 16; and

- If there are any NATs in the path between them.

If both of these conditions are true, both Local Network 50 and Remote Network 60 automatically use IPsec NAT-T 16 to send IPsec-protected traffic across NAT 30. If either peer does not support IPsec NAT-T 16, then normal IPsec negotiations (beyond the first two messages) and IPsec protection is performed. If both Remote Network 60 and Local Network 50 support IPsec NAT-T 16 and there are no NATs between them, normal IPsec protection is performed.

Figure 16 illustrates an example wide area data communications network 100 implementing an embodiment of the present invention. In the network 100, a location 21-a generally has a number of data processors and functions including end nodes 10-a-l and 10-a-2, a Management and Policy Server (MAP) function 11-a, a Key Authority Point (KAP) function 14^a, an inter-networking device 16-a, such as a router or a switch, and a Policy Enforcement Point (PEP) function 20-a. Typically, the network 100 includes at least one other location, such as location 21-b that implements end nodes 10-b-l and 10-b-2, a MAP function 11-b, a KAP function 14-b, and PEP functions 20-b-l and 20-b-2.

Locations 21-a and 21-b may be subnets, physical Local Area Network (LAN) segments, or other network architectures. The locations 21-a and 21-b may typically be logically separate from each other and from other locations 21. A location 21 may be a single office that may have only a few computers, or may be a large building, complex, or campus that has many different data processing machines installed therein. For example, location 21-a may be a west coast headquarters office located in Los Angeles and location 21-b may be an east coast sales office located in New York.

The end nodes 10-a-l, 10-a-2, 10-b-l, and 10-b-2 (collectively, end nodes 10) in a location 21 may be typical client computers, such as Personal Computers (PCs), workstations, Personal Digital Assistants (PDAs), digital mobile telephones, wireless network-enabled devices, and the like. Additionally, the end nodes 10 may be file servers, video set top boxes, data processing machines, or other devices capable of being networked from which messages are originated and to which messages are destined. Messages (or traffic) sent to and from the end nodes 10 typically take the form of data packets in an Internet Protocol (IP) packet format or layer-2 formats. As is well known in the art, an IP packet may encapsulate other networking protocols such as Transmission Control Protocol (TCP), User Datagram Protocol (UDP), or other lower level and higher level networking protocols. In the example wide area data communications network 100, the Policy Enforcement

Points (PEPs) 20 cooperate with the Management and Policy Servers (MAPs) 11, and the Key Authority Points (KAPs) 14 to secure message traffic between the end nodes 10 according to security policies. Recall that a security policy (or "policy") defines data (or "traffic") to be secured by a source IP address, a destination IP address, a port number, and/or a protocol on a network layer (layer-3), or over a data link (layer-2). The security policy also defines a type of security to be performed on the traffic.

At each location 21 there is a Management and Policy Server (MAP) 11 (e.g., the MAP 11-a at the location 21-a). Each MAP 11 is a data processing device, typically a PC or a workstation, through which an administrative user inputs and configures high level security policies. The MAP 11 also acts as a secure server that stores and provides access to security policies by other elements or functions of the example wide area data communications network 100. The KAPs 14, and PEPs 20 cooperate to secure message traffic between the end nodes 10 according to security policies. Each KAP function 14 is responsible for generating and distributing "secret data" known as encryption keys to their respective PEP functions 20. For example, the KAP function 14-a generates and distributes keys to the PEP function 20-a. In general, traffic between the modules described above is either local (within a single device) or protected by a secure tunnel in a wide area network 24 that provides the wide area connections between locations 21. The example network 100 includes at least one Security Group (SG) 40. Recall that a SG is a collection of member end-nodes or subnets that are permitted to access or otherwise communicate with each other. Also recall that a security policy may be configured with a SG and end nodes associated with that SG. Information regarding a SG may be maintained in the MAP 11 at each location 21 (e.g., MAP 11-a at location 21 -a, and MAP 11-b at location 21-b) or distributed by a centralized authentication server (not shown).

In the example wide area data communications network 100, end nodes 10-a-l and 10-a- 2 in location 21-a are part of a Security Group (SG) 40-1. The SG 40-1 also includes end node 10-b-2 in location 21-b. A security policy (not shown) is created at location 21-a to associate end nodes 10-a-l and 10-a-2 with the SG 40-1. Information concerning membership of end node 10-b-2 at location 21-b need not be provided to the MAP 11-a at location 21-a. Instead, another security policy (not shown) is created at location 21-b associating end node 10-b-2 with the SG 40-1. Likewise, the security policy at location 21-b need not specify end nodes 10-a-l and 10-a- 2 of location 21-a. Figure 17 is a block diagram that illustrates the hierarchical relationship 200 between policy management, policy/key generation and distribution, and policy enforcement in accordance with an embodiment of the present invention.

MAPs 11 communicate high level security policy definitions to one or more KAPs 14. In the embodiment shown, each KAP 14 receives the high level policy definitions from only one MAP 11 (MAP 11-a for KAP 14-a, and MAP 11-b for KAP 14-b). Each KAP 14 uses the policy definitions to determine the PEPs 20 to which it is responsible, and which networks the PEPs 20 protect. Based on the high level policies defined by the MAP 11, each KAP 14 generates detailed policy information for only those PEPs 20 that are in the KAP's 14 control, and distributes the detailed policy information to the appropriate PEPs 20. In the case of Figure 17, MAP 11-a communicates high level security policies to KAP

14-a. KAP 14-a then generates detailed policy information for PEP 20-a because, as defined by the security policies from MAP 11-a, PEP 20-a is controlled by KAP 14-a. Likewise, MAP 11-b communicates high level security policies to KAP 14-b. KAP 14-b then generates detailed policy information for PEP 20-b-l and PEP 20-b-2, as they are controlled by KAP 14-b. Figure 18 is a block diagram of an example API for a transaction 300 in accordance with an embodiment of the present invention.

The API defines the format of security policy transactions and security policy rules for processing on a PEP 20. A KAP 14 generates and communicates the transactions to a PEP 20. Supported transactions include: "replace", "rekey", "add", "modify", "delete", and "status". The transactions are received at the PEP 20 via Remote Procedure Calls encoded with an Extensible Markup Language (XML-RPC) on a port protected by TLS, and are only processed by the PEP 20 when it is operating in "distributed key mode".

Each transaction 300 specifies a policy name 310, which is the name of the meta-policy covering all policies to be stored on the PEP 20. Each transaction 300 also specifies a server information component 320 that contains information about the KAP 14 that originated the transaction 300. The PEP 20 uses the server information 320 to group transactions and policies from a particular KAP 14, enabling the PEP 20 to distinguish between policies from different KAPs 14, and to store each KAP's 14 policies separately such that they will not overwrite each other. It should be noted that separate KAPs 14 may control one PEP 20. The server information component 320 includes the key server name 322, its unique numeric identifier 324, and its IP address 326.

Each transaction 300 also includes a transaction information component 330, which includes a transaction type 338, and a policy set information component 332. The transaction type 338 specifies the type of transaction being communicated by the KAP 14 (replace, rekey, add, modify, delete, or status). The policy set information component further includes a sequence number 336 and a deferred reload time 334.

The PEP 20 stores and uses the transaction sequence number 336 to keep track of the latest policy updates from the KAP 14. The KAP 14 uses the sequence number 336 to track transactions on subsequent status queries. Typically, the transaction sequence number 336 starts at zero and increments by one for each transaction communicated by the KAP 14 to the PEP 20.

The deferred reload time 334 is an optional value that is used when delaying the processing time of the transaction on the PEP 20. The deferred reload time 334 instructs the PEP 20 when to enact the policy, allowing for coordinated policy insertion with other PEPs 20 in a network. When a deferred reload time 334 is specified, the PEP 20 caches the transaction 300 and schedules an event to process the transaction 300 at the specified date and time. The purpose of the deferred reload time 334 is to allow synchronization of the policy reloads on all PEPs 20 in the network with minimal traffic disruption.

Each transaction 300 also includes a transaction details component 340 that contains the information for a particular type of transaction. A "replace" transaction 341 includes a complete list of policy rules communicated by a KAP 14 for installation on the PEP 20. A "rekey" transaction 342 includes information for updating the keys for current policies on the PEP 20. An "add" transaction 343 includes information for adding one or more policies to the PEP 20. A "modify" transaction 344 includes information for modifying policies stored on the PEP 20. A "delete" transaction 345 includes information for deleting one or more specified policies from the PEP 20. A "status" transaction 346 includes information needed for retrieving the PEP's 20 status.

Figure 19 is a block diagram of an example policy rule 400 as part of a transaction details component 340 of an API for a "replace" transaction 341 in accordance with an embodiment of the present invention.

A "replace" transaction 341 includes a complete list of policy rules 400 sent by a KAP 14 for installation on a PEP 20. Upon processing a "replace" transaction, the PEP 20 removes any policy rules 400 that if had previously received from the KAP 14 and stores the new set of rules on a file system. The PEP 20 includes a Security Policy Database (SPD), a Content Addressable Memory (CAM), and a Security Association Database (SADB). The SPD and SADB store security policies. The CAM is used in high speed packet processing and stores addresses of devices that are assigned to security groups. The PEP 20 then reprioritizes all of its stored security polices for all KAPs 14, resets and reinitializes the SPD, CAM, and SADB, and reloads all the new polices. The PEP 20 expects all of the policy rules 400 to be complete, with the exception that a manual key policy 475 may be specified without a transform data component 480. In this case, the PEP 20 will not activate the policy until it receives the transform data component 480 in a subsequent "rekey" transaction 342.

Security policies on the PEP 20 are defined by a policy rule structure 400. A complete policy rule 400 defines all of the information necessary for installing the policy information into the SPD and CAM on the PEP 20, and activating the policy for processing. An incomplete policy rule 400 defines all of the selector information 420 such that the PEP 20 may install the policy into its SPD and CAM in a deactivated state until the remaining information is provided in a subsequent transaction. Each policy rule 400 is atomic in nature, that is, it has no relationship with or dependency on any other policy rule on the PEP 20. PEPs 20 do not have any knowledge of the overall context of its policies within a network. It is the KAPs 14 that track the policy rules at the higher level.

Each policy rule 400 includes a name 402, which is the name of the policy, and a policy information component 404. The policy information component 404 includes a rule identifier 406, which is unique to the originating KAP 14, and a priority value 408. The server information 320 together with the policy information 404 provide the necessary information to uniquely identify the security policy on the PEP 20. The rule identifier 406 is used by a KAP 14 during subsequent transactions to modify or query the status of the policy rule 400. The priority value 408 is used by the PEP 20 to order policies within the SPD and CAM.

Each policy rule 400 includes a date and time information component 410, which further includes an install value 412, and a remove value 414. These values 412, 414 represent the lifetime of the policy rule 400. The PEP 20 uses the install and remove values 412, 414 to activate and deactivate the policy rule 400 for traffic, respectively. The install values 412, 414 specify the absolute date and time that the policy rule 400 should be activated or deactivated.

Each policy rule 400 includes a selector data component 420 that defines where the policy rule 400 should be installed on the PEP 20. The selector data component 420 includes a selector direction 425, source and destination selectors 430, 440, and a protocol selector 450. The selector direction 425 specifies whether the policy rule 400 is an "inbound" or "outbound" policy with respect to the PEP's 20 remote port interface. The protocol selector 450 includes the protocol number 452 and the "all protocols" flag 454. The source and destination selectors 430, 440 each specify a source/host network, and for layer-3, are complete with IP addresses 431, 441, subnet masks 432, 442, port numbers 433, 443, and "all port numbers" flags 434, 444. Optional tunnel end points 435, 445 may be included with each of the source and destination selectors 430, 440. A tunnel end point specifies the IP address and subnet mask to be used for outer Encapsulating Security Payload (ESP) headers on IPsec policies. Each policy rule 400 must include at least one source selector 430 and at least one destination selector 440 to be complete. It should be noted that multiple source and destination selectors in a single policy rule 400 will result in multiple SPD, CAM, and SADB entries on the PEP 20.

Each policy rule 400 includes a policy action 460 (clear, drop, or manual key). Clear and drop policy actions 465, 470 are stored in the SPD and CAM only. Manual key policy actions 475 are used for protecting traffic using IPsec and are installed in the SPD, CAM, and SADB on the PEP 20. Manual key policy actions 475 include a peer gateway component 477, a transform data component 480, and a set of tunnel copy flags 490.

The transform data component 480 includes a unique Security Parameters Index (SPI) value 486 generated by the originating KAP 14. The transform data component 480 also includes a cipher key 482 and a hash key 484 that specify, as an ASCII representation, the key values used for protecting traffic. The cipher key 482 specifies the cipher algorithm to be used ("aes", "3des", or "des") and hash key 484 specifies the hash key algorithm to be used ("shal" or "md5").

The set of tunnel copy flags 490 are used for special handling of IP addresses and MAC addresses on the outer ESP header of an IPsec packet. The flags 490 are only processed for "outbound" policies on the PEP 20. There are four flags that may be set independently: "copy source IP address" 492, "copy destination IP address" 494, "copy source MAC address" 496, and "copy destination MAC address" 498.

The transaction 300 is communicated by the KAP 14 and received by the PEP 20 in an ASCII XML structure and received on a port protected by TLS. The transaction details component 340 of transactions other than a "replace" transaction 341 contains a subset of the information presented above.

A "rekey" transaction 342 is used for two purposes: policy refresh or policy rekey. A policy refresh specifies one or more existing policy rules 400 to be updated with new date and time information 410. A policy rekey specifies one or more policy rules 400 with manual key policy actions 475 to be updated with a new SPI value 486 and key information 482, 484. The "rekey" transaction specifies only the information that is needed to identify the particular policy rule 400 to be updated and the new information that is to be stored in the policy rule 400.

A "status" transaction 346 provides a way for the KAP 14 to query the status of the policy rules on the PEP 20. The "status" transaction specifies a transaction sequence number 336 of a previously communicated "replace" transaction 341 for which the KAP 14 is requesting status. The PEP 20 responds with its most current transaction sequence number 336 corresponding to the last successfully processed "replace" transaction 341 that it received from the KAP 14. Additionally, the present invention provides for at least one encrypting / decrypting unit that receives symmetric keys from a key authority point (KAP) within a secure network having a software operating on a management and policy server (MAP) in communication with the KAP for providing key(s) to policy enforcement points (PEPs) on the network and at least one common key to encryption/decryption units for facilitating encrypting and decrypting packets and transmitting the packets securely through the network, including load balancing of the encryption/decryption functions and multicasting of the packets. The symmetric key distributed by the KAP is the common key used to encrypt traffic.

In one embodiment of the present invention, each of a multiplicity of encrypting / decrypting units have the same symmetric keys provided by a KAP, wherein any unit is operable to encrypt and/or decrypt a packet. Preferably, during the system start-up for operation, each unit is authenticated, by way of example and not limitation, by IKE and/or certificates for public- private key exchange.

Generally, IPSec encryption today is well defined and leverages IKE for key exchange. Using standard IKE, encryptors in the 10Gb application could be paired so that the output of one encryptor would always be decrypted by the same peer on the remote side. However, by tying encryptors in matched pairs, resiliency and load sharing algorithms are greatly limited. If either of the paired units fails then a full lgig of bandwidth is lost, which is detrimental to the network functionality. Also, the switching algorithms that distribute traffic across both VLAN and non- VLAN trunks are limited in their function since traffic from one encryptor must always be switched to a specific encryption unit.

A distributed network includes multiple nodes that are interconnected by multiple routers, bridges, etc. and that may be connected in a variety of different network topologies. In a distributed network, a node may be part of a smaller network such as an office LAN, or even a single node directly connected to the internet. The node can be connected to an unprotected network such as the Internet either directly or through a gateway, router, firewall and/or other such devices that allow one or more nodes to connect to a network via a single point. The nodes include computing devices such as, by way of example and not limitation, laptops, desktops, handheld devices, mobile devices, cable access systems, and other devices capable of connecting to a network, or a network of such devices.

These nodes communicate with each other, or servers providing services such as web pages, email, voice over internet protocol (VoIP), video broadcasting, multicasting applications, streaming audio or video via unprotected networks. In certain cases, when the communication is between two nodes that are using the same network, this communication may be protected. However, most of the communication over the internet is unprotected. This means that the communication can be intercepted by anyone. This communication is protected by using cryptographic keys. One or more nodes are grouped together so that they communicate over the unprotected networks via at least one policy enforcement point (PEP). Typically there are several PEPs in a distributed network. The PEPs receives policies from a management and policy server (MAP). The MAP defines the policies that govern the communication of the PEPs and the nodes under the PEPs. There are one or more key authority points (KAP) that communicate with the MAP and generate one or more cryptographic keys for PEPs. There are several configurations operable for arranging PEPs and KAPs within a network according to the present invention. By way of example, the system is operable for multiple KAPs, including peer KAPs, for one or more PEPs. Alternatively, the system and methods are functional where there is a single KAP that provides the keys for all the PEPs in a distributed network.

Based on the policies received from the MAP, the universal KAP of the present invention generates one or more cryptographic keys for each of the PEPs, or a single key to be shared by PEPs, within its network as defined by the MAP. The PEPs use the cryptographic keys to encrypt communication from the nodes and networks that they protect to unprotected networks, decrypt communication from unprotected networks to the nodes and networks that they protect or both. The universal KAP receives the policy definition from a single MAP. This policy definition informs the KAP about the PEPs it is responsible for, which networks the PEPs protect, and which KAP units they use. The KAP distributes the keys and policies associated with its networks and nodes to the appropriate PEPs.

The present invention provides for at least one encrypting / decrypting unit that receives symmetric keys from a key authority point (KAP) within a secure network having a software operating on a management and policy server (MAP) in communication with the KAP for providing key(s) to policy enforcement points (PEPs) on the network.

The original IP address and the original MAC address is maintained for each packet. This enables a completely transparent implementation of encryption and decryption, especially at layer 2. In addition, using the end stations IP and MAC addresses enables a much more balanced load across a link aggregation group. It also allows for the packets to be transmitted across firewalls, routers and the like. For instance, in the 10 Gig encryption system, two switches communicating over a 10 Gig link have encryptors on each side sharing keys to encrypt and decrypt traffic. The switches employ standard link aggregation techniques to distribute traffic over the encryptors.

According to systems and methods of the present invention, multiple units are connected with a router or a switch on each side of a 10 Gb link. More particularly, two ports are provided, including an encrypted port for encrypting plain packets and sending the encrypted plain packets back to the router, and then to be sent to other side of 10 Gb link, and for decrypting a received packet and sending the decrypted received packet back to the router to be forwarded to a local address; and a clear port for sending a plain packet to be encrypted, and for receiving a decrypted packet.

Preferably, each encrypting / decrypting unit has an IP address and the router knows the IP address of each unit connected to the router. This provides for the units to be dynamically added and/or removed from routers so that each router performs a load balancing in deciding to which unit to send a given packet for encryption and/or decryption. One method for the balancing is by a link aggregation. Another is by a round robin algorithm. Other methods or combinations are also operable for the load balancing according to the present invention.

In one embodiment, the KAP sends cryptographic keys to the PEPs or to peer KAPs based upon the policy communicated to the KAP by the MAP. The keys are encrypted at the universal KAP with an encrypting key, which may include a pre-shared private key. Preferably, the universal KAP includes a secure hardware module that stores the pre-shared private key and encrypts the cryptographic keys. The secure hardware module is tamper-proof and disables access if the KAP is attacked. The use of the secure hardware module prevents exposure of the cryptographic keys in memory or backplane, where they can be accessed in clear text. The secure hardware module's tamper-proof feature enables it to shut down when it detects that it has been removed from the KAP. Hence, during attack, the cryptographic keys cannot be accessed, since they are stored in the secure hardware module which shuts down when it detects attack. Attack can be in the form of removal of the secure hardware module so that its memory can be independently accessed to gain access to the cryptographic key.

As best seen in Figure 20, a schematic of the overall system, in accordance with an embodiment of the present invention is shown. A management and policy (MAP) server 104 and a key authority point (KAP) 106 are connected to a network node 108. Network node 108 connects to a policy enforcement point (PEP) 110. PEPs 112, 114 and 116 are also connected to PEP 110 via an unprotected network 118. Unprotected network 118 is a network of interconnected nodes and smaller networks, such as the internet or a local LAN or WAN. PEPs 112, 114 and 118 are connected to network nodes 120, 122 and 124 respectively. The network nodes may be individual network points or can be access points to sub-networks 126, 128 and 130. KAP 106 generates and sends keys to PEPs 110, 112, 114 and 116. The keys enable PEPs to encrypt and/or authorize communication between the PEPs 110, 112, 114 and 118 and the nodes behind the PEPs. In an alternate embodiment, MAP 104 and KAP 106 are implemented as programs that reside on network node 108.

A 10Gb Ethernet encryption service according to the present invention is established or built using 1 Gig encryptors on the "side" of a lOGig switch. Figure 21 shows the placement of the encryptors (2) and the switches (4) in a 10 Gig environment, generally referenced (10). Any number of encryptors can be configured and are operable to provide sufficient bandwidth to satisfy the switch's needs.

By contrast to prior art, in a preferred embodiment according to the present invention, EDPM technology employs a key authority point (KAP) that alleviates the limitations described above that describe the state of the art. Preferably, with a KAP, IPSec encryptors are grouped together (Figure 21), sharing keys and other Security Association content. By contrast to the prior art, with the present invention, instead of two units being paired, two groups are paired so that any packet encrypted on one side can be decrypted by any encryption device on the peer side. Units can fail and traffic is limited only by the loss of bandwidth on one side. The switches are operable with any load balancing algorithm, by way of example and not limitation, round robin, address hash, load sharing, etc., to distribute traffic over the encryption devices. As illustrated in Figure 22, sharing the keys provided by the KAP enables a superior solution to the use of standard IKE in this application. The present invention also provides a method for providing secure interactivity between points on a network including the steps of: providing a communication network having a network infrastructure and a secure network topography between a multiplicity of policy enforcement points (PEPs) having nodes with any form of encryption associated therewith; a user providing at least one policy definition to a management and policy (MAP) server in communication with a key authority point (KAP); the KAP generating and distributing keys to the PEPs and at least one common key provided to a multiplicity of encryption/decryption units consistent with the MAP policy; the encryption/decryption units performing load balancing on the network to direct packets through routers using the common keys; and the PEPs enforcing the policy at the nodes to provide secure communication across the network topography. Preferably, multiple encryption/decryption units are connected with a router on each side of a 10 Gb link, with any encryption/decryption unit being operable to encrypt and/or decrypt any packet, and each encrypting/decrypting unit has an IP address and the router knows the IP address of each unit connected to the router.

Also, the system includes two ports, including an encrypted port and a clear port, the ports providing the steps of: the encrypted port encrypting plain packets and sending the encrypted plain packets back to the router, then to other side of the 10 Gb link, and decrypting a received packet and sending the decrypted received packet back to the router to be forwarded to a local address; and the clear port sending a plain packet to be encrypted and for receiving a decrypted packet. Preferably, the method provides for adding and/or removing units from association with the routers and providing a multiplicity of routers and units connected thereto, including the steps of each router performing a load balancing in deciding to which unit to send a given packet for encryption and/or decryption.

Certain modifications and improvements will occur to those skilled in the art upon a reading of the foregoing description. The above mentioned examples and embodiments are provided to serve the purpose of clarifying the aspects of the invention and it will be apparent to one skilled in the art that they do not serve to limit the scope of the invention. All modifications and improvements have been deleted herein for the sake of conciseness and readability but are properly within the scope of the following claims.

Claims

CLAIMSWhat is claimed is:

1. A system for providing secure networks comprising: a communication network having a network infrastructure; and software operating on a server in connection to the network for providing security for the network; wherein the software provides: a management and policy (MAP) server coupled to the network for communication with at least one key authority point (KAP), wherein the MAP includes at least one policy for providing secure association (SA) within the network; wherein the at least one KAP is operable to generate and manage keys provided to a multiplicity of policy enforcement points (PEPs) through an open API; and wherein the network automatically provides a network topography of secure communication based upon the policy and keys distributed to the PEPs, thereby providing a secure, flexible network security solution.

2. The system of claim 1, wherein the intelligent overlay is dynamically modifiable to reconfigure secure PEP interactivity without requiring change to the network infrastructure.

3. The system of claim 1, further including a universal key authority point (KAP), operable to generate and manage key(s) communicated to a multiplicity of policy enforcement points (PEPs) having nodes distributed throughout the network; and wherein the network automatically provides a network topography of secure communication based upon the policy and keys distributed to the PEPs for any encryption form at the nodes.

4. The system of claim 3, wherein the KAP is operable to reconfigure secure PEP interactivity without requiring change to the network infrastructure.

5. The system of claim 3, wherein the KAP is operable to communicate key(s) and policy to peer KAP(s).

6. The system of claim 5, wherein the peer KAPs function as separate distributors for separate networks.

7. The system of claim 1, wherein the MAP is coupled to the network for communication with at least two key authority points (KAPs), including a primary KAP and a back-up KAP, wherein the MAP includes at least one policy for providing secure association (SA) within the network; wherein the primary KAP is operable to generate, distribute, and manage key(s) communicated to a multiplicity of policy enforcement points (PEPs) having nodes distributed throughout the network; wherein the back-up KAP is operable to function as the primary KAP in any event that prevents the primary KAP from functioning, and wherein the network automatically provides a network topography of secure communication based upon the policy and keys distributed to the PEPs for any encryption form at the nodes.

8. The system of claim 1, wherein the KAP is operable to generate and manage keys communicated to a multiplicity of policy enforcement points (PEPs) having nodes distributed throughout the network, including a common key provided to at least one encryption/decryption unit to facilitate encryption of packets such that encrypted packets can be decrypted by any one of at least one other encryption/decryption unit.

9. A method for providing secure interactivity between points on a network comprising the steps of: providing a communication network having a network infrastructure and a secure network topography between a multiplicity of policy enforcement points (PEPs); a user providing at least one policy definition to a management and policy (MAP) server in communication with at least one key authority point (KAP); the KAP generating and distributing keys to the PEPs consistent with the MAP policy; the PEPs enforcing the policy by providing secure communication across the network topography.

10. The method of claim 9, further including a universal key authority point (KAP) for providing the step of generating and distributing at least one key to the PEPs consistent with the MAP policy.

11. The method of claim 10, further including the step of the universal KAP communicating at least one key and policy to peer KAPs.

12. The method of claim 9, wherein the KAP further includes a back-up KAP for performing the step of the back-up KAP forcing a re-key and taking over original functions of the primary KAP.

13. The method of claim 9, further including the steps of configuring a remote network to engage network security negotiation with a local network; configuring a first security policy of a security component PEP within the local network to pass through a network security negotiating communication between the local network and the remote network; and establishing a network security negotiation between the remote network and a security parameter generator KAP via the security component, the security parameter generator located within the local network and configured to provide secure communication with the remote network.

14. The method of claim 13, wherein the step of establishing a security negotiation between the remote network and a security parameter generator via the security component includes establishing a secure association between the remote network and the local network.

15. The method of claim 13, wherein the step of establishing a security negotiation between the remote network and a security parameter generator via the security component includes performing an Internet Key Exchange (IKE) negotiation between the security parameter generator and the remote network.

16. The method of claim 13, wherein the step of establishing a network security negotiation between the remote network and the local network includes one or more authentication mechanisms, including one or more of the following: pre-shared keys, certification, nonce, Kerberos token, hash/notification, and signature.

17. The method of claim 13 further including the step of creating a second security policy by the security parameter generator and implementing at the security component, the second security policy comprising any one of: establishing local remote IP addresses or ranges for an encrypted traffic from the remote network, remote tunnel EP address, selector settings, security policy setting, encryption, authentication keys, security parameter index and tunnel termination.

18. The method of claim 13 further including the step of the KAP generating and managing keys communicated to a multiplicity of policy enforcement points (PEPs) having nodes distributed throughout the network, including a common key provided to at least one encryption/decryption unit to facilitate encryption of packets such that encrypted packets can be decrypted by any one of at least one other encryption/decryption unit.

19. The method of claim 13 further includes the following steps: i) establishing a secure tunnel for exchanging an encrypted packet between the local network and the remote network; ii) decrypting the encrypted packet according to the second security policy; and iii) optionally conducting an additional security negotiation between the remote network and the security parameter generator via the security component.

20. The method of claim 19, wherein the step of decrypting the encrypted packet according to the second security policy includes stripping an IP (internet protocol) header of the encrypted packet to route the encrypted packet to a device within the local network.

21. The method of claim 13, further including the steps of: communicating policy information between at least one key authority point and at least one policy enforcement point, the method comprising: generating detailed policy information from high level policy definitions at the at least one key authority point; communicating the detailed policy information from the at least one key authority point to the at least one policy enforcement point over a network, wherein the detailed policy information conforms to an application programming interface; and receiving and storing of the detailed policy information at the at least one policy enforcement point.

22. The method of claim 21, wherein communicating policy information includes communicating a policy name, server information, transaction information, and transaction details.

23. An apparatus for providing network security comprising: a remote network configured to engage network security negotiation with a local network; a security component (PEP) within the local network with a security policy that can pass through a network security negotiating communication from the remote network, the security component located within the local network, and a security parameter generator (KAP) configured to provide a secure communication with the remote network via the security component.

24. The network security apparatus of claim 23, wherein the remote network includes a device using standard security negotiation protocols and wherein the security parameter generator and the remote network are configured to perform an Internet Key Exchange (IKE) negotiation.

25. The network security apparatus of claim 23 further includes a secure association between the remote network and the local network.

26. The network security apparatus of claim 23, wherein the network security negotiation between the remote network and the local network includes one or more authentication mechanisms, selected from the following mechanisms: pre-shared keys exchange, certification, nonce, Kerberos token, hash/notification, and signature.

27. The network security apparatus of claim 26, wherein the security parameter generator is configured to that the security parameter generator can create a second security policy for the security component after conducting the one or more authentication mechanisms, wherein the second security policy defines of the following security parameters: local remote IP addresses or ranges for an encrypted traffic from the remote network, remote tunnel IP address, selector settings, security policy setting, encryption, authentication keys, security parameter index and tunnel termination.

28. The network security apparatus of claim 23, wherein the security component is configured to: i) establish a secure tunnel for exchanging an encrypted packet between the local network and the remote network; ii) decrypt the encrypted packet according to the second security policy; and iii) optionally conduct an additional security negotiation between the remote network and the local network.