GB2574203A - Data communication system and method - Google Patents

Data communication system and method Download PDF

Info

Publication number
GB2574203A
GB2574203A GB1808707.2A GB201808707A GB2574203A GB 2574203 A GB2574203 A GB 2574203A GB 201808707 A GB201808707 A GB 201808707A GB 2574203 A GB2574203 A GB 2574203A
Authority
GB
United Kingdom
Prior art keywords
data
data communication
shredding
user device
communication system
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
GB1808707.2A
Other versions
GB201808707D0 (en
Inventor
Norris Timothy
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
BASCK Ltd
Original Assignee
BASCK Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by BASCK Ltd filed Critical BASCK Ltd
Priority to GB1808707.2A priority Critical patent/GB2574203A/en
Publication of GB201808707D0 publication Critical patent/GB201808707D0/en
Publication of GB2574203A publication Critical patent/GB2574203A/en
Withdrawn legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0485Networking architectures for enhanced packet encryption processing, e.g. offloading of IPsec packet processing or efficient security association look-up
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
    • H04L9/16Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms the keys or algorithms being changed during operation

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

A computing devices 30A-C are connected via network 15 which includes nodes 20, such as email servers with filters. A dongle 50 including logic 70,100, 110 can (de)shred data passing to/from TCP hub 60 along data lines 80,90. The logic may include buffer memory. Metadata about shredding parameters are sent with the data across the network. Shredding may involve swapping/transposing and or negating/inverting bits/bytes of the data, and is in substance a type of encryption intended to prevent eavesdropping. Shredding may involve multiple layers/rounds of swapping and negating. Shredding uses keys kept in wallets in the dongle and may be controlled by instructions from the user device 30. Shredding may be applied partially to portions of the data. In the embodiments the partially shredded data is intended to pass email filters which drop encrypted attachments and the like. The dongle may plug in to USB ports and communicate wirelessly with the network. Shredding configurations may be adjusted at random intervals.

Description

DATA COMMUNICATION SYSTEM AND METHOD
Technical Field
The present invention relates to data communication systems, and methods of (for) operating the data communication systems. Furthermore, the present invention relates to a computer program product comprising a non-transitory computer-readable storage medium having computer-readable instructions stored thereon, the computer-readable instructions being executable by a computerized device comprising processing hardware to execute aforementioned methods.
Background to the invention
Public data communication networks, for example the Internet®, are known to be prone to eavesdropping, hostile interference or attacks by malicious third parties and unintentional loss of data. For example, when a given e-mail, for example with one or more data file attachments, is communicated from a sender via the Internet® to a recipient, the given e-mail is communicated from the sender in parallel to a plurality of e-mail servers whose responsibility is to filter and communicate the given e-mail further until it reaches its intended recipient. Thus, within the Internet®, the given e-mail may occur in multiple copies at the plurality of e-mail servers, wherein the given e-mail is deemed to be received if at least one of the multiple copies of the given e-mail is received at its specified recipient, irrespective of a fate of other of the multiple copies of the given e-mail. When the one or more data file attachments are encrypted or unusual in their data structure, there is a potential risk of the given e-mail being blocked at the e-mail servers, for example to try to prevent potential money laundering and other forms of potentially illegal activity.
Various methods to encrypt and correspondingly decrypt data have been proposed and have been the granted patent rights, even before the
- 2 UKIPO, even despite such encryption, likewise decryption, being a mere manipulation of data bits, even when the data is of an abstract computergenerated nature. Such encryption does not necessarily result in data compression. Even so, the UKIPO regards such data bit manipulation as constituting a technical effect within the context of caselaw Macrossan et al., Aerotel et al., Symbion et al., and so forth; section 1(2) PA77 is pertinent here. However, sending encrypted data files attached to e-mails potentially risks the e-mails being blocked at the plurality of servers, as aforementioned, and represents a technical problem in respect of data communication system operation (i.e. data communication system operating reliability).
Secure data communication systems that provide an alternative approach to conventional known e-mail is described in a granted US patent US9411976B2 (applicant - Maidsafe Ltd., Maidsafe Foundation; inventor David Irvine) that employs a combination of data encryption and data obfuscation to achieve an enhanced degree of data security and resistance to eavesdropping. However, when computing devices implementing such an alternative approach are compromised by spyware, the spyware potentially leaks out information in an unencrypted format to the Internet®, even though data communicated from the computing devices in an encrypted and obfuscated manner is extremely difficult, potentially impossible, to eavesdrop by unauthorized third parties. Activities of such spyware can potentially be detected and blocked by softwareimplemented filters on devices, to achieve a very high degree of data security and robustness against spyware.
Data shredding is a known as an approach to maintain data secure from eavesdropping by third parties, for example as described in a published US patent application US2015089322A1 (Data storage system and method by shredding and deshredding', CleverSafe Inc.) for purposes of storing data and retrieving data from database arrangements.
- 3 In view of foregoing problems associated with blocking and eavesdropping of one or more data files attached to e-mails, there arises an improved system and method that is concerned with a technical problem of communicating e-mails and associated one or more data files in a more secure and reliable manner, in a practical manner that can be retrofitted to existing communication infrastructure.
Summary of the invention
The present invention seeks to provide an improved data communication system that, in operation, provides an enhanced degree of data security for data communicated therethrough.
According to a first aspect of the present invention, there is provided a data communication system including a data communication network including a plurality of nodes that communicates data traffic therethrough, wherein the data traffic is sent and received by one or more user devices, characterized in that:
(i) at least one communication port of a given user device is provided with a hardware dongle that interfaces between the given user device and the data communication network;
(ii) the hardware dongle includes control logic that receives instructions from the given user device, wherein the control logic controls an output path from the at least one communication port to the data communication network and an input path from the data communication network to the at least one communication port, wherein the output path performs selective data shredding of data sent from the given user device and outputs selectively shredded data to the data communication network, and the input path performs selective data de-shredding of data received from the data
- 4 communication network and outputs selectively de-shredded data to the given user device; and (iii) the control logic is controlled by parameters of one or more elements of a key wallet, wherein the elements are defined by one or more keys communicated via the data communication network, wherein the key wallet is communicated or uploaded to the given user device a priori, wherein one or more portions of the data that are to be selectively shredded or de-shredded are defined by using one or more keys and reference information identifying the one or more portions of the data, wherein the one or more keys and reference information identifying the one or more portions of the data are communicated via the data communication network.
The present invention is of advantage in that using a hardware dongle to execute data shredding, rather than employing a purely software-based approach to data shredding or data encryption behind data firewalls, provides an enhanced degree data security and robustness against malware.
According to a second aspect of the invention there is provided a method of operating a data communication system including a data communication network including a plurality of nodes that communicates data traffic therethrough, wherein the data traffic is sent and received by one or more user devices, characterized in that the method includes:
(i) providing at least one communication port of a given user device with a hardware dongle that interfaces between the given user device and the data communication network;
(ii) arranging for the hardware dongle to include control logic that receives instructions from the given user device, wherein the control logic controls an output path from the at least one communication port to the data communication network and an input path from the
- 5 data communication network to the at least one communication port, wherein the output path performs selective data shredding of data sent from the given user device and outputs selectively shredded data to the data communication network, and the input path performs selective data de-shredding of data received from the data communication network and outputs selectively de-shredded data to the given user device; and (iii) controlling the control logic by parameters of one or more elements of a key wallet, wherein the elements are defined by one or more keys communicated via the data communication network, wherein the key wallet is communicated or uploaded to the given user device a priori, wherein one or more portions of the data that are to be selectively shredded or de-shredded are defined by using one or more keys and reference information identifying the one or more portions of the data, wherein the one or more keys and reference information identifying the one or more portions of the data are communicated via the data communication network.
According to a third aspect of the present invention, there is provided a software product recorded on machine-readable data storage media, characterized in that the software product is executable upon computing hardware for executing a method of the second aspect of the invention.
It will be appreciated that features of the invention are susceptible to being combined in various combinations without departing from the scope of the invention as defined by the appended claims.
Description of the diagrams
Embodiments of the present invention will now be described, by way of example only, with reference to the following diagrams wherein:
FIG. 1 is an illustration of a data communication system of the present invention;
- 6 FIG. 2 is an illustration of a user device of the data communication system of FIG. 1, wherein the user device is equipped with a hardware dongle implementing a hardware data shredder and de-shredder at its TCP communication port;
FIG. 3 is an illustration of an exchange of messages employed when communicating data using the data communication system of FIG. 1; and
FIG. 4 is an illustration of using a data capsule that is communicated within the data communication system of claim 1, wherein portions of the data capsule are optionally shredded and deshredded according to mutually different algorithms to control access to selective given users to specified portions of the data capsule.
In the accompanying diagrams, an underlined number is employed to represent an item over which the underlined number is positioned or an item to which the underlined number is adjacent. A non-underlined number relates to an item identified by a line linking the non-underlined number to the item. When a number is non-underlined and accompanied by an associated arrow, the non-underlined number is used to identify a general item at which the arrow is pointing.
Description of embodiments of the invention
In overview, according to a first aspect of the present disclosure, there is provided a data communication system including a data communication network including a plurality of nodes that communicates data traffic therethrough, wherein the data traffic is sent and received by one or more user devices, characterized in that:
(i) at least one communication port of a given user device is provided with a hardware dongle that interfaces between the given user device and the data communication network;
(ii) the hardware dongle includes control logic that receives instructions from the given user device, wherein the control logic controls an output path from the at least one communication port to the data communication network and an input path from the data communication network to the at least one communication port, wherein the output path performs selective data shredding of data sent from the given user device and outputs selectively shredded data to the data communication network, and the input path performs selective data de-shredding of data received from the data communication network and outputs selectively de-shredded data to the given user device; and (ill) the control logic is controlled by parameters of one or more elements of a key wallet, wherein the elements are defined by one or more keys communicated via the data communication network, wherein the key wallet is communicated or uploaded to the given user device a priori, wherein one or more portions of the data that are to be selectively shredded or de-shredded are defined by using one or more keys and reference information identifying the one or more portions of the data, wherein the one or more keys and reference information identifying the one or more portions of the data are communicated via the data communication network.
Optionally, in the data communication system, the selective data shredding includes at least one of:
(I) swapping nibbles of bytes of data;
(ii) swapping selected bits of bytes of data;
(ill) negating selected bits of bytes of data; and (iv) swapping groups of bytes of data in their sequence passing through the data paths.
More optionally, in the data communication system, negating selected bits of bytes of data includes negating a least significant and a most significant bit of a given byte. Yet more optionally, in the data communication
- 8 system, negating selected bits of bytes of data includes negating entire bytes.
Optionally, in the data communication system, swapping groups of bytes of data includes swapping an order that pairs of bytes are communicated through the data paths.
Optionally, in the data communication system, the selective data shredding is multi-layered.
Optionally, in the data communication system, the selective data deshredding includes at least one of:
(a) swapping back nibbles of bytes of data;
(b) swapping back selected bits of bytes of data;
(c) negating back selected bits of bytes of data; and (d) swapping back groups of bytes in their sequence passing through the data paths.
More optionally, in the data communication system, negating back selected bit includes negating a least significant and a most significant bit of a byte. More optionally, in the data communication system, negating back selected bit includes negating entire bytes.
Optionally, in the data communication system, swapping back groups of bytes includes swapping back an order that pairs of bytes are communicated through the data paths.
Optionally in the data communication system, the selective data deshredding is multi-layered.
Optionally, in the data communication system the digital logic are implemented using at least one of: contemporary logic gate devices, FPGA's, ASIC's, micro-coded RISC processors.
- 9 Optionally, in the data communication system, the hardware dongle is implemented as a USB or TCP/IP port dongle.
Optionally, in the data communication system the hardware dongle includes a wireless interface for communicating wirelessly to a wireless hub coupled to the data communication network.
Optionally, in the data communication system, there are included at least first, second and third user devices provided with first, second and third key wallets (KW1, KW2, KW3) respectively, wherein the first key wallet (KW1) includes elements of the second and third key wallets (KW2, KW3), and one element of the second key wallet (KW2) is different to elements of the third key wallet (KW3), so that the first user device is capable of selective sending shredded data for de-shredding at the second user device that cannot be de-shredded at the third user device.
Optionally, the data communication system dynamically changes shredding and de-shredding configurations of the hardware dongle in idle periods when data is not intended to be communicated via the hardware dongle, to frustrate data leakage arising from any malware present on the user device. More optionally, in the data communication system, the shredding and de-shredding configurations of the hardware dongle are changed in a temporally random manner.
According to a second aspect of the present disclosure, there is provided a method of operating a data communication system including a data communication network including a plurality of nodes that communicates data traffic therethrough, wherein the data traffic is sent and received by one or more user devices, characterized in that the method includes:
(i) providing at least one communication port of a given user device with a hardware dongle that interfaces between the given user device and the data communication network;
(ii) arranging for the hardware dongle to include control logic that receives instructions from the given user device, wherein the control logic controls an output path from the at least one communication port to the data communication network and an input path from the data communication network to the at least one communication port, wherein the output path performs selective data shredding of data sent from the given user device and outputs selectively shredded data to the data communication network, and the input path performs selective data de-shredding of data received from the data communication network and outputs selectively de-shredded data to the given user device; and (iii) controlling the control logic by parameters of one or more elements of a key wallet, wherein the elements are defined by one or more keys communicated via the data communication network, wherein the key wallet is communicated or uploaded to the given user device a priori, wherein one or more portions of the data that are to be selectively shredded or de-shredded are defined by using one or more keys and reference information identifying the one or more portions of the data, wherein the one or more keys and reference information identifying the one or more portions of the data are communicated via the data communication network.
According to a third aspect of the present disclosure, there is provided a software product recorded on machine-readable data storage media, characterized in that the software product is executable upon computing hardware for executing a method of the second aspect of the disclosure.
In further overview, the present invention is concerned with a data communication system including a plurality of communication nodes that
- 11 mutually couple communications exchanged between user devices. The communications exchanged between the user devices are, for example, emails with data attachments or references to various user databases that enable data to be exchanged between the user devices. The user devices, pursuant to the present disclosure, selectively shred data that is communicated therefrom, and also selectively de-shred data received thereat. Communications between the user devices provide information indicative of which parts of the data has been selectively shredded or required to be selectively de-shredded. Moreover, such selective data shredding and data de-shredding is performed according to a shredding algorithm or de-shredding algorithm, whose parameters are stored in a corresponding element of a key wallet identified by a key, wherein the key wallet includes a plurality of elements, and the key wallet is pre-loaded into the user devices, and keys to the elements are communicated in operation between the user devices. The data shredding algorithms, likewise the data de-shredding algorithms, are performed in hardware devices that are interposed between the user devices and the data communication system, so that it is extremely difficult for malware to penetrate an effect of the data shredding and data de-shredding algorithms implemented in hardware; any malware attempting to enter the user devices via the data shredding algorithms, likewise via the data de-shredding algorithms, becomes shredded and thereby becomes impotent to the user devices. Likewise, by dynamically temporally changing the keys used, malware will find it very difficult to identify a strategy of shredding and se-shredding employed, to try to circumvent the shredding and se-shredding employed.
Whereas conventional encryption and decryption of data using software is well known and protected by patent rights before the UKIPO, EPO and USPTO, it is feasible for malware to eavesdrop data prior to such data encryption being applied to data to be communicated from user devices. In contradistinction, embodiments of the present disclosure deliberately
- 12 use hardware for performing data shredding and de-shredding to prevent such malware from potentially being able to leak out information from user devices.
Conveniently, data shredders and data de-shredders employed in the data communication system of the present invention are implemented as dongles, for example hardware dongles, that are inserted between a TCP communication port of a given user device (for example, a tablet computer, a laptop computer or similar) and a local communication hub, whether wired or wirelessly implemented.
In FIG. 1, there is provided an illustration of a data communication system indicated generally by 10, pursuant to the present invention. The data communication system 10 includes a data communication network 15 including a plurality of nodes 20 that are spatially distributed within the data communication network 15; the nodes 20, when in operation, filter and communicate onwards data received thereat. For example, one or more of the nodes 20 function as e-mail servers that receive e-mails that are to be communicated onwards to their defined recipient or recipients. The e-mail servers perform a function of monitoring and filtering e-mails, to seek to intercept those e-mails that may potentially be spread malware, and that may be associated with illegal activities such as money laundering, and may be suspected to be of a terrorist nature. For example, certain types of encryption applied to data files that are attached to e-mails can be detected, intercepted and stopped by the nodes 20 when functioning as e-mail servers, such that the data files are not communicated further; such interception is implemented using automated filters and sometimes intercepts bona fide e-mail communications, and is perceived by users as unreliable e-mail communication.
The data communication system 10 also includes one or more user devices 30 that are coupled in communication with nodes 20 of the data
- 13 communication network 15. As illustrated in FIG. 2, a given user device 30 is conveniently implemented as a laptop or a tablet computer with one or more TCP ports 40. Moreover, there is connected a hardware dongle 50 from at least one or the one or more TCP ports 40, wherein the hardware dongle 50 is, in turn, connected wired or wirelessly to a local TCP hub 60 that communicates with nodes 20 of the data communication system 10. Within the hardware dongle 50 is included a logic control arrangement 70, a first data path 80 supplying data from the local TCP hub 60 to the given user device 30, and a second data path 90 supplying data from the given user device 30 to the TCP hub 60. The data paths 80, 90 are provided within digital logic 100, 110, respectively, that is configurable from control signals generated by the given user device 30; optionally, the digital logic 100, 110 includes buffer data memory that is spatially local to the hardware dongles 50, so that data received at the hardware dongle 50 can be stored and then selectively de-shredded before being passed in a de-shredded state to its user device 30. Conveniently, the logic control arrangement 70, and the digital logic 100, 110 are implemented using standard logic gate devices, FPGA's, ASIC's, micro-coded RISC processors or similar. Conveniently, the hardware dongle 50 is implemented as a plurality of electronic components populated onto a fibreglass circuit board that is housed within a plastic material casing, with one or more ribbon cable leads for connecting to the given user device 30. The logic control arrangement 70 is optionally controlled from control data generated by the given user device 30 and communicated via the one or more TCP ports 40, or via other ports of the given user device 30, for example a USB port thereof. A software application is executable on the given user device 30 to generate the control data for configuring the logic control arrangement 70.
The logic control arrangement 70 receives, in operation, instructions from the given user device 30 that configures how the digital logic 100, 110 is
- 14 to shred, or de-shred, data passing through the first and second data paths 80, 90. Such data shredding includes at least one of:
(i) swapping nibbles of bytes;
(ii) swapping selected bits of bytes;
(iii) negating selected bits of bytes, for example negating a least significant and a most significant bit of a byte, for example, negating entire bytes;
(iv) swapping groups of bytes in their sequence passing through the data paths 80, 90, for example swapping an order that pairs of bytes are communicated through the data paths 80, 90;
or a combination of any two or more of (i) to (iv), for example in a multilayered approach as will be elucidated in greater detail later.
Moreover, such data de-shredding includes at least one of:
(a) swapping back nibbles of bytes;
(b) swapping back selected bits of bytes;
(c) negating back selected bits of bytes, for example negating a least significant and a most significant bit of a byte, for example, negating entire bytes;
(d) swapping back groups of bytes in their sequence passing through the data paths 80, 90, for example swapping back an order that pairs of bytes are communicated through the data paths 80, 90;
or a combination of two of more of (a) to (d) for example in a multilayered approach as will be elucidated in greater detail later.
In other words, the digital logic 100, 110 executes various shredding and de-shredding algorithms, that are selected in operation. There are n parameters pi,i to pi,n, wherein n is an integer, and wherein an integer /defines an algorithm whose parameters are defined in an element Ei of a key wallet that is pre-loaded into the given user device 30. A key Ki is employed to invoke a corresponding element Ei of the key wallet, resulting in its corresponding algorithm to be executed by the digital logic 100,
- 15 110. In operation, when one or more keys Ki are communicated from a first given user device 30A to a second given user device 30B, accompanying a corpus of data that has been selectively shredded, there is communicated information defining regions of the corpus of data to which the one or more keys Ki pertain, so that the second given user device 30B is successfully able to use the one or more keys K to fetch corresponding parameters p from its key wallet to use in algorithms to deshred the corpus of data.
Optionally, a least a portion of the corpus of data is shredded by the first user device 30A by employing a plurality of passes of shredding algorithms in respect of the portion in a given sequence of steps, such that the second given user device 30B employs a plurality of passes of de-shredding algorithms in respect of the portion using an inverse of the given sequence of steps. Alternatively, a least a portion of the corpus of data is shredded by the first user device 30A by employing a single pass of a shredding algorithm in respect of the portion, such that the second given user device 30B employs a single pass of de-shredding algorithm in respect of the portion.
If a malicious third party were to intercept the corpus of data when communicated from the first user device 30A to the second given user device 30B, it would be extremely difficult for the third party to understand a content of the corpus, on account of its contents being shredded in a complex manner, as described in the foregoing. Moreover, if the malicious third party were to insert malware into the corpus of data, the second user device 30B when de-shredding the corpus of data would also shred the malware and render it impotent (incapable of being successfully executed) in the second user device 30B. Beneficially, when shredding a given section data in the first user device, for example a Word® file including header information and text information, structures such as the header information are retained in the corpus of data when
- 16 processed in the first given device 30A in an unshredded form, and text fields are obfuscated by executing data shredding; by employing such an approach, when the partially shredded Word® file is received at a given email server included in the nodes 20, the e-mail server will forward the Word® file because it superficially appears to be a bona fide format of file. Thus, reliable e-mail communication and robustness against eavesdropping and malware is achieved in a highly reliable manner that is more robust than software-based encryption and decryption arrangements implemented using user devices.
The hardware dongle 50 is of advantage in that it is capable when in operation, to shred data at a very high data rate, for example up to several hundred megabytes per second, without imposing a heavy computational load on the user devices 30; this is to be juxtaposed to known software-based data encryption and decryption arrangements that can be highly computationally intensive and impose a heavy processing load on the user devices 30. On account of the hardware dongle 50 being able to shred data at such a fast data rate, the hardware dongle 50 is especially beneficial for real-time control of industrial systems, for realtime surveillance, for real-time teleconferencing, for data-streaming purposes, for bulk storage of data into Internet® cloud database servers, large text files (e.g. in excess of 20 Mbytes size), high-resolution photographs and so forth. In such technical fields of use, robustness against malware attacks and data security are potentially absolutely paramount.
When the user devices 30 are not mutually communicating therebetween, their hardware dongles 50 are beneficially configured, in operation, to shred data passing therethrough, for example in a temporally changing manner, for example in a randomly changing manner. In an event that malware is unintentionally loaded onto the user devices 30A, 30B, and, in a background mode, leaks data from the user device 30A, 30B, having
- 17 the hardware dongles 50 of the user devices 30A, 30B configured in an idling state to shred data passing via the one or more PCT ports 40 ensures that leaked data from the malware is hardware obfuscated and thereby unintelligible to unauthorized third parties. Such malware, in a conventional software-firewall protected computing device, is potentially capable of bypassing the software-firewall, for example in an event that the software-firewall can be dynamically activated and de-activated. In contradistinction, especially when the key wallet is customized for the user devices 30A, 30B and is stored in encrypted form in data memory of the user devices 30A, 30B, it is extremely difficult for malware to penetrate the user devices 30A, 30B and compromise operation of the hardware dongle 50.
In FIG. 3, there are shown steps of a method 200 of using the data communication system 10 of FIG. 1 to provide a secure communication of data between user devices 30. The method 200 includes a series of steps 210 to 290, within the steps are as follows:
Step 210: the first given user device 30A provides a key wallet to the second given user device 30B, for example in encrypted form, communicated via the data communication system 10, for example via TCP/IP; alternatively, a node 20 of the data communication system 10 generates a key wallet and communicates it to the given user devices 30A, 30B for example in encrypted form; the user devices 30A, 30B are thereby each provided with compatible key wallets that are stored at the user devices 30A, 30B; yet alternatively, the key wallet is generated by a trusted third party and provided to the first and second given user devices 30A, 30B, for example in an encrypted form and then decrypted within the given user devices 30A, 30B;
- 18 Step 220: the first given user device 30A assembles together a corpus 300 of data to be communicated from the first user device 30A to the second user device 30B; for example, the corpus 300 of data includes a combination of text files (e.g. Word® text files), image files (e.g. Adobe® pdf files, MPEG®, JPEG®), numerical data files, videos, and so forth;
Step 230: the first given user device 30A receives instructions, for example from a user of the first given user device 30A, regarding one or more portions 310 of the corpus 300 of data that are of a confidential or secret nature, or are potentially susceptible to being degraded by malware during transmission through the data communication network 10 and that need to be communicated with a high degree of security to avoid third third-party eavesdropping upon the one or more portions of the corpus 300 of data;
Step 240: the first given user device 30A selects a strategy for selectively shredding the one or more portions 310 of the corpus 300 of data, for example wherein a number of layers of shredding employed in the hardware dongle 50 of the first given user device 30A is selected on a basis of a degree of security of data required; a selection of potential strategies is beneficially pre-loaded into the first given user device 30A, for example in a form of reference table;
Step 250: based upon the selected strategy from the step 240, the first given user device 30A selects one or more keys K for use in defining elements E of the key wallet and their associated parameters p when selectively shredding the one or more portions 310 of the corpus 300 of data;
Step 260: the first user device 30A assembles together in its local data memory a package of data to be communicated from the first user device 30A via the data communication system 10 to the second user device 30B, wherein the package of data
- 19 includes the corpus 310 of data, an identification of the selected one or more keys K, an identification of the portions 310 of the corpus 310 of data to which the one or more keys K are to be applied, and optionally an order in which the keys are to be applied;
Step 270 the first user device 30A outputs the package of data via its one or more ports 40 to its hardware dongle 50 whilst providing parameters p of the element E of the key wallet to the hardware dongle 50, wherein the hardware dongle 50 correspondingly, according to the parameters p, shreds the portions 310 as they pass through the hardware dongle 50 such that the package of data with its selectively shredded one or more portions 310 of the corpus 300 of data is output to the nodes 20 of the data communication system 10; on account of header information and parameters fields of the partially shredded package of data complying with filters employed by e-mail servers at certain nodes 20 of the data communication system 10 that handle e-mail traffic therethrough, the package of data (for example, communicated as an attachment to an e-mail) and its associated e-mail are readily passed through the certain nodes 20 without being otherwise intercepted or blocked; the selectively shredded data package is eventually received from the data communication system 10 at the second user device 30B;
Step 280: the partially shredded data package is received at the hardware dongle 50 of the second user device 50 and stored temporarily in buffer data memory of the hardware dongle 50; the second user device 30B then interrogates the partially shredded data package to recover data indicative of the keys K to be used in de-shredding the data, and the one or more portions 310 of the partially shredded data package
- 20 that are to be de-shredded; the second user device 30B then uses the keys K to determine from the key wallet of the second user device 30B corresponding elements E and their parameters p to be used in de-shredding the partially shredded data package stored in the buffer data memory of the hardware dongle 50; and
Step 290: under control from the second user device 30B, the partially shredded data package stored in the data buffer memory is passed through the hardware dongle 50 that uses the parameters p provided from the second user device 30B to de-shred the one or more portions 310 of the partially shredded data package, such that the data package in deshredded form is provided to the one or more TCP ports 40 of the second user device 30B for processing within the second user device 30B; as a result of such de-shredding, any malware or software viruses infiltrating into the one or more portions 310 of the of the data package as it is communicated via the nodes 20 of the data communication system 10 become shredded and therefore impotent within the second user device 30B.
A similar approach to the steps 210 to 290 of the method 200 are employed when communicating from the second user device 30B to the first user device 30A. However, the second user device 30B is not constrained to employ the same keys K as employed by the first user device 30A when it communicates to the second user device 30B. Moreover, the second user device 30B can employ a degree of layering when shredding portions of data that is different in comparison to the employed by the first user device 30A. Such a re-configurability of the first and second user devices 30A, 30B and their respective hardware dongles 50 makes it harder for malicious third parties to understand operation of the hardware dongles 50 to try to circumvent protection
- 21 provided by the hardware dongles 50. Even if malware were to penetrate into the first and second user devices 30A, 30B, the malware would have to cope with the hardware dongles 50 being configure to shred data in a dormant state when the user devices 30A, 30B are not activity communicating data via their one or more TCP ports 40. When the user devices 30A, 30B dynamically temporally change shredding settings of their hardware dongles when in the dormant state, for example in a random manner (with regard to type of shredding and/or a time at which transition from one type of shredding to another occurs), it makes it even more difficult for the malware to communicate out sensitive information from local data memory of the user devices 30A, 30B. Moreover, in an unlikely event that the hardware dongles 30A, 30B become circumvented by malware:
(i) the user devices 30A, 30B can respond by employing more layers of shredding in the hardware dongle 50; and/or (ii) the user devices 30A, 30B can even request that the key wallet be uploaded with amended parameters p, associated with the elements E, for example the elements E are reordered in the key wallet relative to the keys K.
Instead, or in addition to the hardware dongle 50 being coupled to one or more TCP/IP ports 40 of their corresponding user device 30, when several such user devices 30 are routed via a local router to one or more nodes 20 of the data communication system 10, for example via a local wireless router, the local router is optionally also equipped with a hardware dongle 50 is equivalent hardware in its TCP/IP interface to the one or more nodes
20.
Optionally, more than two user devices 30, for example three user devices 30A, 30B, 30C, can be coupled in communication by using their respect hardware dongles 50. The user devices 30A, 30B, 30C optionally have different key wallets, wherein a part of the key wallets of the user devices 30A, 30B, 30C is identical with regarding to their
- 22 elements E and associated parameters, whereas another part of the key wallet is different for one of the user devices 30A, 30B, 30C. In such a configuration, for example, the user devices 30A, 30B can operate so that certain parts of the corpus 300 of data can be de-shreddable only by the user devices 30A, 30B and not the user device 30C, whereas other parts of the corpus 300 of data can be de-shreddable by all of the user devices 30A, 30B, 30C. Such a manner of operation can be utilized with more than three user devices, and shredding and de-shredding defined by related keys K used in a precision manner to determine which of the user devices 30 is able to de-shred data. For example, the data communication system 10 can be used to stream data content (for example, video, music, gaming content) to user devices, wherein a first portion (for example, a low quality video) of the corpus 300 of data communicated is freeware and can be de-shredded by all the user devices 30, whereas a second portion of the corpus 300 of data includes error correction to convert the freeware into high quality video (for example, Ultra High Definition (UHD) TV) and can only be utilized provided users of the user devices 30 have paid a subscription and received an appropriately comprehensive key wallet that enables deshredding of the second portion of the corpus 300 of data. When the data communication system 10 with its user devices 30 and their respective dongles 50 are used in an IP services business (for example via a Workzone platform), a key wallet is issued to users who subscribe to the IP services business. Patent, trademark and design documents that need to be kept confidential can be selectively shredded, whereas content made available to the public via public database (for example, via UKIPO IPSUM®, EPO patent register and WIPO Patentscope®) can be openly communicated without shredding being applied. Likewise, confidential customer advice can be shredded when communicated via the data communication system 10. By such an approach, e-mail communication via the Internet® operating to TCP/IP can be employed, without a risk of being blocked at e-mail servers, and yet achieve high degree of data
- 23 security. Similar considerations pertain when the data communication system 10 with its user devices 30 and their respective dongles 50 are used in video-conferencing services, wherein certain portions of a video conference can be selectively shredded (and thereby scrambled') to avoid malicious third-party eavesdropping.
The data communication system 10 can be used for enabling remotely controlled microsurgery via Internet® PCT/IP connection, wherein precision control of surgical instruments can be communicated in a shredded manner to resist malicious third party intervention; a surgeon can receive video of a medical operation being performed, and can remotely take control of robotic microsurgical equipment during the medical operation, wherein signals to control the robotic microsurgical equipment are sent securely in a selectively shredded format, for example as described in the foregoing, to prevent malicious third-party intervention frustrating execution of the medical operation; other data associated with the medical operation communicated via the data communication system 10 can remain shredded in a manner that is de-shreddable by one or more observers, for example one or more medical students undertaking training, by appropriate selection of the keys K as described in the foregoing.
Referring next to FIG. 4, when the corpus 300 of data is communicated in a data package, for example attachable to an e-mail, it is beneficially included in a data capsule 400 that is structured to make it convenient to decode at a given user device 30. The data capsule 400 can include a header 410, and a data load 420 that is at least partially shredded, for example as described in the foregoing. The header 410 includes identification of keys K to be used and portions of data to which they relate in the capsule. Optionally, the header 410 is not obfuscated or encrypted; alternatively, the header is encrypted and/or obfuscated wherein the encryption and/or obfuscation utilized is known to the devices
- 24 30A, 30B a priori (i.e. pre-loaded). Optionally, the header 410 only occurs at one location within the data capsule 400; alternatively, the header 420 is spread between multiple locations in the capsule 400.
It will be appreciated that embodiments of the present disclosure use digital hardware to provide an enhanced degree of data security that purely software-implemented encryption and firewalls are not able to provide; in a conventional software-implemented firewall, if an underlying system operating software layer is security compromised, the firewall can be circumvented by malware. Such circumvention is not possible when embodiments of the present disclosure are used.
Modifications to embodiments of the invention described in the foregoing are possible without departing from the scope of the invention as defined by the accompanying claims. Expressions such as including, comprising, incorporating, consisting of, have, is used to describe and claim the present invention are intended to be construed in a non-exclusive manner, namely allowing for items, components or elements not explicitly described also to be present. Reference to the singular is also to be construed to relate to the plural. Numerals included within parentheses in the accompanying claims are intended to assist understanding of the claims and should not be construed in any way to limit subject matter claimed by these claims.

Claims (19)

1. A data communication system (10) including a data communication network (15) including a plurality of nodes (20) that communicates data traffic therethrough, wherein the data traffic is sent and received by one or more user devices (30), characterized in that:
(I) at least one communication port (40) of a given user device (30) is provided with a hardware dongle (50) that interfaces between the given user device (30) and the data communication network (15);
(ii) the hardware dongle (50) includes control logic (100, 110) that receives instructions from the given user device (30), wherein the control logic (100, 110) controls an output path (80) from the at least one communication port (40) to the data communication network (15) and an input path (90) from the data communication network (15) to the at least one communication port (40), wherein the output path (80) performs selective data shredding of data sent from the given user device (30) and outputs selectively shredded data to the data communication network (15), and the input path (90) performs selective data de-shredding of data received from the data communication network (15) and outputs selectively de-shredded data to the given user device (30); and (iii) the control logic (100, 110) is controlled by parameters of one or more elements of a key wallet, wherein the elements are defined by one or more keys communicated via the data communication network (15), wherein the key wallet is communicated or uploaded to the given user device (30) a priori, wherein one or more portions of the data that are to be selectively shredded or de-shredded are defined by using one or more keys and reference information identifying the one or more portions of the data, wherein the one or more keys and
- 26 reference information identifying the one or more portions of the data are communicated via the data communication network (15).
2. A data communication system (10) of claim 1, characterized in that the selective data shredding includes at least one of:
(i) swapping nibbles of bytes of data;
(ii) swapping selected bits of bytes of data;
(iii) negating selected bits of bytes of data; and (iv) swapping groups of bytes of data in their sequence passing through the data paths.
3. A data communication system (10) of claim 2, characterized in that negating selected bits of bytes of data includes negating a least significant and a most significant bit of a given byte.
4. A data communication system (10) of claim 3, characterized in that negating selected bits of bytes of data includes negating entire bytes.
5. A data communication system (10) of claim 2, 3 or 4, characterized in that swapping groups of bytes of data includes swapping an order that pairs of bytes are communicated through the data paths (80, 90).
6. A data communication system (10) of claim 2, 3, 4 or 5, characterized in that the selective data shredding is multi-layered.
7. A data communication system (10) of any one of the preceding claims, characterized in that the selective data de-shredding includes at least one of:
(a) swapping back nibbles of bytes of data;
(b) swapping back selected bits of bytes of data;
(c) negating back selected bits of bytes of data; and (d) swapping back groups of bytes in their sequence passing through the data paths (80, 90).
8. A data communication system (10) of claim 7, characterized in that negating back selected bit includes negating a least significant and a most significant bit of a byte.
9. A data communication system (10) of claim 8, characterized in that negating back selected bit includes negating entire bytes.
10. A data communication system (10) of claim 7, 8 or 9, characterized in that swapping back groups of bytes includes swapping back an order that pairs of bytes are communicated through the data paths (80, 90).
11. A data communication system (10) of claim 7, 8, 9 or 10, characterized in that the selective data de-shredding is multi-layered.
12. A data communication system (10) of any one of the preceding claims, characterized in that the digital logic (100, 110) are implemented using at least one of: contemporary logic gate devices, FPGA's, ASIC's, micro-coded RISC processors.
13. A data communication system (10) of any one of the preceding claims, characterized in that the hardware dongle (50) is implemented as a USB or TCP/IP port dongle.
14. A data communication system (10) of any one of the preceding claims, characterized in that the hardware dongle (50) includes a wireless interface for communicating wirelessly to a wireless hub coupled to the data communication network (15).
15. A data communication system (10) of any one of the preceding claims, characterized in that the data communication system (10) includes at least first, second and third user devices (30A, 30B, 30C) provided with first, second and third key wallets (KW1, KW2, KW3) respectively, wherein the first key wallet (KW1) includes elements of the second and third key wallets (KW2, KW3), and one element of the second key wallet (KW2) is different to elements of the third key wallet (KW3), so that the first user device is capable of selective sending shredded data for de-shredding at the second user device (30B) that cannot be de-shredded at the third user device (30C).
16. A data communication system (10) of any one of the preceding claims, characterized in that the data communication system (10) dynamically changes shredding and de-shredding configurations of the hardware dongle (50) in idle periods when data is not intended to be communicated via the hardware dongle (50), to frustrate data leakage arising from any malware present on the user device (30).
17. A data communication system (10) of claim 16, characterized in that the shredding and de-shredding configurations of the hardware dongle (50) are changed in a temporally random manner.
18. A method of operating a data communication system (10) including a data communication network (15) including a plurality of nodes (20) that communicates data traffic therethrough, wherein the data traffic is sent and received by one or more user devices (30), characterized in that the method includes:
(I) providing at least one communication port (40) of a given user device (30) with a hardware dongle (50) that interfaces between the given user device (30) and the data communication network (15);
(ii) arranging for the hardware dongle (50) to include control logic (100, 110) that receives instructions from the given user device (30),
- 29 wherein the control logic (100, 110) controls an output path (80) from the at least one communication port (40) to the data communication network (15) and an input path (90) from the data communication network (15) to the at least one communication port (40), wherein the output path (80) performs selective data shredding of data sent from the given user device (30) and outputs selectively shredded data to the data communication network (15), and the input path (90) performs selective data de-shredding of data received from the data communication network (15) and outputs selectively de-shredded data to the given user device (30); and (iii) controlling the control logic (100, 110) by parameters of one or more elements of a key wallet, wherein the elements are defined by one or more keys communicated via the data communication network (15), wherein the key wallet is communicated or uploaded to the given user device (30) a priori, wherein one or more portions of the data that are to be selectively shredded or de-shredded are defined by using one or more keys and reference information identifying the one or more portions of the data, wherein the one or more keys and reference information identifying the one or more portions of the data are communicated via the data communication network (15).
19. A software product recorded on machine-readable data storage media, characterized in that the software product is executable upon computing hardware for executing a method as claimed in claim 18.
GB1808707.2A 2018-05-29 2018-05-29 Data communication system and method Withdrawn GB2574203A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
GB1808707.2A GB2574203A (en) 2018-05-29 2018-05-29 Data communication system and method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
GB1808707.2A GB2574203A (en) 2018-05-29 2018-05-29 Data communication system and method

Publications (2)

Publication Number Publication Date
GB201808707D0 GB201808707D0 (en) 2018-07-11
GB2574203A true GB2574203A (en) 2019-12-04

Family

ID=62812210

Family Applications (1)

Application Number Title Priority Date Filing Date
GB1808707.2A Withdrawn GB2574203A (en) 2018-05-29 2018-05-29 Data communication system and method

Country Status (1)

Country Link
GB (1) GB2574203A (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110258333A1 (en) * 2010-04-16 2011-10-20 Oracle America, Inc. Cloud connector key
US20150222607A1 (en) * 2014-02-03 2015-08-06 Nxp B.V. Portable security device, method for securing a data exchange and computer program product

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110258333A1 (en) * 2010-04-16 2011-10-20 Oracle America, Inc. Cloud connector key
US20150222607A1 (en) * 2014-02-03 2015-08-06 Nxp B.V. Portable security device, method for securing a data exchange and computer program product

Also Published As

Publication number Publication date
GB201808707D0 (en) 2018-07-11

Similar Documents

Publication Publication Date Title
US9935772B1 (en) Methods and systems for operating secure digital management aware applications
Yuan et al. Privacy-preserving deep packet inspection in outsourced middleboxes
KR100969241B1 (en) Method and system for managing data on a network
Iqbal et al. Security issues in software defined networking (SDN): risks, challenges and potential solutions
EP2104892B1 (en) Secure archive
EP3035585B1 (en) S-box selection in white-box cryptographic implementation
CN111404676B (en) Method and device for generating, storing and transmitting secret key and ciphertext
Blasco et al. A framework for avoiding steganography usage over HTTP
Junghanns et al. Engineering of secure multi-cloud storage
GB2574203A (en) Data communication system and method
Aghili Improving security using blow fish algorithm on deduplication cloud storage
Mammeri Cryptography: Algorithms, Protocols, and Standards for Computer Security
Pfluegel et al. A secure channel using social messaging for distributed low-entropy steganography
Jaikaran Encryption: Frequently asked questions
Rawdhan et al. Enhancement of Email Security Services
Mbae et al. Secure Cloud Based Approach for Mobile Devices User Data
Kirdat et al. Data leakage detection and file monitoring in cloud computing
Ali et al. Blockchain-Based Secure File Storage with Hybrid Cryptography and Machine Learning for Malware Detection
US11301577B2 (en) System and method for protecting information from unauthorized access
Vydarený Ransomware Attacks and Defense Against Them
Kronqvist et al. Adopting encryption to protect Confidential data in Public Clouds: a review of solutions, implementation, challenges and alternatives
Haas Ransomware goes mobile: An analysis of the threats posed by emerging methods
KR100842014B1 (en) Accessing protected data on network storage from multiple devices
Арустамов et al. Профессиональный иностранный язык для специалистов в области компьютерной безопасности: учебное пособие
Kumari et al. ENHANCED SECURITY OF NETWORK SYSTEM USING IP FILTER & CRYPTOGRAPHY

Legal Events

Date Code Title Description
WAP Application withdrawn, taken to be withdrawn or refused ** after publication under section 16(1)