System and methods for providing security to an endpoint device and for combating electromagnetic pulse (EMP) attacks
원문보기
IPC분류정보
국가/구분
United States(US) Patent
등록
국제특허분류(IPC7판)
G06F-021/00
G06F-021/50
G06F-021/86
H04L-029/06
G06F-021/71
G06F-021/42
G06F-021/78
출원번호
US-0913259
(2018-03-06)
등록번호
US-10216924
(2019-02-26)
발명자
/ 주소
Vargas, Anthony Joseph
출원인 / 주소
SECURITY TOGETHER CORPORATION
대리인 / 주소
Inventive Law Inc.
인용정보
피인용 횟수 :
0인용 특허 :
5
초록▼
In various example embodiments disclosed herein, physical architectures, systems, processes and methods for security are described that, at their core are adaptive and changing at determined intervals so as to present a different attack surface. In one aspect is described improvements in the improve
In various example embodiments disclosed herein, physical architectures, systems, processes and methods for security are described that, at their core are adaptive and changing at determined intervals so as to present a different attack surface. In one aspect is described improvements in the improved security architecture, system and methods based upon multiple processors, operating systems, communication channels and batteries, Power Distribution Units, and Faraday cages (Faraday shielding), which can combat electromagnetic pulse (EMP) attacks.
대표청구항▼
1. A method of providing security to a device, the device including one or more input processing units within an input system built into the device, one or more control processing modules within a control system built into the device, one or more execution processing modules within an execution syst
1. A method of providing security to a device, the device including one or more input processing units within an input system built into the device, one or more control processing modules within a control system built into the device, one or more execution processing modules within an execution system built into the device, and a multi-channel internal communication bus built into the device, whereby at least one of the input processing units, at least one of the control processing modules, and at least one of the execution processing modules are coupled for data and control transmissions therebetween, and wherein the device is adapted to communicate with an external communications network and receive a plurality of external messages over a period of time at the one or more input processing units, the method comprising: configuring the one or more input processing units to each present a different attack surface at different intervals within the period of time to the received plurality of external messages from the external communications network, each different attack surface corresponding to a different processor executing a different instruction set and a different operating system;executing solely within the one or more execution processing modules a corresponding one of a plurality of applications; andusing a Faraday Cage to protect the device from electromagnetic pulse (EMP) events or attacks. 2. The method of claim 1 wherein an external power source powers a Power Distribution Unit (PDU) that in turn, charges or powers a battery, which then powers hardware processing modules in the device. 3. The method of claim 2 wherein the PDU being internal to the Faraday Cage. 4. The method of claim 2 wherein the PDU being external to the Faraday Cage. 5. The method of claim 2 wherein the battery being internal to the Faraday Cage. 6. The method of claim 2 wherein the battery being external to the Faraday Cage. 7. The method of claim 1 wherein each different attack surface is presented at different intervals by configuring the one or more input processing units within the input system, each which have different hardware therein. 8. The method of claim 1 wherein each different attack surface is presented at different intervals by configuring the one or more control processing modules within the control system, each which have different hardware therein. 9. The method of claim 1 wherein each different attack surface is presented at different intervals by configuring the one or more execution processing modules within the execution system, each which have different hardware therein. 10. The method of claim 1 wherein each different attack surface is presented at different intervals by configuring one or more user processing modules within a user system, each which have different hardware therein. 11. The apparatus of claim 1 wherein each different attack surface is presented at different intervals by configuring one or more control processing modules within the control system, each which have different hardware therein. 12. An apparatus configured to provide for security from an external attack brought over an external communication network or a user input during a period of time, whereby the apparatus also receives a plurality of external messages over the period of time, the apparatus comprising: one or more input processing units within an input system, built into the apparatus, receiving the plurality of external messages over the period of time at the one or more input processing units within the input system, each of the one or more input processing units within the input system being executable by a different processor and the different processor executing a different operating system that are each different from each other, and wherein the one or more input processing units within the input system validate each of the plurality of external messages and invalidate the external attack;a control processor within a control system, built into the apparatus, to configure the one or more input processing units within the input system to each present a different attack surface at different intervals within the period of time to the received plurality of external messages from the external communications network, and thereby to the external attack, each different attack surface corresponding to a different processor executing a different instruction set and a different operating system, wherein the control processor within the control system includes one or more processors and operating systems that are each different from the one or more input processing units within the input system, and wherein the control processor within the control system is not directly connected to the external communication network;an execution processor within an execution system, built into the apparatus, that includes one or more execution processing modules and one or more processors that execute one or more applications;a multi-channel internal communication bus, built into the apparatus, for connecting the input processor within the input system, the control processor within the control system, and the execution processor within the execution system for data and control transmissions therebetween; anda Faraday Cage to protect the apparatus from electromagnetic pulse (EMP) events or attacks. 13. The apparatus of claim 12 including an external power source to power a Power Distribution Unit (PDU) that in turn, charges or powers a battery, which then powers hardware processing modules in the apparatus. 14. The apparatus of claim 13 wherein the PDU being internal to the Faraday Cage. 15. The apparatus of claim 13 wherein the PDU being external to the Faraday Cage. 16. The apparatus of claim 13 wherein the battery being internal to the Faraday Cage. 17. The apparatus of claim 13 wherein the battery being external to the Faraday Cage. 18. The apparatus of claim 12 wherein each different attack surface is presented at different intervals by configuring one or more input processing modules units within the input system, each which have different hardware therein. 19. The apparatus of claim 12 wherein each different attack surface is presented at different intervals by configuring the one or more execution processing modules within the execution system, each which have different hardware therein. 20. The apparatus of claim 12 wherein each different attack surface is presented at different intervals by configuring one or more user processing modules within a user system, each which have different hardware therein.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (5)
Wyatt, David; Stenseth, David J., Automatic generation of custom driver packages.
Banaska John ; Howarth David J. ; Minneman Michael P. ; Spinks Bob ; Bhaskar K.S., Integrated modular measurement system having configurable firmware architecture and modular mechanical parts.
Ginter Karl L. ; Shear Victor H. ; Sibert W. Olin ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.