Slashdot Mirror

← Back to Stories (view on slashdot.org)

U.S. Navy Patents the Firewall?

Posted by ryuzaki0 on from the i'd-have-gone-after-antivirus dept.

Krishna Dagli writes to mention a post by Bruce Schneier on his site indicating that the U.S. Navy may be patenting the Firewall. Whether or not it is their intention to do so is unclear. From the patent description: "In a communication system having a plurality of networks, a method of achieving network separation between first and second networks is described. First and second networks with respective first and second degrees of trust are defined, the first degree of trust being higher than the second degree of trust. Communication between the first and second networks is enabled via a network interface system having a protocol stack, the protocol stack implemented by the network interface system in an application layer."

42 of 206 comments (clear)

  1. Ya ha! by Suspended_Reality · · Score: 5, Funny

    I was going to make a "first post", but I think I read the Army is patenting that. Part of their Military Initiative to kill first, ask questions later.

    1. Re:Ya ha! by hey! · · Score: 2

      Part of their Military Initiative to kill first, ask questions later.

      It's all about bits on the ground.

      --
      Post may contain irony: discontinue use if experiencing mood swings, nausea or elevated blood pressure.
    2. Re:Ya ha! by Dhar · · Score: 2

      kill first, ask questions later.

      Wouldn't it be "post first, RTFA later"?

      -g.

  2. I think I have prior art in my D-link by Trigun · · Score: 5, Insightful

    And my cisco, and my netopia, and my netgear.

  3. The Military Gets Patents? by Greyfox · · Score: 4, Interesting
    I would think that they don't really have a business purpose to do so since they don't sell a product and if anyone tried to sue the military over a patent the Government would just sieze the patent as being "vital to national security" or some such (I seem to recall that they can do that.)

    Maybe it's a sad attempt to prove that they're on the cutting edge of technology by patenting some newfangled idea that the rest of us have been using for years? I guess they probably have some catching up to do since EDS has been "working" on their IT infrastructure for years (That's why their stock price fell by half and never recovered don't you know? Well that and lying about the revenues that were coming in from it...)

    --

    I'm trying to teach myself to set people on fire with my mind... Is it hot in here?

    1. Re:The Military Gets Patents? by DoofusOfDeath · · Score: 2, Informative

      I asked a Navy guy about this. He gave two reasons that Navy researchers are encouraged to get patents:
      1) To ensure that no one else can patent the same idea, and then charge the Navy for using it. Personally, I don't buy this, because the Navy could just establish a prior art database for these ideas to achieve the same effect.

      2) Being able to license the technology to non-Navy industries. I.e., medical applications. This justification at least seems, albeit distasteful.

    2. Re:The Military Gets Patents? by Andy+Dodd · · Score: 2, Interesting

      It's a lot easier to establish prior art by pointing to a patent than in a self-maintained database. A self-maintained database of prior art that will actually hold up in court (proof of claimed dates, etc) is extremely difficult and it's actually easier to just patent something. Then you can just point to the date on your patent and no one can dispute that prior art (at least when trying to sink a patent with a later date), because those dates are maintained by a trusted and (technically) unbiased source - the USPTO.

      Otherwise, you must go to extensive measures to prove that prior art document X was published on date Y.

      --
      retrorocket.o not found, launch anyway?
  4. Ah HA! by Mayhem178 · · Score: 3, Funny

    My Sorceress on Diablo II has prior art. She can lay down Firewalls like it's no one's business!

    Wait, what's this about networks?

    --

    "You will pay for your lack of vision..." - Emperor Palpatine to Ray Charles

  5. Like it or not... by mrjb · · Score: 3, Interesting

    The US government might actually be entitled to many internet patents, as all or most of the technology behind the (early) internet was financed with U.S. tax payer money. Which, in a democratic country, should (but not necessarily does) mean that those patents are in the public domain.

    --
    Visit http://ringbreak.dnd.utwente.nl/~mrjb/growingbettersoftware to download your free copy of the book
  6. I may be wrong, but by michaelvkim · · Score: 2, Interesting

    isn't the US Government not allowed to have any IP rights?

    IP = Intellectual Property

  7. Government patents? by DoofusOfDeath · · Score: 5, Insightful

    Instinctively, I hate the notion of the government patenting anything. It might be because it seems ridiculous that anything the taxpayers paid for should be made unavailable to them. But... I can't find anything in the constitution that makes this abhorent practice illegal or unjustified. My reaction seems motivated by civic virtue rather than a legal basis.

    Does anyone know of a solid legal reason that the government shouldn't be able to obtain patents?

    1. Re:Government patents? by zeoslap · · Score: 2, Insightful

      Just because you patent something doesn't mean that it becomes unavailable; it just prevents someone else from patenting it. So as long as the government allows free use of its inventions there really isn't a problem with this at all.

    2. Re:Government patents? by Anonymous Coward · · Score: 2, Funny

      Considering everything the US government does is taxpayer funded.

      Surely not everything? For example, I thought that most of the work of writing new laws was paid for privately by corporations and lobby groups. :P

    3. Re:Government patents? by ch-chuck · · Score: 2, Informative

      I can't find anything in the constitution that makes this abhorent practice illegal or unjustified.

      Here it is, in Article I, section 8:

      "Congress shall have power . . . To promote the progress of science and useful arts, by securing for limited times to authors and inventors the exclusive right to their respective writings and discoveries."

      --
      try { do() || do_not(); } catch (JediException err) { yoda(err); }
  8. Kabooom! by 955301 · · Score: 4, Funny

    I can't wait to see how they deliver the cease and desist orders.

    --
    You are checking your backups, aren't you?
  9. Re:Time to patent my own idea by Trigun · · Score: 2, Funny

    I'm going to patent old jokes. Just so I don't have to read that every time a patent story comes up on Slashdot.

  10. Errr... by sarlos · · Score: 4, Insightful
    I may be thinking of something else, but it sounds more like a method of keeping secure information on the secure network, not allowing it to leak to the unsecure network, while still allowing data to cross from the unsecure side to the secure side... From their description, it's based on a pump architecture:
    [0026] Referring to FIG. 1, there is shown in one embodiment of the present invention a high-level schematic of a communication network system 100 having a first communication network 102 having a first level of security or level of trust "x", and a second communication network 104 having a second level of security "y", where y
    --
    Government's view of the economy: If it moves, tax it. If it keeps moving,regulate it. If it stops moving, subsidize it.
    1. Re:Errr... by Grant,thompson · · Score: 4, Informative

      It really is a method to allow information to flow between secure and insecure networks without creating security leaks (as you mentioned). Here is an article published by some of the inventors: http://chacs.nrl.navy.mil/publications/CHACS/1998/ 1998kang-IEEE.pdf Also remember, this was filed for in 2003.

    2. Re:Errr... by simong_oz · · Score: 2, Informative

      This is in the DESCRIPTION of the patent. What they are actually (trying) to patent (this is a patent application, not a granted patent) is detailed in the CLAIMS. These are what you need to read, carefully, and probably with advice from a patent attorney.

      Once a patent application has been published (usually at 12/18 months after filing), it then gets passed on to the patent office in each country to be examined. It is entirely possible that a patent has got to this stage without anyone "official" actually doing any kind of search for proior art or examination of the claims. There may have been an international search report, but this still doesn't mean that much.

      --
      "Because it's there." - George Mallory, when asked why he wanted to climb Mt Everest, March 18, 1923 (New York Times)
  11. Might not be a bad thing? by Kadin2048 · · Score: 4, Interesting

    Actually most of the time, the government does not seize patents. Not that they don't have the ability to, or that perhaps they don't just go ahead and infringe on them sometimes, but the military spends a lot of money buying stuff from contractors/vendors every year, because the vendor has a patent on stuff. If we were in the middle of World War III, the situation might be slightly different.

    So if someone in the Navy really did have a novel idea, it's not hard to imagine that they might want to get it patented, just as a defensive measure.

    My big question is: if the government patents something, wouldn't the invention automatically be in the public domain, provided that it wasn't classified? Normally all products produced by government employees in the course of their jobs are in the public domain, so I would think that a patent held by the Navy would be impossible to use aggressively.

    In that situation -- assuming that's true, and the Navy can't collect royalties -- then having the Navy (or other government agencies) patent stuff might be a very good idea. For the small taxpayer expense that it takes to file and maintain the patent, the country might be saved millions of dollars a year of royalties and litigation costs.

    --
    "Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
    1. Re:Might not be a bad thing? by tinkerghost · · Score: 2, Informative

      It's cheaper to make a declaritory statement saying "This is public domain, this is how to do it, and this is why it works. Have a nice day, thank you."
      The end result is it's public domain. Patented it costs 3-5 grand vs a PDF on a website.

    2. Re:Might not be a bad thing? by LWATCDR · · Score: 2, Insightful

      Cheaper maybe but the Navy probably uses staff lawyers for the patent filing so the cost would be tiny. The truth is a patent does provide you better legal protection than any PDF on a website ever could.
      I would vote for cheap insurance.

      --
      See my blog http://ilovecookes.blogspot.com/ for light hearted technical information.
    3. Re:Might not be a bad thing? by superid · · Score: 3, Informative

      The Navy doesn't collect royalties, they collect license fees. Go here to browse some patents. If you license one of mine, I get a percentage of the fee :)

  12. In other news... by digitaldc · · Score: 2, Funny

    ...ZoneAlarm patents sonar & stealth marine technology

    --
    He who knows best knows how little he knows. - Thomas Jefferson
  13. It's really "multilevel security" by hmbcarol · · Score: 3, Interesting

    The Holy Grail when I worked with military networks (admittedly 10 years ago) was "multilevel security" which could enable a "top secret" and "secret" network to coexist and share data in a very controlled way. Information can go up, but never down. The hard part is how do you receive mail or do other things which require a two-way protocol? We built boxes which could sit in the middle and could pass messages. This appears to be a more advanced version of that.

  14. The future of warfare by StreamCipher · · Score: 3, Funny

    intellectual property lawyers will fight wars in courtrooms.

    Countries possessing patents of mass destruction (PMD) will be sanctioned first, and later sued by the Air Force.

    If other countries think we kick ass now, wait until they meet our legions of lawyers.

  15. US Navy Stock Price Up by Van+Cutter+Romney · · Score: 4, Funny

    USNVY - 23.40 +1.40

    --
    Help a man when he is in trouble and he will remember you when he is in trouble again.
  16. Might stop patent trolling by buzdale · · Score: 2, Insightful

    By patenting the firewall the Navy may stop those companies that seem to patent things solely to send you extortion notes for licensing. Typically the federal gov't can't/doesn't license them. Since they are taxpayer funded they seem to be "Ours." Actually there are a lot of patents that I wish they had. Anyone know for sure if this will essentially place the firewall patent in the public domain?

  17. It's all in the claims (broad vs. specific) by Andy+Dodd · · Score: 4, Informative

    From what I've read of the actual patent so far, it appears that it is a very specific implementation of a specific type of firewall.

    See claim 3 for example - What they are describing implies a machine with two dedicated processors with shared memory, one for each network. Note that for what they are describing, a typical SMP or dual core system does NOT count - It seems that they are effectively describing two seperate machines in one box that can communicate via shared memory.

    Also other claims imply that the patented system will be talking to each network at the application level, so it's more of a special form of proxy server rather than a firewall.

    I don't have time right now to read further details, but keep in mind that even specific patents can appear much broader than they are in the abstract. For example, one can't patent the wheel or a tire, but when patenting a tire with a specific tread pattern, it might appear in the abstract that the applicant is trying to patent the tire in general even when they're not.

    --
    retrorocket.o not found, launch anyway?
  18. jesus harold christ. by hamburger+lady · · Score: 2, Informative

    i love it. "the navy patents the firewall!!!one!". and they include a link to a Patent Application.

    here's a tip: an application aint a patent.

    --

    ---
    Is this the MPAA? Is this the RIAA? Is this the DMCA? I thought it was the USA!
    1. Re:jesus harold christ. by hamburger+lady · · Score: 2, Insightful

      no you aren't. that's just plain goofy. patent protection only begins when a patent is granted.

      --

      ---
      Is this the MPAA? Is this the RIAA? Is this the DMCA? I thought it was the USA!
  19. Warning! by jbeaupre · · Score: 5, Insightful

    To all of you shooting from the hip: STOP! You're just making a fool of yourself.
    Read the claims. Read them in light of the description of the patent. And learn patent terminology. Then you can make some general statements. And if it's only a publication (like this navy one), not a patent, don't even bother with that.
    If you must draw a conclusion, and you're sure this is about a firewall, then at least go the step to know they are claiming a type of firewall. Which is perfectly legit (as long as it contains a new, non-obvious element). If you think otherwise, go learn about patents, come back, and then we'll talk.

    PS:plurality is a very common patent term. It means more than one (duh!). Not even worth making a comment about, but someone felt compelled to jabber about it.

    --
    The world is made by those who show up for the job.
  20. Does Marcus J. Ranum know about this by rs232 · · Score: 2, Informative

    Marcus J. Ranum .. is recognized as the inventor of the proxy firewall, and the implementor of the first commercial firewall product.

    --
    davecb5620@gmail.com
  21. Two possible justifications by DoofusOfDeath · · Score: 2, Insightful

    I can only several reasons that the government patenting something might be fair:

    1) If a non-American entity (person, company, etc.) wants to use the technology, then it would basically be the American people selling the right to use the patented technology to non-Americans. In that way, Americans, who funded the research, win.

    2) In some sense, something that benefits the Navy does benefit Americans in general. When the Navy licenses a patented technology to a private company, this (hopefully) causes some money to move from that private entity to a public one (the U.S. govt.) That basically co-funds something that all taxpayers were having to chip in on the payment of (that is, the cost of government / national defense).

    3) Suppose that even if a technology has been made available for free, no one can afford to commercialize it if more than one company will be doing the commercialization. This might happen, for example, if the market is very small. For example, if there are just two competitors and 10 companies that might build the device, then each of those 10 companies facies great risk. So granting an exclusive license to use the patented technology could be the only way to get even one company to build the device in that situation.

    1. Re:Two possible justifications by forrestt · · Score: 2, Interesting

      The main reason government entities patent technology is not so they can then profit from them, but rather to give credit to the people that worked to develop that technology. Since civil servants and military personnel are not allowed to profit from inventions they create while working for the government, the patent must be owned by the organization they work for (in this case the US Navy). This prevents the civil servants/military personnel from profiting off the technology, but gives them the credit, something they can use for promotion or future job searches. To some degree this also applies to government contractors.

  22. Re:I was... by C-Shalom · · Score: 4, Informative

    The government has patented numerous things.
    The link below is just one of those things.
    NSA PCMCIA Card Connector
    Here is a page about how the NSA specifically creates and licenses these technologies and invention to the public.

    Your tax dollars at work, helping to generate more revenue with those tax dollars.

  23. Proxy firewalls by booch · · Score: 5, Informative

    The patent does not apply to packet filter firewalls (the majority of all firewalls, including the ones you listed) because it says the packets traverse the application layer. The market for application layer (proxy) firewalls is actually pretty narrow. The main contender (SideWinder) recently bought out the 2 main competitors (Gauntlet and CyberGuard). Whether it would apply to hybrid firewalls (packet filters that do deep inspection, like Checkpoint and Netscreen) is less clear.

    --
    Software sucks. Open Source sucks less.
    1. Re:Proxy firewalls by ThePhilips · · Score: 2, Informative
      Application layer proxies in the firewall world refer to intelligent proxies that do protocol inspection.

      I do not want to go into the depth, but any protocol recognition/etc is already intellegent. And after some time spent in industry, you would have known that there is no such thing as "intelegent proxies". It's all PR myth. What they really do is look at TCP/UDP port numbers. Nothing more. And there is nothing else you can actually do.

      Simple example some time ago used to crash experimental demo of such system. First line of TCP stream looks like "GET / HTTP/1.0". What protocol could that be? The answer isn't trivial as many might have thought. It might be (1) HTTP protocol, (2) FTP data connection receiving text file containing HTTP dump, (3) It might be Skype probing for transparent HTTP(S) proxies and so on. There is no way you can analyze it intelegently. All the methods have holes.

      In my case it was even more problematic. Telcos/celcos wanted to use that for quality of service and charging. E.g. if you connect to www.o2.com - it's free, if you go to www.t-online.com - you pay $XX. But they are still not reached the magic number of 85% of properly classified traffic. Not yet. As soon as you find out that you have such equipment installed, simple countermeasures like proxying and encryption will get you off the hook.

      P.S. Biggest problem with such analyzers, that they cannot look into encrypted protocols. Even BitTorrent started encrypting traffic to avoid dumb packet matching.

      P.P.S. Another interesting situation arises from dropped TCP connections. Was it legit connection? Or was it not? Has anybody received anything or not? Many intelegent accounting systems can be bypassed by tuning OS to *not* to close cleanly TCP connections. Not good situation too. If you are not on receiving end - no way you would know what was happening.

      --
      All hope abandon ye who enter here.
  24. Government patents are usually made public domain by ohearn · · Score: 3, Interesting

    As a project lead for the Army at an installation that does a lot of R&D, when we patent something 1 of 3 things happen to it. 1) We grant rights to the patent to someone in industry to produce the produce on a large scale for us. 2) (more common) We just transfer the patent to the company that will produce the product for the military. Personally I think #1 is a better option, but #2 happens a lot. 3) The patent becomes public domain, and the military never has to worry about being sued over licensing issues from someone else developing the technology.

  25. It's a firewall - THRU SHARED MEMORY by JetScootr · · Score: 3, Interesting

    Read claim 3: "The method of claim 2, wherein the configuring includes implementing the network interface system with distinct sets of first and second processors, the first and second processors having a shared memory."
    This puts the firewall smack into the hardware, not on the extension cord going out of the building. This is a firewall between computers that are in the same cabinet, not on the same internet. It also provides for loadleveling in Claim 6:
    "...via an interprocessor communication channel; ...configuring the interprocessor communication channel to communicate moving averages ...and configuring the network interface system to prevent the shared memory from overflowing ...by controlling the ... network interface system. "
    Further claims in the patent app show that the data is not transferred by just any program, but by an API on the firewall CPU and the boxen on either side of the firewall. This looks like some seriously secure stuff here.
    Also, your normal firewall allows inside ("your" computer) to talk outside (the internet) freely, but prevents outside from getting in. This patent app specifies that the outside can talk freely to the inside, but the inside can't just blab to the world. This keeps the worms in the can. It also randomizes time signatures so that form of black box analysis won't tell you anything.

    --
    Pavlov wouldn't be so famous if he'd used a can opener instead of a bell.
  26. Re:The Military Gets Patents? Why distasteful? by SillyNickName4me · · Score: 2, Insightful

    Then why not allow government departments that invest their time and effort to have the privilege of patents and subsequent liscenses as well?

    Patents exist to promote novel and usefull inventions. The method behind this is granting exclusive rights for a limited amount of time to the inventor so (s)he can compensate for investment and make a buck from the invention.

    The granting of exclusive rights is how society 'pays' the inventor for his efford and investment.

    In the case of a government department however society already payed the inventor for both. The investment comes from tax money, and so does the salary of the inventor.

    There is no reason for society to pay twice for the same thing.

    Do you beleive that all companies should just be able to take a government department's work in a particular field and use it without having to pay for it?

    As long as they pay taxes they already payed for it.

  27. No one's said it yet? by QuantumFTL · · Score: 2, Funny

    Now that's what I call a Submarine Patent!

    *ducks*