Slashdot Mirror

← Back to Stories (view on slashdot.org)

U.S. Navy Patents the Firewall?

Posted by ryuzaki0 on from the i'd-have-gone-after-antivirus dept.

Krishna Dagli writes to mention a post by Bruce Schneier on his site indicating that the U.S. Navy may be patenting the Firewall. Whether or not it is their intention to do so is unclear. From the patent description: "In a communication system having a plurality of networks, a method of achieving network separation between first and second networks is described. First and second networks with respective first and second degrees of trust are defined, the first degree of trust being higher than the second degree of trust. Communication between the first and second networks is enabled via a network interface system having a protocol stack, the protocol stack implemented by the network interface system in an application layer."

13 of 206 comments (clear)

  1. Ya ha! by Suspended_Reality · · Score: 5, Funny

    I was going to make a "first post", but I think I read the Army is patenting that. Part of their Military Initiative to kill first, ask questions later.

  2. I think I have prior art in my D-link by Trigun · · Score: 5, Insightful

    And my cisco, and my netopia, and my netgear.

  3. The Military Gets Patents? by Greyfox · · Score: 4, Interesting
    I would think that they don't really have a business purpose to do so since they don't sell a product and if anyone tried to sue the military over a patent the Government would just sieze the patent as being "vital to national security" or some such (I seem to recall that they can do that.)

    Maybe it's a sad attempt to prove that they're on the cutting edge of technology by patenting some newfangled idea that the rest of us have been using for years? I guess they probably have some catching up to do since EDS has been "working" on their IT infrastructure for years (That's why their stock price fell by half and never recovered don't you know? Well that and lying about the revenues that were coming in from it...)

    --

    I'm trying to teach myself to set people on fire with my mind... Is it hot in here?

  4. Government patents? by DoofusOfDeath · · Score: 5, Insightful

    Instinctively, I hate the notion of the government patenting anything. It might be because it seems ridiculous that anything the taxpayers paid for should be made unavailable to them. But... I can't find anything in the constitution that makes this abhorent practice illegal or unjustified. My reaction seems motivated by civic virtue rather than a legal basis.

    Does anyone know of a solid legal reason that the government shouldn't be able to obtain patents?

  5. Kabooom! by 955301 · · Score: 4, Funny

    I can't wait to see how they deliver the cease and desist orders.

    --
    You are checking your backups, aren't you?
  6. Errr... by sarlos · · Score: 4, Insightful
    I may be thinking of something else, but it sounds more like a method of keeping secure information on the secure network, not allowing it to leak to the unsecure network, while still allowing data to cross from the unsecure side to the secure side... From their description, it's based on a pump architecture:
    [0026] Referring to FIG. 1, there is shown in one embodiment of the present invention a high-level schematic of a communication network system 100 having a first communication network 102 having a first level of security or level of trust "x", and a second communication network 104 having a second level of security "y", where y
    --
    Government's view of the economy: If it moves, tax it. If it keeps moving,regulate it. If it stops moving, subsidize it.
    1. Re:Errr... by Grant,thompson · · Score: 4, Informative

      It really is a method to allow information to flow between secure and insecure networks without creating security leaks (as you mentioned). Here is an article published by some of the inventors: http://chacs.nrl.navy.mil/publications/CHACS/1998/ 1998kang-IEEE.pdf Also remember, this was filed for in 2003.

  7. Might not be a bad thing? by Kadin2048 · · Score: 4, Interesting

    Actually most of the time, the government does not seize patents. Not that they don't have the ability to, or that perhaps they don't just go ahead and infringe on them sometimes, but the military spends a lot of money buying stuff from contractors/vendors every year, because the vendor has a patent on stuff. If we were in the middle of World War III, the situation might be slightly different.

    So if someone in the Navy really did have a novel idea, it's not hard to imagine that they might want to get it patented, just as a defensive measure.

    My big question is: if the government patents something, wouldn't the invention automatically be in the public domain, provided that it wasn't classified? Normally all products produced by government employees in the course of their jobs are in the public domain, so I would think that a patent held by the Navy would be impossible to use aggressively.

    In that situation -- assuming that's true, and the Navy can't collect royalties -- then having the Navy (or other government agencies) patent stuff might be a very good idea. For the small taxpayer expense that it takes to file and maintain the patent, the country might be saved millions of dollars a year of royalties and litigation costs.

    --
    "Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
  8. US Navy Stock Price Up by Van+Cutter+Romney · · Score: 4, Funny

    USNVY - 23.40 +1.40

    --
    Help a man when he is in trouble and he will remember you when he is in trouble again.
  9. It's all in the claims (broad vs. specific) by Andy+Dodd · · Score: 4, Informative

    From what I've read of the actual patent so far, it appears that it is a very specific implementation of a specific type of firewall.

    See claim 3 for example - What they are describing implies a machine with two dedicated processors with shared memory, one for each network. Note that for what they are describing, a typical SMP or dual core system does NOT count - It seems that they are effectively describing two seperate machines in one box that can communicate via shared memory.

    Also other claims imply that the patented system will be talking to each network at the application level, so it's more of a special form of proxy server rather than a firewall.

    I don't have time right now to read further details, but keep in mind that even specific patents can appear much broader than they are in the abstract. For example, one can't patent the wheel or a tire, but when patenting a tire with a specific tread pattern, it might appear in the abstract that the applicant is trying to patent the tire in general even when they're not.

    --
    retrorocket.o not found, launch anyway?
  10. Warning! by jbeaupre · · Score: 5, Insightful

    To all of you shooting from the hip: STOP! You're just making a fool of yourself.
    Read the claims. Read them in light of the description of the patent. And learn patent terminology. Then you can make some general statements. And if it's only a publication (like this navy one), not a patent, don't even bother with that.
    If you must draw a conclusion, and you're sure this is about a firewall, then at least go the step to know they are claiming a type of firewall. Which is perfectly legit (as long as it contains a new, non-obvious element). If you think otherwise, go learn about patents, come back, and then we'll talk.

    PS:plurality is a very common patent term. It means more than one (duh!). Not even worth making a comment about, but someone felt compelled to jabber about it.

    --
    The world is made by those who show up for the job.
  11. Re:I was... by C-Shalom · · Score: 4, Informative

    The government has patented numerous things.
    The link below is just one of those things.
    NSA PCMCIA Card Connector
    Here is a page about how the NSA specifically creates and licenses these technologies and invention to the public.

    Your tax dollars at work, helping to generate more revenue with those tax dollars.

  12. Proxy firewalls by booch · · Score: 5, Informative

    The patent does not apply to packet filter firewalls (the majority of all firewalls, including the ones you listed) because it says the packets traverse the application layer. The market for application layer (proxy) firewalls is actually pretty narrow. The main contender (SideWinder) recently bought out the 2 main competitors (Gauntlet and CyberGuard). Whether it would apply to hybrid firewalls (packet filters that do deep inspection, like Checkpoint and Netscreen) is less clear.

    --
    Software sucks. Open Source sucks less.