CA1275506C - Data transmission security arrangement for a plurality of data stations sharing access to a communication network - Google Patents

Data transmission security arrangement for a plurality of data stations sharing access to a communication network

Info

Publication number
CA1275506C
CA1275506C CA000525614A CA525614A CA1275506C CA 1275506 C CA1275506 C CA 1275506C CA 000525614 A CA000525614 A CA 000525614A CA 525614 A CA525614 A CA 525614A CA 1275506 C CA1275506 C CA 1275506C
Authority
CA
Canada
Prior art keywords
data
data transmission
data terminal
devices
group
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Lifetime
Application number
CA000525614A
Other languages
French (fr)
Inventor
Richard Alan Windhausen
John Michael Nichols
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
AT&T Corp
Original Assignee
American Telephone and Telegraph Co Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by American Telephone and Telegraph Co Inc filed Critical American Telephone and Telegraph Co Inc
Application granted granted Critical
Publication of CA1275506C publication Critical patent/CA1275506C/en
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/02Details
    • H04L12/22Arrangements for preventing the taking of data from a data transmission channel without authorisation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/40Bus networks
    • H04L12/40006Architecture of a communication node
    • H04L12/40032Details regarding a bus interface enhancer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/40Bus networks
    • H04L12/407Bus networks with decentralised control
    • H04L12/413Bus networks with decentralised control with random access, e.g. carrier-sense multiple-access with collision detection (CSMA-CD)

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Communication Control (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Small-Scale Networks (AREA)

Abstract

DATA TRANSMISSION SECURITY ARRANGEMENT
FOR A PLURALITY OF DATA STATIONS
SHARING ACCESS TO A COMMUNICATION NETWORK

Abstract An arrangement for securing data transmissions to and from one data device from among a plurality of data devices sharing a common interface is disclosed.
In a data communication network, a master communication bus connects to a plurality of data transmitting and receiving devices via a single interface. The disclosed arrangement provides circuitry in the common interface which generates a jamming signal to all devices connected to the interface except for that one device which is either transmitting or receiving a data-transmission. The jamming signal inhibits all the connected devices from monitoring and detecting the data transmission processes of the interface. The one transmitting and receiving device is enabled to either transmit or receive data during the generation of the jamming signal which ensures a secure data transmission and prevents "eavesdropping" by the other devices. The jamming signal is removed at the conclusion of the data transmission to or from the one device.

Description

~.~755~

DATA TRANSMISSION SECURITY ARRANGEMENT
FOR A PLURALITY OE' DATA STATIONS
SHARING ACCESS TO A COMM[lNICATION NET~ORK

Technical Field -This invention relates to data communication networks and, in particular, to a security arrangement for maintaining secure data transmissions between a plurality of data transmitting and receiving devices sharing common ~ransmission and reception facilities.
Background of the Invention Data communication networks for exchanging data transmissions between two or more data transmitting and receiving devices were popularized with the advent of electronic computers and the development of digital signal processing techniques~ A typical data communication network arrangement interconnects a plurality of data transmitting and receiving devices to a data network via associated interfaces. The data communication network typically comprises a 2Q bidirectional bus which provides the medium for data transmission among the data transmitting and receiving devices. It is known to use packet-type data transmissions for the above~described communication network. The devices connected to the bus may comprise a variety of data transmitting and receiving equipmen~
such as large scale computers, personal computers, intelligent and non-intelligent terminals or digital station sets. Each device connects to the network via an interface. The interface processes incoming and outgoing packet data transmissions to and from the devices. The processing operations include such processes as determining the origin and destination of the data packet, controlling access to and from the bus, and formatting and unformatting the data packets.
Typically, a device, such as a terminal, is connected to a single interface which performs the processing operations associated with the receip-t and transmission S of data. ~lowever, an arrangement that utilizes a single interface for an associated data transmitting and receiving device is costly and inefficient. Therefore, arrangements were developed that utilize a single interface to perform processing operations for a plurality of associated data transmitting and receiving devices.
A shared interface arrangement is typically found in small business offices where economies are important. For example, a number of non-intelligent terminals located at each employee"; desk are connected through a single interface to a bi-directional data packet bus. The bus is connected to a host computer via an associated interface. This arrangement provides all the employees having a terminal to access the host computer via the single interface. Therefore, all data transmissions to and from each terminal are processed by the single interface. The shared processing operations allow any of the terminal users to intercept any incoming or outgoing data transmissions merely by monitoring the current processing operations of the interface t and detecting the receipt or transmission of data.
Although a shared interface provides economies, an overwhelming disadvantage of the shared 3n interface arrangement is that any data transmission, either received or transmitted, may be intercepted by any of the plurality of devices connected to the interface. Any device user may "eavesdrop"-on a data transmission despite the fact that the user's device is not the originating device or destination device of the data transmission. The above-described arrangement, therefore, precludes the transmission and receipt of data having a proprietary nature to and from the network since each device is incapable of receiving or transmitting a secure data transmission. The problem is that heretofore, no arrangement exists which provides for secure data transmissions to and from a single data device where the single device shares a common interface to a network with a plurality of other data devices.
Summary of the Invention The problem is solved in accordance with this invention which discloses an arrangement for securing data transmissions to and from one data device from among a plurality of data devices sharing a common interface. The disclosed arrangement provides circuitry in the common interface which generates a jamming signal to all devices connected to the interface except for that one device which is either transmitting or receiving a data transmission. The jamming signal inhibits all the connected devices from monitoring and detecting the data transmission processes of the interface. The one transmitting or receiving device is enabled to either transmit or receive data during the generation of the jamming signal. The jamming signal ensures a secure data transmission and prevents "eavesdropping" by the other devicesO The jamming signal is removed at the conclusion of the data transmission to or from the one device.
The disclosed arrangement is utilized where a plurality o~ data transmitting and receiving devices share a single interface to a master communication bus The interface comprises a data processor for processing incoming and outgoing data transmissions, a selective routing and transmission controller for generating a jamming signal and a transmit/receive regulator associated with each device for discriminately inhibiting or enabling, as appropriate, a data transmission to or from associated data devices. Assume for this portion of the description that an incoming 55~

data transmission from the network to one of the plurality of devices occurs. The data processor of the interface, in response to the receipt of the incoming data packet, generates a ready to transmit (RTT) signal indicative of the receipt of a data transmission and applies the RTT signal to the selective routing and transmission controller. The data processor, concurrently, determines the destination of the data packet and generates routing data indicative of the specified destination device. The data processor applies the routing data to the selective routing and transmission controller. The selective routing and transmission control~er, in response to the RTT signal, generates and applies a jamming signal to all transmit/receive regulators having associated devices.
Concurrently, the selective routing and transmission controller, in response to the receipt of the routing data, generates and applies a secure data signal to the all transmit/receive regulators associated with the non-destination devices. The secure data signal enables the jamming signal to extend through those regulators to all data devices. The application of the jamming signal inhibits any device from accessing the interface to detect the presence of a data transmission. The absence of a secure data signal at the transmit/receive regulator associated with the destination device negates the application of the jamming signal to the transmit/receive regulator. The absence of the secure data signal enables the transmit/receive regulator of the associated specified destination device to receive an unencumbered data transmission, and apply this data transmission to the destination devire. In the above described manner, incoming data transmissions from the network to a destination device are secured so as to prevent "eavesdropping" by the remaining devices of the interface.

;7Sr Assume now for the next portion of this description that a device generates an outgoing data transmission to the network. The ~enerated data transmission is applied to the originating device's associated transmit/receive regulator. In the outgoing transmission direction, the transmit/receive regulator, in response to the detected data transmission, generates an activity signal indica-ting that the associated device is actively transmitting data. The activity signal identifies that device as the device actively transmitting outgoing data from among the group of devices. The activity signal in the outgoing data transmission direction provides the same function as the absent secure data signal in the incoming data transmission direction. In particular, the transmit/receive regulator associated with the originating device applies the outgoing data and the activity signal to the selective routing and transmission controller. The selective routing and transmission controller, in response to the receipt of the activity signal, generates a jamming signal. The selective routing and transmission controller applies the jamming signal to all transmit/receive regulators having associated devices in much the same manner previously described with respect to the RTT signal associated with incoming data. The presence of the activity signal at the transmit/receive regulator associated with the originating device negates the application of the jamming signal to the originating device, and allows the outgoing data transmission to ~e applied through the interface unencumbered. The processor, in response to the received outgoing data, processes the data transmission. However, the absence of the activity signal at the transmit/receive regulators associated with the non-originating devices inhibit the non-originating devices from monitoring for data transmissions. The transmit/receive regulators of ~75.50$

the associated non-originating devices extend the jamming signal to all non-originating devices. In the above described manner, outgoing data transmissions are secured so as to prevent "eavesdropping" by the non-originating devices.
Following the conclusion of the data transmission, either outgoing or incoming, the selective routing and transmission controller removes the jamming signal from all the devices.
The disclosed circuitry for maintaining secure transmissions among a plurality of devices sharing a common interface is economically advantageous and requires a minimum amount of hardware. The inclusion of the disclosed circuitry maintains the economy of utilizing a common interface, and still allows for the transmission and receipt of proprietary data.
In accordance with one aspect of the invention there is provided in a data communication network interconnecting a plurality of data terminal devices via corresponding interface devices where a group of said data terminal devices share a single interface device, a data security arrangement in said single interface device for providing privacy of data transmissions comprising: means for detecting the origination of a data transmission for one of said group of data terminal devices; means responsive to a detected data transmission origination for identifying the destination one of said group of data terminal devices associated with said data transmission origination; means responsive to said identifying means for transmitting said data transmission only via an individual, non-broadcast link to said destination data terminal device; and means responsive to said identifying means for transmitting a spurious data transmission, coexistent with said data transmission, via individual, non-broadcast links to all of said group of data terminal devices save said destination data terminal device.
In accordance with another aspect of the invention there is provided in a data communication network interconnecting a plurality of data terminal devices via , .

~ss~
6a corresponding interface devices where a group of said data terminal devices share a single interface device, a data security transmission method for providing privacy of data transmissions comprising the steps of: detecting the origination of a data transmission for one of said group of data terminal devices; identifyin~ the destination one of said group of data terminal devices associated with said data transmission origination; transmitting said data transmission via an individual, non-broadcast link only to said destination data terminal device; and transmitting a spurious data transmission, coexistent with said data transmission, via individual, non-broadcast links to all of said group of data terminal devices save said destination data terminal device.
Brief Desc_ ption o~ the Drawinqs The invention may be better understood by a reading of the following detailed description of one possible exemplary embodiment thereof taken in conjunction with the accompanying drawings wherein:
FIG. 1 illustrates a typical data communication network;
- FIG. 2 illustrates the details of an interface which connects a plurality of data transmitting and receiving devices to the communication network as shown on FIG. 1;
FIG. 3 illustrates further details of the interface of FIG. 2; and FIG. 4 illustrates further details of the interface of FIG. 2.
Detailed Description FIG. 1 illustrates a typical architectural structure of a data communication network. The network comprises a bidirectional master communication bus 100, a plurality of transmitting and receiving (T/R) devices 110-0 through llO-n, 111-0 through lll-n, 112-0 through 112-n, 113-0 through 113-n and 114-0 through 114-n, and a plurality of interfaces 104-0 through 104-n. Assume for the remainder of this description that the data network serves to exchange data packets of information among the plurality of transmitting and receiving devices. Data packet transmission is known to the art and therefore, no further details are provided.
Each data pack~t includes control information which controls the data transmission, data information which comprises the actual data message, and address information which identifies the origin and destination of the data packet. The entire data packet is typically applied to and from the interface of a destination transmitting or receiving device ox an origination transmitting or receiving device over a common bidirectional bus which extends from the master communication bus to the interface. However, for ease of description, each type of information has an associated bidirectional bus such that control data is applied over control buses 101-0 through 101-n, message data is applied over data buses 102-0 through 102-n, and address data is applied over 103-0 through 103-n. The control, data and address buses interconnect master communication bus 100 to interfaces 104-0 through 104-n.
2S Interfaces 104-0 through 104-n process incoming and outgoing data packets. The processes include formatting and unformatting data packets, determining the originating and destination transmitting and receiving devices, routing data packets to and from the originating and destination transrnitting and receiving devices~ extending data message to and from the originating and destination transmitting and receiving devices and controlling access to and from master communication bus 100. The details of the illustrated interfaces of FIG. 1 are discussed subsequently.

~5S~

Each interface 104-0 through 104-n performs common processing operations for a plurality of associated connected transmitting and receiving devices.
Transmitting and Receiving (T/R) 110-0 through llO-n, 111-0 through lll-n, 112-0 through 112-n, 113-0 through 113-n and 114-0 through 114-n are connected to associated interfaces 104-0 through 104-n over bidirectional pat`ns 105-0 through 105-n, 106-0 through 106-n, 107-1 through 107-n, 108-0 through 108-n and 109-0 throuyh 109-n, respectively. Data transmissions are received from and transmitted to interfaces 104-0 through 104-n over these bidirectional paths. The transmitting and receiving ~T/R) devices of FIG. 1 may be any type data generating devices such as personal computers (PCs), intelligent or non-intelligent terminals, host computers or digital station sets. For ease of description, the transmitting and receiving (T/R) devices of FIG. 1 are referred to as T/R devices. The data communication network of FIG. 1 serves to exchange data between one or more of the T/R devices via an associated interface.
FIG. 2 illustrates the details of one interace such as interface 104-0 of FIG. 1.
Interface 104-0 processes incoming and outgoing data transmissions for a plurality of associated T/R
dPvices 110-0 through llO-n as received from or transmitted to master communication bus 100.
Interface 104-0 comprises data processor 200, parallel to serial and serial to parallel data converters 221 and 222, respectively, data packet buffer 201, selective routing and transmission controller 203, transmit/receive regulators 204 0 through 204-n and line transceivers 205-0 through 205-n. Data processor 200 scans master communication bus 100 for data packets over buses 101-0, 102-0 and 103-0, controls access to and from master communication bus 100 over buses 101-0, 102-0 and 103-0, formats and unfoxmats outgoing and ~;~'7S5()~
g incoming data packets of information, identifies the origin and destination of the outgoing and inconin~ data transmissions, and determines the start of and termination of incoming and outgoing data transmissions.
Processor 200 connects to data packet buffer 201 over bidirectional path 212. Buffer 201 stores a pluxality of data packets to await data processing by processor 200 prior to accessing master communication bus 100. Buffer 201 also stores a plurality incoming data packets to await data processing by processor 200 prior to extending transmission to the destination T/R
device. The process of accessing the network and exchanging data between two T/R devices is not described since this process comprises no part of the disclosed invention is well known to the art.
Processor 200 connects to selective routing and transmission controller 203 over paths 206, 207 and 213 and, indirectly, over paths 210 and 211 via converters 221 and 222, respectively. Converter 221 connects to processor 200 over path 208 and performs parallel to serial data conversion on incoming data transmissions; and converter 222 cvnnects to processor 200 over path 209 and performs serial to parallel data conversion on outgoing data transmissions.
Converters of the above~described type are known to the art and are, therefore, not described in further detail.
Converters 221 and 222 connect over paths 210 and 211 to controller 203.
Controller 203 and regulators 204~0 through 204-n comprise the disclosed subject invention for providing secure data trans~ission to and from a singlP
T/R device where a plurality of T/R devices are served by a common interface. The disclosed controller 203 and regulators 204-0 through 204 n prevent the non-transmitting and non-receiving T/R devices 110-Q through llO-n from "eavesdropping" on a data transmission.
Controller 203 identifies the originating or the s~s()/~

des~ination T/R device 110-0 through llO-n associated with the data transmission, detects the start and the termination o~ a data transmission to and from associated T/R devices 110-0 through llO-n, detects actively transmitting T/R devices 110-0 through llO-n, generates and applies a secure data signal to the all non-transmitting and non-receiving T/R devices 110-0 through llO-n and generates and applies a control signal to all T/R devices 110-0 through llO-n. The combination of the secure data signal and control signal ensures the proprietary transmission of information to the transmitting or receiving T/R device and prevents the non-transmitting and non-receiving devices from "eavesdropping" on the incoming or outgoing data transmission. The details of controller 203 and the generated signals are described subsequently.
Controller 203 connects over paths 206, 214-0 through 214-n, 215-0 through 215~n, 216-0 throu~h 216-n, 217-0 through 217-n to transMit/receive regulators 204-0 through 204-n where each transmit/receive regulator is associated with a T/R device. Transmit/receive regulators 204-0 through 204-n comprise the logic to regulate the transmission of data to and from the associated T/R devices 110-0 through llO-n.
Regulators 20~-0 through 204-n inhibit the non-originating or non-receiving T/R devices from detecting a data transmission, and the regulator associated with the originating or receiving T/R device enables the T/R
device to transmit or receive a data transmission~
Further details of transmit/receive regulators 204-0 thrDugh 204-n are discussed subsequently.
Each transmit/receive regulator 204-0 through 204-n connects to an associated line transceiver 205-0 through 205-n over paths 218~0 through 218-n and 219-0 through 219-n, respectively. Line transceivers 205-0 through 205-n serve to drive inco~ing and outgoing data along the appropriate data transmission path to either ~;~755~

an associated destination station or to the associated regulator. Line transceivers are known to the art and therefore, no further detail is provided.
The above description identifies each element of the interface and describes, in general, the purpose of each element within the interface. The following description describes the functions and operations of the elements with respect to an incoming data transmission from the data communication network illustrated on FIG. 1.
Assume that a data packet of information is applied to interface 104-0 over control 101-0, data 102-0 and address 103-0 buses from master communication bus 100. Assume, also, that the destination of the data packet is T/R device 110-0 which connects to interface 104-0 over path 105-0. Assume, further, that no other data transmissions are currently occurring. In response to the receipt of the data packet of information, processor 200 concurrently generates the following information to controller 203 following the unformatting of the data packet of information. Processor 200 applies a ready to transmit (RTT) signal to controller 2D3 over path 206. The RTT
signal indicates that a data transmission i5 received and is being i~mediately transmitted to one of the T/~
devices. Processor 200 applies the incoming data over path 208 to converter 221 which converts the parallel data to a serial data stream. Converter 221 applies the serial data over path 210 to controller 203.
Processor Z00 applies routing data which identifies the destination T/R device, 110-0, to controller 203 over path 213. Controller 203 responds to the concurrent receipt of the RTT signal on path 206, data on path 210 and destination information on path 213 to generate, concurrently, the following signals~ The circuit details of controller 203 are discussed subsequently.

~ J55~)~

Controller 203 extends the RTT signal over path 206 to each -transmit/receive regulator 204-0 through 204~n. Controller 203, in response to the received routing data identifyinq the destination T/R
device, 110-0, generates and applies a secure data signal to regulators 204-1 through 204-n having associated T/R devices 110-1 through llO-n over path 217-1 through 217-n. These regulators are associated with the non-destination T/R devices 110-1 through llO-n. Regulators 204-1 through 204-n having associated T/R devices 110-1 through llO-n receive a secure data signal since T/~ devices 110-1 through lln-n are not the destination T/R devices. Controller 203 also generates a regulator control signal in response to the receipt of the RTT signal. Controller 203 applies the regulator control signal to regulators 204-0 through 204-n over paths 214-0 through 214-nO Controller 203 extends the incoming data transmission to regulators 204-0 through 204-n over paths 216-0 through 216-n. Regulators 204-1 through 204-n receive an RTT
signal on path 206, a regulator control signal on paths 214-1 through 214-n, data on paths 216-1 through 216-n and a secure data signal on paths 217-1 through 217-n. The combination of the receipt of these identified signals inhibits the application of the data received on paths 216-1 through 216~n to line transceivers 205-1 through 205-n. ~owever, the regulator is enabled to apply the regulator control signal on paths 214-1 through 214-n to transceivers 205-1 through 205-n over paths 218-1 through 218-n. Transceivers 205-1 through 205-n apply the regulator control signal to devices 110-1 through llO-n over paths 105-1 through 105-n. The regulator control signal jams each T/R device 110-1 through llO-n, and prevents T/R devices 110-1 throu~h llO-n fro~
intercepting the incoming data transmission. This prevents the non-destination stations from ~75c~

"eavesdropping" on the transmission.
Alternately, regulator 204-0 receives an RTT
signal on path 206, a regulator control signal on path 214-0, data on path 216-0 and no secure data signal on oath 217-0. The absence of a secure data signal negates the application of the absve-described regulator control signal to line transceiver 205-0 and therefore, the associated T/R device, llO-0, is not jammedO The combination of these identified signals with the absence 1~ of the secure data signal inhibits the application of the regulator control signal on path 214-0 and enables regulator 204-0 to extend the data received on path 216-0 over path 218-0 to line transceiver 205-0.
In response to the received data on path 218-0, line transceiver 205-0 drives the incoming data over path 105-0 to the destination T/R device, llO-0.
In the above-described manner, only the identified destination T/R device receives the incoming data transmission. All non-destination T/R devices receive a regulator control signal which jams the direct transmission path of the T/R devices so that no monitoring can occur during the receipt of a data transmission. This prevents the non-destination T/R
devices from "eavesdropping" on the data transmission.
Incoming data transmissions to one of the T/R devices served by a common interface remain secure since only the destination T/R device receives the data, and all remaining T/R devices receive a control signal to jam the non-destination devices.
Controller 203 removes the regulator control signal on paths 214-0 through 214-n and the secure data signal on paths 217-l through 217-n when the RT'r signal ceases. The cessation of the RTT signal indicates that the data transmission is terminated. Additionally, no 35 data is presently present on paths 216-0 through 216-n.
Following the removal of the regulator control signal, the secure data signal, the RTT signal and the lack of ~75SO{~

data, regula-tors 204-1 through 20~-n are enabled to receive an incoming data transmission from the network.
In response to the removal of the RTT signal on path 206, regulator control signal on path 214-0 and lack of data on 216-0, regulator 204-0 is no longer secured since the data transmission has been completed to the identified destination station. Regulator 204-0 exists in the same enable status as regulators 204-1 through 204-n which has been previously described, The above discussion described the operation of interface 10~-0 with respect to the receipt of an incoming data transmission from the data communication network to a destination T/R device, 110-0, of interface 104-0. The following describes an outgoing data transmission as generated from one of the T/R
devices of interface 104-0. Assume that the T/R device originating the data transmission is T/R device 110-0.
Assume further that T/R devices 110-1 through llO-n are not presently transmitting. T/R device 110-0 applies data to line transceiver 205-0 over lead 105-0. Line transceiver 205-0 applies the outgoing data to regulator 204-0 over XMIT path 219 0~ Regulator 204-0 applies the outgoing data to controller 203 over path 216-0. Regulator 204-0, concurrently, in response to the received data transmission, generates an activity signal. The activity signal indicates that T/R
device 110-0 is currently transmitting data. The activity signal identifies device 110-0 as that T/R
device actively transmitting outgoing data from among the group of T/R devices 110-0 through 110-n. The activity signal in the outgoing data transmission direction provid2s the same function as the absent secure data signal in the incoming data transmission direction. In particular, regulator 204-0 applies an activity signal to selective routing and transmission controller 203 over path 215-0. The activity signal indicates that a T/R device i5 actively transmitting ~7S.S~

data. ~he initial presence of the activity signal also indicates the start of a data transmission. The activity signal as transmitted to controller 203 is similar to the RTT signal previously described.
Controller 203, in response to the receipt of the activity signal on path 215-0 and data on path 216-0, concurrently, executes the follo~ling operations -to secure the outgoing data transmission~
Controller 203, in response to the receipt of the activity signal on path 215-0, generates a regulator control signal and applies this signal to all regulators 204-0 through 204-n over paths 214-0 through 214-n. Regulators 204-1 through 204-n, respond to the regulator control signal in the following manner.
Regulators 204-1 through 204-n are associated with non-originating da-ta transmission T/R devices 110-1 through llO-n and since these devices are not actively transmitting, no activity signal is present in regulators 204-1 through 204-n. Regulators 204-1 through 204-n can, therefore, extend the regulator control signal on paths 214-1 through 214-n to T/R
devices 110-1 through llO-n to jam the T/R devices so as to prevent monitoring for data transmissions in the manner previously described. However, as previously described, an activity signal is presen in regulator 204-0. The activity identifies T/R
device 110-0 as the originating T/R device. The presence of an activity signal negates the application of the regulator control signal on path 214-0 such that ~/R device 110-0 is not jammed and the data tran~mission can be extended to the network. In particular, controll~r 203 extends the received generated data transmission on path 216-0 to converter 222 over path 211. Converter 222 converts the received serial data stream to a parallel data configuration, and applies the parallel data to processor 200 over path 209. Processor 200 processes the data, as 1.~755~)~

previously described. Controller 203, also, "echoes back" the received data transmission to the T/R device, 110~0, originating the transmission. This "echo back"
function is part of an error checking operation to confirm the accuracy of the data transmission. The error checking function comprises no part of the disclosed invention and therefore, no further detail is provided since such functions are well known to the art.
The echoed data, as well as the transmitted data are secured from the non-originating T/R devices 110-1 through 110-n. No jammed T/R device 110-1 through 110-0 can intercept the "echo back" data or "eavesdrop" on the data transmission. Therefore, T/R device 110-0 maintains a secure data transmission.
As previously described, during a data transmission all non-originating T/R devices are jammed, and only the originating T/R device may generate a clata transmission and receive "echo-back" data. The regulator control signal prevents the non-originating T/R devices from "eavesdropping" on the data transmission. In the above-described manner, the data transmission from a single T/R device remains secure from the remaining TfR devices.
The data transmission remains secure during the entire data transmission. When the data transmission is terminated, the activity signal ceases transmission to controller 203 over path 215 0.
Obviously, no data appears on data path 216-0.
Controller 203, in response to this cessation of the data transmission and the activity signal, applies an end of transmission (EOT) signal to processor 200 over path 207 to indicate that no further data is being transmitted. Concurrentlyt controller 203, in response to the cessation of data and the activity signal, removes the regulator control signal ~rom paths 21g~0 through 214-n. Regulators 204-0 through 204-n are now enabled to transmit and receive data transmissions from ~.~75~

associated T/R devices 110-0 thro~gh llO-n.
Assume, now, that more than one or multiple T/R devices of interface 104-0 are concurrently, transmitting data to master communication bus 100. As previously described, a transmit/receive regulator generates an activity signal whenever a T/R device is actively trans~itting data. Therefore, in response to multiple data transmissions from a number of T/R
devices, more than one activity signal is applied from regulators 204-0 through 204-n to controller 203 over paths 215-0 through 215-n. In response to the presence of more than one activity signal at one time, controller 203 generates a regulator control signal indicative o the multiple data transmission activity to regulators 204-0 through 204-n over paths 214-0 through 214-n. Data transmissions are no longer secure if more than one station is transmitting since, as previously described, specified signals serve to enable the regulators to pass through data. Therefore, each regulator having an associated originating device could intercept outgoing transmissions from other originating devices since all paths remain open because no originating T/R device is jammed. Regulators 204-0 through 204-n, in response to multiple transmission activity, extend the regulator control signal over paths 218-0 through 218-n via line transceivers 205-0 through 205-n to T/R devices llO-Q through 110-n over paths 105-0 through 105-n. All T/R devices 110~0 through llO-n are now jammed and prevented from transmitting data. The regulator control signal remains active until all activity ceases or a single activity signal is present as detected by controller 203~ In response to a single activity signal, a secure data transmission can take place in the manner described above. Therefore, only a single TjR device of an interface may transmit a secure data transmission at one time. Multiple data transmission attempts are blocked 5~)~

since secure data transmissions cannot occ~r. The details of this operation are discussed subsequently~
The above discussion describes at the block diagram level, how the shared interface serving a plurality of T/R devices can transmit and receive sec~re data transmissions. During the receipt or transmission of data to or from one of the T/R devices, the remaining T/R devices are prevented from "eavesdropping" on -the data transmission by receiving a regulator con~rol signal on their associated data transmission paths.
This regulator control signal jams the remaining T/R
devices and prevents these remaininq T/R devices from monitoring for data transmissions. The regulator control signal is removed from the data transmission path associated with each non-originating or non-destination T/R device when the data transmission is terminated. In the above-described manner, secure data transmissions occur. The following description describes the circuit details of controller 203 and regulator 20~-0, respectively.
FIG. 3 illustrates the circuit details of selective routing and transmission controller 203 of interface 104-0 of FIG. 2. Controller 203 comprises security registers 300-0 through 300-n, data merger 311, l/N security activity detector 305~ > l/N security activity detector 309, lfN EOT activity detector 304, and security jam signal generator 307O
The details of controller 203 are first discussed with respect to an incoming data packet for T/R device 110-0. No other data transmissions are presently occurring. Assume processor 200 has processed the data packet as previously described above with respect to an incoming data packet. In response to the receipt of the data packet, processor 200 generates and applies a RTT signal to controller 203 over path 206, applies the data from the received packet to controller 203 over path 210 and applies the identity of ~ ~7~s~)~

the destination, 110-0, as routing data to controller 203 over path 213. As previously described, the RTT signal on path 206 is extended to all regulators 204-0 through 204-n to indicate that a packet has been received and a data transmission is presently occurring to a destination T/R device, i.e. 110-0.
The routing data as applied over path 213 to controller 203, as previously described, includes information as to the identity of the destination T/R
device, i.e. 110-0. Each T/R device 110-0 through llO-n is associated with a security register 300-0 through 300-n, for example: T/R device 110-0 is associated with security register 300-0, T/R device 110-1 is associated with security register 300-1, T/R device llO-n is associated with security register 300-n and so forth.
The security registers may be 1ip-flops which change state in response to input signals applied to the registers. The routing data as shown comprises several paths to which appropriate routing data may be applied wherein each path is associated with a specified T/R
device. Routing data associated with the destination - T/R device 110-0 is applied to the associated destination security register 300-0 over th~ associated destination path 301-0. Since the incoming data is to extend through to destination T/R device 110-0, register 300-0 does not change state and an inactive signal, a low, is applied over 217-0. An inactive ~ignal indicates that the associated regulator 204-0 of the destination T/R device, 110-0, does not receive a secure data signal~ However, the security registers 300-1 through 300-n are not associated with the destination T/R device and, therefore, no data is extended to T/R devices 110-1 through llO-n. The routing data applied to non-destination paths 301-0 through 301-n to non-destination security registers 300-1 through 300-n activates the security registers. Security registers 301-0 through 301-n ~ .~7~V~

change states and an active, a high, secure data signal is generated over paths 217-1 through 217-n.
The RTT signal, as previously described, extends through controller 203. The RTT signal on 5 path 205 is additionally applied to detectors 305 and 309, respectively. Detector 305 is l/N detector which detects either no data transmission activity or the activity of at least one data transmission such as with the occurrence of an incoming data trar~smission from the 10 data communication network of FIG. 1. Detector 309 is a > l/N detector which detects when multiple data transmissions are, concurrently, occurring. Assume that only a single incoming data transmission is presently occurring, and that no station i9 presently attempting 15 to transmit data 50 that no activity signals are present. Under these conditions, the only active input to detectors 305 and 309 is the RTT signal on path 206.
Since detector 309 is only activated in response to multiple data transmission activity, the RTT signal does ~0 not activate detector 309. Detector 309 maintains a low output indicative of no multiple data transmission activity over path 310. The signal on path 310 comprises part of the regulator control signal which is applied to all regulators 204-0 through 204-n over paths 25 214-0 through 214-n. Detector 305, however, is activated in response to the RTT signal since that signal is the only active incoming signal to indicate a data transmission. In response to the RTT signal on path 206, detector 305 changes from a low to a high 30 state and applies a high signal to security jam signal generator 307 over path 306. Security jarn signal generator 307 is activated in response to the signal received on path 306.
Generator 307, in response to activation, 35 generates a jam signal . The jam signal may conform to IEEE specifications defining CSMA/CD standard signaling.
An example is specified by the IE~E 802.3 task force in 5~

IEEE, Draft C of October 1985 entitled Physical Signaling, Medium Attachment and saseband Medium Specifications, Type lBASE5. Generator 307 applies the jam signal over path 308 to regulators 204-0 through 204-n over regulator control paths 214-0 through 214-n.
The generated jam signal on paths 214-0 through 21~ n in combination with the secure data signal on paths 217-1 through 217-n enabl2s the application of the jamming signal to the non-destination T/~ devices 110-1 through 110-n via regulators 204-1 through 204-n, and allows a secure data transmission to T/R device 110-0 via regulator 204-0 to occur. In particular, the incoming data is applied to data merger 311 over path 210 where the data is enabled through AND gate 303. Data merger 311 extends the incoming data over common data transmission path 211. Since common data transmission path 211 exists, the incoming data is applied over data paths 216-0 through 216-n to regulators 204-0 through 204-n. As previously described, even though the received data is transmitted to all regulators, the combination of the secure data signal on paths 217-1 through 217-n and the jam signal on paths 214-1 through 214-n prevents the data from being applied to the non-destination T/R devices 110-1 through 110-n from associated regulators 204-1 through 204-n. The details of the regulators are discussed subsequently.
Assume, now, that a T/R device is transmitting data at the same time as an incoming data packet i5 received by processor 200. AS previously described, detector 309 detects multiple data transmission activity. Therefore~ in response to the detection of multiple data transmission activity as indicated by the reception of an RTT signal on path 206 and the reception of an activity signal from any one of the T/R devices 110-0 through 110-n which is transmitting data as received over paths 215-0 through 215~ de~ectors 305 and 309 are activated. In response to the detection of ~;~'7S5~$

multiple data transmission, activity activated detector 305 changes from a low to a high state since at least one data transmission exists and generates a high signal. Detector 305 applies the high signal to generator 307 over path 306. Generator 307 is activated in response to the high signal received on path 306 Jam signal generator 307 applies a jam signal over path 308 to regulator control paths 214-0 through 214-n.
Detector 309, in response to multiple activity detection indicated by the receipt of the RTT signal on path 206 and at least one activity signal on any path 215-0 through 215-n, generates a multiple activity detected (MAD~ signal, a high, onto path 310. Detector 309 applies the MAD signal on path 310 to regulators 204-0 throug~. '04-n over the regulator control paths 214-0 through 214-n. The combination oE the jam signal on path 308 and the MAD signal on path 310 as applied over regulator control paths 214-0 through 214-n prevents the transmission of any data to any T/R device. All T/R
devices remain jammed until all data transmission activity ceases or a single data transmission is present. The secure data signal is overridden by the combination of the jam and MAD signals when multiple transmission activity is detected.
The above discussion describes the operation of the elements of controller 203 when an incoming data transmission is received. The following describes the function of controller 203 with respect to an outgoing data transmission from a T/R device such as T/R
device 110-0. As previously described~ data generated from the transmitting T/R device 110-0 is received by controller 203 over data path 216-0 which additionally comprises XMIT path 302-0. The incoming data is applied to data merger 311 over XMIT data path 302-0. Data merger 311 applies the data through multi-input AND gate 303 of data merger 311. Data merger 311 appl i25 the transmitted data to processor 200 over data out 211. As ~7S.5~)~

previously discussed, the transmitted o~tgoing data is "echoed back" to determine the accuracy of th~ data transmission. Data merger 311 applies "echo-back" data over common data path 211 to all regulators 204-0 through 204-n over bidirectional data paths 216-0 through 216-n. The "echo-back" data requires security measures to ensure a proprietary data transmission.
In addition to transmitting data, the T/R
device, i.e. 110-0, as p~eviously described, generates an activity signal indicative of a present data transmission on path 215-0. The presence of an activity signal at regulator 204-0 allows throughput of the "echo-datal' to T/R device 110-0. In addition, regulator 204-0 applies the activity signal to detectors 305 and 309 on path 215-0~ Detectors 305 and 309 respond in the manner previously described with respect to the receipt of the RTT signal. Generator 307 generates and applies a jam signal over path 308 to regulator control paths 214-0 through 214-n. If more than one data transmission activity is detected concurrently, detectors 305 and 309 generat~ a ~am signal and a MAD signal, as previously described, and apply these signals over paths 308 and 310, respectively, in the same manner previously described.
The activity signal is additionally applied to l/N EOT activity detector 304 over path 215-0. EOT
detector 304 is inhibited in response to the application of the activity signal and, therefore, does not generate any signal. The absence of an EOT signal indicates that there is present data transmission activity. However when no activity signal i5 applied to detector 304 which indicates that there is no present data transmission activity, detector 304 generates and applies an EOT
signal to processor 200 over path 207. Processor 200 in response to the receipt of the EOT signal on path 207, detects the termination of a data transmission. In the above describ~d manner, controller 203 sec~res data ~5.~

transmissions between the T/R devices of the co~mon interface.
FIG. 4 illustrates the circuit details of regulator 204-0 which is connected to T/R device 110-0 via transceiver 205-0. Assu~e that a data transmission is received for T/R device 110-0 and the received data transmission is the only present on-going data transmission. Since T~R device 110-0 is presently inactive, no data signal is detected over XMIT
path 219-0 and therefore, a~tivity detector 407 remains inactive. Activity detector 407 responds to a change in voltage on XMIT 219-0 such that a signal on path 219 0 must exceed a specified threshold value in order for activity detector 407 to become active. In the present case, a low signal exists on path 219-0. A low signal is applied oYer path 219-0 to activity detector 4Q7 and AND gate 408. This low signal indicates no data transmission activity is occurring at the associated T/R
device 110-0. Detector 407 remains inactive and generates a low signal over path 215-0 to controller 203 and AND gate 408. In response to the low signals on paths 215-0 and ~19-0~ AND gate 408 applies a low over XMIT path 302-0 indicating a clear data transmission path. As previously described, the associated regulator 204-0 of the destination T/R device, i.e.
110-0, receives a low signal over path 217-0 which indicates that no secure data signal is present. The absence of a secure data signal indicates that the data transmission may extend through regulator 204-0 over data path 211. Additionally, since no multiple data transmission activity is detected because only a single data transmission exists, the MA~ signal on path 310 is low. As previously described, all regulators receive an active jam signal whenever a data transmission occur~
and therefore, the jam signal exists on path 308. Also, as previously indicated, the RTT signal is high which indicates a receipt of the data transmission. All the s~

above described signals are applied directly or indirectly to AND gates 402 through 406. The following table indicates the status, high or low, of the inputs to AND gates 40~ through 4060 High inputs denote an active signal and low inputs denote an inactive active signal. The data and jam signals are wave forms having oscillating transmission states and are denoted by the symbols D and J, respectively.

~75~

Receipt of Data Transmission >From Data Co~munication Network to Device 110-0 5 SIGNALS APPLIED~ TO GATE 402 GENERATED OUTPUT

Inverted MAD : 10 on path 413 Inverted RTT : 0 Activity : 0 DATA 211 : D

.

Inverted MAD : 1D on path 414 RTT : 1 DATA 211 : D
Inverted Secure Data: 1 _ JAM : J 0 on path 415 Inverted MAD : 1 Inverted RTT : 0 Inverted Activity 1 .

JAM : J 0 on path 416 Inverted MAD : 1 RTT : 1 5~V~i Secure Data : 0 SIGNAL5 APPLIED TO GATE 406 _ GENERATED OUTPUT

MAD : 0 0 on path 417 JAM J

~L~7~

The above described input signals enable regulators 204-0 and allow the received data transmission to extend through OR gate 401 to RECV data path 218-0. OR gate 401 applies t~e received data to line transceiver 205-0 over path 218-0. Transceiver 205-0 drives the received data to T/~ device 110-0 over path 105-0.
Assume, now~ that T/R device 110-0 is generating a data transmission to the data communication network illustrated in FIG. 1, and that no other data transmissions are presently occ~rring. T/R device 110-0 applies the generated data to transceiver 205-0 over path 105-0. Transceiver 205-0 drives the transmitted data to regulator 20~-0 over XMIT path 219-0. In response to the data transmission on path 219-0, activity detector 407 detects transmission activity and generates a high signal over activity path 215-0. rrhe data on XMIT path 302-0 is applied to AND gate 403. AND
gate 408 applies the transmitted data to controller 203 over path 216-0. As previously described, transmitted data from the transmitting T/R device 110-0 is "echoed back" by controller 203 to the originating T/R device 110-0 over data path 211. The signal on path 211 indicates the presence of data. The R~T signal is not active at this time since there is no incoming data transmission and therefore, processor 200 applies a low over path 206. ~dditionally, as previously described, no secure data signal is present and therefore, a low is applied over path 217-0. The secure data signal is treated as a "don't-care" signal under the above-described conditions and therefore, is denoted as an "X"on FIG. 2. Since only one T/R device is presently transmitting, the MAD signal applied over regulator control 21g-0 to path 310 is a low. However, as previously described, the jam signal on path 308 as applied over regulator control 214-0 is activeO rrhe above described signals are applied, directly or indirectly, to AND gates 402 through 406. The signals ~755()~

applied to the AND gates 402 through 406 and the generated output from AND gates 402 through ~0~ are shown on Table 2.

~ ~755(~

. .

Transmission of Data to Data Communication Network >From Device 110-0 Inverted MAD : 1D on path 413 Inverted RTT : 1 Activity : 1 DATA 211 : D

Inverted MAD : 10 on path 414 RTT o DATA 211 : D
Inverted Secure Data: X

15 SIGNALS APPLIED TO GATE 404GENERATED OUI'PUT

JAM : J 0 on path 415 Inverted MAD : 1 Inverted ~TT : 1 Inverted Activity : 0 J~M : J 0 on path 416 Inverted MAD : 1 RTT : 0 ~;~7~i5~

Secure Data : X

MAD : 0 0 ~n path 417 JAM : J

~;~'75S~6 In response to the combination of signals generated by AND gates 402 through 406, OR gate 401 is enabled and the "echo-back" data is not inhibited from extending through OR gate 401 over receive path 218-0 via line transceiver 205-0. Transceiver 205-0 drives the "echo-back" data to T/R d~vice 110-0.
Assume, now, that a data packet of information is received from the network and the destination T/R
device is other than T/R device 110-0. The following conditions exist for securing the data transmission from a non-destination T/X device 110-0. As previously described with respect to incoming data transmissions, an RTT signal is generated and a high signal is applied over path 206 to regulator 204-0. However, since lS regulator 204-0 is not associated with the destination station, a secure data signal is also applied to regulator 204-0 over path 217-0. The secure data signal when active is a high. As previously described, the jam signal is active. Since multiple data transmissions are not present, the MAD signal is inactive, i.e. low.
Table 3 indicates the status of each signal, i e.
active, or non-active as received by regulator 204-0.

~7~S~`~6 Receipt of Data Transmission >From Data Communication Network to One of a Plurality of 5Devices 110-1 Through 110-n Inverted MAD : 10 on path 413 Inverted RTT : O
Activity : 0 DATA 211 : D

-Inverted MAD ~ 10 on path 414 RTT : 1 - DATA 211 : D
Inverted Secure Data: 0 JAM : J 0 on path 415 Inverted MAD : 1 Inverted RTT : 0 Inverted Activity : 1 SIGNALS APPLIED TO GATE 405 _ GENERATED OUTPUT

JAM : J J on path 416 Inverted MAD : 1 3L~'7~ii.5()~;

RTT : 1 Secure Data : 1 MAD : 0 0 on path 417 JAM : J

5S~;

The signals combine toqe-ther to inhibit the transmission of data to the non-destination T/R device 110-0 and allow the jam signal to be applied through OR gate 401 over receive path 218~0. The jam signal is extended to station 110-0 over path 105-0. The secure data signal provides for the transmission of proprietary information to a single identified destination T/R device.
Table 4 indicates the status of the received signals as applied to T/R device 110-0 when T/R device 110-0 is not the T/R device originating a data transmission. The generation of each active signal under these conditions has been previously described.
These previously described signals are directly or indirectly applied to AND gates 402 through 406 which enable the jam signal to be applied through OR gate 401 to path 218-0. This prevents the "echo-back" data Erom being received by a non-destination T/R device.

s~;

Transmission of Data to Data Communication Network From One of a Plurality of Devices 110-1 through 110-n 5 SIGNALS APPLIED TO GATE 402 _ GENERATED OUTPUT

Inverted MAD : 10 on path 413 Inverted RTT : 1 Activity : 0 DATA 211 : D

10 SIGNALS APPLIED TO GATE 403 GENERA_ED O~TPUT

Inverted MAD : 10 on path 414 RTT
DATA 211 : D
Inverted Secure Data: X

JAM : J J on path 415 Inverted MAD : 1 Inverted RTT : 1 Inverted Activity : 1 JAM : J 0 on path 41 Inverted MAD : 1 RTT : 0 5S~)~

Sec~re Data : X

SIGNALS APPLIED TO GATE 406GENERATED OUTP~T

MA~ : 0 0 on path 417 JAr~ J

75~)6 A final case to consider is that case when multiple data transmissions are occurring simultaneously. The multiple data transmission activity activates the MAD signal and a high signal is applied over path 310 from regulator control path 214-0. This active high signal precludes the application of either "echo-back", transmitted or received data over path 218-0. under these conditions, each T/R device and, in particular, T/R device 110-0 receives a jam signal which remains in place until only a single data transmission or no data transmission is present. Table 5 indicates the state of each signal to produce a jam signal to all T/R devices when multiple data transmission activity is present.

~ 75~

Multiple Data Transrnission ~ctivity SIGNALS APPLIED TO GATE 402 _ _ GENERATED OUTPUT

Inverted MAD : 0 0 on path 413 I nv er ted RTT : X
Activity : X
DATA 211 : D

Inverted MAD : 00 on path 414 RTT : X
DATA 211 : D
Inver ted Secure Data: X

.

JAM : J0 on path 415 Inverted MAD : O
I nv er ted RTT . X
Inverted Activity : X

SIGNALS APPLIED TO GATE 405_GENERATED OUTPUT

JAM : J 0 on path 416 2 0 I nv er ted MAD : 0 RTT : X
Secure Data : X

~75~0~i -- ~o --MA~ : 1 J on path 417 JA-~ : J

~:75S~)~

In a data communication network wherein a plurality of T/R devices share a common interface, a selective routing and transmission controller and transmit/receive regulator serve to provide secure data transmissions to a transmitting and receiving one of the T/R devices from among a plurality of T/R devices.
During the transmission or receipt of a single data packet of information by an originating or a destination T/R device, all non-originating and non-destin~tion T/R
devices receive a jam signal. The jam signal prevents the non-originating and non-destination T/R devices from eavesdropping on the data transmission. If multiple data transmission activity is detected, then all T/R
devices receive a jam signal until such time as no further transmissions are present or a single data transmission is detected. In the above described manner, data transmissions of a proprietary nature can occur among T/R devices sharing the processing operations of a common interface~

Claims (30)

1. In a data communication network interconnecting a plurality of data terminal devices via corresponding interface devices where a group of said data terminal devices share a single interface device, a data security arrangement in said single interface device for providing privacy of data transmissions comprising:
means for detecting the origination of a data transmission for one of said group of data terminal devices;
means responsive to a detected data transmission origination for identifying the destination one of said group of data terminal devices associated with said data transmission origination;
means responsive to said identifying means for transmitting said data transmission only via an individual, non-broadcast link to said destination data terminal device;
and means responsive to said identifying means for transmitting a spurious data transmission, coexistent with said data transmission, via individual, non-broadcast links to all of said group of data terminal devices save said destination data terminal device.
2. The arrangement of claim 1 further comprising:
a plurality of transmit/receive regulator devices associated on a one-to-one basis with said data terminal devices of said group for interconnecting said data terminal devices of said group to said single interface device; and means responsive to said identifying means for enabling the one of said regulator devices associated with said destination data terminal device to transmit said data transmission to said destination data terminal device.
3. The arrangement of claim 2 further comprising:
means for generating said spurious data transmission; and means responsive to said identifying means for enabling all of said regulator devices, save said regulator device associated with said destination data terminal device, for transmitting said spurious data transmission to all of said group of data terminal devices, save said destination data terminal device.
4. The arrangement of claim 1 further comprising:
means for detecting multiple concurrent data transmissions; and wherein said spurious data transmission means are responsive to a detected multiple concurrent data transmission for transmitting said spurious data transmission to all of said group of data terminal devices.
5. In a data communication network interconnecting a plurality of data terminal devices via interface devices where a group of said data terminal devices share a single interface device, a data transmission security arrangement in said single interface device for providing privacy of data transmissions comprising:
means for detecting the origination of a data transmission between said interface device and one of said group of data terminal devices associated with said interface device; and means responsive to a detected data transmission origination for transmitting a spurious data transmission, coexistent with said data transmission, via individual, non-broadcast links to all of said data terminal devices in said group of data terminal devices save said one data terminal device.
6. The arrangement of claim 5 further comprising:
a plurality of transmit/receive regulator devices associated on a one-to-one basis with said data terminal devices of said group for interconnecting said data terminal devices of said group to said single interface device; and means responsive to said detecting means for enabling the one of said regulator devices associated with said one data terminal device to transmit said data transmission to said one data terminal device.
7. The arrangement of claim 6 further comprising:
means for generating said spurious data transmission; and means responsive to said detecting means for enabling all of said regulator devices, save said regulator device associated with said one data terminal device, for transmitting said spurious data transmission to all of said group of data terminal devices, save said one data terminal device.
8. The arrangement of claim 6 further comprising:
means for generating said spurious data transmission; and means responsive to said detecting means for enabling all of said regulator devices, save the regulator device associated with said one data terminal device, for transmitting said spurious data transmission to all of said data terminal devices in said group save said one data terminal device.
9. The arrangement of claim 5 further comprising:
means for detecting multiple concurrent data transmissions; and wherein said spurious data transmission means are responsive to a detected multiple concurrent data transmission for transmitting said spurious data transmission to all of said group of data terminal devices.
10. In a data communication network interconnecting a plurality of data terminal devices via corresponding interface devices where a group of said data terminal devices share a single interface device, a data transmission security arrangement in said single interface device for providing privacy of data transmissions comprising:
means for detecting the origination of a data transmission for one of said group of data terminal devices;
means responsive to a detected data transmission origination for identifying the destination one of said group of data terminal devices associated with said data transmission origination; and means responsive to said identifying means for interrupting the transmission of said data transmission via individual, non-broadcast links to all of said group of data terminal devices save said destination data terminal device.
11. The arrangement of claim 10 wherein said interrupting means comprises:
means for generating a spurious data transmission;
and means responsive to said identifying means for transmitting said spurious data transmission, coexistent with said data transmission, to all of said group of data terminal devices save said destination data terminal device.
12. The arrangement of claim 11 further comprising:
a plurality of transmit/receive regulator devices associated on a one-to-one basis with said data terminal devices of said group for interconnecting said data terminal devices of said group to said single interface device; and means responsive to said identifying means for enabling the one of said regulator devices associated with said destination data terminal device to transmit said data transmission to said destination data terminal device.
13. The arrangement of claim 12 further comprising:
means responsive to said identifying means for enabling all of said regulator devices, save said regulator device associated with said destination data terminal device, for transmitting said spurious data transmission to all of said group of data terminal devices, save said destination data terminal device.
14. The arrangement of claim 11 further comprising:
means for detecting multiple concurrent data transmissions; and wherein said interrupting means are responsive to a detected multiple concurrent data transmission for interrupting said data transmission to all of said group of data terminal devices.
15. In a data communication network interconnecting a plurality of data terminal devices via corresponding interface devices where a group of said data terminal devices share a single interface device, a data security transmission method for providing privacy of data transmissions comprising the steps of:
detecting the origination of a data transmission for one of said group of data terminal devices;
identifying the destination one of said group of data terminal devices associated with said data transmission origination;
transmitting said data transmission via an individual, non-broadcast link only to said destination data terminal device; and transmitting a spurious data transmission, coexistent with said data transmission, via individual, non-broadcast links to all of said group of data terminal devices save said destination data terminal device.
16. The method of claim 15, wherein a plurality of transmit/receive regulator devices are associated on a one-to-one basis with said data terminal devices of said group for interconnecting said data terminal devices of said group to said single interface device, further comprising the step of:
enabling the one of said regulator devices associated with said destination data terminal device to transmit said data transmission to said destination data terminal device.
17. The method of claim 16, further comprising the steps of:
generating said spurious data transmission; and enabling all of said regulator devices, save said regulator device associated with said destination data terminal device, to transmit said spurious data transmission to all of said group of data terminal devices, save said destination data terminal device.
18. The method of claim 15 further comprising the steps of:
detecting multiple concurrent data transmissions;
and transmitting in response to a detected multiple concurrent data transmission said spurious data transmission to all of said group of data terminal devices.
19. In a data communication network interconnecting a plurality of data terminal devices via interface devices where a group of said data terminal devices share a single interface device, a method of data transmission security for providing privacy of data transmissions comprising the steps of:
detecting the origination of a data transmission between said interface device and one of said group of data terminal devices associated with said interface device; and transmitting in response to a detected data transmission origination a spurious data transmission, coexistent with said data transmission, via individual links to all of said data terminal devices in said group of data terminal devices save said one data terminal device.
20. The method of claim 19, wherein a plurality of transmit/receive regulator devices are associated on a one-to-one basis with said data terminal devices of said group for interconnecting said data terminal devices of said group to said single interface device, further comprising the step of:
enabling the one of said regulator devices associated with said one data terminal device to transmit said data transmission to said one data terminal device.
21. The method of claim 20 further comprising the steps of:
generating said spurious data transmission; and enabling all of said regulator devices, save said regulator device associated with said one data terminal device, for transmitting said spurious data transmission to all of said group of data terminal devices, save said one data terminal device.
22. The method of claim 20 further comprising the steps of:
generating said spurious data transmission; and enabling all of said regulator devices, save the regulator device associated with said one data terminal device, for transmitting said spurious data transmission to all of said data terminal devices in said group save said one data terminal device.
23. The method of claim 21 or 22 further comprising the steps of:
detecting the termination of said data transmission;
and disabling in response to a detected data transmission termination said generating means to terminate said spurious data transmission.
24. The method of claim 19 further comprising the steps of:
detecting multiple concurrent data transmissions;
and transmitting in response to a detected multiple concurrent data transmission said spurious data transmission to all of said group of data terminal devices.
25. In a data communication network interconnecting a plurality of data terminal devices via corresponding interface devices where a group of said data terminal devices share a single interface device, a method of providing data transmission security for providing privacy of data transmissions comprising the steps of:
detecting the origination of a data transmission for one of said group of data terminal devices;
identifying in response to a detected data transmission origination the destination one of said group of data terminal devices associated with said data transmission origination; and interrupting the transmission of said data transmission via individual, non-broadcast links to all of said group of data terminal devices save said destination data terminal device.
26. The method of claim 25 further comprising the steps of:
generating a spurious data transmission; and transmitting said spurious data transmission, coexistent with said data transmission, to all of said group of data terminal devices save said destination data terminal device.
27. The method of claim 25 wherein a plurality of transmit/receive regulator devices are associated on a one-to-one basis with said data terminal devices of said group for interconnecting said data terminal devices of said group to said single interface device, further comprising the step of:
enabling the one of said regulator devices associated with said destination data terminal device to transmit said data transmission to said destination data terminal device.
28. The method of claim 27 further comprising the steps of:
generating said spurious data transmission; and enabling all of said regulator devices, save said regulator device associated with said destination data terminal device, for transmitting said spurious data transmission to all of said group of data terminal devices, save said destination data terminal device.
29. The method of claim 28 further comprising the steps of:
detecting the termination of said data transmission;
and disabling in response to a detected data transmission termination said generating means to terminate said spurious data transmission.
30. The method of claim 25 further comprising the steps of:
detecting multiple concurrent data transmission; and transmitting in response to a detected multiple concurrent data transmission said spurious data transmission to all of said group of data terminal devices.
CA000525614A 1985-12-24 1986-12-17 Data transmission security arrangement for a plurality of data stations sharing access to a communication network Expired - Lifetime CA1275506C (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US06/812,974 US4901348A (en) 1985-12-24 1985-12-24 Data transmission security arrangement for a plurality of data stations sharing access to a communication network
US812,974 1985-12-24

Publications (1)

Publication Number Publication Date
CA1275506C true CA1275506C (en) 1990-10-23

Family

ID=25211118

Family Applications (1)

Application Number Title Priority Date Filing Date
CA000525614A Expired - Lifetime CA1275506C (en) 1985-12-24 1986-12-17 Data transmission security arrangement for a plurality of data stations sharing access to a communication network

Country Status (7)

Country Link
US (1) US4901348A (en)
EP (1) EP0227072B1 (en)
JP (1) JPH0728290B2 (en)
KR (1) KR0125567B1 (en)
AU (1) AU585683B2 (en)
CA (1) CA1275506C (en)
DE (1) DE3674556D1 (en)

Families Citing this family (52)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH0693684B2 (en) * 1989-03-03 1994-11-16 株式会社日立製作所 Method and device for communication between field sensor and communication device
CA2033983C (en) * 1989-05-19 1994-10-18 John M. Saltwick System and method for communications security protection
GB8927623D0 (en) * 1989-12-06 1990-02-07 Bicc Plc Repeaters for secure local area networks
US5231633A (en) * 1990-07-11 1993-07-27 Codex Corporation Method for prioritizing, selectively discarding, and multiplexing differing traffic type fast packets
US5322144A (en) * 1990-07-18 1994-06-21 Otis Elevator Company Active control of elevator platform
US5124984A (en) * 1990-08-07 1992-06-23 Concord Communications, Inc. Access controller for local area network
US5197064A (en) * 1990-11-26 1993-03-23 Bell Communications Research, Inc. Distributed modular packet switch employing recursive partitioning
US5124978A (en) * 1990-11-26 1992-06-23 Bell Communications Research, Inc. Grouping network based non-buffer statistical multiplexor
GB9106675D0 (en) * 1991-03-28 1991-05-15 Bicc Plc Data networks
EP0515760B1 (en) * 1991-05-31 1996-02-28 International Business Machines Corporation Communication controller having line adapters loadable with an application program
US5339307A (en) * 1991-06-28 1994-08-16 Digital Equipment Corporation Data communication system with a local network interface
US5268900A (en) * 1991-07-05 1993-12-07 Codex Corporation Device and method for implementing queueing disciplines at high speeds
US5177788A (en) * 1991-10-15 1993-01-05 Ungermann-Bass, Inc. Network message security method and apparatus
JPH05134954A (en) * 1991-11-15 1993-06-01 Fujitsu Ltd Network processor
US5251203A (en) * 1991-12-23 1993-10-05 Xerox Corporation Hub privacy filter for active star CSMA/CD network
US5537099A (en) * 1992-04-16 1996-07-16 Bay Networks, Inc. Receiving port security in a network concentrator
US5311593A (en) * 1992-05-13 1994-05-10 Chipcom Corporation Security system for a network concentrator
IL103467A (en) * 1992-10-18 1996-03-31 Lannet Data Communications Ltd Network with a security capability
US5436901A (en) * 1992-12-21 1995-07-25 Otis Elevator Company Synchronous time division multiplexing using jam-based frame synchronization
US5355375A (en) * 1993-03-18 1994-10-11 Network Systems Corporation Hub controller for providing deterministic access to CSMA local area network
US5353353A (en) * 1993-04-26 1994-10-04 Advanced Micro Devices, Inc. Repeater security system
FR2705179B1 (en) * 1993-05-12 1995-06-16 Gemplus Card Int Method for managing the transmission of messages from a set of transmitters to a single receiver on a single channel.
US5615246A (en) * 1993-05-28 1997-03-25 Us West Technologies, Inc. Method and apparatus for spurious signal detection and disconnection in a hybrid fiber/coax network architecture
RO111887B1 (en) * 1993-05-28 1997-02-28 Us West Technologies Inc Method and network for the separation of telephonic services from special services
US5592540A (en) * 1993-05-28 1997-01-07 U S West Advanced Technologies, Inc. Method and apparatus for selectively delivering telephony signals on a hybrid coaxial cable network
US5596580A (en) * 1993-06-04 1997-01-21 Fmc Corporation Access to transmit on a message priority basis
US5400334A (en) * 1993-08-10 1995-03-21 Ungermann-Bass, Inc. Message security on token ring networks
US5559883A (en) * 1993-08-19 1996-09-24 Chipcom Corporation Method and apparatus for secure data packet bus communication
US5590201A (en) * 1994-11-10 1996-12-31 Advanced Micro Devices Inc. Programmable source address locking mechanism for secure networks
US5493562A (en) * 1994-11-10 1996-02-20 Lo; William Apparatus and method for selectively storing error statistics
US5473604A (en) * 1994-11-21 1995-12-05 At&T Corp. Method for avoiding node overload in a packet switching network
US5940392A (en) * 1994-12-30 1999-08-17 Advanced Micro Devices, Inc. Programmable address mapping matrix for secure networks
US5754525A (en) * 1994-12-30 1998-05-19 Advanced Micro Devices Inc. Programmable delay of disrupt for secure networks
US5539737A (en) * 1994-12-30 1996-07-23 Advanced Micro Devices, Inc. Programmable disrupt of multicast packets for secure networks
US5559801A (en) * 1995-01-20 1996-09-24 Advanced Micro Devices Inc. Programmable packet sampling for network management
US5548649A (en) * 1995-03-28 1996-08-20 Iowa State University Research Foundation Network security bridge and associated method
FI98585C (en) * 1995-06-28 1997-07-10 Nokia Telecommunications Oy Management of concurrent users on a telecommunications network device
US5757924A (en) * 1995-09-18 1998-05-26 Digital Secured Networks Techolognies, Inc. Network security device which performs MAC address translation without affecting the IP address
US5961646A (en) * 1997-01-02 1999-10-05 Level One Communications, Inc. Method and apparatus employing an invalid symbol security jam for communications network security
US6240513B1 (en) 1997-01-03 2001-05-29 Fortress Technologies, Inc. Network security device
US5905873A (en) * 1997-01-16 1999-05-18 Advanced Micro Devices, Inc. System and method of routing communications data with multiple protocols using crossbar switches
US6205147B1 (en) 1997-02-11 2001-03-20 Newbridge Networks Corporation Virtual network architecture
DE19804701A1 (en) * 1998-02-06 1999-08-12 Bosch Gmbh Robert Satellite communication system for temporary allocation of resources to individual subscribers
WO1999045676A1 (en) * 1998-03-06 1999-09-10 3Com Technologies Network security
KR100268885B1 (en) * 1998-09-10 2000-10-16 김영환 Asynchronous data communication element
DE19847892C2 (en) * 1998-10-16 2001-07-05 Siemens Ag Method for controlling a network, network and network unit
KR100365514B1 (en) * 2000-04-28 2002-12-18 주식회사 모든텔레콤 Orthogonal call noise simulator
US20030037138A1 (en) * 2001-08-16 2003-02-20 International Business Machines Corporation Method, apparatus, and program for identifying, restricting, and monitoring data sent from client computers
KR20050001520A (en) * 2003-06-25 2005-01-07 주식회사 모든텔레콤 Orthogonal Channel Noise Simulator for Synchronous and Asynchronous Mobile Communication System
DE10347301B4 (en) * 2003-10-08 2007-12-13 Infineon Technologies Ag Circuit with a bus with multiple receivers
US8959199B2 (en) 2008-03-18 2015-02-17 Reduxio Systems Ltd. Network storage system for a download intensive environment
US8549389B2 (en) * 2011-05-24 2013-10-01 Honeywell International Inc. Systems and methods for 1553 bus operation self checking

Family Cites Families (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CH97621A (en) * 1922-07-24 1923-02-01 Tesarz Frau Leopoldine Braided shoe.
US4217550A (en) * 1962-09-28 1980-08-12 Blassel Pierre P Radio jamming device
US3725870A (en) * 1970-12-24 1973-04-03 Pitney Bowes Alpex Parallel-access data file system
US4131849A (en) * 1976-10-21 1978-12-26 Motorola, Inc. Two-way mobile radio voice/data shared communications system
JPS55163922A (en) * 1979-06-08 1980-12-20 Hochiki Corp Communication unit with limited communication area
US4334322A (en) * 1979-10-26 1982-06-08 E-Systems, Inc. Communication management system for providing antijam/privacy capabilities for voice radio communications
US4411017A (en) * 1980-03-14 1983-10-18 Harris Corporation Secure mobile telephone system
US4317213A (en) * 1980-05-09 1982-02-23 Dilorenzo Mark Television reception interfering apparatus
JPS5724147A (en) * 1980-07-21 1982-02-08 Hitachi Ltd Confidential communication system
US4451827A (en) * 1981-09-22 1984-05-29 The Johns Hopkins University Local area communication network
JPS5862745A (en) * 1981-10-09 1983-04-14 Fujitsu Ltd Secret protection system in information retrieval system
US4472712A (en) * 1982-03-05 1984-09-18 At&T Bell Laboratories Multipoint data communication system with local arbitration
US4481626A (en) * 1982-05-05 1984-11-06 Xerox Corporation Transceiver multiplexor
NL8301943A (en) * 1982-07-01 1984-02-01 Plessey Overseas TRANSMITTER.
US4514843A (en) * 1982-12-02 1985-04-30 At&T Bell Laboratories Packet switched communication system comprising collision avoidance means
US4590468A (en) * 1983-03-10 1986-05-20 Western Digital Corporation Token access controller protocol and architecture
US4631534A (en) * 1984-11-13 1986-12-23 At&T Information Systems Inc. Distributed packet switching system

Also Published As

Publication number Publication date
AU6692086A (en) 1987-06-25
KR870006748A (en) 1987-07-14
DE3674556D1 (en) 1990-10-31
JPS62176237A (en) 1987-08-03
EP0227072A2 (en) 1987-07-01
US4901348A (en) 1990-02-13
JPH0728290B2 (en) 1995-03-29
EP0227072B1 (en) 1990-09-26
AU585683B2 (en) 1989-06-22
EP0227072A3 (en) 1988-07-13
KR0125567B1 (en) 1998-07-01

Similar Documents

Publication Publication Date Title
CA1275506C (en) Data transmission security arrangement for a plurality of data stations sharing access to a communication network
US4727537A (en) Flow control arrangement for the transmission of data packets to a communication network
US6012099A (en) Method and integrated circuit for high-bandwidth network server interfacing to a local area network
CA1140231A (en) Bus collision avoidance system for distributed network data processing communications system
EP0830769B1 (en) Flow control method and apparatus for ethernet packet switched hub
US4658396A (en) Redundancy arrangement for a local area network
US6704302B2 (en) Port prioritizing device
US6172983B1 (en) Hub dominated method and system for managing network collisions
US5856921A (en) Apparatus and method for intermodular communications using system bus controllers
US6028837A (en) Ether ring architecture for local area networks
US4561088A (en) Communication system bypass architecture
US5289458A (en) Apparatus for accomplishing autoport selection
US5734675A (en) Receiver sharing for demand priority access method repeaters
US6243411B1 (en) Infinitely expandable Ethernet network repeater unit
US4667322A (en) Method and apparatus for local area networks
JP7207177B2 (en) Packet processor and network system
US5949818A (en) Expandable ethernet network repeater unit
Simeone et al. Stability analysis of the cognitive interference channel
US6594283B1 (en) Network communication device
JP2682491B2 (en) Access control method in network having distributed buffer memory
Muriithi et al. A robust token passing protocol for peer-to-peer radio LANs
JP3074806B2 (en) Signal channel selection method
JPS63214039A (en) Multi-transceiver
JPH06284142A (en) Access end notice control system
JPS63114335A (en) State supervisory method

Legal Events

Date Code Title Description
MKEX Expiry