Content-addressable memory based enforcement of configurable policies
| DWPI Title: Monitoring device for monitoring transactions on bus connecting hardware components of computing system, has response policy unit which is coupled to CAM to issue bus halt signal or bus reset signal in response to signal from CAM |
| Abstract: A monitoring device for monitoring transactions on a bus includes content-addressable memory (“CAM”) and a response policy unit. The CAM includes an input coupled to receive a bus transaction tag based on bus traffic on the bus. The CAM stores data tags associated with rules of a security policy to compare the bus transaction tag to the data tags. The CAM generates an output signal indicating whether one or more matches occurred. The response policy unit is coupled to the CAM to receive the output signal from the CAM and to execute a policy action in response to the output signal. |
| Use: Monitoring device for monitoring transactions on bus connecting hardware components of computing system (claimed). |
| Advantage: Several monitoring devices can couple to or tap-off of various bus interfaces within computing system to monitor the bus for suspect bus transactions, so that alerts can be generated, when detecting a suspect bus transactions, and can prevent malicious bus transactions in real-time before damage occurs. |
| Novelty: The device has content-addressable memory (CAM) (410) whose input is coupled to receive bus transaction. A response policy unit (415) is coupled to CAM to receive output signal. The response policy unit is coupled to selectively issue bus halt signal to bus controller (320) to halt the bus or to issue bus reset signal. The response policy unit is coupled to the CAM to issue bus halt signal or bus reset signal in response to the output signal from CAM. The output signal indicates matched data tags to response policy unit, when several matches are occurred. |
| Filed: 8/25/2009 |
| Application Number: US2009546740A |
| Tech ID: SD 10449.0 |
| This invention was made with Government support under Contract No. DE-NA0003525 awarded by the United States Department of Energy/National Nuclear Security Administration. The Government has certain rights in the invention. |
| Data from Derwent World Patents Index, provided by Clarivate All rights reserved. Republication or redistribution of Clarivate content, including by framing or similar means, is prohibited without the prior written consent of Clarivate. Clarivate and its logo, as well as all other trademarks used herein are trademarks of their respective owners and used under license. |