Tech Note #110: Concept for a Secure Network Computer
©
2000 Bionic Buffalo Corporation; All Rights Reserved.
Tuesday, 11 January 2000
http://www.tatanka.com
[tn0110]
Page 3 of 18
This Tech Note describes the SNC: a single-node enclave intended for connection to a larger
information domain. As a minimum, the SNC contains three components: the Boundary
Controller (BC), an Internal Network (IN), and a Host Computer (HC). The BC enforces the
boundaries of the information domain. The HC provides a safe execution environment for
unverified programs.
tn011002 ©2000 Bionic Buffalo Corp
Boundary
Controller
(BC)
Host
Computer
(HC)
External
Network
(EN)
Internal
Network
(IN)
Secure
Network
Computer
(SNC)
The IN may exist physically, or it may be only logical. If the IN and BC are constructed as a
single physical module which connects into the HC’s i/o bus (emulating a network adapter
card), then the IN can be purely logical. Denote this single physical module (combining HC
network adapter, IN, and BC) as the Security Module (SM).
Boundary
Controller
(BC)
Host
Computer
(HC)
External
Network
(EN)
Internal
Network
(IN)
Network
Adapter
(NA)
Security
Module
(SM)
Secure
Network
Computer
(SNC)
tn011003 ©2000 Bionic Buffalo Corp
The managers of a domain may restrict access only to qualified parties, who might be required
to use only qualified equipment. For example, a qualified party might be one who has passed
some background check, and qualified equipment might be required to meet certain standards
for resistance against tampering or sabotage. The secure network computer described in this
document is intended to meet such standards, allowing it to qualify for connection to secure
domains.