Tech Note #110: Concept for a Secure Network Computer
2000 Bionic Buffalo Corporation; All Rights Reserved.
Tuesday, 11 January 2000
Page 5 of 18
1: requests connection to
2: negotiates with
tn011004 ©2000 Bionic Buffalo Corp
Authentication may involve dynamic reference to one or more certificate authorities (CAs).
Various protocols (such as LDAP) are used to communicate with the CAs, and these protocols
may themselves be encapsulated within IPsec. In general, a CA may be found within a boundary
controller of the enclave to which connection is to be made, or within a separate node on the
tn011005 ©2000 Bionic Buffalo Corp
In the SNC, all of these negotiations are handled by the BC. The HC has no role until after the
tunnel is created.
To prevent a single failure from allowing a security breach, the BC is implemented as two
separate BCs, each checking the work of the other. A separate CPU hosts each BC, and the two
CPUs are connected in series. Even if one BC allows passage of inappropriate traffic, the second
BC will block the inappropriate messages. This requires two CPUs in the SM, and two internal