| CPC H04L 9/3215 (2013.01) [G06F 15/7871 (2013.01); G06F 21/72 (2013.01); G06F 21/76 (2013.01); G06F 30/34 (2020.01); H04L 69/326 (2013.01)] | 10 Claims |
|
1. A circuit card assembly comprising:
at least one processor defining a plurality of interface ports and a plurality of cryptographic ports; and
at least one field programmable gate array configured to host a plurality of cryptographic functions, the at least one field programmable gate array defining:
a static region defining a plurality of transport layer interfaces; and
a dynamic region comprising at least one switch bank configured to connect one or more of the transport layer interfaces to one or more of the plurality of interface ports, plurality of cryptographic ports, a security module direct memory access port, and a gateway radio, and each switch bank configured to be hardware strapped from a static register to a unique identification sequence corresponding to a static register address,
wherein:
the at least one processor is configured to:
discover a physical and logical location of the circuit card and of a plurality of nodes on a network;
determine secured paths between the circuit card assembly and each of the plurality of nodes;
establish a communication channel between a first transport layer interface and a second transport layer interface via the at least one switch bank;
apply one or more of the plurality of cryptographic functions to the communication channel; and
exclude all traffic from the communication channel that does not correspond to one of the hardware strapped static register addresses; and
the plurality of cryptographic functions comprises cryptographic keys, certificates, and algorithms for authentication, confidentiality, and integrity for all of the secured paths.
|