Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Protection at a particular protocol layer
Patent
1997-05-29
1999-10-19
Hua, Ly V.
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Protection at a particular protocol layer
G06F 1100
Patent
active
059681764
ABSTRACT:
A system provides for establishing security in a network that include nodes having security functions operating in multiple protocol layers. Multiple network devices, such as remote access equipment, routers, switches, repeaters and network cards having security functions are configured to contribute to implementation of distributed firewall functions in the network. By distributing firewall functionality throughout many layers of the network in a variety of network devices, a pervasive firewall is implemented. The pervasive, multilayer firewall includes a policy definition component that accepts policy data that defines how the firewall should behave. The policy definition component can be a centralized component, or a component that is distributed over the network. The multilayer firewall also includes a collection of network devices that are used to enforce the defined policy. The security functions operating in this collection of network devices across multiple protocol layers are coordinated by the policy definition component so that particular devices enforce that part of the policy pertinent to their part of the network.
REFERENCES:
patent: 4881263 (1989-11-01), Herbison et al.
patent: 5577209 (1996-11-01), Boyle et al.
patent: 5606668 (1997-02-01), Shwed
patent: 5740375 (1998-04-01), Dunne et al.
patent: 5828893 (1998-10-01), Wied
Blaze, et al., "Decentralized Trust Management", IEEE Conference on Security and Privacy, May 1996.
Simon, et al., "Adage: An Architecture for Distributed Authorization", OSF Research Institute,pp. 1-108, Dec.2, 1996.
Weissman, C., "Blacker: Security for the DDN Examples of A1 Security Engineering Trades", IEEE Symposium on Research and Privacy, pp. 286-292 (1992).
Cobra Security, "The Administrator's Interfaces", Cobra Security, pp. 135-159.
Check Point Software Technologies Ltd., "Security Platform Strategy", www.checkpoint.com (1997).
Instruction Manual, "Firewall-1; Managing Firewall-1 Using the OpenLook GUI", User Guide Version 2.1, pp. 1.1-1.19.
Check Point Software Technologies Ltd. "`Write Once, Manage Everything` Functionality to Enterprise Security Management", http://www.checkpoint.com, Oct. 1997.
Check Point Software Technologies Ltd., "Open Security Manager Data Sheet", http://www.checkpoint.com, 1998.
Guttman, Joshua D., "Filtering Postures: Local Enforcement for Global Policies", Paper No. 1081-6011/97, IEEE, from the Proceedings of the 1997 IEEE Symposium on Security and Privacy, Oakland, CA, May 4-7, 1997, pp. 120-129.
"User's Guide: PC Firewall for Windows 3.1x, Windows 95, and Windows NT", McAfee, Inc., Santa Clara, California, Oct. 1996, pp. 1-24.
Nessett Danny M.
Sherer William Paul
3Com Corporation
Baderman Scott
Hua Ly V.
Richardson Kent R.
LandOfFree
Multilayer firewall system does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Multilayer firewall system, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Multilayer firewall system will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2050113