Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Protection at a particular protocol layer
Reexamination Certificate
2005-05-10
2005-05-10
Moise, Emmanuel L. (Department: 2131)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Protection at a particular protocol layer
C709S223000
Reexamination Certificate
active
06892309
ABSTRACT:
A user's usage of network resources is controlled, after the user has been authenticated, without using any network resources beyond the user's entry point to the network. Packet rules may be provisioned to the user's entry point to the network, and the packet rules may be applied to each packet received from the user before any network resources beyond the entry point are used. These packet rules may be associated with an identity of the user and then provisioned to the user's entry point in response to the user being authenticated. Usage of network resources of a communications network by a user beyond a network device of the communications network that serves as the user's entry point to the communications network is controlled. The port module of the network device is configured with one or more packet rules corresponding to an identity of the user. A packet is received from a device used by the user at the port module, and, before using any of the network resources beyond the network device, the one or more packet rules are applied to the received packet. Another embodiment is provided for controlling usage of network resources of a communications network by a user. The user has an assigned role with respect to the communications network, and the assigned role is associated with one or more packet rules, each packet rule including a condition and action to be taken if a packet received at a device satisfies the condition. A packet including identification information of the user is received from a device of the user at a port module of a network device. The assigned role of the user is determined based on the identification information, and the port module is configured with the one or more packet rules associated with the assigned role of the user.
REFERENCES:
patent: 5889953 (1999-03-01), Thebaut et al.
patent: 5968176 (1999-10-01), Nessett et al.
patent: 6134662 (2000-10-01), Levy et al.
patent: 6182226 (2001-01-01), Reid et al.
patent: 6212633 (2001-04-01), Levy et al.
patent: 20030084331 (2003-05-01), Dixon et al.
patent: 20030118038 (2003-06-01), Jalava et al.
patent: 20030152035 (2003-08-01), Pettit et al.
patent: 20030152067 (2003-08-01), Richmond et al.
patent: WO 03067372 (2003-08-01), None
DeRosia et al, “Firewalls” Dec. 7, 2000, p. 1-17.*
Steven Pettit, “Enterasys User Personalized Network”, pp. 1-16, Enterasys Networks' White Paper, Feb. 12, 2001.
J.P. Gorsky, “Layer 2/3/4 Frame Classification Primer”, pp. 1-4, Enterasys Networks' White Paper, pp. 1-4, May 1999.
Keith Schultz, “A Complete Solution,” Internet Week, Jan. 22, 2001, pp. 1-4.
Business Wire, “Enterasys Networks' Unveils the Industry's First User Personalized Network,” Feb. 12, 2001, pp. 1-2.
Phil Hochmuth, “Enterasys Brings Policy Enforcement Closer to Users,” Network World, Feb. 12, 2001, pp. 1-2.
Paul Congdon, Hewlett Packard, IEEE 802.1X Overview, “Port Based Network Access Control”, IEEE Plenary, Alburquerque, NM, Mar. 2000.
Dunigan Paula Jane
Kjendal David L.
Pettit Steven A.
Richmond James
Enterasys Networks Inc.
Lahive & Cockfield LLP
Moise Emmanuel L.
Revak Christopher
LandOfFree
Controlling usage of network resources by a user at the... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Controlling usage of network resources by a user at the..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Controlling usage of network resources by a user at the... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3447657