Information security – Access control or authentication – Network
Reexamination Certificate
2007-08-31
2011-10-11
Gergiso, Techane (Department: 2437)
Information security
Access control or authentication
Network
C370S229000
Reexamination Certificate
active
08037519
ABSTRACT:
An apparatus is provided that includes a processor configured to receive a captured traffic unit (CTU) intended for a network service, the CTU being one into which incoming traffic has been assembled based on a filter describing which incoming traffic to capture and how to assemble the respective incoming traffic into the CTU. The processor is also configured to determine whether to allow the CTU to pass to one or more applications configured to implement the respective network service based on a passlet including permissions to a particular user. The processor is further configured to instruct a firewall to allow the CTU to pass to the respective one or more applications or to reject the CTU based on the determination. In this regard, the processor is configured to perform the above functions under control of a security framework implemented in middleware between a user-level domain and a system-level domain.
REFERENCES:
patent: 6366578 (2002-04-01), Johnson
patent: 6400711 (2002-06-01), Pounds et al.
patent: 6510509 (2003-01-01), Chopra et al.
patent: 7734909 (2010-06-01), Roush et al.
patent: 2003/0172145 (2003-09-01), Nguyen
patent: 2003/0208533 (2003-11-01), Farquharson et al.
patent: 2005/0055435 (2005-03-01), Gbadegesin et al.
patent: 2006/0267802 (2006-11-01), Judge et al.
patent: 2006/0288227 (2006-12-01), Kalofonos et al.
patent: 2006/0294194 (2006-12-01), Graveline et al.
patent: 2007/0140128 (2007-06-01), Klinker et al.
patent: 2008/0040151 (2008-02-01), Moore
patent: 2010/0161362 (2010-06-01), Shapira et al.
patent: 1 598 729 (2005-11-01), None
patent: WO 2006/0134476 (2006-12-01), None
International Search Report for PCT/IB2008/053360, dated Mar. 16, 2009.
Kalofonos et al., MyNet: A Platform for Secure P2P Personal and Social Networking Services, Percom, pp. 135-146, 2008, IEEE.
Ford et al., Persistent Personal Names for Globally Connected Mobile Devices, In Proceedings of 7Th USENIX Symposium on Operating Systems Design and Implementation (Osdi'06), Oct. 11, 2006, Seattle, WA.
Bauer et al., A Language and System for Composing Security Policies, Princeton University Technical Report TR-699-04, Oct. 1, 2007 , http://www/ece.cmu.edu/˜lbauer/papers/polymer-tr-699-04.pdf.
Burns et al., Automatic Management of Network Security Policy, http://ieeexplore.ieee.org/Ie15/7418/20160/00932156.pdf, F30602-99-C-0182, 2001 IEEE.
Munz et al., Diadem Firewall: Web Server Overload Attack Detection and Response, http://www.Diadem-Firewall.Org/Publications/BBEurope-DIADEM.Pdf, Oct. 12, 2005, Bordeaux, France.
Mizuno et al., A New Remote Configurable Firewall for Home-Use Gateways, Consumer Communications and Networking Conference 2005, CCNC. Second IEEE, Jan. 3, 2005, pp. 599-601.
Dimitrakos et al., Policy-Driven Access Control Over a Distributed Firewall Architecture, Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (Policy'02), Oct. 8, 2002.
Firewall Builder, http://www.fwbuilder.org, Jan. 7, 2008.
Kalofonos Dimitris
Reynolds Franklin
Alston & Bird LLP
Gergiso Techane
Nokia Corporation
LandOfFree
Apparatus and method for managing access to one or more... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Apparatus and method for managing access to one or more..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Apparatus and method for managing access to one or more... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4293448