Information security – Access control or authentication – Network
Reexamination Certificate
2006-05-05
2011-12-13
Henning, Matthew (Department: 2491)
Information security
Access control or authentication
Network
C726S013000, C709S223000, C709S238000
Reexamination Certificate
active
08079073
ABSTRACT:
One or more devices on a network may be configured to provide firewall services for other devices on the network. Each of the firewall service suppliers may publish its capability with respect to firewall services and the service receivers may publish their requirements for firewall services. A manager function may broker the requests and offers to match services and requirements. A default firewall service may be provided to devices not publishing their requirements. Network topologies may be re-configured to first route traffic addressed to a device to its corresponding firewall service provider.
REFERENCES:
patent: 5606668 (1997-02-01), Shwed
patent: 5802591 (1998-09-01), Yachida
patent: 5835726 (1998-11-01), Shwed et al.
patent: 5919258 (1999-07-01), Kayashima et al.
patent: 5968176 (1999-10-01), Nessett et al.
patent: 5974549 (1999-10-01), Golan
patent: 5987611 (1999-11-01), Freund
patent: 6003084 (1999-12-01), Green et al.
patent: 6003133 (1999-12-01), Moughanni et al.
patent: 6009469 (1999-12-01), Mattaway et al.
patent: 6009475 (1999-12-01), Shrader
patent: 6088804 (2000-07-01), Hill et al.
patent: 6131163 (2000-10-01), Wiegel
patent: 6149585 (2000-11-01), Gray
patent: 6154775 (2000-11-01), Coss et al.
patent: 6212558 (2001-04-01), Antur et al.
patent: 6219706 (2001-04-01), Fan et al.
patent: 6253321 (2001-06-01), Nikander et al.
patent: 6347376 (2002-02-01), Attwood et al.
patent: 6466976 (2002-10-01), Alles et al.
patent: 6480959 (2002-11-01), Granger et al.
patent: 6496935 (2002-12-01), Fink et al.
patent: 6513122 (2003-01-01), Magdych et al.
patent: 6611875 (2003-08-01), Chopra et al.
patent: 6631466 (2003-10-01), Chopra et al.
patent: 6636898 (2003-10-01), Ludovici et al.
patent: 6643776 (2003-11-01), Boden
patent: 6697810 (2004-02-01), Kumar et al.
patent: 6721890 (2004-04-01), Shrikhande
patent: 6792615 (2004-09-01), Rowe et al.
patent: 6931529 (2005-08-01), Kunzinger
patent: 6938155 (2005-08-01), D'Sa et al.
patent: 6941474 (2005-09-01), Boies et al.
patent: 6944183 (2005-09-01), Iyer et al.
patent: 6976177 (2005-12-01), Ahonen
patent: 7016901 (2006-03-01), Eikenbery
patent: 7024460 (2006-04-01), Koopmas et al.
patent: 7120931 (2006-10-01), Cheriton
patent: 7290145 (2007-10-01), Falkenthros
patent: 7308711 (2007-12-01), Swander et al.
patent: 7567560 (2009-07-01), Balasubramaniyan
patent: 7761708 (2010-07-01), Swander et al.
patent: 2001/0013049 (2001-08-01), Ellis, III
patent: 2002/0038371 (2002-03-01), Spacey
patent: 2002/0097724 (2002-07-01), Halme et al.
patent: 2002/0143855 (2002-10-01), Traversat et al.
patent: 2002/0162026 (2002-10-01), Neuman et al.
patent: 2002/0193049 (2002-12-01), Boucher et al.
patent: 2002/0194049 (2002-12-01), Boyd
patent: 2003/0005328 (2003-01-01), Grewal et al.
patent: 2003/0028806 (2003-02-01), Govindarajan et al.
patent: 2003/0084331 (2003-05-01), Dixon et al.
patent: 2003/0084334 (2003-05-01), Miyao et al.
patent: 2003/0110379 (2003-06-01), Ylonen et al.
patent: 2003/0120809 (2003-06-01), Bellur et al.
patent: 2003/0233568 (2003-12-01), Maufer et al.
patent: 2004/0003290 (2004-01-01), Malcolm
patent: 2004/0037268 (2004-02-01), Read
patent: 2004/0078600 (2004-04-01), Nilsen et al.
patent: 2004/0148439 (2004-07-01), Harvey et al.
patent: 2004/0168150 (2004-08-01), Ziv
patent: 2004/0177273 (2004-09-01), Ghaffar
patent: 2004/0205211 (2004-10-01), Takeda et al.
patent: 2004/0250131 (2004-12-01), Swander et al.
patent: 2004/0250158 (2004-12-01), Le Pennec et al.
patent: 2005/0005165 (2005-01-01), Morgan et al.
patent: 2005/0010816 (2005-01-01), Yu et al.
patent: 2005/0022010 (2005-01-01), Swander et al.
patent: 2005/0022011 (2005-01-01), Swander et al.
patent: 2005/0079858 (2005-04-01), Rosen et al.
patent: 2005/0091068 (2005-04-01), Ramamoorthy et al.
patent: 2005/0138380 (2005-06-01), Fedronic et al.
patent: 2005/0182967 (2005-08-01), Phillips et al.
patent: 2005/0198384 (2005-09-01), Ansari et al.
patent: 2005/0204402 (2005-09-01), Turley et al.
patent: 2005/0229246 (2005-10-01), Rajagopal et al.
patent: 2005/0262554 (2005-11-01), Brooks et al.
patent: 2005/0283823 (2005-12-01), Okajo et al.
patent: 2006/0015935 (2006-01-01), Dixon et al.
patent: 2006/0062238 (2006-03-01), Mahendran et al.
patent: 2006/0101266 (2006-05-01), Klassen et al.
patent: 2006/0253901 (2006-11-01), Roddy et al.
patent: 2007/0118893 (2007-05-01), Crawford
patent: 2007/0174031 (2007-07-01), Levenshteyn et al.
patent: 2007/0250922 (2007-10-01), Horton et al.
patent: 2007/0261111 (2007-11-01), Roberts
patent: 2007/0271361 (2007-11-01), Abzarian et al.
patent: 0910197 (1999-04-01), None
patent: 1024627 (2000-08-01), None
patent: 1119151 (2001-07-01), None
patent: 1484860 (2004-12-01), None
patent: 2005-217757 (2005-08-01), None
patent: WO03090034 (2003-10-01), None
patent: WO2004010659 (2004-01-01), None
patent: WO2007136811 (2007-11-01), None
Written Opinion for PCT/US2007/011053 mailed Oct. 14, 2008.
International Search Report for PCT/US2007/011053 mailed Oct. 14, 2008.
European Search Report regarding European Application No. 04009309.8 dated May 5, 2005.
Strassner et al., Policy Framework Core Information Model, Internet Draft, May 17, 1999, XP002255652.
Vagish et al., NT5.1 IPSecurity Security Policy Database, Microsoft Corporation, Sep. 1999.
Markham et al., Security at the Network Edge: A Distributed Firewall Architecture, Jun. 12-14, 2001, DARPA Information Survivability Conference & Exposition II, 2001. DISCEX '01. Proceedings.
McDonald et al., A Socket-Based Key Management API (and Surrounding Infrastructure), retrieved from http://www.isoc.orglisoclwhatislconferenceslinet196/proceedsingsld7/d7 2htm on May 21, 2005.
Bellovin, “Computer Security—An End State?”, Communications of the ACM, vol. 44. No. 3, Mar. 2001.
Bellovin, “Distributed Firewall”, issue of ;login, Nov. 1999.
“Whister Server Authorization in IPSec”, IPSec development Team, Microsoft, May 2000.
“NT 6.0 User Authentication”, IPSec Development Team, Microsoft, May 2000.
“NT 6.0 IPSecWinsock Extensions”, IPSec Development Team, Nov. 2000.
Adoba, “The Authentication and Authorization Problem in Roaming”, Network Working Group, Mar. 1997.
Narayan, Diameter Strong Securitiy Extension Using Kerberos v5, Network Working Group, Feb. 2001.
Narayan, Radius Securitiy Extensions Using Kerberos v5, Network Working Group, Aug. 2000.
Jiang, “Secure Radius Server Operation Guidelines for Dial Roaming”, Network Working Group, Oct. 1997.
Aboba, “Certificate-Based Roaming”, Network Working Group, Feb. 1999.
“IP Security for Microsoft Windows 2000 Server White Paper”, Microsoft Windows 2000 Server Operating System, Microsoft Corporation, 1999.
LeBlanc, “Bind Basics”, http://www.windowsitpro.comlWindowsSecurity/Article/ArticlelD/9196/9196.html, Jun. 2000.
Harkins et al, RFC 2409, “The Internet Key Exchange (IKE)”, Nov. 1998.
Rigney et al., Remote Authentication Dial in User Service (RADIUS), The Internet Society, Jun. 2000.
Rigney, “Radius Accounting”, The Internet Society, Jun. 2000.
McDonald et al., “PF—KEY Key Management API, Version 2”, The Internet Society, Jul. 1998.
Calhoun et al., “Diameter Base Protocol”, The Internet Society, Apr. 2000.
Calhoun, Comparison of Diameter Against AAA Network Access Requirements, The Internet Society, Apr. 2000.
Calhoun et al., “Diameter Framework Document”, The Internet Society, Apr. 2000.
Calhoun et al., “Diameter Secure Proxying”, The Internet Society, Oct. 1999.
Calhoun et al., “Diameter Strong Security Extension”, The Internet Society, Apr. 2000.
“UDDI Technical White Paper”, Universal Description, Discovery and Integration (uddi.org), Ariba, Inc. International Business Machines Corporation, Sep. 2000.
“Host-Resident Firewalls: Defending Windows NTI2000 Servers and Desktops from Network Attacks, A Security White Paper”, Network—1 Security Solutions, Inc., 2000.
Li, “Di
Henning Matthew
Microsoft Corporation
LandOfFree
Distributed firewall implementation and control does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Distributed firewall implementation and control, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Distributed firewall implementation and control will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4258285