Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Protection at a particular protocol layer
Reexamination Certificate
2006-01-10
2006-01-10
Barron, Jr., Gilberto (Department: 2132)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Protection at a particular protocol layer
C709S225000, C713S150000, C713S153000
Reexamination Certificate
active
06986061
ABSTRACT:
The present invention provides a method, system, and computer program product for enhancing security within a distributed computing network while enabling fine-grained access control for packets traveling through the network. The disclosed techniques enable this fine-grained access control while simultaneously providing broad-brush application-independent and user-independent security for Internet Protocol (IP) packets that are in transit over both secure networks (such as a corporate intranet) and non-secure networks (such as the public Internet). Access control decisions are delegated to an access control engine, and are based upon mutually authenticated identity information (e.g. of a system user and/or application) that is extracted from information exchanged as part of an underlying security service (such as the Internet Key Exchange of the IP Security Protocol).
REFERENCES:
patent: 5115466 (1992-05-01), Presttun
patent: 5790548 (1998-08-01), Sistanizadeh et al.
patent: 5802178 (1998-09-01), Holden et al.
patent: 5835726 (1998-11-01), Shwed et al.
patent: 5884025 (1999-03-01), Baehr et al.
patent: 5940591 (1999-08-01), Boyle et al.
patent: 5983350 (1999-11-01), Minear et al.
patent: 6052788 (2000-04-01), Wesinger, Jr. et al.
patent: 6055236 (2000-04-01), Nessett et al.
patent: 6055575 (2000-04-01), Paulsen et al.
patent: 6067620 (2000-05-01), Holden et al.
patent: 6076168 (2000-06-01), Fiveash et al.
patent: 6079020 (2000-06-01), Liu
patent: 6304973 (2001-10-01), Williams
patent: 6330562 (2001-12-01), Boden et al.
patent: 6484257 (2002-11-01), Ellis
patent: 6678827 (2004-01-01), Rothermel et al.
patent: 6693878 (2004-02-01), Daruwalla et al.
Stallings, William; Cryptography and Network Security; 1999; Prentice-Hall, Inc.; 2ndEdition; pp. 399-440.
IBM Technical Disclosure Bulletin, Vol, 32, No. 9A, Feb. 1990, “Swssion-Based Secure Communication for Secure Xenix”, pp. 239-243.
IBM Technical Disclosure Bulletin, vol. 37, No. 02B, Feb. 1994, Security Implementation at Internet Protocol Layer for TCP/I, pp. 683-686.
IBM Technical Disclosure Bulletin, vol. 35, No. 4A, Sep. 1992, “Virtual Private Networks on Vendor Independent Networks”, pp. 326-329.
Barron Jr. Gilberto
Doubet Marcia L.
International Business Machines - Corporation
Kim Jung
LandOfFree
Integrated system for network layer security and... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Integrated system for network layer security and..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Integrated system for network layer security and... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3603502