Information security – Access control or authentication – Network
Reexamination Certificate
2011-08-16
2011-08-16
Hoffman, Brandon S (Department: 2436)
Information security
Access control or authentication
Network
Reexamination Certificate
active
08001589
ABSTRACT:
A test method for Internet-Protocol packet networks that verifies the proper functioning of a dynamic pinhole filtering implementation as well as quantifying network vulnerability statistically, as pinholes are opened and closed is described. Specific potential security vulnerabilities that may be addressed through testing include: 1) excessive delay in opening pinholes, resulting in an unintentional denial of service; 2) excessive delay in closing pinholes, creating a closing delay window of vulnerability; 3) measurement of the length of various windows of vulnerability; 4) setting a threshold on a window of vulnerability such that it triggers an alert when a predetermined value is exceeded; 5) determination of incorrectly allocated pinholes, resulting in a denial of service; 6) determining the opening of extraneous pinhole/IP address combinations through a firewall which increase the network vulnerability through unrecognized backdoors; and 7) determining the inability to correlate call state information with dynamically established rules in the firewall.
REFERENCES:
patent: 5414704 (1995-05-01), Spinney
patent: 5465286 (1995-11-01), Clare et al.
patent: 5473607 (1995-12-01), Hausman et al.
patent: 5828653 (1998-10-01), Goss
patent: 5859980 (1999-01-01), Kalkunte
patent: 5909686 (1999-06-01), Muller et al.
patent: 5936962 (1999-08-01), Haddock et al.
patent: 5991270 (1999-11-01), Zwan et al.
patent: 6154775 (2000-11-01), Coss et al.
patent: 6175902 (2001-01-01), Runaldue et al.
patent: 6680089 (2004-01-01), Miyake et al.
patent: 6701346 (2004-03-01), Klein
patent: 6707817 (2004-03-01), Kadambi et al.
patent: 6826616 (2004-11-01), Larson et al.
patent: 6880089 (2005-04-01), Bommareddy et al.
patent: 6920107 (2005-07-01), Qureshi et al.
patent: 6934756 (2005-08-01), Maes
patent: 7007299 (2006-02-01), Ioele et al.
patent: 7072291 (2006-07-01), Jagadeesan et al.
patent: 7340166 (2008-03-01), Sylvester et al.
patent: 7421734 (2008-09-01), Ormazabal et al.
patent: 7440573 (2008-10-01), Lor et al.
patent: 7499405 (2009-03-01), Gilfix et al.
patent: 7634249 (2009-12-01), Hahn et al.
patent: 7653938 (2010-01-01), Touitou et al.
patent: 7672336 (2010-03-01), Bharrat et al.
patent: 7716725 (2010-05-01), Xie
patent: 7721091 (2010-05-01), Iyengar et al.
patent: 2002/0083187 (2002-06-01), Sim et al.
patent: 2002/0112073 (2002-08-01), MeLampy et al.
patent: 2003/0055931 (2003-03-01), Cravo De Almeida et al.
patent: 2003/0076780 (2003-04-01), Loge et al.
patent: 2003/0086425 (2003-05-01), Bearden et al.
patent: 2003/0093563 (2003-05-01), Young et al.
patent: 2003/0115321 (2003-06-01), Edmison et al.
patent: 2003/0126464 (2003-07-01), McDaniel et al.
patent: 2003/0135639 (2003-07-01), Marejka et al.
patent: 2003/0165136 (2003-09-01), Cornelius et al.
patent: 2003/0195861 (2003-10-01), McClure et al.
patent: 2004/0013086 (2004-01-01), Simon et al.
patent: 2004/0028035 (2004-02-01), Read
patent: 2004/0039938 (2004-02-01), Katz et al.
patent: 2004/0068668 (2004-04-01), Lor et al.
patent: 2004/0133772 (2004-07-01), Render
patent: 2004/0136379 (2004-07-01), Liao et al.
patent: 2004/0208186 (2004-10-01), Eichen et al.
patent: 2004/0236966 (2004-11-01), D'Souza et al.
patent: 2004/0244058 (2004-12-01), Carlucci et al.
patent: 2005/0018618 (2005-01-01), Mualem et al.
patent: 2005/0050377 (2005-03-01), Chan et al.
patent: 2005/0076235 (2005-04-01), Ormazabal et al.
patent: 2005/0165917 (2005-07-01), Le et al.
patent: 2005/0232229 (2005-10-01), Miyamoto et al.
patent: 2006/0007868 (2006-01-01), Shinomiya
patent: 2006/0075084 (2006-04-01), Lyon
patent: 2006/0077981 (2006-04-01), Rogers
patent: 2006/0146792 (2006-07-01), Ramachandran et al.
patent: 2006/0227766 (2006-10-01), Mickle et al.
patent: 2007/0022479 (2007-01-01), Sikdar et al.
patent: 2007/0110053 (2007-05-01), Soni et al.
patent: 2007/0118894 (2007-05-01), Bhatia
patent: 2007/0121596 (2007-05-01), Kurapati et al.
patent: 2007/0192863 (2007-08-01), Kapoor et al.
patent: 2008/0037447 (2008-02-01), Garg et al.
patent: 2008/0040801 (2008-02-01), Buriano et al.
Kuthan, J. et al., “Middlebox Communication: Framework and Requirements,” Internet Engineering Task Force, draft-kuthan-midcom-framework-00.txt, Nov. 2000, pp. 1-23.
Harvey Edward P.
Ormazabal Gaston S.
Sylvester James E.
Hoffman Brandon S
Verizon Services Corp.
LandOfFree
Network firewall test methods and apparatus does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Network firewall test methods and apparatus, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Network firewall test methods and apparatus will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2716509