Data processing: database and file management or data structures – Database design – Data structure types
Reexamination Certificate
2000-06-21
2009-08-25
LeRoux, Etienne P (Department: 2161)
Data processing: database and file management or data structures
Database design
Data structure types
Reexamination Certificate
active
07580919
ABSTRACT:
An exemplary scalable access filter that is used together with others like it in a virtual private network to control access by users at clients in the network to information resources provided by servers in the network is disclosed. Each access filter uses a local copy of an access control data base (3845) to determine whether an access request is made by a user. Each user belongs to one or more user groups and each information resource belongs to one or more information sets. Access is permitted or denied according to access policies, which define access in terms of the user groups and information sets. The first access filter in the path performs the access check, encrypts and authenticates the request; the other access filters in the path do not repeat the access check. The interface used by applications to determine whether a user has access to an entity is now an SQL query. The policy server (3811) assembles the information needed for the response to the query from various information sources, including source external to the policy server.
REFERENCES:
patent: 4919545 (1990-04-01), Yu
patent: 4956769 (1990-09-01), Smith
patent: 4961224 (1990-10-01), Yung
patent: 5012405 (1991-04-01), Nishikado et al.
patent: 5115501 (1992-05-01), Kerr
patent: 5117349 (1992-05-01), Tirfing et al.
patent: 5220604 (1993-06-01), Gasser et al.
patent: 5249230 (1993-09-01), Mihm et al.
patent: 5263157 (1993-11-01), Janis
patent: 5263158 (1993-11-01), Janis
patent: 5263165 (1993-11-01), Janis
patent: 5265221 (1993-11-01), Miller
patent: 5276735 (1994-01-01), Boebert et al.
patent: 5276870 (1994-01-01), Shan et al.
patent: 5276901 (1994-01-01), Howell et al.
patent: 5335346 (1994-08-01), Fabbio
patent: 5423034 (1995-06-01), Cohen-Levy et al.
patent: 5438508 (1995-08-01), Wyman
patent: 5442342 (1995-08-01), Kung
patent: 5446903 (1995-08-01), Abraham et al.
patent: 5455945 (1995-10-01), VanderDrift
patent: 5455953 (1995-10-01), Russell
patent: 5495607 (1996-02-01), Pisello et al.
patent: 5504890 (1996-04-01), Sanford
patent: 5534855 (1996-07-01), Shockley et al.
patent: 5550906 (1996-08-01), Chau et al.
patent: 5553282 (1996-09-01), Parrish et al.
patent: 5568613 (1996-10-01), Futral
patent: 5634053 (1997-05-01), Noble et al.
patent: 5652787 (1997-07-01), O'Kelly
patent: 5675782 (1997-10-01), Montague et al.
patent: 5678042 (1997-10-01), Pisello et al.
patent: 5696486 (1997-12-01), Poliquin et al.
patent: 5696898 (1997-12-01), Baker et al.
patent: 5701458 (1997-12-01), Bsaibes et al.
patent: 5701461 (1997-12-01), Dalal et al.
patent: 5706427 (1998-01-01), Tabuki
patent: 5720023 (1998-02-01), Putland et al.
patent: 5720033 (1998-02-01), Deo
patent: 5721908 (1998-02-01), Lagarde et al.
patent: 5729734 (1998-03-01), Parker et al.
patent: 5748890 (1998-05-01), Goldberg et al.
patent: 5752245 (1998-05-01), Parrish et al.
patent: 5758083 (1998-05-01), Singh et al.
patent: 5771291 (1998-06-01), Newton et al.
patent: 5774650 (1998-06-01), Chapman et al.
patent: 5787427 (1998-07-01), Benantar et al.
patent: 5787428 (1998-07-01), Hart
patent: 5793964 (1998-08-01), Rogers et al.
patent: 5796951 (1998-08-01), Hamner et al.
patent: 5797128 (1998-08-01), Birnbaum
patent: 5826010 (1998-10-01), Joseph et al.
patent: 5828832 (1998-10-01), Holden et al.
patent: 5828833 (1998-10-01), Belville et al.
patent: 5835726 (1998-11-01), Shwed et al.
patent: 5841970 (1998-11-01), Tabuki
patent: 5859978 (1999-01-01), Sonderegger et al.
patent: 5862325 (1999-01-01), Reed et al.
patent: 5864683 (1999-01-01), Boebert et al.
patent: 5878431 (1999-03-01), Potterveld et al.
patent: 5884274 (1999-03-01), Walker et al.
patent: 5898830 (1999-04-01), Wesinger, Jr. et al.
patent: 5911143 (1999-06-01), Deinhart et al.
patent: 5911776 (1999-06-01), Guck
patent: 5931917 (1999-08-01), Nguyen et al.
patent: 5941947 (1999-08-01), Brown et al.
patent: 5951649 (1999-09-01), Dobbins et al.
patent: 5956715 (1999-09-01), Glasser et al.
patent: 5987611 (1999-11-01), Freund
patent: 5991807 (1999-11-01), Schmidt et al.
patent: 6141686 (2000-10-01), Jackowski et al.
patent: 6178505 (2001-01-01), Schneider et al.
patent: 6253251 (2001-06-01), Benantar et al.
patent: 6408336 (2002-06-01), Schneider et al.
patent: 6502131 (2002-12-01), Vaid et al.
patent: 6785728 (2004-08-01), Schneider et al.
patent: 7213262 (2007-05-01), Elley et al.
patent: 2004/0199402 (2004-10-01), Walker et al.
patent: 2005/0010820 (2005-01-01), Jacobson
patent: 2006/0149968 (2006-07-01), Edery et al.
patent: 0736827 (1996-10-01), None
patent: 2317539 (1998-03-01), None
patent: WO 96/05549 (1996-02-01), None
patent: WO 97/00471 (1997-01-01), None
patent: WO 00/00879 (2000-01-01), None
Cold Fusion 4.0 Web Application Construction Kit, Third Edition, Publisher Que, Pub Date; Dec. 23, 1998. Chapter 8, Author, Forta et al.
Aziz et al., “Simple Key-Management for Internet Protocols (SKIP),” Proc. of INET, 1995.
Ringey et al., “Remote Authentication Dial In User Service (RADIUS),” RFC 2138, Apr. 1997.
Marriott et al., “Management Policy Service for Distributed Systems,” IEEE 1996.
Ford, William, “Administration in a Multiple Policy/Domain Environment: The Administration and Melding of Disparate Policies,” IEEE 1995.
Sandhu et al., Access Control: Principles and Practice, IEEE Communications Magazine, Sep. 1994.
Herzog, Shai, “Local Policy Modules (LPM): Policy Enforcement for Resource Reservation Protocols,” Internet Draft, Jun. 1996.
“Access Control List View for Objects,” IBM Technical Disclosure Bulletin, vol. 35, Issue 5, Oct. 1992.
Marriott et al, “Implementation of a Management Agent for Interpreting Obligation Policy,” IEEE/IFIP 7th Int'l Workshop on Distributed Operations and Management, 1996.
Edwards, K., “Policies and Roles in Collaborative Applications,” Proc. of the ACM 1996 Conf. on Computer Supported Cooperative Work, Nov. 1996.
Lampson et al., “Authentication in Distributed Systems: Theory and Practice,” Proc. of the 13th ACM Symp. on Operating Systems Principles, Oct. 1991.
Gladney, H., “Access Control for Large Collections,” ACM Trans. on Information Systems, vol. 15, No. 2, Apr. 1997.
Shen et al., “Access Control for Collaborative Environments,” Conf. Proc. on Computer-Supported Collaborative Work, ACM, Nov. 1992.
Reiter et al., “Integrating Security in a Group Oriented Distributed System,” Proc. of Research in Security & Privacy, 1992, IEEE, May 1992.
“CheckPoint FireWall-1,” White Paper, Version 2.0, Jun. 1995.
Yu, C. “Access Control and Authorization Plan for Customer Control of Network Services,” IEEE Global Telecommunications Conference and Exhibition, vol. 2, Nov. 1989.
Toy, M., “AT&T's Electronic Mail Service for Government Users—FTS2000MAIL,” Globecom '92, IEEE, vol. 2, Dec. 1992.
“Commercial Firewalls and Related FW Products,” Mar. 1996.
“Five Domains of Network Security: Technical Overview of the Eagle,” Jan. 1997.
“Firewalls and Security Related Information”.
“Checkpoint FireWall-1,” Metadigm Ltd., 1996.
Computer Dictionary, 2d ed., Microsoft Press, Redmond, Washington, p. 215, Oct. 1993.
Chung, Y. J., “Fast and Effective Multiple Moving Targets Tracking Method for Mobile Robots,” vol. 3, Digital Object Identifier, May 1995.
Hirawa, S., “Info-Plaza: A Social Information Filtering System for the World-Wide Web,” 1996 Proc. on Parallell and Distributed Systems, Jun. 1996.
Yeung, K.H., “Selective Broadcast Data Distribution Systems,” Proc. of the 15th Int'l, Conf. on Distributed Computing Systems, 1995.
Hannel Clifford Lee
May Anthony
Carr & Ferrell LLP
LeRoux Etienne P
SonicWALL, Inc.
LandOfFree
Query interface to policy server does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Query interface to policy server, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Query interface to policy server will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4064222