4. Electrical computers and digital processing systems: multicomput
  5. Computer-to-computer session/connection establishing

Secure network proxy for connecting entities

Electrical computers and digital processing systems: multicomput – Computer-to-computer session/connection establishing

Patent

Rate now
  [ 0.00 ] – not rated yet Voters 0   Comments 0

Details

709203, 709230, G06F 1300

Patent

active

060030844

ABSTRACT:
A proxy which is part of a firewall program controls exchanges of information between two application entities. The proxy interrogates attempts to establish a communication session by requesting entities with a server entity in lower layers in accordance with defined authentication procedures. The proxy interfaces with networking software to direct a communication stack to monitor connection requests to any address on specific ports. The requestor's address, and the server's address are checked against an access control list. If either address is invalid, the proxy closes the connection. If both are valid, a new connection is setup such that both the requestor and server are transparently connected to the proxy with variable higher levels being connected in a relay mode. Protocol data units are interrogated for conformance to a protocol session, and optionally further decoded to add additional application specific filtering. In one embodiment, an OSI architecture comprises the levels.

REFERENCES:
patent: 3956615 (1976-05-01), Anderson et al.
patent: 4104721 (1978-08-01), Markstein et al.
patent: 4177510 (1979-12-01), Appell et al.
patent: 4442484 (1984-04-01), Childs, Jr. et al.
patent: 4584639 (1986-04-01), Hardy
patent: 4621321 (1986-11-01), Boebert et al.
patent: 4648031 (1987-03-01), Jenner et al.
patent: 4701840 (1987-10-01), Boebert et al.
patent: 4713753 (1987-12-01), Boebert et al.
patent: 4870571 (1989-09-01), Frink
patent: 4885789 (1989-12-01), Burger et al.
patent: 5093914 (1992-03-01), Coplien et al.
patent: 5124984 (1992-06-01), Engel
patent: 5153918 (1992-10-01), Tuai
patent: 5204961 (1993-04-01), Barlow
patent: 5228083 (1993-07-01), Lozowick et al.
patent: 5263147 (1993-11-01), Francisco et al.
patent: 5272754 (1993-12-01), Boebert
patent: 5276735 (1994-01-01), Boebert et al.
patent: 5303303 (1994-04-01), White
patent: 5305385 (1994-04-01), Schanning et al.
patent: 5311593 (1994-05-01), Carmi
patent: 5329623 (1994-07-01), Smith et al.
patent: 5333266 (1994-07-01), Boaz et al.
patent: 5355474 (1994-10-01), Thuraisngham et al.
patent: 5414833 (1995-05-01), Hershey et al.
patent: 5416842 (1995-05-01), Aziz
patent: 5485460 (1996-01-01), Schrier et al.
patent: 5511122 (1996-04-01), Atkinson
patent: 5530758 (1996-06-01), Marino, Jr. et al.
patent: 5548646 (1996-08-01), Aziz et al.
patent: 5550984 (1996-08-01), Gelb
patent: 5566170 (1996-10-01), Bakke et al.
patent: 5583940 (1996-12-01), Vidrascu et al.
patent: 5604490 (1997-02-01), Blakely, III et al.
patent: 5606668 (1997-02-01), Shwed
patent: 5608720 (1997-03-01), Biegel et al.
patent: 5615340 (1997-03-01), Dai et al.
patent: 5619648 (1997-04-01), Canale et al.
patent: 5623601 (1997-04-01), Vu
patent: 5636371 (1997-06-01), Yu
patent: 5644571 (1997-07-01), Seaman
patent: 5671279 (1997-09-01), Elgamal
patent: 5673322 (1997-09-01), Pepe et al.
patent: 5684951 (1997-11-01), Goldman et al.
patent: 5699513 (1997-12-01), Feigen et al.
patent: 5720035 (1998-02-01), Allegre et al.
patent: 5781550 (1998-07-01), Templin et al.
"100% of Hackers Failed to Break Into One Internet Site Protected by Sidewinder", News release, Secure Computing Corporation (Feb. 16, 1995).
"Internet Security System Given `Product of the Year` Award", News Release, Secure Computing Coporation (Mar. 28, 1995).
"SATAN No Threat to Sidewinder.TM.", News Release Computing Corporation (Apr. 26, 1995).
"Answers to Frequently Asked Questions About Network Security", Secure Computing Corporatin, 41 p. (1994).
Adam, J.A., "Meta-matrices", IEEE Spectrum, 26-27 (Oct. 1992).
Adam, J.A., "Playing on the Net", IEEE Spectrum, 29 (Oct. 1992).
Ancilotti, P., et al., "Language Features for Access Control", IEEE Transactions on Software Engineering, SE-9, 16-25 (Jan. 1983).
Badger, L., et al., "Practical Domain and Type Enforcement for UNIX", Proceedings of the 1995 IEEE Symposium on Security and Privacy, Oakland, CA, 66-77 (May 8-10, 1995).
Belkin, N.J., et al., "Information Filtering and Information Retrieval: Two Sides of the Same Coin?", Communications of the ACM, 35, 29-38 (dec. 1992).
Bellovin, S.M., et al., "Network Firewalls", IEEE Communications Magazine, 32, 50-57 (Sep. 1994).
Bevier, W.R., et al., "Connection Policies and Controlled Interference", Proceedings of the 8th IEEE Computer Security Foundations Workshop, Kenmare, County Kerry, Ireland, 167-176 (Jun. 13-15, 1995).
Bowen, T.F., et al., "The Detacycle Architecture", Communications of the ACM, 35, 71-81 (Dec. 1992).
Bryan, J., "Furewalls For Sale", BYTE, pp. 99-100, 102 and 104 (Apr. 1995).
Damashek, M., "Gauging Similarity with n-Grams: Language-Independent Categorization of Text", Science, 267, 843-848 (Feb. 10, 1995).
Dillaway, B.B., et al., "A Practical Design For A Multilevel Secure Database Management System", American Institute of Aeronautics and Astronautics, Inc., 44-57 (Dec. 1986).
Fine, T., et al., "Assuring Distributed Trusted Mach", Proceedings of the IEEE Computer Society Symposium on research in Security and Privacy, 206-218 (1993).
Foltz, P.W., et al., "Personalized Information Delivery: An Analysis of Information Filtering Methods", Communicatioin of the ACM, 35, 51-60 (Dec. 1992).
Goldberg, D., et al., "Using Collaborative Filtering to Weave an Information Tapestry", Communications of the ACM, 35, 61-70 (Dec. 1992).
Grampp, F.T., "UNIX Operating System Security", AT&T Bell Laboratories Technical Journal, 63, 1649-1672 (Oct. 1984).
Haigh, J.t., et al., "Extending the Non-Interference Version of MLS for SAT", Proceedings of the 1986 IEEE Symposium on Security and Privacy, Oakland, CA, 232-239 (Apr. 7-9, 1986).
Kent, S.T., "Internet Privacy Enhanced Mail", Communications of the ACM, 48-60 (Apr. 1993).
Lampson. B.W., "dynamic Protection Structures", AFIPS Conference Proceedings, vol. 35, 1969 Fall Joint Computer ConferenceLas Vegas, NV, 27-38 (Nov. 18-20, 1969).
Lee, K-C., et al., "A Framework for Controlling Cooperative Agents", Computer, 8-16 (Jul. 1993).
Loeb, S., "Architecting Personalized Delivery of Multimedia Information", Communications of the ACM, 35, 39-50 (Dec. 1992).
Loeb, S., et al., "Information filtering," Communications of the ACM, 35, 26-28 (Dec. 1992).
Merenbloom, P., "Network `Fire Walls` safeguard LAN Data from Outside Intrusion", Infoworld, p. 69 (Jul. 25, 1994).
Obraczka, K., et al., "Internet Resource Discovery Services", Computer, 26, 8-22 (Sep. 1993).
Press, L., "The Net: Progress and opportunity", Communications of the ACM, 35, 21-25 (Dec. 1992.
Schroeder, M.D., et al., "A Hardware Architecture for Implementing Protection Rings", Communications of the ACM, 15, 157-170 (Mar. 1972).
Schwartz, M.F., "Internet Resouirces Discovery at the University of Colorado", Computer, 26, 25-35 (Sep. 1993).
Smith, R.E., "Sidewinder: Defense in Depth Using Type Enforcement", Internationa Journal of Network Management, 219-229, (Jul.-Aug. 1995).
Thomsen, D., "type Enforcement: The New Security Model", Proceedings of the SPIE, Multimedia: Full-Service Impact on Businnes, Education and the Home, vol. 2617, Philadelphia, PA, 143-150 (Oct. 23-24 1995).
Warrier, U.S., et al., "a Platform for Heterogeneous Interconnection Network Management", IEEE Journal on Selected Areas in Communications, 8, 119-126 (Jan. 1990).
Wolfe, A, "Honeywell Builds Hardware for Computer Security", Electronics, 14-15 (Sep. 2, 1985).
Boebert W.E., et al., "Secure Ada Target: Issues, System Design, and Verification", Proceedings of the Symposium on Security and Privacy, Oakland, California, pp. 59-66, (1985).
Boebert, W.E., et al., "Secure Computing: The Secure Ada Target Approach", Sci. Honeyweller, 6(2), 17 pages, (1985).
International Search Report , PCT Application No. PCT/US 95/12681, 8 p. (mailed Apr. 9, 1996).
"Sidewinder Internals", Product information, Secure Computing Corpopration, 16 (Oct. 1994).
"Special Report: Secure Computing Corporation and Network Security", Computer Select, 13 p. (Dec. 1995).
Atkinson, R., "IP Authentication Header", Network Working Group, Request For Comment No. 1826, http//ds.internic
et/rfc/rfc1826.txt, 9 p. (Aug. 1995).
Atkinson, R., "IP Encapsulating Security Payload (ESP)

Green Michael W.

Inventor

  [ 0.00 ] – not rated yet Voters 0   Comments 0

Kruse Ricky Ronald

Inventor

  [ 0.00 ] – not rated yet Voters 0   Comments 0

Maung Zarni

Examiner

  [ 0.00 ] – not rated yet Voters 0   Comments 0

Ovedovitz David M

Examiner

  [ 0.00 ] – not rated yet Voters 0   Comments 0

Secure Computing Corporation

Corporate Assignee

  [ 0.00 ] – not rated yet Voters 0   Comments 0

LandOfFree

Say what you really think

Search LandOfFree.com for the USA inventors and patents. Rate them and share your experience with other people.

Rating

Secure network proxy for connecting entities does not yet have a rating. At this time, there are no reviews or comments for this patent.

If you have personal experience with Secure network proxy for connecting entities, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Secure network proxy for connecting entities will most certainly appreciate the feedback.

Rate now

     

Profile ID: LFUS-PAI-O-874048

  Search
All data on this website is collected from public sources. Our data reflects the most accurate information available at the time of publication.

Canada

 Charities
 Companies
 MP Candidates
 Patents
 Employee Salary Disclosure

World

 Places of the World
 Scientific Papers

United States

 Banks
 Companies
 Counties
 Patents
 Employee Salary Disclosure