Electrical computers and digital processing systems: multicomput – Computer network managing
Reexamination Certificate
2000-10-12
2004-07-13
Eng, David Y. (Department: 2155)
Electrical computers and digital processing systems: multicomput
Computer network managing
Reexamination Certificate
active
06763378
ABSTRACT:
BACKGROUND OF THE INVENTION
1. Technical Field
The present invention relates to security in a network computer environment. More specifically, the present invention relates to security in computer networks which use several TCP/IP ports.
2. Description of Related Art
As applications become increasingly net-centric, myriad TCP/IP ports are tapped to provide various functions undreamed of only a few years ago. Numerous applications now communicate via obscure, but dedicated, TCP/IP ports and accordingly, provisions must be made within each system to allow connections upon these ports as warranted. If this increase in port nomenclature and usage were not enough to confound security, the boundaries between “secured” and “unsecured” are becoming more difficult to fathom as well, as the old model of a bastion firewall marking the border between a hostile outside and a benign corporate environment is increasingly outmoded.
This blurring of the lines can be demonstrated firstly by the incorporation of multiple web-servers, and even multiple domains, within the “secure” side of organizational firewalls. As outsiders are permitted electronic entry into an organization through designated TCP/IP ports, the old “outside-is-dangerous, inside-is-safe” model breaks down. Furthermore, organizations are increasingly subject to multiple levels of security even within their firewalls; examples of this are school districts, which need deterrents not only from the outside world, but also between the student-accessible computers and the administrative computers housing grades and student records.
It is clear that old security paradigms based upon a singular, well-controlled entry point into an organization now solve only part of the problem. It is also apparent that new security methods must be developed to safeguard systems as individual entities, given this new level of complexity inherent in system's models.
Because of the ambiguities between which subnetwork, machines and directory structures are safe and which are not, the solution should exist on the individual systems themselves. Secondly, because each unique system is going to be tasked with primary job responsibilities, it is of great importance that the systems not be loaded with any CPU-intensive processes in monitoring port usage upon its own system. Minimizing the impact of such a monitoring tool upon any jobs running on the targeted system is paramount. Security must not be accompanied by significant reduction in the performance of the host systems.
Currently, solutions exist only at the firewall, with the limitations described above, or at the host level, with heavy demands upon the resources of the target system. Therefore, a port monitoring method that can be implemented on the individual client computers in a network, but does not add an undue processing burden, would be desirable.
SUMMARY OF THE INVENTION
The present invention provides a method for monitoring incoming data from an external computer network. The invention comprises polling all active port connections in a data processing system at regular intervals and comparing these connections to a table of authorized ports and IP addresses. Any unauthorized connections are logged and a network administrator is notified. The present invention can be implemented on clients within a computer network.
REFERENCES:
patent: 5862238 (1999-01-01), Agnew et al.
patent: 6021789 (2000-02-01), Akatsu et al.
patent: 6094434 (2000-07-01), Kotzur et al.
patent: 6260073 (2001-07-01), Walker et al.
Hamilton, II Rick Allen
Langford John Steven
Lipton Steven Jay
Eng David Y.
International Business Machines - Corporation
Mims Jr. David A.
O'Hagan Christopher P.
Yee Duke W.
LandOfFree
Synchronous TCP/IP port monitor for enhanced computer system... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Synchronous TCP/IP port monitor for enhanced computer system..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Synchronous TCP/IP port monitor for enhanced computer system... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3222171