Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Protection at a particular protocol layer
Patent
1997-05-06
1999-11-16
Beausoliel, Jr., Robert W.
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Protection at a particular protocol layer
G06F 1300
Patent
active
059876115
ABSTRACT:
A computing environment with methods for monitoring access to an open network, such as a WAN or the Internet, is described. The system includes one or more clients, each operating applications or processes (e.g., Netscape Navigator.TM. or Microsoft Internet Explorer.TM. browser software) requiring Internet (or other open network) access (e.g., an Internet connection to one or more Web servers). Client-based monitoring and filtering of access is provided in conjunction with a centralized enforcement supervisor. The supervisor maintains access rules for the client-based filtering and verifies the existence and proper operation of the client-based filter application. Access rules which can be defined can specify criteria such as total time a user can be connected to the Internet (e.g., per day, week, month, or the like), time a user can interactively use the Internet (e.g., per day, week, month, or the like), a list of applications or application versions that a user can or cannot use in order to access the Internet, a list of URLs (or WAN addresses) that a user application can (or cannot) access, a list of protocols or protocol components (such as Java Script.TM.) that a user application can or cannot use, and rules to determine what events should be logged (including how long are logs to be kept). By intercepting process loading and unloading and keeping a list of currently-active processes, each client process can be checked for various characteristics, including checking executable names, version numbers, executable file checksums, version header details, configuration settings, and the like. With this information, the system can determine if a particular process in question should have access to the Internet and what kind of access (i.e., protocols, Internet addresses, time limitations, and the like) is permissible for the given specific user.
REFERENCES:
patent: 4914586 (1990-04-01), Swinehart et al.
patent: 5475817 (1995-12-01), Waldo et al.
patent: 5586260 (1996-12-01), Hu
patent: 5623601 (1997-04-01), Vu
patent: 5764887 (1998-06-01), Kells et al.
patent: 5815574 (1998-09-01), Fortinsky
patent: 5828833 (1998-10-01), Belville et al.
patent: 5832211 (1998-11-01), Blakley, III et al.
patent: 5838903 (1998-11-01), Blakely, III et al.
patent: 5857191 (1999-01-01), Blackwell, Jr. et al.
patent: 5864665 (1999-01-01), Tran
patent: 5875296 (1999-02-01), Shi et al.
patent: 5881230 (1999-03-01), Christensen et al.
Mullender, "Distributed Systems", Second Edition, ACM Press New York, Addison-Wesley, pp. 3. 12-13, 543-578, Dec. 1993.
ORFALI et al., "Essential Client/Server Survival Guide", Van Nostrand Reinhold, pp. 153-154, Dec. 1994.
Postel, J., "RFC 821--Simple Mail Transfer Protocol," Information Science Institute, University of Southern California, Aug. 1982, pp. 1-68.
Croker, D., "RFC 822--Standard for the format of ARPA Internet Text Messages," Department of Electrical Engineering, University of Delaware, Aug. 13, 1982, pp. 1-47.
Postel, J. and Reynolds, J., "RFC 959--File Transfer Protocol (FTP)," Information Science Institute, University of Southern California, Oct. 1985, pp. 1-47.
Kantor, B. (U.C. San Diego) and Lapsley, P. (U.C. Berkeley), "RFC 977--Network News Transfer Protocol, " Feb. 1986, pp. 1-27.
Berners-Lee, T., "RFC 1630--Universal Resource Identifiers in WWW," Jun. 1994, pp. 28.
Klensin, J., Freed, N., Rose, M., Stefferud, E. and Crocker, D., "RFC 1869--SMTP Service Extensions," Nov. 1995, pp. 1-11.
Kessler, G. and Shepard, S., "RFC 1739--A Primer On Internet And TCP/IP Tools," Hill Associates, Inc., Dec. 1994, pp. 1-46.
Myers, J. (Carnegie Mellon) and Rose, M. (Dover Beach Consulting, Inc.), "RFC 1939--Post Office Protocol--Version 3," May 1996, pp. 1-23.
Freed, N., "RFC 2034--SMTP Service Extension for Returning Enhanced Error Codes," Innosoft, Oct. 1996, pp. 1-6.
Freed, N., Borenstein, N., Moore, K., Klensin, J. and Postel, J., "RFC 2045/2046/2047/2048/2049--Multipurpose Internet Mail Extensions (MIME), Part 1: Format of Internet Message Bodies, Part 2: Media Types, Part 3: Message Header Extensions for Non-ASCII Text, Part 4: Registration Procedures, Part 5: Conformance Criteria and Examples," Nov. 1996, Part 1: pp. 1-31, Part 2: pp. 1-44, Part 3: pp. 1-15, Part 4: pp. 1-21, Part 5: pp. 1-24.
Crispin, M., "RFC 2060--Internet Message Access Protocol--Version 4rev1," University of Washington, Dec. 1996, pp. 1-82.
Palme, J. (Stockholm University) and Hopmann, A. (Microsoft Corporation), "RFC 2110--MIME E-mail Encapsulation of Aggregate Documents, such as HTML (MHTML)," Mar. 1997, pp. 1-19.
Fielding, R. (U.C. Irvine), Gettys, J. (DEC), Mogul, J. (DEC), Frystyk, H. (MIT/LCS) and Berers-Lee, T. (MIT/LCS), "Hypertext Transfer Protocol-HTTP/1.1," Internet Engineering Task Force (IETF)--Internet Draft, Aug. 12, 1996, pp. 1-52.
Marsh, K., "Win32 Hooks," Microsoft Developer Network Technology Group, Jul. 29, 1993 (revised Feb. 1994), pp. 1-14.
Dawson, D., "Firewalls 101--A Introduction to Ascend Secure Access," Ascend Network Secure Business Unit, Sep. 4, 1996, pp. 1-6.
Semeria, C., "Internet Firewalls and Security--A Technology Overview," 3Com Corporation, Sep. 4, 1996, pp. 1-16.
Felten, E., Balfanz, D., Dean, D. and Wallach, D., "Web Spoofing: An Internet Con Game--Technical Report 540-96," Department of Computer Science, Princeton University, 1996, pp. 1-9
Microsoft Corporation, "Microsoft Technical Notes--Browsing and Windows 95 Networking," 1995, pp. 1-38.
Windows Networking Design Team--Microsoft Corporation, "Microsoft TCP/IP VxD Interface Specification," Oct. 24, 1994, pp. 1-23.
TechNet/Corp. Network Systems/Bus. Systems Div.--Microsoft Corporation, "MS Windows NT 3.5/3.51: TCP/IP Implementation Details," May 22, 1996, pp. 1-65.
Shah, R., "Networking in Windows 95--SunWorld Online, " Nov. 1, 1995, pp. 1-6.
Rickard, J., "Internet Architecture," Boardwatch Magazine, 1996, pp. 1-11.
Microsoft Corporation, "Active Directory Design Specification, Version 1.0," Oct. 25, 1996, pp. 1-111.
Semeria, C., "Understanding IP Addressing--Everything You Ever Wanted To Know," NDS Marketing, 3Com Corporation, Apr. 26, 1996, pp. 1-62.
Hall, M. et al, "Windows Sockets 2 Service Provider Interface, Revision 2.2.0," Stardust Technologies, May 10, 1996, pp. 1-200.
Beausoliel, Jr. Robert W.
Elmore Stephen C.
Smart John A.
Zone Labs, Inc.
LandOfFree
System and methodology for managing internet access on a per app does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with System and methodology for managing internet access on a per app, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and System and methodology for managing internet access on a per app will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-1338682