Electrical computers and digital processing systems: multicomput – Computer-to-computer session/connection establishing – Network resources access controlling
Reexamination Certificate
2006-01-31
2006-01-31
Etienne, Ario (Department: 2157)
Electrical computers and digital processing systems: multicomput
Computer-to-computer session/connection establishing
Network resources access controlling
C713S152000, C340S005800
Reexamination Certificate
active
06993588
ABSTRACT:
A system and methods are disclosed that permit mobile code, such as an applet, to create a network connection with a content server on a network, without exposing the client computer that is running the applet, or other computers with which the client computer may communicate, to a DNS spoofing attack. This is achieved in accordance with the principles of the present invention by using network restriction software in the execution engine or runtime system under which the applet executes. When the applet attempts to create a network connection to a content server, the network restriction software checks a “name directory” on the content server for the presence of an entry whose name corresponds to the name of the computer from which the applet was downloaded. If such an entry is present, then the network restriction software permits the network connection between the applet and the content server to be created. If not, the applet may not create a network connection with the content server. Additionally, address checks may be applied to assist in preventing DNS spoofing attacks from succeeding.
REFERENCES:
patent: 5983348 (1999-11-01), Ji
patent: 6092194 (2000-07-01), Touboul
patent: 6208995 (2001-03-01), Himmel et al.
patent: 6321267 (2001-11-01), Donaldson
patent: 6571338 (2003-05-01), Shaio et al.
patent: 6728886 (2004-04-01), Ji et al.
patent: 6754621 (2004-06-01), Cunningham et al.
patent: 2002/0013910 (2002-01-01), Edery et al.
patent: 2003/0110161 (2003-06-01), Schneider
patent: 1081918 (2001-03-01), None
patent: WO 98/21666 (1998-05-01), None
patent: WO 99/30238 (1999-06-01), None
Java security: from HotJava to Netscape and beyond□□Dean, D.; Felten, E.W.; Wallach, D.S. □□Security and Privacy, 1996. Proceedings., 1996 IEEE Symposium on, vol., Iss., May 6-8, 1996. pp.: 190-200.
Balfanz, D. and E.W. Felten, “A Java Filter,” Technical Report, Department of Computer Science, Princeton University, Sep. 1997 (p. 1-7).
Gong, L., et al., “Going Beyond the Sandbox: An Overview of the New Security Architecture in the Java™ Development Kit 1.2,” Paper presented at the USENIX Symposium on Internet Technologies and Systems, Monterey, CA (Dec. 1997).
Dean, D., et al., “Java Security: From HotJava to Netscape and Beyond,” Paper presented at the IEEE Symposium on Security and Privacy, Oakland, CA (May 1996).
“Robots.txt Tutorial”, PHD Software Systems, (1996-2002). Retrieved from the Internet <URL:http://www.searchengineworld.com/robots/robots—tutorial.htm>.
Panagiotis, C., “HOSTS.EQUIV(4),”Man-cgi 1.11,(1994). Retrieved from the Internet <URL:http://www.mcsr.olemiss.edu/cgi-bin/man-cgi?rhosts+4>.
Secure Computing with Java™: Now and the Future [online], Aug. 2001 [retrieved on Feb. 12, 2002]. Retrieved from the Internet <URL:http://java.sun.com/marketing/collateral/security.html>.
Curry, D.A., “Network Security” inUNIX® System Security, A Guide for Users and System Administrators(MA: Addison-Wesley Publishing Company, Inc.), pp. 63-85 (1992).
Garfinkel, S. and Spafford, G., “Networks and Security” inPractical UNIX Security(CA: O'Reilly & Associates, Inc.) pp. 221-253 (1992).
Kaufman, C., et al., “Authentication Systems” inNetwork Security, Private Communication in a Public World(NJ: PTR Prentice Hall), pp. 177-203 (1995).
Cheswick, W.R. and Bellovin, S.M., “Firewall Gateways,” inFirewalls and Internet Security: Repelling the Wily Hacker(MA: Addison-Welsley Publishing Company), pp. 51-83 (1994).
Davis Donald T.
Kranz David A.
Martin Elizabeth A.
Alam Uzma
Etienne Ario
Finnegan Henderson Farabow Garrett & Dunner LLP
Sumisho Computer Systems Corporation
LandOfFree
System and methods for securely permitting mobile code to... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with System and methods for securely permitting mobile code to..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and System and methods for securely permitting mobile code to... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3566541