Methods for internet communication security
First Claim
1. A product for authorizing network communications in a hypervisor, the product comprising a non-transitory computer-readable storage medium having computer-readable program code embodied therein, the computer-readable program code executable in a hypervisor to perform communication management operations, the communication management operations comprising:
- i) intercepting a first network packet in the hypervisor, the first network packet comprising a first higher-than-OSI layer three portion;
ii) decrypting, with a single-use cryptographic key, at least a portion of the first higher-than-OSI layer three portion to obtain one or more first packet parameters;
iii) authorizing the first network packet in the hypervisor, comprising;
comparing the one or more first packet parameters with one or more first expected values; and
iv) passing the authorized first network packet to a virtual device.
1 Assignment
0 Petitions
Accused Products
Abstract
The present disclosure relates to network security software cooperatively configured on plural nodes to authenticate and authorize devices, applications, users, and data protocol in network communications by exchanging nonpublic identification codes, application identifiers, and data type identifiers via pre-established communication pathways and comparing against pre-established values to provide authorized communication and prevent compromised nodes from spreading malware to other nodes.
171 Citations
24 Claims
-
1. A product for authorizing network communications in a hypervisor, the product comprising a non-transitory computer-readable storage medium having computer-readable program code embodied therein, the computer-readable program code executable in a hypervisor to perform communication management operations, the communication management operations comprising:
-
i) intercepting a first network packet in the hypervisor, the first network packet comprising a first higher-than-OSI layer three portion; ii) decrypting, with a single-use cryptographic key, at least a portion of the first higher-than-OSI layer three portion to obtain one or more first packet parameters; iii) authorizing the first network packet in the hypervisor, comprising;
comparing the one or more first packet parameters with one or more first expected values; andiv) passing the authorized first network packet to a virtual device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
-
Specification