Method and network for containing the spread of damage from a network element subject to compromise
First Claim
1. A computer network including at least one identifiable network element subject to compromise, said network comprising, in combination:
- a) at least one controller for performing or denying a service request of at least one network element;
b) at least one sensor for detecting and identifying at least one possibly compromised network element;
c) at least one directory for storing identifications of possibly compromised network elements; and
d) said network being arranged so that said at least one directory is addressable by said at least one sensor and accessible to said at least one controller whereby said at least one controller can deny a requested service to a requesting network element that is possibly compromised.
2 Assignments
0 Petitions
Accused Products
Abstract
A method and computer network for containing the spread of damage from a compromised element. A sensor is arranged to detect suspicious behavior of other identifiable network elements. When such suspicious behavior is detected, the identity of such network element is addressed and input to a directory. Such directory is addressable by various network elements, including network servers and routers or gateways that define choke points of the network, over either a network infrastructure (wide area network) or network interconnections (local area network). Such network architecture permits the various choke point network elements (controllers) to refer to the status of network elements requesting services, such as network configuration, that could result in the spread of damage, when deciding to provide or deny such services.
-
Citations
29 Claims
-
1. A computer network including at least one identifiable network element subject to compromise, said network comprising, in combination:
-
a) at least one controller for performing or denying a service request of at least one network element;
b) at least one sensor for detecting and identifying at least one possibly compromised network element;
c) at least one directory for storing identifications of possibly compromised network elements; and
d) said network being arranged so that said at least one directory is addressable by said at least one sensor and accessible to said at least one controller whereby said at least one controller can deny a requested service to a requesting network element that is possibly compromised. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A wide area computer network comprising, in combination:
-
a) a plurality of local area networks;
b) said local area networks being mutually addressable over a network infrastructure;
c) each of said local area networks including a plurality of identifiable network elements, at least one of said network elements being subject to compromise;
d) at least one local area network including a controller for servicing or denying a service request of at least one network element;
e) at least one sensor for detecting and identifying at least one possibly compromised network element;
f) at least one directory for storing identifications of possibly compromised network elements; and
g) said network being arranged so that said at least one directory is addressable by said at least one sensor and accessible to said at least one controller whereby said at least one controller can deny a requested service to a requesting network element that is possibly compromised. - View Dependent Claims (14, 15, 16, 17)
-
-
18. A local area computer network including at least one identifiable network element subject to compromise, said local area network comprising, in combination:
-
a) a plurality of network elements;
b) said network elements being mutually addressable over local area network interconnections;
c) at least one controller for servicing or denying a service request of at least one network element;
d) at least one sensor for detecting and identifying at least one possibly compromised network element;
e) at least one directory for storing identifications of possibly compromised network elements; and
f) said network being arranged so that said at least one directory is addressable by said at least one sensor and accessible to said at least one controller whereby said at least one controller can deny a requested service to a requesting network element that is possibly compromised. - View Dependent Claims (19, 20, 21, 22)
-
-
23. A method for containing the spread of damage within a computer network of the type that includes at least one uniquely identifiable network element subject to compromise, said method comprising the steps of:
-
a) sensing a possibly compromised network element;
thenb) storing the identification of said possibly compromised network element in a directory accessible to network elements that comprise choke points of said network;
thenc) referring to said directory for network element identifications when a service is requested of a network element comprising a choke point of said network; and
thend) denying said requested service when the identification of said requesting network element is present in said directory. - View Dependent Claims (24, 25, 26, 27, 28, 29)
-
Specification