System and method for improved network security
First Claim
1. A system of establishing a secure link among multiple users on a single machine with a remote machine, comprising:
- a subsystem to filter traffic so that traffic from each user is separate;
wherein the subsystem generates and associates a Security Association (SA) with at least one filter corresponding to the user and the traffic and employs the SA to establish the secure link.
2 Assignments
0 Petitions
Accused Products
Abstract
A system is provided for establishing a secure link among multiple users on a single machine with a remote machine. The system includes a subsystem to filter traffic so that traffic from each user is separate. The subsystem generates and associates a Security Association (SA) with at least one filter corresponding to the user and the traffic, and employs the SA to establish the secure link. An Internet Key Exchange module and a policy module may be included to generate and associate the security association, wherein the policy module is configured via Internet Protocol Security (IPSEC).
86 Citations
34 Claims
-
1. A system of establishing a secure link among multiple users on a single machine with a remote machine, comprising:
-
a subsystem to filter traffic so that traffic from each user is separate;
wherein the subsystem generates and associates a Security Association (SA) with at least one filter corresponding to the user and the traffic and employs the SA to establish the secure link. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 22, 23, 24, 25)
-
-
16. A system of establishing a secure link between a first machine and multiple services on a second machine, comprising:
-
a subsystem to filter traffic so that traffic from each service is separate;
wherein the subsystem generates and associates a Security Association (SA) with at least one filter corresponding to the user and the service and employs the SA to establish the secure link. - View Dependent Claims (17, 18, 19, 20, 21)
-
-
26. A method of establishing a secure link among multiple users on a single machine with a remote machine, comprising the steps of:
-
filtering traffic so that traffic from each user is separate;
negotiating and authenticating a Security Association (SA) with at least one filter corresponding to the user and the traffic; and
employing the SA to establish the secure link.
-
-
27. A method of establishing a secure link between a first machine and multiple services on a second machine, comprising the steps of:
-
filtering traffic so that traffic from each service is separate;
negotiating and authenticating a Security Association (SA) with at least one filter corresponding to the services and the traffic; and
employing the SA to establish the secure link.
-
-
28. A system for establishing a secure link among multiple users on a single machine with a remote machine, comprising:
-
means for filtering traffic so that traffic from each user is separate;
means for negotiating and authenticating a Security Association (SA) with at least one filter corresponding to the user and the traffic; and
means for employing the SA to establish the secure link.
-
-
29. A system of establishing a secure link between a first machine and multiple services on a second machine, comprising:
-
means for filtering traffic so that traffic from each service is separate;
means for negotiating and authenticating a Security Association (SA) with at least one filter corresponding to the services and the traffic; and
means for employing the SA to establish the secure link.
-
-
30. A computer readable medium having stored thereon computer executable components, comprising:
-
a component to filter traffic between a first machine, having multiple users, and a second machine so that traffic for the first machine is separated in accordance with the respective users; and
a component to generate and associate a Security Association (SA) with at least one filter, corresponding to at least one of the users and the respective traffic, and employs the SA to establish a secure link between the first and second machines.
-
-
31. A data packet adapted to be transmitted between at least two processes, comprising:
-
a first component to filter traffic between a first process, associated with multiple users, and a second process so that traffic for the first process is separated in accordance with the respective users; and
a second component to generate and associate a Security Association (SA) with at least one filter, corresponding to at least one of the users and the respective traffic, and employs the SA to establish a secure link between the first and second processes.
-
-
32. A computer readable medium having stored thereon computer executable components, comprising:
-
a component to filter traffic between a first machine, having multiple services, and a second machine so that traffic for the first machine is separated in accordance with the respective services; and
a component to generate and associate a Security Association (SA) with at least one filter, corresponding to at least one of the services and the respective traffic, and employs the SA to establish a secure link between the first and second machines.
-
-
33. A data packet adapted to be transmitted between at least two processes, comprising:
-
a first component to filter traffic between a first process, associated with multiple services, and a second process so that traffic for the first process is separated in accordance with the respective services; and
a second component to generate and associate a Security Association (SA) with at least one filter, corresponding to at least one of the services and the respective traffic, and employs the SA to establish a secure link between the first and second processes. - View Dependent Claims (34)
-
Specification