Identity based flow control of IP traffic
First Claim
Patent Images
1. A firewall managing server comprising:
- a receiving unit configured to receive authentication information of a first node used for verification of remote nodes'"'"' authentication attempts, and to receive a token from at least one remote node;
an authentication unit configured to perform authentication of the at least one remote node based on the token; and
a setting unit configured to, if the authentication is successful, set rules of a firewall through which all communication towards a first node goes to accept packets from an address of the remote node to the address of the first node.
1 Assignment
0 Petitions
Accused Products
Abstract
Authentication information of a first node is received which are used for verification of remote nodes'"'"' authentication attempts, and a token is received from at least one remote node. Authentication of the at least one remote node is performed based on the token, and, if the authentication is successful, rules of a firewall are set through which all communication towards a first node goes to accept packets from an address of the remote node to the address of the first node.
-
Citations
42 Claims
-
1. A firewall managing server comprising:
-
a receiving unit configured to receive authentication information of a first node used for verification of remote nodes'"'"' authentication attempts, and to receive a token from at least one remote node; an authentication unit configured to perform authentication of the at least one remote node based on the token; and a setting unit configured to, if the authentication is successful, set rules of a firewall through which all communication towards a first node goes to accept packets from an address of the remote node to the address of the first node. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A node comprising:
a providing unit configured to provide a ticket to a remote node of a communication network, the ticket authenticating the remote node to access the node through a firewall node. - View Dependent Claims (11, 12, 13)
-
14. A node comprising:
-
an authentication unit configured to perform authentication of a second node at a firewall of a first node; a sending unit configured to, if the authentication is successful, allow packets from an address of the second node to an address of the first node through the firewall; and a traffic control unit configured to receive a message for controlling an amount of traffic towards the first node. - View Dependent Claims (15)
-
-
16. A firewall managing method comprising:
-
receiving authentication information of a first node used for verification of remote nodes'"'"' authentication attempts, and receiving a token from at least one remote node; performing authentication of the at least one remote node based on the token; and if the authentication is successful, setting rules of a firewall through which all communication towards a first node goes to accept packets from an address of the remote node to the address of the first node. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 31, 33, 35)
-
-
25. A method comprising:
providing a ticket to a remote node of a communication network, the ticket authenticating the remote node to access a node through a firewall node. - View Dependent Claims (26, 27, 28)
-
29. A method comprising:
-
performing authentication at a firewall of a first node; if the authentication is successful, sending packets from an address of the node to an address of the first node through the firewall; and receiving a message for controlling an amount of traffic towards the first node. - View Dependent Claims (30, 32, 34, 36)
-
-
37. A firewall managing server comprising:
-
means for receiving authentication information of a first node used for verification of remote nodes'"'"' authentication attempts, and for receiving a token from at least one remote node; means for performing authentication of the at least one remote node based on the token; and means for, if the authentication is successful, setting rules of a firewall through which all communication towards a first node goes to accept packets from an address of the remote node to the address of the first node.
-
-
38. A semiconductor chip comprising:
-
a receiving unit configured to receive authentication information of a first node used for verification of remote nodes'"'"' authentication attempts, and to receive a token from at least one remote node; an authentication unit configured to perform authentication of the at least one remote node based on the token; and a setting unit configured to, if the authentication is successful, set rules of a firewall through which all communication towards a first node goes to accept packets from an address of the remote node to the address of the first node.
-
-
39. A node comprising:
means for providing a ticket to a remote node of a communication network, the ticket authenticating the remote node to access the node through a firewall node.
-
40. A semiconductor chip comprising:
a providing unit configured to provide a ticket to a remote node of a communication network, the ticket authenticating the remote node to access the node through a firewall node.
-
41. A node comprising:
-
means for performing authentication at a firewall of a first node; means for, if the authentication is successful, sending packets from an address of the node to an address of the first node through the firewall; and means for receiving a message for controlling an amount of traffic towards the first node.
-
-
42. A semiconductor chip comprising:
-
an authentication unit configured to perform authentication at a firewall of a first node; a sending unit configured to, if the authentication is successful, send packets from an address of the node to an address of the first node through the firewall; and a traffic control unit configured to receive a message for controlling an amount of traffic towards the first node.
-
Specification