Method and apparatus for geographically regulating inbound and outbound network communications
First Claim
Patent Images
1. A method for a geographic filter of information transmitting, or that could transmit, on a network, the method comprising:
- a) a network object on which the method is embodied;
b) configuring network object components by means of;
sending or receiving information used to generate a set of persistent geographic associations, and least one geographic security assertion;
c) optimizing said information in accordance with at least one algorithm;
d) instantiating at least one geographic security assertions by means of redefining said geographic security assertion into a compact representation in which a contextual property of memory storage inherently determines a security action;
e) receiving information and extracting communication attributes, and, comparing the extracted attributes to the compact memory representation of said geographic security assertions, the result of said comparison resulting in a predetermined action being taken in response to said information; and
f) logging operational attributes and the reporting of said logged attributes.
2 Assignments
0 Petitions
Accused Products
Abstract
A system and method for regulating and analyzing inbound and outbound communications in and between computer networks on the basis of geographic security assertions are provided. Geographic information is collected, optimized, and shared between network objects to enforce network access control on the basis of configurable security assertions. Security assertions are configured and metrics displayed using maps and other geographic data in a graphical user interface.
64 Citations
20 Claims
-
1. A method for a geographic filter of information transmitting, or that could transmit, on a network, the method comprising:
-
a) a network object on which the method is embodied;
b) configuring network object components by means of;
sending or receiving information used to generate a set of persistent geographic associations, and least one geographic security assertion;
c) optimizing said information in accordance with at least one algorithm;
d) instantiating at least one geographic security assertions by means of redefining said geographic security assertion into a compact representation in which a contextual property of memory storage inherently determines a security action;
e) receiving information and extracting communication attributes, and, comparing the extracted attributes to the compact memory representation of said geographic security assertions, the result of said comparison resulting in a predetermined action being taken in response to said information; and
f) logging operational attributes and the reporting of said logged attributes. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 16, 17, 18, 19, 20)
-
-
15. A computer program product implementing the method of blocking incoming and outgoing network traffic from countries, geographic regions, and other entities associated with geographic regions, constituting a geographic filter, the method comprising:
-
a. a Network device such as a server on which the method is embodied;
b. Executing computer code for collecting geographic information in which IP address groups are associated with countries and with entities affiliated with countries;
c. Executing computer code for utilizing security assertions that define network object access privileges for said countries;
d. Executing computer code for redefining security assertions into a list of IP addresses that are used to enforce access control;
e. Executing computer code for storing said list of IP addresses within a persistent memory structure;
f. Executing computer code for examining IP network traffic, extracting IP addresses, and comparing the extracted IP addresses to a list of IP addresses and other information sources;
g. Executing computer code to respond to network traffic based on the locating of an IP address within a table; and
h. Executing computer code for Logging, Aggregating, and Displaying the operational attributes of a given geographic filter device and its peers.
-
Specification