COMPUTER SECURITY SYSTEM
First Claim
1. A method of packet management for restricting access to a resource of a computer system using client parameters and network parameters, as packet management information, said method comprising:
- inserting, at a first device, the packet management information and a session ID into at least a portion of information packets sent from the first device to a second device;
monitoring, at the second device, the packet management information of the portion of the information packets sent from the first device; and
filtering out respective information packets sent to the second device from the first device when the monitored packet management information indicates that access to the resource is restricted.
11 Assignments
0 Petitions
Accused Products
Abstract
A method of packet management for restricting access to a resource of a computer system. The method includes identifying client parameters and network parameters, as a packet management information, used to determine access to the resource, negotiating a session key between client and server devices, generating a session ID based on at least the negotiated session key, inserting the packet management information and the session ID into each information packet sent from the client device to the server device, monitoring packet management information in each information packet from the client device, and filtering out respective information packets sent to the server device from the client device when the monitored packet management information indicates that access to the resource is restricted.
251 Citations
26 Claims
-
1. A method of packet management for restricting access to a resource of a computer system using client parameters and network parameters, as packet management information, said method comprising:
-
inserting, at a first device, the packet management information and a session ID into at least a portion of information packets sent from the first device to a second device; monitoring, at the second device, the packet management information of the portion of the information packets sent from the first device; and filtering out respective information packets sent to the second device from the first device when the monitored packet management information indicates that access to the resource is restricted. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A method of packet management for restricting access to a resource of a computer system, said method comprising the steps of:
-
a) identifying client parameters and network parameters, as packet management information, used to determine access to the resource; b) negotiating a session key between client and server devices; c) generating a session ID based on at least the negotiated session key; d) inserting the packet management information and the session ID into each information packet sent from the client device to the server device; e) monitoring packet management information in each information packet from the client device; and f) filtering out respective information packets sent to the server device from the client device when the monitored packet management information indicates that access to the resource is restricted. - View Dependent Claims (7, 8, 9, 10, 11, 12, 13)
-
-
14. A server device configured to communicate with a client device to restrict access to a resource of a computer system using packet management information in information packets received from the client device, comprising:
-
a storage unit for storing identified client parameters and network parameters, as the packet management information, used for comparison with rules for determining access to the resource; a packet processor for removing at least the packet management information inserted by the client device into information packets sent from the client device; and a packet manager for monitoring the removed packet management information and for controlling the packet processor to filter out respective information packets sent to the server device when the monitored packet management information indicates that access to the resource is restricted. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23)
-
-
24. A system for restricting access to a resource of a computer system using packet management information that includes network and device parameters, comprising:
-
a first device for inserting the packet management information into information packets destined for the resource of the computer system; and a second device including; a packet processor for removing at least the packet management information inserted by the first device into information packets received from the first device, and a packet manager for monitoring the removed packet management information in the information packets from the client device and for controlling the packet processor to filter out respective information packets when the network and client parameters indicate that access to the resource is restricted. - View Dependent Claims (25, 26)
-
Specification