METHOD AND APPARATUS FOR PROVIDING NETWORK SECURITY USING ROLE-BASED ACCESS CONTROL
First Claim
Patent Images
1. A method comprising:
- populating a forwarding table with a user group identifier, whereinsaid user group identifier is a source user group identifier, and so identifies a source user group, anda source of a packet is in said source user group.
0 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus for providing network security using role-based access control is disclosed. A network device implementing such a method can include, for example, an access control list. Such an access control list includes an access control list entry, which, in turn, includes a user group field. Alternatively, a network device implementing such a method can include, for example, a forwarding table that includes a plurality of forwarding table entries. In such a case, at least one of the forwarding table entries includes a user group field.
-
Citations
22 Claims
-
1. A method comprising:
populating a forwarding table with a user group identifier, wherein said user group identifier is a source user group identifier, and so identifies a source user group, and a source of a packet is in said source user group. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
13. A computer program product comprising:
-
a plurality of instructions, comprising a first set of instructions, executable on a computer system, configured to populate a forwarding table with a user group identifier, wherein said user group identifier is a source user group identifier, and so identifies a source user group, and a source of a packet is in said source user group; and a computer-readable storage medium, wherein said instructions are encoded in said computer-readable storage medium. - View Dependent Claims (14, 15, 16, 17, 18)
-
-
19. An apparatus comprising:
-
means for extracting a user group identifier from a packet; and said user group identifier is a source user group identifier, and so identifies a source user group, and a source of said packet is in said source user group; and means for populating a forwarding table with said user group identifier. - View Dependent Claims (20, 21, 22)
-
Specification