RESTRICTING COMMUNICATION OF SELECTED PROCESSES TO A SET OF SPECIFIC NETWORK ADDRESSES
6 Assignments
0 Petitions
Accused Products
Abstract
Selected processes are associated with sets of specific network addresses, and the associations are stored. When a selected process creates a child process, an association between the child process and the set of network addresses with which the parent process is associated is stored. When a selected process is deleted, the association between the selected process and its set of network addresses is deleted. Each selected process is restricted to network address-based communication via its associated set of network addresses. Certain communication protocol subroutines associated with network address-based communication are intercepted by an interception module. The interception module detects attempts by selected processes to communicate via network addresses. If a selected process attempts to communicate via an unassociated network addresses, the attempted communication is prohibited.
102 Citations
93 Claims
-
1-92. -92. (canceled)
-
93. A computer system for restricting network address based communication, comprising:
-
means for associating at least one selected process with at least one network address; means for determining whether an attempted network address-based communication of a selected process is via an associated address; and means for allowing the communication to proceed if the communication is via an associated address.
-
Specification