System and Method for Location, Time-of-Day, and Quality-of-Service Based Prioritized Access Control

US 20120291128A1
Filed: 07/25/2012
Published: 11/15/2012
Est. Priority Date: 12/11/2009
Status: Active Grant

First Claim

Patent Images

1. A priority server for a provider network, comprising:

a traffic volume detection module that receives operational information from the provider network and determines that a host on the provider network is experiencing a flash event based upon the operational information;

a traffic analyzer module that determines that the flash event is not a distributed denial of service attack on the host; and

a rules module that provides a priority rule to an access router in the provider network that is coupled to the host in response to determining that the flash event is not a distributed denial of service attack.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A priority server for a provider network includes a traffic volume detection module, a traffic analyzer module, and a rules module. The traffic volume detection module receives operational information from the provider network and determines that a host is experiencing a flash event based upon the operational information. The traffic analyzer module determines that the flash event is not a distributed denial of service attack on the host. When it is determined that the flash event is not a distributed denial of service attack, the rules module provides a priority rule to an access router that is coupled to the host.

43 Citations

View as Search Results

20 Claims

1. A priority server for a provider network, comprising:
- a traffic volume detection module that receives operational information from the provider network and determines that a host on the provider network is experiencing a flash event based upon the operational information;
  
  a traffic analyzer module that determines that the flash event is not a distributed denial of service attack on the host; and
  
  a rules module that provides a priority rule to an access router in the provider network that is coupled to the host in response to determining that the flash event is not a distributed denial of service attack.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The priority server of claim 1, wherein a characteristic of packets routed in the provider network that are associated with the flash event includes a geographic location that is a source of the packets, and wherein the priority rule is based upon the characteristic.
  - 3. The priority server of claim 1, wherein a characteristic of packets routed in the provider network that are associated with the flash event includes a time at which the packets entered the provider network, and wherein the priority rule is based upon the characteristic.
  - 4. The priority server of claim 3, wherein the time includes a time zone.
  - 5. The priority server of claim 3, wherein the time includes a range of times.
  - 6. The priority server of claim 1, wherein a characteristic of packets routed in the provider network that are associated with the flash event includes a port of the host that is a target of the packets, and wherein the priority rule is based upon the characteristic.
  - 7. The priority server of claim 1, wherein a characteristic of packets routed in the provider network that are associated with the flash event includes a particular network protocol that is associated with the packets, and wherein the priority rule is based upon the characteristic.

8. A method of prioritizing traffic in a provider network, comprising:
- receiving at a traffic volume detection module of a priority server operational information from the provider network;
  
  determining that a host on the provider network is experiencing a flash event based upon the operational information;
  
  determining that the flash event is not a distributed denial of service attack on the host; and
  
  in response to determining that the flash event is not a distributed denial of service attack, providing a priority rule to an access router in the provider network that is coupled to the host, wherein the priority rule is based upon a characteristic of packets routed in the provider network that are associated with the flash event.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The method of claim 8, wherein the characteristic includes a geographic location that is a source of the packets.
  - 10. The method of claim 8, wherein the characteristic includes a time at which the packets entered the provider network.
  - 11. The method of claim 10, wherein the time includes a time zone.
  - 12. The method of claim 11, wherein the time includes a range of times.
  - 13. The method of claim 8, wherein the characteristic includes a port of the host that is a target of the packets.
  - 14. The method of claim 8, wherein the characteristic includes a particular network protocol that is associated with the packets.

15. Machine-executable code for managing prioritized access rules, wherein the machine-executable code is embedded within a tangible medium and includes instructions for carrying out operations comprising:
- receiving operational information from a provider network;
  
  determining that a host on the provider network is experiencing a flash event based upon the operational information;
  
  determining that the flash event is not a distributed denial of service attack on the host; and
  
  in response to determining that the flash event is not a distributed denial of service attack, providing a priority rule to an access router in the provider network that is coupled to the host.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The machine-executable code of claim 15, wherein the characteristic includes a geographic location that is a source of the packets.
  - 17. The machine-executable code of claim 15, wherein the characteristic includes a time at which the packets entered the provider network.
  - 18. The machine-executable code of claim 17, wherein the time includes a time zone.
  - 19. The machine-executable code of claim 15, wherein the characteristic includes a port of the host that is a target of the packets.
  - 20. The machine-executable code of claim 15, wherein the characteristic includes a particular network protocol that is associated with the packets.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
AT&T Intellectual Property I LP (AT&T, Inc.)
Original Assignee
AT&T Intellectual Property I LP (AT&T, Inc.)
Inventors
Jayawardena, Thusitha, de los Reyes, Gustavo

Granted Patent

US 8,644,159 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/22
CPC Class Codes

H04L 43/028   by filtering

H04L 63/0227   Filtering policies mail mes...

H04L 63/1416   Event detection, e.g. attac...

H04L 63/1458   Denial of Service

System and Method for Location, Time-of-Day, and Quality-of-Service Based Prioritized Access Control

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

43 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

System and Method for Location, Time-of-Day, and Quality-of-Service Based Prioritized Access Control

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

43 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links