MOBILE USER IDENTITY AND/OR SIM-BASED IOT IDENTITY AND APPLICATION IDENTITY BASED SECURITY ENFORCEMENT IN SERVICE PROVIDER NETWORKS
First Claim
1. A system, comprising:
- a processor configured to;
monitor network traffic on a service provider network at a security platform to identify a subscriber identity for a new session;
determine an application identifier for user traffic associated with the new session at the security platform; and
determine a security policy to apply at the security platform to the new session based on the subscriber identity and the application identifier; and
a memory coupled to the processor and configured to provide the processor with instructions.
1 Assignment
0 Petitions
Accused Products
Abstract
Techniques for mobile user identity and/or SIM-based IoT identity and application identity based security enforcement in service provider networks (e.g., service provider networks for mobile subscribers) are disclosed. In some embodiments, a system/process/computer program product for mobile user identity and/or SIM-based IOT identity and application identity based security enforcement in service provider networks includes monitoring network traffic on a service provider network at a security platform to identify a subscriber identity for a new session; determining an application identifier for user traffic associated with the new session at the security platform; and determining a security policy to apply at the security platform to the new session based on the subscriber identity and the application identifier.
-
Citations
20 Claims
-
1. A system, comprising:
-
a processor configured to; monitor network traffic on a service provider network at a security platform to identify a subscriber identity for a new session; determine an application identifier for user traffic associated with the new session at the security platform; and determine a security policy to apply at the security platform to the new session based on the subscriber identity and the application identifier; and a memory coupled to the processor and configured to provide the processor with instructions. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method, comprising:
-
monitoring network traffic on a service provider network at a security platform to identify a subscriber identity for a new session; determining an application identifier for user traffic associated with the new session at the security platform; and determining a security policy to apply at the security platform to the new session based on the subscriber identity and the application identifier. - View Dependent Claims (12, 13, 14, 15)
-
-
16. A computer program product, the computer program product being embodied in a tangible computer readable storage medium and comprising computer instructions for:
-
monitoring network traffic on a service provider network at a security platform to identify a subscriber identity for a new session; determining an application identifier for user traffic associated with the new session at the security platform; and determining a security policy to apply at the security platform to the new session based on the subscriber identity and the application identifier. - View Dependent Claims (17, 18, 19, 20)
-
Specification