Controlling passage of packets or messages via a virtual connection or flow
First Claim
1. A method for controlling a virtual connection or flow of packets or messages between a device and a network which conforms to a predefined communication protocol, comprising:
- examining a packet or message for network protocol information that indicates if the packet or message triggers a step in managing a virtual connection or flow;
if the packet or message triggers a step, identifying the step from the packet or message network protocol information and applying predefined authorization allow and deny rules that indicate whether destination access should be denied to determine whether to permit the step to occur;
if application of the authorization allow and deny rules permit a step that starts a virtual connection or flow, setting up the virtual connection or flow and updating information on the state of virtual connections or flows;
if application of the authorization allow and deny rules permit a step that terminates a virtual connection or flow, terminating the virtual connection or flow and updating information on the state of virtual connections or flows; and
if the packet or message does not trigger a step, permitting the packet or message to pass directly via the virtual connection or flow, without applying the predefined authorization allow and deny rules.
5 Assignments
0 Petitions
Accused Products
Abstract
Passage of packets or messages is controlled between a device and a network via a virtual connection or flow which conforms to a predefined communication protocol. In connection with processing a packet or message that triggers a step in managing the virtual connection or flow, predefined authorization rules are applied to determine whether to permit the step to occur. In connection with processing a packet or message that does not trigger a step in managing the virtual connection or flow, the packet or message is permitted to pass directly via the virtual connection or flow, without applying the predefined authorization rules.
-
Citations
14 Claims
-
1. A method for controlling a virtual connection or flow of packets or messages between a device and a network which conforms to a predefined communication protocol, comprising:
-
examining a packet or message for network protocol information that indicates if the packet or message triggers a step in managing a virtual connection or flow; if the packet or message triggers a step, identifying the step from the packet or message network protocol information and applying predefined authorization allow and deny rules that indicate whether destination access should be denied to determine whether to permit the step to occur; if application of the authorization allow and deny rules permit a step that starts a virtual connection or flow, setting up the virtual connection or flow and updating information on the state of virtual connections or flows; if application of the authorization allow and deny rules permit a step that terminates a virtual connection or flow, terminating the virtual connection or flow and updating information on the state of virtual connections or flows; and if the packet or message does not trigger a step, permitting the packet or message to pass directly via the virtual connection or flow, without applying the predefined authorization allow and deny rules. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
Specification