Repeater and network system utilizing the same

US 6,111,883 A
Filed: 06/27/1997
Issued: 08/29/2000
Est. Priority Date: 07/12/1996
Status: Expired due to Fees

First Claim

Patent Images

1. A repeater for connecting two networks respectively connected to at least one terminal, comprising:

means for receiving a connection request packet designating a destination terminal from a transmission terminal;

means for identifying a user by referring to a user information field stored in said connection request packet;

means for controlling access depending on at least one attribute of said user in said connection request packet, and comprising;

an access control table for storing correspondence between at least one attribute of at least one user and accessible range of said networks; and

means for checking said at least one attribute of said user in said connection request packet with said accessible range of said networks according to said access control tablet;

means for transmitting said connection request packet to a next (stage) repeater provided to identify said user by referring to said user information field stored in said connection request packet;

a repeating route control table for storing at least one correspondence between a first address area designated by excluding specified address area and an address of another device provided to transfer the data to said first address area, and for storing correspondence between a second address area including said destination terminal and an address of another repeater provided to transfer the data to said second address area;

means for making a comparison between the destination terminal name field of said connection request packet and said destination terminal according to said repeating route control table; and

means for making a determination of the next (stage) repeater with reference to said repeating route control table based on said comparison.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In view of providing a network system enabling communication having passed fire walls (repeaters) and assuring high security and operation flexibility through access control based on users and applications, a user-held table indicating correspondence between repeaters and passwords, a repeater-held table indicating correspondence between users and passwords and a table indicating access regions are defined respectively for users, departments of users and official positions of users and a route control information storing table indicating correspondence between networks and next transmitting destination is also provided to execute the access control for each user. Moreover, the repeater is provided with the repeating route control table so that a repeater located in the course of route to the transmitting destination computer and allowing communication from the transmitting side computer is selected from the data repeating control table and the process for requesting the repeating operation of communication with the destination is executed to the selected repeater.

66 Citations

View as Search Results

32 Claims

1. A repeater for connecting two networks respectively connected to at least one terminal, comprising:
- means for receiving a connection request packet designating a destination terminal from a transmission terminal;
  
  means for identifying a user by referring to a user information field stored in said connection request packet;
  
  means for controlling access depending on at least one attribute of said user in said connection request packet, and comprising;
  
  an access control table for storing correspondence between at least one attribute of at least one user and accessible range of said networks; and
  
  means for checking said at least one attribute of said user in said connection request packet with said accessible range of said networks according to said access control tablet;
  
  means for transmitting said connection request packet to a next (stage) repeater provided to identify said user by referring to said user information field stored in said connection request packet;
  
  a repeating route control table for storing at least one correspondence between a first address area designated by excluding specified address area and an address of another device provided to transfer the data to said first address area, and for storing correspondence between a second address area including said destination terminal and an address of another repeater provided to transfer the data to said second address area;
  
  means for making a comparison between the destination terminal name field of said connection request packet and said destination terminal according to said repeating route control table; and
  
  means for making a determination of the next (stage) repeater with reference to said repeating route control table based on said comparison.
- View Dependent Claims (2, 3, 4)
- - 2. The repeater according to claim 1, wherein said means for controlling access executes access control by combining said attributes of said user in said access control table according to a predetermined rule.
  - 3. The repeater according to claim 2, wherein said attribute of said user in said access control table comprises at least one of a user name, an official position and a department.
  - 4. The repeater according to claim 3, further comprising:
    - means for changing said attribute of said user in said access control table according to information received via said networks.

5. A repeater for connecting two networks each being connected to at least one terminal, said repeater comprising:
- a repeating route control table for storing at least one correspondence between a first address area designated by excluding a specified address area and an address of another repeater provided to transfer the data to said first address area, and for storing correspondence between a second address area including said destination terminal and an address of another repeater provided to transfer the data to said second address area;
  
  means for receiving a connection request packet designating a destination terminal from a transmission terminal;
  
  means for making a comparison between the destination terminal name field of said connection request packet and said destination terminal according to said repeating route control table;
  
  means for making a determination of a next (stage) repeater with reference to said repeating route control table based on said comparison; and
  
  means for transmitting said connection request packet to said next (stage) repeater based on said determination.
- View Dependent Claims (6, 7)
- - 6. The repeater according to claim 5, further comprising:
    - means for changing contents of said repeating route control table according to information received via at least one of said networks.
  - 7. The repeater according to claim 6, wherein said means for changing changes said contents depending on a load condition, a fault condition or a designation of application running on said at least one terminal.

8. A computer program stored on a storage medium, for repeating a communication, when said computer program is executed by a computer which connects two networks each being connected to at least one terminal, said computer program causes said computer to perform the steps of:
- receiving a connection request packet designating a destination terminal of said at least one terminal from a transmission terminal of said at least one terminal;
  
  identifying a user by referring to a user information field stored in said connection request packet;
  
  controlling access depending on at least one attribute of said user in said connection request packet according to an access control table which stores correspondence between at least one attribute of at least one user and accessible range of said networks; and
  
  transmitting said connection request packet to a next (stage) repeater provided to identify said user by referring to said user information field stored in said connection request packet.
- View Dependent Claims (9, 10, 11, 12, 13)
- - 9. The computer program according to claim 8, wherein said controlling access step includes checking said at least one attribute of said user in said connection request packet with said accessible range of said networks according to said access control table.
  - 10. The computer program according to claim 9, further causing said computer to perform the steps of:
    - making a comparison between the destination terminal name field of said connection request packet and the repeater name according to a repeating route control table which stores correspondence between an address area including said destination terminal and an address of another repeater provided to transfer the data to said address area; and
      
      determining a next (stage) repeater with reference to said repeating route control table based on said comparison.
  - 11. The computer program according to claim 9, wherein said controlling access step further includes combining said attributes of said user in said access control table according to a predetermined rule.
  - 12. The computer program according to claim 11, wherein said attribute of said user in said access control table comprises at least one of a user name, an official position and a department.
  - 13. The computer program according to claim 12, further causing said computer to perform the step of:
    - changing said attribute of said user in said access control table according to information received via said networks.

14. A computer program stored on a storage medium, for repeating a communication, when said computer program is executed by a computer which connects two networks each being connected to at least one terminal, said computer program causes said computer to perform the steps of:
- receiving a connection request packet designating a destination terminal of said at least one terminal from a transmission terminal of said at least one terminal;
  
  making a comparison between the destination terminal name field of said connection request packet and a repeater name according to a repeating route control table which stores correspondence between an address of said destination terminal and an address of another repeater provided to transfer the data to the address;
  
  making a determination of a next (stage) repeater with reference to said repeating route control table based on said comparison; and
  
  transmitting a connection confirming packet to said destination terminal, a packet making said terminal transmit another connection request packet based on said determination.
- View Dependent Claims (15, 16, 17, 18)
- - 15. The computer program according to claim 14, further causing said computer to perform the step of:
    - changing contents of said repeating route control table according to information received via at least one of said networks.
  - 16. The computer program according to claim 15, wherein said changing step further includes changing said contents depending on a load condition, a fault condition or a designation of application running on said at least one terminal.
  - 17. The computer program according to claim 16, wherein said storage medium is included in a server connected to said at least one terminal of said networks;
    - and wherein said server transfers said computer program stored on said storage medium to said computer connected to said at least one terminal of said networks.
  - 18. A computer program according to claim 14 wherein said connection confirming packet includes a code making the transmission terminal judge whether the connection to said destination terminal is completed or not.

19. A method for connecting two networks each being connected to at least one terminal, comprising the steps of:
- receiving a connection request packet designating a destination terminal from a transmission terminal;
  
  identifying a user by referring to a user information field stored in said connection request packet;
  
  controlling access depending on at least one attribute of said user in said connection request packet according to an access control table which stores correspondence between at least one attribute of at least one user and accessible range of said networks; and
  
  transmitting said connection request packet to a next (stage) repeater provided to identify said user by referring to said user information field stored in said connection request packet.
- View Dependent Claims (20, 21, 22, 23, 24)
- - 20. The method according to claim 19, wherein said controlling access step includes checking said at least one attribute of said user in said connection request packet with said accessible range of said networks according to said access control table.
  - 21. The method according to claim 20, further causing said computer to perform the steps of:
    - making a comparison between the destination terminal name field of said connection request packet and the repeater name according to a repeating route control table which stores correspondence between an address area including said destination terminal and an address of another repeater provided to transfer the data to said address area; and
      
      making a determination of the next (stage) repeater with reference to said repeating route control table based on said comparison.
  - 22. The method according to claim 20, wherein said controlling access step further includes the sub step of:
    - combining said attributes of said user in said access control table according to a predetermined rule.
  - 23. The method according to claim 22, wherein said attribute of said user in said access control table comprises at least one of a user name, an official position and a department.
  - 24. The method according to claim 23, further causing said computer to perform the step of:
    - changing said attribute of said user in said access control table according to information received via said networks.

25. A method for connecting two networks each being connected to at least one terminal, comprising the steps of:
- receiving a connection request packet designating a destination terminal from a transmission terminal;
  
  making a comparison between the destination terminal name field of said connection request packet and a repeater name according to a repeating route control table which stores correspondence between an address of said destination terminal and an address of another repeater provided to transfer the data to the address;
  
  making a determination of a next (stage) repeater with reference to said repeating route control table based on said comparison; and
  
  transmitting said connection request packet to said next (stage) repeater based on said determination.
- View Dependent Claims (26, 27)
- - 26. The method according to claim 25, further causing said computer to perform the step of:
    - changing contents of said repeating route control table according to information received via at least one of said networks.
  - 27. The method according to claim 26, wherein said changing step further includes changing said contents depending on a load condition, a fault condition of said repeater or a designation of application running on said at least one terminal.

28. A network system having at least two networks each being connected to at least one terminal, said network system comprising:
- a transmission terminal for transmitting a connection request packet designating a destination terminal and including at least one user attribute in a user information field;
  
  a repeater for connecting said networks to each other, said repeater comprising means for receiving said connection request packet, and means for identifying said user by referring to said user information field stored in said connection request packet;
  
  a destination terminal for transmitting a connection confirming packet as a response to said connection request packet, said destination terminal comprising;
  
  means for receiving said connection request packet, and means for identifying said user by referring to said user information field stored in said connection request packet,said transmission terminal confirming that each of said repeater and said destination terminal identifies said user and a communication route between said transmission terminal and said destination terminal is established.
- View Dependent Claims (29, 30, 31, 32)
- - 29. The network system according to claim 28, further comprising:
    - means for controlling access depending on at least one attribute of said user in said connection request packet, wherein said means for controlling access comprises;
      
      an access control table for storing correspondence between at least one attribute of at least one user and accessible range of said networks; and
      
      means for checking said at least one attribute of said user in said connection request packet with said accessible range of said networks according to said access control table.
  - 30. The network system according to claim 29, wherein said repeater further comprises:
    - a repeating route control table for storing at least one correspondence between a first address area designated by excluding a specified address area and an address of another repeater provided to transfer the data to said first address area, and for storing correspondence between a second address area including said destination terminal and an address of another repeater provided to transfer the data to said second address area;
      
      means for making a comparison between the destination terminal name field of said connection request packet and the destination terminal name according to said repeating route control table; and
      
      means for determining a next (stage) repeater with reference to said repeating route control table based on said comparison.
  - 31. The network system according to claim 28, wherein said repeater further comprises means for transmitting said connection request packet to the next (stage) repeater based on access control information, said next (stage) repeater provided to identify said user referring to said user information field stored in said connection request packet.
  - 32. The network system according to claim 28, wherein said repeater further comprises means for transmitting said connection confirming packet to said transmission terminal based on access control information.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Hitachi, Ltd.
Original Assignee
Hitachi, Ltd.
Inventors
Nishimura, Kazuo, Koizumi, Minoru, Kayashima, Makoto, Terada, Masato, Kawashima, Takahiko, Ogino, Takaaki, Fujiyama, Tetsuya, Hirayama, Kazunari
Primary Examiner(s)
Pham, Chi H.
Assistant Examiner(s)
Duong, Frank

Application Number

US08/884,133
Time in Patent Office

1,159 Days
Field of Search

370/389, 370/390, 370/392, 370/400, 370/401, 370/402, 370/410, 395/186, 395/187.01, 395/200.33, 395/200.54, 395/200.57, 395/200.59, 395/200.79
US Class Current

370/401
CPC Class Codes

H04L 63/101 Access control lists [ACL]

Repeater and network system utilizing the same

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

66 Citations

32 Claims

Specification

Solutions

Use Cases

Quick Links

Repeater and network system utilizing the same

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

66 Citations

32 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links