Application specific distributed firewall
First Claim
1. In a network comprised of a first computer having a first application capable of sending and receiving communications installed thereon and a second computer having a second application capable of sending and receiving communications installed thereon, each application having associated therewith security parameters for controlling communications with the application, a method of modifying the security parameters associated with the first application in response to an unauthorized access to the second application, the method comprising the steps of:
- associating with the first application a first wrapper, and associating with the second application a second wrapper, wherein the first and second wrappers are adapted to intercept at least some communications directed to their associated applications and are further adapted to detect at least some unauthorized access to their associated applications; and
if the second wrapper detects an unauthorized access to the second application, causing the second wrapper to notify the first wrapper of the unauthorized access; and
causing the first wrapper to modify the security parameters associated with the first application in response to the receipt of notification.
2 Assignments
0 Petitions
Accused Products
Abstract
An application specific distributed firewall provides a series of wrappers around network applications communicably linked to a registry server. Each wrapper is associated, within the registry server, with at least one group of wrappers, so that the wrapper of a compromised application may inform the registry server of an unauthorized access, which may then inform all group members. The wrappers of the noncompromised group applications may then restrict communication with the compromised application.
-
Citations
9 Claims
-
1. In a network comprised of a first computer having a first application capable of sending and receiving communications installed thereon and a second computer having a second application capable of sending and receiving communications installed thereon, each application having associated therewith security parameters for controlling communications with the application, a method of modifying the security parameters associated with the first application in response to an unauthorized access to the second application, the method comprising the steps of:
-
associating with the first application a first wrapper, and associating with the second application a second wrapper, wherein the first and second wrappers are adapted to intercept at least some communications directed to their associated applications and are further adapted to detect at least some unauthorized access to their associated applications; and
if the second wrapper detects an unauthorized access to the second application, causing the second wrapper to notify the first wrapper of the unauthorized access; and
causing the first wrapper to modify the security parameters associated with the first application in response to the receipt of notification. - View Dependent Claims (2, 3, 4, 5, 6)
causing the first wrapper to modify the security parameters associated with the first application so as to restrict communication with the second application while not restricting communication with applications that have not been the subject of unauthorized access.
-
-
3. The method according to claim 2, further comprising the step of registering the first and second wrappers with a registry server.
-
4. The method according to claim 3, wherein the step of causing the second wrapper to notify the first wrapper of the unauthorized access comprises the steps of:
-
causing the second wrapper to notify the registry server of the unauthorized access; and
in response to the receipt of notification, causing the registry server to notify the first wrapper of the unauthorized access.
-
-
5. The method according to claim 4, wherein the network further comprises a third application having associated therewith a third wrapper, the method further comprising the step of:
causing the registry server to exclude the third wrapper from notification of the unauthorized access.
-
6. The method according to claim 3, wherein the network further comprises a third application having associated therewith a third wrapper, and the registry server contains a group of which the first and second wrappers are members, wherein the step of causing the second wrapper to notify the first wrapper of the unauthorized access further comprises the steps of:
-
causing the second wrapper to notify the registry server of the unauthorized access;
determining that the second wrapper is a member of the group;
determining that the first wrapper is also a member of the group;
in response to determining that the first wrapper is also a member of the group, causing the registry server to notify the first wrapper of the unauthorized access;
determining whether the third wrapper is a member of the group;
if the third wrapper is a member of the group, causing the registry server to notify the third wrapper of the unauthorized access; and
if the third wrapper is not a member of the group, causing the registry server to exclude the third wrapper from notification of the unauthorized access.
-
-
7. In a computing environment comprised of a first application and a second application, each capable of sending and receiving communications a method for protecting the first application from unauthorized access, comprising the steps of;
-
associating with each application a wrapper, the wrapper being adapted to intercept at least some of the communications directed to the associated application;
registering the wrappers with a registry server;
associating the registered wrappers into at least one group;
detecting with the second wrapper that there has been an unauthorized access to the second application;
issuing a first notification of the unauthorized access from the second wrapper to the registry server;
determining that the second wrapper is a member of a group;
determining if the first wrapper is also a member of the group;
if the first wrapper is not a member of the group, excluding the first wrapper from notification of the unauthorized access; and
if the first wrapper is a member of the group, issuing a second notification of the unauthorized access from the registry server to the first wrapper, thereby causing the first wrapper to restrict the communication of the first application with the second application while not restricting communication with applications that have not been the subject of unauthorized access, whereby the first application is protected from the unauthorized access to the second application.
-
-
8. For use in a computer network comprising a first computer and a second computer, and a first application on the first computer capable of sending and receiving communications and a second application on the second computer capable of sending and receiving communications, a computer readable medium for securing a network application, the computer readable medium comprising computer executable instructions for performing the steps of:
-
associating with the first application a first wrapper, the first wrapper being adapted to intercept at least some of the communications directed to the first application;
associating with the first wrapper on the first computer a file comprising security parameters for the first application;
receiving notification at the first wrapper that there has been an unauthorized access to the second application;
in response to the receipt of notification, modifying the security parameters for the first application so that the first wrapper restricts communication between the first application and the second application while not restricting communication with applications that have not been the subject of unauthorized access.
-
-
9. In a network comprising a first computer having thereon a first application capable of sending and receiving communications and a second computer having thereon a second application capable of sending and receiving communications, an apparatus for protecting the first application from unauthorized access, the apparatus comprising:
-
a first wrapper associated with the first application and a second wrapper associated with the second application and communicably connectable to the first wrapper, wherein the second wrapper is capable of detecting unauthorized access to the second application; and
a local rules file associated with the first application, comprising security parameters for controlling communications involving the first application, whereby if the second wrapper detects unauthorized access to the second application, the second wrapper transmits a notification to the first wrapper, and the first wrapper modifies the security parameters in the local rules file to restrict communications between the first application and the second application while not restricting communication with applications that have not been the subject of unauthorized access.
-
Specification