Community separation control in a closed multi-community node
First Claim
1. A method of community separation control in a Multi-Community Node (MCN), said method comprising:
- ensuring routing table compliance with a community separation policy, wherein all routing table updates are validated to ensure said compliance; and
validating a data packet;
allowing further processing of said data packet in response to detecting said data packet is validated; and
discarding said data packet in response to detecting said data packet is not validated;
wherein said validating said updates comprises;
determining a network interface through which a next hop corresponding to an update of said updates will be reached;
determining whether a first address corresponding to said next hop is within a first address set of said network interface;
discarding said update in response to determining said destination address is not within said first address set; and
performing said update in response to determining said destination address is within said first address set.
2 Assignments
0 Petitions
Accused Products
Abstract
A method and mechanism of enforcing, in a computer network, a community separation policy wherein the data of a particular user community should be accessible only by members of that community. A Multi-Community Node (MCN) processes information for users in multiple communities and must enforce the community separation policy. In a closed MCN, which runs only applications trusted to enforce the community separation policy, the method and mechanism performs a set of checks on packets received from and to be transmitted on a network, to ensure that all communications comply with the community separation policy. The checks (1) prevent communications from a network used by one community or communities to a network used by different communities; (2) ensure that packets sent by the MCN are output on an interface attached to a network for the intended community; and (3) detect when remote nodes communicating with the MCN spoof their source network address to masquerade as a node in another community. The enforcement method and mechanism use a database of associations of sets of communities corresponding to each network addresses of the MCN and each node with which it communicates, and of the set of communities associated with each network attached to the MCN.
22 Citations
30 Claims
-
1. A method of community separation control in a Multi-Community Node (MCN), said method comprising:
-
ensuring routing table compliance with a community separation policy, wherein all routing table updates are validated to ensure said compliance; and
validating a data packet;
allowing further processing of said data packet in response to detecting said data packet is validated; and
discarding said data packet in response to detecting said data packet is not validated;
wherein said validating said updates comprises;
determining a network interface through which a next hop corresponding to an update of said updates will be reached;
determining whether a first address corresponding to said next hop is within a first address set of said network interface;
discarding said update in response to determining said destination address is not within said first address set; and
performing said update in response to determining said destination address is within said first address set. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A multi-community node comprising:
-
a processing unit, wherein said processing unit is configured to ensure routing table compliance with a community separation policy, wherein all routing table updates are validated to ensure said compliance, validate a data packet, allow further processing of said data packet in response to detecting said data packet is validated, and discard said data packet in response to detecting said data packet is not validated; and
a community information base (CIB) coupled to said processing unit;
wherein in validating said updates said processing unit is configured to;
determine a network interface through which a next hop corresponding to an update of said updates will be reached;
determine whether a first address corresponding to said next hop is within a first address set of said network interface;
discard said update in response to determining said destination address is not within said first address set; and
perform said update in response to determining said destination address is within said first address set. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A computer network comprising:
-
a multi-community node (MCN), wherein said node comprises;
a processing unit, wherein said processing unit is configured to ensure routing table compliance with a community separation policy, wherein all routing table updates are validated to ensure said compliance, validate a data packet, allow further processing of said data packet in response to detecting said data packet is validated, and discard said data packet in response to detecting said data packet is not validated; and
a community information base (CIB) coupled to said processing unit;
a first computer network coupled to said MCN; and
a second computer network coupled to said MCN;
wherein in validating said updates said node is configured to;
determine a network interface through which a next hop corresponding to an update of said updates will be reached;
determine whether a first address corresponding to said next hop is within a first address set of said network interface;
discard said update in response to determining said destination address is not within said first address set; and
perform said update in response to determining said destination address is within said first address set. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30)
-
Specification