Systems and methods for authentication of target protocol screen names
First Claim
Patent Images
1. A method for managing communication policy in a network, the method comprising:
- receiving a first message from a client device over a network, the client device associated with a user having at least two different screen names, each of the screen names being an alias of the user, the first message being generated according to a first instant messaging protocol, the first message being associated with a first one of the at least two screen names;
determining a unique name of the user in response to receiving the first message, said determining comprising interrogating a registry of the client device;
selecting a policy rule for controlling the user'"'"'s usage of instant messaging within an enterprise network based at least partly on the user'"'"'s unique name, wherein the policy rule comprises a rule for restricting the user from sending or receiving a predefined number of messages within a given time period;
applying the policy rule to the first message;
receiving a second message from the client device, the second message being generated according to a second instant messaging protocol different than the first instant messaging protocol, the second message being associated with a second one of the at least two screen names, the second screen name being different than the first screen name;
determining the user'"'"'s unique name in response to receiving the second message; and
applying the policy rule to the second message, such that the same policy rule is applied to instant message communications by the user whether the user uses the first or second screen name.
28 Assignments
0 Petitions
Accused Products
Abstract
A protocol management system is capable of detecting certain message protocols and applying policy rules to the detected message protocols that prevent intrusion, or abuse, of a network'"'"'s resources. In one aspect, a protocol message gateway is configured to apply policy rules to high level message protocols, such as those that reside at layer 7 of the ISO protocol stack.
109 Citations
27 Claims
-
1. A method for managing communication policy in a network, the method comprising:
-
receiving a first message from a client device over a network, the client device associated with a user having at least two different screen names, each of the screen names being an alias of the user, the first message being generated according to a first instant messaging protocol, the first message being associated with a first one of the at least two screen names; determining a unique name of the user in response to receiving the first message, said determining comprising interrogating a registry of the client device; selecting a policy rule for controlling the user'"'"'s usage of instant messaging within an enterprise network based at least partly on the user'"'"'s unique name, wherein the policy rule comprises a rule for restricting the user from sending or receiving a predefined number of messages within a given time period; applying the policy rule to the first message; receiving a second message from the client device, the second message being generated according to a second instant messaging protocol different than the first instant messaging protocol, the second message being associated with a second one of the at least two screen names, the second screen name being different than the first screen name; determining the user'"'"'s unique name in response to receiving the second message; and applying the policy rule to the second message, such that the same policy rule is applied to instant message communications by the user whether the user uses the first or second screen name. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A user authentication module, comprising:
-
a network interface configured to receive first and second messages from a client device associated with a user over a network, the first and second messages generated according to different instant messaging protocols, the first message being associated with a first screen name of the user, the second message being associated with a second screen name of the user, the second screen name being different than the first screen name; and the user authentication module configured to; access a user database stored in a computer memory to determine whether the first screen name is associated with a unique name of the user, in response to a determination that the first screen name is associated with the unique user name, forward the unique user name to a policy enforcement module operative to process the message according to a policy rule for restricting the user from sending or receiving a predefined number of messages within a given time period, determine whether the second screen name is stored in the user database, in response to a determination that the second screen name is not stored in the user database, interrogate a registry at the client device to obtain a user identifier, use the user identifier to obtain the unique user name, associate the second screen name with the unique user name, store the association between the second screen name and the unique user name in the user database, and forward the unique user name to the policy enforcement module, the policy enforcement module being operative to process the second message according to the same policy rule, such that the same policy rule is applied to instant message communications by the user whether the user uses the first or second screen name. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27)
-
Specification