Firewall system protecting a community of appliances, appliance participating in the system and method of updating the firewall rules within the system
First Claim
Patent Images
1. A firewall system comprising a community of interconnectable appliances sharing at least one common global security rule, wherein the firewall system is characterized such that:
- each appliance of the firewall system stores a local security policy comprising the at least one common global security rule, a list of the members of the community as well as of their state of connection, and a list of services offered locally;
each appliance comprising a filter for messages destined for and originating from a network to which each appliance is connected; and
each appliance calculates firewall rules used by the filter as a function of the local security policy.
3 Assignments
0 Petitions
Accused Products
Abstract
The invention relates to the protection by firewall of a domestic community of interconnectable appliances.
The invention allows distributed and totally decentralized management of the firewall policy, implemented at the level of each appliance, which is consistent and adapts dynamically to the changes occurring within the domestic network. We shall speak of ubiquitous firewalls.
-
Citations
13 Claims
-
1. A firewall system comprising a community of interconnectable appliances sharing at least one common global security rule, wherein the firewall system is characterized such that:
-
each appliance of the firewall system stores a local security policy comprising the at least one common global security rule, a list of the members of the community as well as of their state of connection, and a list of services offered locally; each appliance comprising a filter for messages destined for and originating from a network to which each appliance is connected; and each appliance calculates firewall rules used by the filter as a function of the local security policy. - View Dependent Claims (2, 3, 4, 5)
-
- 6. An appliance belonging to a community of interconnectable appliances sharing a set of at least one common global security rule, the appliance storing a local security policy having global security rules, a list of the members of the community as well as of their state of connection, and a list of services offered locally, the appliance possessing a firewall comprising a filter of messages destined for and originating from a network to which the appliance is connected, the appliance calculating firewall rules used by the filter as a function of the local security policy, wherein a firewall device is located on each aDDliance on the network.
-
11. A method of updating firewall rules used by an appliance having a firewall, the firewall having a filter of the messages destined for and originating from a network connected to the appliance, the appliance forming part of a community of interconnectable appliances sharing at least one common global security rule, the appliance storing a local security policy, a list of members of the community as well as of their state of connection, and a list of services offered locally, the firewall rules being calculated as a function of the local security policy, the method comprising the following steps:
-
detection of addition, removal, and banishing of an appliance of the community; detection of changes of network address of an appliance of the community; and triggering of a new calculation of the firewall rules in response to a change of the local security policy. - View Dependent Claims (12, 13)
-
Specification