Restricting communication of selected processes to a set of specific network addresses
DCFirst Claim
1. A method performed by a computer system having a processor for efficiently managing communication via a set of specific, multiple network addresses, the method comprising:
- associating at least one selected process, executed by the processor, with a set of specific, multiple network addresses;
associating a separate communication channel with each one of the multiple network addresses;
detecting an attempt by a selected process to receive an incoming request to initiate a communication session on one of the communication channels;
identifying a first one of the communication channels that is ready to receive the incoming request; and
allowing reception of the incoming request on the identified communication channel.
6 Assignments
Litigations
0 Petitions
Accused Products
Abstract
Selected processes are associated with sets of specific network addresses, and the associations are stored. When a selected process creates a child process, an association between the child process and the set of network addresses with which the parent process is associated is stored. When a selected process is deleted, the association between the selected process and its set of network addresses is deleted. Each selected process is restricted to network address-based communication via its associated set of network addresses. Certain communication protocol subroutines associated with network address-based communication are intercepted by an interception module. The interception module detects attempts by selected processes to communicate via network addresses. If a selected process attempts to communicate via an unassociated network addresses, the attempted communication is prohibited.
173 Citations
6 Claims
-
1. A method performed by a computer system having a processor for efficiently managing communication via a set of specific, multiple network addresses, the method comprising:
-
associating at least one selected process, executed by the processor, with a set of specific, multiple network addresses; associating a separate communication channel with each one of the multiple network addresses; detecting an attempt by a selected process to receive an incoming request to initiate a communication session on one of the communication channels; identifying a first one of the communication channels that is ready to receive the incoming request; and allowing reception of the incoming request on the identified communication channel.
-
-
2. A computer-readable storage medium storing computer-executable instructions for efficiently managing communication via multiple network addresses, the instructions comprising:
-
instructions for associating a selected process with a plurality of network addresses; instructions for associating a separate communication channel with each of the plurality of network addresses; instructions for detecting an attempt by the selected process to receive an incoming request to initiate a communication session on one of the plurality of communication channels; instructions for identifying one of the plurality of communication channels that is ready to receive the incoming request; and instructions for allowing reception of the incoming request on the identified communication channel.
-
-
3. A method for efficiently managing communication via a set of specific, multiple network addresses performed by a computer system having a processor, the method comprising:
-
associating at least one selected process, executed by the processor, with a set of specific, multiple network addresses; associating a separate communication channel with each one of the multiple network addresses; identifying a first one of the communication channels that is available for communication; and allowing communication to proceed via the identified communication channel.
-
-
4. A computer-readable storage medium storing computer-executable instructions for efficiently managing communication via multiple network addresses, the instructions comprising:
-
program code for associating a selected process with a plurality of network addresses; instructions for associating a separate communication channel with each of the plurality of network addresses; instructions for identifying one of the plurality of communication channels that is available for communication; and instructions for allowing communication to proceed via the identified communication channel.
-
-
5. A computing system having a processor for efficiently managing communication via multiple network addresses, comprising:
-
a network address association subsystem executed by the processor that associates a selected process with a plurality of network addresses; a network address association subsystem that associates a separate communication channel which each of the plurality of network addresses; a detection subsystem that detects an attempt by the selected process to receive an incoming request to initiate a communication session on one of the plurality of communication channels; an identification subsystem that identifies one of the plurality of communication channels that is ready to receive the incoming request; and a receipt permission subsystem that allows reception of the incoming request on the identified communication channel.
-
-
6. A computing system having a processor for efficiently managing communication via multiple network addresses, comprising:
-
a network address association subsystem executed by the processor that associates a selected process with a plurality of network addresses; a network address association subsystem that associates a separate communication channel with each of the plurality of network addresses; an identification subsystem that identifies one of the plurality of communication channels that is available for communication; and a communication permission subsystem that allows communication to proceed via the identified communication channel.
-
Specification