×

Multilayer access control security system

  • US 7,900,240 B2
  • Filed: 05/28/2004
  • Issued: 03/01/2011
  • Est. Priority Date: 05/28/2003
  • Status: Active Grant
First Claim
Patent Images

1. A method for more efficiently controlling access to a computer system through a network device having a plurality of security system sublayers, a first security system sublayer of the network device controlling access of a user prior to a second security system sublayer of the network device controlling access of the user, the method comprising:

  • receiving, by a network device, user identification information corresponding to a user;

    retrieving, by the network device, a set of access policies corresponding to the user, the access policies configured via a policy language;

    generating, by the network device responsive to authenticating the user, at least one access rule specific to the user for each of a plurality of security system sublayers based on the set of access policies corresponding to the user, each of the plurality of security system sublayers operating at different layers of network communications;

    installing, by the network device, a user specific filter on each of the plurality of security system sublayers of the network device, the user specific filter automatically converted from the at least one generated access rule for the user for each of the plurality of security system sublayers;

    receiving, by the network device, from the user, a request to access a computer system resource;

    determining, by the network device, the user is not permitted to access at least a portion of the computer system resource based on the user identification information and a first user specific filter of the user of a first plurality of user specific filters of a first security system sublayer of the plurality of security system sublayers; and

    dropping, by the network device, the request prior to a second user specific filter of the user of a second plurality of user specific filters of a second security system sublayer of the network device processing the request.

View all claims
  • 12 Assignments
Timeline View
Assignment View
    ×
    ×