Systems and methods for network user resolution
First Claim
Patent Images
1. A method for performing user resolution using a network address that is shared by multiple users and a port number, the method comprising:
- capturing a user name for each user when each user logs into a multi-user system for a session;
correlating a session ID with each user;
apportioning a range of available port numbers into a number of partitions, wherein the number of partitions is selected to provide a partition for each concurrent user of the multi-user system;
allocating a locally unique set of port numbers to each user for that user'"'"'s session, wherein the locally unique set of port numbers allocated to that user is not assigned during that user'"'"'s session to a different user;
causing port number requests initiated by a process within a particular user'"'"'s session to be assigned a port number from within a partition allocated to that particular user;
for each user, storing a user name resolution record comprising the user name, a network address, and an indication of the locally unique set of port numbers allocated to that user;
retrieving the user name from the user name resolution record using a network address and a port number; and
resolving the user name from information contained in each network communication packet by extracting the network address and port number corresponding to a network packet indicia.
15 Assignments
0 Petitions
Accused Products
Abstract
Systems and software that enable mapping of a particular network transaction with a specific computer and user in an organization. The network packet may be a live in-transit packet, or a packet that occurred at some time in the past. In a particular implementation, a database currently comprises a collection of records containing fields for username, computer name, IP address of the computer, and logon time. A name resolution is performed by taking an IP address and time as input, and determining from the records in the database what user'"'"'s computer owned the IP address at that time.
-
Citations
18 Claims
-
1. A method for performing user resolution using a network address that is shared by multiple users and a port number, the method comprising:
-
capturing a user name for each user when each user logs into a multi-user system for a session; correlating a session ID with each user; apportioning a range of available port numbers into a number of partitions, wherein the number of partitions is selected to provide a partition for each concurrent user of the multi-user system; allocating a locally unique set of port numbers to each user for that user'"'"'s session, wherein the locally unique set of port numbers allocated to that user is not assigned during that user'"'"'s session to a different user; causing port number requests initiated by a process within a particular user'"'"'s session to be assigned a port number from within a partition allocated to that particular user; for each user, storing a user name resolution record comprising the user name, a network address, and an indication of the locally unique set of port numbers allocated to that user; retrieving the user name from the user name resolution record using a network address and a port number; and resolving the user name from information contained in each network communication packet by extracting the network address and port number corresponding to a network packet indicia. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A memory device for storing a user name resolution database for access by an application program being executed on a data processing system, said memory comprising:
-
a plurality of records stored in said memory and used by said application, wherein each record corresponds to a particular user and each record comprises a logon time, a network address, and an indication of a locally unique set of port numbers allocated to that user for that user'"'"'s session, wherein the locally unique set of port numbers allocated to that user is not assigned during that user'"'"'s session to a different user, and wherein said application is configured to capture a user name for each user when each user logs into a multi-user system for a session; correlate a session ID with each user; apportion a range of available port numbers into a number of partitions, wherein the number of partitions is selected to provide a partition for each concurrent user of the multi-user system; allocate a locally unique set of port numbers to each user for that user'"'"'s session; cause port number requests initiated by a process within a particular user'"'"'s session to be assigned a port number from within a partition allocated to that particular user; for each user, store a user name resolution record comprising the user name, a network address, and an indication of the locally unique set of port numbers allocated to that user; retrieve the user name from the user name resolution record using a network address and a port number; and resolve the user name from information contained in each network communication packet by extracting the network address and port number corresponding to a network packet indicia. - View Dependent Claims (8)
-
-
9. A network management device, comprising:
-
an interface for coupling to a network; a user name resolution data structure having a plurality of records, wherein each record comprises fields indicating a logon time and a network address for a particular user as well as an indication of the set of port numbers allocated to that user for that user'"'"'s session, and wherein the locally unique set of port numbers allocated to that user is not assigned during that user'"'"'s session to a different user; and a component for determining a particular user name from a given network address and a given port number obtained from a communication packet indicia, wherein the device is operable to correlate a session ID with each user; apportion a range of available port numbers into a number of partitions, wherein the number of partitions is selected to provide a partition for each concurrent user of the multi-user system; and cause port number requests initiated by a process within a particular user'"'"'s session to be assigned a port number from within a partition allocated to that particular user. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17, 18)
-
Specification