Firewall control system

US 8,272,043 B2
Filed: 06/21/2007
Issued: 09/18/2012
Est. Priority Date: 06/21/2007
Status: Expired due to Fees

First Claim

Patent Images

1. A method for controlling a firewall for a user computing system, said method comprising:

receiving, by a processor of a computer system, a data request at the firewall, wherein the data request comprises a data packet and an indication of a program that is associated with the data request;

said processor determining whether an authentication plan requires a match for the program;

in response to determining that the authentication plan requires the match for the program, said processor accessing a stored authentication plan associated with the program, the stored authentication plan having one or more authentication records each having expected information relating to user access to a particular server, the stored authentication plan being stored in a repository of the firewall, the stored authentication plan having been generated based at least on selections of an authentication verifier in the firewall;

said processor accessing a current authentication plan from a storage device, the current authentication plan having one or more authentication records each having current information relating to user access to a particular server;

said processor comparing the stored authentication plan with the current authentication plan to determine, based on analyzing authentication events, whether there is at least a partial match between the stored authentication plan and the current authentication plan; and

in response to the comparing between the stored authentication plan and the current authentication plan, said processor performing one or more firewall actions selected from the group consisting of allowing access to data packets, denying access to data packets, monitoring data packets, and redirecting data packets to another device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Generally speaking, systems, methods and media for implementing a firewall control system responsive to user authentications are disclosed. Embodiments of a method may include receiving a data request at a firewall where the data request is associated with a program. Embodiments may include determining whether an authentication plan is required to be matched for the associated program and, if so, accessing a stored authentication plan associated with the program and having one or more authentication records each having expected information relating to user access to a particular server. Embodiments may include accessing a current authentication plan from an authentication store, the current authentication plan having one or more authentication records each having information relating to user access to a particular server. Embodiments may include comparing the stored authentication plan with the received current authentication plan to determine whether they match and, in response, performing one or more firewall actions.

40 Citations

View as Search Results

20 Claims

1. A method for controlling a firewall for a user computing system, said method comprising:
- receiving, by a processor of a computer system, a data request at the firewall, wherein the data request comprises a data packet and an indication of a program that is associated with the data request;
  
  said processor determining whether an authentication plan requires a match for the program;
  
  in response to determining that the authentication plan requires the match for the program, said processor accessing a stored authentication plan associated with the program, the stored authentication plan having one or more authentication records each having expected information relating to user access to a particular server, the stored authentication plan being stored in a repository of the firewall, the stored authentication plan having been generated based at least on selections of an authentication verifier in the firewall;
  
  said processor accessing a current authentication plan from a storage device, the current authentication plan having one or more authentication records each having current information relating to user access to a particular server;
  
  said processor comparing the stored authentication plan with the current authentication plan to determine, based on analyzing authentication events, whether there is at least a partial match between the stored authentication plan and the current authentication plan; and
  
  in response to the comparing between the stored authentication plan and the current authentication plan, said processor performing one or more firewall actions selected from the group consisting of allowing access to data packets, denying access to data packets, monitoring data packets, and redirecting data packets to another device.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, said method comprising:
    - said processor determining, from said comparing, that there is a mismatch between the stored authentication plan and the current authentication plan; and
      
      in response to said determining that there is the mismatch and before said performing one or more firewall actions, said processor resolving the mismatch.
  - 3. The method of claim 1, wherein said receiving the data request at the firewall comprises receiving the data request from the program.
  - 4. The method of claim 1, wherein said receiving the data request at the firewall comprises said program receiving the data request.
  - 5. The method of claim 1, said method further comprising:
    - said processor receiving a request to generate an authenticating plan for the program;
      
      said processor generating the authenticating plan for the program based on selections made by an authentication verifier in the firewall;
      
      said processor associating the authenticating plan with the program;
      
      said processor specifying firewall action to be performed if the authenticating plan is satisfied;
      
      said processor specifying firewall action to be performed if the authenticating plan is not satisfied; and
      
      said processor storing the authenticating plan in the repository in the firewall.
  - 6. The method of claim 5, wherein said receiving the request to generate the authenticating plan comprises receiving, from the authentication verifier in the firewall, the request to generate the authenticating plan.
  - 7. The method of claim 1, wherein the one or more authentication records of the current authentication plan comprise a number of failed authentication attempts prior to a successful login.

8. A computer program product, comprising a computer physically tangible storage device having a computer readable program code stored therein, said program code configured to be executed by a processor of a computer system to implement a method for controlling a firewall for a user computing system, said method comprising:
- said processor receiving a data request at the firewall, wherein the data request comprises a data packet and an indication of a program that is associated with the data request;
  
  said processor determining whether an authentication plan requires a match for the program;
  
  in response to determining that the authentication plan requires the match for the program, said processor accessing a stored authentication plan associated with the program, the stored authentication plan having one or more authentication records each having expected information relating to user access to a particular server, the stored authentication plan being stored in a repository of the firewall, the stored authentication plan having been generated based at least on selections of an authentication verifier in the firewall;
  
  said processor accessing a current authentication plan from a storage device, the current authentication plan having one or more authentication records each having current information relating to user access to a particular server;
  
  said processor comparing the stored authentication plan with the current authentication plan to determine, based on analyzing authentication events, whether there is at least a partial match between the stored authentication plan and the current authentication plan; and
  
  in response to the comparing between the stored authentication plan and the current authentication plan, said processor performing one or more firewall actions selected from the group consisting of allowing access to data packets, denying access to data packets, monitoring data packets, and redirecting data packets to another device.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The computer program product of claim 8, said method comprising:
    - said processor determining, from said comparing, that there is a mismatch between the stored authentication plan and the current authentication plan; and
      
      in response to said determining that there is the mismatch and before said performing one or more firewall actions, said processor resolving the mismatch.
  - 10. The computer program product of claim 8, wherein said receiving the data request at the firewall comprises receiving the data request from the program.
  - 11. The computer program product of claim 8, wherein said receiving the data request at the firewall comprises said program receiving the data request.
  - 12. The computer program product of claim 8, said method further comprising:
    - said processor receiving a request to generate an authenticating plan for the program;
      
      said processor generating the authenticating plan for the program based on selections made by an authentication verifier in the firewall;
      
      said processor associating the authenticating plan with the program;
      
      said processor specifying firewall action to be performed if the authenticating plan is satisfied;
      
      said processor specifying firewall action to be performed if the authenticating plan is not satisfied; and
      
      said processor storing the authenticating plan in the repository in the firewall.
  - 13. The computer program product of claim 12, wherein said receiving the request to generate the authenticating plan comprises receiving, from the authentication verifier in the firewall, the request to generate the authenticating plan.
  - 14. The computer program product of claim 8, wherein the one or more authentication records of the current authentication plan comprise a number of failed authentication attempts prior to a successful login.

15. A computer system comprising a processor, a memory coupled to the processor, and a computer readable storage device coupled to the processor, said storage device containing program code configured to be executed by the processor via the memory to implement a method for controlling a firewall for a user computing system, said method comprising:
- said processor receiving a data request at the firewall, wherein the data request comprises a data packet and an indication of a program that is associated with the data request;
  
  said processor determining whether an authentication plan requires a match for the program;
  
  in response to determining that the authentication plan requires the match for the program, said processor accessing a stored authentication plan associated with the program, the stored authentication plan having one or more authentication records each having expected information relating to user access to a particular server, the stored authentication plan being stored in a repository of the firewall, the stored authentication plan having been generated based at least on selections of an authentication verifier in the firewall;
  
  said processor accessing a current authentication plan from a storage device, the current authentication plan having one or more authentication records each having current information relating to user access to a particular server;
  
  said processor comparing the stored authentication plan with the current authentication plan to determine, based on analyzing authentication events, whether there is at least a partial match between the stored authentication plan and the current authentication plan; and
  
  in response to the comparing between the stored authentication plan and the current authentication plan, said processor performing one or more firewall actions selected from the group consisting of allowing access to data packets, denying access to data packets, monitoring data packets, and redirecting data packets to another device.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The computer system of claim 15, said method comprising:
    - said processor determining, from said comparing, that there is a mismatch between the stored authentication plan and the current authentication plan; and
      
      in response to said determining that there is the mismatch and before said performing one or more firewall actions, said processor resolving the mismatch.
  - 17. The computer system of claim 15, wherein said receiving the data request at the firewall comprises receiving the data request from the program.
  - 18. The computer system of claim 15, wherein said receiving the data request at the firewall comprises said program receiving the data request.
  - 19. The computer system of claim 15, said method further comprising:
    - said processor receiving a request to generate an authenticating plan for the program;
      
      said processor generating the authenticating plan for the program based on selections made by an authentication verifier in the firewall;
      
      said processor associating the authenticating plan with the program;
      
      said processor specifying firewall action to be performed if the authenticating plan is satisfied;
      
      said processor specifying firewall action to be performed if the authenticating plan is not satisfied; and
      
      said processor storing the authenticating plan in the repository in the firewall.
  - 20. The computer system of claim 19, wherein said receiving the request to generate the authenticating plan comprises receiving, from the authentication verifier in the firewall, the request to generate the authenticating plan.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Hamilton, Rick A. II, O'Connell, Brian M., Pavesi, John R., Walker, Keith R.
Primary Examiner(s)
Chai, Longbit

Application Number

US11/766,146
Publication Number

US 20080320584A1
Time in Patent Office

1,916 Days
Field of Search

726/13
US Class Current

726/13
CPC Class Codes

H04L 63/0263 Rule management

H04L 63/102 Entity profiles

Firewall control system

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

40 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

Firewall control system

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

40 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others