System and method for location, time-of-day, and quality-of-service based prioritized access control

US 8,644,159 B2
Filed: 07/25/2012
Issued: 02/04/2014
Est. Priority Date: 12/11/2009
Status: Expired due to Fees

First Claim

Patent Images

1. A priority server for a provider network, comprising:

a memory that stores instructions;

a processor that executes the instructions to perform operations, the operations comprising;

receiving operational information from the provider network;

determining that a host on the provider network is experiencing a flash event based upon the operational information;

determining that the flash event is not a distributed denial of service attack on the host; and

providing a priority rule to an access router in the provider network that is coupled to the host in response to determining that the flash event is not a distributed denial of service attack.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A priority server for a provider network includes a traffic volume detection module, a traffic analyzer module, and a rules module. The traffic volume detection module receives operational information from the provider network and determines that a host is experiencing a flash event based upon the operational information. The traffic analyzer module determines that the flash event is not a distributed denial of service attack on the host. When it is determined that the flash event is not a distributed denial of service attack, the rules module provides a priority rule to an access router that is coupled to the host.

7 Citations

20 Claims

1. A priority server for a provider network, comprising:
- a memory that stores instructions;
  
  a processor that executes the instructions to perform operations, the operations comprising;
  
  receiving operational information from the provider network;
  
  determining that a host on the provider network is experiencing a flash event based upon the operational information;
  
  determining that the flash event is not a distributed denial of service attack on the host; and
  
  providing a priority rule to an access router in the provider network that is coupled to the host in response to determining that the flash event is not a distributed denial of service attack.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The priority server of claim 1, wherein a characteristic of packets routed in the provider network that are associated with the flash event includes a geographic location that is a source of the packets, and wherein the priority rule is based upon the characteristic.
  - 3. The priority server of claim 1, wherein a characteristic of packets routed in the provider network that are associated with the flash event includes a time at which the packets entered the provider network, and wherein the priority rule is based upon the characteristic.
  - 4. The priority server of claim 3, wherein the time includes a time zone.
  - 5. The priority server of claim 3, wherein the time includes a range of times.
  - 6. The priority server of claim 1, wherein a characteristic of packets routed in the provider network that are associated with the flash event includes a port of the host that is a target of the packets, and wherein the priority rule is based upon the characteristic.
  - 7. The priority server of claim 1, wherein a characteristic of packets routed in the provider network that are associated with the flash event includes a particular network protocol that is associated with the packets, and wherein the priority rule is based upon the characteristic.

8. A method of prioritizing traffic in a provider network, comprising:
- receiving, at a server, operational information from the provider network;
  
  determining, by utilizing instructions from memory that are executed by a processor of the server, that a host on the provider network is experiencing a flash event based upon the operational information;
  
  determining that the flash event is not a distributed denial of service attack on the host; and
  
  in response to determining that the flash event is not a distributed denial of service attack, providing a priority rule to an access router in the provider network that is coupled to the host, wherein the priority rule is based upon a characteristic of packets routed in the provider network that are associated with the flash event.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The method of claim 8, wherein the characteristic includes a geographic location that is a source of the packets.
  - 10. The method of claim 8, wherein the characteristic includes a time at which the packets entered the provider network.
  - 11. The method of claim 10, wherein the time includes a time zone.
  - 12. The method of claim 11, wherein the time includes a range of times.
  - 13. The method of claim 8 wherein the characteristic includes a port of the host that is a target of the packets.
  - 14. The method of claim 8, wherein the characteristic includes a particular network protocol that is associated with the packets.

15. A computer-readable device for managing prioritized access rules, wherein the computer-readable device includes instructions, which when loaded and executed by a processor, cause the processor to perform operations comprising:
- receiving operational information from a provider network;
  
  determining that a host on the provider network is experiencing a flash event based upon the operational information;
  
  determining that the flash event is not a distributed denial of service attack on the host; and
  
  in response to determining that the flash event is not a distributed denial of service attack, providing a priority rule to an access router in the provider network that is coupled to the host.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The computer-readable device of claim 15, wherein the characteristic includes a geographic location that is a source of the packets.
  - 17. The computer-readable device of claim 15, wherein the characteristic includes a time at which the packets entered the provider network.
  - 18. The computer-readable device of claim 17, wherein the time includes a time zone.
  - 19. The computer-readable device of claim 15, wherein the characteristic includes a port of the host that is a target of the packets.
  - 20. The computer-readable device of claim 15, wherein the characteristic includes a particular network protocol that is associated with the packets.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
AT&T Intellectual Property I LP (AT&T, Inc.)
Original Assignee
AT&T Intellectual Property I LP (AT&T, Inc.)
Inventors
Jayawardena, Thusitha, de los Reyes, Gustavo
Primary Examiner(s)
HAN, CLEMENCE S

Application Number

US13/557,909
Publication Number

US 20120291128A1
Time in Patent Office

559 Days
Field of Search

None
US Class Current

370/235
CPC Class Codes

H04L 43/028   by filtering

H04L 63/0227   Filtering policies mail mes...

H04L 63/1416   Event detection, e.g. attac...

H04L 63/1458   Denial of Service

System and method for location, time-of-day, and quality-of-service based prioritized access control

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

7 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

System and method for location, time-of-day, and quality-of-service based prioritized access control

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

7 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others