Network classification

US 8,676,969 B2
Filed: 11/21/2011
Issued: 03/18/2014
Est. Priority Date: 02/06/2004
Status: Active Grant

First Claim

Patent Images

1. A computing device that is connectable to at least one computer network, the computing device, comprising:

a memory and at least one processor that are respectively configured to store and execute instructions that are organized into;

at least one classification store configured to store a classification for the at least one computer network, the classification classifying the at least one computer network, and the classification comprising at least one derived network characteristic;

at least one network classification policy store configured to store at least one network classification policy, the at least one network classification policy referencing the at least one derived network characteristic;

a network classification policy enforcer configured to;

select a network classification policy action to execute based on the at least one derived network characteristic meeting at least one condition specified in the at least one network classification policy; and

execute the network classification policy action of the network classification policy, wherein executing the network classification policy action comprises configuring network security settings of the computing device based on the classification;

a network characteristic generator configured to generate the at least one derived network characteristic according to at least one derived network characteristic specification, wherein the at least one derived network characteristic specification references at least one network attribute associated with the computer network; and

a network attribute acquirer configured to acquire a plurality of network attributes in an order specified by an acquisition priority list, wherein the plurality of network attributes comprise the at least one network attribute, and wherein the at least one network attribute is selected from the group consisting of a domain name, one or more IP addresses, a verified presence of network infrastructure elements, parameters received from a network server, a communications media type, a service provider, a nominal available communications bandwidth, a measured available communications bandwidth, a logical network location, and a physical network location.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Network DNA may be determined for a computer network that taxonomically classifies the computer network. Network DNA may include derived network DNA components and raw network DNA components. Raw network DNA components may be acquired from local or remote sources. Derived network DNA components may be generated according to derived network DNA component specifications. Derived network DNA component specifications may reference raw network DNA components. Network DNA determined for the computer network may include a network species component capable of indicating network species classifications for computer networks. Network species classifications may include enterprise network, home network and public place network. Network species classifications may be determined as a function of network security, network management and network addressing. One or more network DNA stores may be configured to store network DNA for computer networks. Network DNA stores may store network DNA history as well as current network DNA.

41 Citations

View as Search Results

20 Claims

1. A computing device that is connectable to at least one computer network, the computing device, comprising:
- a memory and at least one processor that are respectively configured to store and execute instructions that are organized into;
  
  at least one classification store configured to store a classification for the at least one computer network, the classification classifying the at least one computer network, and the classification comprising at least one derived network characteristic;
  
  at least one network classification policy store configured to store at least one network classification policy, the at least one network classification policy referencing the at least one derived network characteristic;
  
  a network classification policy enforcer configured to;
  
  select a network classification policy action to execute based on the at least one derived network characteristic meeting at least one condition specified in the at least one network classification policy; and
  
  execute the network classification policy action of the network classification policy, wherein executing the network classification policy action comprises configuring network security settings of the computing device based on the classification;
  
  a network characteristic generator configured to generate the at least one derived network characteristic according to at least one derived network characteristic specification, wherein the at least one derived network characteristic specification references at least one network attribute associated with the computer network; and
  
  a network attribute acquirer configured to acquire a plurality of network attributes in an order specified by an acquisition priority list, wherein the plurality of network attributes comprise the at least one network attribute, and wherein the at least one network attribute is selected from the group consisting of a domain name, one or more IP addresses, a verified presence of network infrastructure elements, parameters received from a network server, a communications media type, a service provider, a nominal available communications bandwidth, a measured available communications bandwidth, a logical network location, and a physical network location.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The computing device of claim 1, wherein:
    - the at least one derived network characteristic indicates a type of network selected from among a plurality of network types.
  - 3. The computing device of claim 2, wherein:
    - the plurality of network types comprise an enterprise network, a home network and a public place network.
  - 4. The computing device of claim 1, wherein:
    - the at least one derived network characteristic specification specifies a linear transformation of one or more of the plurality of network attributes.
  - 5. The computing device of claim 1, wherein:
    - the at least one derived network characteristic specification specifies a combination of multiple network attributes of the plurality of network attributes.
  - 6. The computing device of claim 1, wherein the network characteristic generator is further configured to:
    - generate each derived network characteristic referenced by a derived network characteristic refresh list, the derived network characteristic refresh list referencing at least one derived network characteristic dependent upon one or more of the plurality of network attributes.
  - 7. The computing device of claim 6, wherein:
    - the at least one derived network characteristic specification specifies a structured query language statement, a scripting language statement, and/or an object-oriented language statement.

8. A method for managing network connectivity of a computing device, comprising:
- connecting the computing device to at least one computer network;
  
  acquiring a plurality of network attributes in an order specified by an acquisition priority list, wherein the plurality of network attributes comprise at least one network attribute, and wherein the at least one network attribute is selected from the group consisting of a domain name, one or more IP addresses, a verified presence of network infrastructure elements, parameters received from a network server, a communications media type, a service provider, a nominal available communications bandwidth, measured available communications bandwidth, a logical network location, and a physical network location;
  
  generating at least one derived network characteristic according to at least one derived network characteristic specification, wherein the at least one derived network characteristic specification references at least one network attribute associated with the computer network;
  
  obtaining a classification for the at least one computer network, the classification classifying the at least one computer network, and the classification being associated with the at least one derived network characteristic;
  
  obtaining at least one network classification policy, the at least one network classification policy referencing the at least one derived network characteristic;
  
  selecting a network classification policy action for execution based on the at least one derived network characteristic meeting at least one condition specified in the at least one network classification policy; and
  
  executing the network classification policy action of the network classification policy, wherein executing the network classification policy action comprises configuring network security settings of the computing device based on the classification.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 16, 17, 18, 19, 20)
- - 9. The method of claim 8, wherein:
    - the at least one derived network characteristic indicates a type of network selected from among a plurality of network types.
  - 10. The method of claim 9, wherein:
    - the plurality of network types comprise an enterprise network, a home network and a public place network.
  - 11. The method of claim 8, wherein:
    - the at least one derived network characteristic specification specifies a linear transformation of one or more of the plurality of network attributes.
  - 12. The method of claim 8, wherein:
    - the at least one derived network characteristic specification specifies a combination of multiple network attributes of the plurality of network attributes.
  - 13. The method of claim 8, wherein generating the at least one derived network characteristic comprises:
    - generating each derived network characteristic referenced by a derived network characteristic refresh list, the derived network characteristic refresh list referencing at least one derived network characteristic dependent upon one or more of the plurality of network attributes.
  - 14. The method of claim 13, wherein:
    - the at least one derived network characteristic specification specifies a structured query language statement, a scripting language statement, and/or an object-oriented language statement.
  - 16. The computer readable medium of claim 8, wherein:
    - the at least one derived network characteristic indicates a type of network selected from among a plurality of network type, the plurality of network types including an enterprise network, a home network, and a public place network.
  - 17. The computer readable medium of claim 8, wherein:
    - the at least one derived network characteristic specification specifies a linear transformation of one or more of the plurality of network attributes.
  - 18. The computer readable medium of claim 8, wherein:
    - the at least one derived network characteristic specification specifies a combination of multiple network attributes of the plurality of network attributes.
  - 19. The computer readable medium of claim 8, wherein generating the at least one derived network characteristic comprises:
    - generating each derived network characteristic referenced by a derived network characteristic refresh list, the derived network characteristic refresh list referencing at least one derived network characteristic dependent upon one or more of the plurality of network attributes.
  - 20. The computer readable medium of claim 19, wherein:
    - the at least one derived network characteristic specification specifies a structured query language statement, a scripting language statement, and/or an object-oriented language statement.

15. A computer readable medium, not comprising a signal per se, having instructions stored therein, the instructions for performing operations to manage network connectivity of a computing device, the operations comprising:
- connecting the computing device to at least one computer network;
  
  acquiring a plurality of network attributes in an order specified by an acquisition priority list, wherein the plurality of network attributes comprise at least one network attribute, and wherein the at least one network attribute is selected from the group consisting of a domain name, one or more IP addresses, a verified presence of network infrastructure elements, parameters received from a network server, a communications media type, a service provider, a nominal available communications bandwidth, a measured available communications bandwidth, a logical network location, and a physical network location;
  
  generating at least one derived network characteristic according to at least one derived network characteristic specification, wherein the at least one derived network characteristic specification references at least one network attribute associated with the computer network;
  
  obtaining a classification for the at least one computer network, the classification classifying the at least one computer network, and the classification being associated with the at least one derived network characteristic;
  
  obtaining at least one network classification policy, the at least one network classification policy referencing the at least one derived network characteristic;
  
  selecting a network classification policy action for execution based on the at least one derived network characteristic meeting at least one condition specified in the at least one network classification policy; and
  
  executing the network classification policy action of the network classification policy, wherein executing the network classification policy action comprises configuring network security settings of the computing device based on the classification.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Bahl, Pradeep, Corbett, Christopher J., Khaki, Mohamed Jawad
Primary Examiner(s)
Hussain, Tauqir

Application Number

US13/300,743
Publication Number

US 20120066381A1
Time in Patent Office

848 Days
Field of Search

709/224
US Class Current

709/224
CPC Class Codes

H04L 41/00   Arrangements for maintenanc...

H04L 41/0233   Object-oriented techniques,...

H04L 41/0803   Configuration setting

H04L 41/0853   by actively collecting conf...

H04L 41/12   Discovery or management of ...

H04L 41/14   Network analysis or design

H04L 41/145   involving simulating, desig...

H04L 41/28   Restricting access to netwo...

H04L 43/08   Monitoring or testing based...

H04L 63/20   for managing network securi...

Network classification

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

41 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Network classification

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

41 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links