Method, apparatus, signals, and medium for managing transfer of data in a data network
First Claim
Patent Images
1. A method for managing a transfer of data between a first node and a second node in a data network, the method comprising:
- identifying data associated with a first communication session between the first node and the second node;
identifying, through execution of instructions on a processor, a signature associated with said data associated with said first communication session;
further processing, through execution of instructions on the processor, said first communication session when a portion of said first communication session meets a criterion, the criterion including the identified signature associated with said first communication session, the further processing defined by a policy associated with the identified signature and including at least one action to be performed by the further processing, the at least one action including logging at least a portion of data packets associated with said first communication session, altering of data packets associated with said first communication session prior to transmitting the data packets to at least one of the first node and the second node, the altering of data packets including inserting a message or removing certain data as specified by the policy associated with the identified signature, terminating the first communication session at a third node, and dividing the first communication session between the first node and the third node and a second communication session between the third node and the second node, the third node to act as a proxy node; and
permitting said first communication session to continue when said portion of said first communication session does not meet said criterion or upon completion of the further processing.
0 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus for managing a transfer of data in a data network identifies data associated with a communication session between a first node and a second node in the data network. Further processing of the communication session occurs when a portion of the communication session meets a criterion and the communication session is permitted to continue when the portion of the communication session does not meet the criterion.
-
Citations
16 Claims
-
1. A method for managing a transfer of data between a first node and a second node in a data network, the method comprising:
-
identifying data associated with a first communication session between the first node and the second node; identifying, through execution of instructions on a processor, a signature associated with said data associated with said first communication session; further processing, through execution of instructions on the processor, said first communication session when a portion of said first communication session meets a criterion, the criterion including the identified signature associated with said first communication session, the further processing defined by a policy associated with the identified signature and including at least one action to be performed by the further processing, the at least one action including logging at least a portion of data packets associated with said first communication session, altering of data packets associated with said first communication session prior to transmitting the data packets to at least one of the first node and the second node, the altering of data packets including inserting a message or removing certain data as specified by the policy associated with the identified signature, terminating the first communication session at a third node, and dividing the first communication session between the first node and the third node and a second communication session between the third node and the second node, the third node to act as a proxy node; and permitting said first communication session to continue when said portion of said first communication session does not meet said criterion or upon completion of the further processing. - View Dependent Claims (2, 3, 4, 5)
-
-
6. An apparatus for managing a transfer of data in a data network, the apparatus comprising:
-
means for identifying data associated with a first communication session between a first node and a second node in the data network; means for identifying a signature associated with said data associated with said first communication session; means for further processing said first communication session when a portion of said first communication session meets a criterion, the criterion including the identified signature associated with said first communication session, the further processing defined by a policy associated with the identified signature and including at least one action to be performed by the further processing, the at least one action including logging at least a portion of data packets associated with said first communication session and altering of data packets associated with said first communication session prior to transmitting the data packets to at least one of the first node and the second node, the altering of data packets including inserting a message or removing certain data as specified by the policy associated with the identified signature, terminating the first communication session at a third node, and dividing the first communication session between the first node and the third node and a second communication session between the third node and the second node, the third node to act as a proxy node; and means for permitting said first communication session to continue when said portion of said first communication session does not meet said criterion or upon completion of execution by the means of the further processing. - View Dependent Claims (7, 8, 9, 10)
-
-
11. An apparatus for managing a transfer of data in a data network, the apparatus comprising:
-
a processor device; a memory; a session identifier stored in the memory and executable by the processor to identify data associated with a first communication session between a first node and a second node in the data network; a session controller stored in the memory and executable by the processor and having an input for receiving a control signal indicating whether said first communication session meets a criterion, said session controller responsive to said control signal to produce a signal to indicate whether or not said first communication session should be permitted to continue or should be subjected to further processing before being allowed to continue, the session controller executable to permit said first communication session to continue upon receipt of the control signal indicating the first communication session does not meet said criterion; and a signature analyzer stored in the memory and executable by the processor to produce said control signal in response to identifying a signature associated with said data associated with said first communication session, the signature associated with a policy defining at last one action to be performed with regard to data packets of said first communication session, the at least one action including altering of data packets associated with said first communication session prior to transmitting the data packets to at least one of the first node and the second node, the altering of data packets including inserting a message or removing certain data as specified by the policy associated with the identified signature, terminating the first communication session at a third node, and dividing the first communication session between the first node and the third node and a second communication session between the third node and the second node, the third node to act as a proxy node. - View Dependent Claims (12, 13, 14, 15, 16)
-
Specification