Method, system and apparatus for monitoring and controlling internet site content access
First Claim
16. A monitor device storing site access control data indicating at least one privilege of a user of a first network to access a category of content site via a second network, the monitor device further storing a site categorization library received from a master site via the second network, the site categorization library indicating a content category of at least one content site, the monitor device using the site access control data and site categorization library to determine whether a request generated by a user of a computing device coupled to the first network is authorized to access a content site via the second network, the monitor device permitting the request to proceed if the user is authorized to access the content site, and the monitor device preventing the user of the computing device from accessing the content site if the user is not authorized to access the content site, the monitor device storing uncategorized site data indicating content sites requested by users that have categories not determined by data stored by the monitor device, the monitor device transmitting the uncategorized site data to a master site for categorization.
5 Assignments
0 Petitions
Accused Products
Abstract
A disclosed system comprises user sites with monitor devices that report uncategorized content sites requested by users to a master site via an external network such as “the Internet.” The master site administers categorization of content sites, which is carried out by an unknown site reviewer. The master site transmits the resulting site categorization data to the monitor devices. The monitor devices use this data for subsequent user requests to determine categories of content sites requested by users. The monitor device further determines whether users are authorized to access content sites according usage policies established for the users sites.
570 Citations
130 Claims
- 16. A monitor device storing site access control data indicating at least one privilege of a user of a first network to access a category of content site via a second network, the monitor device further storing a site categorization library received from a master site via the second network, the site categorization library indicating a content category of at least one content site, the monitor device using the site access control data and site categorization library to determine whether a request generated by a user of a computing device coupled to the first network is authorized to access a content site via the second network, the monitor device permitting the request to proceed if the user is authorized to access the content site, and the monitor device preventing the user of the computing device from accessing the content site if the user is not authorized to access the content site, the monitor device storing uncategorized site data indicating content sites requested by users that have categories not determined by data stored by the monitor device, the monitor device transmitting the uncategorized site data to a master site for categorization.
- 30. A master site coupled to communicate with a plurality of user sites via a network, the master site comprising a computer coupled via the network to the user sites, the computer receiving uncategorized site data from the user sites and causing site categorization data to be generated for the user sites based thereon, the computer transmitting the site categorization data for the plurality of user sites to each user site for use in determining whether a user of a computing device at the user site is authorized to access a content site.
-
39. A system for use with at least one content site accessible via an external network, the system comprising:
-
a plurality of user sites each having a monitor device, a server, and at least one computing device coupled in communication via an internal network, the monitor device coupled to the internal network to monitor communications of the computing device to the server coupled to the external network to receive requests to access content sites via the external network, the monitor devices determining the categories of the requested content sites based on site categorization libraries stored at the user sites and determining whether the users are authorized to access the categories of requested content sites based on site access control data stored at the user sites, the monitor devices storing any site data identifying any content sites not found in the site categorization libraries as uncategorized site data; and
a master site having a computer and a data storage unit, the computer coupled to the external network to receive uncategorized site data from the servers of the user sites, the master site administering categorization of uncategorized site data to produce site categorization data stored in a master site categorization list in the data storage unit, the computer transmitting the master site categorization list containing site categorization data for requests generated at the plurality of user sites to each of the monitor devices via the external network for storage as the site categorization libraries for use in determining categories of content sites requested by users at the user sites. - View Dependent Claims (1, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50)
-
-
42-1. A system as claimed in claim 41 wherein the user sites transmit uncategorized site data at determined intervals.
-
51. A method comprising the steps of:
-
a) receiving network communications of users of respective internal networks of user sites for requests to access content sites via an external network;
b) determining if possible at the user sites categories of the requested content sites from site categorization data stored at the user sites;
if the categories of the requested content sites can be determined from the site categorization data at the user sites, c) determining whether the users are authorized to access respective categories of requested content sites; and
d) blocking users from accessing the requested content sites if the determining of step (c) establishes that the users are not authorized to access respective categories of content sites; and
if the categories of the requested content sites cannot be determined at the user sites, e) transmitting uncategorized site data identifying the requested content sites whose categories cannot be determined in step (b) from respective user sites to a master site for categorization. - View Dependent Claims (2, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75)
-
-
53-2. A method as claimed in claim 51 wherein at least step (g) is repeatedly performed at time intervals in a range from one millisecond to one year.
-
76. A method comprising the steps of:
-
a) receiving requests to access content sites on an external network by users of respective computing devices on an internal network of a user site;
b) determining if possible at the user site categories for the requested content sites associated with the requests based on a site categorization library;
c) determining whether users are authorized to access the categories of content sites based on site access control data; and
d) preventing access to the content sites if the determining of steps (b) and (c) establish that the users are not authorized to access the content sites. - View Dependent Claims (3, 4, 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87, 88, 89, 90, 91, 92, 93, 94, 95, 96, 97, 98, 99, 100)
-
-
81-3. A method as claimed in claim 76 wherein the replicating of step (b) is performed by a monitor device network connection (MDNC) operating in promiscuous mode.
-
82-4. A method as claimed in claim 76 wherein the replicating is performed by a switch.
-
101. A medium having software executable by a monitor device to perform the following functions:
-
a) receiving requests to access content sites on an external network by users of respective computing devices on an internal network of a user site;
b) determining if possible at the user site categories for the requested content sites associated with the requests based on a site categorization library;
c) determining whether users are authorized to access the categories of content sites based on site access control data; and
d) preventing access to the content sites if the determining steps (b) and (c) establish that the users are not authorized to access the content sites. - View Dependent Claims (5, 102, 103, 104, 105, 106, 107, 108, 109, 110, 112, 113, 114, 115, 116, 117, 118, 119, 120, 121, 122, 123, 124)
-
-
105-5. A medium as claimed in claim 102 wherein the software is further executable by the monitor device to perform the following function:
f) receiving site categorization data categorizing the content sites requested by users.
- 125. An adaptive monitoring system coupled to an external network, the system comprising a plurality of monitor devices for respective internal networks of user sites, the monitor devices selectively blocking access of users to content sites accessible via the external network based on data indicating categories of the content sites requested by users of the internal networks, the monitor devices transmitting data for uncategorized content sites requested by users at the user sites to a master site via the external network for categorization, the master site returning updated data indicating categories of the content sites for requests to access content sites received from the plurality of user sites to each user site'"'"'s monitor device for subsequent use in determining whether users of the internal networks are authorized to access the content sites.
-
127. A monitor device for monitoring requests on an internal network to access content sites via an external network, the monitor device using site categorization data to selectively block access to requested sites based on the content category of the requested sites, the monitor device transmitting uncategorized site data identifying the requests sites over the external network to a master site for categorization.
-
128. A method comprising the steps of:
-
a) selectively blocking requests from at least one user of an internal network to access at least one content site via an external network using site categorization data; and
b) transmitting uncategorized site data indicating at least one content site requested by the user not having site categorization data to a master site for categorization.
-
-
129. A computer receiving uncategorized site data generated by a plurality of user sites via an external network, the computer causing to be generated site categorization data for the plurality of user sites, the computer transmitting the site categorization data for the plurality of user sites to each user site for use in selectively blocking users'"'"' access to content sites based on the site categorization data.
-
130. A method comprising the steps of:
-
a) receiving uncategorized site data generated by a plurality of user sites;
b) causing site categorization data to be generated for the plurality of user sites; and
c) transmitting the site categorization data for the plurality of user sites to each user site for use in selectively blocking users'"'"' access to content sites based on the site categorization data.
-
Specification