System And Method For Intrusion Prevention In A Communications Network
First Claim
1. A method for managing access to a resource within a computer network, comprising the steps of:
- assigning a unique user identifier to each authorized user of the computer network;
upon initiation of a UDP communication initiated by a specific authorized user for access to a specific resource within the computer network, appending the unique user identifier of the specific authorized user to each UDP packet of the UDP communication;
intercepting the plurality of UDP packets within the computer network;
extracting the unique user identifier from each UDP packet to identify the specific authorized user associated with the respective UDP packet; and
allowing each respective UDP packet to reach the specific resource as a function of the unique user identifier extracted from the respective UDP packet.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and system for monitoring UDP communications and for preventing unauthorized UDP communications within a computer network. A method for managing access to a resource comprises assigning a unique user identifier to each authorized user, upon initiation of a UDP communication initialed by a specific authorized user for access to a specific resource, appending the unique user identifier of the specific authorized user to each UDP packet of the UDP communication, intercepting the plurality of UDP packets within the computer network, extracting the unique user identifier from each UDP packet to identify the specific authorized user associated with the respective UDP packet, and allowing each respective UDP packet to reach the specific resource as a function of the unique user identifier extracted from the respective UDP packet.
59 Citations
21 Claims
-
1. A method for managing access to a resource within a computer network, comprising the steps of:
-
assigning a unique user identifier to each authorized user of the computer network; upon initiation of a UDP communication initiated by a specific authorized user for access to a specific resource within the computer network, appending the unique user identifier of the specific authorized user to each UDP packet of the UDP communication; intercepting the plurality of UDP packets within the computer network; extracting the unique user identifier from each UDP packet to identify the specific authorized user associated with the respective UDP packet; and allowing each respective UDP packet to reach the specific resource as a function of the unique user identifier extracted from the respective UDP packet. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method for preventing unauthorized access to one or more resources within a computer network, wherein the computer network includes a plurality of authorized users and wherein a unique user identifier is assigned to each of the plurality of authorized users, comprising the steps of:
-
maintaining the plurality of unique user identifiers in a database; intercepting a UDP packet from an undetermined user, wherein the UDP packet represents a communication attempt with a specific resource within the computer network; obtaining data from the UDP packet; comparing the data obtained from the UDP packet with the unique user identifiers maintained in the database; and preventing the UDP packet from reaching the specific resource if the data obtained from the UDP packet does not match one of the plurality of unique user identifiers maintained in the database. - View Dependent Claims (11, 12, 13, 14, 15)
-
-
16. A method for monitoring access to a specific resource within a computer network, comprising the steps of:
-
assigning a unique user identifier (UID) to each authorized user of the computer network; assigning a unique, non-dynamic system identifier (SID) to each authorized computer within the computer network; defining policy profiles for authorized computers and for authorized users of the computer network, wherein each policy profile defines rights of access to resources within the computer network for the authorized users and the authorized computers; upon initiation of a UDP communication for access to the specific resource, wherein the UDP communication is initiated by a specific authorized user logged into a specific authorized computer, appending the unique user identifier of the specific authorized user and the unique system identifier of the specific authorized computer to each UDP packet of the UCP communication; intercepting the UDP packets within the computer network; extracting the unique user identifier and unique system identifier from one or more of the UDP packets of the UDP communication to identify the specific authorized user and the specific authorized computer associated with the UDP communication; and allowing the UDP communication to continue with the specific resource as a function of the policy profile of the specific authorized user and the policy profile of the specific authorized computer associated with the UDP communication. - View Dependent Claims (17, 18)
-
-
19. A method for monitoring UDP communications with a resource within a computer network, the computer network including a plurality of authorized users and wherein a unique user identifier is allocated to each of the plurality of authorized users, comprising the steps of:
-
receiving a UDP packet at the resource within the computer network, the UDP packet having associated therewith the unique user identifier of a specific authorized user sending the UDP packet; obtaining the unique user identifier from the UDP packet; and logging in a database the UDP communication by the specific authorized user with the resource based on the unique user identifier obtained from the UDP packet. - View Dependent Claims (20, 21)
-
Specification