Process for monitoring, filtering and caching internet connections

US 20110099621A1
Filed: 04/22/2003
Published: 04/28/2011
Est. Priority Date: 04/22/2002
Status: Active Application

First Claim

Patent Images

1. A one-box system for controlling Internet usage by users and work stations on a network, the system including RAM and disk storage, informational data bases, and an SMB server, a web server, and a cache server, all interconnected to a computer network of work stations having Internet access, wherein:

a) said SMB server is adapted to run a process for collecting certain identifying information about a user and the user'"'"'s work station on a network when the user logs onto the network;

b) said web server is adapted to intercept a user'"'"'s request for Internet access to a URL, and to forward that request to said cache server contained within the system;

c) said cache server is adapted to process the request to determine if any restrictions have been pre-placed on the requesting user'"'"'s or work station'"'"'s access to the requested URL;

if so, the cache server process causes a pre-configured page to be delivered to the user advising the user that access was denied;

or if not, the cache server process checks the local disk storage to determine if the requested object is already in cache; and

if so, provides that object to the user, and if not, makes the request to the Internet for the object, and in turn causes it, once received, to be added to cache and delivered transparently to the requesting user;

d) said caching server is further adapted to cause all interne requests, restricted and unrestricted, to be logged, by requesting user, work station and URL requested, into a database that is accessible by said web server; and

e) said web server being further adapted to receive and process requests by authorized individuals from both within or without the network for access to a user'"'"'s or a work station'"'"'s history of Internet activity; and

upon proper verification of the individual'"'"'s right to receive such information, processes the request and provides such information from the database of the user'"'"'s activity.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A one-box system and process for controlling Internet usage by users on a network. The system controls usage by combining two or more of the following functions into a single operating unit: 1) monitoring and logging internet access on a user and/or work station basis; 2) preventing or authorizing access on a user and/or work station basis to ULR'"'"'s (or groups of URL'"'"'s) that have been previously designated an inappropriate or appropriate, respectively, for that user or work station; 3) preventing or authorizing the downloading of files with any pre-designated file extension to any user or workstation; 4) blocking of peer-to-peer access of any pre-designated Internet file-sharing or other service (such as Kazaa, RealPlayer, AOL Instant Messaging, etc); 5) periodically or immediately alerting a designated representative of the attempt by any user or work station to access of pre-determined inappropriate site or file; 6) allowing remote review of the Internet activity log for any user by anyone (such as a student'"'"'s parents) with knowledge of that user'"'"'s log-in information (i.e., name and password); and 7) caching downloaded Internet objects for subsequent in-network retrieval. The system and process of this invention can also be configured to perform the traditional firewall function as well.

60 Citations

View as Search Results

9 Claims

1. A one-box system for controlling Internet usage by users and work stations on a network, the system including RAM and disk storage, informational data bases, and an SMB server, a web server, and a cache server, all interconnected to a computer network of work stations having Internet access, wherein:
- a) said SMB server is adapted to run a process for collecting certain identifying information about a user and the user'"'"'s work station on a network when the user logs onto the network;
  
  b) said web server is adapted to intercept a user'"'"'s request for Internet access to a URL, and to forward that request to said cache server contained within the system;
  
  c) said cache server is adapted to process the request to determine if any restrictions have been pre-placed on the requesting user'"'"'s or work station'"'"'s access to the requested URL;
  
  if so, the cache server process causes a pre-configured page to be delivered to the user advising the user that access was denied;
  
  or if not, the cache server process checks the local disk storage to determine if the requested object is already in cache; and
  
  if so, provides that object to the user, and if not, makes the request to the Internet for the object, and in turn causes it, once received, to be added to cache and delivered transparently to the requesting user;
  
  d) said caching server is further adapted to cause all interne requests, restricted and unrestricted, to be logged, by requesting user, work station and URL requested, into a database that is accessible by said web server; and
  
  e) said web server being further adapted to receive and process requests by authorized individuals from both within or without the network for access to a user'"'"'s or a work station'"'"'s history of Internet activity; and
  
  upon proper verification of the individual'"'"'s right to receive such information, processes the request and provides such information from the database of the user'"'"'s activity.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The system of claim 1 wherein said cache server is further adapted to receive all incoming email to users on the network;
    - to identity file extensions for files contained therein;
      
      to compare the file extension against a predetermined list of approved and unapproved file extensions for the requesting or receiving user and/or work station contained in a database within the system; and
      
      to reject or accept the email accordingly.
  - 3. The system of claim 1 which further includes means for identifying a peer-to-peer program which a user on the network has attempted to access;
    - means for comparing that program to a predetermined list of approved and unapproved programs for that user or workstation, and to deny or allow access accordingly.
  - 4. The system of claim 1 further adapted to provide firewall capabilities to restrict access to the network by unauthorized users.
  - 5. The system of claim 1 further adapted to provide means for automatically removing the oldest internet activity information from the database containing that information when the available memory in the database reaches a predetermined minimum amount.

6. A method for controlling internet access comprising the steps of:
- a) identifying information about a user and the user'"'"'s work station on a network when the user logs onto the network;
  
  b) intercepting a user'"'"'s request for Internet access to a URL;
  
  c) forwarding that request to a cache server contained within the system;
  
  d) determining if any restrictions have been pre-placed on the requesting user'"'"'s or work station'"'"'s access to the requested URL; and
  
  if so, causing a pre-configured page to be delivered to the user advising the user that access was denied;
  
  or if not, checking a local disk storage to determine if the requested object is already in cache; and
  
  if so, providing that object to the user, and if not, making the request to the Internet for the object, and in turn adding it, once received, to cache and delivering it transparently to the requesting user;
  
  f) logging all internet requests, restricted and unrestricted, by requesting user, work station and URL requested, into a local database; and
  
  g) allowing any authorized person with internet connectivity to access the logged information on the local database.
- View Dependent Claims (7, 8, 9)
- - 7. The method of claim 6 further comprising the steps of receiving all incoming email to users on the network;
    - identifying file extensions for files contained therein;
      
      comparing the file extension against a predetermined list of approved and unapproved file extensions for the requesting or receiving user and/or work station contained in a database within the system; and
      
      rejecting or accepting the email accordingly.
  - 8. The method of claim 6 further comprising the steps of identifying a peer-to-peer program which a user on the network has attempted to access;
    - comparing that program to a predetermined list of approved and unapproved programs for that user or workstation, and denying or allowing access accordingly.
  - 9. The method of claim 6 further comprising the step of modifying the authorized or unauthorized URL, file extension, or peer-to-peer program on a user-by-user basis using a one-click indication by the authorized manager or managers of the system.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Iprevision Incorporated
Original Assignee
Iprevision Incorporated
Inventors
Ryan, Patrick, Boyd, Carl, Lizarraga, Nicholas, Taylor, Chris

Application Number

US10/421,673
Publication Number

US 20110099621A1
Time in Patent Office

Days
Field of Search
US Class Current

726/13
CPC Class Codes

G06F 16/9574   of access to content, e.g. ...

G06F 21/51   at application loading time...

G06F 21/55   Detecting local intrusion o...

H04L 63/102   Entity profiles

H04L 67/02   based on web technology, e....

H04L 67/53   using third party service p...

H04L 67/56   Provisioning of proxy servi...

H04L 67/568   Storing data temporarily at...

H04L 67/5682   Policies or rules for updat...

H04L 69/329   in the application layer [O...

Process for monitoring, filtering and caching internet connections

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

60 Citations

9 Claims

Specification

Use Cases

Quick Links

Others

Process for monitoring, filtering and caching internet connections

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

60 Citations

9 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others