Systems and methods for site access
First Claim
1. A method of controlling access to web sites, the method comprising the acts of:
- using an intervening control layer to intercept a network address being passed to a transport layer process from a socket services process;
determining if the intercepted network address is indicated in a local cache of permissible content;
permitting the intercepted network address to be passed to the transport layer process if the network address is indicated in the local cache of permissible content;
if the local cache of permissible content does not indicate the intercepted network address,contacting a monitoring server to determine if access to the intercepted network address is permissible,if indicated as permitted by the monitoring server, permitting the intercepted network address to pass to the transport layer process and updating the local cache to indicate the intercepted network address, andblocking the intercepted network address from passing to the transport layer process if indicated as blocked by the monitoring server.
1 Assignment
0 Petitions
Accused Products
Abstract
Monitoring site access via an intervening control layer within a client is disclosed. In one embodiment of the invention, a computerized system includes a plurality of sites, a monitoring server, and a client. Each site has content referenced be addresses. The monitoring server maintains a database of permissible content on at least one of the plurality of sites, where the permissible content is also referenced by addresses. The client has an intervening control layer within an otherwise standard mechanism by which programs running on the client access the content on the plurality of sites. The intervening control layer polls the monitoring server to determine whether a program attempting to access content on one of the sites as referenced by an address should be permitted to do so.
36 Citations
11 Claims
-
1. A method of controlling access to web sites, the method comprising the acts of:
-
using an intervening control layer to intercept a network address being passed to a transport layer process from a socket services process; determining if the intercepted network address is indicated in a local cache of permissible content; permitting the intercepted network address to be passed to the transport layer process if the network address is indicated in the local cache of permissible content; if the local cache of permissible content does not indicate the intercepted network address, contacting a monitoring server to determine if access to the intercepted network address is permissible, if indicated as permitted by the monitoring server, permitting the intercepted network address to pass to the transport layer process and updating the local cache to indicate the intercepted network address, and blocking the intercepted network address from passing to the transport layer process if indicated as blocked by the monitoring server. - View Dependent Claims (2, 3, 4, 5)
-
-
6. One or more computer-readable media having code stored therein for execution by one or more processors, the code comprising:
-
a socket services code executable to receive a network address from an application and to pass the network address to a transport layer process; and an intervening control layer code executable to, intercept a network address to be passed by the socket services code to a transport layer process, check a cache of addresses and to permit the intercepted network address to pass to the transport layer process if indicated in the cache and to block the intercepted network address from being passed to the transport layer process if not indicated in the cache, ask a monitoring server if content at the intercepted network address is permissible if the intercepted network address is not indicated in the cache, add the intercepted network address to the cache and permit the intercepted network address to pass if the monitoring server indicates that the content at the intercepted network address is permissible, and block the intercepted network address from being passed to the transport layer process if the monitoring server indicates that the content at the intercepted network address is not permissible. - View Dependent Claims (7, 8)
-
-
9. A computer system comprising:
-
a processor; a network interface; and a computer-readable medium having stored therein, a socket services code executable to receive a network address from an application and to pass the network address to a transport layer process; and an intervening control layer code executable to, intercept a network address to be passed by the socket services code to a transport layer process, check a cache of addresses and to permit the intercepted network address to pass to the transport layer process if indicated in the cache and to block the intercepted network address from being passed to the transport layer process if not indicated in the cache, ask a monitoring server if content at the intercepted network address is permissible if the intercepted network address is not indicated in the cache, add the intercepted network address to the cache and permit the intercepted network address to pass if the monitoring server indicates that the content at the intercepted network address is permissible, and block the intercepted network address from being passed to the transport layer process if the monitoring server indicates that the content at the intercepted network address is not permissible. - View Dependent Claims (10, 11)
-
Specification