US Patent Application No: 2003/0084,331

Number of patents in Portfolio can not be more than 2000

Method for providing user authentication/authorization and distributed firewall utilizing same

2 Status Updates

Stats

ATTORNEY / AGENT: (SPONSORED)
 

Importance

Loading Importance Indicators... loading....

Abstract

The distributed firewall performs user authentication at a first level to establish a user security context for traffic from that user, and an authority context provides authorization for subsequent traffic. This authority context may be based on an underlying policy for particular types of traffic, access to particular applications, etc. Additionally, the system includes the ability to allow a user/process/application to define its own access control. The linking of the user security context from the traffic to the application is accomplished by enabling IPSec on a socket and forcing the socket to be bound in exclusive mode. The most common policy definitions may be included by default. Extensions of the Internet key exchange protocol (IKE) to provide the desired user authentication plus application/purpose are also provided. The architecture includes pluggable authorization module(s) that are called after IKE has successfully authenticated the peer, but before the connection is allowed to complete.

Loading the Abstract Image... loading....

First Claim

Related Publications

Loading Related Publications... loading....

Patent Owner(s)

Patent OwnerAddressTotal Patents
MICROSOFT CORPORATIONREDMOND, WA24565

International Classification(s)

  • [Classification Symbol]
  • [Patents Count]

Inventor(s)

Inventor Name Address # of filed Patents Total Citations
Aboba, Bernard D Bellevue, WA 28 290
Dixon, William H Seattle, WA 8 115
Palekar, Ashwin Redmond, WA 42 287
Pall, Gurdeep S Sammamish, WA 32 111
Swander, Brian D Bellevue, WA 38 346

Patent Citation Ranking

Forward Cites

Patent Info (Count) # Cites Year
 
MICROSOFT CORPORATION (13)
7,509,673 Multi-layered firewall architecture 8 2003
7,409,707 Method for managing network filter based policies 24 2003
7,308,711 Method and framework for integrating a plurality of network policies 10 2003
7,260,840 Multi-layer based method for implementing network firewalls 56 2003
7,535,905 Signing and validating session initiation protocol routing headers 5 2004
8,024,476 Efficient message routing when using server pools 0 2004
7,612,832 Method and system for video clip compression 3 2005
8,042,151 Application context based access control 0 2005
8,122,492 Integration of social network information and network firewalls 0 2006
8,079,073 Distributed firewall implementation and control 0 2006
8,176,157 Exceptions grouping 0 2006
7,761,708 Method and framework for integrating a plurality of network policies 4 2007
7,900,248 Access control negation using negative groups 2 2007
 
AVOCENT HUNTSVILLE CORPORATION (4)
7,454,785 Proxy method and system for secure wireless administration of managed entities 8 2002
7,394,761 System and method for delivering messages using alternate modes of communication 14 2003
7,577,255 Proxy method and system for secure wireless administration of managed entities 0 2006
7,421,735 Proxy method and system for secure wireless administration of managed entities 6 2006
 
TEPA DATASOLUTIONS CO., LLC (4)
8,417,675 Method of distributing contact and calendar records 0 2007
8,346,307 Method of displaying contact information 0 2007
8,234,244 Method of distributing contact and calendar records 0 2007
8,150,422 Method of displaying contact information 0 2007
 
ENTERASYS NETWORKS, INC. (3)
7,855,972 Creating, modifying and storing service abstractions and role abstractions representing one or more packet rules 1 2002
6,892,309 Controlling usage of network resources by a user at the user's entry point to a communications network based on an identity of the user 49 2002
6,990,592 Controlling concurrent usage of network resources by multiple users at an entry point to a communications network based on identities of the users 7 2002
 
LIQUIDWARE LABS, INC. (2)
7,591,001 System, apparatuses, methods and computer-readable media for determining the security status of a computer before establishing a network connection 3 2005
7,549,159 System, apparatuses, methods and computer-readable media for determining the security status of a computer before establishing connection thereto 2 2005
 
TRUSTED NETWORK TECHNOLOGIES (2)
7,823,194 System and methods for identification and tracking of user and/or source initiating communication in a computer network 1 2003
7,660,980 Establishing secure TCP/IP communications using embedded IDs 0 2007
 
AUTODESK, INC. (1)
7,797,339 Security architecture for content management systems 2 2006
 
BALLY GAMING, INC. (1)
8,392,707 Gaming network 0 2005
 
CHECK POINT SOFTWARE TECHNOLOGIES, INC. (1)
7,540,013 System and methodology for protecting new computers by applying a preconfigured security update policy 3 2004
 
CYBERDEFENDER CORPORATION (1)
7,836,506 Threat protection network 1 2005
 
GENERAL INSTRUMENT CORPORATION (1)
8,352,371 Limiting access to shared media content 0 2008
 
HARRIS CORPORATION (1)
7,327,690 Wireless local or metropolitan area network with intrusion detection features and related methods 2 2002
 
NTT DOCOMO, INC. (1)
7,743,158 Access network dynamic firewall 1 2002
 
TIME WARNER CABLE ENTERPRISES LLC (1)
7,792,963 Method to block unauthorized network traffic in a cable data network 0 2003
 
TOSHIBA TEC KABUSHIKI KAISHA (1)
7,603,456 System and method for securing remote administrative access to a processing device 0 2007
 
TREND MICRO INCORPORATED (1)
7,096,254 Electronic mail distribution network implementation for safeguarding sender's address book covering addressee aliases with minimum interference with normal electronic mail transmission 4 2002
 
Other [Check patent profile for assignment information] (3)
8,468,579 Transformation of sequential access control lists utilizing certificates 0 2007
8,464,358 Portable identity rating 0 2010
8,359,631 Portable identity rating 0 2011