GB9719818D0 - Generalized security policy management system and method - Google Patents
Generalized security policy management system and methodInfo
- Publication number
- GB9719818D0 GB9719818D0 GB9719818A GB9719818A GB9719818D0 GB 9719818 D0 GB9719818 D0 GB 9719818D0 GB 9719818 A GB9719818 A GB 9719818A GB 9719818 A GB9719818 A GB 9719818A GB 9719818 D0 GB9719818 D0 GB 9719818D0
- Authority
- GB
- United Kingdom
- Prior art keywords
- message
- management system
- security policy
- protocol stack
- policy management
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/101—Access control lists [ACL]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/16—Implementation or adaptation of Internet protocol [IP], of transmission control protocol [TCP] or of user datagram protocol [UDP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/16—Implementation or adaptation of Internet protocol [IP], of transmission control protocol [TCP] or of user datagram protocol [UDP]
- H04L69/161—Implementation details of TCP/IP or UDP/IP stack architecture; Specification of modified or new header fields
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0236—Filtering by address, protocol, port number or service, e.g. IP-address or URL
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0263—Rule management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0281—Proxies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Computer And Data Communications (AREA)
Abstract
A system (10) for regulating the flow of messages through a firewall (18) having a network protocol stack, wherein the network protocol stack includes an Internet Protocol (IP) layer where if the message is not encrypted, it passes the unencrypted message up the network protocol stack to an application level proxy (50), and if the message is encrypted, it decrypts the message and passes the decrypted message up the network protocol stack to the application level proxy. The step of decrypting the message includes the step of executing a process at the IP layer to decrypt the message.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US08/715,343 US5983350A (en) | 1996-09-18 | 1996-09-18 | Secure firewall supporting different levels of authentication based on address or encryption status |
US08/715,668 US5950195A (en) | 1996-09-18 | 1996-09-18 | Generalized security policy management system and method |
Publications (3)
Publication Number | Publication Date |
---|---|
GB9719818D0 true GB9719818D0 (en) | 1997-11-19 |
GB2317539A GB2317539A (en) | 1998-03-25 |
GB2317539B GB2317539B (en) | 2001-03-28 |
Family
ID=27109321
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
GB9719818A Expired - Fee Related GB2317539B (en) | 1996-09-18 | 1997-09-17 | Generalized security policy management system and method |
GB9719816A Expired - Fee Related GB2317792B (en) | 1996-09-18 | 1997-09-17 | Virtual private network on application gateway |
Family Applications After (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
GB9719816A Expired - Fee Related GB2317792B (en) | 1996-09-18 | 1997-09-17 | Virtual private network on application gateway |
Country Status (2)
Country | Link |
---|---|
DE (1) | DE19741239C2 (en) |
GB (2) | GB2317539B (en) |
Families Citing this family (27)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7580919B1 (en) | 1997-03-10 | 2009-08-25 | Sonicwall, Inc. | Query interface to policy server |
US7272625B1 (en) | 1997-03-10 | 2007-09-18 | Sonicwall, Inc. | Generalized policy server |
US6408336B1 (en) | 1997-03-10 | 2002-06-18 | David S. Schneider | Distributed administration of access to information |
US7821926B2 (en) | 1997-03-10 | 2010-10-26 | Sonicwall, Inc. | Generalized policy server |
US8914410B2 (en) | 1999-02-16 | 2014-12-16 | Sonicwall, Inc. | Query interface to policy server |
US7912856B2 (en) | 1998-06-29 | 2011-03-22 | Sonicwall, Inc. | Adaptive encryption |
US6104716A (en) * | 1997-03-28 | 2000-08-15 | International Business Machines Corporation | Method and apparatus for lightweight secure communication tunneling over the internet |
SE512440C2 (en) * | 1998-05-27 | 2000-03-20 | Telia Ab | Method for secure telephony with mobility in a telephone and data communication system comprising an IP network |
EP1105809A4 (en) * | 1998-06-29 | 2005-10-05 | Internet Dynamics Inc | Generalized policy server |
US6502135B1 (en) | 1998-10-30 | 2002-12-31 | Science Applications International Corporation | Agile network protocol for secure communications with assured system availability |
US7418504B2 (en) | 1998-10-30 | 2008-08-26 | Virnetx, Inc. | Agile network protocol for secure communications using secure domain names |
US7188180B2 (en) | 1998-10-30 | 2007-03-06 | Vimetx, Inc. | Method for establishing secure communication link between computers of virtual private network |
CA2349519C (en) | 1998-10-30 | 2011-08-09 | Science Applications International Corporation | An agile network protocol for secure communications with assured system availability |
US10511573B2 (en) | 1998-10-30 | 2019-12-17 | Virnetx, Inc. | Agile network protocol for secure communications using secure domain names |
US6615357B1 (en) * | 1999-01-29 | 2003-09-02 | International Business Machines Corporation | System and method for network address translation integration with IP security |
FI106594B (en) * | 1999-02-10 | 2001-02-28 | Intrasecure Networks | Communication method for sending a message through a firewall |
GB2353676A (en) * | 1999-08-17 | 2001-02-28 | Hewlett Packard Co | Robust encryption and decryption of packetised data transferred across communications networks |
GB0003018D0 (en) * | 2000-02-11 | 2000-03-29 | Secr Defence | Computer security system |
EP2323335B1 (en) * | 2000-04-26 | 2020-04-08 | VirnetX Inc. | Protocol for secure communication |
DE10031896C1 (en) * | 2000-06-30 | 2002-01-24 | Chris Holland | Network coupling gateway for data telecommunications uses modular data format matching device configured using stored data set corresponding to subscriber device type |
US6996842B2 (en) * | 2001-01-30 | 2006-02-07 | Intel Corporation | Processing internet protocol security traffic |
US7315537B2 (en) | 2001-09-25 | 2008-01-01 | Siemens Aktiengesellschaft | Method for the transmission of data in a packet-oriented data network |
US20030084319A1 (en) * | 2001-10-31 | 2003-05-01 | Tarquini Richard Paul | Node, method and computer readable medium for inserting an intrusion prevention system into a network stack |
US7185365B2 (en) * | 2002-03-27 | 2007-02-27 | Intel Corporation | Security enabled network access control |
CN100512278C (en) * | 2003-11-13 | 2009-07-08 | 中兴通讯股份有限公司 | A method for embedding IPSEC in IP protocol stack |
CN100414929C (en) * | 2005-03-15 | 2008-08-27 | 华为技术有限公司 | Text transmission method in protocal network of mobile internet |
US10708230B2 (en) * | 2018-06-14 | 2020-07-07 | Servicenow, Inc. | Systems and methods for firewall configuration using block lists |
Family Cites Families (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5864683A (en) * | 1994-10-12 | 1999-01-26 | Secure Computing Corporartion | System for providing secure internetwork by connecting type enforcing secure computers to external network for limiting access to data based on user and process access rights |
US5757924A (en) * | 1995-09-18 | 1998-05-26 | Digital Secured Networks Techolognies, Inc. | Network security device which performs MAC address translation without affecting the IP address |
US5602918A (en) * | 1995-12-22 | 1997-02-11 | Virtual Open Network Environment Corp. | Application level security system and method |
WO1997026734A1 (en) * | 1996-01-16 | 1997-07-24 | Raptor Systems, Inc. | Transferring encrypted packets over a public network |
AU1748797A (en) * | 1996-01-16 | 1997-08-11 | Raptor Systems, Inc. | Key management for network communication |
WO1997026731A1 (en) * | 1996-01-16 | 1997-07-24 | Raptor Systems, Inc. | Data encryption/decryption for network communication |
US5918018A (en) * | 1996-02-09 | 1999-06-29 | Secure Computing Corporation | System and method for achieving network separation |
-
1997
- 1997-09-17 GB GB9719818A patent/GB2317539B/en not_active Expired - Fee Related
- 1997-09-17 GB GB9719816A patent/GB2317792B/en not_active Expired - Fee Related
- 1997-09-18 DE DE1997141239 patent/DE19741239C2/en not_active Expired - Fee Related
Also Published As
Publication number | Publication date |
---|---|
DE19741239C2 (en) | 2000-08-24 |
GB2317792A (en) | 1998-04-01 |
DE19741239A1 (en) | 1998-05-07 |
GB9719816D0 (en) | 1997-11-19 |
GB2317539A (en) | 1998-03-25 |
GB2317792B (en) | 2001-03-28 |
GB2317539B (en) | 2001-03-28 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
GB2317539B (en) | Generalized security policy management system and method | |
EP1317839B1 (en) | Apparatus and method for selectively encrypting the payload portion of multimedia data sent over a network | |
US6260142B1 (en) | Access and storage of secure group communication cryptographic keys | |
US5812671A (en) | Cryptographic communication system | |
CA2278670A1 (en) | Encryption and decryption method and apparatus | |
WO2000060846A3 (en) | Selective and renewable encryption for secure distribution of video on-demand | |
WO2000033506A8 (en) | Public key cryptosystem with roaming user capability | |
CA2224661A1 (en) | Use of an encryption server for encrypting messages | |
WO2001078491A3 (en) | Systems and methods for encrypting/decrypting data using a broker agent | |
MY119594A (en) | Method and apparatus for secure communication of information between a plurality of digital audiovisual devices | |
EP0669741A3 (en) | Method and apparatus for encrypted communication in data networks | |
AU3352000A (en) | Multiple level public key hierarchy for performance and high security | |
WO1998002989B1 (en) | Cryptographic communication system | |
AU2506397A (en) | Method for providing a secure communication between two devices and application of this method | |
CA2299056A1 (en) | A system and method for manipulating a computer file and/or program | |
WO1997026735A9 (en) | Key management for network communication | |
WO1997026735A1 (en) | Key management for network communication | |
WO2002101974A8 (en) | Secure ephemeral decryptability | |
CA2213096A1 (en) | Key management system for mixed-trust environments | |
EP1251670A3 (en) | Negotiating secure connections through a proxy server | |
EP0872977A3 (en) | System and method for efficiently implementing an authenticated communications channel that facilitates tamper detection | |
GB0317742D0 (en) | Secure transmission of data within a distributed computer system | |
JPH1168730A (en) | Encryption gateway device | |
AU1207600A (en) | System and method of authenticating a key and transmitting secure data | |
CA2226831A1 (en) | Decryption of retransmitted data in an encrypted communication system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
732E | Amendments to the register in respect of changes of name or changes affecting rights (sect. 32/1977) |
Free format text: REGISTERED BETWEEN 20141009 AND 20141015 |
|
PCNP | Patent ceased through non-payment of renewal fee |
Effective date: 20150917 |