MX9800399A - Sistema y metodo para proporcionar control de acceso a nivel de par en una red. - Google Patents
Sistema y metodo para proporcionar control de acceso a nivel de par en una red.Info
- Publication number
- MX9800399A MX9800399A MX9800399A MX9800399A MX9800399A MX 9800399 A MX9800399 A MX 9800399A MX 9800399 A MX9800399 A MX 9800399A MX 9800399 A MX9800399 A MX 9800399A MX 9800399 A MX9800399 A MX 9800399A
- Authority
- MX
- Mexico
- Prior art keywords
- peer
- tuple
- rule
- access control
- packet
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0263—Rule management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Business, Economics & Management (AREA)
- General Business, Economics & Management (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Computer And Data Communications (AREA)
Abstract
La presente invencion se refiere a un sistema y método para proporcionar control de acceso a nivel de par en redes que transportan paquetes de informacion, cada paquete tiene una 5-tupla que tiene direcciones de fuente y destino, un puerto de fuente y destino y un identificador de protocolo. La base de reglas local de un par se cargan dinámicamente en un filtro cuando el par se autentica y expulsa cuando el par pierde su autenticacion. La base de reglas local se busca eficientemente a través del uso de tablas hash o de clave de eleccion arbitraria, en donde una direccion de red par con clave de eleccion arbitraria, sirve como puntero a las reglas locales del par. Cada regla comprende una 5-tupla y una accion. La accion de una regla se lleva a cabo en un paquete cuando la 5-tupla de la regla corresponde a la 5-tupla del paquete.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US08785501 | 1997-01-17 | ||
US08/785,501 US6233686B1 (en) | 1997-01-17 | 1997-01-17 | System and method for providing peer level access control on a network |
Publications (2)
Publication Number | Publication Date |
---|---|
MX9800399A true MX9800399A (es) | 1998-10-31 |
MXPA98000399A MXPA98000399A (es) | 1999-01-11 |
Family
ID=
Also Published As
Publication number | Publication date |
---|---|
DE69825801D1 (de) | 2004-09-30 |
JPH10229418A (ja) | 1998-08-25 |
EP0854621B1 (en) | 2004-08-25 |
JP3814068B2 (ja) | 2006-08-23 |
CA2226814A1 (en) | 1998-07-17 |
DE69825801T2 (de) | 2005-09-01 |
US6233686B1 (en) | 2001-05-15 |
EP0854621A1 (en) | 1998-07-22 |
CA2226814C (en) | 2003-03-25 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CA2226814A1 (en) | System and method for providing peer level access control on a network | |
CA2246549A1 (en) | Establishing communication in a packet data network | |
SE9802415D0 (sv) | Firewall apparatus and method of controlling network data packet traffic between internal and external networks | |
GB2394866B (en) | Arrangements and method in mobile internet communications systems | |
FI974665A (fi) | Menetelmä pakettien alkuperän varmistamiseksi verkko-osoitteiden ja pr otokollien muunnoksista huolimatta | |
CA2249787A1 (en) | Methods and apparatus for accelerating osi layer 3 routers | |
WO1997040610A3 (en) | Internet protocol filter | |
WO1998032065A3 (en) | Improved network security device | |
DE69328749D1 (de) | Dynamische Signalweglenkung | |
WO2003023638A3 (en) | Topology discovery by partitioning multiple discovery techniques | |
WO2003073626A3 (en) | Method and process for signaling, communication and administration of networked objects | |
NZ333221A (en) | Assigning temporary IP address to wireless communications station for data communication | |
CA2308949A1 (en) | Method, devices and signals for multiplexing payload data for transport in a data network | |
EP0858189A3 (en) | Networking method | |
ATE400121T1 (de) | System und verfahren zur selbstkonfiguration und entdeckung von ip-zu-mac-adressenabbildungen und der gatewaypräsenz | |
CN101106450A (zh) | 分布式报文传输安全保护装置和方法 | |
CA2330857A1 (en) | User specific automatic data redirection system | |
WO2004036831A3 (en) | Determining a path through a managed network | |
CA2276577A1 (en) | Method and apparatus for routing in a communication or data network, or a network comprising communication and data networks | |
Cisco | VINES Commands | |
Cisco | Banyan VINES Commands | |
CA2349825A1 (en) | Signalling message transport mechanism | |
Cisco | Banyan VINES Commands | |
Cisco | Banyan VINES Commands | |
Cisco | BGP Commands |