WO2007055684A3 - Determining security realm identity before permitting network connection - Google Patents
Determining security realm identity before permitting network connection Download PDFInfo
- Publication number
- WO2007055684A3 WO2007055684A3 PCT/US2005/040552 US2005040552W WO2007055684A3 WO 2007055684 A3 WO2007055684 A3 WO 2007055684A3 US 2005040552 W US2005040552 W US 2005040552W WO 2007055684 A3 WO2007055684 A3 WO 2007055684A3
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- node
- network connection
- security realm
- resource
- before permitting
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/104—Grouping of entities
Abstract
An embodiment of a system of the invention includes a request node, an enforcement node, and a resource node. A request node generates a packet requesting access to a resource, includes its security realm identifier in the packet header, and transmits the same to the enforcement node via a network such as the Internet. The enforcement node receives the packet and applies the security policy of the resource node based on whether or not the request node is in the same security realm as the resource node. Related apparatuses, methods, and computer-readable media are also disclosed and claimed.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US11/164,085 US20060098649A1 (en) | 2004-11-10 | 2005-11-09 | System, apparatuses, methods, and computer-readable media for determining security realm identity before permitting network connection |
US11/165,085 | 2005-11-09 |
Publications (2)
Publication Number | Publication Date |
---|---|
WO2007055684A2 WO2007055684A2 (en) | 2007-05-18 |
WO2007055684A3 true WO2007055684A3 (en) | 2009-04-16 |
Family
ID=38024161
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/US2005/040552 WO2007055684A2 (en) | 2005-11-09 | 2005-11-11 | Determining security realm identity before permitting network connection |
Country Status (1)
Country | Link |
---|---|
WO (1) | WO2007055684A2 (en) |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
DE102012018604A1 (en) | 2012-09-20 | 2014-03-20 | Rolls-Royce Deutschland Ltd & Co Kg | Rolling tool device |
DE102012018605A1 (en) | 2012-09-20 | 2014-03-20 | Rolls-Royce Deutschland Ltd & Co Kg | Rolling tool device |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5204961A (en) * | 1990-06-25 | 1993-04-20 | Digital Equipment Corporation | Computer network operating with multilevel hierarchical security with selectable common trust realms and corresponding security protocols |
US5689566A (en) * | 1995-10-24 | 1997-11-18 | Nguyen; Minhtam C. | Network with secure communications sessions |
US6119171A (en) * | 1998-01-29 | 2000-09-12 | Ip Dynamics, Inc. | Domain name routing |
EP1134938A1 (en) * | 2000-03-17 | 2001-09-19 | Nortel Networks Corporation | System, device and method for supporting a label switched path across a non-MPLS compliant segment |
US20030065944A1 (en) * | 2001-09-28 | 2003-04-03 | Mao Yu Ming | Method and apparatus for implementing a layer 3/layer 7 firewall in an L2 device |
US6606706B1 (en) * | 1999-02-08 | 2003-08-12 | Nortel Networks Limited | Hierarchical multicast traffic security system in an internetwork |
US20040215771A1 (en) * | 2002-03-05 | 2004-10-28 | Hayes John W. | Concealing a network connected device |
-
2005
- 2005-11-11 WO PCT/US2005/040552 patent/WO2007055684A2/en active Application Filing
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5204961A (en) * | 1990-06-25 | 1993-04-20 | Digital Equipment Corporation | Computer network operating with multilevel hierarchical security with selectable common trust realms and corresponding security protocols |
US5689566A (en) * | 1995-10-24 | 1997-11-18 | Nguyen; Minhtam C. | Network with secure communications sessions |
US6119171A (en) * | 1998-01-29 | 2000-09-12 | Ip Dynamics, Inc. | Domain name routing |
US6606706B1 (en) * | 1999-02-08 | 2003-08-12 | Nortel Networks Limited | Hierarchical multicast traffic security system in an internetwork |
EP1134938A1 (en) * | 2000-03-17 | 2001-09-19 | Nortel Networks Corporation | System, device and method for supporting a label switched path across a non-MPLS compliant segment |
US20030065944A1 (en) * | 2001-09-28 | 2003-04-03 | Mao Yu Ming | Method and apparatus for implementing a layer 3/layer 7 firewall in an L2 device |
US20040215771A1 (en) * | 2002-03-05 | 2004-10-28 | Hayes John W. | Concealing a network connected device |
Also Published As
Publication number | Publication date |
---|---|
WO2007055684A2 (en) | 2007-05-18 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US8850553B2 (en) | Service binding | |
WO2007106687A3 (en) | Role aware network security enforcement | |
EP2605471B1 (en) | Relay-based media channel establishing method and the system thereof | |
WO2006031594A3 (en) | Dynamic firewall capabilities for wireless access gateways | |
WO2006020095A3 (en) | Security systems and services to provide identity and uniform resource identifier verification | |
WO2009151730A3 (en) | Authentication for distributed secure content management system | |
WO2007021345A3 (en) | System and method for authenticating internetwork resource requests | |
PL1876754T3 (en) | Method system and server for implementing dhcp address security allocation | |
JP2006134312A5 (en) | ||
WO2008155066A3 (en) | Methods and apparatuses for detecting whether user equipment resides in a trusted or a non-trusted access network | |
BRPI0907712A2 (en) | Dynamic dns system for private networks | |
WO2007015253A3 (en) | Two-factor authentication employing a user's ip address | |
WO2009058686A3 (en) | Variable dns responses based on client identity | |
WO2004061597A3 (en) | Method and system for transmitting authentication context information | |
WO2006115679A3 (en) | Cryptographic peer discovery, authentication, and authorization for on-path signaling | |
US9438583B2 (en) | Certificate generation method, certificate generation apparatus, information processing apparatus, and communication device | |
WO2009106214A3 (en) | Client/server system for communicating according to the standard protocol opc ua and having single sign-on mechanisms for authenticating, and method for performing single sign-on in such a system | |
WO2012058643A3 (en) | System and method for on the fly protocol conversion in obtaining policy enforcement information | |
WO2009068945A3 (en) | Using gaa to derive and distribute proxy mobile node home agent keys | |
US20170180518A1 (en) | Authentication system, method, client and recording medium using tcp sync packet | |
US20160345170A1 (en) | Wireless network segmentation for internet connected devices using disposable and limited security keys and disposable proxies for management | |
WO2016192608A3 (en) | Authentication method, authentication system and associated device | |
FI20175952L (en) | A system and method for network entity assisted honeypot access point detection | |
Kivinen et al. | IEEE 802.15. 4 Information Element for the IETF | |
WO2008062353A3 (en) | Method for authenticating nomadic user domains and nodes therefor |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 05818588 Country of ref document: EP Kind code of ref document: A2 |