WO2013150543A3 - Precomputed high-performance rule engine for very fast processing from complex access rules - Google Patents

Precomputed high-performance rule engine for very fast processing from complex access rules Download PDF

Info

Publication number
WO2013150543A3
WO2013150543A3 PCT/IN2013/000170 IN2013000170W WO2013150543A3 WO 2013150543 A3 WO2013150543 A3 WO 2013150543A3 IN 2013000170 W IN2013000170 W IN 2013000170W WO 2013150543 A3 WO2013150543 A3 WO 2013150543A3
Authority
WO
WIPO (PCT)
Prior art keywords
precomputed
access rules
rule engine
fast processing
destination
Prior art date
Application number
PCT/IN2013/000170
Other languages
French (fr)
Other versions
WO2013150543A2 (en
Inventor
Sharan JITENDER
Original Assignee
Ciphergraph Networks, Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ciphergraph Networks, Inc. filed Critical Ciphergraph Networks, Inc.
Publication of WO2013150543A2 publication Critical patent/WO2013150543A2/en
Publication of WO2013150543A3 publication Critical patent/WO2013150543A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0263Rule management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/45Network directories; Name-to-address mapping
    • H04L61/4505Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols
    • H04L61/4511Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols using domain name system [DNS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/58Caching of addresses or names
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0272Virtual private networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services
    • H04L67/568Storing data temporarily at an intermediate stage, e.g. caching

Abstract

The invention discloses a method of setting up a forwarding path between a client existing in a first communication network and a destination existing in a second communication network through a third communication network, wherein after the step of requesting for connection to the destination, the request is forwarded to an intermediate DNS server. The intermediate DNS server after accessing the access rules from the rule server determines the access privileges of the client at the destination, and thereby setting up the forwarding path between the client and the destination via a secure channel.
PCT/IN2013/000170 2012-04-02 2013-03-18 Precomputed high-performance rule engine for very fast processing from complex access rules WO2013150543A2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
IN1304CH2012 2012-04-02
IN1304/CHE/2012 2012-04-02

Publications (2)

Publication Number Publication Date
WO2013150543A2 WO2013150543A2 (en) 2013-10-10
WO2013150543A3 true WO2013150543A3 (en) 2013-12-05

Family

ID=49301126

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IN2013/000170 WO2013150543A2 (en) 2012-04-02 2013-03-18 Precomputed high-performance rule engine for very fast processing from complex access rules

Country Status (1)

Country Link
WO (1) WO2013150543A2 (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9386038B2 (en) 2013-11-20 2016-07-05 Iboss, Inc. Manage encrypted network traffic using spoofed addresses
US9596217B2 (en) 2014-03-07 2017-03-14 Iboss, Inc. Manage encrypted network traffic using spoofed addresses
CN111444278B (en) * 2020-04-01 2023-08-29 Oppo(重庆)智能科技有限公司 Data synchronization method and device and transfer server
US20230188494A1 (en) * 2021-12-13 2023-06-15 Tailscale Inc. Management of domain name services across multiple device and software configurations

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050102410A1 (en) * 2003-10-24 2005-05-12 Nokia Corporation Communication system
US20070156897A1 (en) * 2005-12-29 2007-07-05 Blue Jungle Enforcing Control Policies in an Information Management System
US20090040983A1 (en) * 2007-08-08 2009-02-12 Samsung Electronics Co., Ltd. Apparatus and method for managing quality of service of service flow in wireless communication system
US20090210519A1 (en) * 2008-02-18 2009-08-20 Microsoft Corporation Efficient and transparent remote wakeup
US20100251329A1 (en) * 2009-03-31 2010-09-30 Yottaa, Inc System and method for access management and security protection for network accessible computer services
US20120017262A1 (en) * 2000-09-25 2012-01-19 Harsh Kapoor Systems and methods for processing data flows

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120017262A1 (en) * 2000-09-25 2012-01-19 Harsh Kapoor Systems and methods for processing data flows
US20050102410A1 (en) * 2003-10-24 2005-05-12 Nokia Corporation Communication system
US20070156897A1 (en) * 2005-12-29 2007-07-05 Blue Jungle Enforcing Control Policies in an Information Management System
US20090040983A1 (en) * 2007-08-08 2009-02-12 Samsung Electronics Co., Ltd. Apparatus and method for managing quality of service of service flow in wireless communication system
US20090210519A1 (en) * 2008-02-18 2009-08-20 Microsoft Corporation Efficient and transparent remote wakeup
US20100251329A1 (en) * 2009-03-31 2010-09-30 Yottaa, Inc System and method for access management and security protection for network accessible computer services

Also Published As

Publication number Publication date
WO2013150543A2 (en) 2013-10-10

Similar Documents

Publication Publication Date Title
WO2014153461A3 (en) Multifunction wireless device
PH12015500798A1 (en) Method of processing requests for digital services
MX2018001445A (en) Managing a device cloud.
WO2013144716A3 (en) Content centric m2m system
EP3537733A4 (en) Network sharing method, and method and system for accessing network
WO2014057375A3 (en) Method and apparatus for accelerating forwarding in software-defined networks
EP3737071A3 (en) Method and system for internetwork communication with machine devices
AU2014361532A1 (en) Traffic control method and system
WO2013173741A3 (en) Prioritization of incoming communications
WO2013086043A3 (en) Data exchange via authenticated router
WO2011043903A3 (en) Network access control
EP3432652A4 (en) Method for processing access request from ue, and network node
WO2007095546A3 (en) Hotspot communication limiter
MX351030B (en) Third-party captive portal.
WO2010144207A3 (en) Method and apparatus for processing authentication request message in a social network
NZ709097A (en) Method and system for hub breakout roaming
WO2013049461A3 (en) Oauth framework
WO2011140235A3 (en) Apparatus and method for establishing a peer-to-peer communication session with a host device
WO2013120026A3 (en) Enabling secure access to a discovered location server for a mobile device
WO2014037839A3 (en) Minimizing mapping and signaling for data path aggregation
MX2015012581A (en) Wireless data privacy maintained through a social network.
WO2013150543A3 (en) Precomputed high-performance rule engine for very fast processing from complex access rules
WO2014147483A3 (en) Cut-through processing for slow and fast ports
WO2016192608A3 (en) Authentication method, authentication system and associated device
WO2014184671A3 (en) Systems and methods for efficient network security adjustment

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 13772645

Country of ref document: EP

Kind code of ref document: A2

122 Ep: pct application non-entry in european phase

Ref document number: 13772645

Country of ref document: EP

Kind code of ref document: A2