WO2005062233A3 - Computer security system - Google Patents
Computer security system Download PDFInfo
- Publication number
- WO2005062233A3 WO2005062233A3 PCT/US2004/041958 US2004041958W WO2005062233A3 WO 2005062233 A3 WO2005062233 A3 WO 2005062233A3 US 2004041958 W US2004041958 W US 2004041958W WO 2005062233 A3 WO2005062233 A3 WO 2005062233A3
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- computer system
- addresses
- access
- port numbers
- external
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0236—Filtering by address, protocol, port number or service, e.g. IP-address or URL
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/09—Mapping addresses
- H04L61/25—Mapping addresses of the same type
- H04L61/2503—Translation of Internet protocol [IP] addresses
- H04L61/2514—Translation of Internet protocol [IP] addresses between local and global IP addresses
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/14—Session management
Abstract
A method of providing an authenticated user with access to a computer system (200, 210 and 220) and restricting an unauthenticated user from access to the computer system (200, 210 and 220) is provided. The method includes mapping a plurality of internal IP addresses and port numbers associated with the computer system (200, 210 and 220) to a respective plurality of external IP addresses and port numbers. The method also includes determining whether a user is authenticated for access to external IP addresses and port numbers. The method also includes providing at least one of the external IP addresses and port numbers to an authenticated user of the computer system (200, 210 and 220) in response to a request from the authenticated user such that the authenticated user may access at least one resource of the computer System (200, 210 and 220). The method also includes restricting access to the external IP addresses and port numbers from a non-authenticated user of the computer System (200, 210 and 220).
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US53001303P | 2003-12-16 | 2003-12-16 | |
| US60/530,013 | 2003-12-16 |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| WO2005062233A2 WO2005062233A2 (en) | 2005-07-07 |
| WO2005062233A3 true WO2005062233A3 (en) | 2005-08-25 |
Family
ID=34710152
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| PCT/US2004/041958 WO2005062233A2 (en) | 2003-12-16 | 2004-12-15 | Computer security system |
Country Status (1)
| Country | Link |
|---|---|
| WO (1) | WO2005062233A2 (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8274979B2 (en) | 2005-12-30 | 2012-09-25 | Telecom Italia S.P.A. | Method and system for secure communication between a public network and a local network |
| CN112565287B (en) * | 2020-12-18 | 2023-05-12 | 深信服科技股份有限公司 | Asset exposure surface determination method, device, firewall and storage medium |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6061798A (en) * | 1996-02-06 | 2000-05-09 | Network Engineering Software, Inc. | Firewall system for protecting network elements connected to a public network |
| EP1035702A2 (en) * | 1999-03-04 | 2000-09-13 | Sun Microsystems, Inc. | Secure communication with mobile hosts |
| US20030009561A1 (en) * | 2001-06-14 | 2003-01-09 | Sollee Patrick N. | Providing telephony services to terminals behind a firewall and /or network address translator |
| US20030043740A1 (en) * | 2001-06-14 | 2003-03-06 | March Sean W. | Protecting a network from unauthorized access |
| US20030154399A1 (en) * | 2002-02-08 | 2003-08-14 | Nir Zuk | Multi-method gateway-based network security systems and methods |
| US20030200318A1 (en) * | 2002-03-29 | 2003-10-23 | Realtek Semiconductor Corp. | Apparatus and method for NAT/NAPT session management |
-
2004
- 2004-12-15 WO PCT/US2004/041958 patent/WO2005062233A2/en active Application Filing
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6061798A (en) * | 1996-02-06 | 2000-05-09 | Network Engineering Software, Inc. | Firewall system for protecting network elements connected to a public network |
| EP1035702A2 (en) * | 1999-03-04 | 2000-09-13 | Sun Microsystems, Inc. | Secure communication with mobile hosts |
| US20030009561A1 (en) * | 2001-06-14 | 2003-01-09 | Sollee Patrick N. | Providing telephony services to terminals behind a firewall and /or network address translator |
| US20030043740A1 (en) * | 2001-06-14 | 2003-03-06 | March Sean W. | Protecting a network from unauthorized access |
| US20030154399A1 (en) * | 2002-02-08 | 2003-08-14 | Nir Zuk | Multi-method gateway-based network security systems and methods |
| US20030200318A1 (en) * | 2002-03-29 | 2003-10-23 | Realtek Semiconductor Corp. | Apparatus and method for NAT/NAPT session management |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2005062233A2 (en) | 2005-07-07 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8893300B2 (en) | Security systems and methods to reduce data leaks in enterprise networks | |
| MY163665A (en) | Delegated administration of a hosted resource | |
| US8572699B2 (en) | Hardware-based credential distribution | |
| US6910132B1 (en) | Secure system and method for accessing files in computers using fingerprints | |
| EP1361723A3 (en) | Maintaining authentification states for resources accessed in a stateless environment | |
| EP1657663A2 (en) | Adaptive multi-tier authentification system | |
| GB2386291B (en) | Integrated procedure for partitioning network data services among multiple subscribers | |
| US20050004924A1 (en) | Control of access to databases | |
| WO2007115209A3 (en) | Identity and access management framework | |
| WO2001033320A3 (en) | Public network access server having a user-configurable firewall | |
| WO2005079459A3 (en) | Ip for switch based acl's | |
| US20110315763A1 (en) | Dynamic Remote Peripheral Binding | |
| WO2001011452A3 (en) | Access management system and method employing secure credentials | |
| EP1679632A3 (en) | Systems and methods for securely booting a computer with a trusted processing module | |
| WO2008016567A3 (en) | Method and system for access authentication | |
| CN1440604A (en) | Firewall system combined with embedded hardware and general-purpose computer | |
| TW200642391A (en) | Method and system for authenticating a requestor without providing a key | |
| Carpent et al. | Reconciling remote attestation and safety-critical operation on simple iot devices | |
| US7743255B2 (en) | Trust model for a database management system supporting multiple authorization domains | |
| EP1435557A3 (en) | Restricted access of applications to hardware resources | |
| US8271785B1 (en) | Synthesized root privileges | |
| CA2494225A1 (en) | Graduated authentication in an identity management system | |
| US20050015605A1 (en) | System and method for ensuring mobile device data and content security | |
| RU2008126229A (en) | SYSTEM AND METHOD FOR PROVIDING SAFE ACCESS TO BUILT-IN DEVICES USING TRUST CONTROLLER AND SECURITY BROKER | |
| WO2005062233A3 (en) | Computer security system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| AK | Designated states |
Kind code of ref document: A2 Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NA NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW |
|
| AL | Designated countries for regional patents |
Kind code of ref document: A2 Designated state(s): BW GH GM KE LS MW MZ NA SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LT LU MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG |
|
| 121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
| NENP | Non-entry into the national phase |
Ref country code: DE |
|
| WWW | Wipo information: withdrawn in national office |
Country of ref document: DE |
|
| 122 | Ep: pct application non-entry in european phase |