专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

WO9854869A3 METHOD AND APPARATUS FOR PROVIDING SECURITY IN A STAR NETWORK CONNECTION USING PUBLIC KEY CRYPTOGRAPHY 审中-公开
标题翻译：使用公共密钥生成方法和装置在星型网络连接中提供安全性
公开(公告)号：WO9854869A3
公开(公告)日：1999-02-25
申请号：PCT/US9810993
申请日：1998-05-28
申请人： 3COM CORP
发明人： JAIN VIPIN KUMAR , NESSETT DANNY M , SHERER WILLIAM PAUL
IPC分类号： H04L9/32 , H04L12/413 , H04L12/46 , H04L12/56 , H04L29/06 , H04L29/08 , H04L12/00
CPC分类号： H04L63/0442 , H04L12/413 , H04L12/44 , H04L12/4625 , H04L29/06 , H04L63/0823 , H04L69/324
摘要： An intermediate system authenticates end systems, in one embodiment using cryptography. An authentication routine is called on a port when an intermediate system detects any interruption in the physical connection with the port. An embodiment requires a user to supply a secret known only to the user before allowing data to be transmitted. Network data is not fully transmitted or received to any port that has not been authenticated. The invention distributes a user authentication to the point where an end system initially connects to a network, to prevent an authorized reception or transmission of network data that is not prevented under existing network login systems. The invention may be incorporated into an intermediate system, into intermediate system software, or into applications specific integrated circuits designed for use in an intermediate system. The invention may include components that interact specifically with installed components in an end system or elsewhere in a network.

2. 发明申请

WO0041091A9 DYNAMIC POLICY MANAGEMENT APPARATUS AND METHOD USING ACTIVE NETWORK DEVICES 审中-公开
标题翻译：动态策略管理设备和使用活动网络设备的方法
公开(公告)号：WO0041091A9
公开(公告)日：2001-10-04
申请号：PCT/US9928199
申请日：1999-11-29
申请人： 3COM CORP
发明人： EICHERT STUART , NESSETT DANNY M , LUO WENJUN , LUSHER ELAINE
IPC分类号： H04L12/24 , G06F15/173
CPC分类号： H04L41/0893
摘要： A system for providing policy management in a network (110) that includes nodes (100, 120, 130, 140, 150, 160, 170, 180, 190) operating in multiple protocol layers and having enforcement functions. Multiple network devices, such as routers (160), hubs (190), remote access equipment (150), switches (120), repeaters (140), bridges (170), and network cards (130, 180), and end system processes having security functions are configured to contribute to implementation of policy enforcement in the network (110). By distributing policy enforcement functionality to a variety of network devices and end systems, a pervasive policy management system is implemented. The policy management system includes a policy implementation component that accepts policy, i.e. instructions or rules, that define how the network device should behave when confronted with a particular situation. The management system further includes a management station (100), with a user interface (101) operating pursuant to a first process capable of providing an object to the network, the object including variables and one of a method or instructions to locate a method, executable on the network to set up a second process to enforce a portion of the policy.
摘要翻译：一种用于在网络（110）中提供策略管理的系统，其包括在多个协议层中操作并具有执行功能的节点（100,120,130,140,150,160,170,180,190）。多个网络设备，例如路由器（160），集线器（190），远程接入设备（150），交换机（120），中继器（140），网桥（170）和网卡（130,180）具有安全功能的进程被配置为有助于在网络（110）中执行策略实施。通过向各种网络设备和终端系统分发策略实施功能，实现了普遍的策略管理系统。策略管理系统包括策略实现组件，其接受策略，即指令或规则，其定义当面对特定情况时网络设备应如何行为。管理系统还包括管理站（100），其具有根据能够向网络提供对象的第一进程操作的用户界面（101），所述对象包括变量以及用于定位方法的方法或指令之一，可执行在网络上设置第二个进程来执行策略的一部分。

3. 发明申请

WO02093824A2 AUTHENTICATION METHOD 审中-公开
标题翻译：认证方法
公开(公告)号：WO02093824A2
公开(公告)日：2002-11-21
申请号：PCT/US0215642
申请日：2002-05-16
申请人： 3COM CORP
发明人： YOUNG ALBERT , CHANG VICTOR , NESSETT DANNY M
IPC分类号： H04L29/06 , H04L9/00
CPC分类号： H04L63/062 , H04L63/0414 , H04L63/08 , H04L63/0869 , H04L63/162 , H04L63/166
摘要： In a computer network, a method of mutually authenticating a client device and a network interface, authenticating a user to the network and exchanging encryption keys. In one embodiment, the method comprises authenticating the client device at the local network device point, with which the client device exchanges an encryption key and then the user is authenticated by a central authentication server. In another embodiment, the method comprises authenticating the client device at the central authentication server, with which the client device exchanges a key which is passed to the network device with a secret shared between the central authentication server and the network device.In this embodiment, the user is also authenticated at the central authentication server.
摘要翻译：在计算机网络中，相互验证客户端设备和网络接口的方法，将用户认证到网络并交换加密密钥。在一个实施例中，该方法包括在本地网络设备点验证客户端设备，客户机设备通过该客户端设备交换加密密钥，然后由中央认证服务器认证用户。在另一个实施例中，该方法包括在中央认证服务器处认证客户端设备，客户端设备与中央认证服务器和网络设备之间共享的秘密交换传递给网络设备的密钥。在本实施例中，用户也在中央认证服务器上进行身份验证。

4. 发明公开

EP0990206A4 MULTILAYER FIREWALL SYSTEM 失效
标题翻译：多级防火墙系统
公开(公告)号：EP0990206A4
公开(公告)日：2005-08-03
申请号：EP98924930
申请日：1998-05-28
申请人： 3COM CORP
发明人： NESSETT DANNY M , SHERER WILLIAM PAUL
IPC分类号： G06F13/00 , H04L29/06 , G06F11/00
CPC分类号： H04L63/02 , H04L63/0209 , H04L63/0218 , H04L63/0227 , H04L63/0263 , H04L63/102
摘要： A system provides for establishing security in a network (10) that includes nodes having security functions operating in multiple protocol layers. Multiple network devices, such as remote access equipment (13), routers (14), switches (12), repeaters (16) and network cards (15) having security functions are configured to contribute to implementation of distributed firewall functions in the network. By distributing firewall functionality throughout many layers of the network in a variety of network devices, a pervasive firewall is implemented. The pervasive, multilayer firewall includes a policy definition component (11) that accepts policy data that define how the firewall should behave. The multilayer firewall also includes a collection of network devices that are used to enforce the defined policy. The security functions operating in this collection of network devices across multiple protocol layers are coordinated by the policy definition component so that particular devices enforce that part of the policy pertinent to their part of the network.

5. 发明专利

GB2360668B Method for secure installation of device in packet-based communication network 未知
公开(公告)号：GB2360668B
公开(公告)日：2003-07-09
申请号：GB0014114
申请日：2000-06-12
申请人： 3COM CORP
发明人： NESSETT DANNY M , DOLPHIN CLIVE , BROWN ALEXANDER S
IPC分类号： H04L12/24 , H04Q11/04

6. 发明专利

GB2360668A Method for secure installation of device in packet-based communication network 未知
公开(公告)号：GB2360668A
公开(公告)日：2001-09-26
申请号：GB0014114
申请日：2000-06-12
申请人： 3COM CORP
发明人： NESSETT DANNY M , DOLPHIN CLIVE , BROWN ALEXANDER S
IPC分类号： H04L12/24 , H04Q11/04
摘要： A method of installing a network device in a packet-based data communication network and checking the authenticity of the installation, comprising the steps of (a) communicating identification information of the device to a management system; (b) installing said device; (c) obtaining from a protocol address administrator a protocol address for said device; (d) sending a communication from the device to the management system; (e) conducting a key agreement protocol exchange between said device and said management system to establish a set of encryption keys; (f) using said set of encryption keys to provide mutual authentication by said device and said management system; (g) associating, within said management system, the time of said communication in step (d) with said identification information and the protocol address of the device; and (h) communicating from said management system to said administrator a message including said identification information, said protocol address and said time.

7. 发明专利

GB2342020A Multilayer firewall system 未知
公开(公告)号：GB2342020A
公开(公告)日：2000-03-29
申请号：GB9928175
申请日：1998-05-28
申请人： 3COM CORP
发明人： NESSETT DANNY M , SHERER WILLIAM PAUL
IPC分类号： G06F13/00 , H04L29/06 , H04L9/00 , H04L12/22
摘要： A system provides for establishing security in a network (10) that includes nodes having security functions operating in multiple protocol layers. Multiple network devices, such as remote access equipment (13), routers (14), switches (12), repeaters (16) and network cards (15) having security functions are configured to contribute to implementation of distributed firewall functions in the network. By distributing firewall functionality throughout many layers of the network in a variety of network devices, a pervasive firewall is implemented. The pervasive, multilayer firewall includes a policy definition component (11) that accepts policy data that define how the firewall should behave. The multilayer firewall also includes a collection of network devices that are used to enforce the defined policy. The security functions operating in this collection of network devices across multiple protocol layers are coordinated by the policy definition component so that particular devices enforce that part of the policy pertinent to their part of the network.

8. 发明专利

CA2291158A1 MULTILAYER FIREWALL SYSTEM 未知
公开(公告)号：CA2291158A1
公开(公告)日：1998-12-03
申请号：CA2291158
申请日：1998-05-28
申请人： 3COM CORP
发明人： NESSETT DANNY M , SHERER WILLIAM PAUL
IPC分类号： G06F13/00 , H04L29/06 , G06F11/00
摘要： A system provides for establishing security in a network (10) that includes nodes having security functions operating in multiple protocol layers. Multiple network devices, such as remote access equipment (13), routers (14), switches (12), repeaters (16) and network cards (15) having security functions are configured to contribute to implementation of distributed firewall functions in the network. By distributing firewall functionality throughout many layers of the network in a variety of network devices, a pervasive firewall is implemented. The pervasive, multilayer firewall includes a policy definition component (11) that accepts policy data that define how the firewall should behave. The multilayer firewall also includes a collection of network devices that are used to enforce the defined policy. The security functions operating in this collection of network devices across multiple protocol layers are coordinated by the policy definition component so that particular devices enforce that part of the policy pertinent to their part of the network.

9. 发明专利

CA2291760A1 METHOD AND APPARATUS FOR PROVIDING SECURITY IN A STAR NETWORK CONNECTION USING PUBLIC KEY CRYPTOGRAPHY 未知
公开(公告)号：CA2291760A1
公开(公告)日：1998-12-03
申请号：CA2291760
申请日：1998-05-28
申请人： 3COM CORP
发明人： SHERER WILLIAM PAUL , JAIN VIPIN KUMAR , NESSETT DANNY M
IPC分类号： H04L9/32 , H04L12/413 , H04L12/46 , H04L12/56 , H04L29/06 , H04L29/08 , H04L12/22 , H04L12/00
摘要： An intermediate system authenticates end systems, in one embodiment using cryptography. An authentication routine is called on a port when an intermediate system detects any interruption in the physical connection with the port. An embodiment requires a user to supply a secret known only to the user before allowing data to be transmitted. Network data is not fully transmitted or received to any port that has not been authenticated. The invention distributes a user authentication to the point where an end system initially connects to a network, to prevent an authorized reception or transmission of network data that is not prevented under existing network login systems. The invention may be incorporated into an intermediate system, into intermediate system software, or into applications specific integrated circuits designed for use in an intermediate system. The invention may include components that interact specifically with installed components in an end system or elsewhere in a network.

10. 发明专利

AT343818T 未知
公开(公告)号：AT343818T
公开(公告)日：2006-11-15
申请号：AT98924930
申请日：1998-05-28
申请人： 3COM CORP
发明人： NESSETT DANNY M , SHERER WILLIAM PAUL
IPC分类号： G06F13/00 , H04L29/06 , G06F11/00
摘要： A system provides for establishing security in a network that include nodes having security functions operating in multiple protocol layers. Multiple network devices, such as remote access equipment, routers, switches, repeaters and network cards having security functions are configured to contribute to implementation of distributed firewall functions in the network. By distributing firewall functionality throughout many layers of the network in a variety of network devices, a pervasive firewall is implemented. The pervasive, multilayer firewall includes a policy definition component that accepts policy data that defines how the firewall should behave. The policy definition component can be a centralized component, or a component that is distributed over the network. The multilayer firewall also includes a collection of network devices that are used to enforce the defined policy. The security functions operating in this collection of network devices across multiple protocol layers are coordinated by the policy definition component so that particular devices enforce that part of the policy pertinent to their part of the network.

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式