Firewall system for protecting network elements connected to a public network

Patent 5826014 Issued on October 20, 1998. Estimated Expiration Date:

February 6, 2016. Estimated Expiration Date is calculated based on simple USPTO term provisions. It does not account for terminal disclaimers, term adjustments, failure to pay maintenance fees, or other factors which might affect the term of a patent.

Abstract Claims Description Full Text

Patent References

Secure data processing system architecture with format control
Patent #: 4713753
Issued on: 12/15/1987
Inventor: Boebert , et al.

Financial transaction system
Patent #: 4727243
Issued on: 02/23/1988
Inventor: Savar

Method and apparatus for enhancing security of communications in a packet-switched data communications system
Patent #: 4799153
Issued on: 01/17/1989
Inventor: Hann , et al.

Interactive market management system
Patent #: 4799156
Issued on: 01/17/1989
Inventor: Shavit , et al.

Method and apparatus for protecting material on storage media and for transferring material on storage media to various recipients
Patent #: 5191611
Issued on: 03/02/1993
Inventor: Lang

One-time logon means and methods for distributed computing systems
Patent #: 5241594
Issued on: 08/31/1993
Inventor: Kung

Method and apparatus for key-management scheme for use with internet protocols at site firewalls
Patent #: 5416842
Issued on: 05/16/1995
Inventor: Aziz

Method of verifying identification data in data driven information processing system
Patent #: 5483661
Issued on: 01/09/1996
Inventor: Yoshida, et al.

System for increasing the difficulty of password guessing attacks in a distributed authentication scheme employing authentication tokens
Patent #: 5491752
Issued on: 02/13/1996
Inventor: Kaufman, et al.

Personal key archive
Patent #: 5495533
Issued on: 02/27/1996
Inventor: Linehan, et al.

More ...

Inventors

Assignee

Network Engineering Software

Application

No. 595957 filed on 02/06/1996

Examiners

Primary: Beausoliel, Robert W. Jr.
Assistant: Elmore, Stephen C.

Attorney, Agent or Firm

McDonnell Boehnen Hulbert & Berghoff

International Class

G06F 012/14

Abstract

Providing a firewall for isolating network elements from a publicly accessible network to which such network elements are attached. The firewall operates on a stand alone computer connected between the public network and the network elements to be protected such that all access to the protected network elements must go through the firewall. The firewall application running on the stand alone computer is preferably the only application running on that machine. The application includes a variety of proxy agents that are specifically assigned to an incoming request in accordance with the service protocol (i.e., port number) indicated in the incoming access request. An assigned proxy agent verifies the authority of an incoming request to access a network element indicated in the request. Once verified, the proxy agent completes the connection to the protected network element on behalf of the source of the incoming request.

Other References

Goldberg, "The Mitre Security Perimeter", Computer Security Applications Conference, 1994, pp. 212-218
Bellovin et al., "Network Firewalls", IEEE Communications Magazine, Sep. 1994, pp. 50-57
Stempel, "IpAccess--An Internet Service Access System for Firewall Installations", 1995, Network and Distributed System Security, pp. 31-41
Aicklen et al., "Remote Control of Diverse Network Elements Using SNMP", IEEE, 1995 pp. 673-677
Neuman, (1993) "Proxy Based Authorization And Accounting For Distributed Systems." IEEE, pp. 283-29