发明名称 |
System and method for providing peer level access control on a network |
摘要 |
A system and method for providing peer-level access control on networks that carry packets of information, each packet having a 5-tuple having a source and destination address, a source and destination port, and a protocol identifier. The local rule base of a peer is dynamically loaded into a filter when the peer is authenticated, and ejected when the peer is loses authentication. The local rule base is efficiently searched through the use of hash tables wherein a hashed peer network address serves as a pointer the peer's local rules. Each rule comprises a 5-tuple and an action. The action of a rule is carried out on a packet when the 5-tuple of the rule corresponds to the 5-tuple of the packet. <IMAGE>
|
申请公布号 |
EP0854621(A1) |
申请公布日期 |
1998.07.22 |
申请号 |
EP19980100283 |
申请日期 |
1998.01.09 |
申请人 |
AT&T CORP. |
发明人 |
ZENCHELSKY, DANIEL N.;DUTTA, PARTHA P.;LONDON, THOMAS B.;VRSALOVIC, DALIBOR F.;SUEL, KARL ANDRES |
分类号 |
G06F13/00;H04L9/32;H04L29/06;(IPC1-7):H04L29/06;G06F1/00 |
主分类号 |
G06F13/00 |
代理机构 |
|
代理人 |
|
主权项 |
|
地址 |
|