WO2001099372A3 - Efficient evaluation of rules - Google Patents
Efficient evaluation of rules Download PDFInfo
- Publication number
- WO2001099372A3 WO2001099372A3 PCT/US2001/019332 US0119332W WO0199372A3 WO 2001099372 A3 WO2001099372 A3 WO 2001099372A3 US 0119332 W US0119332 W US 0119332W WO 0199372 A3 WO0199372 A3 WO 0199372A3
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- rules
- efficient evaluation
- minimizes
- determining
- way
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/50—Network service management, e.g. ensuring proper service fulfilment according to agreements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0894—Policy-based network configuration management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0263—Rule management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
- H04L63/166—Implementing security features at a particular protocol layer at the transport layer
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/06—Generation of reports
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/08—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
- H04L43/0805—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/08—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
- H04L43/0823—Errors, e.g. transmission errors
- H04L43/0829—Packet loss
- H04L43/0841—Round trip packet loss
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/08—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
- H04L43/0823—Errors, e.g. transmission errors
- H04L43/0847—Transmission error
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/08—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
- H04L43/0852—Delays
- H04L43/0864—Round trip delays
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/22—Parsing or analysis of headers
Abstract
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
AU2001268492A AU2001268492A1 (en) | 2000-06-16 | 2001-06-15 | Efficient evaluation of rules |
Applications Claiming Priority (6)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US21212600P | 2000-06-16 | 2000-06-16 | |
US60/212,126 | 2000-06-16 | ||
US09/826,602 | 2001-04-05 | ||
US09/826,602 US20020093527A1 (en) | 2000-06-16 | 2001-04-05 | User interface for a security policy system and method |
US09/878,093 US7143439B2 (en) | 2000-01-07 | 2001-06-08 | Efficient evaluation of rules |
US09/878,093 | 2001-06-08 |
Publications (2)
Publication Number | Publication Date |
---|---|
WO2001099372A2 WO2001099372A2 (en) | 2001-12-27 |
WO2001099372A3 true WO2001099372A3 (en) | 2002-05-10 |
Family
ID=27395692
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/US2001/019332 WO2001099372A2 (en) | 2000-06-16 | 2001-06-15 | Efficient evaluation of rules |
Country Status (2)
Country | Link |
---|---|
AU (1) | AU2001268492A1 (en) |
WO (1) | WO2001099372A2 (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8849993B2 (en) | 2000-06-16 | 2014-09-30 | Intel Corporation | Method and apparatus for rate limiting |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
GB2387681A (en) * | 2002-04-18 | 2003-10-22 | Isis Innovation | Intrusion detection system with inductive logic means for suggesting new general rules |
US10541872B2 (en) | 2015-03-31 | 2020-01-21 | Hewlett Packard Enterprise Development Lp | Network policy distribution |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP0854621A1 (en) * | 1997-01-17 | 1998-07-22 | AT&T Corp. | System and method for providing peer level access control on a network |
EP1006701A2 (en) * | 1998-12-03 | 2000-06-07 | Lucent Technologies Inc. | Adaptive re-ordering of data packet filter rules |
-
2001
- 2001-06-15 WO PCT/US2001/019332 patent/WO2001099372A2/en active Application Filing
- 2001-06-15 AU AU2001268492A patent/AU2001268492A1/en not_active Abandoned
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP0854621A1 (en) * | 1997-01-17 | 1998-07-22 | AT&T Corp. | System and method for providing peer level access control on a network |
EP1006701A2 (en) * | 1998-12-03 | 2000-06-07 | Lucent Technologies Inc. | Adaptive re-ordering of data packet filter rules |
Non-Patent Citations (1)
Title |
---|
THOMSEN D ET AL: "NAPOLEON NETWORK APPLICATION POLICY ENVIRONMENT", PROCEEDINGS 4TH. ACM WORKSHOP ON ROLE-BASED ACCESS CONTROL. FAIRFAX, VA, OCT. 28 - 29, 1999, ACM ROLE-BASED ACCESS CONTROL WORKSHOP, NEW YORK, NY: ACM, US, 28 October 1999 (1999-10-28), pages 145 - 152, XP000958112, ISBN: 1-58113-180-1 * |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8849993B2 (en) | 2000-06-16 | 2014-09-30 | Intel Corporation | Method and apparatus for rate limiting |
Also Published As
Publication number | Publication date |
---|---|
AU2001268492A1 (en) | 2002-01-02 |
WO2001099372A2 (en) | 2001-12-27 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2002079949A3 (en) | Internet security system | |
AU2001268408A1 (en) | Method and device for network security monitoring | |
AU2002344308A1 (en) | Method and system for implementing security devices in a network | |
WO2002003180A3 (en) | Layered defense-in-depth knowledge-based data management | |
AU2002213275A1 (en) | Method and system for authenticating a network user | |
AU2002301853A1 (en) | Locking device, locker, key and locking method | |
AU2001268325A1 (en) | Method and apparatus for batched network security protection server performance | |
HK1055363A1 (en) | Method and apparatus for preventing unauthorized access by a network device. | |
AU2001255641A1 (en) | Method and system for intrusion detection in a computer network | |
AU2001241625A1 (en) | System and method for identifying and blocking pornographic and other web content on the internet | |
AU2001288983A1 (en) | Method and system for forming a list-based value discovery network | |
AU2002350759A1 (en) | Application gateway system, and method for maintaining security in a packet-switched information network | |
GB2409388B (en) | System and method for IEEE 802.1X user authentication in a network entry device | |
AU3640799A (en) | Apparatus and method for trusted network security | |
EP1481508A4 (en) | Multi-method gateway-based network security systems and methods | |
AU3724897A (en) | Apparatus and methods for transmission security in a computer network | |
AU2002239500A1 (en) | Cryptographic data security system and method | |
AU2001271039A1 (en) | Fingerprint collation apparatus, fingerprint collation method, and fingerprint collation program | |
AU4833300A (en) | Apparatus and methods for analyzing multiple network security vulnerabilities | |
AU2001269870A1 (en) | System and method for security policy | |
AU7797198A (en) | Internet, intranet and other network communication security systems utilizing entrance and exit keys | |
AU2002211049A1 (en) | Fingerprint identifying method and security system using the same | |
HUP0400498A2 (en) | Method for securing the authenticity of hardware and software in a network | |
AU2002244241A1 (en) | Security token and access point networking | |
WO2001099372A3 (en) | Efficient evaluation of rules |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A2 Designated state(s): AE AL AM AT AU AZ BA BB BG BR BY CA CH CN CR CU CZ DE DK DM EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG UZ VN YU ZA ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A2 Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
REG | Reference to national code |
Ref country code: DE Ref legal event code: 8642 |
|
DFPE | Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101) | ||
122 | Ep: pct application non-entry in european phase | ||
NENP | Non-entry into the national phase |
Ref country code: JP |