WO1999012298A3 - Arrangement in a data communication system - Google Patents

Arrangement in a data communication system Download PDF

Info

Publication number
WO1999012298A3
WO1999012298A3 PCT/NO1998/000239 NO9800239W WO9912298A3 WO 1999012298 A3 WO1999012298 A3 WO 1999012298A3 NO 9800239 W NO9800239 W NO 9800239W WO 9912298 A3 WO9912298 A3 WO 9912298A3
Authority
WO
WIPO (PCT)
Prior art keywords
communication system
arrangement
data communication
configuration messages
present
Prior art date
Application number
PCT/NO1998/000239
Other languages
French (fr)
Other versions
WO1999012298A2 (en
Inventor
Boerge Nilsen
Original Assignee
Ericsson Telefon Ab L M
Boerge Nilsen
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ericsson Telefon Ab L M, Boerge Nilsen filed Critical Ericsson Telefon Ab L M
Priority to AU88205/98A priority Critical patent/AU8820598A/en
Publication of WO1999012298A2 publication Critical patent/WO1999012298A2/en
Publication of WO1999012298A3 publication Critical patent/WO1999012298A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0209Architectural arrangements, e.g. perimeter networks or demilitarized zones
    • H04L63/0218Distributed architectures, e.g. distributed firewalls

Abstract

The present invention relates to an arrangement in a data communication system, wherein users, managers and/or machines (actors) intercommunicate via ports, especially comprising a Transport Service Access Port (TSAP) comprising port number and Internet Protocol (IP) address, which ports communicate through firewalls by means of firewall classification/logic which is controlled by a bastion host therefor, and in order to resolve security issues related to such network, it is according to the present invention suggested that said bastion host is configured to accept digitally signed configuration messages from one or more distributed operator(s) and/or manager(s), for thereby ensuring integrity of said configuration messages.
PCT/NO1998/000239 1997-09-02 1998-08-14 Arrangement in a data communication system WO1999012298A2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU88205/98A AU8820598A (en) 1997-09-02 1998-08-14 Arrangement in a data communication system

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
NO974028A NO305420B1 (en) 1997-09-02 1997-09-02 Device by computer communication system, especially by communication through firewalls
NO974028 1997-09-02

Publications (2)

Publication Number Publication Date
WO1999012298A2 WO1999012298A2 (en) 1999-03-11
WO1999012298A3 true WO1999012298A3 (en) 1999-07-29

Family

ID=19901070

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/NO1998/000239 WO1999012298A2 (en) 1997-09-02 1998-08-14 Arrangement in a data communication system

Country Status (4)

Country Link
US (1) US6578151B1 (en)
AU (1) AU8820598A (en)
NO (1) NO305420B1 (en)
WO (1) WO1999012298A2 (en)

Families Citing this family (28)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6317837B1 (en) * 1998-09-01 2001-11-13 Applianceware, Llc Internal network node with dedicated firewall
US6728885B1 (en) * 1998-10-09 2004-04-27 Networks Associates Technology, Inc. System and method for network access control using adaptive proxies
US7954144B1 (en) * 2000-01-18 2011-05-31 Novell, Inc. Brokering state information and identity among user agents, origin servers, and proxies
US7296292B2 (en) * 2000-12-15 2007-11-13 International Business Machines Corporation Method and apparatus in an application framework system for providing a port and network hardware resource firewall for distributed applications
US7631349B2 (en) * 2001-01-11 2009-12-08 Digi International Inc. Method and apparatus for firewall traversal
US7237257B1 (en) * 2001-04-11 2007-06-26 Aol Llc Leveraging a persistent connection to access a secured service
US20030028806A1 (en) * 2001-08-06 2003-02-06 Rangaprasad Govindarajan Dynamic allocation of ports at firewall
FR2838843B1 (en) * 2002-04-23 2004-12-17 Cit Alcatel DEVICE FOR DYNAMICALLY ADAPTING DATA FILTERS
US20040128545A1 (en) * 2002-12-31 2004-07-01 International Business Machines Corporation Host controlled dynamic firewall system
MY141160A (en) * 2003-01-13 2010-03-31 Multimedia Glory Sdn Bhd System and method of preventing the transmission of known and unknown electronic content to and from servers or workstations connected to a common network
CN100334868C (en) * 2003-02-12 2007-08-29 联想网御科技(北京)有限公司 Dynamically switching on/off TNS protocol communication port in firewall packet filtering
US7877599B2 (en) * 2004-05-28 2011-01-25 Nokia Inc. System, method and computer program product for updating the states of a firewall
US20060059558A1 (en) * 2004-09-15 2006-03-16 John Selep Proactive containment of network security attacks
US20070282880A1 (en) * 2006-05-31 2007-12-06 Searete Llc, A Limited Liability Corporation Of The State Of Delaware Partial role or task allocation responsive to data-transformative attributes
US7752255B2 (en) * 2006-09-19 2010-07-06 The Invention Science Fund I, Inc Configuring software agent security remotely
US8601530B2 (en) * 2006-09-19 2013-12-03 The Invention Science Fund I, Llc Evaluation systems and methods for coordinating software agents
US20080072032A1 (en) * 2006-09-19 2008-03-20 Searete Llc, A Limited Liability Corporation Of The State Of Delaware Configuring software agent security remotely
US8224930B2 (en) * 2006-09-19 2012-07-17 The Invention Science Fund I, Llc Signaling partial service configuration changes in appnets
US8984579B2 (en) * 2006-09-19 2015-03-17 The Innovation Science Fund I, LLC Evaluation systems and methods for coordinating software agents
US8601104B2 (en) 2006-09-19 2013-12-03 The Invention Science Fund I, Llc Using network access port linkages for data structure update decisions
US8607336B2 (en) * 2006-09-19 2013-12-10 The Invention Science Fund I, Llc Evaluation systems and methods for coordinating software agents
US8281036B2 (en) 2006-09-19 2012-10-02 The Invention Science Fund I, Llc Using network access port linkages for data structure update decisions
US8627402B2 (en) 2006-09-19 2014-01-07 The Invention Science Fund I, Llc Evaluation systems and methods for coordinating software agents
US9306975B2 (en) * 2006-09-19 2016-04-05 The Invention Science Fund I, Llc Transmitting aggregated information arising from appnet information
US8055797B2 (en) * 2006-09-19 2011-11-08 The Invention Science Fund I, Llc Transmitting aggregated information arising from appnet information
US8041663B2 (en) * 2008-02-27 2011-10-18 International Business Machines Corporation Method for predicting problematic configurations and recommending safe configurations
US9479339B2 (en) * 2008-02-29 2016-10-25 Blackberry Limited Methods and apparatus for use in obtaining a digital certificate for a mobile communication device
US10015158B2 (en) * 2008-02-29 2018-07-03 Blackberry Limited Methods and apparatus for use in enabling a mobile communication device with a digital certificate

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1997000471A2 (en) * 1993-12-15 1997-01-03 Check Point Software Technologies Ltd. A system for securing the flow of and selectively modifying packets in a computer network
US5613012A (en) * 1994-11-28 1997-03-18 Smarttouch, Llc. Tokenless identification system for authorization of electronic transactions and electronic transmissions
WO1997026731A1 (en) * 1996-01-16 1997-07-24 Raptor Systems, Inc. Data encryption/decryption for network communication

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5825880A (en) * 1994-01-13 1998-10-20 Sudia; Frank W. Multi-step digital signature method and system
US5623601A (en) * 1994-11-18 1997-04-22 Milkway Networks Corporation Apparatus and method for providing a secure gateway for communication and data exchanges between networks
US5550984A (en) * 1994-12-07 1996-08-27 Matsushita Electric Corporation Of America Security system for preventing unauthorized communications between networks by translating communications received in ip protocol to non-ip protocol to remove address and routing services information
US5826014A (en) * 1996-02-06 1998-10-20 Network Engineering Software Firewall system for protecting network elements connected to a public network
US5892902A (en) * 1996-09-05 1999-04-06 Clark; Paul C. Intelligent token protected system with network authentication
US5896499A (en) * 1997-02-21 1999-04-20 International Business Machines Corporation Embedded security processor
US5999973A (en) * 1997-03-28 1999-12-07 Telefonaktiebolaget L M Ericsson (Publ) Use of web technology for subscriber management activities
US6170058B1 (en) * 1997-12-23 2001-01-02 Arcot Systems, Inc. Method and apparatus for cryptographically camouflaged cryptographic key storage, certification and use

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1997000471A2 (en) * 1993-12-15 1997-01-03 Check Point Software Technologies Ltd. A system for securing the flow of and selectively modifying packets in a computer network
US5613012A (en) * 1994-11-28 1997-03-18 Smarttouch, Llc. Tokenless identification system for authorization of electronic transactions and electronic transmissions
WO1997026731A1 (en) * 1996-01-16 1997-07-24 Raptor Systems, Inc. Data encryption/decryption for network communication

Also Published As

Publication number Publication date
NO974028L (en) 1999-03-03
AU8820598A (en) 1999-03-22
NO305420B1 (en) 1999-05-25
NO974028D0 (en) 1997-09-02
US6578151B1 (en) 2003-06-10
WO1999012298A2 (en) 1999-03-11

Similar Documents

Publication Publication Date Title
WO1999012298A3 (en) Arrangement in a data communication system
CN101918926B (en) Various methods and apparatuses for accessing networked devices without accessible addresses via virtual IP addresses
US5623601A (en) Apparatus and method for providing a secure gateway for communication and data exchanges between networks
CA2182777C (en) Security system for interconnected computer networks
CA2761983C (en) Method and apparatus to permit data transmission to traverse firewalls
US8291116B2 (en) Communications system
US7131141B1 (en) Method and apparatus for securely connecting a plurality of trust-group networks, a protected resource network and an untrusted network
US7522594B2 (en) Method and apparatus to permit data transmission to traverse firewalls
US8788709B1 (en) Distributed network address translation control
CA2602789C (en) Preventing duplicate sources from clients served by a network address port translator
CN101156420B (en) Method for preventing duplicate sources from clients served by a network address port translator
US7587758B2 (en) Systems and methods for distributing data packets over a communication network
CA2476552A1 (en) Methods and systems for resolving addressing conflicts based on tunnel information
KR20020079979A (en) Network address translation gateway for local area networks using local ip addresses and non-translatable port addresses
US20070014301A1 (en) Method and apparatus for providing static addressing
EP1701516A1 (en) Method for facilitating application server functionality and access node comprising same
WO2004047402A1 (en) Management of network security domains
US8146144B2 (en) Method and system for the transparent transmission of data traffic between data processing devices, corresponding computer program product, and corresponding computer-readable storage medium
RU2292118C2 (en) Protectability in wide-area networks
US20050086533A1 (en) Method and apparatus for providing secure communication
CA2136150C (en) Apparatus and method for providing a secure gateway for communication and data exchanges between networks
EP1379037B1 (en) Packet routing based on user ID in virtual private networks
CN101116303A (en) Method for routing internet connections via network gateways
GB2330991A (en) Routing data packets
JPH09233113A (en) Filtering condition setting method with respect to filtering device

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AL AM AT AU AZ BA BB BG BR BY CA CH CN CU CZ DE DK EE ES FI GB GE GH GM HR HU ID IL IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT UA UG US UZ VN YU ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW SD SZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
121 Ep: the epo has been informed by wipo that ep was designated in this application
AK Designated states

Kind code of ref document: A3

Designated state(s): AL AM AT AU AZ BA BB BG BR BY CA CH CN CU CZ DE DK EE ES FI GB GE GH GM HR HU ID IL IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT UA UG US UZ VN YU ZW

AL Designated countries for regional patents

Kind code of ref document: A3

Designated state(s): GH GM KE LS MW SD SZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

NENP Non-entry into the national phase

Ref country code: KR

REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: CA