Computer network security system and method having unilateral enforceable security policy provision
US6202157A · kind A · utility
Assignee
Inventors
Key dates
| Filing date | Dec 8, 1997 |
| Grant date | Mar 13, 2001 |
| Priority date | — |
| Expiry date | Dec 8, 2017 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/126
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A computer network security system and method utilizes digitally signed and centrally assigned policy data, such as password length rules, that is unilaterally enforced at network nodes by node policy enforcement engines. The policy data may be variable on a per client or network node basis through a centralized authority, such as a certification authority. The computer network security system provides variable security policy rule data for distribution to at least one network node through a central security policy rule data distribution source, such as the certification authority. The central security policy rule data distribution source associates a digital signature to the variable security policy rule data to ensure the integrity of the policies in the system. Each network node uses a policy rule data engine and policy rule table to decode policy rule data and enforce the policy rules as selectively determined through the central authority.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.