Patents by Inventor Keith M. Skinner

Keith M. Skinner has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 9571523
    Abstract: A network security policy may be implemented at network switches as a set of active packet disposition directives. In a dynamically programmable network, the network switches can be dynamically reprogrammed with packet disposition directives. A security actuator receives flow policy directives from a number of network applications. The flow policy directives express higher-level network security policy goals, including blocking and/or redirecting network traffic. The security actuator converts a flow policy directive into one or more packet disposition directives. The packet disposition directives may include trigger rules to cause network communications to be monitored for matching trigger packets. An automated mechanism initiated by the security actuator may cause trigger packets to be forwarded to the security actuator for analysis. The security actuator may generate packet disposition directives in response to receiving the trigger packets.
    Type: Grant
    Filed: July 2, 2014
    Date of Patent: February 14, 2017
    Assignee: SRI INTERNATIONAL
    Inventors: Phillip A. Porras, Keith M. Skinner, Steven M. Dawson
  • Publication number: 20140317684
    Abstract: A network security policy may be implemented at network switches as a set of active packet disposition directives. In a dynamically programmable network, the network switches can be dynamically reprogrammed with packet disposition directives. A security actuator receives flow policy directives from a number of network applications. The flow policy directives express higher-level network security policy goals, including blocking and/or redirecting network traffic. The security actuator converts a flow policy directive into one or more packet disposition directives. The packet disposition directives may include trigger rules to cause network communications to be monitored for matching trigger packets. An automated mechanism initiated by the security actuator may cause trigger packets to be forwarded to the security actuator for analysis. The security actuator may generate packet disposition directives in response to receiving the trigger packets.
    Type: Application
    Filed: July 2, 2014
    Publication date: October 23, 2014
    Inventors: Phillip A. Porras, Keith M. Skinner, Steven M. Dawson