Abstract: A method and mechanism of enforcing community access control in a computer network, wherein access to objects by users and processes is controlled. A Multi-Community Node (MCN) processes information for users in multiple communities and must enforce a community separation policy. The enforcement method and mechanism use a database of associations of sets of communities corresponding to users, processes, and system objects. Upon receiving a request for access to an object by a user, the MCN permits access if a user community set (UCS) of the user is a superset of an object community set (OCS) of the object; otherwise, access is denied. Upon receiving a request for access to an object by a process, the MCN permits access if an application process community set (ACS) of the process is a superset the OCS of the object; otherwise, access is denied.

Abstract: A method and mechanism of controlling information flow in a firewall. A firewall controls the flow of information between different communities. The enforcement method and mechanism uses a database of associations of sets of communities corresponding to network addresses. Upon receiving an incoming data packet, a packet community set (PCS) is deterined for the data packet. If the PCS is not a subset of an interface community set (IFCS) of the interface upon which the data packet was received, the data packet is discarded. Otherwise, a firewall rule match is determined for the data packet. If a rule match is detected, a PCS attribute of the matching rule is compared to the PCS of the data packet. If the PCS attribute of the rule matches the PCS of the data packet and the rule indicates the data packet is to be forwarded, the PCS of the data packet is changed to a second PCS indicated by the matching rule.

Abstract: A method and mechanism of enforcing, in a computer network, a community separation policy wherein the data of a particular user community should be accessible only by members of that community. A Multi-Community Node (MCN) processes information for users in multiple communities and must enforce the community separation policy. In a closed MCN, which runs only applications trusted to enforce the community separation policy, the method and mechanism performs a set of checks on packets received from and to be transmitted on a network, to ensure that all communications comply with the community separation policy. The checks (1) prevent communications from a network used by one community or communities to a network used by different communities; (2) ensure that packets sent by the MCN are output on an interface attached to a network for the intended community; and (3) detect when remote nodes communicating with the MCN spoof their source network address to masquerade as a node in another community.

Abstract: A method and mechanism of enforcing, in a computer network, a community separation policy wherein the data of a particular user community should be accessible only by members of that community. A Multi-Community Node (MCN) processes information for users in multiple communities and must enforce the community separation policy. In an open MCN, which may run both trusted and untrusted applications, the method and mechanism performs a set of checks on packets received from and to be transmitted on a network, and on application processes which correspond to those packets, to ensure that all communications comply with the community separation policy. The enforcement method and mechanism use a database of associations of sets of communities corresponding to ports, applications, and other network addresses within the computer network.

Abstract: A method and mechanism of enforcing community access control in a computer network, wherein access to objects by users and processes is controlled. A Multi-Community Node (MCN) processes information for users in multiple communities and must enforce a community separation policy. The enforcement method and mechanism use a database of associations of sets of communities corresponding to users, processes, and system objects. Upon receiving a request for access to an object by a user, the MCN permits access if a user community set (UCS) of the user is a superset of an object community set (OCS) of the object; otherwise, access is denied. Upon receiving a request for access to an object by a process, the MCN permits access if an application process community set (ACS) of the process is a superset the OCS of the object; otherwise, access is denied.

Abstract: A method and mechanism of controlling information flow in a firewall. A firewall controls the flow of information between different communities. The enforcement method and mechanism uses a database of associations of sets of communities corresponding to network addresses. Upon receiving an incoming data packet, a packet community set (PCS) is deterined for the data packet. If the PCS is not a subset of an interface community set (IFCS) of the interface upon which the data packet was received, the data packet is discarded. Otherwise, a firewall rule match is determined for the data packet. If a rule match is detected, a PCS attribute of the matching rule is compared to the PCS of the data packet. If the PCS attribute of the rule matches the PCS of the data packet and the rule indicates the data packet is to be forwarded, the PCS of the data packet is changed to a second PCS indicated by the matching rule.

Abstract: A method and mechanism of enforcing, in a computer network, a community separation policy wherein the data of a particular user community should be accessible only by members of that community. A Multi-Community Node (MCN) processes information for users in multiple communities and must enforce the community separation policy. In an open MCN, which may run both trusted and untrusted applications, the method and mechanism performs a set of checks on packets received from and to be transmitted on a network, and on application processes which correspond to those packets, to ensure that all communications comply with the community separation policy. The enforcement method and mechanism use a database of associations of sets of communities corresponding to ports, applications, and other network addresses within the computer network.

Abstract: A method and mechanism of enforcing, in a computer network, a community separation policy wherein the data of a particular user community should be accessible only by members of that community. A Multi-Community Node (MCN) processes information for users in multiple communities and must enforce the community separation policy. In a closed MCN, which runs only applications trusted to enforce the community separation policy, the method and mechanism performs a set of checks on packets received from and to be transmitted on a network, to ensure that all communications comply with the community separation policy. The checks (1) prevent communications from a network used by one community or communities to a network used by different communities; (2) ensure that packets sent by the MCN are output on an interface attached to a network for the intended community; and (3) detect when remote nodes communicating with the MCN spoof their source network address to masquerade as a node in another community.