User specific automatic data redirection system

A data redirection system for redirecting user's data based on a stored rule set. The redirection of data is performed by a redirection server, which receives the redirection rule sets for each user from an authentication and accounting server, and a database. Prior to using the system, users authenticate with the authentication and accounting server, and receive a network address. The authentication and accounting server retrieves the proper rule set for the user, and communicates the rule set and the user's address to the redirection server. The redirection server then implements the redirection rule set for the user's address. Rule sets are removed from the redirection server either when the user disconnects, or based on some predetermined event. New role sets are added to the redirection server either when a user connects, or based on some predetermined event.

Skip to: Description  ·  Claims  ·  References Cited  · Patent History  ·  Patent History
Description
RELATED APPLICATION

This application claims priority of U.S. Provisional Application No. 60/084,014 filed May 4, 1998, the disclosure of which is incorporated fully herein by reference.

FIELD OF THE INVENTION

This invention relates to the field of Internet communications, more particularly, to a database system for use in dynamically redirecting and filtering Internet traffic.

BACKGROUND OF THE INVENTION

In prior art systems as shown in FIG. 1 when an Internet user establishes a connection with an Internet Service Provider (ISP), the user first makes a physical connection between their computer 100 and a dial-up networking server 102, the user provides to the dial-up networking server their user ID and password. The dial-up networking server then passes the user ID and password, along with a temporary Internet Protocol (IP) address for use by the user to the ISP's authentication and accounting server 104. A detailed description of the IP communications protocol is discussed in Internetworking with TCP/IP, 3rd ed., Douglas Comer, Prentice Hall, 1995, which is fully incorporated herein by reference. The authentication and accounting server, upon verification of the user ID and password using a database 106 would send an authorization message to the dial-up networking server 102 to allow the user to use the temporary IP address assigned to that user by the dial-up networking server and then logs the connection and assigned IP address. For the duration of that session, whenever the user would make a request to the Internet 110 via a gateway 108, the end user would be identified by the temporarily assigned IP address.

The redirection of Internet traffic is most often done with World Wide Web (WWW) traffic (more specifically, traffic using the HTTP (hypertext transfer protocol)). However, redirection is not limited to WWW traffic, and the concept is valid for all IP services. To illustrate how redirection is accomplished, consider the following example, which redirects a user's request for a WWW page (typically an html (hypertext markup language) file) to some other WWW page. First, the user instructs the WWW browser (typically software running on the user's PC) to access a page on a remote WWW server by typing in the URL (universal resource locator) or clicking on a URL link. Note that a URL provides information about the communications protocol, the location of the server (typically an Internet domain name or IP address), and the location of the page on the remote server. The browser next sends a request to the server requesting the page. In response to the user's request, the web server sends the requested page to the browser. The page, however, contains html code instructing the browser to request some other WWW page—hence the redirection of the user begins. The browser then requests the redirected WWW page according to the URL contained in the first page's html code. Alternately, redirection can also be accomplished by coding the page such that it instructs the browser to run a program, like a Java applet or the like, which then redirects the browser. One disadvantage with current redirection technology is that control of the redirection is at the remote end, or WWW server end—and not the local, or user end. That is to say that the redirection is performed by the remote server, not the user's local gateway.

Filtering packets at the Internet Protocol (IP) layer has been possible using a firewall device or other packet filtering device for several years. Although packet filtering is most often used to filter packets coming into a private network for security purposes, once properly programed, they can filter outgoing packets sent from users to a specific destination as well. Packet filtering can distinguish, and filter based on, the type of IP service contained within an IP packet. For example, the packet filter cart determine if the packet contains FTP (file transfer protocol) data, WWW data, or Telnet session data. Service identification is achieved by identifying the terminating port number contained within each IP packet header. Port numbers are standard within the industry to allow for interoperability between equipment. Packet filtering devices allow network administrators to filter packets based on the source and/or destination information, as well as on the type of service being transmitted within each IP packet. Unlike redirection technology, packet filtering technology allows control at the local end of the network connection, typically by the network administrator. However, packet filtering is very limited because it is static. Once packet filtering rule sets are programed into a firewall or other packet filter device, the rule set can only be changed by manually reprogramming the device.

Packet filter devices are often used with proxy server systems, which provide access control to the Internet and are most often used to control access to the world wide web. In a typical configuration, a firewall or other packet filtering device filters all WWW requests to the Internet from a local network, except for packets from the proxy server. That is to say that a packet filter or firewall blocks all traffic originating from within the local network which is destined for connection to a remote server on port 80 (the standard WWW port number). However, the packet filter or firewall permits such traffic to and from the proxy server. Typically, the proxy server is programed with a set of destinations that are to be blocked, and packets destined for blocked addresses are not forwarded. When the proxy server receives a packet, the destination is checked against a database for approval. If the destination is allowed, the proxy server simply forwards packets between the local user and the remote server outside the firewall. However, proxy servers are limited to either blocking or allowing specific system terminals access to remote databases.

A recent system is disclosed in U.S. Pat. No. 5,696,898. This patent discloses a system, similar to a proxy server, that allows network administrators to restrict specific IP addresses inside a firewall from accessing information from certain public or otherwise uncontrolled databases (i.e., the WWW/Internet). According to the disclosure, the system has a relational database which allows network administrators to restrict specific terminals, or groups of terminals, from accessing certain locations. Similarly limited as a proxy server, this invention can only block or allow terminals' access to remote sites. This system is also static in that rules programmed into the database need to be reprogramming in order to change which locations specific terminals may access.

SUMMARY OF THE INVENTION

The present invention allows for creating and implementing dynamically changing rules, to allow the redirection, blocking, or allowing, of specific data traffic for specific users, as a function of database entries and the user's activity. In certain embodiments according to the present invention, when the user connects to the local network, as in the prior art system, the user's ID and password are sent to the authentication accounting server. The user ID and password are checked against information in an authentication database. The database also contains personalized filtering and redirection information for the particular user ID. During the connection process, the dial-up network server provides the authentication accounting server with the IP address that is going to be temporarily assigned to the user. The authentication accounting server then sends both the user's temporary IP address and all of the particular user's filter and redirection information to a redirection server. The IP address temporarily assigned to the end user is then sent back to the end user for use in connecting to the network.

Once connected to the network, all data packets sent to, or received by, the user include the user's temporary IP address in the IP packet header. The redirection server uses the filter and redirection information supplied by the authentication accounting server, for that particular IP address, to either allow packets to pass through the redirection server unmolested, block the request all together, or modify the request according to the redirection information.

When the user terminates the connection with the network, the dial-up network server informs the authentication accounting server, which in turn, sends a message to the redirection server telling it to remove any remaining filtering and redirection information for the terminated user's temporary IP address. This then allows the dial-up network to reassign that IP address to another user. In such a case, the authentication accounting server retrieves the new user's filter and redirection information from the database and passes it, with the same IP address which is now being used by a different user, to the redirection server. This new user's filter may be different from the first user's filter.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a block diagram of a typical Internet Service Provider environment.

FIG. 2 is a block diagram of an embodiment of an Internet Service Provider environment with integrated redirection system.

 DETAILED DESCRIPTION OF THE INVENTION

In the following embodiments of the invention, common reference numerals are used to represent the same components. If the features of an embodiment are incorporated into a single system, these components can be shared and perform all the functions of the described embodiments.

FIG. 2. shows a typical Internet Service Provider (ISP) environment with integrated user specific automatic data redirection system. In a typical use of the system, a user employs a personal computer (PC) 100, which connects to the network. The system employs: a dial-up network server 102, an authentication accounting server 204, a database 206 and a redirection server 208.

The PC 100 first connects to the dial-up network server 102. The connection is typically created using a computer modem, however a local area network (LAN) or other communications link can be employed. The dial-up network server 102 is used to establish a communications link with the user's PC 100 using a standard communications protocol. In the preferred embodiment Point to Point Protocol (PPP) is used to establish the physical link between the PC 100 and the dial-up network server 102, and to dynamically assign the PC 100 an IP address from a list of available addresses. However, other embodiments may employ different communications protocols, and the IP address may also be permanently assigned to the PC 100. Dial-up network servers 102. PPP and dynamic IP address assignment are well known in the art.

An authentication accounting server with Auto-Navi component (hereinafter, authentication accounting server) 204 is used to authenticate user ID and permit, or deny, access to the network. The authentication accounting server 204 queries the database 206 to determine if the user ID is authorized to access the network. If the authentication accounting server 204 determines the user ID is authorized, the authentication accounting server 204 signals the dial-up network server 102 to assign the PC 100 an IP address, and the Auto-Navi component of the authentication accounting server 204 sends the redirection server 208 (1) the filter and redirection information stored in database 206 for that user ID and (2) the temporarily assigned IP address for the session. One example of an authentication accounting server is discussed in U S. Pat. No. 5,845,070, which is fully incorporated here by reference. Other types of authentication accounting servers are known in the art. However, these authentication accounting servers lack an Auto-Navi component.

The system described herein operates based on user Id's supplied to it by a computer. Thus the system does not “know” who the human being “user” is at the keyboard of the computer that supplies a user ID. However, for the purposes of this detailed description. “user” will often be used as a short hand expression for “the person supplying inputs to a computer that is supplying the system with a particular user ID.”

The database 206 is a relational database which stores the system data. FIG. 3 shows one embodiment of the database structure. The database, in the preferred embodiment, includes the following fields: a user account number, the services allowed or denied each user (for example: e-mail, Telnet, FTP, WWW), and the locations each user is allowed to access.

Rule sets are employed by the system and are unique for each user ID, or a group of user ID's. The rule sets specify elements or conditions about the user's session. Rule sets may contain data about a type of service which may or may not be accessed, a location which may or may not be accessed, how long to keep the rule set active, under what conditions the rule set should be removed, when and how to modify the rule set during a session, and the like. Rule sets may also have a preconfigured maximum lifetime to ensure their removal from the system.

The redirection server 208 is logically located between the user's computer 100 and the network, and controls the user's access to the network. The redirection server 208 performs all the central tasks of the system. The redirection server 208 receives information regarding newly established sessions from the authentication accounting server 204. The Auto-Navi component of the authentication accounting server 204 queries the database for the rule set to apply to each new session, and forwards the rule set and the currently assigned IP address to the redirection server 208. The redirection server 208 receives the IP address and rule set, and is programed to implement the rule set for the IP address, as well as other attendant logical decisions such as: checking data packets and blocking or allowing the packets as a function of the rule sets, performing the physical redirection of data packets based on the rule sets, and dynamically changing the rule sets based on conditions. When the redirection server 208 receives information regarding a terminated session from the authentication accounting server 204, the redirection server 208 removes any outstanding rule sets and information associated with the session. The redirection server 208 also checks for and removes expired ride sets from time to time.

In an alternate embodiment, the redirection server 208 reports all or some selection of session information to the database 206. This information may then be used for reporting, or additional rule set generation.

System Features Overview

In the present embodiment, each specific user may be limited to, or allowed, specific IP services, such as WWW, FTP and Telnet. This allows a user, for example, WWW access, but not FTP access or Telnet access. A user's access can be dynamically changed by editing the user's database record and commanding the Auto-Navi component of the authentication accounting server 204 to transmit the user's new rule set and current IP address to the redirection server 208.

A user's access can be “locked” to only allow access to one location, or a set of locations, without affecting other users' access. Each time a locked user attempts to access another location, the redirection server 208 redirects the user to a default location. In such a case, the redirection server 208 acts either as proxy for the destination address, or in the case of WWW traffic the redirection server 208 replies to the user's request with a page containing a redirection command.

A user may also be periodically redirected to a location, based on a period of time or some other condition. For example, the user will first be redirected to a location regardless of what location the user attempts to reach, then permitted to access other locations, but every ten minutes the user is automatically redirected to the first location. The redirection server 208 accomplishes such a rule set by setting an initial temporary rule set to redirect all traffic; after the user accesses the redirected location, the redirection server then either replaces the temporary rule set with the user's standard rule set or removes the rule set altogether from the redirection server 208. After a certain or variable time period, such as ten minutes, the redirection server 208 reinstates the rule set again.

The following steps describe details of a typical user session:

    • A user connects to the dial-up network server 102 through computer 100.
    • The user inputs user ID and password to the dial-up network server 102 using computer 100 which forwards the information to the authentication accounting server 204
    • The authentication accounting server 204 queries database 206 and performs validation check of user ID and password.
    • Upon a successful user authentication, the dial-up network server 102 completes the negotiation and assigns an IP address to the user. Typically, the authentication accounting server 204 logs the connection in the database 206.
    • The Auto-Navi component of the authentication accounting server 204 then sends both the user's rule set (contained in database 206) and the user's IP address (assigned by the dial-up network server 102) in real time to the redirection server 208 so that it can filter the user's IP packets.
    • The redirection server 208 programs the rule set and IP address so as to control (filter, block, redirect, and the like) the user's data as a function of the rule set.

The following is an example of a typical user's rule set, attendant logic and operation:

If the rule set for a particular user (i.e., user UserID-2) was such as to only allow that user to access the web site www.us.com, and permit Telnet services, and redirect all web access from any server at xyz.com to www.us.com, then the logic would be as follows:

The database 206 would contain the following record for user UserID-2:

ID UserID-2 Password: secret ################ ### Rule Sets ### ################ #service rule expire http www.us.com 0 http *.xyz.com=>www.us.com 0
    • the user initiates a session, and sends the correct user ID and password (UserID-2 and secret) to the dial-up network server 102. As both the user ID and password are correct, the authentication accounting server 204 authorizes the dial-up network server 102 to establish a session. The dial-up network server 102 assigns UserID-2 an IP address (for example, 10.0.0.1) to the user and passes the IP address to the authentication accounting server 204.
    • The Auto-Navi component of the authentication accounting server 204 sends both the user's rule set and the user's IP address (10.0.0.1) to the redirection server 208.
    • The redirection server 208 programs the rule set and IP address so as to filter and redirect the user's packets according to the rule set. The logic employed by the redirection server 208 to implement the rule set is as follows:
      • IF source IP-address=10.0.0.1 AND
        • ( ((request type=HTTP) AND (destination address=www.us.com) ) OR (request type=Telnet)
        • ) THEN ok.
      • IF source IP-address=10.0.0.1 AND
        • ( (request type=HTTP) AND (destination address=*.xyz.com)
        • ) THEN (redirect=www.us.com)

The redirection server 208 monitors all the IP packets, checking each against the rule set. In this situation, if IP address 10.0.0.1 (the address assigned to user ID UserID-2) attempts to send a packet containing HTTP data (i.e., attempts to connect to port 80 on any machine within the xyz.com domain) the traffic is redirected by the redirection server 208 to www.us.com. Similarly, if the user attempts to connect to any service other then HTTP at www.us.com or Telnet anywhere, the packet will simply be blocked by the redirection server 208.

When the user logs out or disconnects from the system, the redirection server will remove all remaining rule sets.

The following is another example of a typical user's rule set, attendant logic and operation:

If the rule set for a particular user (i.e., user UserID-3) was to force the user to visit the web site www.widgetsell.com, first, then to have unfettered access to other web sites, then the logic would be as follows:

The database 206 would contain the following record for user UserID-3;

ID UserID-3 Password: top-secret ################ ### Rule Sets ### ################ #service rule expire http *=>www.widgetsell.com 1x
    • the user initiates a session, and sends the correct user ID and password (UserID-3 and top-secret) to the dial-up network server 102. As both the user ID and password are correct, the authentication accounting server 204 authorizes the dial-up network server 102 to establish a session. The dial-up network server 102 assigns user ID 3 an IP address (for example, 10.0.0.1) to the user and passes the IP address to the authentication accounting server 204.
    • The Auto-Navi component of the authentication accounting server 204 sends both the user's rule set and the user's IP address (10.0.0.1) to the redirection server 208.
    • The redirection server 208 programs the rule set and IP address so as to filter and redirect the user's packets according to the rule set. The logic employed by the redirection server 208 to implement the rule set is as follows:
      • IF source IP-address=10.0.0.1 AND
        • (request type=HTTP) THEN (redirect=www.widgetsell.com)
      • THEN SET NEW RULE
      • IF source IP-address=10.0.0.1 AND
        • (request type=HTTP) THEN ok.

The redirection server 208 monitors all the IP packets, checking each against the rule set. In this situation, if IP address 10.0.0.1 (the address assigned to user ID UserID-3) attempts to send a packet containing HTTP data (i.e., attempts to connect to port 80 on any machine) the traffic is redirected by the redirection server 208 to www.widgetsell.com. Once this is done, the redirection server 208 will remove the rule set and the user if free to use the web unmolested.

When the user logs out or disconnects from the system, the redirection server will remove all remaining rule sets.

In an alternate embodiment a user may be periodically redirected to a location, based on the number of other factors, such as the number of locations accessed, the time spent at a location, the types of locations accessed, and other such factors.

A user's account can also be disabled after the user has exceeded a length of time. The authentication accounting server 204 keeps track of user's time online. Prepaid use subscriptions can thus be easily managed by the authentication accounting Server 204.

In yet another embodiment, signals from the Internet 110 side of redirection server 208 can be used to modify rule sets being used by the redirection server. Preferably, encryption and/or authentication are used to verify that the server or other computer on the Internet 110 side of redirection server 208 is authorized to modify the rule set or rule sets that are being attempted to be modified. An example of this embodiment is where it is desired that a user be redirected to a particular web site until the fill out a questionnaire or satisfy some other requirement on such a web site. In this example, the redirection server redirects a user to a particular web site that includes a questionnaire. After this web site receives acceptable data in all required fields, the web site then sends an authorization to the redirection server that deletes the redirection to the questionnaire web site from the rule set for the user who successfully completed the questionnaire. Of course, the type of modification an outside server can make to a rule set on the redirection server is not limited to deleting a redirection rule, but can include any other type of modification to the rule set that is supported by the redirection server as discussed above.

It will be clear to one skilled in the art that the invention may be implemented to control (block, allow and redirect) any type of service, such as Telnet, FTP, WWW and the like. The invention is easily programmed to accommodate new services or networks and is not limited to those services and networks (e.g., the Internet) now know in the art.

It will also be clear that the invention may be implemented on a non-IP based networks which implement other addressing schemes, such as IPX, MAC addresses and the like. While the operational environment detailed in the preferred embodiment is that of an ISP connecting users to the Internet, it will be clear to one skilled in the art that the invention may be implemented in any application where control over users' access to a network or network resources is needed, such as a local area network, wide area network and the like. Accordingly, neither the environment nor the communications protocols are limited to those discussed.

Claims

1. A system comprising:

a database with entries correlating each of a plurality of user IDs with an individualized rule set;
a dial-up network server that receives user IDs from users' computers;
a redirection server connected to the dial-up network server and a public network, and
an authentication accounting server connected to the database, the dial-up network server and the redirection server;
wherein the dial-up network server communicates a first user ID for one of the users' computers and a temporarily assigned network address for the first user ID to the authentication accounting server;
wherein the authentication accounting server accesses the database arid communicates the individualized rule set that correlates with the first user ID and the temporarily assigned network address to the redirection server; and
wherein data directed toward the public network from the one of the users' computers are processed by the redirection server according to the individualized rule set.

2. The system of claim 1, wherein the redirection server further provides control over a plurality of data to and from the users' computers as a function of the individualized rule set.

3. The system of claim 1, wherein the redirection server further blocks the data to and from the users' computers as a function of the individualized rule set.

4. The system of claim 1, wherein the redirection server further allows the data to and from the users' computers as a function of the individualized rule set.

5. The system of claim 1, wherein the redirection server further redirects the data to and from the users' computers as a function of the individualized rule set.

6. The system of claim 1, wherein the redirection server further redirects the data from the users' computers to multiple destinations as a function of the individualized rule set.

7. The system of claim 1, wherein the database entries for a plurality of the plurality of users' IDs are correlated with a common individualized rule set.

8. In a system comprising a database with entries correlating each of a plurality of user IDs with an individualized rule set; a dial-up network server that receives user IDs from users' computers; a redirection server connected to the dial-up network server and a public network, and an authentication accounting server connected to the database, the dial-up network server and the redirection server, the method comprising the steps of:

communicating a first user ID for one of the users' computers and a temporarily assigned network address for the first user ID from the dial-up network server to the authentication accounting server;
communicating the individualized rule set that correlates with the first user ID and the temporarily assigned network address to the redirection server from the authentication accounting server;
and processing data directed toward the public network from the one of the users' computers according to the individualized rule set.

9. The method of claim 8, further including the step of controlling a plurality of data to and from the users' computers as a function of the individualized rule set.

10. The method of claim 8, further including the step of blocking the data to and from the users' computers as a function of the individualized rule set.

11. The method of claim 5, further including the step of allowing the data to and from the users' computers as a function of the individualized rule set.

12. The method of claim 8, further including the step of redirecting the data to and from the users' computers as a function of the individualized rule set.

13. The method of claim 8, further including the step of redirecting the data from the users' computers to multiple destinations a function of the individualized rule set.

14. The method of claim 8, further including the step of creating database entries for a plurality of the plurality of users' IDs, the plurality of users' ID further being correlated with a common individualized rule set.

15. A system comprising:

a redirection server programmed with a user's rule set correlated to a temporarily assigned network address;
wherein the rule set contains at least one of a plurality of functions used to control passing between the user and a public network;
wherein the redirection server is configured to allow automated modification of at least a portion of the rule set correlated to the temporarily assigned network address; and wherein the redirection server is configured to allow modification of at least a portion of the rule set as a function of some combination of time, data transmitted to or from the user, or location the user access.

16. The system of claim 15, wherein the redirection server is configured to allow modification of at least a portion of the rule set as a function of time.

17. The system of claim 15, wherein the redirection server is configured to allow modification of at least a portion of the rule set as a function of the data transmitted to or from the user.

18. The system of claim 15, wherein the redirection server is configured to allow modification of at least a portion of the rule set as a function of the location or locations the user access.

19. The system of claim 15, wherein the redirection server is configured to allow the removal or reinstatement of at least a portion of the rule set as a function of time.

20. The system of claim 15, wherein the redirection server is configured to allow the removal or reinstatement of at least a portion of the rule set as a function of the data transmitted to or from the user.

21. The system of claim 15, wherein the redirection server is configured to allow the removal or reinstatement of at least a portion of the rule set as a function of the location or locations the user access.

22. The system of claim 15, wherein the redirection server is configured to allow the removal or reinstatement of at least a portion of the rule set as a function of some combination of time, data transmitted to or from the user, or location or locations the user access.

23. The system of claim 15, wherein the redirection server has a user side that is connected to a computer using the temporarily assigned network address and a network side connected to a computer network and wherein the computer using the temporarily assigned network address is connected to the computer network through the redirection server.

24. The system of claim 23 wherein instructions to the redirection server to modify the rule set are received by one or more of the user side of the redirection server and the network side of the redirection server.

25. In a system comprising a redirection server containing a user's rule set correlated to a temporarily assigned network address wherein the user's rule set contains at least one of a plurality of functions used to control data passing between the user and a public network; the method comprising the step of:

modifying at least a portion of the user's rule set while the user's rule set remains correlated to the temporarily assigned network address in the redirection server; and wherein the redirection server has a user side that is connected to a computer using the temporarily assigned network address and a network address and a network side connected to a computer network and wherein the computer using the temporarily assigned network address is connected to the computer network through the redirection server and the method further includes the step of receiving instructions by the redirection server to modify at least a portion of the user's rule set through one or more of the user side of the redirection server and the network side of the redirection server.

26. The method of claim 25, further including the step of modifying at least a portion of the user's rule set as a function of one or more of: time, data transmitted to or from the user, and location or locations the user access.

27. The method of claim 25, further including the step of removing or reinstating at least a portion of the user's rule set as a function of one or more of: time, the data transmitted to or from the user and the location or locations the user access.

28. The system of claim 1, wherein the individualized rule set includes at least one rule as a function of a type of IP (Internet Protocol) service.

29. The system of claim 1, wherein the individualized rule set includes an initial temporary rule set and a standard rule set, and wherein the redirection server is configured to utilize the temporary rule set for an initial period of time and to thereafter utilize the standard rule set.

30. The system of claim 1, wherein the individualized rule set includes at least one rule allowing access based on a request type and a destination address.

31. The system of claim 1, wherein the individualized rule set includes at least one rule redirecting the data to a new destination address based on a request type and an attempted destination address.

32. The method of claim 8, wherein the individualized rule set includes at least one rule as a function of a type of IP (Internet Protocol) service.

33. The method of claim 8, wherein the individualized rule set includes an initial temporary rule set and a standard rule set, and wherein the redirection server is configured to utilize the temporary rule set for an initial period of time and to thereafter utilize the standard rule set.

34. The method of claim 8, wherein the individualized rule set includes at least one rule allowing access based on a request type and a destination address.

35. The method of claim 8, wherein the individualized rule set includes at least one rule redirecting the data to a new destination address based on a request type and an attempted destination address.

36. A system comprising:

a redirection server programmed with a users rule set correlated to a temporarily assigned network address;
wherein the rule set contains at least one of a plurality of functions used to control data passing between the user and a public network;
wherein the redirection server is configured to allow automated modification of at least a portion of the rule set correlated to the temporarily assigned network address;
wherein the redirection server is configured to allow automated modification of at least a portion of the rule set as a function of some combination of time, data transmitted to or from the user, or location the user accesses; and
wherein the modified rule set includes at least one rule as a function of a type of IP (Internet Protocol) service.

37. A system comprising:

a redirection server programmed with a user's rule set correlated to a temporarily assigned network address;
wherein the rule set contains at least one of a plurality of functions used to control data passing between the user and a public network;
wherein the redirection server is configured to allow automated modification of at least a portion of the rule set correlated to the temporarily assigned network address;
wherein the redirection server is configured to allow automated modification of at least a portion of the rule set as a function of some combination of time, data transmitted to or from the user, or location the user accesses; and
wherein the modified rule set includes an initial temporary rule set and a standard rule set, and wherein the redirection server is configured to utilize the temporary rule set for an initial period of time and to thereafter utilize the standard rule set.

38. A system comprising:

a redirection server programmed with a user's rule set correlated to a temporarily assigned network address;
wherein the rule set contains at least one of a plurality of functions used to control data passing between the user and a public network;
wherein the redirection server is configured to allow automated modification of at least a portion of the rule set correlated to the temporarily assigned network address;
wherein the redirection server is configured to allow automated modification of at least a portion of the rule set as a function of some combination of time, data transmitted to or from the user, or location the user accesses; and
wherein the modified rule set includes at least one rule allowing access based on a request type and a destination address.

39. A system comprising:

a redirection server programmed with a user's rule set correlated to a temporarily assigned network address;
wherein the rule set contains at least one of a plurality of functions used to control data passing between the user and a public network;
wherein the redirection server is configured to allow automated modification of at least a portion of the rule set correlated to the temporarily assigned network address;
wherein the redirection server is configured to allow automated modification of at least a portion of the rule set as a function of some combination of time, data transmitted to or from the user, or location the user accesses; and
wherein the modified rule set includes at least one rule redirecting the data to a new destination address based on a request type and an attempted destination address.

40. The method of claim 25, wherein the modified rule set includes at least one rule as a function of a type of IP (Internet Protocol) service.

41. The method of claim 25, wherein the modified rule set includes an initial temporary rule set and a standard rule set, and wherein the redirection server is configured to utilize the temporary rule set for an initial period of time and to thereafter utilize the standard rule set.

42. The method of claim 25, wherein the modified rule set includes at least one rule allowing access based on a request type and a destination address.

43. The method of claim 25, wherein the modified rule set includes at least one rule redirecting the data to a new destination address based on a request type and an attempted destination address.

44. A system comprising:

a database with entries correlating each of a plurality of user IDs with an individualized rule set;
a dial up network server that receives user IDs from users' computers;
a redirection server connected between the dial up network server and a public network, and
an authentication accounting server connected to the database, the dial up network server and the redirection server;
wherein the dial up network server communicates a first user ID for one of the users' computers and a temporarily assigned network address for the first user ID to the authentication accounting server; p1 wherein the authentication accounting server accesses the database and communicates the individualized rule set that correlates with the first user ID and the temporarily assigned network address to the redirection server; and
wherein data directed toward the public network from the one of the users' computers are processed by the redirection server according to the individualized rule set.

45. The system of claim 44, wherein the redirection server further provides control over a plurality of data to and from the users' computers as a function of the individualized rule set.

46. The system of claim 44, wherein the redirection server further blocks the data to and from the users' computers as a function of the individualized rule set.

47. The system of claim 44, wherein the redirection server further allows the data to and from the users' computers as a function of the individualized rule set.

48. The system of claim 44, wherein the redirection server further redirects the data to and from the users' computers as a function of the individualized rule set.

49. The system of claim 44, wherein the redirection server further redirects the data from the users' computers to multiple destinations as a function of the individualized rule set.

50. The system of claim 44, wherein the database entries for a plurality of the plurality of users' IDs are correlated with a common individualized rule set.

51. The system of claim 44, wherein the individualized rule set includes at least one rule as a function of a type of IP (Internet Protocol) service.

52. The system of claim 44, wherein the individualized rule set includes an initial temporary rule set and a standard rule set, and wherein the redirection server is configured to utilize the temporary rule set for an initial period of time and to thereafter utilize the standard rule set.

53. The system of claim 44, wherein the individualized rule set includes at least one rule allowing access based on a request type and a destination address.

54. The system of claim 44, wherein the individualized rule set includes at least one rule redirecting the data to a new destination address based on a request type and an attempted destination address.

55. The system of claim 44, wherein the redirection server is configured to redirect data from the users' computers by replacing a first destination address in an IP (Internet Protocol) packet header by a second destination address as a function of the individualized rule set.

56. In a system comprising a database with entries correlating each of a plurality of user IDs with an individualized rule set; a dial up network server that receives user IDs from users' computers; a redirection server connected between the dial up network server and a public network, and an authentication accounting server connected to the database, the dial up network server and the redirection servers, a method comprising the steps of:

communicating a first user ID for one of the users' computers and a temporarily assigned network address for the first user ID from the dial up network server to the authentication accounting server;
communicating the individualized rule set that correlates with the first user ID and the temporarily assigned network address to the redirection server from the authentication accounting server; and
processing data directed toward the public network from the one of the users' computers according to the individualized rule set.

57. The method of claim 56, further including the step of controlling a plurality of data to and from the users' computers as a function of the individualized rule set.

58. The method of claim 56, further including the step of blocking the data to and from the users' computers as a function of the individualized rule set.

59. The method of claim 56, further including the step of allowing the data to and from the users' computers as a function of the individualized rule set.

60. The method of claim 56, further including the step of redirecting the data to and from the users' computers as a function of the individualized rule set.

61. The method of claim 56, further including the step of redirecting the data from the users' computers to multiple destinations a function of the individualized rule set.

62. The method of claim 56, further including the step of creating database entries for a plurality of the plurality of users' IDs, the plurality of users' ID further being correlated with a common individualized rule set.

63. The method of claim 56, wherein the individualized rule set includes at least one rule as a function of a type of IP (Internet Protocol) service.

64. The method of claim 56, wherein the individualized rule set includes an initial temporary rule set and a standard rule set, and wherein the redirection server is configured to utilize the temporary rule set for an initial period of time and to thereafter utilize the standard rule set.

65. The method of claim 56, wherein the individualized rule set includes at least one rule allowing access based on a request type and a destination address.

66. The method of claim 56, wherein the individualized rule set includes at least one rule redirecting the data to a new destination address based on a request type and an attempted destination address.

67. The method of claim 56, wherein the redirection server is configured to redirect data from the users' computers by replacing a first destination address in an IP (Internet Protocol) packet header by a second destination address as a function of the individualized rule set.

68. A system comprising:

a redirection server connected between a user computer and a public network, the redirection server programmed with a users' rule set correlated to a temporarily assigned network address;
wherein the rule set contains at least one of a plurality of functions used to control data passing between the user and a public network;
wherein the redirection server is configured to allow automated modification of at least a portion of the rule set correlated to the temporarily assigned network address; and
wherein the redirection server is configured to allow automated modification of at least a portion of the rule set as a function of some combination of time, data transmitted to or from the user, or location the user accesses.

69. The system of claim 68, wherein the redirection server is configured to allow modification of at least a portion of the rule set as a function of time.

70. The system of claim 68, wherein the redirection server is configured to allow modification of at least a portion of the rule set as a function of the data transmitted to or from the user.

71. The system of claim 68, wherein the redirection server is configured to allow modification of at least a portion of the rule set as a function of the location or locations the user accesses.

72. The system of claim 68, wherein the redirection server is configured to allow the removal or reinstatement of at least a portion of the rule set as a function of time.

73. The system of claim 68, wherein the redirection server is configured to allow the removal or reinstatement of at least a portion of the rule set as a function of the data transmitted to or from the user.

74. The system of claim 68, wherein the redirection server is configured to allow the removal or reinstatement of at least a portion of the rule set as a function of the location or locations the user accesses.

75. The system of claim 68, wherein the redirection server is configured to allow the removal or reinstatement of at least a portion of the rule set as a function of some combination of time, data transmitted to or from the user, or location or locations the user accesses.

76. The system of claim 68, wherein the redirection server has a user side that is connected to a computer using the temporarily assigned network address and a network side connected to a computer network and wherein the computer using the temporarily assigned network address is connected to the computer network through the redirection server.

77. The system of claim 68 wherein instructions to the redirection server to modify the rule set are received by one or more of the user side of the redirection server and the network side of the redirection server.

78. The system of claim 68, wherein the modified rule set includes at least one rule as a function of a type of IP (Internet Protocol) service.

79. The system of claim 68, wherein the modified rule set includes an initial temporary rule set and a standard rule set, and wherein the redirection server is configured to utilize the temporary rule set for an initial period of time and to thereafter utilize the standard rule set.

80. The system of claim 68, wherein the modified rule set includes at least one rule allowing access based on a request type and a destination address.

81. The system of claim 68, wherein the modified rule set includes at least one rule redirecting the data to a new destination address based on a request type and an attempted destination address.

82. The system of claim 68, wherein the redirection server is configured to redirect data from the users' computers by replacing a first destination address in an IP (Internet Protocol) packet header by a second destination address as a function of the modified rule set.

83. In a system comprising a redirection server connected between a user computer and a public network, the redirection server containing a user's rule set correlated to a temporarily assigned network address wherein the user's rule set contains at least one of a plurality of functions used to control data passing between the user and a public network; a method comprising the step of:

modifying at least a portion of the user's rule set while the user's rule set remains correlated to the temporarily assigned network address in the redirection server; and
wherein the redirection server has a user side that is connected to a computer using the temporarily assigned network address and a network address and a network side connected to a computer network; and
wherein the computer using the temporarily assigned network address is connected to the computer network through the redirection server and the method further includes the step of receiving instructions by the redirection server to modify at least a portion of the user's rule set through one or more of the user side of the redirection server and the network side of the redirection server.

84. The method of claim 83, further including the step of modifying at least a portion of the user's rule set as a function of one or more of time, data transmitted to or from the user, and location or locations the user accesses.

85. The method of claim 83, further including the step of removing or reinstating at least a portion of the user's rule set as a function of one or more of time, the data transmitted to or from the user and a location or locations the user accesses.

86. The method of claim 83, wherein the modified rule set includes at least one rule as a function of a type of IP (Internet Protocol) service.

87. The method of claim 83, wherein the modified rule set includes an initial temporary rule set and a standard rule set, and wherein the redirection server is configured to utilize the temporary rule set for an initial period of time and to thereafter utilize the standard rule set.

88. The method of claim 83, wherein the modified rule set includes at least one rule allowing access based on a request type and a destination address.

89. The method of claim 83, wherein the modified rule set includes at least one rule redirecting the data to a new destination address based on a request type and an attempted destination address.

90. The method of claim 83, wherein the redirection server is configured to redirect data from the users' computers by replacing a first destination address in an IP (Internet Protocol) packet header by a second destination address as a function of the individualized rule set.

91. A system comprising:

a redirection server programmed with a user's rule set correlated to a temporarily assigned network address;
wherein the rule set contains at least one of a plurality of functions used to control data passing between the user and a public network;
wherein the redirection server is configured to automatically modify at least a portion of the rule set while the rule set is correlated to the temporarily assigned network address;
wherein the redirection server is configured to automatically modify at least a portion of the rule set as a function of some combination of time, data transmitted to or from the user, or location the user accesses; and
wherein the redirection server is configured to modify at least a portion of the rule set as a function of time while the rule set is correlated to the temporarily assigned network address.

92. A system comprising:

a redirection server programmed with a user's rule set correlated to a temporarily assigned network address;
wherein the rule set contains at least one of a plurality of functions used to control data passing between the user and a public network;
wherein the redirection server is configured to automatically modify at least a portion of the rule set while the rule set is correlated to the temporarily assigned network address;
wherein the redirection server is configured to automatically modify at least a portion of the rule set as a function of some combination of time, data transmitted to or from the user, or location the user accesses; and
wherein the redirection server is configured to modify at least a portion of the rule set as a function of the data transmitted to or from the user while the rule set is correlated to the temporarily assigned network address.

93. A system comprising:

a redirection server programmed with a user's rule set correlated to a temporarily assigned network address;
wherein the rule set contains at least one of a plurality of functions used to control data passing between the user and a public network;
wherein the redirection server is configured to automatically modify at least a portion of the rule set while the rule set is correlated to the temporarily assigned network address;
wherein the redirection server is configured to automatically modify at least a portion of the rule set as a function of some combination of time, data transmitted to or from the user, or location the user accesses; and
wherein the redirection server is configured to modify at least a portion of the rule set as a function of the location or locations the user accesses while the rule set is correlated to the temporarily assigned network addresses.

94. A system comprising:

a redirection server programmed with a user's rule set correlated to a temporarily assigned network address;
wherein the rule set contains at least one of a plurality of functions used to control data passing between the user and a public network;
wherein the redirection server is configured to automatically modify at least a portion of the rule set while the rule set is correlated to the temporarily assigned network address;
wherein the redirection server is configured to automatically modify at least a portion of the rule set as a function of some combination of time, data transmitted to or from the user, or location the user accesses; and
wherein the redirection server is configured to remove or reinstate at least a portion of the rule set as a function of time while the rule set is correlated to the temporarily assigned network address.

95. A system comprising:

a redirection server programmed with a user's rule set correlated to a temporarily assigned network address;
wherein the rule set contains at least one of a plurality of functions used to control data passing between the user and a public network;
wherein the redirection server is configured to automatically modify at least a portion of the rule set while the rule set is correlated to the temporarily assigned network address;
wherein the redirection server is configured to automatically modify at least a portion of the rule set as a function of some combination of time, data transmitted to or from the user, or location the user accesses; and
wherein the redirection server is configured to remove or reinstate at least a portion of the rule set as a function of the data transmitted to or from the user while the rule set is correlated to the temporarily assigned network address.

96. A system comprising:

a redirection server programmed with a user's rule set correlated to a temporarily assigned network address;
wherein the rule set contains at least one of a plurality of functions used to control data passing between the user and a public network;
wherein the redirection server is configured to automatically modify at least a portion of the rule set while the rule set is correlated to the temporarily assigned network address;
wherein the redirection server is configured to automatically modify at least a portion of the rule set as a function of some combination of time, data transmitted to or from the user, or location the user accesses; and
wherein the redirection server is configured to remove or reinstate at least a portion of the rule set as a function of the location or locations the user accesses while the rule set is correlated to the temporarily assigned network address.

97. A system comprising:

a redirection server programmed with a user's rule set correlated to a temporarily assigned network address;
wherein the rule set contains at least one of a plurality of functions used to control data passing between the user and a public network;
wherein the redirection server is configured to automatically modify at least a portion of the rule set while the rule set is correlated to the temporarily assigned network address;
wherein the redirection server is configured to automatically modify at least a portion of the rule set as a function of some combination of time, data transmitted to or from the user, or location the user accesses; and
wherein the redirection server is configured to remove or reinstate at least a portion of the rule set as a function of some combination of time, data transmitted to or from the user, or location or locations the user accesses while the rule set is correlated to the temporarily assigned network address.

98. A system comprising:

a redirection server programmed with a user's rule set correlated to a temporarily assigned network address;
wherein the rule set contains at least one of a plurality of functions used to control data passing between the user and a public network;
wherein the redirection server is configured to automatically modify at least a portion of the rule set while the rule set is correlated to the temporarily assigned network address;
wherein the redirection server is configured to automatically modify at least a portion of the rule set as a function of some combination of time, data transmitted to or from the user, or location the user accesses; and
wherein the redirection server has a user side that is connected to a computer using the temporarily assigned network address and a network side connected to a computer network, and wherein the computer using the temporarily assigned network address is connected to the computer network through the redirection server.

99. The system of claim 98, wherein the redirection server modifies the rule set in response to instructions received by one or more of the user side of the redirection server and the network side of the redirection server.

100. In a system comprising a redirection server containing a user's rule set correlated to a temporarily assigned network address wherein the user's rule set contains at least one of a plurality of functions used to control data passing between the user and a public network; a method comprising:

the redirection server modifying at least a portion of the user's rule set while the user's rule set remains correlated to the temporarily assigned network address in the redirection server;
connecting a user side of the redirection server to a computer using the temporarily assigned network address and a network side connected to a computer network;
connecting the computer using the temporarily assigned network address to the computer network through the redirection server;
receiving instructions by the redirection server; and
the redirection server modifying at least a portion of the user's rule set through one or more of the user side of the redirection server and the network side of the redirection server while the rule set is correlated with the temporarily assigned network address.

101. The method of claim 100, wherein the method further comprises modifying at least a portion of the user's rule set by the redirection server as a function of one or more of: time, data transmitted to or from the user, and location or locations the user accesses.

102. The method of claim 100, wherein the method further comprises removing or reinstating at least a portion of the user's rule set by the redirection server as a function of one or more of: time, the data transmitted to or from the user and a location or locations the user accesses.

103. The method of claim 100, wherein the modified rule set includes at least one rule as a function of a type of IP (Internet Protocol) service.

104. The method of claim 100, wherein the modified rule set includes an initial temporary rule set and a standard rule set, and wherein the redirection server is configured to utilize the temporary rule set for an initial period of time and to thereafter utilize the standard rule set.

105. The method of claim 100, wherein the modified rule set includes at least one rule allowing access based on a request type and a destination address.

106. The method of claim 100, wherein the modified rule set includes at least one rule redirecting the data to a new destination address based on a request type and an attempted destination address.

107. A system comprising:

a redirection server programmed with a user's rule set correlated to a temporarily assigned network address;
the rule set containing at least one of a plurality of functions used to control data passing between the user and a public network;
the redirection server being configured to automatically modify at least a portion of the rule set while the rule set is correlated to the temporarily assigned network address;
the redirection server being configured to automatically modify at least a portion of the rule set as a function of some combination of time, data transmitted to or from the user, or location the user accesses; and
the modified rule set including at least one rule as a function of a type of IP (Internet Protocol) service.

108. A system comprising:

a redirection server programmed with a user's rule set correlated to a temporarily assigned network address;
the rule set containing at least one of a plurality of functions used to control data passing between the user and a public network;
the redirection server being configured to automatically modify at least a portion of the rule set while the rule set is correlated to the temporarily assigned network address;
the redirection server being configured to automatically modify at least a portion of the rule set as a function of some combination of time, data transmitted to or from the user, or location the user accesses; and
the modified rule set includes an initial temporary rule set and a standard rule set, and the redirection server utilizes the temporary rule set for an initial period of time and thereafter utilizes the standard rule set while the rule set is correlated to the temporarily assigned network address.

109. A system comprising:

a redirection server programmed with a user's rule set correlated to a temporarily assigned network address;
the rule set containing at least one of a plurality of functions used to control data passing between the user and a public network;
the redirection server being configured to automatically modify at least a portion of the rule set while the rule set is correlated to the temporarily assigned network address;
the redirection server being configured to automatically modify at least a portion of the rule set as a function of some combination of time, data transmitted to or from the user, or location the user accesses; and
the modified rule set includes at least one rule allowing access based on a request type and a destination address.

110. A system comprising:

a redirection server programmed with a user's rule set correlated to a temporarily assigned network address;
the rule set containing at least one of a plurality of functions used to control data passing between the user and a public network;
the redirection server being configured to automatically modify at least a portion of the rule set while the rule set is correlated to the temporarily assigned network address;
the redirection server being configured to automatically modify at least a portion of the rule set as a function of some combination of time, data transmitted to or from the user, or location the user accesses; and
the modified rule set includes at least one rule redirecting the data to a new destination address based on a request type and an attempted destination address.

111. A system comprising:

a redirection server connected between a user computer and a public network, the redirection server programmed with a users' rule set correlated to a temporarily assigned network address;
the rule set containing at least one of a plurality of functions used to control data passing between the user and a public network;
the redirection server being configured to automatically modify at least a portion of the rule set while the rule set is correlated to the temporarily assigned network address; and
the redirection server being configured to automatically modify at least a portion of the rule set as a function of some combination of time, data transmitted to or from the user, or location the user accesses while the rule set is correlated to the temporarily assigned network address.

112. The system of claim 111, the redirection server being configured to modify at least a portion of the rule set as a function of time.

113. The system of claim 111, the redirection server being configured to modify at least a portion of the rule set as a function of the data transmitted to or from the user.

114. The system of claim 111, the redirection server being configured to modify at least a portion of the rule set as a function of the location or locations the user accesses.

115. The system of claim 111, the redirection server being configured to remove or reinstate at least a portion of the rule set as a function of time.

116. The system of claim 111, the redirection server being configured to remove or reinstate at least a portion of the rule set as a function of the data transmitted to or from the user.

117. The system of claim 111, the redirection server being configured to remove or reinstate at least a portion of the rule set as a function of the location or locations the user accesses.

118. The system of claim 111, the redirection server being configured to remove or reinstate at least a portion of the rule set as a function of some combination of time, data transmitted to or from the user, or location or locations the user accesses.

119. The system of claim 111, wherein the redirection server has a user side that is connected to a computer using the temporarily assigned network address and a network side connected to a computer network and wherein the computer using the temporarily assigned network address is connected to the computer network through the redirection server.

120. The system of claim 111, wherein the redirection server modifies the rule set received by one or more of the user side of the redirection server and the network side of the redirection server in response to instructions received by the redirection server.

121. The system of claim 111, wherein the modified rule set includes at least one rule as a function of a type of IP (Internet Protocol) service.

122. The system of claim 111, wherein the modified rule set includes an initial temporary rule set and a standard rule set, and wherein the redirection server is configured to utilize the temporary rule set for an initial period of time and to thereafter utilize the standard rule set.

123. The system of claim 111, wherein the modified rule set includes at least one rule allowing access based on a request type and a destination address.

124. The system of claim 111, wherein the modified rule set includes at least one rule redirecting the data to a new destination address based on a request type and an attempted destination address.

125. The system of claim 111, the redirection server redirecting data from the users' computers by replacing a first destination address in an IP (Internet Protocol) packet header by a second destination address as a function of the modified rule set.

126. In a system comprising a redirection server connected between a user computer and a public network, the redirection server containing a user's rule set correlated to a temporarily assigned network address wherein the user's rule set contains at least one of a plurality of functions used to control data passing between the user and a public network; a method comprising:

the redirection server modifying at least a portion of the user's rule set while the user's rule set remains correlated to the temporarily assigned network address in the redirection server;
wherein the redirection server has a user side that is connected to a computer using the temporarily assigned network address and a network address and a network side connected to a computer network;
wherein the computer using the temporarily assigned network address is connected to the computer network through the redirection server; and
the redirection server modifying at least a portion of the user's rule set through one or more of the user side of the redirection server and the network side of the redirection server while the rule set is correlated to the temporarily assigned network address, in response to instructions received by the redirection server.

127. The method of claim 126, wherein the modification is a function of one or more of time, data transmitted to or from the user, and location or locations the user accesses.

128. The method of claim 126, wherein the modification comprises removing or reinstating at least a portion of the user's rule set as a function of one or more of time, the data transmitted to or from the user and a location or locations the user accesses.

129. The method of claim 126, wherein the modified rule set includes at least one rule as a function of a type of IP (Internet Protocol) service.

130. The method of claim 126, wherein the modified rule set includes an initial temporary rule set and a standard rule set, and wherein the redirection server is configured to utilize the temporary rule set for an initial period of time and to thereafter utilize the standard rule set.

131. The method of claim 126, wherein the modified rule set includes at least one rule allowing access based on a request type and a destination address.

132. The method of claim 126, wherein the modified rule set includes at least one rule redirecting the data to a new destination address based on a request type and an attempted destination address.

133. The method of claim 126, wherein the redirection server redirects data from the users' computers by replacing a first destination address in an IP (Internet Protocol) packet header by a second destination address as a function of the individualized rule set.

Referenced Cited
U.S. Patent Documents
5678041 October 14, 1997 Baker et al.
5696898 December 9, 1997 Baker et al.
5708780 January 13, 1998 Levergood et al.
5740430 April 14, 1998 Rosenberg et al.
5749075 May 5, 1998 Toader et al.
5774869 June 30, 1998 Toader
5781550 July 14, 1998 Templin et al.
5794210 August 11, 1998 Goldhaber et al.
5802320 September 1, 1998 Baehr et al.
5805803 September 8, 1998 Birrell et al.
5806043 September 8, 1998 Toader
5812776 September 22, 1998 Gifford
5815574 September 29, 1998 Fortinsky
5835727 November 10, 1998 Wong
5845267 December 1, 1998 Ronen
5848233 December 8, 1998 Radia
5850517 December 15, 1998 Verkler et al.
5855008 December 29, 1998 Goldhaber et al.
5864683 January 26, 1999 Boebert et al.
5881234 March 9, 1999 Schwob
5889958 March 30, 1999 Willens
5915093 June 22, 1999 Berlin et al.
5918018 June 29, 1999 Gooderum et al.
5948061 September 7, 1999 Merriman et al.
5950195 September 7, 1999 Stockwell
5956697 September 21, 1999 Usui
5960409 September 28, 1999 Wexler
5963915 October 5, 1999 Kirsch
5987430 November 16, 1999 Van Horne et al.
5987523 November 16, 1999 Hind et al.
5987611 November 16, 1999 Freund
6014698 January 11, 2000 Griffiths
6052725 April 18, 2000 McCann et al.
6070243 May 30, 2000 See et al.
6073178 June 6, 2000 Wong et al.
6088451 July 11, 2000 He et al.
6098172 August 1, 2000 Coss et al.
6112239 August 29, 2000 Kenner et al.
6119160 September 12, 2000 Zhang et al.
6119162 September 12, 2000 Li et al.
6154775 November 28, 2000 Coss et al.
6157829 December 5, 2000 Grube et al.
6158008 December 5, 2000 Maria et al.
6170012 January 2, 2001 Coss et al.
6182139 January 30, 2001 Brendel
6219790 April 17, 2001 Lloyd et al.
6223209 April 24, 2001 Watson
6226677 May 1, 2001 Slemmer
6233618 May 15, 2001 Shannon
6233686 May 15, 2001 Dutta
6247054 June 12, 2001 Malkin
6272115 August 7, 2001 Elliott, III
6311275 October 30, 2001 Jin et al.
6321336 November 20, 2001 Applegate et al.
6377990 April 23, 2002 Slemmer et al.
6438125 August 20, 2002 Brothers
6460084 October 1, 2002 Van Horne et al.
6466976 October 15, 2002 Alles
6636894 October 21, 2003 Short et al.
6687732 February 3, 2004 Bector et al.
6721306 April 13, 2004 Farris et al.
6779118 August 17, 2004 Ikudome et al.
20070294417 December 20, 2007 Ikudome et al.
Foreign Patent Documents
2226814 July 1998 CA
2226814 March 2003 CA
699 41 540 June 2016 DE
0 811 939 December 1997 EP
0854621 July 1998 EP
0854621 July 1998 EP
2316841 March 1998 GB
WO 96/05549 February 1996 WO
WO 96/39668 December 1996 WO
WO 97/11429 March 1997 WO
WO 98/03927 January 1998 WO
WO 98/26548 June 1998 WO
WO 99/57660 November 1999 WO
WO 00/16529 March 2000 WO
Other references
  • Hiden, R. et al.: Gateway Special Interest Group Meeting Notes; Request for comments 898898, published in Apr. 1984.
  • Clark, D.: Policy routing in Internet Protocols; Request for comments 1102, published in May 1989.
  • Berners-Lee, T et al.: Hypertext Transfer Protocol—http/1.0, Request for comments 1945, published in May 1996.
  • English language translation of the relevant portions of a Judgment rendered on Patent No. EP 1 076 975 by the German Patent and Trademark Office on Dec. 14, 2015 in the Action by Plaintiff Deutsche Telekom AG.
  • Aas, Gisle, Maceachern, Doug, Apache.pm, 18 pages; available at http://www.apache.org/docs>.
  • Amended Invalidity Contentions of AT&T et al., Linksmart Wireless Technology, LLC v. T-Mobile, LLC, Inc., et al., Case Nos. (consolidated) 2:08-cv-00264-DF-CE, 2:08-cv-00304-DF-CE, 2:08-cv-00385-DF-CD, 2:09-cv-00026-DF-CE, U.S .District Court Eastern District of Texas, Marshall Division, 100 pages, Aug. 19, 2010.
  • Amended Complaint, Demand for Jury Trial, IP3 Networks, Inc. v. Nomadix, Inc., Case No. 04-cv-1485 DMS (POR), 48 pages (including Exhibits 1-3, Sep. 20, 2004, United States District Court, Southern District of California.
  • Answer and Counterclaims of Nomadix Inc. to the Amended Complaint, IP3 Networks, Inc. v. Nomadix, Inc., Case No. 04-cv-1485 DMS (POR); 46 pages, filed Oct. 21, 2004, United States District Court, Southern District of California.
  • Arar, Yardena, Prepaid Internet Access Cards: Instant ISP, pcworld.com, 1 page, Jul. 14, 1997.
  • Armstead, Internet post: “Re: redirect,” dated Mar. 2, 1998, archived at www.squid-cache.org, document states that archive was generated on Dec. 9, 2003, 2 pages.
  • Auric Web Systems, News, web page at http://www.auricweb.com/news.html>, 3 pages, accessed Jul. 12, 1999, including press releases: Prepaid Card Has Made An Exciting Debut, Dec. 10, 1998; ISP's Now Can provide “Commercial Breaks” on the Web With Our User side Software, Dec. 7, 1998; Beyond Banner Ads, Beyond “Push,” Jun. 16, 1998; New Internet Advertisement Tool Make a Successful Debut, May 18, 1998; Auric Web System announces Micro Gateway, Sep. 1, 1997; Auric Web Systems announces ISP Enhancer, Dec. 15, 1997; and Auric Web Systems announces EC Gateway, Jan. 15, 1997.
  • Auric Web Systems unveils software to reduce the opening costs of Internet service providers, press release, Auric Web Systems, Inc., Business Wire, 2 pages, Mar. 25, 1997.
  • Auric Web Unveils Tool to Navigate Customer Directly to a Specific Website, press release, Auric Web Systems, Inc., 1 page, Nov. 24, 1997.
  • Avolio and Ranum, “A Network Perimeter with Secure External Access,” 11 pages; Trusted Information Systems, Jan. 25, 1994.
  • Bahn (ed.), Microsoft Computer Dictionary, Microsoft Press, 4.ed., 1999, p. 136.
  • Baker et al., Local Control Over Filtered WWW Access, 12 pages; http://www.w3.org/Conferences/WWW4/Papers/117, Fourth International World Wide Web Conference, Dec. 1995.
  • Baker, Mary G. et al., Supporting Mobility in MosquitoNet, Proceedings of the 1996 USENIX Technical Conference, San Diego, CA, 13 pages, Jan. 1996.
  • Beerman, Cord, Re: Support for cern like Pass/Fair proxy limits?; 2 pages, available at http://www.squid-cache.org/mail-archive/squid-users/199611/0385.html (visited Feb. 1, 2005).
  • Berners-Lee, T. et al., Network Working Group, Request for Comments: 1945, “Hypertext Transfer Protocol—HTTP/1.0,” May 1996; 60 pages.
  • Best Western's Supplemental Claim Construction Brief, Linksmart Wireless Technology, LLC v. T-Mobile USA, Inc. et al., U.S. District Court of Eastern District of Texas, Marshall Division, Case No. 2:08-cv-000264-DF-CF, filed Apr. 16, 2010, pp. 1-16 (including Exhibits 1-2).
  • Blankers, “Network solutions for Internet access servers,” 12 pages; Ericsson Review, Internet Access Servers 1998.
  • Boutell, “CGI Programming in C & Perl,” 7 pages; 1996.
  • Braden, B. Postel, J., Requirements for Internet Gateways, Jun. 1987; 50 pages; Network Working Group, Request for Comments 1009.
  • Buying Made Easy: Auric Web Bypasses Credit Cards, Internet Week, 1 page, Feb. 17, 1997.
  • “Campus World,” Presentation by Phil Moore, 1998, 15 pages.
  • Carl-Mitchell, Smoot, Quaterman, John, S., Using ARP to Implement Transparent Subnet Gateways; Oct. 1987; 8 pages, Network Working Group, Request for Comments 1027.
  • Chapman and Zwicky, Building Internet Firewalls O'Reilly & Associates, 1995.
  • Chatel, M., Classical Versus Transparent IP Proxies; Mar. 1996; 32 pages, Network Working Group, Request for Comments 1919.
  • Cisco 2500 Access Server Series, Data Sheet, Cisco Systems, 5 pages, Sep. 1997.
  • Cisco 2509-2512 Series Access Servers, Product Announcement, I.D. No. 027ALL, Cisco Systems, 8 pages, undated (1995 copyright notice).
  • Cisco 6510 Service Selection Gateway, End of Sale Announcement, End-of-Life Notice No. 1135, Cisco Systems, 4 pages, Apr. 2005.
  • Cisco 6510 Service Selection Gateway Version 1.0(2), Release Notes, Doc. No. 78-5181-03, Cisco Systems, 6 pages, undated (1998 copyright notice).
  • Cisco Announces DSL Service Creation and Control Platforms: Enables Service Providers to Create Differentiated Internet Services on a Per-Use Basis, press release, Cisco Systems, 2 pages, May 26, 1998.
  • Cisco Internetworking Technologies Handbook, Chapter 15, entitled Dial-up Technology, Cisco, pp. 1-12.
  • Cisco Secure ACS 2.1(4), for Windows NT, Release Notes, Doc. No. 78-5462-01 Rev. A0, Cisco Systems, 6 pages, Jun. 15, 1998.
  • “ChoiceNet Administrator's Guide,” Livingston Enterprises, 88 pages, Jan. 1997.
  • Claim Construction Brief of Defendants of Linksmart Wireless Technologies, Inc. v. T-Mobile USA, Inc. et al., U.S. District Court for the Eastern District of Texas, Marshall Division, Case No. 2:08-cv-000264-DF-CE, filed Apr. 16, 2010, pp. 1-39.
  • Complaint, Demand for Jury Trial; IP3 Networks, Inc. v. Nomadix, Inc., Case No. 04-cv-1485 DMS (POR); 48 pages, filed Jul. 23, 2004, United States District Court, Southern District of California.
  • Connoly et al., Database Systems: A Practical Approach to Design, Implementation, and Management, 3.ed., Addison-Wesley, 2002, p. 72.
  • Corner, Internetworking with TCP/IP, 3rd ed., vol. 1, cover, title page, p. 46 (3 pages) 1995.
  • D. Carrel, L. Grant, “TACACS+ Protocol Version 1.75,” 40 pages, Internet Draft (TACACS+)/RFC1492, Cisco Systems, Oct. 1996.
  • Declaration of Kevin Jeffay, Ph.D., Linksmart Wireless Technology, LLC v. T-Mobile USA, Inc. et al., District Court of the Eastern District of Texas, Marshall Division, Case No. 2:08-cv-000264-DF-CF, filed Apr. 16, 2010, pp. 1-21 (including Exhibit A).
  • Declaration of Kevin Jeffay, Ph.D., Linksmart Wireless Technology, LLC v. T-Mobile USA, Inc. et al., District Court of the Eastern District of Texas, Marshall Division, Case No. 2:08-cv-000264-DF-CF, filed Apr. 16, 2010, pp. 1-53 (including Exhibit A-C).
  • Declaration of Noah A. Levine in Support of Claim Construction Brief of Defendants, Linksmart Wireless Technology, LLC v. T-Mobile USA, Inc. et al., District Court of the Eastern District of Texas, Marshall Division, Case No. 2:08-cv-000264-DF-CF, filed Apr. 16, 2010, pp. 1-131 (including exhibits 1-9).
  • Defendants' Patent Local Rule 4-2 Preliminary Constructions and Extrinsic Evidence of Linksmart Technology, LLC c. T-Mobile USA, Inc. et al., U.S. District Court for the Eastern District of Texas, Marshall Division, Case No. 2:08-cv-000264-DF-CE, filed Apr. 16, 2010, p. 1-6.
  • Dial-up Networking and Mobile Computing: The Basics, Microsoft TechNet, available at http://technet.microsoft.com/en-us/library/cc751107(printer).aspx on Jan. 21, 2010; pp. 1-26.
  • Dominik, Internet post: “redirect,” dated Nov. 30, 1997, as archived at www.squid-cache.org, document states that archive was generated on Dec. 9, 2003, 1 page.
  • Douglas Comer, Internetworking with TCP/IP, 3.ed., 1995.
  • Droms, R., Dynamic Host Configuration Protocol, Network Working Group, Request for Comments 1531, 35 pages, Oct. 1993.
  • Droms, R., Dynamic Host Configuration Protocol, Network Working Group, Request for Comments 2131, 43 pages, Mar. 1997.
  • Duane Wessels, Squid and ICP: Past, Present and Future, Aug. 16, 1997; 15 pages.
  • Egevang, K., Francis, P., The IP Network Address Translator (NAT); May 1994; 9 pages, Network Working Group, Request for Comments 1631.
  • Elmasri et al., Fundamentals of Database Systems, 2.ed., Addison-Wesley, 1994.
  • Ex Parte Linksmart Wireless Technology, LLC, No. 2011-009566 (B.P.A.I., Aug. 23, 2011).
  • Felton, E. W., et al., Wob Spoofing: An Internet Con Game, Technical Report 540-96 (Revised Feb. 1997), Department of Computer Science, Princeton University, 1996, 1997, 9 pages.
  • Fiedler, D., et al., Dr. Website: Using META Tags for Identification and Control of Pages, http://www.webdeveloper.com/drweb/19971103-drweb.html, Nov. 3, 1997; 4 pages.
  • First Supplemental Invalidity Contentions of AT&T et al., Linksmart Wireless Technology, LLC v. T-Mobile, LLC, Inc., et al., Case Nos. (consolidated) 2:08-cv-00264-DF-CE, 2:08-cv-00304-DF-CE, 2:08-cv-00385-DF-CD, 2:09-cv-00026-DF-CE, U.S .District Court Eastern District of Texas, Marshall Division, 82 pages, Mar. 25, 2010.
  • First Supplemental Invalidity Contentions of Cisco Systems, Inc. et al., Linksmart Wireless Technology, LLC v. T-Mobile, LLC, Inc., et al., Case Nos. (consolidated) 2:08-cv-00264-DF-CE, 2:08-cv-00304-DF-CE, 2:08-cv-00385-DF-CD, 2:09-cv-00026-DF-CE, U.S .District Court Eastern District of Texas, Marshall Division, 91 pages, May 17, 2010.
  • George, Mike, Hardware Hustle hits the Classroom, 3 pages, The Independent, May 20, 1996.
  • Grice, Corey, Comcast launches broadband portal, news.cnet.com, 3 pages, Jan. 4, 1999.
  • Guido Appenzeller, Mema Roussopoulos and Mary Baker, User-Friendly Access Control for Public Network Ports, 8 pages, IEEE Transactions, Mar. 1999.
  • Hornig, Charles, A Standard for the Transmission of IP Diagrams over Ethernet Networks; Apr. 1984; 3 pages, Network Working Group, Request for Comments 894.
  • Housel and Lindquist, WebExpress: A System for Optimizing Web Browsing in a Wireless Environment, 10 pages; Proceedings of the Second Annual International Conference on Mobile Computing and Networking; Nov. 1996.
  • How to Determine the Version of Windows 95/98/Me in Use, May 12, 2007; Microsoft, available at http://support.microsoft.com/kb/158238; Jan. 21, 200 (4 pages).
  • Iain Langdon, Education for Changing Times—An Online Learning Framework, 3 pages, WebNet 96, Oct. 15-19, 1996.
  • Ikudome et al., User Specific Automatic Web Redirection System, Technical Innovation Report, Auric Web Systems, Aug. 14, 1997, 8 pages.
  • Information Science Institute, Internet Protocol, DARPA Internet Program, Protocol Specification, Sep. 1981, 49 pages, available at <http://www.faqs.org/rfcs/rfc791.html> (visited Feb. 1, 2005).
  • Interactive Media Works and Netcom Incorporate NetCruiser Software and Internet Access with sampleNET, press release, Interactive Media Works, LLC, 1 page, Feb. 5, 1996.
  • Interactive Media Works Brings Web Browsing to Pre-Paid Phone Cards with the sampleNET Card, press release, Interactive Media Works, LLC, 2 pages, Feb. 13, 1996.
  • International Telecommunication Union, Telecommunication Standard ITU-T Standard: Data Communication Over the Telephone Network, v.8, ITU, Sep. 1994; pp. 1-10.
  • Invalidity Contentions of AT&T et al., Linksmart Wireless Technologies, Inc. v. T-Mobile USA, Inc. et al., District Court of the Eastern District of Texas, Marshall Division, Case Nos. (consolidated) 2:08-cv-000264-DF-CE, 2:08-cv-000304-DF-CE, 2:08-cv-000385-DF-CE, 2:09-cv-00026-DF-CE, Oct. 8, 2009, 754 pages (including appendixes A-C).
  • Invalidity Contentions of T-Mobile USA, Inc., Linksmart Wireless Technologies, Inc. v. T-Mobile USA, Inc. et al., District Court of the Eastern District of Texas, Marshall Division, Case Nos. (consolidated) 2:08-cv-000264-DF-CE, 2:08-cv-000304-DF-CE, 2:08-cv-000385-DF-CD, 2:09-cv-00026-DF-CE, Oct. 8, 2009, 325 pages (including appendixes A).
  • Kostick, Building a Linux Firewall, 9 pages, Linux Journal, Apr. 1996 (accessed at http://delivery.acm.org/10.1145/330000/3255560).
  • Kostick, Chris, System Administration: IP Masquerading Code Follow-up, Linux Journal, (accessed at http://delivey.acm.org/10.1145/330000/327059/), 14 pages, Nov. 1997.
  • Levene et al., A Guided Tour of Relational Databases and Beyond, Springer, 1999, pp. 1-12.
  • Leveridge, Phil C., CampusWorld and BT's On-Line Education Services, 6 pages; BT Technology Journal, v.15, No. 2, Apr. 1997.
  • Linksmart Wireless Technology, LLC Disclosure for Asserted Claims and Infringement Contentions Against Defendants.
  • Linksmart Marksman Brief, Weiss Declaration and Exhibits.
  • Linksmart Opening Claim Construction Brief, Linksmart Wireless Technology, LLC v. T-Mobile, LLC, Inc., et al., Case Nos. (consolidated) 2:08-cv-00264-DF-CE, 2:08-cv-00304-DF-CE, 2:08-cv-00385-DF-CD, 2:09-cv-00026-DF-CE, U.S .District Court Eastern District of Texas, Marshall Division, 91 pages, May 17, 2010.
  • “Livingston ChoiceNet—How it Works,” www.livingston.com/Marketing/Products/choicenetH1W.shtml, retrieved from <web.archibve.org> purportedly archived on Apr. 30, 1997; 1 page.
  • Loon et al., Alleviating the Latency and Bandwidth Problems in WWW Browsing, 13 pages, Proceedings of the USENIX Symposium on Internet Technologies and Systems, Monterey, California, Dec. 1977.
  • Lopez, Bryan S., An Investigation and Assessment of Linux IPChains and Its Vulnerability with Respect to Network Security, Thesis, Naval Postgraduate School, Monterey, CA, 136 pages, Jun. 2000.
  • Luotonen, Arj, Altis, Kevin, World-Wide Web Proxies; Apr. 1994; 8 pages.
  • Maceachern, Doug, Apachel/Perl Integration Project; README; 2 pages, available at <http://apache.perl.org>, <http://outside.organic.com/mail-archives/modperl>, and <http://www.ping.de/˜fdc/modperl>.
  • “Major Telecom Company launches Education Internet Service for Schools,” 3 pages, Learning in a Global Information Society, Sep. 20, 1995.
  • Make users go thru login, Available at http://www.microsoft.public.inetserver.iis.activeserverpages.html (visited Oct. 5, 2005 but including items dated Jan. 19, 1998); 2 pages.
  • Malkin, Comprehensive Networking Glossary and Acronym Guide 47, 1995.
  • Malkin, Comprehensive Networking Glossary and Acronym Guide, 1995, title page, preface, pp. 46-47, 114-115, 154-155 (4 pages).
  • “Max 6000 Series Administration Guide,” Ascend Communications, Inc., 428 pages (copyright notice 1998).
  • “Max 6000 Series Hardware Installation Guide,” Ascend Communications, Inc., 159 pages (copyright notice 1998).
  • “Max 6000 Series Network Configuration Guide,” Ascend Communications, Inc., 523 pages (copyright notice 1998).
  • “Max 800 Series Administration Guide,” Ascend Communications, Inc., 286 pages (copyright notice 1998).
  • “Max 800 Series Hardware Installation Guide,” Ascend Communications, Inc., 51 pages (copyright notice 1998).
  • “Max 800 Series Network Configuration Guide,” Ascend Communications, Inc., 280 pages (copyright notice 1998).
  • “Max Glossary,” Ascend Communications, Inc., 226 pages (copyright notice 1998).
  • “Max Radius Configuration Guide,” Ascend Communications, Inc., 556 pages, (copyright notice 1998).
  • “Max Reference Guide,” Ascend Communications, 307 pages (copyright notice 1998).
  • “Max Security Supplement,” Ascend Communications, 176 pages (copyright notice 1998).
  • “Max T1/PRI Radius Supplement,” Ascend Communications, Inc., 82 pages, 1996.
  • Memorandum and Order [regarding claim construction issues], Linksmart Wireless Technology, LLC v. T-Mobile, LLC, Inc., et al., Case Nos. 2:08-cv-00264-DF-CE, U.S .District Court Eastern District of Texas, Marshall Division, 23 pages, Jun. 30, 2010.
  • Microsoft Windows NT Server Resource Kit, Version 4.0, Supplement One, Microsoft Press, 1997, pp. 88-89.
  • Microsoft Windows NT Workstation Resource Kit: Comprehensive Resource Guide and Utilities for Windows NT Workstation Version 4.0, Microsoft Press, 1996, pp. 1023-1025.
  • Mockapetris, P., Domain Names—Implementation and Specification, Network Working Group, Request for Comments 1035; 52 pages, Nov. 1987.
  • Mockapetris, P., Domain Names—Concepts and Facilities, Nov. 1987, 49 pages, Network Working Group, Request for Comments 1034.
  • Modperl.c; Copyright; 1995-1997 The Apache Group; 20 pages.
  • NavisConnect User's Guide, Ascend Communications, 46 pages (copyright notice 1998).
  • “New Internet Card Offers Free Access,” 3 pages; The Yomiuri Shimbun/Daily Yomiuri, Sep. 29, 1998.
  • Newton, Newton's Telecom Dictionary, Telecom Books and Flatiron Publishing, 10.ed., Jan. 1998, cover, title page, p. 194 (3 pages).
  • Newton, Newton's Telecom Dictionary, Telecom Books and Flatiron Publishing, 10.ed., Jan. 1998, p. 208.
  • Nordstrom, Henrik, Internet post: Re: redirect, dated Mar. 2, 1998, as archived at www.squid-cache.org, document states that archive was generated on Dec. 9, 2003; 1 page.
  • ODN Web Card, available at <http://www.asahi.com/ad/clients/tsuuhan/entry.html>, 1 page, Mar.-Apr. 1998, Japan (in Japanese).
  • PC Work, article with picture of ODN Web Card, 1 page, Dec. 1998, Japan (in Japanese).
  • Person et al., Using Windows 95, Platinum Edition, Que Corporation, 1996, pp. 205 (7 pages).
  • Phone Cards and the Internet: A Profitable Link, Intele-Card News, 2 pages, Mar. 1996.
  • Plaintiff/Counter Defendant IPE Networks Inc.'s Reply to Defendant Nomadix Inc.'s Counterclaim; IP3 Networks, Inc. v. Nomadix, Inc., Case No. 04-cv-1485 DMS (POR); 8 pages, Nov. 15, 2004, United States District Court, Southern District of California.
  • Plummer, David C., An Ethernet Address Resolution Protocol or Converting Network Protocol Addresses to 48.bit Ethernet Address for Transmission on Ethernet Hardware; Nov. 1982; 8 pages, Network Working Group, Request for Comments 826.
  • Poger et al., Secure Public Internet Access Handler (SPINACH), Proceedings of the USENIX Symposium on Internet Technologies and Systems, Monterey, California, Dec. 1997; 12 pages.
  • Pop Go The Ads with Auric Systems Software, The Los Angeles Times, 1 page, Jan. 4, 1999.
  • Postel, J., Multi-Lan Address Resolution, Oct. 1984; 14 pages, Network Working Group, Request for Comments 925.
  • Prepaid Internet Access Cards, Card Track Online, www.ramresearc.com/cardtrak/news/cf714f97.html>, 1 page, Jul. 14, 1997.
  • Prepaid Web-Surfing Cards Now Available for Easy Internet Access From PCs and Video Game Boxes, press releases, Seer Technologies Inc., Business Wire, 2 pages, Oct. 8, 1996.
  • “Proxy Server Version 2.0: Reviewer's Guide,” 88 pages, 1997.
  • Request for Comments 2138, Internet Engineering Task Force, Apr. 1997.
  • Riedman, Pat, Alcone's NetPerks to offer rewards to frequent surfers, Advertising Age, 1 page, Jan. 6, 1997.
  • Rigney et al., Request for Comments 2138, Remote Authentication Dial in User Service (RADIUS), Apr. 1997, The Internet Engineering Task Force (IETF), The RFC Editor.
  • Rigney, C., Radius Accounting, Network Working Group, Request for Comments 2139, Apr. 1997; 25 pages.
  • Russell, Rusty, Linux IPChains-Howto, v.1.0.8, 55 pages, Jul. 4, 2000.
  • “SampleNET Products,” <samplenet.com>, retrieved from <web.archive.org>, purportedly archived on Apr. 4, 1997; 2 pages.
  • Sclater, Neil, Markus, John, McGraw-Hill Electronics Dictionary, 6.ed., 1997, cover, title pages (2), pp. 110, 119 (5 pages).
  • S.D. Hubbard et al., Firewalling the Net, 13 pages, BT Technology Journal, v.15, No. 2, Apr. 1997.
  • Second Supplemental Invalidity Contentions of Cisco Systems, Inc. et al., Linksmart Wireless Technology, LLC v. T-Mobile, LLC, Inc., et al., Case Nos. (consolidated) 2:08-cv-00264-DF-CE, 2:08-cv-00304-DF-CE, 2:08-cv-00385-DF-CD, 2:09-cv-00026-DF-CE, U.S .District Court Eastern District of Texas, Marshall Division, 11 pages, Aug. 19, 2010.
  • Simpson, et al. (eds.), Oxford English Dictionary, Clarendon Press, 2.ed., v.3, 1998, pp. 514-515.
  • Simpson, et al. (eds.), Oxford English Dictionary, Clarendon Press, 2.ed., v.7, 1998, p. 881.
  • Squid: Optimizing Web Delivery, squid.cache.org, 1 page, Aug. 25, 2009.
  • Stewart, John N., Working with Proxy Servers, Mar. 1997, pp. 19-22, WebServer Magazine.
  • Stuart Elliot, The Media Business: Advertising—Addenda; Interactive Media Begins Samplenet, 1 page, The New York Times, Jul. 17, 1995.
  • T-Mobile HotSpot, http://hotspot.t-mobile.com/servicesabout.htm, viewed Jan. 5, 2009.
  • The ChoiceNet™ Administrator's Guide, Livingston Enterprises, 88 pages, Jan. 1997.
  • Trendy, article on second page with picture of Japan Telecom ODN Web Card, 2 pages, May 1998, Japan (in Japanese).
  • Various authors, www.aquid.cache.org; 4 pages.
  • Videotaped Deposition of Koichiro Ikudome, Mar. 4, 2010, pp. 1, 238 and 239.
  • Welsh, Implementing Loadable Kernal Modules for Linux, Dr. Dobb's Software Tools for the Professional Programmer, May 1995 (accessed at http://www.ddj.com); 9 pages.
  • Wessels, D., Squid Proxy Server Configuration File 1.932.2 TAG denyinfo; Mar. 1997, 19 pages, available at <http://www.squid-cache.org/mail-archive/squid-users/199703/att-0250/squid.conf>; (visited Feb. 1, 2005).
  • Windows History: Windows Desktop Timeline, Jun. 30, 2003; available at http://www.microsoft.com/windows/WinHistoryProGraphic.mspx on Jan. 21, 2010, Microsoft, pp. 1-2.
Patent History
Patent number: RE46459
Type: Grant
Filed: Apr 20, 2015
Date of Patent: Jun 27, 2017
Assignee: LINKSMART WIRELESS TECHNOLOGY, LLC (Pasadena, CA)
Inventors: Koichiro Ikudome (Lomita, CA), Moon Tai Yeung (Monrovia, CA)
Primary Examiner: Jalatee Worjloh
Application Number: 14/691,246
Classifications
Current U.S. Class: 395/187.01
International Classification: H04L 29/06 (20060101);