CA2401717A1 - Secure network resource access system - Google Patents
Secure network resource access system Download PDFInfo
- Publication number
- CA2401717A1 CA2401717A1 CA002401717A CA2401717A CA2401717A1 CA 2401717 A1 CA2401717 A1 CA 2401717A1 CA 002401717 A CA002401717 A CA 002401717A CA 2401717 A CA2401717 A CA 2401717A CA 2401717 A1 CA2401717 A1 CA 2401717A1
- Authority
- CA
- Canada
- Prior art keywords
- network
- network resource
- application data
- polling
- proxy server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/28—Restricting access to network management systems or functions, e.g. using authorisation function to access network configuration
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic control in data switching networks
- H04L47/10—Flow control; Congestion control
- H04L47/15—Flow control; Congestion control in relation to multipoint traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic control in data switching networks
- H04L47/70—Admission control; Resource allocation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic control in data switching networks
- H04L47/70—Admission control; Resource allocation
- H04L47/78—Architectures of resource allocation
- H04L47/781—Centralised allocation of resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic control in data switching networks
- H04L47/70—Admission control; Resource allocation
- H04L47/80—Actions related to the user profile or the type of traffic
- H04L47/808—User-type aware
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0245—Filtering by information in the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0281—Proxies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/51—Discovery or management thereof, e.g. service location protocol [SLP] or web services
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/30—Definitions, standards or architectural aspects of layered protocol stacks
- H04L69/32—Architecture of open systems interconnection [OSI] 7-layer type protocol stacks, e.g. the interfaces between the data link level and the physical level
- H04L69/322—Intralayer communication protocols among peer entities or protocol data unit [PDU] definitions
- H04L69/329—Intralayer communication protocols among peer entities or protocol data unit [PDU] definitions in the application layer [OSI layer 7]
Abstract
A secure network resource access system facilitates network access by network terminals to network resources located behind an enterprise firewall, and comprises a proxy server and a polling server. The proxy server is located logically outside the enterprise firewall for receiving application data from the network terminals. The polling server is located logically behind the enterprise firewall, and is configured to poll the proxy server to initiate transmission of the received application data from the proxy server to the polling server, to receive application data and associated network resource data from the proxy server in response to the poll, and to direct the application data to one of the network resources in accordance with the associated network resource data.
Claims (4)
1. A secure network resource access system for facilitating network access by network terminals to network resources located behind an enterprise firewall, the secure network resource access system comprising:
a proxy server located logically outside the enterprise firewall for receiving application data from the network terminals; and a polling server located logically behind the enterprise firewall, the polling server being configured fox polling the proxy server to initiate transmission of the received application data from the proxy server to the polling server.
a proxy server located logically outside the enterprise firewall for receiving application data from the network terminals; and a polling server located logically behind the enterprise firewall, the polling server being configured fox polling the proxy server to initiate transmission of the received application data from the proxy server to the polling server.
2. The secure network resource access system according to claim 1, wherein each said network resource includes an alias name, and the application data includes the alias name of one of the network resources, and the polling server is configured to direct the application data to the one network resource in accordance with alias name.
3. A method for facilitating secure network access by network terminals to network resources located behind an enterprise firewall, the method comprising the steps of:
polling a proxy server located logically outside the enterprise firewall for requests for communication with the network resources;
receiving application data and associated network resource data from the proxy server in response to the polling step; and directing the application data to one of the network resources in accordance with the associated network resource data.
polling a proxy server located logically outside the enterprise firewall for requests for communication with the network resources;
receiving application data and associated network resource data from the proxy server in response to the polling step; and directing the application data to one of the network resources in accordance with the associated network resource data.
4. The method according to claim 3, wherein each said network resource includes an alias name, and the network resource data includes the alias name of the one network resource.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CA2401717A CA2401717C (en) | 2000-03-01 | 2001-03-01 | Secure network resource access system |
Applications Claiming Priority (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CA2299824A CA2299824C (en) | 2000-03-01 | 2000-03-01 | Network resource control system |
CA2,299,824 | 2000-03-01 | ||
CA2401717A CA2401717C (en) | 2000-03-01 | 2001-03-01 | Secure network resource access system |
PCT/CA2001/000235 WO2001065768A2 (en) | 2000-03-01 | 2001-03-01 | Secure network resource access system |
Publications (2)
Publication Number | Publication Date |
---|---|
CA2401717A1 true CA2401717A1 (en) | 2001-09-07 |
CA2401717C CA2401717C (en) | 2010-09-28 |
Family
ID=25681583
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CA2401717A Expired - Lifetime CA2401717C (en) | 2000-03-01 | 2001-03-01 | Secure network resource access system |
Country Status (1)
Country | Link |
---|---|
CA (1) | CA2401717C (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
GB2410401A (en) * | 2004-01-21 | 2005-07-27 | Mobotel Solutions Ltd | A communication apparatus and method |
CN113711568A (en) * | 2019-04-23 | 2021-11-26 | 微软技术许可有限责任公司 | Generated audio signals authorizing access to a resource |
US11949677B2 (en) | 2019-04-23 | 2024-04-02 | Microsoft Technology Licensing, Llc | Resource access based on audio signal |
-
2001
- 2001-03-01 CA CA2401717A patent/CA2401717C/en not_active Expired - Lifetime
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
GB2410401A (en) * | 2004-01-21 | 2005-07-27 | Mobotel Solutions Ltd | A communication apparatus and method |
CN113711568A (en) * | 2019-04-23 | 2021-11-26 | 微软技术许可有限责任公司 | Generated audio signals authorizing access to a resource |
CN113711568B (en) * | 2019-04-23 | 2023-08-11 | 微软技术许可有限责任公司 | The generated audio signal grants access to the resource |
US11949677B2 (en) | 2019-04-23 | 2024-04-02 | Microsoft Technology Licensing, Llc | Resource access based on audio signal |
Also Published As
Publication number | Publication date |
---|---|
CA2401717C (en) | 2010-09-28 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2001065768A3 (en) | Secure network resource access system | |
US7769871B2 (en) | Technique for sending bi-directional messages through uni-directional systems | |
EP1859597B1 (en) | Method for communication between an application and a client | |
US7289792B1 (en) | Method for transmitting multimedia messages and a multimedia message communication system | |
US8190773B2 (en) | System and method for accessing a web server on a device with a dynamic IP-address residing behind a firewall | |
US20080177829A1 (en) | Data Communications Through A Split Connection Proxy | |
WO2000044183A3 (en) | Automatic invocation of mobile ip registration in a wireless communication network | |
CA2264866A1 (en) | Network access methods, including direct wireless to internet access | |
CA2403625A1 (en) | Method and apparatus for coordinating a change in service provider between a client and a server | |
CN104429037A (en) | Method, device, and system for connecting to communication device | |
CA2377505A1 (en) | Communication methods and apparatus | |
US20060056379A1 (en) | System and method for network-assisted connection in a wireless environment | |
US6401123B1 (en) | Systems, methods and computer program products for employing presumptive negotiation in a data communications protocol | |
EP1223517A4 (en) | Data transmission system and sale managing system | |
WO2003105419A2 (en) | Managing a communication device via gprs and a gsm connection | |
CA2401717A1 (en) | Secure network resource access system | |
CN109981725A (en) | A kind of communication means across security domain, server and readable storage medium storing program for executing | |
CA2401738A1 (en) | Network resource communication system | |
WO2001078302A3 (en) | Method for improving performance in computer networks based on lossy channels | |
CN100395986C (en) | Network management system and method | |
JP3296354B2 (en) | Data communication method, client, server, and recording medium recording communication program | |
EP1236328B1 (en) | Procedure and system for determining the accessibility of a data file in a distributed system | |
CN117319515A (en) | Edge computing gateway service protocol conversion method and system | |
TWI222805B (en) | Outgoing polling communication method of network system containing firewall | |
Huang et al. | An Internet Based Communication Server for Remote Control |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
EEER | Examination request | ||
MKEX | Expiry |
Effective date: 20210301 |