CA2401717A1 - Secure network resource access system - Google Patents

Secure network resource access system Download PDF

Info

Publication number
CA2401717A1
CA2401717A1 CA002401717A CA2401717A CA2401717A1 CA 2401717 A1 CA2401717 A1 CA 2401717A1 CA 002401717 A CA002401717 A CA 002401717A CA 2401717 A CA2401717 A CA 2401717A CA 2401717 A1 CA2401717 A1 CA 2401717A1
Authority
CA
Canada
Prior art keywords
network
network resource
application data
polling
proxy server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CA002401717A
Other languages
French (fr)
Other versions
CA2401717C (en
Inventor
Steven Spicer
Christopher Martin
Steven Coutts
Larry Kuhl
Brian Hollander
Patrick Pidduck
Philip Von Hatten
Tim Lehan
Mark Onischke
Clayton Grassick
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
PrinterOn Inc
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from CA2299824A external-priority patent/CA2299824C/en
Application filed by Individual filed Critical Individual
Priority to CA2401717A priority Critical patent/CA2401717C/en
Publication of CA2401717A1 publication Critical patent/CA2401717A1/en
Application granted granted Critical
Publication of CA2401717C publication Critical patent/CA2401717C/en
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/28Restricting access to network management systems or functions, e.g. using authorisation function to access network configuration
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control
    • H04L47/15Flow control; Congestion control in relation to multipoint traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/70Admission control; Resource allocation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/70Admission control; Resource allocation
    • H04L47/78Architectures of resource allocation
    • H04L47/781Centralised allocation of resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/70Admission control; Resource allocation
    • H04L47/80Actions related to the user profile or the type of traffic
    • H04L47/808User-type aware
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0245Filtering by information in the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0281Proxies
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/51Discovery or management thereof, e.g. service location protocol [SLP] or web services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/30Definitions, standards or architectural aspects of layered protocol stacks
    • H04L69/32Architecture of open systems interconnection [OSI] 7-layer type protocol stacks, e.g. the interfaces between the data link level and the physical level
    • H04L69/322Intralayer communication protocols among peer entities or protocol data unit [PDU] definitions
    • H04L69/329Intralayer communication protocols among peer entities or protocol data unit [PDU] definitions in the application layer [OSI layer 7]

Abstract

A secure network resource access system facilitates network access by network terminals to network resources located behind an enterprise firewall, and comprises a proxy server and a polling server. The proxy server is located logically outside the enterprise firewall for receiving application data from the network terminals. The polling server is located logically behind the enterprise firewall, and is configured to poll the proxy server to initiate transmission of the received application data from the proxy server to the polling server, to receive application data and associated network resource data from the proxy server in response to the poll, and to direct the application data to one of the network resources in accordance with the associated network resource data.

Claims (4)

1. A secure network resource access system for facilitating network access by network terminals to network resources located behind an enterprise firewall, the secure network resource access system comprising:

a proxy server located logically outside the enterprise firewall for receiving application data from the network terminals; and a polling server located logically behind the enterprise firewall, the polling server being configured fox polling the proxy server to initiate transmission of the received application data from the proxy server to the polling server.
2. The secure network resource access system according to claim 1, wherein each said network resource includes an alias name, and the application data includes the alias name of one of the network resources, and the polling server is configured to direct the application data to the one network resource in accordance with alias name.
3. A method for facilitating secure network access by network terminals to network resources located behind an enterprise firewall, the method comprising the steps of:

polling a proxy server located logically outside the enterprise firewall for requests for communication with the network resources;

receiving application data and associated network resource data from the proxy server in response to the polling step; and directing the application data to one of the network resources in accordance with the associated network resource data.
4. The method according to claim 3, wherein each said network resource includes an alias name, and the network resource data includes the alias name of the one network resource.
CA2401717A 2000-03-01 2001-03-01 Secure network resource access system Expired - Lifetime CA2401717C (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CA2401717A CA2401717C (en) 2000-03-01 2001-03-01 Secure network resource access system

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
CA2299824A CA2299824C (en) 2000-03-01 2000-03-01 Network resource control system
CA2,299,824 2000-03-01
CA2401717A CA2401717C (en) 2000-03-01 2001-03-01 Secure network resource access system
PCT/CA2001/000235 WO2001065768A2 (en) 2000-03-01 2001-03-01 Secure network resource access system

Publications (2)

Publication Number Publication Date
CA2401717A1 true CA2401717A1 (en) 2001-09-07
CA2401717C CA2401717C (en) 2010-09-28

Family

ID=25681583

Family Applications (1)

Application Number Title Priority Date Filing Date
CA2401717A Expired - Lifetime CA2401717C (en) 2000-03-01 2001-03-01 Secure network resource access system

Country Status (1)

Country Link
CA (1) CA2401717C (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2410401A (en) * 2004-01-21 2005-07-27 Mobotel Solutions Ltd A communication apparatus and method
CN113711568A (en) * 2019-04-23 2021-11-26 微软技术许可有限责任公司 Generated audio signals authorizing access to a resource
US11949677B2 (en) 2019-04-23 2024-04-02 Microsoft Technology Licensing, Llc Resource access based on audio signal

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2410401A (en) * 2004-01-21 2005-07-27 Mobotel Solutions Ltd A communication apparatus and method
CN113711568A (en) * 2019-04-23 2021-11-26 微软技术许可有限责任公司 Generated audio signals authorizing access to a resource
CN113711568B (en) * 2019-04-23 2023-08-11 微软技术许可有限责任公司 The generated audio signal grants access to the resource
US11949677B2 (en) 2019-04-23 2024-04-02 Microsoft Technology Licensing, Llc Resource access based on audio signal

Also Published As

Publication number Publication date
CA2401717C (en) 2010-09-28

Similar Documents

Publication Publication Date Title
WO2001065768A3 (en) Secure network resource access system
US7769871B2 (en) Technique for sending bi-directional messages through uni-directional systems
EP1859597B1 (en) Method for communication between an application and a client
US7289792B1 (en) Method for transmitting multimedia messages and a multimedia message communication system
US8190773B2 (en) System and method for accessing a web server on a device with a dynamic IP-address residing behind a firewall
US20080177829A1 (en) Data Communications Through A Split Connection Proxy
WO2000044183A3 (en) Automatic invocation of mobile ip registration in a wireless communication network
CA2264866A1 (en) Network access methods, including direct wireless to internet access
CA2403625A1 (en) Method and apparatus for coordinating a change in service provider between a client and a server
CN104429037A (en) Method, device, and system for connecting to communication device
CA2377505A1 (en) Communication methods and apparatus
US20060056379A1 (en) System and method for network-assisted connection in a wireless environment
US6401123B1 (en) Systems, methods and computer program products for employing presumptive negotiation in a data communications protocol
EP1223517A4 (en) Data transmission system and sale managing system
WO2003105419A2 (en) Managing a communication device via gprs and a gsm connection
CA2401717A1 (en) Secure network resource access system
CN109981725A (en) A kind of communication means across security domain, server and readable storage medium storing program for executing
CA2401738A1 (en) Network resource communication system
WO2001078302A3 (en) Method for improving performance in computer networks based on lossy channels
CN100395986C (en) Network management system and method
JP3296354B2 (en) Data communication method, client, server, and recording medium recording communication program
EP1236328B1 (en) Procedure and system for determining the accessibility of a data file in a distributed system
CN117319515A (en) Edge computing gateway service protocol conversion method and system
TWI222805B (en) Outgoing polling communication method of network system containing firewall
Huang et al. An Internet Based Communication Server for Remote Control

Legal Events

Date Code Title Description
EEER Examination request
MKEX Expiry

Effective date: 20210301