EP2027691A1 - Wireless networking communication - Google Patents

Wireless networking communication

Info

Publication number
EP2027691A1
EP2027691A1 EP07733235A EP07733235A EP2027691A1 EP 2027691 A1 EP2027691 A1 EP 2027691A1 EP 07733235 A EP07733235 A EP 07733235A EP 07733235 A EP07733235 A EP 07733235A EP 2027691 A1 EP2027691 A1 EP 2027691A1
Authority
EP
European Patent Office
Prior art keywords
server
user
client device
client
operable
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP07733235A
Other languages
German (de)
French (fr)
Inventor
Malcom Cartledge
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Data Motion Ltd
Original Assignee
DATA MOTION Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by DATA MOTION Ltd filed Critical DATA MOTION Ltd
Publication of EP2027691A1 publication Critical patent/EP2027691A1/en
Withdrawn legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/08Protocols specially adapted for terminal emulation, e.g. Telnet
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/131Protocols for games, networked simulations or virtual reality
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services
    • H04L67/567Integrating service provisioning from a plurality of service providers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0281Proxies
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities

Definitions

  • the invention relates to apparatus and method suitable for use in network computing. More particularly, but not exclusively, it relates to aspects of server-centric computing.
  • Server-centric computing is a centralised approach to computing in which applications and data hosted on a central server are offered to a user by means of a client device. This concept has evolved with the advent of applications such as Virtual Network Computing (VNC), in which the server provides an entire desktop environment to the client user.
  • VNC Virtual Network Computing
  • VNC Virtual Network Computing
  • VNC implements a Remote FrameBuffer (RFB) protocol, a display protocol that allows the server to remotely update the framebuffer displayed on a client device.
  • RFB Remote FrameBuffer
  • User input actions at the client such as keystrokes and mouse movements, are simply transmitted as a corresponding signal to the server where they are processed.
  • VNC protocol operates at the framebuffer level, it is versatile across a range of operating systems and applications. These may include Unix, Windows from Microsoft, Inc., Redmond, WA and the Macintosh OS from Apple, Inc. of Cupertino, CA, but might also include Personal Digital Assistants (PDAs), and indeed any device with some form of communications link.
  • PDAs Personal Digital Assistants
  • the protocol will operate over any reliable transport such as TCP/IP, thus providing excellent mobility for the client device user.
  • client devices Since the client device does not process applications locally, but merely displays to the user applications that are being managed by the server, display protocols make very few demands of the client. In this way, client devices can run on the widest range of hardware and the task of implementing a client device is made as simple as possible. Such client devices may therefore be stateless (no local storage) and may not be required to know how to interpret and display objects much more complex than menus and plain text. Such client devices are often referred to as "thin clients.”
  • RDP Remote Display Protocol
  • ICA Independent Computing Architecture
  • VNC Virtual Private Network
  • SSL Secure Sockets Layer
  • Digital certificates or preshared keys can be used to authenticate client devices.
  • Thin-client/server systems are well known in the art.
  • US Patent 6941382 discloses a thin client device operable to communicate wirelessly with a remote host computer, which may also be a Web server.
  • the host computer generates bit map or raster images of a virtual desktop, which may also be a virtual Web browser and which is hosted on the host computer, and transmits these images to the thin client for the user of the client to view.
  • Client user input commands are simply transmitted from the client to the host computer where they are subsequently executed. Updated virtual desktop images are transmitted to the client in return.
  • this system does not disclose a configurable server offering a wide variety of applications to client device users.
  • a server operable to offer resources to a client device
  • the server comprising: client negotiation means for establishing a communications link between said server and a client device; user input action signal receiving means for receiving a signal indicative of a user input action at said client device; user session management means operable to establish and operate a user session in response to receipt of a user input action signal indicative of a user request therefor, said user session management means being operable to request application facilities as required; facility hosting means operable to host an instance of an application or a proxy thereof, and operable thereby to provide an application facility to said user session management means in response to a request therefor; wherein said user session management means further comprises: display rendering means operable to render data defining a display output to be displayed at a cooperating client device; and display data transmitting means for transmitting, to said client device, on said communications link, display data for direct representation at said client device as a user output.
  • a server operable to offer resources to a client device
  • the server comprising: client negotiation means for establishing a secure communications link between said server and a client device; user input action signal receiving means for receiving a signal indicative of a user input action at said client device; user session management means operable to establish and operate a user session in response to receipt of a user input action signal indicative of a user request therefor and in accordance with client device user authentication, said user session management means being operable to request application facilities as required; facility hosting means operable to host a proxy of an application, and operable thereby to provide an application facility to said user session management means in response to a request therefor; host negotiation means for establishing a communications link between said server and a host of an instance of said application; wherein said user session management means further comprises: display rendering means operable to render data defining a display output to be displayed at a cooperating client device; and display data transmitting means for transmitting, to said client device, on said secure communications link, display data for direct representation at said
  • a server operable to offer resources to a plurality of client devices, wherein one or more client devices and/or one or more client device users define respective groups
  • the server comprising: client negotiation means for establishing a respective secure communications link between said server and a plurality of client devices; user input action signal receiving means for receiving a respective signal indicative of a user input action at said plurality of client devices; host negotiation means for establishing a communications link between said server and a host of an instance of an application; for each defined group, user session management means operable to establish and operate a user session in response to receipt of a user input action signal indicative of a user request therefor and in accordance with client device authentication and/or client device user authentication, said user session management means being operable to request application facilities as required, and facility hosting means operable to host a proxy of said application, and operable thereby to provide an application facility to said user session management means in response to a request therefor; wherein the or each user session management means further comprises: display rendering means operable to render data
  • a server operable to offer resources to a client device
  • the server comprising: client negotiation means for establishing a secure communications link between said server and a client device; user input action signal receiving means for receiving a signal indicative of a user input action at said client device; user session management means operable to establish and operate a user session in response to receipt of a user input action signal indicative of a user request therefor and in accordance with client device user authentication, said user session management means being operable to request application facilities as required; facility hosting means operable to host a browser application or another application, and operable thereby to provide an application facility to said user session management means in response to a request therefor; wherein said user session management means further comprises: display rendering means operable to render data defining a display output to be displayed at a cooperating client device; and display data transmitting means for transmitting, to said client device, on said secure communications link, display data for direct representation at said client device as a user output.
  • a server operable to offer resources to a client device
  • the server comprises a router in a local area network
  • the server further comprising: client negotiation means for establishing a communications link between said server and a client device; user input action signal receiving means for receiving a signal indicative of a user input action at said client device; user session management means operable to establish and operate a user session in response to receipt of a user input action signal indicative of a user request therefor and in accordance with client device authentication, said user session management means being operable to request application facilities as required; facility hosting means operable to host a browser application, and operable thereby to provide an application facility to said user session management means in response to a request therefor; wherein said user session management means further comprises: display rendering means operable to render data defining a display output to be displayed at a cooperating client device; and display data transmitting means for transmitting, to said client device, on said communications link, display data for direct representation at said client device as a user output.
  • Another aspect of the invention provides a method of offering services to a client in a client/server network, the method comprising: establishing a communications link between a client device and a server; and at the server: establishing a user session in response to receipt of a signal indicative of a user request therefor, and during a current user session: receiving a user input action signal indicative of a user input action at said client; executing, by an instance of an application or a proxy thereof hosted on the server, said user input action, said application or proxy having been requested by a user session management means as required; rendering data indicative of said executed action and defining a display output to be displayed at a cooperating device; and transmitting, to said client device, on said communications link, display data for direct representation at said client device as a user output.
  • Another aspect of the invention provides a method of offering services to a client in a client/server network, the method comprising: establishing a secure communications link between a client device and a server; and at the server: establishing a user session in response to receipt of a signal indicative of a user request therefor and in accordance with client device user authentication, and during a current user session: receiving a user input action signal indicative of a user input action at said client; executing, by a proxy of an application, said user input action, said proxy being hosted on the server and having been requested by a user session management means as required; rendering data indicative of said executed action and defining a display output to be displayed at a cooperating device; and transmitting, to said client device, on said secure communications link, display data for direct representation at said client device as a user output; wherein said step of executing comprises the step of: establishing a communications link between said server and a host of an instance of said application.
  • Another aspect of the invention provides a method of offering services to a plurality of client devices in a client/server network, wherein one or more client devices and/or one or more client device users define respective groups, and wherein the server comprises a user session management means and a facility hosting means for each defined group, the method comprising: establishing a respective secure communications link between said server and a plurality of client devices; and at the server for each communicating device: establishing a user session in response to receipt of a signal indicative of a user request therefor and in accordance with client device authentication and/or client device user authentication, and during a current user session: receiving a user input action signal indicative of a user input action at said client; executing, by a proxy of an application, said user input action, said proxy being hosted on the server and having been requested by a user session management means as required; rendering data indicative of said executed action and defining a display output to be displayed at a cooperating device; and transmitting, to said client device, on said secure communications link, display data for direct representation at said client device
  • Another aspect of the invention provides a method of offering services to a client in a client/server network, the method comprising: establishing a secure communications link between a client device and a server; and at the server: establishing a user session in response to receipt of a signal indicative of a user request therefor and in accordance with client device user authentication, and, during a current user session: receiving a user input action signal indicative of a user input action at said client; executing, by a browser application or another application, said user input action, said application being hosted on the server and having been requested by a user session management means as required; rendering data indicative of said executed action and defining a display output to be displayed at a cooperating device; and transmitting, to said client device, on said secure communications link, display data for direct representation at said client device as a user output.
  • Another aspect of the invention provides a method of offering services to a client in a local area network, wherein the server comprises a router, the method comprising: establishing a communications link between a client device and a server; and at the server: establishing a user session in response to receipt of a signal indicative of a user request therefor and in accordance with client device user authentication, and, during a current user session: receiving a user input action signal indicative of a user input action at said client; executing, by a browser application, said user input action, said application being hosted on the server and having been requested by a user session management means as required; rendering data indicative of said executed action and defining a display output to be displayed at a cooperating device; and transmitting, to said client device, on said communications link, display data for direct representation at said client device as a user output.
  • a resource offering system comprising: a server operable to offer a resource to a client device, the server comprising: client negotiation means for establishing a communications link between said server and a client device; user input action signal receiving means for receiving a signal indicative of a user input action at said client device; user session management means operable to establish and operate a user session in response to receipt of a user input action signal indicative of a user request therefor, said user session management means being operable to request application facilities as required; facility hosting means operable to host an instance of an application or a proxy thereof, and operable thereby to provide an application facility to said user session management means in response to a request therefor; wherein said user session management means further comprises: display rendering means operable to render data defining a display output to be displayed at a cooperating client device; and display data transmitting means for transmitting, to said client device, on said communications link, display data for direct representation at said client device as a user output; and a client operable to request resources from
  • a resource offering system comprising a server and one or more client devices configured as described above or a resource offering system operable to implement a method as described above.
  • a general purpose computer is configured by computer executable instructions to operate as a server as described above.
  • the computer executable instructions can be introduced as a computer program product, storing information defining such computer executable instructions.
  • the product can comprise a storage medium, such as an optical or magnetic disk, or a signal, such as an internet based download.
  • a method of offering a service to a user of client device comprising: establishing a communications link between a client device and a server; and at the server: establishing a user session in response to receipt of a signal indicative of a user request therefor, and during a current user session: receiving a user input action signal indicative of a user input action at said client; executing, by an instance of an application or a proxy thereof hosted on the server, said user input action, said application or proxy having been requested by a user session management means as required; rendering data indicative of said executed action and defining a display output to be displayed at a cooperating device; and transmitting, to said client device, on said communications link, display data for direct representation at said client device as a user output.
  • FIG. 1 illustrates schematically a server in accordance with an embodiment of the invention
  • Figure 2 illustrates a method of offering services to a client device in a client/server system by means of the server illustrated in figure 1;
  • Figure 3 illustrates a sub-routine of the method illustrated in figure 2;
  • Figure 4 illustrates a client/server system including a server in accordance with a second embodiment of the invention, together with a client device suitable for use therewith;
  • Figure 5 illustrates a client/server system including a server in accordance with a third embodiment of the invention, together with a client device suitable for use therewith
  • Figure 6 illustrates a client/server system including a server in accordance with a fourth embodiment of the invention, together with a client device suitable for use therewith;
  • Figure 7 illustrates a client/server system including a server in accordance with a fifth embodiment of the invention, together with a client device suitable for use therewith;
  • Figure 8 illustrates a client/server system including a server in accordance with a sixth embodiment of the invention, together with a client device suitable for use therewith;
  • FIG. 1 A simplified server 10 is depicted, comprising a processor 12 operable to execute machine code instructions stored in a user session management means 14 and/or retrievable from a mass storage device 16.
  • client device communications unit 20 is in communication with the processor 12.
  • the communications unit 20 is capable of establishing a communications link with a client device via a separate communications module (not shown), such as a wireless network adaptor, which is located externally to the server 10.
  • the communications unit 20 is operable to transmit data passed thereto on the bus 18 to the external communications module for subsequent transmission in accordance with a communications protocol previously established for use by a system in which the server 10 is appropriate for use.
  • a single TCP port of client device communications unit 20 acts as receiver and dispatcher of data, thereby defining a single point of entry.
  • firewall 22 which may be a software program or hardware, may be readily implemented to increase server 10 security.
  • the user session management means 14 has the task of establishing and operating user sessions 24 at the behest of a user of a client device, which may entail requesting applications 26 hosted at the facility hosting means 28.
  • the server 10 is also able to accept login's from different users on a single TCP port and then direct the client access to a specific session 24 based on the login. This eliminates the need to assign each user a unique TCP port, which would have to be known in advance. The benefit is that this allows all users to connect on the same invariant TCP port and automatically be connected to the correct session based on the login details they give.
  • User session management means further comprises rendering means 30 for rendering image data representative of a user session 24, and compression means 32 for compressing the image data prior to transmission to a client device via communications unit 20.
  • server 10 of the present invention is configured to render and compress data in accordance with a VNC protocol, it will be understood that alternate remote display protocols could be utilised.
  • Each user session may utilise a single application 26 or multiple applications 26, depending on client device user requirements, and each application 26 may comprise an instance of an application or a proxy thereof.
  • Required data may be requested from a further server or host by user session management means 14 by means of network communications unit 34, which incorporates a firewall 35 that, in combination with firewall 22, provides the server 10 with a high level of security.
  • the user session management means 14 is further operable to record any output generated during a user session, which may be stored in mass storage 16. This data may subsequently be requested by a further user session.
  • the user session management means 14 is operable to offer the retrieved data in such a manner that periods where there are few or no changes to the screen picture may be skipped at a higher rate than periods where there are a significant amount of changes to the screen picture.
  • This ability to fast forward generated data at variable rates allows accurate review of long periods of recordings to be performed both rapidly and with greater accuracy. Further benefits of such a playback mechanism include enhanced security, technical support and error assessment, training and presentation.
  • the function of the server 10 will now be described in further detail in accordance with figure 2.
  • This method as illustrated commences with step S 1-2, the establishment of a Communications link between a client device and the server.
  • This step includes the process of authenticating a client device against the server to determine that they have previously been 'paired' to work together, thereby ensuring the integrity of data and applications held at the server.
  • the server makes use of a VPN client device authentication list to authenticate a client device to the server.
  • the manner in which a communications link is achieved is by means of a wireless communications protocol including, but not limited to, Wi-Fi, Wi-Max, G3 or GPRS.
  • the link may also be effected over land-based channels using a communications protocol such as ADSL, or over a local area network (LAN).
  • LAN local area network
  • the client/server system will preferably operate over the lowest latency link.
  • a client device user session is established in response to a client device user request therefor.
  • a single user session is typically associated with a single client device user (but not necessarily a single client device), and is accessed on the basis of authentication data provided by the client device user.
  • Client device user authentication is used to re-connect the user to their previous session and any associated applications, thereby facilitating persistent sessions for each user independent of the particular client device that is actually being used. More preferably, authentication data is also encrypted in order to deter misuse by third parties.
  • a finite quantity of user authentication data may be held at the client device. More specifically, and by way of example only, the client device stores the last three used user authentication data, wherein the authentication data may take the form of alphanumeric user names and passwords and/or client device user biometric data.
  • the remote display protocol comprises a VNC protocol, which can remotely update the framebuffer displayed on a client device, as discussed earlier.
  • the display data may comprise an updated screen image of the application or virtual desktop indicative of the executed action, or just a portion of the screen image.
  • Reducing network traffic is achieved by means of a data compression technique implemented in step S 1-12 and may be carried out by the VNC protocol, though it will be understood that alternative data compression techniques known in the art may also be implemented.
  • the compressed data is transmitted over the established client/server communications link to the client device in step S 1-14, whereupon it is decompressed and displayed to the client device user.
  • FIG. 3 provides a flow diagram of a sub-routine of step S 1-8.
  • the execute action routine starts with step S2-2, wherein a decision is made as to whether an application, or proxy thereof, operable to execute the action indicative of the user input action signal is hosted at the server. If this is not the case, the server will establish a communications link with a further server or host computer offering the application, as indicated by step S2-4. Nevertheless, all data traffic is routed through the server, thereby increasing security and strengthening data management control.
  • step S2-2 will be obviated if the client device is operable only to request a predetermined application facility hosted at the server.
  • the user session management means determines, in step S2-6, whether the required application is running and, if not, the application is started, as indicated by step S2-8. Subsequently, in step S2-10, it is determined whether the requested action relates to terminating the application. If so, then this action is performed in step S2-12.
  • FIG. 4 schematically illustrates a client/server system 310 in accordance with one embodiment of the present invention.
  • the system 310 comprises clients 312 and server 10, the server 10 being in communication with one or more communications networks 319, 320 (e.g. the Internet, the Web, other wide area networks, local area networks and so on) that may comprise one or more hosts 316, 317.
  • communications networks 319, 320 e.g. the Internet, the Web, other wide area networks, local area networks and so on
  • hosts 316, 317 may comprise one or more hosts 316, 317.
  • a client 312 comprises at least a user operable input device 322 and a client device output 324.
  • output 324 comprises a display unit, such as a LCD (liquid crystal display) or LED (light emitting diode) screen, and is operable to display output data received from the server 10.
  • a user operable input device 322 may include a keyboard, a mouse or other pointing device such as a touchpad, a contact sensitive surface on a display unit of the device, a writing tablet, speech recognition means, haptic input means, or any other means by which a use input action can be interpreted and converted into data signals. It may be integrally formed with client device output 324, comiected by means of a cable or other physical connection, or entirely detached. In the latter case, communication between input 322 and any other portion of the client device may be accomplished by means of a short range wireless connectivity link 326, such as Bluetooth.
  • a short range wireless connectivity link 326 such as Bluetooth.
  • client 312 establishes a communications link 328 with server 10, which, although being operable to function as a server in accordance with figure 1, is only depicted with user sessions 24, applications 26 and firewalls 22, 35 for the sake of clarity.
  • one application 26 may comprise a web browser.
  • browser based resource facilities on private network 319 or the web 320 become available to the client device 312.
  • operation system specific applications 26 may be hosted at the server 10.
  • these applications may be added or removed as required.
  • a direct communications link between the server 10 and an appropriate host 316, 317 of communications network 319 may be established.
  • the hosts 317 of system 510 comprise only personal computers, which do not necessarily form a communications network.
  • the communications links 420, 520 shown in figure 4 and 5, respectively, are each but one server-host link arrangement.
  • hosts 316 may comprise servers and/or personal computers running a variety of operating systems such as Microsoft Windows, Linux and the like. Personal computers may be accessed with the use of a remote display protocol.
  • the server 10 comprises a personal computer operable to offer applications to a client device 312.
  • each client device 312 is shown to communicate with a single server 10, though the system is not limited thereto.
  • the server 10 of system 710 (figure 7) comprises an Internet router, wherein application 26 may comprise a web browser.
  • This type of system is ideally suited for a home network, wherein the communications network 328 comprises a wired or wireless home LAN network.
  • the server 10 is deployed on the Internet as an application service provider (ASP) 810, and the client devices 312 connect via the Internet to that service.
  • ASP application service provider
  • the client device 312 connects to the server 10 via a secure method such that unauthorised clients will be denied access.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer And Data Communications (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

A server operable to offer resources to a client device is provided. The server comprises client negotiation means for establishing a communications link between the server and a client device, user input action signal receiving means for receiving a signal indicative of a user input action at the client device, and user session management means operable to establish and operate a user session in response to receipt of a user input action signal indicative of a user request therefor. The user session management means is further operable to request application facilities as required and comprises display rendering means operable to render data defining a display output to be displayed at a cooperating client device, and display data transmitting means for transmitting, to the client device, on the communications link, display data for direct representation at the client device as a user output. Also provided is a facility hosting means operable to host an instance of an application or a proxy thereof, and operable thereby to provide an application facility to the user session management means in response to a request therefor.

Description

Wireless Networking Communication
The invention relates to apparatus and method suitable for use in network computing. More particularly, but not exclusively, it relates to aspects of server-centric computing.
Server-centric computing is a centralised approach to computing in which applications and data hosted on a central server are offered to a user by means of a client device. This concept has evolved with the advent of applications such as Virtual Network Computing (VNC), in which the server provides an entire desktop environment to the client user.
"Virtual Network Computing", (T. Richardson, Q. Stafford-Fraser, K. R. Wood & A. Hopper, IEEE Internet Computing, Vol.2, No.l, Jan/Feb 1998 pp. 33-38) provides an overview of the VNC architecture.
In essence, VNC implements a Remote FrameBuffer (RFB) protocol, a display protocol that allows the server to remotely update the framebuffer displayed on a client device. User input actions at the client, such as keystrokes and mouse movements, are simply transmitted as a corresponding signal to the server where they are processed.
As the VNC protocol operates at the framebuffer level, it is versatile across a range of operating systems and applications. These may include Unix, Windows from Microsoft, Inc., Redmond, WA and the Macintosh OS from Apple, Inc. of Cupertino, CA, but might also include Personal Digital Assistants (PDAs), and indeed any device with some form of communications link. The protocol will operate over any reliable transport such as TCP/IP, thus providing excellent mobility for the client device user.
Since the client device does not process applications locally, but merely displays to the user applications that are being managed by the server, display protocols make very few demands of the client. In this way, client devices can run on the widest range of hardware and the task of implementing a client device is made as simple as possible. Such client devices may therefore be stateless (no local storage) and may not be required to know how to interpret and display objects much more complex than menus and plain text. Such client devices are often referred to as "thin clients."
Because thin-client/server architectures centralise resources at the server, more efficient resource control and management is provided. Updates, adjustments and new resources may be offered to users without the need to configure individual client devices. Furthermore, security and reliability are greatly enhanced since 'permissions' to add and adjust applications may not extend to client device users and are restricted to server administrators.
Alternative exemplary thin client protocols include the Remote Display Protocol (RDP) from Microsoft, Inc., Redmond, WA and the Independent Computing Architecture (ICA) from Citrix Systems, Inc., Ft. Lauderdale, FL. However, these protocols are available only on Microsoft-based platforms.
Although the VNC protocol does not provide encryption of data traffic, a secure data transport channel can be attained by means of a Virtual Private Network (VPN) or Secure Sockets Layer (SSL), for example. Digital certificates or preshared keys can be used to authenticate client devices.
Thin-client/server systems are well known in the art. US Patent 6941382, for example, discloses a thin client device operable to communicate wirelessly with a remote host computer, which may also be a Web server. The host computer generates bit map or raster images of a virtual desktop, which may also be a virtual Web browser and which is hosted on the host computer, and transmits these images to the thin client for the user of the client to view. Client user input commands are simply transmitted from the client to the host computer where they are subsequently executed. Updated virtual desktop images are transmitted to the client in return. However, this system does not disclose a configurable server offering a wide variety of applications to client device users. It is desirable to provide a thin-client/server system having a highly rationalised security model, which, by eliminating unnecessary complexity, provides security and maintainability, as well as providing simpler, more rapid deployment to users of the system. Additionally, it is desirable that the system allows simultaneous access from each client device to multiple operating systems and multiple applications, the system further providing precise management through a single point of control of the applications and data that a user has access to, independent of the actual client device the user is using at any point in time.
Therefore, according to the invention, there is provided a server operable to offer resources to a client device, the server comprising: client negotiation means for establishing a communications link between said server and a client device; user input action signal receiving means for receiving a signal indicative of a user input action at said client device; user session management means operable to establish and operate a user session in response to receipt of a user input action signal indicative of a user request therefor, said user session management means being operable to request application facilities as required; facility hosting means operable to host an instance of an application or a proxy thereof, and operable thereby to provide an application facility to said user session management means in response to a request therefor; wherein said user session management means further comprises: display rendering means operable to render data defining a display output to be displayed at a cooperating client device; and display data transmitting means for transmitting, to said client device, on said communications link, display data for direct representation at said client device as a user output.
In another aspect of the invention there is provided a server operable to offer resources to a client device, the server comprising: client negotiation means for establishing a secure communications link between said server and a client device; user input action signal receiving means for receiving a signal indicative of a user input action at said client device; user session management means operable to establish and operate a user session in response to receipt of a user input action signal indicative of a user request therefor and in accordance with client device user authentication, said user session management means being operable to request application facilities as required; facility hosting means operable to host a proxy of an application, and operable thereby to provide an application facility to said user session management means in response to a request therefor; host negotiation means for establishing a communications link between said server and a host of an instance of said application; wherein said user session management means further comprises: display rendering means operable to render data defining a display output to be displayed at a cooperating client device; and display data transmitting means for transmitting, to said client device, on said secure communications link, display data for direct representation at said client device as a user output.
In another aspect of the invention there is provided a server operable to offer resources to a plurality of client devices, wherein one or more client devices and/or one or more client device users define respective groups, the server comprising: client negotiation means for establishing a respective secure communications link between said server and a plurality of client devices; user input action signal receiving means for receiving a respective signal indicative of a user input action at said plurality of client devices; host negotiation means for establishing a communications link between said server and a host of an instance of an application; for each defined group, user session management means operable to establish and operate a user session in response to receipt of a user input action signal indicative of a user request therefor and in accordance with client device authentication and/or client device user authentication, said user session management means being operable to request application facilities as required, and facility hosting means operable to host a proxy of said application, and operable thereby to provide an application facility to said user session management means in response to a request therefor; wherein the or each user session management means further comprises: display rendering means operable to render data defining a display output to be displayed at a cooperating client device; and display data transmitting means for transmitting, to said client devices, on said respective secure communications link, respective display data for direct representation at said client devices as user output.
In another aspect of the invention there is provided a server operable to offer resources to a client device, the server comprising: client negotiation means for establishing a secure communications link between said server and a client device; user input action signal receiving means for receiving a signal indicative of a user input action at said client device; user session management means operable to establish and operate a user session in response to receipt of a user input action signal indicative of a user request therefor and in accordance with client device user authentication, said user session management means being operable to request application facilities as required; facility hosting means operable to host a browser application or another application, and operable thereby to provide an application facility to said user session management means in response to a request therefor; wherein said user session management means further comprises: display rendering means operable to render data defining a display output to be displayed at a cooperating client device; and display data transmitting means for transmitting, to said client device, on said secure communications link, display data for direct representation at said client device as a user output.
In another aspect of the invention there is provided a server operable to offer resources to a client device, wherein the server comprises a router in a local area network, the server further comprising: client negotiation means for establishing a communications link between said server and a client device; user input action signal receiving means for receiving a signal indicative of a user input action at said client device; user session management means operable to establish and operate a user session in response to receipt of a user input action signal indicative of a user request therefor and in accordance with client device authentication, said user session management means being operable to request application facilities as required; facility hosting means operable to host a browser application, and operable thereby to provide an application facility to said user session management means in response to a request therefor; wherein said user session management means further comprises: display rendering means operable to render data defining a display output to be displayed at a cooperating client device; and display data transmitting means for transmitting, to said client device, on said communications link, display data for direct representation at said client device as a user output.
Another aspect of the invention provides a method of offering services to a client in a client/server network, the method comprising: establishing a communications link between a client device and a server; and at the server: establishing a user session in response to receipt of a signal indicative of a user request therefor, and during a current user session: receiving a user input action signal indicative of a user input action at said client; executing, by an instance of an application or a proxy thereof hosted on the server, said user input action, said application or proxy having been requested by a user session management means as required; rendering data indicative of said executed action and defining a display output to be displayed at a cooperating device; and transmitting, to said client device, on said communications link, display data for direct representation at said client device as a user output.
Another aspect of the invention provides a method of offering services to a client in a client/server network, the method comprising: establishing a secure communications link between a client device and a server; and at the server: establishing a user session in response to receipt of a signal indicative of a user request therefor and in accordance with client device user authentication, and during a current user session: receiving a user input action signal indicative of a user input action at said client; executing, by a proxy of an application, said user input action, said proxy being hosted on the server and having been requested by a user session management means as required; rendering data indicative of said executed action and defining a display output to be displayed at a cooperating device; and transmitting, to said client device, on said secure communications link, display data for direct representation at said client device as a user output; wherein said step of executing comprises the step of: establishing a communications link between said server and a host of an instance of said application.
Another aspect of the invention provides a method of offering services to a plurality of client devices in a client/server network, wherein one or more client devices and/or one or more client device users define respective groups, and wherein the server comprises a user session management means and a facility hosting means for each defined group, the method comprising: establishing a respective secure communications link between said server and a plurality of client devices; and at the server for each communicating device: establishing a user session in response to receipt of a signal indicative of a user request therefor and in accordance with client device authentication and/or client device user authentication, and during a current user session: receiving a user input action signal indicative of a user input action at said client; executing, by a proxy of an application, said user input action, said proxy being hosted on the server and having been requested by a user session management means as required; rendering data indicative of said executed action and defining a display output to be displayed at a cooperating device; and transmitting, to said client device, on said secure communications link, display data for direct representation at said client device as a user output; wherein said step of executing comprises the step of: establishing a communications link between said server and a host of an instance of said application.
Another aspect of the invention provides a method of offering services to a client in a client/server network, the method comprising: establishing a secure communications link between a client device and a server; and at the server: establishing a user session in response to receipt of a signal indicative of a user request therefor and in accordance with client device user authentication, and, during a current user session: receiving a user input action signal indicative of a user input action at said client; executing, by a browser application or another application, said user input action, said application being hosted on the server and having been requested by a user session management means as required; rendering data indicative of said executed action and defining a display output to be displayed at a cooperating device; and transmitting, to said client device, on said secure communications link, display data for direct representation at said client device as a user output.
Another aspect of the invention provides a method of offering services to a client in a local area network, wherein the server comprises a router, the method comprising: establishing a communications link between a client device and a server; and at the server: establishing a user session in response to receipt of a signal indicative of a user request therefor and in accordance with client device user authentication, and, during a current user session: receiving a user input action signal indicative of a user input action at said client; executing, by a browser application, said user input action, said application being hosted on the server and having been requested by a user session management means as required; rendering data indicative of said executed action and defining a display output to be displayed at a cooperating device; and transmitting, to said client device, on said communications link, display data for direct representation at said client device as a user output. In another aspect of the invention there is provided a resource offering system, the system comprising: a server operable to offer a resource to a client device, the server comprising: client negotiation means for establishing a communications link between said server and a client device; user input action signal receiving means for receiving a signal indicative of a user input action at said client device; user session management means operable to establish and operate a user session in response to receipt of a user input action signal indicative of a user request therefor, said user session management means being operable to request application facilities as required; facility hosting means operable to host an instance of an application or a proxy thereof, and operable thereby to provide an application facility to said user session management means in response to a request therefor; wherein said user session management means further comprises: display rendering means operable to render data defining a display output to be displayed at a cooperating client device; and display data transmitting means for transmitting, to said client device, on said communications link, display data for direct representation at said client device as a user output; and a client operable to request resources from a server, the client comprising: server negotiation means for establishing a communications link between said client and the server; user input action receiving means for receiving a user input action; user input action signal transmitting means for transmitting, to said server, on said communications link, a signal indicative of said user input action; user output data receiving means for receiving, from said server in response to a received signal, said display data; user output representation means for direct representation of said display data as a user output; wherein said user input action signal receiving means further comprises a single server port.
In another aspect of the invention there is provided a resource offering system comprising a server and one or more client devices configured as described above or a resource offering system operable to implement a method as described above.
In yet another aspect of the invention, a general purpose computer is configured by computer executable instructions to operate as a server as described above. The computer executable instructions can be introduced as a computer program product, storing information defining such computer executable instructions. The product can comprise a storage medium, such as an optical or magnetic disk, or a signal, such as an internet based download.
In yet another aspect of the invention there is provided a method of offering a service to a user of client device, the method comprising: establishing a communications link between a client device and a server; and at the server: establishing a user session in response to receipt of a signal indicative of a user request therefor, and during a current user session: receiving a user input action signal indicative of a user input action at said client; executing, by an instance of an application or a proxy thereof hosted on the server, said user input action, said application or proxy having been requested by a user session management means as required; rendering data indicative of said executed action and defining a display output to be displayed at a cooperating device; and transmitting, to said client device, on said communications link, display data for direct representation at said client device as a user output.
Further preferred features of these aspects of the invention will now be set forth by the following description of specific embodiments of the invention, provided by way of example only, with reference to the accompanying drawings in which:
Figure 1 illustrates schematically a server in accordance with an embodiment of the invention;
Figure 2 illustrates a method of offering services to a client device in a client/server system by means of the server illustrated in figure 1;
Figure 3 illustrates a sub-routine of the method illustrated in figure 2;
Figure 4 illustrates a client/server system including a server in accordance with a second embodiment of the invention, together with a client device suitable for use therewith;
Figure 5 illustrates a client/server system including a server in accordance with a third embodiment of the invention, together with a client device suitable for use therewith; Figure 6 illustrates a client/server system including a server in accordance with a fourth embodiment of the invention, together with a client device suitable for use therewith;
Figure 7 illustrates a client/server system including a server in accordance with a fifth embodiment of the invention, together with a client device suitable for use therewith;
Figure 8 illustrates a client/server system including a server in accordance with a sixth embodiment of the invention, together with a client device suitable for use therewith;
With reference to the drawings, a first embodiment of the invention is illustrated- in figure 1. A simplified server 10 is depicted, comprising a processor 12 operable to execute machine code instructions stored in a user session management means 14 and/or retrievable from a mass storage device 16.
By means of a general-purpose bus 18, client device communications unit 20 is in communication with the processor 12. The communications unit 20 is capable of establishing a communications link with a client device via a separate communications module (not shown), such as a wireless network adaptor, which is located externally to the server 10. The communications unit 20 is operable to transmit data passed thereto on the bus 18 to the external communications module for subsequent transmission in accordance with a communications protocol previously established for use by a system in which the server 10 is appropriate for use.
In the server 10 of figure 1, a single TCP port of client device communications unit 20 acts as receiver and dispatcher of data, thereby defining a single point of entry. By utilising just a single server port, firewall 22, which may be a software program or hardware, may be readily implemented to increase server 10 security.
The user session management means 14 has the task of establishing and operating user sessions 24 at the behest of a user of a client device, which may entail requesting applications 26 hosted at the facility hosting means 28. The server 10 is also able to accept login's from different users on a single TCP port and then direct the client access to a specific session 24 based on the login. This eliminates the need to assign each user a unique TCP port, which would have to be known in advance. The benefit is that this allows all users to connect on the same invariant TCP port and automatically be connected to the correct session based on the login details they give.
User session management means further comprises rendering means 30 for rendering image data representative of a user session 24, and compression means 32 for compressing the image data prior to transmission to a client device via communications unit 20.
While the server 10 of the present invention is configured to render and compress data in accordance with a VNC protocol, it will be understood that alternate remote display protocols could be utilised.
Each user session may utilise a single application 26 or multiple applications 26, depending on client device user requirements, and each application 26 may comprise an instance of an application or a proxy thereof.
Required data may be requested from a further server or host by user session management means 14 by means of network communications unit 34, which incorporates a firewall 35 that, in combination with firewall 22, provides the server 10 with a high level of security.
The user session management means 14 is further operable to record any output generated during a user session, which may be stored in mass storage 16. This data may subsequently be requested by a further user session. Preferably, the user session management means 14 is operable to offer the retrieved data in such a manner that periods where there are few or no changes to the screen picture may be skipped at a higher rate than periods where there are a significant amount of changes to the screen picture. This ability to fast forward generated data at variable rates allows accurate review of long periods of recordings to be performed both rapidly and with greater accuracy. Further benefits of such a playback mechanism include enhanced security, technical support and error assessment, training and presentation. The function of the server 10 will now be described in further detail in accordance with figure 2. This method as illustrated commences with step S 1-2, the establishment of a Communications link between a client device and the server. This step includes the process of authenticating a client device against the server to determine that they have previously been 'paired' to work together, thereby ensuring the integrity of data and applications held at the server.
In a preferred embodiment of the server of the present invention operable in accordance with this method, the server makes use of a VPN client device authentication list to authenticate a client device to the server.
Preferably, the manner in which a communications link is achieved is by means of a wireless communications protocol including, but not limited to, Wi-Fi, Wi-Max, G3 or GPRS. However, the link may also be effected over land-based channels using a communications protocol such as ADSL, or over a local area network (LAN). Furthermore, given more than one communications protocol, the client/server system will preferably operate over the lowest latency link.
In step S 1-4, a client device user session is established in response to a client device user request therefor. A single user session is typically associated with a single client device user (but not necessarily a single client device), and is accessed on the basis of authentication data provided by the client device user. Client device user authentication is used to re-connect the user to their previous session and any associated applications, thereby facilitating persistent sessions for each user independent of the particular client device that is actually being used. More preferably, authentication data is also encrypted in order to deter misuse by third parties.
In a preferred embodiment of the client device of the present invention operable in accordance with this method, a finite quantity of user authentication data may be held at the client device. More specifically, and by way of example only, the client device stores the last three used user authentication data, wherein the authentication data may take the form of alphanumeric user names and passwords and/or client device user biometric data. Once a user session has been established, and for each action corresponding to the user input action signal received at the server during a current session, as indicated by step S 1-6, the server executes the action (step S 1-8). Once the action has been executed, the process continues in step Sl-IO, wherein display data indicative of the executed action is generated in accordance with a remote display protocol.
In a preferred aspect of the present invention, the remote display protocol comprises a VNC protocol, which can remotely update the framebuffer displayed on a client device, as discussed earlier. The display data may comprise an updated screen image of the application or virtual desktop indicative of the executed action, or just a portion of the screen image.
Reducing network traffic is achieved by means of a data compression technique implemented in step S 1-12 and may be carried out by the VNC protocol, though it will be understood that alternative data compression techniques known in the art may also be implemented.
Finally, the compressed data is transmitted over the established client/server communications link to the client device in step S 1-14, whereupon it is decompressed and displayed to the client device user.
Figure 3 provides a flow diagram of a sub-routine of step S 1-8. The execute action routine starts with step S2-2, wherein a decision is made as to whether an application, or proxy thereof, operable to execute the action indicative of the user input action signal is hosted at the server. If this is not the case, the server will establish a communications link with a further server or host computer offering the application, as indicated by step S2-4. Nevertheless, all data traffic is routed through the server, thereby increasing security and strengthening data management control.
It will be understood by the skilled reader that step S2-2 will be obviated if the client device is operable only to request a predetermined application facility hosted at the server. Next, the user session management means determines, in step S2-6, whether the required application is running and, if not, the application is started, as indicated by step S2-8. Subsequently, in step S2-10, it is determined whether the requested action relates to terminating the application. If so, then this action is performed in step S2-12.
Figure 4 schematically illustrates a client/server system 310 in accordance with one embodiment of the present invention. The system 310 comprises clients 312 and server 10, the server 10 being in communication with one or more communications networks 319, 320 (e.g. the Internet, the Web, other wide area networks, local area networks and so on) that may comprise one or more hosts 316, 317.
A client 312 comprises at least a user operable input device 322 and a client device output 324. In the described embodiment, output 324 comprises a display unit, such as a LCD (liquid crystal display) or LED (light emitting diode) screen, and is operable to display output data received from the server 10.
A user operable input device 322 may include a keyboard, a mouse or other pointing device such as a touchpad, a contact sensitive surface on a display unit of the device, a writing tablet, speech recognition means, haptic input means, or any other means by which a use input action can be interpreted and converted into data signals. It may be integrally formed with client device output 324, comiected by means of a cable or other physical connection, or entirely detached. In the latter case, communication between input 322 and any other portion of the client device may be accomplished by means of a short range wireless connectivity link 326, such as Bluetooth.
In operation, client 312 establishes a communications link 328 with server 10, which, although being operable to function as a server in accordance with figure 1, is only depicted with user sessions 24, applications 26 and firewalls 22, 35 for the sake of clarity.
In this particular embodiment of the system, suitable for use as a major private or public LAN and/or WAN for example, one application 26 may comprise a web browser. In this way, browser based resource facilities on private network 319 or the web 320 become available to the client device 312. Alternatively, operation system specific applications 26 may be hosted at the server 10. Advantageously, these applications may be added or removed as required. Thus, a direct communications link between the server 10 and an appropriate host 316, 317 of communications network 319 may be established.
Further configurations of the client/server system will now be described with reference to figures 5 to 8 for the assistance of the reader in understanding the scope of the invention. Where system components have substantially the same function as those illustrated in figure 4, they are given the same reference numbers.
In figure 5, for example, the hosts 317 of system 510 comprise only personal computers, which do not necessarily form a communications network. It will be understood that the communications links 420, 520 shown in figure 4 and 5, respectively, are each but one server-host link arrangement. It will be further understood that since the VNC protocol is not limited to one particular operating system, hosts 316 may comprise servers and/or personal computers running a variety of operating systems such as Microsoft Windows, Linux and the like. Personal computers may be accessed with the use of a remote display protocol.
Meanwhile, in the system 610 shown in figure 6, the server 10 comprises a personal computer operable to offer applications to a client device 312. In this particular schematic, each client device 312 is shown to communicate with a single server 10, though the system is not limited thereto. In contrast, the server 10 of system 710 (figure 7) comprises an Internet router, wherein application 26 may comprise a web browser. This type of system is ideally suited for a home network, wherein the communications network 328 comprises a wired or wireless home LAN network. Finally, in figure 8, the server 10 is deployed on the Internet as an application service provider (ASP) 810, and the client devices 312 connect via the Internet to that service. In the latter implementation in particular, the client device 312 connects to the server 10 via a secure method such that unauthorised clients will be denied access. The reader will appreciate that the foregoing are but several example implementations of the present invention, and that further aspects, features, variations and advantages may arise from using the invention in different embodiments. The scope of the protection is intended to be provided by the claims appended hereto, which are to be interpreted in the light of the description with reference to the drawings and not to be limited thereto.

Claims

CLAIMS:
1. A server operable to offer resources to a client device, the server comprising: client negotiation means for establishing a communications link between said server and a client device; user input action signal receiving means for receiving a signal indicative of a user input action at said client device; user session management means operable to establish and operate a user session in response to receipt of a user input action signal indicative of a user request therefor, said user session management means being operable to request application facilities as required; facility hosting means operable to host an instance of an application or a proxy thereof, and operable thereby to provide an application facility to said user session management means in response to a request therefor; wherein said user session management means further comprises: display rendering means operable to render data defining a display output to be displayed at a cooperating client device; and display data transmitting means for transmitting, to said client device, on said communications link, display data for direct representation at said client device as a user output.
2. A server operable to offer resources to a client device, the server comprising: client negotiation means for establishing a secure communications link between said server and a client device; user input action signal receiving means for receiving a signal indicative of a user input action at said client device; user session management means operable to establish and operate a user session in response to receipt of a user input action signal indicative of a user request therefor and in accordance with client device user authentication, said user session management means being operable to request application facilities as required; facility hosting means operable to host a proxy of an application, and operable thereby to provide an application facility to said user session management means in response to a request therefor; host negotiation means for establishing a communications link between said server and a host of an instance of said application; wherein said user session management means further comprises: display rendering means operable to render data defining a display output to be displayed at a cooperating client device; and display data transmitting means for transmitting, to said client device, on said secure communications link, display data for direct representation at said client device as a user output.
3. A server operable to offer resources to a plurality of client devices, wherein one or more client devices and/or one or more client device users define respective groups, the server comprising: client negotiation means for establishing a respective secure communications link between said server and a plurality of client devices; user input action signal receiving means for receiving a respective signal indicative of a user input action at said plurality of client devices; host negotiation means for establishing a communications link between said server and a host of an instance of an application; for each defined group, user session management means operable to establish and operate a user session in response to receipt of a user input action signal indicative of a user request therefor and in accordance with client device authentication and/or client device user authentication, said user session management means being operable to request application facilities as required, and facility hosting means operable to host a proxy of said application, and operable thereby to provide an application facility to said user session management means in response to a request therefor; wherein the or each user session management means further comprises: display rendering means operable to render data defining a display output to be displayed at a cooperating client device; and display data transmitting means for transmitting, to said client devices, on said respective secure communications link, respective display data for direct representation at said client devices as user output.
4. A server operable to offer resources to a client device, the server comprising: client negotiation means for establishing a secure communications link between said server and a client device; user input action signal receiving means for receiving a signal indicative of a user input action at said client device; user session management means operable to establish and operate a user session in response to receipt of a user input action signal indicative of a user request therefor and in accordance with client device user authentication, said user session management means being operable to request application facilities as required; facility hosting means operable to host a browser application or another application, and operable thereby to provide an application facility to said user session management means in response to a request therefor; wherein said user session management means further comprises: display rendering means operable to render data defining a display output to be displayed at a cooperating client device; and display data transmitting means for transmitting, to said client device, on said secure communications link, display data for direct representation at said client device as a user output.
5. A server operable to offer resources to a client device, wherein the server comprises a router in a local area network, the server further comprising: client negotiation means for establishing a communications link between said server and a client device; user input action signal receiving means for receiving a signal indicative of a user input action at said client device; user session management means operable to establish and operate a user session in response to receipt of a user input action signal indicative of a user request therefor and in accordance with client device authentication, said user session management means being operable to request application facilities as required; facility hosting means operable to host a browser application, and operable thereby to provide an application facility to said user session management means in response to a request therefor; wherein said user session management means further comprises: display rendering means operable to render data defining a display output to be displayed at a cooperating client device; and display data transmitting means for transmitting, to said client device, on said communications link, display data for direct representation at said client device as a user output.
6. A server in accordance with any preceding claim wherein said host of an instance of an application is associated with a group.
7. A sever in accordance with claim 3 wherein each user session management means and host facility means is privately managed by one or more users of a user group.
8. A server in accordance with any preceding claim wherein said client negotiation means is further operable to authenticate a client device to the server.
9. A server in accordance with any preceding claim wherein said communications link comprises a wireless communications link.
10. A server in accordance with any preceding claim wherein said user input action signal receiving means further comprises a single server port.
11. A server in accordance with any preceding claim wherein the user session management means is further operable to establish the authenticity of a user of a client device.
12. A server in accordance with claim 11 wherein the authenticity of said user is established on the basis of biometric data of said user.
13. A server in accordance with any preceding claim and employing a remote access protocol to provide remote access to the server from a client.
14. A server in accordance with claim 13 wherein the remote access protocol comprises a VNC protocol.
15. A server in accordance with any preceding claim and employing a private communications network to secure data transmission between a client device and a server.
16. A server in accordance with claim 15 wherein the private communications network comprises VPN.
17. A server in accordance with any preceding claim and further comprising data compression means operable to compress said display data prior to transmission to a client device.
18. A method of offering services to a client in a client/server network, the method comprising: establishing a communications link between a client device and a server; and at the server: establishing a user session in response to receipt of a signal indicative of a user request therefor, and during a current user session: receiving a user input action signal indicative of a user input action at said client; executing, by an instance of an application or a proxy thereof hosted on the server, said user input action, said application or proxy having been requested by a user session management means as required; rendering data indicative of said executed action and defining a display output to be displayed at a cooperating device; and transmitting, to said client device, on said communications link, display data for direct representation at said client device as a user output.
19. A method of offering services to a client in a client/server network, the method comprising: establishing a secure communications link between a client device and a server; and at the server: establishing a user session in response to receipt of a signal indicative of a user request therefor and in accordance with client device user authentication, and during a current user session: receiving a user input action signal indicative of a user input action at said client; executing, by a proxy of an application, said user input action, said proxy being hosted on the server and having been requested by a user session management means as required; rendering data indicative of said executed action and defining a display output to be displayed at a cooperating device; and transmitting, to said client device, on said secure communications link, display data for direct representation at said client device as a user output; wherein said step of executing comprises the step of: establishing a communications link between said server and a host of an instance of said application.
20. A method of offering services to a plurality of client devices in a client/server network, wherein one or more client devices and/or one or more client device users define respective groups, and wherein the server comprises a user session management means and a facility hosting means for each defined group, the method comprising: establishing a respective secure communications link between said server and a plurality of client devices; and at the server for each communicating device: establishing a user session in response to receipt of a signal indicative of a user request therefor and in accordance with client device authentication and/or client device user authentication, and during a current user session: receiving a user input action signal indicative of a user input action at said client; executing, by a proxy of an application, said user input action, said proxy being hosted on the server and having been requested by a user session management means as required; rendering data indicative of said executed action and defining a display output to be displayed at a cooperating device; and transmitting, to said client device, on said secure communications link, display data for direct representation at said client device as a user output; wherein said step of executing comprises the step of: establishing a communications link between said server and a host of an instance of said application.
21. A method of offering services to a client in a client/server network, the method comprising: establishing a secure communications link between a client device and a server; and at the server: establishing a user session in response to receipt of a signal indicative of a user request therefor and in accordance with client device user authentication, and, during a current user session: receiving a user input action signal indicative of a user input action at said client; executing, by a browser application or another application, said user input action, said application being hosted on the server and having been requested by a user session management means as required; rendering data indicative of said executed action and defining a display output to be displayed at a cooperating device; and transmitting, to said client device, on said secure communications link, display data for direct representation at said client device as a user output.
22. A method of offering services to a client in a local area network, wherein the server comprises a router, the method comprising: establishing a communications link between a client device and a server; and at the server: establishing a user session in response to receipt of a signal indicative of a user request therefor and in accordance with client device user authentication, and, during a current user session: receiving a user input action signal indicative of a user input action at said client; executing, by a browser application, said user input action, said application being hosted on the server and having been requested by a user session management means as required; rendering data indicative of said executed action and defining a display output to be displayed at a cooperating device; and transmitting, to said client device, on said communications link, display data for direct representation at said client device as a user output.
23. A method in accordance with any one of claims 18 to 22, wherein the host of an instance of an application is associated with a group.
24. A method in accordance with any one of claims 18 to 23 and further including the step of authenticating a client device to the server.
25. A method in accordance with any one of claims 18 to 24 wherein the communications link is established over a wireless communications link.
26. A method in accordance with any one of claims 18 to 25 wherein client device user input action signals are received at the server at a single server port and display data is transmitted to the client device from said server port.
27. A method in accordance with any one of claims 18 to 26 wherein the step of establishing a user session further comprises the step of establishing the authenticity of a user of a client device.
28. A method in accordance with any one of claims 18 to 27 wherein the step of establishing a user session comprises the steps of retrieving a stored user session on the basis of authentication data of a user of a client device.
29. A method in accordance with claim 18 wherein the step of executing the user input action includes the steps of determining whether an appropriate application operable to execute the action is available at the server and, if not, transmitting the user input action signal to a further host.
30. A method in accordance with claim 27 wherein the authenticity of said user is established on the basis of said user biometric data.
31. A method in accordance with any one of claims 18 to 30 and employing a remote access protocol to provide remote access to the server from a client.
32. A method in accordance with claim 31 wherein the remote access protocol comprises a VNC protocol.
33. A method in accordance with any one of claims 18 to 32 and employing a private communications network to secure data transmission between a client and a server.
34. A method in accordance with claim 33 wherein the private communications network comprises VPN.
35. A method in accordance with any one of claims 18 to 34 and further including the step of compressing said display data prior to transmission to a client device.
36. A computer program product comprising computer executable instructions operable to configure said computer as a server in accordance with any of claims 1 to 17.
37. A computer program product in accordance with claim 36, comprising a storage medium storing information defining the computer executable instructions.
38. A resource offering system, the system comprising: a server operable to offer a resource to a client device, the server comprising: client negotiation means for establishing a communications link between said server and a client device; user input action signal receiving means for receiving a signal indicative of a user input action at said client device; user session management means operable to establish and operate a user session in response to receipt of a user input action signal indicative of a user request therefor, said user session management means being operable to request application facilities as required; facility hosting means operable to host an instance of an application or a proxy thereof, and operable thereby to provide an application facility to said user session management means in response to a request therefor; wherein said user session management means further comprises: display rendering means operable to render data defining a display output to be displayed at a cooperating client device; and display data transmitting means for transmitting, to said client device, on said communications link, display data for direct representation at said client device as a user output; and a client operable to request resources from a server, the client comprising: server negotiation means for establishing a communications link between said client and the server; user input action receiving means for receiving a user input action; user input action signal transmitting means for transmitting, to said server, on said communications link, a signal indicative of said user input action; user output data receiving means for receiving, from said server in response to a received signal, said display data; user output representation means for direct representation of said display data as a user output; wherein said user input action signal receiving means further comprises a single server port.
39. A resource offering system comprising a server and one or more client devices according to any one of claims 1 to 17 or a resource offering system operable in accordance with the method of any one of claims 18 to 35.
40. A system in accordance with claim 38 or 39 wherein said client negotiation means is further operable to authenticate a client device to the server.
41. A system in accordance with any one of claims 38 and 40 wherein said communications link comprises a wireless communications link.
42. A system in accordance with any one of claims 38 to 41 wherein said server user input action receiving means further comprises a single server port.
43. A system in accordance with any one of claims 38 to 42 wherein said user session management means is further operable to establish the authenticity of a user of client device.
44. A system in accordance with claim 43 wherein the authenticity of said user is established on the basis of said user biometric data.
45. A system in accordance with any one of claims 38 to 44 and employing a remote access protocol to provide remote access to the server from a client.
46. A system in accordance with claim 45 wherein the remote access protocol comprises a VNC protocol.
47. A system in accordance with any one of claims 38 to 46 and employing a private communications network to secure data transmission between a client device and the server.
48. A system in accordance with claim 46 wherein the private communications network comprises VPN.
49. A system in accordance with any one of claims 38 to 48 wherein the server further comprises data compression means operable to compress said display data prior to transmission to a client device.
50. A system in accordance with any one of claims 38 to 49 wherein the client device further comprises data decompression means operable to decompress said received display data.
EP07733235A 2006-06-15 2007-06-15 Wireless networking communication Withdrawn EP2027691A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
GBGB0611911.9A GB0611911D0 (en) 2006-06-15 2006-06-15 Wireless networking communication
PCT/GB2007/002231 WO2007144638A1 (en) 2006-06-15 2007-06-15 Wireless networking communication

Publications (1)

Publication Number Publication Date
EP2027691A1 true EP2027691A1 (en) 2009-02-25

Family

ID=36775734

Family Applications (1)

Application Number Title Priority Date Filing Date
EP07733235A Withdrawn EP2027691A1 (en) 2006-06-15 2007-06-15 Wireless networking communication

Country Status (3)

Country Link
EP (1) EP2027691A1 (en)
GB (1) GB0611911D0 (en)
WO (1) WO2007144638A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3719962A1 (en) 2019-04-01 2020-10-07 LIM-Tech Limited Electromotive machine

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102008027096A1 (en) * 2008-06-06 2009-12-10 Fraunhofer-Gesellschaft zur Förderung der angewandten Forschung e.V. Portable user interface with access to a host computer

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6650747B1 (en) * 1997-09-18 2003-11-18 At&T Corp. Control of merchant application by system monitor in virtual contact center
US6999912B2 (en) * 2001-03-13 2006-02-14 Microsoft Corporation Provisioning computing services via an on-line networked computing environment
US7246174B2 (en) * 2003-10-28 2007-07-17 Nacon Consulting, Llc Method and system for accessing and managing virtual machines

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See references of WO2007144638A1 *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3719962A1 (en) 2019-04-01 2020-10-07 LIM-Tech Limited Electromotive machine

Also Published As

Publication number Publication date
WO2007144638A1 (en) 2007-12-21
GB0611911D0 (en) 2006-07-26

Similar Documents

Publication Publication Date Title
CN107534672B (en) Method, equipment and system for promoting network client to provide network service
CN106716404B (en) Proxy server in computer subnet
US11140162B2 (en) Response method and system in virtual network computing authentication, and proxy server
KR100998515B1 (en) Methods for distributed program execution with file-type association in a client-server network
CN105378659B (en) Client device is set to be able to access that the method and system of remote desktop
US8341732B2 (en) Methods and systems for selecting a method for execution, by a virtual machine, of an application program
JP5521736B2 (en) COMMUNICATION CONTROL DEVICE, COMMUNICATION CONTROL PROGRAM, AND COMMUNICATION CONTROL SYSTEM
EP2375328A2 (en) Methods and Systems for Providing Access to a Computing Environment
GB2349488A (en) Determining program availability in a client-server network
US11470160B2 (en) Managing remote support
CN112165480B (en) Information acquisition method and device and electronic equipment
CN102047633A (en) System amd method for application level access to virtual server environments
US10459743B2 (en) Network isolation in virtual desktop infrastructure
WO2015175006A1 (en) Navigation of virtual desktop content on client devices based on movement of these client devices
US20130036206A1 (en) Method and apparatus for extending remote network visibility of the push functionality
WO2007100942A2 (en) Methods and systems for providing access to a computing environment provided by a virtual machine executing in a hypervisor executing in a terminal services session
CN113924551A (en) Method and system for accessing remotely stored files using virtual applications
US11729334B2 (en) Communication system, device, and recording medium for remote access to electronic device through relaying device and converter
CN113170517B (en) Short message service linking for active feed communications
US11489817B2 (en) Computing system with gateway data transfer based upon device data flow characteristics and related methods
US10819695B2 (en) Electronic device including local identity provider server for single sign on and related methods
EP2027691A1 (en) Wireless networking communication
WO2021206832A1 (en) Remoting user credential information to a remote browser
US10949184B2 (en) Method and system of application deployment on a mobile communication device
CN113906390A (en) Method and system for accessing remotely stored files using virtual applications

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20080303

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LI LT LU LV MC MT NL PL PT RO SE SI SK TR

AX Request for extension of the european patent

Extension state: AL BA HR MK RS

17Q First examination report despatched

Effective date: 20090610

RAP1 Party data changed (applicant data changed or rights of an application transferred)

Owner name: DATA MOTION LIMITED

DAX Request for extension of the european patent (deleted)
STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20130103