EP2347367A1 - Platform for a computer network - Google Patents

Platform for a computer network

Info

Publication number
EP2347367A1
EP2347367A1 EP20090747895 EP09747895A EP2347367A1 EP 2347367 A1 EP2347367 A1 EP 2347367A1 EP 20090747895 EP20090747895 EP 20090747895 EP 09747895 A EP09747895 A EP 09747895A EP 2347367 A1 EP2347367 A1 EP 2347367A1
Authority
EP
Grant status
Application
Patent type
Prior art keywords
application
information
system
data
network
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
EP20090747895
Other languages
German (de)
French (fr)
Inventor
Vincent Garnier
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Garnier Vincent
Original Assignee
Vincent Garnier
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6272Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database by registering files or documents with a third party

Abstract

The invention relates to a platform (1) for a computer network for managing and sharing mostly unstructured data passing through said network, and having an infrastructure comprising an information system (2) comprising a database (14) and/or data servers (14) as well as terminals (4, 5) from which the users (6) generate, modify or consult data of the information system (2), characterised in that the information system (2) includes unique data to be shared and is insulated from the terminals (4, 5) of the users (6) by an application (3) that manages the accessibility to said information system (2) and/or the security of the unique data contained by the same by a physical break (12) of the network protocol (7) used for communication between the information system (2) and the terminals (4, 5) of the users (6).

Description

Platform computer network

The present invention provides a computer network platform infrastructure which includes an information system including servers and unstructured for most databases transiting through this network and terminals from which users create , modify or consult centralized data this information system. Each document information system is identified by its file name and passes in the network and is stored in the same information as data system. In computing, the data is a representation of information in a formalized manner to facilitate processing.

Currently, according to the Gartner Group, 85% of the information system of a company in general (industrial or commercial enterprise, but also administration, other public service, organization, etc ..) is in its unstructured data. there is found between any other e-mail, text files, audio or video. One problem lies in the fact that these data tend to double in volume every month, thus occupying most of the network and storage resources of a company. The same data can also be several different sources and then find duplicated in the company's information system more user workstations. This duplication introduced in turn the identification of the correct files and their security problems. Indeed, data replication goes against good of these security policy and increases the chances of interception across a network.

There are currently three major communication computer network models:

- Internet, international communication network between different generally remote entities such as computers, cameras, printers, servers, and using a communication protocol such language to communicate,

- intranet, internal network to a company that works on technological model of the Internet, and - the extranet area of ​​a restricted intranet but accessible from outside of the company provided they have a username and a password.

Today, to secure data traveling through the network according to one of these three models, the user is restricted in his job by assigning rights. The workstation or computer is mostly a terminal, that is to say a trunk end communication center which can exchange information with a central server. This restrictive model and the complexity and evolution of today's information systems makes it increasingly difficult securing data passing through one of these networks. Paradoxically, and even though some applications require more to be recognized by the operating system to be installed and operational, general computer security depends increasingly workstation and its system exploitation. Users even have increasingly technical keys to open access doors while they were often not aware of security and privacy issues arising from their actions. These include for example mobile applications that offer the opportunity for a third party to access discreetly in a private network without that it has been authorized, giving him a chance to access the database of the information system.

Furthermore, currently available tools such as proxies, firewalls or use of encryption technologies de theoretically designed to address these contingencies, which are supposed to effectively secure access to information system's data ' sharing between users, represent a significant investment cost in data security of a company or an individual without offering effective protection. Indeed, these tools do not provide a physical disruption of the communication protocol between the database and users. A firewall's main task is controlling traffic between different zones filtering confidence data streams passing through it, it works according to predetermined rules by the only network administrator.

A proxy in turn relays requests between a client and a server. Specifically, the user logs in using a username and a password, and then again according to rules determined in advance by the sole network administrator, the user passes or not a spark fire communications filter according to the port. Ports can be likened to doors associated with a service or a network application and providing access or not the operating system of the client machine in a client / server model, that is to say giving access to terminals or not users and at the same time the data they contain. Each port is assigned a number, this number is 16 bits, which explains that there is a maximum of 65,536 ports (2 16) per computer.

Security problems can then arise when certain programs "forget" to close these doors saying ( "ports"), or even just when poorly controlled computer configuration allows the opening of ports without any use. This gives rise to computer security flaws, because if a door is not closed, anyone can borrow and access the database of local information system. For example, a hacker typically uses a computer program that sends requests to a target computer by scanning all of its ports until you find a door allowing access to the local machine information system .

As for encryption technologies, they do qu'encoder information according to a predetermined algorithm, so just appropriate the algorithm to decode the information.

Note that even if the majority of people has not the required knowledge to perform this kind of illegal act, that same majority has not the skills to use it properly and effectively a firewall or proxy, the settings have become too complex. The evolution of the current security systems therefore did not follow the opening to "mainstream" of computing.

The present invention adopts a new vision of computer network instead of being based on the user's workstation by controlling his actions by the rights assignment is based on access to data gathered within of a central information system, which makes it much easier to protect. A single document is created by a user who deposits it into the centralized information system. It then assigns rights to use this document to other users. Can be introduced as such the concept of document publishing to define a provision of a document generated by a user. We distinguish two types of users as well - simple consulting published information

- the conthbuteurs who have a right of establishment and / or modification of such information.

Some commercial products have already tried this approach aggregation and provision of data include as such the products deposited under the trademark Microsoft ® SharePoint or IBM ® Lotus ® QuickR ™. However, the development of these solutions is more oriented data sharing within a limited network, often the company intranet, as a global sharing and data security. To illustrate this, suffice it to note that these solutions always depend on the workstation on which they are to be installed to operate and do not isolate a physical disruption of the communication protocol access to information system data the users. Moreover, the overall security policy on these platforms is often mimics the use of simple firewall, proxy, or encryption technologies.

The present invention aims to propose a solution overcomes these drawbacks without compromising quality of service.

To this end, the present invention essentially relates to a platform computer network for management and data sharing mostly unstructured passing through this network and the infrastructure of which includes an information system comprising a or more databases and / or data servers, and terminals from which users create, modify or reference the data of the information system, characterized in that the information system has unique data for be shared, and is isolated from user terminals by an application that manages access to the said information system and / or the securing of unique data it contains by physical disruption of the network protocol used for communication between the information system and user terminals.

The computer network platform centralizes unique data, especially unstructured data from a company that usually loom large on company servers by their scatters and duplications. It is meant by "unique data" data that have not been previously duplicated and which are present in the information system such as a single document. data security policy is here based on the data itself and not solely on their transfer through one or more computer networks. This platform computer network also provides secure and easy access to this data in isolation of a three-dimensional architecture formed by the three existing network models and reframe all the security around the data. To this end, one could describe the application of "dynamic proxy" because it does not have a preset security rules but has instead safety rules established in the application for each document in the information system. This results in a simplification of architectures through this intermediary between the Application database information system and user terminals wanting access.

In the following description, it is assumed that the communication network using the TCP / IP protocols, that is to say it is based on TCP for "Transmission Control Protocol" and Internet Protocol IP for "Internet Protocol". It is clear that the invention is not limited to particular types of communication protocols.

In one embodiment, the physical disruption of the network protocol is managed by the appl ication controlling two sub-applications independent and physically separated among them of all network connections, specifically one of said inner sub-applications (I) is in constant contact with the internal network of the information system and the other sub-application called external (E) is in constant contact with said external network to which are connected all of the user terminals. In one embodiment, the passing of data between the two sub-applications that is managed by the application uses rewriting technique on the fly or "parsing".

When the application takes information (E) for the drop in (I), the information becomes "dead" and not accessible outside of the app. Though, if a virus were to remain attached to the document, it would take the same state that the document "inactive".

Favorably, editing documents in the information system is independent of software or programs installed on user terminals. This provides independence of workstation software for greater user efficiency and notably allows users with different software on their workstations and whose formats are usually not compatible with one another, to work on the same document with a different file format on each of their machine. Again, the platform frees the contents of the user terminals workstation. Multiple users can work and thus modify a document published by a contributor without these users all have their workstation software used to create the document in a file format.

In one embodiment, user terminals are used only for their GUI and ability of calculation, only unique data is stored in the information system.

This centralization of data in the information system allows particular prevent the same document found on multiple workstations with different versions and dates without that we know who is really the right document. This provision is also entirely consistent with the desired level of safety on this type of platform.

It remains possible to extract a document information system through the application if specific rights in this action have been assigned to the user. However, for security reasons incumbent on the very principle of this platform, the extracted document can not be recovered to the database of the information system without authorization.

In another embodiment, the information system does not contain workstation.

Access to the information system database therefore is done only through the application, direct access is not possible.

Advantageously, the application is also the only way to directly access data stored in the unique information system. These unique data generate a single document.

The application is therefore the only one to manage the content of the information system.

In fact, it is as if the documents were locked in a vault containing a multitude of boxes, and whose access to the vault of the bank can be achieved by a guard that can be compared by analogy the application. The address of the bank and the key to one or more trunks lying in the vault is given by one user to another with which it wants to share documents. Key of different colors are used to differentiate the different rights that can claim a user. The director of the bank assimilated to the administrator of the application, give the access codes (username and password) of the bank's gateway to various users. Once inside, the guard (application) identifies each user: he asks them safe key of the vault to which they have a right to access, identifies the rights of the user based on the color of the key that is given to him, control (for antivirus) if necessary, the documents provided by a user for integrating a safe in the vault. This key can be sent to him on site in case of a rental safe by analogy to a space allocation in the information system. The guard (application) is the only one able to get into the vault (information system), it takes the key of the user and fetches the contents of the corresponding box that is in the vault. The guard (application) can only open the coffers or (files) that the client has the key (rights), and only those. The guard (application) then returns the contents of the boxes (files) to the user. Next the color key that was given him, the guardian affects the right to modify the document or only consultation. Once the task is completed the user, the guard (application) gets the document he will recheck (for antivirus) before putting it in its respective safe inside the vault. The user then starts again from the bank with his key and this key can it be withdrawn at any time by the user who handed him. At no time could the user have direct access to documents located inside the chests in the vault.

In one embodiment, the protocols and / or services provided by the application are independent of the type of use, such qu'itinérante, mobile, from a fixed position or in public spaces.

Indeed, the platform can support any kind of computer network techniques such as, for example ™ wifi or 3G. It is understood that these examples are cited here without limitation and that the use of any network technology is perfectly conceivable. Advantageously, the application only uses default ports open by an operating system installed on the terminals, preferably only port 80 for HTTP (HyperText Transfer Protocol)

443 for HTTPS (HyperText Transfer Protocol Securised) and 21 for FTP (File

Transfer Protocol).

Only these three ports are open on the application and terminals can only use these ports on the U RL address (Uniform Resource

Locator) of the application. The implementation of the application is thus greatly simplified because just open three ports on all terminals to communicate with the application. It should be noted that these three ports are open by default regardless of the operating system used on the workstation of the user terminals, so users can easily communicate with the application while having other open ports needed for other applications locally.

In one embodiment, the information system contains a single document viewing rights and / or access and / or modification to / by each user are given by the user who created the document.

Everything happens gift c com mesi hp aq ue contributor was

"Administrator" of the document it creates. To him rests the assignment of rights for viewing and editing the document he published in the database of the information system via the application. It is understood that the allocation of these rights is simple and intuitive, without which the simplification will lose all meaning.

In another embodiment, the application manages a temporary storage space, preferably FTP, created in the sub-application (E) during the data transfer command from a terminal to the application and / or when creating data directly from the application, and deleted as soon as the data has reached the information system.

This space stockag e tem porary can be advantageously a hidden FTP (File Transfer Protocol), capable of storing large volumes of information, the application takes the information in this FTP cache for the file in the information system by rewriting on the fly. The information is then accessible from the application. She finds herself so protected from the rest of the network.

Advantageously, the temporary storage space is monitored by at least one virus but preferably two. This reduces the chances of infection from the database in the information system. This check is performed automatically when a contributor sends the data to the temporary storage of the application, but of course this does not prevent users to carry themselves to a control data on their positions working with their own antivirus.

According to one embodiment, the application includes a graphical interface.

This interface replaces the operating system is user friendly, simple and intuitive and requires no special training for the user.

In the context of this embodiment, the graphical application from the platform interface is in the form of a universal sharing solution secure data with a multilingual preferably workspace and accessible from any of the devices of users around the world and linked to the application.

Unlike the products mentioned in the prior art, it is not necessary here to install any software required to run the application. In addition, the GUI is multilingual planned for easy access from anywhere in the world, and is multi-server, multi-database, multi-site and multi-address books to facilitate the rights allocation . This platform is universal and accessible to all potential users.

Advantageously, a web browser is the operating system office for the GUI.

Just so, to access the universal sharing solution application, a simple Internet connection, Internet browser and have the URL of the application that will be provided to all users network. A shortcut can be created conveniently in the explorer.

The present invention also relates to an assembly comprising a plurality of interconnectable platforms with each other and such an infrastructure as described above.

Several same users can access several different information systems via several independent applications or not, such a platform replaces perfectly the three main models of existing computer networks mentioned above along encompassing a single model without making the disappear.

Anyway, the invention will be better understood using the description that i su it, with reference to the accompanying schematic drawings showing, by way of nonlimiting example, an embodiment of this platform.

Figure 1 shows the block diagram of the platform. 2 shows an example of application of this platform. According to the block diagram of operation of the platform shown in Figure 1, we can see that users 6 (single contributors or consultants) can either connect to the application 3 from the canvas 4 (World Wide Web) or from the intranet enterprise 5 that has an Internet connection 7 using the TCP / IP protocols. Each workstation 8 of these two networks is open on ports 80, 443 and 21.

These workstations 8 are connected via the Internet and its suite of TCP / IP protocols to the appl ication and 3 pl us the particu ièrement the sub external application (E) which comprises a network card 9 for communicating with outside an FTP cover 1 1 for temporarily storing data which may occupy a large volume and universal solution for sharing GUI 10 of the application 3.

The outer sub-application (E) is physically separated from the inner sub-application (I) by a break 12 of the TCP / IP protocols.

The sub indoor application (I) comprises one or more network boards 1 3 which allow it to communicate according to the TCP / IP protocols with all the storage resources of 14 2 information system via their network cards. The information system 2 therefore contains all the storage resources of 14 2 information system; these include databases (DATA), and / or local servers or unit grouped in a computer cleanroom. However, it contains no workstation. We now consider the specific case shown in Figure 2 where a contributor working for a consultancy in France 15 wants to create a document 20, but mainly wants to eventually share with his colleagues 16 in China without this one scatters into many files and providing them to the change; the various changes made in a single final document 20 contained in the information system 2 managed by the same application 3.

Turning first to the connection to the application 3, a contributor 6 has several possibilities: the French contributor connects to the application 3 of the company from their browser address bar by typing the own URL to his business hosting server or any other server hosting 17, 18 through which it wants to share docu ments, com me for exam ple the hosting server of Chinese employees, the French contributor to 3 connects to the application through a hyperlink that sent him his business on his voicemail if the latter has activated the service, the French contributor has been created as a contact in the address book of a another user 6, the contributor wishing to share a document then receives an email informing him of this creation and a direct link to the application 3 to which he was assigned.

Once connected, the contributor then accesses the home page of the GUI application 10 3 offering him a iversel sharing solution for document information. The administrator of each application can also define the settings of the application (graphic charts, layouts, content pages, translations, ...). The contributor then has the option to change to convenience the language of the GUI text 10. To access the application services

3 requested of it a username and password of its own, which was presented by the administrator of the application 3 on which it is connected.

Regarding the creation of information in the system, again several options are available to the contributor: it creates a new document directly via the application 3 according to the information he wants to share (text, spreadsheet, slide ...). For this, the great flexibité application 3 offers him a series of software from which he can define the format of the document. The created document is temporarily stored in the FTP 1 cache 1 of the outer sub-application (E). it is important in the FTP 11 hides an existing document locally through the explorer of his workstation 8. This FTP cache is constantly monitored by two antivirus 19 managed by the application 3.

It is also important to note that during the implementation of this type of platform 1 to a corporate structure or any other structure, the solution provided by the application 3 is able to integrate a massive data set existing enterprise.

The next step is to share it, the contributor affect the rights of use of the material 20 to other users 6 listed in his address book, such as Chinese employees or will have created or imported in the same address book. He can then assign editing rights to specific users, while it affects only viewing rights to others.

To share this document, it only remains to publish it in the information system 2 by pushing the "publish" button. The publication is to transfer by "parsing" information created in the FTP cover 1 1 of the s-sou application (E) to a storage area of ​​the information system 2 via the NIC 13 of the sub-application (I). This ensures the physical disruption 12 of the TCP / IP 7 between the information system 2 and the terminals 8 users. When the application takes 3 Information (E) for the drop in (I), the "dead" information is not accessible outside the application 3, FTP cache 11 is also cleaned by Application 3 when the application 3 has the data (E) for the file in (I). The French contributor can then disconnect from the application 3. Note that a document published 20 is visible only by 6 users who have been authorized by the document creator 20.

To fetch the document, users connect Chinese 6 each from their workstation 8 to the application of the company 3 of the same ways as the contributor.

6 The user then connects to their account with a username and a password him having been assigned by the administrator of this application 3 of the company. Once connected each user sees 6 documents for which rights were given to him and only ceux- there.

File names and only the names appear on the screen and the graphics, adaptable according to the needs of the business, this directly without having to open it, the rights to a document. The user 6 does never advanced directly on the document in the information system database 2. In a manner not the imitative appl ication 3 provides via its GUI 10 three possibilities of presentation: - under list form

- as objects, and

- as names.

The fees for each of the files that appear in one of these three forms are color coded to indicate immediately firsthand the user rights on a file. Five different colors are preferably used to identify different types of File Ste ong which include classified hierarchically in descending order of power on the file:

- "You are the creator of this document. "-" This document has been issued to you. "

- "This document is currently being edited by another user. You can find it if the software allows. "

- "P lusi rs es No person may or vri r this document simultaneously. "

- "This document is read. You can consult it. "When the user wants to open a document 6 20 of which he has rights, he knew cl ic run button" edition "that is to say, viewing the contents of the document 20. It is possible that 20 is the same document at the same time modified by a contributor, in which case an information window of the file status opens. In this case, users see 6 through the information window that the file for the document 20 is being edited and do not edit the document option 20. It must therefore expect that a contributor to finish his changes to the document 20 and is republished in the information system 2 that another contributor can in turn access the same document 20 to change himself. The file corresponding to the document 20 will thus be kept updated by each of the contributors and all changes made to this file will appear on a single document 20 contained in the information system 2 managed by the same application 3 common to all users 6 file.

It goes without saying that the invention is not limited to the sole embodiment and application of this platform 1 described above as an example, but it encompasses all the variants.

Claims

1. Platform (1) computer network for the management and sharing of data for unstructured most transiting through this network and infrastructure which includes:
- an information system (2) comprising one or more databases (14) and / or data servers (14), and
- terminals (4, 5) from which users (6) create, modify or reference the data of the information system (2), characterized in that the information system (2):
- includes unique data (20) to be shared, and
- is isolated terminals (4, 5) Users (6) by an application (3) that manages access to this information system (2) and / or the securing of unique data (20) contained by physical disruption (12) of the network protocol (7) used for communication between the information system (2) and the terminals (4, 5) of the user (6).
2. Platform (1) computer network according to claim 1 wherein the physical disruption (12) of the network protocol (7) is managed by the application (3) which control two sub-applications (E, I) independent and physically separated among them any network connection, specifically one of the sub-applications (I) said inner is in permanent contact with the information system network (2), and the other sub-application (E) said outer is in constant contact with said external network to which are connected all of the terminals (4, 5) of the user (6).
3. Platform (1) computer network according to claim 2 wherein the application (3) manages a temporary storage space (1 1), preferably FTP, created in the sub-application (E) at the data transfer control of a terminal (4, 5) to the application (3) and / or during the creation of data directly from the application (3), and deleted as soon as the data has reached the information system (2).
4. Plate-fo rm (1) Res ui ea nfo rm at iqueselonla claim 3 wherein the temporary storage space (1 1) is monitored by at least one virus (19) but preferably both.
5. Platform (1) computer network according to claims 2 to 4 wherein the passage of data which is managed by the application (3) between the two sub-applications (E, I) uses the technique of rewriting on the fly or "parsing".
6. Platform (1) computer network according to one of the preceding claims wherein the editing of the documents contained in the information system (2) is independent software or programs installed on the terminals (4, 5) users (6).
7. Platform (1) computer network according to one of the preceding claims wherein the terminals (4, 5) of the user (6) are used only for their GUI and computing capacity, the unique data ( 20) is only stored in the information system (2).
8. Platform (1) computer network according to one of the preceding claims wherein the information system (2) does not contain workstation.
9. Platform (1) computer network according to one of the preceding claims wherein the application (3) is the only one capable to directly access the unique data (20) stored in the information system (2) .
10. Platform (1) computer network according to one of the preceding claims wherein the protocols and / or services provided by the application (3) are independent of the type of use, such qu'itinérante, mobile, from a stationary or in public spaces.
11. Platform (1) computer network according to one of the preceding claims wherein the application (3) uses only default open ports by an operating system installed on the terminals (4, 5), of preferably only ports 80 for HTTP, 443 for HTTPS and 21 for FTP.
12. Platform (1) computer network according to one of the preceding claims wherein the information system (2) contains at least one document (20) whose viewing rights and / or access and / or modified to / by each user (6) are given by the user (6) that created the document.
13. Platform (1) computer network according to one of the preceding claims wherein the application (3) comprises a graphical user interface (10).
14. Platform (1) computer network according to claim 13 wherein the graphical interface (10) of the application (3) of the platform (1) is in the form of a sharing solution universal secure data (20) with a workspace multilingual preference and available at any of the terminals (4, 5) of the user (6) connected to the application (3).
15. Platform (1) computer network according to claim 14 wherein a web browser is operating system office for the GUI (10).
16. An assembly comprising a plurality of platforms (1) interconnectable to each other with an infrastructure according to one of claims 1 to 15.
EP20090747895 2008-09-26 2009-09-22 Platform for a computer network Ceased EP2347367A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
FR0805305A FR2936628B1 (en) 2008-09-26 2008-09-26 computer network platform
PCT/FR2009/051779 WO2010034928A1 (en) 2008-09-26 2009-09-22 Platform for a computer network

Publications (1)

Publication Number Publication Date
EP2347367A1 true true EP2347367A1 (en) 2011-07-27

Family

ID=40565330

Family Applications (1)

Application Number Title Priority Date Filing Date
EP20090747895 Ceased EP2347367A1 (en) 2008-09-26 2009-09-22 Platform for a computer network

Country Status (4)

Country Link
US (1) US20110321163A1 (en)
EP (1) EP2347367A1 (en)
FR (1) FR2936628B1 (en)
WO (1) WO2010034928A1 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130086467A1 (en) * 2011-10-03 2013-04-04 Google Inc. System for sending a file for viewing on a mobile device

Family Cites Families (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4558413A (en) * 1983-11-21 1985-12-10 Xerox Corporation Software version management system
GB9223521D0 (en) * 1992-11-10 1992-12-23 Ibm Collaborative working in a network
DE69400862T2 (en) * 1993-02-26 1997-05-22 Taligent Inc Collaborative working system
EP0622930A3 (en) * 1993-03-19 1996-06-05 At & T Global Inf Solution Application sharing for computer collaboration system.
US6204847B1 (en) * 1995-07-17 2001-03-20 Daniel W. Wright Shared virtual desktop collaborative application system
US6233600B1 (en) * 1997-07-15 2001-05-15 Eroom Technology, Inc. Method and system for providing a networked collaborative work environment
US6584466B1 (en) * 1999-04-07 2003-06-24 Critical Path, Inc. Internet document management system and methods
WO2001052473A1 (en) * 2000-01-14 2001-07-19 Critical Path, Inc. Secure management of electronic documents in a networked environment
EP1164766B1 (en) * 2000-06-16 2006-02-15 Ionos Co., Ltd. Switch connection control apparatus for channels
US20020147607A1 (en) * 2001-02-14 2002-10-10 Sarvajit Thakur Automated INS application filing system
US20040229199A1 (en) * 2003-04-16 2004-11-18 Measured Progress, Inc. Computer-based standardized test administration, scoring and analysis system
US20060010323A1 (en) * 2004-07-07 2006-01-12 Xerox Corporation Method for a repository to provide access to a document, and a repository arranged in accordance with the same method
US20060075391A1 (en) * 2004-10-05 2006-04-06 Esmonde Laurence G Jr Distributed scenario generation
US20060101028A1 (en) * 2004-10-21 2006-05-11 Banks Lanette E Method and apparatus for efficient electronic document management
US20060184784A1 (en) * 2005-02-16 2006-08-17 Yosi Shani Method for secure transference of data
US8868628B2 (en) * 2005-12-19 2014-10-21 International Business Machines Corporation Sharing computer data among computers
US20070255861A1 (en) * 2006-04-27 2007-11-01 Kain Michael T System and method for providing dynamic network firewall with default deny
US20090313113A1 (en) * 2008-06-13 2009-12-17 Dye Thomas A Business method and process for commercial establishments to advertise directly into proprietary closed circuit networks

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See references of WO2010034928A1 *

Also Published As

Publication number Publication date Type
FR2936628A1 (en) 2010-04-02 application
WO2010034928A1 (en) 2010-04-01 application
FR2936628B1 (en) 2011-04-01 grant
US20110321163A1 (en) 2011-12-29 application

Similar Documents

Publication Publication Date Title
US6738908B1 (en) Generalized network security policy templates for implementing similar network security policies across multiple networks
US6321242B1 (en) Re-linking technology for a moving web site
US7587467B2 (en) Managed peer-to-peer applications, systems and methods for distributed data access and storage
US7409709B2 (en) Systems and methods for automatically reconfiguring a network device
US7546353B2 (en) Managed peer-to-peer applications, systems and methods for distributed data access and storage
US8688797B2 (en) Managed peer-to-peer applications, systems and methods for distributed data access and storage
US8793374B2 (en) Managed peer-to-peer applications, systems and methods for distributed data access and storage
US5991807A (en) System for controlling users access to a distributive network in accordance with constraints present in common access distributive network interface separate from a server
US6205480B1 (en) System and method for web server user authentication
US20050144200A1 (en) Managed peer-to-peer applications, systems and methods for distributed data access and storage
US20100274910A1 (en) Hosted application sandbox model
US20050257244A1 (en) Method and apparatus for role-based security policy management
US7912822B2 (en) System and method for launching a resource in a network
US8316228B2 (en) Trusted bypass for secure communication
US7900240B2 (en) Multilayer access control security system
US20060074894A1 (en) Multi-language support for enterprise identity and access management
US20060120526A1 (en) Access control to files based on source information
US20090052675A1 (en) Secure remote support automation process
US7886048B1 (en) Systems and methods for managing integrated systems with use cases
US20080235361A1 (en) Management layer method and apparatus for dynamic assignment of users to computer resources
US6131120A (en) Enterprise network management directory containing network addresses of users and devices providing access lists to routers and servers
US20120216133A1 (en) Secure cloud computing system and method
US20060236095A1 (en) Systems and methods for automatically configuring and managing network devices and virtual private networks
US20100186079A1 (en) Remote access to private network resources from outside the network
US20040006710A1 (en) Computer security system

Legal Events

Date Code Title Description
17P Request for examination filed

Effective date: 20110321

AK Designated contracting states:

Kind code of ref document: A1

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO SE SI SK SM TR

AX Request for extension of the european patent to

Countries concerned: ALBARS

DAX Request for extension of the european patent (to any country) deleted
17Q First examination report

Effective date: 20121214

REG Reference to a national code

Ref country code: DE

Ref legal event code: R003

18R Refused

Effective date: 20141120

REG Reference to a national code

Ref country code: DE

Ref legal event code: R079

Free format text: PREVIOUS MAIN CLASS: G06F0021240000

Ipc: G06F0021000000

REG Reference to a national code

Ref country code: DE

Ref legal event code: R079

Free format text: PREVIOUS MAIN CLASS: G06F0021240000

Ipc: G06F0021000000

Effective date: 20150504