ES2377691B1 - REMOTE ADMINISTRATION PROCEDURE FROM MOBILE TERMINALS. - Google Patents

Abstract

Procedure for remote administration of servers and workstations from mobile terminals to perform administration tasks in a convenient, ubiquitous and secure way of the assigned physical or logical resources, based on the transmission of information packets and addressing network elements on the TCP / IP communications stack and using as a transmission medium a telecommunications network of the wireless type that allows communication between the mobile terminal and the equipment to be administered, preferably of the cellular type such as GSM, UMTS or LTE.

Description

Remote administration procedure from mobile terminals.

Object of the invention

The present invention refers to a procedure that allows the remote administration of servers and workstations from mobile terminals, allowing the administrator to perform his administration tasks in a convenient, ubiquitous and secure way of the physical or logical resources that have been assigned, based on the transmission of information packets and addressing network elements on the TCP / IP communication stack and using as a means of transmission a telecommunications network of the wireless type that allows communication between the mobile terminal and the equipment to be administered, preferably of the cellular type such as GSM, UMTS or LTE.

Background of the invention

The invention is framed within telecommunications technologies, and more specifically it allows to expand the functionalities present in mobile telecommunications by providing them with such an important service as remote administration.

Today, companies increasingly require the mobility capacity of their main assets, that is, of their employees. Due to globalization, companies have a greater number of offices, and therefore, serve a greater number of clients in different geographical areas. It is because of this fact that that employees must be able to move to give personalized attention to customers has become an indispensable requirement. There are roles of employees whose activities are essential for both the company and customers, even in their different vacation periods. Likewise, the need to offer 24x7 services implies that server positions must always be taken care of to ensure services. It is based on this demanded need that the employees in charge of these tasks need to have a complete administration capacity regardless of the place and the moment.

The current trend of information technologies is software as a service (SaaS), or cloud computing (Cloud Computing), where services are not located in own data processing centers, but in farms belonging to servers large companies that offer their computing capacity. These services present the con fl ict that the clients that hire them, barely have administrative capabilities that allow them to respond to different eventualities.

The displacements by the employees to the work centers with the current means of transport, entail a series of emissions of harmful gases into the atmosphere, which is a factor to be taken into account. All companies try to move towards business models that are less harmful to the environment. The contribution of information technologies in this regard, is to save possible displacements to users, allowing their work to be performed ubiquitously.

The new technologies seek to provide a delocalized service, in order to be able to have all the characteristics of their service without having to be physically present in normal workplaces.

Taking into account the foregoing and in order to solve the problems and inconveniences raised, the present invention proposes a procedure that allows administrative tasks to be carried out remotely and ubiquitously through a mobile terminal, preferably a mobile telephone.

For purely illustrative and non-limiting purposes, the procedure subject to registration is applicable, among others, to the following cases:

-

Situations in which the administrator must have mobility, and despite this, continue to perform their corresponding management duties.

-

Cases in which the administrator cannot ensure the use of a fixed terminal, and there are pending tasks whose completion cannot wait for the latter to gain access to said terminal.

-

Situations in which the branches of the company are distributed throughout the globe, and require centralized administration. Within this framework, several cases can be identified, one of which could be that of a company with several locations, with a single manager working with critical and / or sensitive information, which, for example, due to time differences due to carry out the procedures corresponding to his position from locations outside the workplace.

-

Cases in which using Cloud Computing, it is necessary to perform a personalized or specific administration of the service, without the mediation of the company that offers the infrastructure as a service (IaaS), the software as a service (SaaS) and / or the platform as a service (PaaS).

-

In any case where access to a fixed terminal may be a problem, such as those in which the administrator is on vacation and their services are required, or where they are in locations with incompatibilities for carrying out of the required tasks it is necessary to use an own terminal.

The procedure not only provides advantages of usability, savings or use of resources, among others, but also reduces the travel needs of the administrator to a work terminal, thus reducing the possible CO2 emissions that this would produce, thus providing a "IT Green" system.

The object of the invention is the remote administration from mobile terminals by a method according to the invention, preferably mobile phones.

Brief description of the drawings

To complement the description that is being made and in order to help a better understanding of the characteristics of the invention, this descriptive report is attached, as an integral part thereof, of a set of drawings, in which with character merely illustrative and not limiting the following has been represented:

Figure 1 schematically shows the basic architecture of the procedure.

Figure 2 represents a variation on architecture, where cloud computing comes into play.

Figure 3 illustrates the procedure presenting details about the communication.

Description of the invention

The remote administration procedure from mobile terminals object of the present registry, solves the aforementioned drawbacks, also providing other additional advantages that will be apparent from the description that follows.

Figure 1 represents the basic architecture of the procedure, in which through a network controlled or not by it (3), preferably Internet, a communication (4) is established between the possible client terminals (1) and a server or station working (2).

Within the possible client terminals that can be used (1) PDA’s, mobile phones or any other technically equivalent. The procedure is independent with respect to the platform, since being a concept developed based on telecommunications and not a technology, it does not depend on the specific characteristics of each platform. Therefore the procedure will continue to apply despite technological developments, or future developments in operating systems.

The server or workstation (2) refers to the possible platforms where the services and applications that the client requires to manage are located. When talking about servers, for example, any logical server that belongs to the CPD (Data Processing Center) of a company is considered. The server must have access, either directly or indirectly, to the telecommunications network used; Directly understanding that it has a physical connection to the network, and indirectly the fact that it uses intermediate elements such as routers and hubs to access the network.

The invention is based on the use of existing and current telecommunications networks (3) as a means of transmitting the information for the procedure, without the need to resort to the construction of an own or specific network, which implies a great reduction of Infrastructure costs due to the use of the present networks, such as Internet, Intranets, Wimax systems, other configurations of MAN, WAN, LAN networks, etc.

There must be a communication (4) of data between the terminals and the server, which will be carried out through the network (3), and will basically transmit the operations / procedures to be performed by the client (1) and the responses to said operations / server management. This communication will use cryptographic systems in order to ensure the confidentiality of the data circulating through the network, between the client (1) and the server or workstation (2).

Figure 2 presents another possible configuration of the invention, in which the services to be administered are not housed in a traditional server, but in a cloud computing system (Cloud Computing) (2).

This configuration no longer depends on the management and maintenance of the servers, but the usual thing is to simply have access to the services and applications stored there. This implies having the necessary permissions on the services deployed in the cloud, and the implementation of the invention within the company that facilitates the Cloud Computing service.

Figure 3 illustrates in detail a possible con fi guration of the proposed procedure, in which communication is seen through mobile terminals by different communication channels.

According to the invention, the user, using the mobile phone (1), establishes a communication with the server, and this communication will be the one used to carry out administrative procedures. Making use of the advantages of layered logical separation of network functions, the messages transmitted between the mobile phone and the server will be invariable regardless of the network structure used. In this example, a connection-oriented communication based on TCP / IP is proposed, as it is the most widespread protocol today. For access from the mobile terminal to the fixed network structure, the use of any of the possible telecommunications technologies after the second generation is proposed, from which it is possible to send packets of information, such as GSM, UMTS , LTE, etc. All the information transmitted from the terminal must be encrypted before reaching the BSS (Basic Service Set) (2) or similar element since this is already an interceptible communication.

There must be a communication (4) of data between the terminals and the server, which will be carried out through the network (3), and will basically transmit the operations / procedures to be performed by the client (1) and the responses to said operations / server management. This communication will use cryptographic systems, as previously mentioned, in order to ensure the confidentiality of the data circulating through the network, between the client (1) and the server or workstation (5), as for example they can be: DES, 3DES, AES, etc. Another possibility to ensure the confidentiality of the data is the use of virtual private networks (VPN’s).

As an example for the correct understanding of the functionalities of the proposed procedure, the administration of a dynamic web page server is proposed. The procedure would give the administrator the possibility to restart the server, stop the web service, update page contents, modify the page, update the database, make backup copies, etc. from your mobile phone anytime, anywhere, provided you have connectivity. The initial key for the encryption of the communication is directly included in the software to be installed, and in each communication the new encryption key to be used in the next communication would be negotiated.

Claims (6)

1. Remote administration procedure from mobile terminals of servers, services hosted on servers, workstations, services hosted on workstations, cloud computing systems, services hosted on cloud computing systems, accessible for connections based on different versions of IP (Internet Protocol), through a connection established for this purpose, so that it takes advantage of the mobility capabilities of the mobile terminal, this connection being a secure connection, in which the information transmitted from the mobile terminal to the device to Administer, or vice versa, is transmitted in such a way that it is not accessible by third parties not belonging to this communication, characterized by the following procedural steps: [a] establishing the connection between the mobile terminal and the device to be administered or containing the services to be administered or the services that allow the administration. [b] identification of the parties, both of the devices to be administered, the services to be administered or of the services that allow the administration, and of the administrator of the services or servers to be administered. [c] transmission of administrative permits and capabilities available to the administrator of the services or servers to be managed, on servers, services hosted on servers, workstations, services hosted on workstations, cloud computing systems, services hosted on cloud computing systems, from the service or servers to be managed to the mobile terminal used by the administrator of the services or servers to be managed. [d] transmission of administrative orders by the administrator through the mobile terminal, with which the connection has been established, to the service, server or workstation with which the connection has been established. [e] transmission of the results of the administrative orders made by the administrator, from the service, server or workstation with which the connection has been established, to the mobile terminal with which said connection was made.

2.

Remote administration procedure from mobile terminals according to claim 1, characterized by a connection that transmits the information from the beginning of the connection in a secure manner thanks to an encryption based on a key known to both the client present in the mobile terminal, and in servers, services hosted on servers, workstations, services hosted on workstations, cloud computing systems, services hosted on cloud computing systems, established prior to this connection.

3.

Remote administration procedure from mobile terminals according to claim 1, characterized by a connection made through the TCP / IP communication protocol.

Four.

Remote administration procedure from mobile terminals according to claim 1, characterized in that said procedure is restarted before a possible connection interruption.

5.

Remote administration procedure from mobile terminals according to claim 1, characterized by the release of the resources assigned to said connection upon receiving the order to close the communication by the administrator, after performing the relevant tasks.

SPANISH OFFICE OF THE PATENTS AND BRAND Application no .: 201000995 SPAIN Date of submission of the application: 30.07.2010 Priority Date: REPORT ON THE STATE OF THE TECHNIQUE 51 Int. Cl.: H04L12 / 24 (2006.01) RELEVANT DOCUMENTS

Category

56 Documents cited Claims Affected

X

US 2004123159 A1 (KERSTENS KEVIN et al.) 06.24.2004, the whole document. 1-5

X

EP 1715620 A1 (RESEARCH IN MOTION LTD) 25.10.2006, the whole document. 1-5

X

US 7603408 B1 (MCGINNIS BRIAN EVAN et al.) 13.10.2009, summary; column 2, line 34 - column 3, line 30; column 16, line 47 - column 21, line 45. 1-5

Category of the documents cited X: of particular relevance Y: of particular relevance combined with other / s of the same category A: reflects the state of the art O: refers to unwritten disclosure P: published between the priority date and the date of priority submission of the application E: previous document, but published after the date of submission of the application

This report has been prepared • for all claims • for claims no:

Date of realization of the report 16.03.2012

Examiner M. Rivas Sáiz Page 1/4

REPORT OF THE STATE OF THE TECHNIQUE Application number: 201000995 Minimum documentation searched (classification system followed by classification symbols) H04L Electronic databases consulted during the search (name of the database and, if possible, terms of search used) INVENES, EPODOC State of the Art Report Page 2/4  WRITTEN OPINION Application number: 201000995 Date of Written Opinion: 16.03.2012 Statement

Novelty (Art. 6.1 LP 11/1986)

Claims Claims 1-5 IF NOT

Inventive activity (Art. 8.1 LP11 / 1986)

Claims Claims 1-5 IF NOT

The application is considered to comply with the industrial application requirement. This requirement was evaluated during the formal and technical examination phase of the application (Article 31.2 Law 11/1986).  Opinion Base.- This opinion has been made on the basis of the patent application as published. State of the Art Report Page 3/4  WRITTEN OPINION Application number: 201000995 1. Documents considered.- The documents belonging to the state of the art taken into consideration for the realization of this opinion are listed below.

Document

Publication or Identification Number publication date

D01

US 2004123159 A1 (KERSTENS KEVIN et al.) 06.24.2004

2. Statement motivated according to articles 29.6 and 29.7 of the Regulations for the execution of Law 11/1986, of March 20, on Patents on novelty and inventive activity; quotes and explanations in support of this statement Document D01 is considered the closest in the state of the art to the requested invention. In relation to claim 1, D01 describes a method of remote administration from mobile terminals of accessible servers for connections based on the different versions of IP (Internet Protocol) (see figure 3 reference 101), through a connection established for this purpose (see figure 3 reference 330), such that it takes advantage of the mobility capabilities of the mobile terminal. In D01 the information is sent encrypted (see figure 7) and therefore this connection is secure. The information transmitted from the mobile terminal to the device to be administered, or vice versa, is transmitted in such a way that it is not accessible by third parties not belonging to this communication. The procedure is characterized by the following steps (see figure 7 of D01): [a] establishing the connection between the mobile terminal and the device to be managed (paragraph 0097) [b] identification of the parties (paragraph 0097) [c] transmission of permits and administrative capabilities available to the administrator of the services from the service or servers to be administered to the mobile terminal (paragraph 0099) [d] transmission of administrative orders by the administrator through the mobile terminal, with which the connection has been established, to the service, server or workstation with which the connection has been established (paragraph 0099). D01 does not explicitly mention the transmission of the results of the administrative orders made by the administrator, to the mobile terminal but this type of confirmation is a widely used technique that its application to the invention does not provide for claim 1 of inventive activity (Article 8 LP.). In view of the foregoing, claim 1 does not meet the requirement of inventive activity (Article 8 LP.). Claims 2 and 3 do not imply inventive activity (Article 8 LP.) For being described in D01:

-

The information transmitted is made through a secure connection through encryption (paragraph 0099). -The connection is used through the TCP / IP protocol (paragraph 0074).

Claims 4 and 5 do not meet the requirement of inventive activity (Article 8 LP.) Because, although they are not described in D01, they are common techniques. When accessing any service or network, in the case of connection interruption, the usual technique to maintain security is to perform the authentication and access process again. In the same way to make efficient use of resources, these will be released once the communication is closed, this being the usual operation of telecommunications networks. Therefore, in view of the foregoing, claims 1 to 5 do not imply inventive activity (Article 8 LP.). State of the Art Report Page 4/4