WO2013044304A1 - Système et procédé de fourniture d'une requête - Google Patents

Système et procédé de fourniture d'une requête Download PDF

Info

Publication number
WO2013044304A1
WO2013044304A1 PCT/AU2012/001169 AU2012001169W WO2013044304A1 WO 2013044304 A1 WO2013044304 A1 WO 2013044304A1 AU 2012001169 W AU2012001169 W AU 2012001169W WO 2013044304 A1 WO2013044304 A1 WO 2013044304A1
Authority
WO
WIPO (PCT)
Prior art keywords
client
server
accordance
compatible
routing
Prior art date
Application number
PCT/AU2012/001169
Other languages
English (en)
Inventor
Stephen Thompson
Lawrence Edward Nussbaum
Original Assignee
Cocoon Data Holdings Limited
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from AU2011904052A external-priority patent/AU2011904052A0/en
Application filed by Cocoon Data Holdings Limited filed Critical Cocoon Data Holdings Limited
Publication of WO2013044304A1 publication Critical patent/WO2013044304A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/50Allocation of resources, e.g. of the central processing unit [CPU]
    • G06F9/5005Allocation of resources, e.g. of the central processing unit [CPU] to service a request
    • G06F9/5027Allocation of resources, e.g. of the central processing unit [CPU] to service a request the resource being a machine, e.g. CPUs, Servers, Terminals
    • G06F9/5033Allocation of resources, e.g. of the central processing unit [CPU] to service a request the resource being a machine, e.g. CPUs, Servers, Terminals considering data affinity

Definitions

  • the present invention relates to a system and method for servicing a request.
  • Internet or another public telecommunication network (such as wired or wireless telephone services) is a cost- effective solution for distributing information.
  • public telecommunication network such as wired or wireless telephone services
  • sensitive or confidential information sent through the Internet may be accessible to unauthorised parties.
  • encryption process embeds the decryption key within the encrypted data object itself. As such, it is possible for a hacker to use brute force or other suitable methods to decrypt the data object since the necessary components to decrypt the data object are all integrated within the encrypted object.
  • encryption and decryption of data objects usually requires the use of software which must be installed and verified on a user's computer.
  • the user may be utilising a computing system which does not possess the necessary software for the encryption and decryption of files .
  • client-server model in which tasks or workloads are partitioned between the providers of a service, called “servers”, and service requesters, called “clients”.
  • servers providers of a service
  • clients service requesters
  • a common problem associated with client-server systems is that compatibility issues can arise between the client and the server.
  • the client may need to address a server with particular
  • a server generally has an associated universal resource locator (URL) that is used by the client as an address to locate and communicate with the server.
  • URL universal resource locator
  • the conventional approach is to program the URL of the server into the software used by the client.
  • the URL since the URL is programmed into the user software, it can only be changed by modifying the software.
  • a computer-implemented method of servicing a reguest by a client comprising the steps of: receiving a client service reguest at a routing server ;
  • the address identifier of the compatible server is in the form of a universal resource locator (URL) .
  • URL universal resource locator
  • the step of choosing another server includes the steps of detecting one or more parameters of the client, and using the detected parameters to determine a server that is most compatible with the client request.
  • a security classification of a user of the client a security classification of the client
  • the detected parameters are compared with stored criteria.
  • the step of choosing another server includes referring to criteria stored on a database.
  • the step of determining an address identifier is performed dynamically.
  • the step of choosing another server includes checking for faults associated with the client and for faults associated with potentially compatible servers .
  • the step of choosing another server includes detecting a version number of the client.
  • the step of choosing another server includes sending an advisory message to the client if the version of the client is out of date.
  • the step of choosing another server includes detecting faults on a computing device hosting the client and sending an advisory message to the client if fault is detected.
  • the method as described earlier is implemented by a process running on a computing device.
  • a system for servicing a client request comprising:
  • a routing server arranged to receive a client service request, process the request and choose one of the at least one servers that is compatible with the client service request, determine an address identifier for the compatible server and transmit the address identifier to the client.
  • the address identifier of the compatible server is in the form of a universal resource locator (URL) .
  • URL universal resource locator
  • the routing server is arranged to detect one or more parameters of the client and use the detected parameters to determine a server that is most compatible with the client request.
  • the parameters of the client comprise one or more of the following:
  • an operating system hosting the client a security classification of a user of the client; a security classification of software running on a computing device that is hosting the client;
  • a geographical location of a user of the client a geographical location of a user of the client; and hardware identification information of a computing device hosting the client.
  • the detected parameters are compared with stored criteria.
  • the routing server is arranged to refer to criteria stored on a database.
  • the routing server is arranged to dynamically determines the address identifier.
  • routing server is arranged to check for faults associated with the client and faults associated with any potentially compatible servers .
  • the routing server is arranged to detect a version number of the client.
  • the routing server is arranged to send an advisory message to the client if the version of the client is out of date.
  • the routing server is a server process implemented on a computing device.
  • system as described further comprising a plurality of routing servers, the routing servers being separate from each other.
  • one routing server is arranged to address a second routing server in response to a client service reguest, the second routing server being arranged to determine the most compatible server to the client.
  • the second routing server provides an address identifier for the compatible server.
  • a computer program arranged to perform, when executed on a computing system, any one or more of the method steps described earlier.
  • a computer readable medium incorporating a computer program described earlier.
  • a data signal comprising a computer program in accordance with the third aspect of the
  • a system for servicing a client reguest comprising:
  • a routing server arranged to receive a client service request, process the request and choose, from a plurality of servers, one server that is compatible with the client' s service request, to determine an address identifier for the compatible server and transmit the address identifier to the client.
  • Figure 1 is a schematic diagram of a system for distributing secured data
  • Figure 2 is a schematic diagram a system for securing data
  • Figure 3 is a schematic diagram of a system for servicing a request to a client in accordance with one embodiment of the present invention
  • Figure 4 is a flow diagram showing a method of servicing a request to a client, in accordance with an embodiment of the present invention
  • Figures 5 and 6 are schematic diagrams of a system for servicing a request to a client in accordance with an embodiment of the present invention
  • Figure 7 shows a schematic diagram of a further a system for servicing a request to a client in accordance with an embodiment of the present invention.
  • the invention concerns client-server interactions in computer-based systems.
  • FIG 1 there is illustrated a system which uses a client-server model.
  • This particular system provides a way for distributing secured data, but the invention applies to any system based on the client-server model.
  • Components of the system may be implemented by one or more electronic circuits, computers or computing devices having an appropriate logic, software, hardware or any combination thereof programmed to operate with the
  • the computer may be implemented by any computing architecture, including a stand-alone PC, client/server architecture, "dumb" terminal/mainframe architecture, or any other appropriate architecture. In some embodiments, the computer is appropriately programmed to implement the invention.
  • FIG. 1 there is shown a schematic diagram of a system for accessing secured data which in this embodiment comprises a server 100.
  • the server 100 comprises suitable components necessary to receive, store and execute appropriate computer instructions.
  • the components may include a processing unit 102, read-only memory (ROM) 104, random access memory (RAM) 106,
  • the server 100 includes disk drives 108, input devices 110 such as an Ethernet port, a USB port, etc, a display 112 such as a liquid crystal display, a light emitting display or any other suitable display, and communication links 114.
  • the server 100 includes
  • ROM 104 Read Only Memory 104
  • RAM 106 Random Access Memory 106
  • disk drives 108 There may be provided a plurality of communication links 114 which may variously connect to one or more computing devices such as servers, personal computers, terminals, wireless or handheld computing devices. At least one of a plurality of communication links 114 may be connected to an external computing network through a telephone line, optical fibre, wireless connection or other type of communication.
  • the server 100 may include storage devices such as a disk drive 108 which may encompass solid state drives, hard disk drives, optical drives or magnetic tape drives.
  • the server 100 may also use a single disk drive or multiple disk drives.
  • the server 100 may also have a suitable operating system which resides on the disk drive 108 or in the ROM 104.
  • the system has a database 120 residing on a disk or other storage device which is arranged to store at least one data record relating to data used by the server 100 to provide the function of the system for accessing secured data.
  • the database 120 is in communication with an interface 122, which is implemented by computer software residing on the server 100.
  • the interface 122 provides a means by which a user may input commands, instructions or requests to the server 100 for execution or processing.
  • the interface 122 may be implemented with input devices such as keyboards, mouse or, in another example embodiment the interface 122 may be arranged to receive inputs, requests or data through a network connection, including Ethernet, Wi-Fi, Fire-wire, USB or the like.
  • FIG. 2 there is illustrated a block diagram of an embodiment of a system for securing data .
  • the system is implemented with a server 200 arranged to be connected to a communication network such as the Internet, Intranet, VPN or any communication network using an appropriate communication protocol such as Internet Protocol Version 4 (IPv4) or Version 6 (IPv6) or any other version which enables the server 200 to communicate with other computing or
  • a communication network such as the Internet, Intranet, VPN or any communication network using an appropriate communication protocol such as Internet Protocol Version 4 (IPv4) or Version 6 (IPv6) or any other version which enables the server 200 to communicate with other computing or
  • IPv4 Internet Protocol Version 4
  • IPv6 Version 6
  • the server 200 may have the same configuration as the system of Figure 1 described above.
  • the server 200 is arranged to receive an encryption request 202 from a sender computing device 204 operated by a user, data sender, processor or controller wanting to encrypt a data object for transmission to another
  • the encryption request 202 may contain information relating to the data object that is to be encrypted by the sending computing device 204. This information may include, but not be limited to:
  • the server 200 is arranged to generate a key which can be used to encrypt the data object.
  • the key 208 may then be sent to the sender computing device 204 which has sent the encryption request 202 to the server 200.
  • the key 208 is then used by the computing device 204 to encrypt the data object such that an encrypted data object 210 is generated.
  • the encryption process on the computing device operates by encrypting the data object 210 such that the key 208 is not in any way integrated into the encrypted data object 210.
  • the encrypted data object 210 cannot be decrypted by a hacker or malicious party who is able to obtain an authorized copy of the encrypted data object 210 since the encrypted data object 210 itself is unable to provide the necessary information (e.g. the key 208) for the hacker to decrypt the file.
  • This embodiment is advantageous in that the encrypted data object 210 is highly secured since the key 208 needed to decrypt the file is not incorporated within the object 210 itself .
  • the sender computing device 204 may then be operated by its user, processor or controller to send the encrypted data object 210 to a recipient 206 via the server 200.
  • the encrypted data object 210 may be sent through a public or private computer network, or provided to the recipient in the form of digital media such as CDs, DVDs, Blu-Rays, USB storage or the like.
  • the recipient user 206 may then contact the server 200 with a request to retrieve the necessary keys to decrypt the data object 210.
  • the server 200 enforces an authentication process 212 on the recipient 206 by checking and validating the identity of the recipient 206 prior to providing a key 214 to the recipient.
  • the authentication process 212 may include a login/password check, a biometric check, a time delayed validation process, a telephone code check, a pass key check, an IP address check or a combination of one or more of these checks.
  • a key 214 may be provided to the recipient user 206 to decrypt the file.
  • the recipient user 206 is given a key 214 which only decrypts certain portions of the encrypted data object 210 such that only portions of the data may be released to the recipient user 206.
  • the decryption of the data is restrictive such that certain usage
  • permissions are enforced on the recipient 206.
  • third party software include Secure WordTM or Adobe AcrobatTM reader which has permission controls capable of limiting the manipulation of a data file.
  • the server 200 is arranged to provide dummy keys to the sender computing device 204 and the recipient computing device 206.
  • hackers or other malicious parties listening to the transmissions from the server 200 may receive a plurality of keys without any reference or knowledge as to which of the dummy keys can in fact be used to decrypt the data object.
  • the dummy keys may also be integrated with the genuine key such that the permutations between the dummy keys and the genuine keys render it unfeasible or impractical for a hacker to use the data for any meaningful purpose.
  • the user computing devices 204 and 206 may be any type of computing device with any architecture, such as a PC, laptop or any other computing device.
  • Part of the process of securing data involves several client-server communications. Examples of such communications are communications between the sender 204 and server 200 to secure the data or access an encryption key, or
  • the encryption and decryption process reguire several client-server communications.
  • Figure 3 shows an embodiment of a system 300 for servicing a client request.
  • the system 300 can be used as part of the system shown in Figure 2 to service client requests, for example to service requests from the sender 204 or the receiver 206.
  • the system 300 comprises a client 301 and a plurality of servers 302a, 302b, 302c, 302d, a routing server 303, and a database 313.
  • the client 301 is a software
  • the client 301 may be stored as computing instructions in ROM, RAM, optical devices, smartcards, non-volatile memory modules or in another form of memory associated with a computing device.
  • the computing device may be a desktop PC, laptop, server machine, a mobile computing device, tablet
  • client 301 may be a computing device such as a desktop PC, a laptop, a mobile computing device, a tablet computer, a smartphone or any other such suitable device.
  • client should be understood as comprising either a software application and/or a
  • the plurality of servers in this example comprise a first server 302a, a second server 302b, a third server 302c and a fourth server 302d.
  • Each server 302a-302d may be a server process implemented on a computing device.
  • the servers 302a-302d may be implemented as a computing device.
  • the servers 302a-302d may be
  • the servers may be in different cities, or in different countries or just in different areas of a city, as examples.
  • the servers 302a-302d may be similar in function to server 200 described earlier.
  • the servers 302a-302d are arranged to communicate with a client, such as client 301.
  • the servers 302a-302d can have the same features as the server 200 described earlier.
  • the client 301 is arranged to communicate with any one or more of the servers 302a, 302b, 302c, 302d.
  • the sender device 204 or the receiver device 206 in Figure 2 can function as a client of the server 200. It should be understood that the system shown in Figure 3 can comprise a plurality of clients and a plurality of servers .
  • the system 300 further comprises a routing server 303.
  • One form of the routing server 303 is a server process implemented as a software application on a computing device such as a PC, laptop, mobile computing device, tablet computer, smart phone or any other suitable computing device.
  • the routing server 303 is a computing device such as a PC or laptop or any other suitable computing device, and/or software or firmware.
  • the routing server 303 can be implemented by a server such as the server 100 described earlier.
  • the routing server 303 comprises a processor, a memory, a communications link and an associated database 313.
  • the server implementing the routing server 303 process is similar in structure and function to the server 100 described earlier.
  • the routing server 303 is arranged to receive a service reguest 304 from a client 301.
  • the client reguest is a request to access one of the servers 302a-302d.
  • the client 301 is arranged to address the routing server 303 as an initial step.
  • the routing server 303 is arranged to process the request from a client based on a set of predefined set of rules and to choose a server which is most compatible with the requirements of the user
  • the routing server 303 transmits address information for the chosen server as an electronic message, such as the URL of that server, to the client 301. If multiple servers are compatible with the requirements of the client, the routing server 303 uses predefined rules to rank the suitability of the servers and then issue the URL of the highest-ranked server to the client 301.
  • the routing server 303 responds by detecting one or more parameters of the client 301 and choosing the server that best matches one or more of those parameters.
  • parameters of the client 301 include the name, brand, class or type of client, the operating system in use, the location of the client 301, the version of software utilised by the client 301 and so on. These parameters are described later in detail.
  • the routing server 303 transmits the URL of the second server 302b (represented in Figure 3 as "URL 2") to the client 301.
  • Each of the servers 302a-302d has its own unique URL associated with the server. In this case the routing server 303
  • the routing server 303 transmits a message 305 that comprises the URL of the most suitable server 302b.
  • the client 301 accesses the server 302b by a message 306.
  • the server 302b may transmit information in a message 307 back to the client that answers the client's service request.
  • the client service request could be in the form of the client (i.e. sender or receiver)
  • the routing server (not shown in Figure 2) would provide the client (sender or receiver) the URL of the server 200.
  • the system 300 in particular the routing server 303, makes it possible to change the server 302a-302d addressed by a client 301, without changing the software on the client 301.
  • the address of the routing server 303 will rarely change, hence the software on the client 301 will rarely need to be updated due to a change in the server URL.
  • the routing server 303 further comprises an
  • the card catalogue may be stored in the memory of the routing server 303 or stored in a library of the routing server 303.
  • the card catalogue is used to map each client service request 304 to the URL of a suitable server 302a-302d.
  • the card catalogue is defined by an XML file.
  • an HTML document or a text document or Word document can be used to store the card catalogue.
  • the routing server 303 may comprise a database 313 associated with the routing server.
  • the database 313 comprises the card catalogue.
  • the database 313 stores the URL of each server.
  • the card catalogue allows the routing server to be updated quickly, for example, if an existing server is deemed to be a security risk, a client can be directed by an upgraded server by updating the card catalogue.
  • Figure 4 illustrates one embodiment of a method 400 for securing data and accessing secure data. The method comprises the steps of:
  • the routing server determines the most compatible server by detecting the specific
  • step 403 e.g. providing a URL.
  • the client uses the URL to access the most compatible server.
  • the routing server 303 is arranged to detect various client parameters that can be utilised in the selection of a server 302a-302d.
  • the parameters of the client 301 may be included as part of the service request sent to the routing server 303.
  • the request may be in the form of an electronic message such as email, text message or
  • the parameters of the client 301 may be included as part of the email header or as an attachment. In another form the parameters may be supplied as an XML file or HTML file in addition to the communication.
  • the client 301 may include software or computing instructions that are arranged to send the parameters of the user computing device.
  • the client 301 may itself be a software application that extracts
  • the selection process used by the routing server is in the form of instructions encoded into software that is run on the routing server 303.
  • parameters of the client that can be used by the routing server 303 include, but are not limited to, the following: Application of the client. In other words, how the client is used to generate or modify data (for example, word processing, modifying images, recording video) .
  • Tasks to be performed for example,
  • Version number of the client software for example, version 1.6 might be newer than version 1.5 and have different features.
  • a rating system hosting the client software Security classification of the client.
  • the routing server can be used to grant or deny access to servers based on the security clearance of the user.
  • the routing server can select the server that can offer the client the lowest latency and highest
  • routing server can grant or deny access to specific servers, based on the location of the client.
  • Hardware and identification information for a client for example, media access control (MAC) access, international mobile equipment identity (IMEI), universally unique identifier (UUID) or the telephone number of a client.
  • the routing server can grant or deny access to particular clients .
  • the routing server 303 can use one, some or all the parameters to identify the most compatible server
  • routing server 303 uses the routing server 303 to detect parameters of the client to dynamically determine the URL of the most compatible server at the time a service request 304 is received from a client.
  • the system 300 makes it easy to support multiple versions of the client and server software. New versions of the client and server software can be added and older versions of the server software can be retired without the need to modify or update the client. This is because the routing server 303 is able to dynamically detect the version of client when the client addresses the routing server 303. As long as the card catalogue for the routing server 303 is updated, the routing server 303 will ensure that the client continues to address the most compatible server 302a-302d.
  • specialised servers can be provided to respond to a narrow range of service requests that only affect a subset of all clients.
  • customised versions of the server software can be provided to deal with issues in relation to specific file types, such as security risks that only affect those particular file types, for example, MPEG files, JPEG files or media player files.
  • customised versions of the server can be provided to deal with issues that only affect a certain class or type of client, for example security risks that only affect mobile phone clients.
  • a specific client can be directed to a different server which has a customised upgrade in the server software, without changing the server addressed by the other clients.
  • the server can be adapted more specifically to the needs of each client. This is advantageous over prior art systems which force a plurality of clients to adapt to a one-size-fits-all server.
  • the use of more specialised servers can reduce the quantity and urgency of software upgrades required on the clients .
  • FIG. 5 illustrates an example of a system 500 in which a plurality of specialised servers are provided.
  • the system 500 comprises a plurality of clients 501a-501d, a plurality of servers 502a-502d and a routing server 503.
  • the clients 501a-501d are different versions of a software application, and each one is designed to run with a specific hardware device and/or operating system.
  • the first client 501a is running on a Windows operating system
  • the second client 501b is running on a Mac OSTM operating system
  • the third client 501c is running on an AndroidTM operating system
  • the fourth client 501d is running on the iOSTM operating system.
  • the system comprises a plurality of servers 502a- 502d, and each server serves in servicing reguests of clients running on a particular operating system.
  • the first server 502a is most compatible with Windows
  • the second server 502b is most compatible with MacOSTM
  • the third server 502c is most compatible with AndroidTM
  • the fourth server 502d is most compatible with iOSTM.
  • Figure 5 is one example implementation of a system for servicing a reguest.
  • the servers may be arranged to be compatible with other parameters described earlier.
  • FIG. 5 shows one implementation of the method described in Figure 4.
  • the user client 501a sends a service reguest 504 to the routing server 503 to access a server (step 401) .
  • the routing server 503 chooses the most compatible server based on a predefined list of parameters and a predefined set of rules (step 402) .
  • the parameter for choosing a server is the operating system hosting the client.
  • the rule obeyed by the routing server is that service reguests of clients running on Windows must be handled by server 502a. Therefore, when the routing server 503 detects the operating system hosting the client 501a, the first server 502a is chosen to be the most compatible server.
  • the routing server 503 transmits a message 505 comprising the addressing information (i.e. URL) of server 502a.
  • the client 501a utilises the URL to send a client request 506 to the server 502a to access some information, for example an encryption key or some data.
  • the server 502a transmits a message 507 comprising the information requested by the client 501a, to the client 501a.
  • the client 501a is required to authenticate itself with the server 502a before receiving information.
  • the routing server 503 is the same in structure and function as the routing server 303. Like features are defined by like numerals.
  • Figure 6 shows a further system and an example in which specialised servers are used to respond to a security flaw that has been detected in a version of the client when running on the WindowsTM XPTM operating system.
  • the system illustrated in Figure 6 is the same system shown in Figure 5, utilising specialised servers hence the same numbers have been used to denote like features .
  • the fault does not affect other versions of WindowsTM or other operating systems.
  • the problem is solved by setting up a new server 602.
  • This new server 602 uses software that is customized to overcome the security flaw specific to WindowsTM XPTM client 501a.
  • a WindowsTM XPTM client contacts the routing server 503 via a service request 504, the routing server 503
  • the routing server 503 responds by sending a message 505 comprising the address identifier "URL5" of the server 602 which corresponds to the server running software version A.l for WindowsTM XPTM.
  • the client 501a receives the address URL 5
  • the client sends a message 506 to server 602.
  • the message 506 may be a request for some data.
  • the server 602 responds by sending a transmission 507 of the requested information to the client 501a.
  • the routing server such as 303 or 503 can detect whether a client requires an update to its software, firmware or hardware, and sends a message to the client about the need to update .
  • the system 300 or 500 makes it possible to replicate a server any number of times and to dynamically determine the most suitable replica to be used for a client service request.
  • Servers for example 302a-302d or 502a-502d, can be replicated for redundancy. This is advantageous in case one server fails; there are other servers that can be used for same functionality. Another reason might be to reduce the geographical distance to various clients and therefore reduce latency when clients are accessing various servers .
  • the replicated servers can be
  • the routing server detects the geographical location of the client, as part of a service request.
  • the routing server 303 or 503 uses the card catalogue to rank the suitability of the replicated servers based on the geographical location of the servers and the client at the time of the request.
  • the routing server 303 or 503 can simply issue the client with the URL of the highest-ranked backup server.
  • a plurality of routing servers 303 can be provided in the system.
  • the routing server 303 can also provide the URL of another routing server capable of performing the exact same type of functionality, i.e. choosing the most compatible server for the client requirements and
  • Figure 7 shows a system comprising a client 701, a first routing server 703a, a second routing server 703b and a plurality of servers 702a-702d.
  • the first routing server 703a is arranged to detect parameters of the client and to forward these parameters to the second routing server 703b.
  • the second routing server 703b may then check the parameters of the client and then send the client an address identifier (i.e. the URL, of the most compatible server 702a-702d) via the first server 703a.
  • an address identifier i.e. the URL, of the most compatible server 702a-702d
  • the second server 703b can send the address identifier directly to the client 701.
  • the first routing server 703a might be operated by a private organisation and the second routing server 703b might be operated by a government
  • the routing server 703a in the private organisation is programmed to address the routing server 703b in the government organisation for particular types of service request, such as a request to access a server 702a-702d in the government organisation.
  • the client sends a service request 704 to the first routing server 703a of the private organisation because it is the only routing server that the client 701 has access to.
  • the first routing server 703a sends a message 705 comprising addressing information of the second routing server 703b.
  • the second routing server 703b provides a URL of the most compatible server with the client 701 to the first routing server 703a, via a message 706.
  • the first routing server 703a sends a message 705 to the client 701, wherein the message includes the addressing identifier (i.e. URL) of the most compatible government server 702b.
  • the client 701 can then send a reguest 708, to the server 702b using the addressing information.
  • the server 702b can then service the client's request
  • the first routing server 703a may send the URL of the second routing server 703b to the client 701 when the client addresses the first routing server 703a.
  • the client 701 can then address the second routing server 703b to gain access to a government sever 702a-702d.
  • the second routing server 703b may provide a URL of the most compatible server to the client.
  • the private organisation routing server 703a does not need to be constantly updated with the URLs of the servers in the government organisation.
  • the card catalogue of the private organisation routing server 703a does not need to be consistently updated every time the government servers are updated or the servers of the government organisation software has changed.
  • the government organisation can change or update its servers without needing to inform the routing server 703a of the private organisation.
  • This system of multiple routing servers, as shown in Figure 7, is also advantageous because it increases the level of security in the system, since there are two layers of separation.
  • the present system and method are advantageous because it makes it easy to change the URL of each server without changing the URL programmed in the client.
  • new and additional servers can be added or substituted quickly and invisibly to the client. For example, if the server needs to be updated or a new server needs to be added due to a security flaw, this can be done without necessarily having to update the client. This makes it cheaper, quicker and more efficient, especially for the clients as they do not need to spend money or time in updating client software or hardware.
  • the system of using an intermediate routing server as described allows for a plurality of servers to be used.
  • the system and method allows a plurality of specialised servers that respond to a narrow range of specific client requests.
  • the above described embodiments of the system and method allows for a plurality of versions of client software to be supported.
  • the routing server includes a card catalogue that can support a plurality of clients and multiple versions of client software.
  • routing server and a card catalogue within the routing server allows for a plurality of identical servers to be used for redundancy purposes .
  • the plurality of servers may perform the same function and can be used as redundancy in case one or more servers fail.
  • the plurality of servers also allow for the same server to be used in multiple
  • the routing server is used to address the server that best corresponds with a client's parameters (as described) to allow for the fastest connection with reduced latency and least bandwidth requirements.
  • Embodiments of the system and method can be used for other routing operations or other client server communications .
  • the routing server may be used in applications where there are a plurality of servers and the client request must be routed to one server.
  • the invention may be used in other words
  • the above described embodiments may be implemented utilising program code.
  • the program code may be supplied in a number of ways, for example in a computer readable medium, such as disc or memory, or as a data signal (by downloading it from a computer) .
  • the address identifier is a URL.
  • the invention is not limited to this. Other networking systems may use different address identifiers than URLs. The present invention is also applicable to such other networking systems.

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

La présente invention concerne un procédé et un système pour fournir une requête par un client informatique. Un serveur de routage est conçu pour recevoir une requête de service de client. Le serveur de routage choisit un autre serveur compatible, compatible avec la requête de service de client. Il détermine un identificateur d'adresse pour le serveur compatible et transmet l'identificateur d'adresse au client.
PCT/AU2012/001169 2011-09-30 2012-09-28 Système et procédé de fourniture d'une requête WO2013044304A1 (fr)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
AU2011904052 2011-09-30
AU2011904052A AU2011904052A0 (en) 2011-09-30 System and method for servicing a request
AU2011904480A AU2011904480A0 (en) 2011-10-27 System and method for servicing a request
AU2011904480 2011-10-27

Publications (1)

Publication Number Publication Date
WO2013044304A1 true WO2013044304A1 (fr) 2013-04-04

Family

ID=47994021

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/AU2012/001169 WO2013044304A1 (fr) 2011-09-30 2012-09-28 Système et procédé de fourniture d'une requête

Country Status (1)

Country Link
WO (1) WO2013044304A1 (fr)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107465616A (zh) * 2016-06-03 2017-12-12 中国移动通信集团四川有限公司 基于客户端的服务路由方法及装置
CN112737942A (zh) * 2020-12-24 2021-04-30 深圳市彬讯科技有限公司 服务路由切换方法、装置、设备及介质

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1551147A1 (fr) * 2003-12-29 2005-07-06 AT&T Corp. Procédé de réacheminement de clients d'images continues sur le web utilisant une mesure de la bande passante disponible
US7500243B2 (en) * 2000-08-17 2009-03-03 Sun Microsystems, Inc. Load balancing method and system using multiple load balancing servers

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7500243B2 (en) * 2000-08-17 2009-03-03 Sun Microsystems, Inc. Load balancing method and system using multiple load balancing servers
EP1551147A1 (fr) * 2003-12-29 2005-07-06 AT&T Corp. Procédé de réacheminement de clients d'images continues sur le web utilisant une mesure de la bande passante disponible

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107465616A (zh) * 2016-06-03 2017-12-12 中国移动通信集团四川有限公司 基于客户端的服务路由方法及装置
CN107465616B (zh) * 2016-06-03 2021-02-26 中国移动通信集团四川有限公司 基于客户端的服务路由方法及装置
CN112737942A (zh) * 2020-12-24 2021-04-30 深圳市彬讯科技有限公司 服务路由切换方法、装置、设备及介质
CN112737942B (zh) * 2020-12-24 2022-06-03 土巴兔集团股份有限公司 服务路由切换方法、装置、设备及介质

Similar Documents

Publication Publication Date Title
US11301575B2 (en) Secure data synchronization
CN108369622B (zh) 软件容器注册表服务
US10587415B2 (en) Systems and methods for controlling email access
US8640261B2 (en) Method and client agent for monitoring the use of protected content
US10482236B1 (en) Methods, mediums, and systems for establishing and using security questions
US8978110B2 (en) Systems and methods for controlling email access
US7917963B2 (en) System for providing mobile data security
US10587697B2 (en) Application-specific session authentication
US20140068593A1 (en) System and Method for Sharing Information in a Private Ecosystem
JP2018502368A (ja) 共有されるネットワーク化された環境においてデータを記憶するための方法、ストレージ・サブシステム、クラウド・ストレージ・システム、データ処理プログラム、およびコンピュータ・プログラム製品(クラウド環境における機密データの自動化された管理)
CN103944890A (zh) 基于客户端/服务器模式的虚拟交互系统及方法
CN104520805A (zh) 根据企业信息控制策略的带有密钥和数据交换的安全应用程序生态系统
US10015173B1 (en) Systems and methods for location-aware access to cloud data stores
US10230762B2 (en) System and method for sharing information in a private ecosystem
US8850563B2 (en) Portable computer accounts
US11695650B2 (en) Secure count in cloud computing networks
AU2020333658B2 (en) Identity data object creation and management
WO2013044304A1 (fr) Système et procédé de fourniture d'une requête
CN112333134A (zh) 密码安全的动态第三方资源
WO2013006907A1 (fr) Système et procédé pour la diffusion des données sécurisées en flux continu
CN116249113A (zh) 元宇宙的虚拟形象的验证授权方法、装置、电子设备和存储介质
CN114329423A (zh) 适用于单点登录的第三方应用程序集成方法及系统
JP2008299782A (ja) 認証システムおよび認証プログラム

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 12835009

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 12835009

Country of ref document: EP

Kind code of ref document: A1