Separating control of network sites
First Claim
1. A method, comprising:
- receiving, via a proxy server application executed by a first computing device, a request for network content from a second computing device, the network content being hosted by an organization on behalf of a customer;
determining, via the proxy server application executed by the first computing device, whether the network content corresponds to a secured portion of a network site based at least in part on a proxy configuration entry designating a predefined uniform resource locator (URL) pattern that corresponds to the secured portion;
receiving, via the proxy server application executed by the first computing device, the network content, wherein the network content is received across a firewall from an application on a trusted network that is subject to security supervision by the organization when the network content is determined to correspond to the secured portion of the network site, and wherein the network content is received from a network content server application managed by the customer not behind the firewall on an untrusted network that is not subject to security supervision by the organization when the network content is determined to correspond to an unsecured portion of the network site; and
sending, via the proxy server application executed by the first computing device, the network content to the second computing device, the first computing device being within the untrusted network.
1 Assignment
0 Petitions
Accused Products
Abstract
Disclosed are various embodiments for separating control of network sites through the use of a proxy server application. A request for network content is received from a computing device. The network content is hosted by an organization on behalf of a customer. The network content is requested from one application on a trusted network that is subject to security supervision by the organization when the network content is determined to correspond to a secured portion of a network site. The network content is instead requested from another application managed by the customer on an untrusted network that is not subject to security supervision by the organization when the network content is determined to correspond to an unsecured portion of the network site. The network content is then sent to the computing device.
-
Citations
20 Claims
-
1. A method, comprising:
-
receiving, via a proxy server application executed by a first computing device, a request for network content from a second computing device, the network content being hosted by an organization on behalf of a customer; determining, via the proxy server application executed by the first computing device, whether the network content corresponds to a secured portion of a network site based at least in part on a proxy configuration entry designating a predefined uniform resource locator (URL) pattern that corresponds to the secured portion; receiving, via the proxy server application executed by the first computing device, the network content, wherein the network content is received across a firewall from an application on a trusted network that is subject to security supervision by the organization when the network content is determined to correspond to the secured portion of the network site, and wherein the network content is received from a network content server application managed by the customer not behind the firewall on an untrusted network that is not subject to security supervision by the organization when the network content is determined to correspond to an unsecured portion of the network site; and sending, via the proxy server application executed by the first computing device, the network content to the second computing device, the first computing device being within the untrusted network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system, comprising:
-
a processor of a first computing device; and a proxy server application executable in the first computing device, wherein when executed the proxy server application causes the first computing device to at least; receive a request for network content from a second computing device, the network content being hosted by an organization on behalf of a customer; request the network content from a second application across a firewall on a trusted network that is subject to security supervision by the organization when the network content is determined to correspond to a secured portion of a network site based at least in part on a first proxy configuration entry designating a first predefined uniform resource locator (URL) pattern that corresponds to the secured portion; request the network content from a third application managed by the customer on an untrusted network that is not behind the firewall and is not subject to security supervision by the organization when the network content is determined to correspond to an unsecured portion of the network site based at least in part on a second proxy configuration entry designating a second predefined URL pattern that corresponds to the unsecured portion; and send the network content to the second computing device. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. A non-transitory computer-readable medium embodying a proxy server application executable in a first computing device, wherein when executed the proxy server application causes the first computing device to at least:
-
receive a request for network content from a second computing device, the network content being hosted by an organization on behalf of a customer; request the network content across a firewall from a second application on a trusted network that is subject to security supervision by the organization when the network content is determined to correspond to a secured portion of a network site based at least in part on a proxy configuration entry designating a first predefined uniform resource locator (URL) pattern that corresponds to the secured portion; request the network content from a third application managed by the customer on an untrusted network that is not subject to security supervision by the organization when the network content is determined to correspond to an unsecured portion of the network site based at least in part on a second proxy configuration entry designating a second predefined URL pattern that corresponds to the unsecured portion; and send the network content to the second computing device. - View Dependent Claims (17, 18, 19, 20)
-
Specification