Systems, methods and computer program products for accessing devices on private networks via clients on a public network

US 20020083342A1
Filed: 06/05/2001
Published: 06/27/2002
Est. Priority Date: 12/21/2000
Status: Abandoned Application

First Claim

Patent Images

1. A method of accessing devices on a private network via a client on a public network, the method comprising the following steps performed by a gateway on the private network:

receiving a request from the client to access a Web server of a device on the private network, wherein the Web server has an address that is valid on the private network but is not valid on the public network;

redirecting the received client request to the Web server of the device on the private network;

scrubbing a Web page served by the Web server in response to the received client request, comprising replacing an address in the Web page that is not valid on the public network with an address that is valid on the public network; and

serving the scrubbed Web page to the client.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems, methods, and computer program products that can allow users to access one or more devices on a private network, via clients on a public network, are provided. A gateway on a private network accepts a user log-in request from a client on a public network. The rights of the user to access one or more devices on the private network are ascertained and the gateway serves a Web page to the client that identifies each device on the private network for which the user has access rights. Upon receiving a request from the client to access a Web server of a device on a private network, the gateway redirects the received client request to the Web server. The gateway is configured to “scrub” a Web page served by a device Web server to remove any links to Web servers of devices for which the user does not have access rights and to modify a uniform resource locator (URL) containing an address not valid on the public network with an address that is valid on the public network.

397 Citations

42 Claims

1. A method of accessing devices on a private network via a client on a public network, the method comprising the following steps performed by a gateway on the private network:
- receiving a request from the client to access a Web server of a device on the private network, wherein the Web server has an address that is valid on the private network but is not valid on the public network;
  
  redirecting the received client request to the Web server of the device on the private network;
  
  scrubbing a Web page served by the Web server in response to the received client request, comprising replacing an address in the Web page that is not valid on the public network with an address that is valid on the public network; and
  
  serving the scrubbed Web page to the client.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method according to claim 1, further comprising the following steps performed by the gateway prior to receiving a request from the client to access a Web server of the device:
    - ascertaining rights of a user to access one or more devices on the private network; and
      
      serving a Web page to the client that identifies each device on the private network for which the user has access rights, wherein the Web page includes a link to a Web server of each device on the private network for which the user has access rights.
  - 3. The method according to claim 2, further comprising the step of accepting a user log-in request from the client prior to ascertaining rights of the user, wherein the user log-in request includes an identification of the user.
  - 4. The method according to claim 2, wherein each link to a Web server includes a uniform resource locator (URL) for the gateway that is valid on the public network and an identification of a gateway port that is mapped to a respective Web server, and wherein each link is configured to send a request to a respective Web server via the gateway at an identified gateway port.
  - 5. The method according to claim 1, wherein the scrubbing step comprises replacing an address in the Web page that is valid only on the private network with a URL for the gateway that is valid on the public network and an identification of a gateway port that is mapped to the replaced address.
  - 6. The method according to claim 2, wherein the step of serving a Web page to the client comprises:
    - scanning a range of private network addresses to identify Web servers listening on one or more selected ports;
      
      mapping each identified Web server to a respective gateway port; and
      
      creating a Web page that contains a respective link to each gateway port for each device for which the user has access rights.

7. A method of accessing devices on a private network via a client on a public network, wherein each device includes a Web server having an address that is valid on the private network, but is not valid on the public network, the method comprising the following steps performed by a gateway on the private network:
- ascertaining rights of a user to access one or more devices on the private network;
  
  serving a Web page to the client that identifies each device on the private network for which the user has access rights, wherein the Web page includes a link to a Web server of each device on the private network for which the user has access rights;
  
  receiving a request from the client to access a Web server of a device on the private network in response to user activation of a link on the Web page;
  
  redirecting the received client request to the Web server;
  
  scrubbing a Web page served by the Web server in response to the received client request, comprising removing links to Web servers of devices for which the user does not have access rights; and
  
  serving the scrubbed Web page to the client.
- View Dependent Claims (8, 9, 10, 11, 13, 14, 16, 17, 18, 19, 20)
- - 8. The method according to claim 7, further comprising the step of accepting a user log-in request from the client prior to ascertaining rights of the user, wherein the user log-in request includes an identification of the user.
  - 9. The method according to claim 7, wherein the scrubbing step further comprises replacing an address in the Web page that is not valid on the public network with an address that is valid on the public network.
  - 10. The method according to claim 7, wherein each link to a Web server includes a uniform resource locator (URL) for the gateway that is valid on the public network and an identification of a gateway port that is mapped to a respective Web server, and wherein each link is configured to send a request to a respective Web server via the gateway at an identified gateway port.
  - 11. The method according to claim 7, wherein the step of serving a Web page to the client comprises:
    - scanning a range of private network addresses to identify Web servers listening on one or more selected ports;
      
      mapping each identified Web server to a respective gateway port; and
      
      creating a Web page that contains a respective link to each gateway port for each device for which the user has access rights.
  - 13. The method according to claim 12, further comprising the step of accepting a user log-in request from the client prior to ascertaining rights of the user, wherein the user log-in request includes an identification of the user.
  - 14. The method according to claim 12, wherein the step of serving a Web page to the client comprises:
    - scanning a range of private network addresses to identify Web servers listening on one or more selected ports;
      
      mapping each identified Web server to a respective gateway port; and
      
      creating a Web page that contains a respective link to each gateway port for each device for which the user has access rights.
  - 16. The gateway system according to claim 15, further comprising:
    - means for ascertaining rights of a user to access one or more devices on the private network; and
      
      means for serving a Web page to the client that identifies each device on the private network for which the user has access rights, wherein the Web page includes a link to a Web server of each device on the private network for which the user has access rights.
  - 17. The gateway system according to claim 16, further comprising means for accepting a user log-in request from the client, wherein the user log-in request includes an identification of the user.
  - 18. The gateway system according to claim 16, wherein each link to a Web server includes a uniform resource locator (URL) for the gateway system that is valid on the public network and an identification of a gateway system port that is mapped to a respective Web server, and wherein each link is configured to send a request to a respective Web server via the gateway system at an identified gateway system port.
  - 19. The gateway system according to claim 15, wherein the means for scrubbing a Web page comprises means for replacing an address in the Web page that is valid only on the private network with a URL for the gateway system that is valid on the public network and an identification of a gateway system port that is mapped to the replaced address.
  - 20. The gateway system according to claim 16, wherein the means for serving a Web page to the client comprises:
    - means for scanning a range of private network addresses to identify Web servers listening on one or more selected ports;
      
      means for mapping each identified Web server to a respective gateway system port; and
      
      means for creating a Web page that contains a respective link to each gateway system port for each device for which the user has access rights.

12. A method of accessing devices on a private network via a client on a public network, wherein each device includes a Web server having an address that is valid on the private network, but is not valid on the public network, the method comprising the following steps performed by a gateway on the private network:
- ascertaining rights of a user to access one or more devices on the private network;
  
  serving a Web page to the client that identifies each device on the private network for which the user has access rights, wherein the Web page includes a link to a Web server of each device on the private network for which the user has access rights, wherein each link to a Web server includes a uniform resource locator (URL) for the gateway that is valid on the public network and an identification of a gateway port that is mapped to a respective Web server, and wherein each link is configured to send a request to a respective Web server via the gateway at an identified gateway port;
  
  receiving a request from the client to access a Web server of a device on the private network in response to user activation of a link on the Web page;
  
  redirecting the received client request to the Web server;
  
  scrubbing a Web page served by the Web server in response to the received client request, comprising;
  
  removing links to Web servers of devices for which the user does not have access rights; and
  
  replacing an address in the Web page that is not valid on the public network with an address that is valid on the public network; and
  
  serving the scrubbed Web page to the client.

15. A gateway system that permits access to devices on a private network via a client on a public network, comprising:
- means for receiving a request from the client to access a Web server of a device on the private network, wherein the Web server has an address that is valid on the private network but is not valid on the public network;
  
  means for redirecting the received client request to the Web server;
  
  means for scrubbing a Web page served by the Web server in response to the received client request, comprising means for replacing an address in the Web page that is not valid on the public network with an address that is valid on the public network; and
  
  means for serving the scrubbed Web page to the client.

21. A gateway system that permits access to devices on a private network via a client on a public network, wherein each device includes a Web server having an address that is valid on the private network, but is not valid on the public network, wherein the gateway system comprises:
- means for ascertaining rights of a user to access one or more devices on the private network;
  
  means for serving a Web page to the client that identifies each device on the private network for which the user has access rights, wherein the Web page includes a link to a Web server of each device on the private network for which the user has access rights;
  
  means for receiving a request from the client to access a Web server of a device on the private network in response to user activation of a link on the Web page;
  
  means for redirecting the received client request to the Web server;
  
  means for scrubbing a Web page served by the Web server in response to the received client request, comprising means for removing links to Web servers of devices for which the user does not have access rights; and
  
  means for serving the scrubbed Web page to the client.
- View Dependent Claims (22, 23, 24, 25, 27, 28, 30, 31, 32, 33, 34, 36, 37, 38, 39)
- - 22. The gateway system according to claim 21, further comprising means for accepting a user log-in request from the client, wherein the user log-in request includes an identification of the user.
  - 23. The gateway system according to claim 21, wherein the means for scrubbing a Web page further comprises means for replacing an address in the Web page that is not valid on the public network with an address that is valid on the public network.
  - 24. The gateway system according to claim 21, wherein each link to a Web server includes a uniform resource locator (URL) for the gateway system that is valid on the public network and an identification of a gateway system port that is mapped to a respective Web server, and wherein each link is configured to send a request to a respective Web server via the gateway system at an identified gateway system port.
  - 25. The gateway system according to claim 21, wherein the means for serving a Web page to the client comprises:
    - means for scanning a range of private network addresses to identify Web servers listening on one or more selected ports;
      
      means for mapping each identified Web server to a respective gateway system port; and
      
      means for creating a Web page that contains a respective link to each gateway system port for each device for which the user has access rights.
  - 27. The gateway system according to claim 26, further comprising means for accepting a user log-in request from the client prior to ascertaining rights of the user, wherein the user log-in request includes an identification of the user.
  - 28. The gateway system according to claim 26, wherein the means for serving a Web page to the client comprises:
    - means for scanning a range of private network addresses to identify Web servers listening on one or more selected ports;
      
      means for mapping each identified Web server to a respective gateway system port; and
      
      means for creating a Web page that contains a respective link to each gateway system port for each device for which the user has access rights.
  - 30. The computer program product according to claim 29, further comprising:
    - computer readable program code that ascertains rights of a user to access one or more devices on the private network; and
      
      computer readable program code that serves a Web page to the client that identifies each device on the private network for which the user has access rights, wherein the Web page includes a link to a Web server of each device on the private network for which the user has access rights.
  - 31. The computer program product according to claim 30, further comprising computer readable program code that accepts a user log-in request from the client, wherein the user log-in request includes an identification of the user.
  - 32. The computer program product according to claim 30, wherein each link to a Web server includes a uniform resource locator (URL) for a gateway on the private network that is valid on the public network and an identification of a gateway port that is mapped to a respective Web server, and wherein each link is configured to send a request to a respective Web server via the gateway at an identified gateway port.
  - 33. The computer program product according to claim 29, wherein the computer readable program code that scrubs a Web page comprises computer readable program code that replaces an address in the Web page that is valid only on the private network with a URL for a gateway on the private network that is valid on the public network and an identification of a gateway port that is mapped to the replaced address.
  - 34. The computer program product according to claim 30, wherein the computer readable program code that serves a Web page to the client comprises:
    - computer readable program code that scans a range of private network addresses to identify Web servers listening on one or more selected ports;
      
      computer readable program code that maps each identified Web server to a respective port of a gateway on the private network; and
      
      computer readable program code that creates a Web page that contains a respective link to each gateway port for each device for which the user has access rights.
  - 36. The computer program product according to claim 35, further comprising computer readable program code that accepts a user log-in request from the client, wherein the user log-in request includes an identification of the user.
  - 37. The computer program product according to claim 35, wherein the computer readable program code that scrubs a Web page further comprises computer readable program code that replaces an address in the Web page that is not valid on the public network with an address that is valid on the public network.
  - 38. The computer program product according to claim 35, wherein each link to a Web server includes a uniform resource locator (URL) for a gateway on the private network that is valid on the public network and an identification of a gateway port that is mapped to a respective Web server, and wherein each link is configured to send a request to a respective Web server via the gateway at an identified gateway port.
  - 39. The computer program product according to claim 35 wherein the computer readable program code that serves a Web page to the client comprises:
    - computer readable program code that scans a range of private network addresses to identify Web servers listening on one or more selected ports;
      
      computer readable program code that maps each identified Web server to a respective port of a gateway on the private network; and
      
      computer readable program code that creates a Web page that contains a respective link to each gateway port for each device for which the user has access rights.

26. A gateway system that permits access to devices on a private network via a client on a public network, wherein each device includes a Web server having an address that is valid on the private network, but is not valid on the public network, wherein the gateway system comprises:
- means for ascertaining rights of a user to access one or more devices on the private network;
  
  means for serving a Web page to the client that identifies each device on the private network for which the user has access rights, wherein the Web page includes a link to a Web server of each device on the private network for which the user has access rights, wherein each link to a Web server includes a uniform resource locator (URL) for the gateway system that is valid on the public network and an identification of a gateway system port that is mapped to a respective Web server, and wherein each link is configured to send a request to a respective Web server via the gateway system at an identified gateway system port;
  
  means for receiving a request from the client to access a Web server of a device on the private network in response to user activation of a link on the Web page;
  
  means for redirecting the received client request to the Web server;
  
  means for scrubbing a Web page served by the Web server in response to the received client request, comprising;
  
  means for removing links to Web servers of devices for which the user does not have access rights; and
  
  means for replacing an address in the Web page that is not valid on the public network with an address that is valid on the public network; and
  
  means for serving the scrubbed Web page to the client.

29. A computer program product that permits access to devices on a private network via a client on a public network, the computer program product comprising a computer usable storage medium having computer readable program code embodied in the medium, the computer readable program code comprising:
- computer readable program code that receives a request from the client to access a Web server of a device on the private network, wherein the Web server has an address that is valid on the private network but is not valid on the public network;
  
  computer readable program code that redirects the received client request to the Web server;
  
  computer readable program code that scrubs a Web page served by the Web server in response to the received client request, comprising computer readable program code that replaces an address in the Web page that is not valid on the public network with an address that is valid on the public network; and
  
  computer readable program code that serves the scrubbed Web page to the client.

35. A computer program product that permits access to devices on a private network via a client on a public network, wherein each device includes a Web server having an address that is valid on the private network, but is not valid on the public network, the computer program product comprising a computer usable storage medium having computer readable program code embodied in the medium, the computer readable program code comprising:
- computer readable program code that ascertains rights of a user to access one or more devices on the private network;
  
  computer readable program code that serves a Web page to the client that identifies each device on the private network for which the user has access rights, wherein the Web page includes a link to a Web server of each device on the private network for which the user has access rights;
  
  computer readable program code that receives a request from the client to access a Web server of a device on the private network in response to user activation of a link on the Web page;
  
  computer readable program code that redirects the received client request to the Web server;
  
  computer readable program code that scrubs a Web page served by the Web server in response to the received client request, comprising computer readable program code that removes links to Web servers of devices for which the user does not have access rights; and
  
  computer readable program code that serves the scrubbed Web page to the client.

40. A computer program product that permits access to devices on a private network via a client on a public network, wherein each device includes a Web server having an address that is valid on the private network, but is not valid on the public network, the computer program product comprising a computer usable storage medium having computer readable program code embodied in the medium, the computer readable program code comprising:
- computer readable program code that ascertains rights of a user to access one or more devices on the private network;
  
  computer readable program code that serves a Web page to the client that identifies each device on the private network for which the user has access rights, wherein the Web page includes a link to a Web server of each device on the private network for which the user has access rights, wherein each link to a Web server includes a uniform resource locator (URL) for a gateway on the private network that is valid on the public network and an identification of a gateway port that is mapped to a respective Web server, and wherein each link is configured to send a request to a respective Web server via the gateway system at an identified gateway port;
  
  computer readable program code that receives a request from the client to access a Web server of a device on the private network in response to user activation of a link on the Web page;
  
  computer readable program code that redirects the received client request to the Web server;
  
  computer readable program code that scrubs a Web page served by the Web server in response to the received client request, comprising;
  
  computer readable program code that removes links to Web servers of devices for which the user does not have access rights; and
  
  computer readable program code that replaces an address in the Web page that is not valid on the public network with an address that is valid on the public network; and
  
  computer readable program code that serves the scrubbed Web page to the client.
- View Dependent Claims (41, 42)
- - 41. The computer program product according to claim 40, further comprising computer readable program code that accepts a user log-in request from the client prior to ascertaining rights of the user, wherein the user log-in request includes an identification of the user.
  - 42. The computer program product according to claim 40, wherein the computer readable program code that serves a Web page to the client comprises:
    - computer readable program code that scans a range of private network addresses to identify Web servers listening on one or more selected ports;
      
      computer readable program code that maps each identified Web server to a respective gateway port; and
      
      computer readable program code that creates a Web page that contains a respective link to each gateway port for each device for which the user has access rights.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Home Director, Inc.
Original Assignee
Home Director, Inc.
Inventors
Webb, Brian T., Knowles, Gregory T.

Application Number

US09/874,802
Publication Number

US 20020083342A1
Time in Patent Office

Days
Field of Search
US Class Current

713/201
CPC Class Codes

G06F 21/31   User authentication

G06F 2221/2113   Multi-level security, e.g. ...

G06F 2221/2149   Restricted operating enviro...

H04L 63/02   for separating internal fro...

H04L 63/102   Entity profiles

H04L 67/561   Adding application-function...

H04L 67/563   Data redirection of data ne...

Systems, methods and computer program products for accessing devices on private networks via clients on a public network

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

397 Citations

42 Claims

Specification

Solutions

Use Cases

Quick Links

Systems, methods and computer program products for accessing devices on private networks via clients on a public network

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

397 Citations

42 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links