SECURE MULTIAPPLICATION PROXY

US 20020162024A1
Filed: 09/12/2001
Published: 10/31/2002
Est. Priority Date: 01/27/2000
Status: Active Grant

First Claim

Patent Images

1. Method for allowing a client application (16) to establish, in a client network (10), a first connection having a first security level, directly with a first port (1) of a server application (17) hosted in a server machine (13) linked to a server network (11), in order to send messages (30) addressed to the server machine (13), said messages (30) passing from the client network (10) to the server network (11) through a network layer (CR) of a gateway machine (9), characterized in that it comprises:

a first step that creates a second port (3) in the gateway machine (9);

a second step that orders the network layer (CR) of the gateway machine (9) to reroute to the second port (3) any message sent to the first port (1), addressed to the server machine (13);

a third step that listens to the second port (3);

a fourth step that generates, in the gateway machine (9), a thread for establishing said first connection when the third step detects in the second port (3) a request to establish said first connection.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A client application (16) establishes in a client network (10), a first connection having a first security level, directly with a first port (1) of a server application (17) hosted in a server machine (13) linked to a server network (11), in order to send messages addressed to the server machine (13). The messages pass from the client network (10) to the server network (11) through a network layer (CR) of a gateway machine (9). In the gateway machine, a secure application proxy reroutes the messages from the first connection, in a way that is transparent for the client application, and establishes a second connection having a second security level with the server application; the second connection is unknown to the client application.

72 Citations

View as Search Results

6 Claims

1. Method for allowing a client application (16) to establish, in a client network (10), a first connection having a first security level, directly with a first port (1) of a server application (17) hosted in a server machine (13) linked to a server network (11), in order to send messages (30) addressed to the server machine (13), said messages (30) passing from the client network (10) to the server network (11) through a network layer (CR) of a gateway machine (9), characterized in that it comprises:
- a first step that creates a second port (3) in the gateway machine (9);
  
  a second step that orders the network layer (CR) of the gateway machine (9) to reroute to the second port (3) any message sent to the first port (1), addressed to the server machine (13);
  
  a third step that listens to the second port (3);
  
  a fourth step that generates, in the gateway machine (9), a thread for establishing said first connection when the third step detects in the second port (3) a request to establish said first connection.
- View Dependent Claims (2, 3, 4, 5)
- - 2. Method according to claim 1, characterized in that it comprises:
    - a fifth step that defines a third port (2) of the server application (17) for receiving at least one of the messages (30) with a second security level; and
      
      in that said thread comprises;
      
      a first phase that establishes said first connection with a first security level in a first interface associated with the second port (3) and with said request;
      
      a second phase that establishes a second connection with a second level of security in a second interface to the third port (2) in the server machine (13);
      
      a third phase that writes with the second security level in the second interface any message read in the first interface with the first security level;
      
      a fourth phase that writes with the first security level in the first interface any message read in the second interface with the second security level.
  - 3. Method according to claim 2, characterized in that it comprises:
    - a sixth step that orders the network layer (CR) of the gateway machine (9) to delete any message sent to the third port (2).
  - 4. Method according to claim 1 or 2, characterized in that the first and second steps are executed automatically by a first process of the gateway machine (9) and in that said first process generates a second process that executes the third and the fourth step.
  - 5. Method according to claim 4, characterized in that the first, second and sixth steps are executed automatically by a first process of the gateway machine (9) and in that said first process generates a second process that executes the third and fourth steps.

6. Method for allowing a client application (16) to establish in a client network (10) a first connection having a first security level, directly with a first port (1) of a server application (17) hosted in a server machine (13) linked to a server network (11), in order to send messages (30) addressed to the server machine (13), said messages (30) passing from the client network (10) to the server network (11) through a network layer (CR) of a gateway machine (9), characterized in that it consists of activating, in the gateway machine, a secure application proxy that reroutes the messages from the first connection, in a way that is transparent for the client application, in order to establish a second connection having a second security level with the server application, said second connection being unknown to said client application.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Bull Sas (Atos SE)
Original Assignee
Bull Sas (Atos SE)
Inventors
Martin, Rene, Cunchon, Francois, Van-Dung, N?apos;Guyen

Granted Patent

US 8,073,949 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/201
CPC Class Codes

H04L 63/0281   Proxies

H04L 63/0464   using hop-by-hop encryption...

H04L 63/104   Grouping of entities

SECURE MULTIAPPLICATION PROXY

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

72 Citations

6 Claims

Specification

Solutions

Use Cases

Quick Links

SECURE MULTIAPPLICATION PROXY

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

72 Citations

6 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links