Secured system for accessing application services from a remote station
First Claim
1. A secure system for accessing application services from at least one application program, comprising:
- at least one client station having application independent logics stored therein and at least one controller for controlling said application independent logics, said application independent logics including at least one of a user interface logic, a device control logic for controlling devices, a file system logic, and a communication interface logic;
at least one application server having application logic stored in a server device for running said at least one application program, said server device being coupled to said at least one application server; and
an interface between said at least one client station and said at least one application server for connecting said at least one client station to said at least one application server;
wherein upon accessing by said at least one client station, said at least one application server runs said at least one application program which selectively controls said application independent logics for controlling devices of said at least one client station and for accessing data of said at least one client station, and wherein said at least one application server is able to process said corresponding data of said at least one client station on said at least one application program.
0 Assignments
0 Petitions
Accused Products
Abstract
A secured system for accessing application services from at least one application program where at least one client station having low-level application independent logics stored therein and at least one controller for controlling the low-level application independent logics, the low-level application logics including a user interface logic, a device control logic for controlling devices, a file system logic, and a communication interface logic, and wherein at least one client station has means to restrict access to said application independent logics, at least one application server having high-level application logic stored in a server device for running at least one application program, the server device being coupled to said at least one application server and low-level interface between said at least one client station and said at least one server for connecting said at least one client station to said at least one application server, wherein upon accessing by said at least one client station, said at least one application server runs at least one application program which selectively controls said low-level application independent logics for controlling devices of said at least one client station and accessing data of said at least one client station without permanently storing said at least one client station data in said at least one server. There is also a description of a secure operating system and method and a secured system and method of construction of a computer system as well as description of system and method of how to preserve a running current state of an application program for security and relocation purpose.
92 Citations
100 Claims
-
1. A secure system for accessing application services from at least one application program, comprising:
-
at least one client station having application independent logics stored therein and at least one controller for controlling said application independent logics, said application independent logics including at least one of a user interface logic, a device control logic for controlling devices, a file system logic, and a communication interface logic;
at least one application server having application logic stored in a server device for running said at least one application program, said server device being coupled to said at least one application server; and
an interface between said at least one client station and said at least one application server for connecting said at least one client station to said at least one application server;
wherein upon accessing by said at least one client station, said at least one application server runs said at least one application program which selectively controls said application independent logics for controlling devices of said at least one client station and for accessing data of said at least one client station, and wherein said at least one application server is able to process said corresponding data of said at least one client station on said at least one application program. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 20, 99, 100)
-
-
9. A computing machine comprising:
-
at least one user interface and input/output device (user console) having application independent logics stored therein and at least one controller for controlling said application independent logics, said application independent logics including at least one of a user interface logic, a device control logic for controlling devices, a file system logic, and a communication interface logic, and wherein said at least one user interface and input/output device has means to restrict access to said application independent logics;
at least one computational device having means to store application logic in said at least one computational device for running said at least one application program; and
an interface between said at least one user console and said at least one computational device for connecting said at least one user console to said at least one computational device, wherein upon accessing by said at least one user console, said at least one computational device runs said at least one application program which selectively controls said application independent logics for controlling devices of said at least one user console and for accessing data of said at least one user console, and wherein said at least one computational device processes said corresponding data from said at least one user console on said at least one application program without having to permanently store said data in said at least one computational device. - View Dependent Claims (10, 11, 12, 13, 14, 15, 17, 18, 19)
-
-
16. A secure Operating System comprising:
-
at least one user interface and input/output software module (user console kernel) having application independent logics and at least one means for controlling said application independent logics, said application independent logics including at least one of a user interface logic, a device control logic for controlling devices, a file system logic, and a communication interface logic, and wherein said at least one user interface and input/output software module has means to restrict access to said application independent logics;
at least one computational software module (process kernel) having means to run application logic for running said at least one application program; and
an interface (operating system interface/OSSI) between said at least one user console kernel and said at least one computational kernel for connecting said at least one user console kernel to said at least one computational kernel, wherein upon accessing by said at least one user console kernel, said at least one computational kernel runs said at least one application program which selectively controls said application independent logics for controlling application independent logics of said at least one user console kernel and for accessing data of said at least one user console kernel, and wherein said at least one computational kernel processes said corresponding data from said at least one user console kernel on said at least one application program.
-
-
21. A method of securely accessing application services from at least one application program, comprising the steps of:
-
accessing at least one application server by at least one client station to connect to said at least one application program running on said at least one application server;
wherein said at least one client station has application independent logics stored therein and at least one controller for controlling said application independent logics, said application independent logics including at least one of a user interface logic, a device control logic for controlling devices, a file system logic, and a communications interface logic; and
wherein said at least one application server has application logic stored in a server device coupled to said at least one application server, for running said at least one application program;
having said at least one application server selectively interact with said application independent logics to retrieve data corresponding to said at least one application program from said at least one client station upon optional authorization from said at least one client station;
processing said corresponding data on said at least one application program; and
without having to permanently store said data within said at least one application server when said application services are complete. - View Dependent Claims (22, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 52, 53, 54, 55, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84, 85, 86)
-
-
23. A secure system for managing devices and/or file systems of at least one client station, comprising:
-
at least one application server having application logic stored within a server device coupled to said at least one application server for running at least one management application program, and said at least one application server being capable of accessing multiple devices and file systems, each coupled to at least one respective client station, when each client station interfaces with said at least one application server to access said at least one application program;
wherein each interfaced server selectively accesses said devices, said file systems or both to form a centralized device and file management system for controlling and accessing devices, file systems, states, or configurations of said at least one client station;
wherein upon accessing by said client stations, said at least one application server runs at least one application program and selectively controls application independent logics of said at least one client station for controlling devices of said at least one client station and for accessing data of said at least one client station; and
wherein said at least one application server is able to process said corresponding data of said at least one client station on said at least one application program without having to permanently store said data in a server device coupled to said at least one application server or within said application server.
-
-
24. A secure system for accessing application services from at least one service application, comprising:
at least one client station having at least a special purpose operating system stored therein for supporting said at least one client station connections to at least one application server and application independent logics stored therein, said special purpose operating system comprising application independent logics including at least one of a user interface logic, a device control logic for controlling devices, a file system logic, and a communication interface logic, wherein said at least one application server runs said at least one service application which controls said application independent logics stored within said at least one client station for controlling said special purpose operating system and devices of said at least one client station;
wherein said at least one service application is at least one of software service application or hardwired service applications.
-
25. A method of converting a conventional application program which has application programming interface specific to a particular operating system to a network application program which communicates with a client station via an operating system service interface communications protocol, comprising the steps of:
-
substituting operating system function calls of said conventional application program with code for generating command packets using said operating system service interface communications protocol, without modifying application code of said conventional application program, to convert said conventional application program to said network application program so that an application server is able to transport the command packets to said client station for controlling specific operating system or device operations of said client station;
wherein said code which generates command packets has identical application programming interface to said operating system functions of said particular operating system; and
wherein said network application program runs within an application server, accesses data of said client station, and is able to control specific operating system and device operations of said client station, when said client station connects to said network application program, as required by said network application program.
-
-
26. An application service provider system, comprising:
-
at least one processing element containing application service logics therein;
at least one communication interface through which said system can be accessed; and
wherein said application service provider provides a service to an user system, said user being a client of said application service provider, by giving an user device access to said processing element via said communication interface for processing data corresponding to said user system on said application service logics without having to permanently co-locate said data with said application service provider system.
-
-
27. A managed application service provider system, comprising:
-
at least one processing element containing application service logics therein;
at least one communication interface through which said system can be accessed;
at least one means to manage, update, maintain, or monitor said application service logics; and
wherein said application service provider system provides a service to an user, said user being a client of said application service provider, by giving an user device access to said processing element via said communication interface for processing data corresponding to said user on said application service.
-
-
28. A collaborative application service system for sharing of data and devices, comprising:
-
at least one processing element containing application logics therein;
at least one communication interface through which said system can be accessed;
wherein said at least one processing element is accessed by at least two client devices via said at least one communication interface and said processing element performs said application service for said at least two client devices by processing and mediating exchange of data, according to said application logics, for said at least two client devices; and
wherein said at least one processing element retrieves said data corresponding to at least one of said at least two client devices, processes said data, and makes said processed data available to at least one of said at least two client devices.
-
-
29. An application service system for managing of client devices, comprising:
-
at least one processing element containing managing application logics therein;
at least one communication interface through which said system can be accessed; and
wherein said at least one processing element is accessed by at least one client device via said at least one communication interface and said processing element performs said managing application service for said at least one client device by at least one of monitoring said client device state to insure correct operation, by modifying said client device state to an up to date state, by updating data of said client device, by interacting with said client device logics in order to control, access and manage other devices which may be coupled to said client device.
-
-
30. A system to provide application services, comprising:
-
at least one processing element containing application logics therein;
at least one communication interface through which said system can be accessed; and
wherein said at least one processing element is accessed via said at least one communication interface by a client device and said processing element performs said application services for said at least one accessing client device by exchanging data, said data corresponding to said at least one client device, with said at least one client device and processing said data according to said application logics. - View Dependent Claims (51)
-
-
56. A client system for accessing application services, comprising:
-
at least one communication interface through which to access said application services;
at least one processing element containing application independent logics therein; and
wherein upon connecting to a server providing application services, said server is able to control functioning of said client system by controlling said application independent logics through said at least one communication interface in order to provide said application services.
-
-
87. A method for at least two client devices to share data and devices coupled to said at least two client devices, comprising the steps of:
-
said at least two client devices wanting to share data or accessing one or more other devices, said other devices coupled to said at least two client devices, connecting to an application service server, said application server containing sharing application logics therein;
said at least two client devices interacting with said sharing application logics to access data and other devices coupled to another one of said at least two client devices; and
wherein said sharing application logics control said two client devices as needed to provide said sharing service. - View Dependent Claims (88, 89, 90)
-
-
91. A method for providing know-how for specialized data processing services without disclosing said know-how, comprising the steps of:
-
encoding said know-how for performing said specialized data processing in a software application and integrating said software application with a processing element or hardwiring said know-how within said processing element;
providing a communication protocol within said processing element to accept data for processing and for outputting processed data;
attaching said processing element, containing said know-how, to an interface, said interface being accessible to at least one client device;
accepting connections from said at least one client device needing said know-how to process data corresponding to said at least one client device;
retrieving data corresponding to said at least one client device, as needed by said software application or said hard-wired know-how logics;
making processed data available to said at least one client device; and
never disclosing said know-how to said at least one client device. - View Dependent Claims (92, 93)
-
-
94. A system to provide access to know-how for a business or industrial data processing task and to means for performing said business or industrial task according to said know-how, comprising:
-
at least one processing element containing said know-how logics as a software application code or hardwired logics;
at least one interface through which a client device needing said know-how could access said means; and
wherein said system can interact with said client device, when said client device connects with said system, and/or with other data sources, said other data sources corresponding to said client device, to perform said business or industrial task according to said know-how without having to transfer said know-how logics to said client device.
-
-
95. A system enabling an individual or a company to provide access to his/its computerized know-how of a useful data processing process combined with means for performing said useful data processing process according to said know-how, comprising:
-
at least one processing element containing said know-how logics as a software application code or hardwired logics;
at least one interface through which a client device needing said know-how could access said means; and
wherein upon connecting of said client device, said system can interact with said client device and can perform said useful process according to said know-how without having to transfer said know-how logics to said client device. - View Dependent Claims (96, 97, 98)
-
Specification