Secure remote access using enterprise peer networks
First Claim
1. A distributed computing system for secure remote access by a user'"'"'s access devices to secure data sources on one or more machines comprising a limited virtual network established between peer machines, said peer machines comprising a client software program (EPN client) that runs on a user'"'"'s data source, a server module that does not maintain a persistent connection with the EPN client, and an access machine, wherein the server module (EPN server) comprises an access manager, a queue manager, and a file manager.
1 Assignment
0 Petitions
Accused Products
Abstract
A system for accessing data from any location and any device including those behind firewalls, proxy servers, address translations and other devices, while securing the data and network. The system employs a secure peer network between data sources regardless of their location enabling data access devices to retrieve or submit data from any Internet enabled device from any location. Messages are tunneled to HTML that passes through firewalls. A Queue Manager in the EPN Server software creates a unique queue for data source which can only be accessed by the data source. The user with a browser enabled device can then access the EPN Server by providing the necessary credentials, such as user id and password, and can then access the data in the data sources for which the user is permissioned. The data source maintains a non-persistent connection through a polling algorithm and services the request in the queue.
-
Citations
44 Claims
-
1. A distributed computing system for secure remote access by a user'"'"'s access devices to secure data sources on one or more machines comprising
a limited virtual network established between peer machines, said peer machines comprising a client software program (EPN client) that runs on a user'"'"'s data source, a server module that does not maintain a persistent connection with the EPN client, and an access machine, wherein the server module (EPN server) comprises an access manager, a queue manager, and a file manager.
-
12. A method for a user to access remotely via an access machine data contained on a desktop computer comprising
registering online with a server module (EPN server), obtaining from the EPN server an EPN client program, installing the client program on the desktop computer, wherein said desktop computer becomes a data source.
-
15. A method for a user to access remotely via an access machine data contained on a desktop computer comprising
registering online with an EPN server, obtaining from the EPN server an EPN client program, installing the client program on the desktop computer, wherein said desktop computer becomes a data source, starting the EPN client program on the user'"'"'s data source.
-
22. A method for a user to access remotely, via an access machine, data contained on a desktop computer comprising
registering online with an EPN server, obtaining from the EPN server an EPN client program, installing the client program on the desktop computer, wherein said desktop computer becomes a data source, setting up access controls by the user or a corporate administrator to restrict access by the client to a limited set of data, said access controls comprising a master access list.
-
35. A method for a user with a browser accessing remotely, via an access machine having a browser, data contained on a computer in the peer neighborhood comprising
registering online with an EPN server, obtaining from the EPN server an EPN client program, installing the client program on the desktop computer, wherein said desktop computer becomes a data source, authenticating the user as a peer, creating a Reply (qB) queue on the EPN server, selecting a peer machine from the list of peer machines available configured or interfaceable in the peer neighborhood selecting one or more files to be downloaded to the remote machine from the listing of files that are configured previously on the peer for remote access. communicating this request to the EPN server, polling the EPN Server for a response in its reply queue, having the EPN Server verify the request by looking into the access control list, entering the request into the request queue for Peer A, allows the EPN client polling from Peer A to pick up the requested data.
-
38. A method for a user with a windows explorer accessing remotely, via an access machine having a windows explorer, data contained on a computer in the peer neighborhood comprising
registering online with an EPN server, obtaining from the EPN server an EPN client program, installing the client program on the desktop computer, wherein said desktop computer becomes a data source, authenticating the user as a peer, creating a Reply (qB) queue on the EPN server, selecting a peer machine from the list of peer machines available configured or interfaceable in the peer neighborhood selecting one or more files to be downloaded to the remote machine from the listing of files that are configured previously on the peer for remote access. communicating this request to the EPN server, polling the EPN Server for a response in its reply queue, having the EPN Server verify the request by looking into the access control list, entering the request into the request queue for Peer A, allows the EPN client polling from Peer A to pick up the requested data.
-
39. A distributed computing system for secure remote access by a user'"'"'s access devices to secure data sources on one or more machines comprising
a limited virtual network established between peer machines, said peer machines comprising a client software program (EPN client) that runs on a user'"'"'s data source, a server module, and an access machine, wherein data accessor and data source are disconnected processes joined only by asynchronous communication using queues, and wherein no changes are required in the corporate firewall or network configurations.
-
40. A method for using a distributed computing system for secure remote access by a plurality of user'"'"'s access devices to secure data sources on one or more machines comprising a limited virtual network established between peer machines, said peer machines comprising a client software program (EPN client) that runs on a user'"'"'s data source, a server module, and an access machine, said method comprising
downloading and installing the EPN client on a first peer machine (Peer A), creating a message queue (qA) on the server module (EPN Server), creating a master access list on Peer A for remote access, saving the master list to a file and uploading it to the EPN Server, having the EPN client poll for messages, causing a second peer machine (Peer B) to log in to the EPN Server using a web browser, creating a message queue (qB) for Peer B on the EPN Server, causing Peer B to assign folders for remote access from a subset of the master list and saving the subset as an access list file on the EPN Server.
-
42. A distributed computing system for secure remote access by a user'"'"'s access devices to secure data sources on one or more machines comprising
a limited virtual network established between peer machines, said peer machines comprising a client software program (EPN client) that runs on a user'"'"'s data source, a central manager server module that maintains request and reply queues to enable asynchronous communication so that no program awaits a response, and an access machine.
-
43. An authentication procedure for providing security of a distributed computing system for secure remote access by a user'"'"'s access devices to secure data sources on one or more machines said distributed computing system comprising
a limited virtual network established between peer machines, said peer machines comprising a client software program (EPN client) that runs on a user'"'"'s data source, a server module, and an access machine. said authentication procedures comprising setting up users in the EPN system using EPN'"'"'s native authentication system.
-
44. A method for a user having a computer to access remotely, via an access machine, data contained on an EPN server, comprising
registering online with an EPN server, obtaining from the EPN server an EPN client program, said EPN server not maintaining a persistent connection with the EPN client, installing the client program on the computer, retrieving the data by the user from the EPN server by use of a browser.
Specification