Secured web entry server
First Claim
1. A method for accepting a message received from an untrusted network by a secure entry server in communication with a trusted network, the message characterized by a message protocol, the method comprising the steps of:
- receiving the message in an external partition of the server;
verifying the message protocol;
converting the message into an internal message, the internal message characterized by an internal message protocol;
transferring the internal message to an internal partition of the server;
verifying the protocol of the internal message; and
accepting the message by the secure entry server.
2 Assignments
0 Petitions
Accused Products
Abstract
A Secure Entry Server (SES) provides for secure and traceable communication between a trusted network and an untrusted network. The SES includes a first partition in communication with the untrusted network and a second partition in communication with the trusted network. Communication between the first and second partition is preferably initiated by a request from the second partition. An incoming message is reformatted into a SES message after an initial check before being read by the second partition. The SES message is reformatted according to the protocol supported by the requested trusted resource after filtering and verification and tagged with a security label before passing into the trusted network
88 Citations
64 Claims
-
1. A method for accepting a message received from an untrusted network by a secure entry server in communication with a trusted network, the message characterized by a message protocol, the method comprising the steps of:
-
receiving the message in an external partition of the server;
verifying the message protocol;
converting the message into an internal message, the internal message characterized by an internal message protocol;
transferring the internal message to an internal partition of the server;
verifying the protocol of the internal message; and
accepting the message by the secure entry server. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A secure entry server for accepting a message received from an untrusted network, the message characterized by a message protocol, the secure entry server in communication with a trusted network, the secure entry server comprising:
-
(a) means for receiving the message in an external partition of the server;
(b) means for verifying the message protocol;
(c) means for converting the message into an internal message, the internal message characterized by an internal message protocol;
(d) means for transferring the internal message to an internal partition of the server;
(e) means for verifying the protocol of the internal message; and
(f) means for accepting the message by the secure entry server. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A computer-readable medium having computer-executable instructions for performing a method for accepting a message received from an untrusted network by a secure entry server in communication with a trusted network, the message characterized by a message protocol, the method comprising:
-
receiving the message in an external partition of the server;
verifying the message protocol;
converting the message into an internal message, the internal message characterized by an internal message protocol;
transferring the internal message to an internal partition of the server;
verifying the protocol of the internal message; and
accepting the message by the secure entry server. - View Dependent Claims (14, 15, 16, 17, 18)
-
-
19. A secure entry server comprising:
-
an external partition in communication with an untrusted network, the external partition configured to convert a message from the untrusted network to an internal message, the message comprising a data field and a message header, the message header comprises at least one characteristic of the message;
an internal partition in communication with a trusted network; and
a message airlock configured to pass the internal message between the external partition and the internal partition. - View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
-
-
31. A computer-readable medium having stored thereon a data structure for a secure entry server comprising:
-
an internal message data field containing data conforming to an internal message protocol, the data representing a message between an untrusted network and a trusted network, the message characterized by a network protocol different from the internal message protocol; and
an internal message header field containing data representing the characterization of the message data field according to the internal message protocol. - View Dependent Claims (32)
-
-
33. A method for passing a message between an untrusted network and a resource on a trusted network, the message characterized by a network protocol, the method comprising the steps of:
-
receiving the message from the untrusted network;
converting the received message into an internal message, the internal message characterized by an internal message protocol different from the network protocol;
verifying the contents of the internal message;
converting the verified internal message to a trusted message characterized by a protocol supported by the resource on the trusted network; and
forwarding the trusted message to the resource on the trusted network. - View Dependent Claims (34, 35, 36, 37, 38, 39, 40, 41, 42)
-
-
43. A secure entry server for passing a message between an untrusted network and a resource on a trusted network, the message characterized by a network protocol, the secure entry server comprising:
-
means for receiving the message from the untrusted network;
means for converting the received message into an internal message, the internal message characterized by an internal message protocol different from the network protocol;
means for verifying the contents of the internal message;
means for converting the verified internal message to a trusted message characterized by a protocol supported by the resource on the trusted network; and
means for forwarding the trusted message to the resource on the trusted network. - View Dependent Claims (44, 45, 46, 47, 48, 49, 50, 51)
-
-
52. A computer-readable medium having computer-executable instructions for performing a method for passing a message between an untrusted network and a resource on a trusted network, the message characterized by a network protocol, the method comprising the steps of:
-
receiving the message from the untrusted network;
converting the received message into an internal message, the internal message characterized by an internal message protocol different from the network protocol;
verifying the contents of the internal message;
converting the verified internal message to a trusted message characterized by a protocol supported by the resource on a trusted network; and
forwarding the trusted message to the resource on the trusted network. - View Dependent Claims (53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63)
-
-
64. A secure entry server for restricted access to a resource on a trusted network from an untrusted network, the server comprising:
-
an adapter for converting a message having a network protocol to and from an internal message having an internal message protocol different from the network protocol;
a filter for verifying the contents of the internal message;
a message airlock for transferring the internal message between the adapter and the filter;
a session table configured to hold at least one characteristic of the internal message;
a manager configured to maintain the session table based on a user authorization and the message;
a converter for converting the internal message to and from a trusted message; and
a dispatcher for receiving and forwarding the trusted message to the resource on the trusted network.
-
Specification