Securing applications based on application infrastructure security techniques

US 20030177390A1
Filed: 07/02/2002
Published: 09/18/2003
Est. Priority Date: 03/15/2002
Status: Abandoned Application

First Claim

Patent Images

1. A system for providing secure access via a public network for at least one client computer to a local network having a legacy system, comprising:

a) a client computer in communication with a public network;

b) an access service zone operating as a touch point for communication with the client computer;

c) a network identity service zone providing network security techniques for securing communications with the client computer;

d) a first firewall between the access service zone and the network identity service zone;

e) a second firewall between the network identity service zone and network application zone;

whereby secure access to the network application zone can be provided to a user at the client computer.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The preferred embodiments relate to a system for providing secure access via a public network for at least one client computer to a local network having a legacy system. The system preferably includes a client computer in communication with a public network, an access service zone operating as a touch point for communication with the client computer, a network identity service zone providing network security techniques for securing communications with the client computer, a first firewall between the access service zone and the network identity service zone, and a second firewall between the network identity service zone and a network application zone. Whereby, secure access to the network application zone can be provided to a user at the client computer. The preferred embodiments also align application infrastructure with application techniques used.

Citations

16 Claims

1. A system for providing secure access via a public network for at least one client computer to a local network having a legacy system, comprising:
- a) a client computer in communication with a public network;
  
  b) an access service zone operating as a touch point for communication with the client computer;
  
  c) a network identity service zone providing network security techniques for securing communications with the client computer;
  
  d) a first firewall between the access service zone and the network identity service zone;
  
  e) a second firewall between the network identity service zone and network application zone;
  
  whereby secure access to the network application zone can be provided to a user at the client computer.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The system of claim 1, wherein said access service zone includes at least one server that is configured to communicate only with said network identity service zone.
  - 3. The system of claim 2, wherein the at least one server is configured to remain unaware of whether security techniques are to be applied.
  - 4. The computer system of claim 1, wherein said access service zone includes a reverse proxy gateway server or a portal web server.
  - 5. The system of claim 1, wherein said network identity service zone includes at least one server that provides at least one of the following security techniques:
    - authentication, authorization, virus checking, spam control, intrusion detection, certification/validation of identity.
  - 6. The system of claim 1, wherein said public network is the Internet.

7. A computer system for providing secure access via a public network for at least one client computer to a local system, comprising:
- a) a first tier system configured for network access services;
  
  b) a second tier system configured for network identity services; and
  
  c) a third tier system configured for network application services.
- View Dependent Claims (8)
- - 8. The computer system of claim 7, wherein said first tier system includes a reverse proxy gateway server or a portal web server.

9. A computer system for providing secure access via a public network for at least one client computer to a local system, comprising:
- a) access means for providing network access alone to an external client computer at a first tier system;
  
  b) identity means for providing all network identity services at a second tier system; and
  
  c) services means for providing network application services at a third tier system.
- View Dependent Claims (10, 11)
- - 10. The computer system of claim 9, further including means for aligning application infrastructure with application techniques used within the second tier system.
  - 11. The computer system of claim 9, wherein said access means includes a reverse proxy gateway server or a portal web server.

12. A method for creating a secure system providing services from within a private system to at least one client computer via a public network, comprising:
- a) establishing a predetermined set of application infrastructure corresponding to application security techniques;
  
  b) selecting application security techniques within said set; and
  
  c) driving corresponding application infrastructure based on said selected application security techniques in accordance with the established set.
- View Dependent Claims (13, 14, 15, 16)
- - 13. The method of claim 12, further including providing said security techniques as J2EE security techniques.
  - 14. The method of claim 12, wherein said act of driving corresponding application infrastructure includes deploying a touch point server including a reverse proxy web server, a portal gateway server and/or another server configured to act as a touch point.
  - 15. The method of claim 14, further including locating said touch point server in a first tier system that is separated from a second tier system that provides all network identity services.
  - 16. The method of claim 15, further including separating said second tier system from a third tier system that provides network application services.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Sun Microsystems Incorporated (Oracle Corporation)
Original Assignee
Sun Microsystems Incorporated (Oracle Corporation)
Inventors
Radhakrishnan, Rakesh

Application Number

US10/188,226
Publication Number

US 20030177390A1
Time in Patent Office

Days
Field of Search
US Class Current

713/201
CPC Class Codes

H04L 63/0209 Architectural arrangements,...

Securing applications based on application infrastructure security techniques

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Securing applications based on application infrastructure security techniques

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links