Secure customer interface for web based data management
First Claim
1. A security system for communications network management having an integrated customer interface, said security system comprising:
- (a) at least one secure web server for managing secure sessions over the internet, said secure web server supporting secure socket layer for encrypted communication, said secure server also providing session management including customer identification, validation and session management to link said session with said customer;
(b) at least one dispatcher server for communicating with said secure web server through a first firewall, and communicating with a plurality of proxy services and a plurality of system resources using an internal network, said dispatcher server providing verification of system access after customer entitlements have been verified; and
(c) said plurality of system resources providing communications network management capabilities for said customer, each of said system resources responsive to a request to generate client data or instructions relating to said communications network.
9 Assignments
0 Petitions
Accused Products
Abstract
An integrated series of security protocols is disclosed that protect remote user communications with remote enterprise services, and simultaneously protect the enterprises services from third parties. In the first layer, an implementation of the Secure Sockets Layer (SSL) version of HTTPS provides communications security, including authentication of the enterprise web server and the security of the transmitted data. The protocols provide for an identification of the user, and an authentication of the user to ensure the user is who he/she claims to be and a determination of entitlements that the user may avail themselves of within the enterprise system. Session security is described, particularly as to the differences between a remote user'"'"'s copper wire connection to a legacy system and a user'"'"'s remote connection to the enterprise system over a “stateless” public Internet, where each session is a single transmission, rather than an interval of time between logon and logoff, as is customary in legacy systems. Security for the enterprise network and security for the data maintained by the various enterprise applications is also described.
150 Citations
16 Claims
-
1. A security system for communications network management having an integrated customer interface, said security system comprising:
-
(a) at least one secure web server for managing secure sessions over the internet, said secure web server supporting secure socket layer for encrypted communication, said secure server also providing session management including customer identification, validation and session management to link said session with said customer;
(b) at least one dispatcher server for communicating with said secure web server through a first firewall, and communicating with a plurality of proxy services and a plurality of system resources using an internal network, said dispatcher server providing verification of system access after customer entitlements have been verified; and
(c) said plurality of system resources providing communications network management capabilities for said customer, each of said system resources responsive to a request to generate client data or instructions relating to said communications network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system having an integrated and secure customer interface for communications network management, said system including a web browser for use on a client computer, and a secure web server having a system home page, said system comprising:
-
(a) at least one Java applet embedded in said home page to provide interactive sessions with said communications network, said sessions including client authentication, session authentication and transaction requests for said communications network, (b) an encryption layer to provide encryption of each client session with a public key provided by said communications network, each session also including session authentication with a client cookie generated by said system, said session cookie being encrypted with said public key during transmission of each transaction request to said secure server;
(c) at least one security firewall on either side of said secure server to prevent direct public access to said communications network. - View Dependent Claims (12, 13, 14, 15, 16)
-
Specification