Method and system for secure alert messaging
First Claim
Patent Images
1. An alert messaging method, comprising:
- receiving at a secure web application server a registration request from a user station to receive alert messages from a first messaging server;
registering the user station for receipt of alert messages, the user station being located outside a de-militarized zone interposed between the user station and a cluster of internal messaging servers, the first messaging server being located, inside the de-militarized zone, and the registering further including generating, at a secure web application server, a one-time use token including a user name and password combination;
generating, at the secure web application server, a secure registration response, the response including connection location information for the first messaging server and a combination of a unique login value and a password, wherein the connection information includes a host identifier, port identifier, correlation identifier, and a queue name;
upon subsequent successful matching of the user name and password combination to its corresponding stored value, outputting a connection request to the first messaging server, the first messaging server configured to perform a security exit upon receiving the connection request, the security exit being configured to verify that the one-time use token has not been previously used;
receiving, at the registered user station, alert message notifications from the first messaging server via a first network; and
receiving, at the registered user station, alert message content from a secure web application server via second network.
3 Assignments
0 Petitions
Accused Products
Abstract
An alert messaging system and method to securely transmit and receive alert messages via secure connection among one or more messaging servers and at least one client user station using a token-based, one-way handshake mechanism.
-
Citations
20 Claims
-
1. An alert messaging method, comprising:
-
receiving at a secure web application server a registration request from a user station to receive alert messages from a first messaging server;
registering the user station for receipt of alert messages, the user station being located outside a de-militarized zone interposed between the user station and a cluster of internal messaging servers, the first messaging server being located, inside the de-militarized zone, and the registering further including generating, at a secure web application server, a one-time use token including a user name and password combination;
generating, at the secure web application server, a secure registration response, the response including connection location information for the first messaging server and a combination of a unique login value and a password, wherein the connection information includes a host identifier, port identifier, correlation identifier, and a queue name;
upon subsequent successful matching of the user name and password combination to its corresponding stored value, outputting a connection request to the first messaging server, the first messaging server configured to perform a security exit upon receiving the connection request, the security exit being configured to verify that the one-time use token has not been previously used;
receiving, at the registered user station, alert message notifications from the first messaging server via a first network; and
receiving, at the registered user station, alert message content from a secure web application server via second network. - View Dependent Claims (2)
-
-
3. An alert messaging system, comprising:
-
a cluster of one or more internal messaging servers and one or more alert message routers;
a region of one or more de-militarized zone messaging servers, each of the de-militarized zone messaging servers in a de-militarized zone operably coupled through one or more of the alert message routers to each of the first messaging servers;
,the de-militarized zone further including one or more secure web application servers, each of the secure web application servers being coupled to each of the de-militarized zone messaging servers;
at least one client user station, the at least one client user station coupled to at least one of the Java Messaging Service servers and at least one of the secure web application servers, the client user station configured to receive alert messages and including a user interface configured to display the contents of the received alert messages to a user; and
the de-militarized zone comprising a region formed by a first secure firewall interposed between the cluster of internal messaging servers the region and at least a second secure firewall interposed between the external user stations and the region. - View Dependent Claims (4, 5, 6, 7, 8, 9)
-
-
10. An alert messaging system, comprising:
-
a first messaging server including one or more alert message routers;
at least one second messaging server, the first messaging server coupled through one or more alert message routers to the second messaging servers, the second messaging servers being provided in a neutral zone;
the second messaging servers including at least a Java Messaging Service server and a secure web application servers;
an alert messaging database coupled to each of the alert message routers and each the secure web application servers; and
at least one client user station, the at least one client user station coupled to at least one of the Java Messaging Service servers via a first network and at least one of the secure web application servers via a second network, the client user station configured to receive alert message content from the secure web application server via the second network and alert message notification messages from the Java Messaging Service server via the first network, and including a user interface configured to display the contents of the received alert messages to a user. - View Dependent Claims (11, 12, 13, 14, 15, 16)
-
-
17. A method of alert messaging, comprising:
-
receiving at a secure web application server a registration request for a messaging server;
generating, at the secure web application server, a secure registration response, the response including connection location information and a combination of a unique login value and a password, wherein the connection information includes a host identifier, port identifier, correlation identifier, and a queue name;
associating portions of the secure registration response with the requesting user station;
storing the secure registration response and the user station association information in a database;
outputting the secure registration response to the requesting user station from the secure web application server using a network;
receiving, at a messaging server, an alert message from a mainframe;
determining the user stations securely registered and entitled to receive the alert message based on information contained in the database; and
sending the alert message content from the secure web application server to one or more user stations for output to a user. - View Dependent Claims (18, 19)
-
-
20. A computer-readable medium upon which is embodied a set of programmable instructions that when executed cause a processor to:
-
receive at a secure web application server a registration request from a user station to receive alert messages from a first messaging server;
register the user station for receipt of alert messages, the user station being located outside a de-militarized zone interposed between the user station and a cluster of internal messaging servers, the first messaging server being located inside the de-militarized zone, further including generating, at a secure web application server, a one-time use token including a user name and password combination;
generate, at the secure web application server, a secure registration response, the response including connection location information for the first messaging server and a combination of a unique login value and a password, wherein the connection information includes a host identifier, port identifier, correlation identifier, and a queue name;
upon subsequent successful matching of the user name and password combination to its corresponding stored value, output a connection request to the first messaging server, the first messaging server configured to perform a security exit upon receiving the connection request, the security exit being configured to verify that the one-time use token has not been previously used;
receive, at the registered user station, alert message notifications from the first messaging server via a first network; and
receive, at the registered user station, alert message content from a secure web application server via second network.
-
Specification