Secure remote access to enterprise networks

US 20040193695A1
Filed: 04/05/2004
Published: 09/30/2004
Est. Priority Date: 11/10/1999
Status: Abandoned Application

First Claim

Patent Images

1. A data center providing access to subscriber information maintained on a remote enterprise network, the data center comprising:

a data network interface system for interfacing with a data network;

a login system including a login server for receiving a request inputted by a subscriber on a remote access device across the data network to access the subscriber information and for authenticating the subscriber and the remote device; and

a service system including a plurality of enterprise gateway servers for transmitting the request to the remote enterprise network across a second data network to the remote enterprise network and for receiving the requested subscriber information from the remote enterprise network across the second data network;

wherein the login server dynamically redirects the remote access device to a corresponding enterprise gateway server associated with the enterprise network upon authenticating the subscriber and the remote access device and the corresponding enterprise gateway server establishing a virtual private network (VPN) connection with the remote enterprise network across the second data network and communicating with the remote enterprise network.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system for permitting a subscriber to access subscriber information from a remote enterprise network in real-time is presented. The system includes a remote access device with browser capabilities for inputting requests to access the subscriber information. The remote access device communicates with a data center across the data network, and the data center processes the requests to access the subscriber information and renders the requested subscriber information on the remote access device. The data center includes a login server, which receives the access requests from the remote access device, authenticates the subscriber and the remote access device, associates the subscriber and the remote access device with the appropriate remote enterprise network, and dynamically redirects the remote access device to the appropriate remote enterprise network. The data center also includes an enterprise gateway server, coupled to the login server, for establishing a virtual private network connection with the enterprise network and for communicating with the enterprise network. At the enterprise network resides an enterprise network messaging server, which hosts subscriber information and provides the subscriber information based on the requests inputted to the remote access device.

87 Citations

View as Search Results

29 Claims

1. A data center providing access to subscriber information maintained on a remote enterprise network, the data center comprising:
- a data network interface system for interfacing with a data network;
  
  a login system including a login server for receiving a request inputted by a subscriber on a remote access device across the data network to access the subscriber information and for authenticating the subscriber and the remote device; and
  
  a service system including a plurality of enterprise gateway servers for transmitting the request to the remote enterprise network across a second data network to the remote enterprise network and for receiving the requested subscriber information from the remote enterprise network across the second data network;
  
  wherein the login server dynamically redirects the remote access device to a corresponding enterprise gateway server associated with the enterprise network upon authenticating the subscriber and the remote access device and the corresponding enterprise gateway server establishing a virtual private network (VPN) connection with the remote enterprise network across the second data network and communicating with the remote enterprise network.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 2. The data center of claim 1, wherein the request to access the subscriber information conforms to a Hypertext Transfer Protocol (HTTP) request and includes information referencing the data center, information identifying the type of remote access device, and a Uniform Resource Locator (URL) identifying the remote enterprise data network.
  - 3. The data center of claim 2, wherein the login server, upon receiving the HTTP request, transmits a message to the remote access device prompting the subscriber to input login credentials and a Personal Identification Number (PIN).
  - 4. The data center of claim 1, wherein the login system further includes an attributes database server hosting subscriber credentials for authenticating the subscriber, the attributes database server being accessed by the login server.
  - 5. The data center of claim 4, wherein the login server compares information from the HTTP request and login credentials to the subscriber credentials to authenticate the subscriber and the remote device.
  - 6. The data center of claim 5, wherein the login server supplies an enterprise access code to the remote access device and the corresponding enterprise gateway server to provide a secure dynamic redirect to the remote enterprise network.
  - 7. The data center of claim 1, wherein the data network is a wireless communication network.
  - 8. The data center of claim 1, wherein the data network interface system includes at least one of a firewall and a perimeter router for restricting access across the wireless network.
  - 9. The data center of claim 1, wherein the second data network is a wide area network (WAN).
  - 10. The data center of claim 4, wherein the service system includes application interfaces which operate with the login server, the attributes database server, and the plurality of enterprise gateway servers, to identify the remote access device, to process the authentication of the subscriber and the remote access device, to dynamically redirect the remote access device to the corresponding enterprise gateway server, to establish the VPN connection between the corresponding enterprise gateway server and the remote enterprise network, and to transmit the requested subscriber information to the remote access device.
  - 11. The data center of claim 10, wherein the application interfaces are further configured to transmit the subscriber information request to the remote enterprise network across the VPN connection, to receive the requested subscriber information from the remote enterprise network messaging server across the VPN connection, and to format the requested subscriber information.
  - 12. The data center of claim 11, wherein the VPN connection is configured in accordance with one of Point-to-Point Tunneling Protocol (PPTP) standard and Internet Protocol Security (IPSEC) standard.
  - 13. The data center of claim 12, wherein the application interfaces comprise a plurality of component object model (COM) objects and active server pages (ASPs).
  - 14. The data center of claim 13, wherein the login server and the enterprise gateway server are configured as web servers.
  - 15. The data center of claim 14, wherein the login server and the enterprise gateway server are configured as MNCROSOFT®
    - Internet Information Servers (IISs).
  - 16. The data center of claim 15, wherein the attributes database server is configured as a Structured Query Language (SQL) server.

17. A data center providing access to subscriber information maintained on a remote enterprise network, the data center comprising:
- a data network interface system for interfacing with a data network; and
  
  a login system including a login server and a data center messaging server, the login server receiving a request inputted by a subscriber on a remote access device across the data network to access the subscriber information and authenticating the subscriber and the remote device, the data center messaging server hosting the subscriber information, wherein the login server, upon authenticating the subscriber and the remote device, accesses the subscriber information on the data center messaging server and provides the subscriber information to the remote access device in response to the received request.
- View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29)
- - 18. The data center of claim 17, wherein the request to access the subscriber information conforms to a Hypertext Transfer Protocol (HTTP) request and includes information referencing the data center, information identifying the type of remote access device, and information identifying the subscriber information.
  - 19. The data center of claim 18, wherein the data network is a wireless communication network.
  - 20. The data center of claim 19, wherein the login server, upon receiving the HTTP request, transmits a message to the remote access device prompting the subscriber to input login credentials.
  - 21. The data center of claim 20, wherein the data network interface system includes at least one of a firewall and a perimeter router for restricting access across the wireless network.
  - 22. The data center of claim 21, wherein login accesses an attributes database server hosting subscriber credentials for authenticating the subscriber.
  - 23. The data center of claim 22, wherein the data center includes application interfaces which operate with the login server and attributes database server to identify the remote access device, to process the authentication of the subscriber and the remote access device, to access the subscriber information on the data center messaging server, and to transmit the requested subscriber information to the remote access device.
  - 24. The data center of claim 23, wherein the application interfaces are further configured to transmit the subscriber information request to the data center messaging server and to receive the requested subscriber information from the data center messaging server.
  - 25. The data center of claim 24, wherein the application interfaces comprise a plurality of component object model (COM) objects and active server pages (ASPs).
  - 26. The data center of claim 25, wherein the login server is configured as web server.
  - 27. The data center of claim 26, wherein the login server is configured as a MICROSOFT®
    - Internet Information Server (IIS).
  - 28. The data center of claim 27, wherein the attributes database server is configured as a Structured Query Language (SQL) server.
  - 29. The data center of claim 28, wherein the data center messaging server is configured as a MICROSOFT®
    - Exchange Server.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Qualcomm, Inc.
Original Assignee
David Seror
Inventors
Hamersveld, Chris Van, Salo, Randy, Shelton, Barry K.

Application Number

US10/818,930
Publication Number

US 20040193695A1
Time in Patent Office

Days
Field of Search
US Class Current

709/216
CPC Class Codes

G06F 21/6218   to a system of files or obj...

H04L 63/083   using passwords cryptograph...

H04L 63/102   Entity profiles

H04L 63/104   Grouping of entities

Secure remote access to enterprise networks

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

87 Citations

29 Claims

Specification

Use Cases

Quick Links

Others

Secure remote access to enterprise networks

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

87 Citations

29 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others