Method and apparatus for secure internet communications
First Claim
1. A method for network communication from a client computer accessing an application service computer through use of the Internet, comprising:
- validating each computer message instance between said client computer and said application service computer against a first message permissive in a message address confirmation computer and a second message permissive in a firewall-tunnel computer wherein said firewall-tunnel computer interfaces said application service computer to said Internet and said message address confirmation computer interfaces to said Internet.
1 Assignment
0 Petitions
Accused Products
Abstract
Network communication from a client computer accessing an application service computer through use of the Internet (where the application service computer is normally protected from general Internet access by a firewall) is enabled by validating each computer message instance between the client computer and the application service computer against a first message permissive in a message address confirmation computer and a second message permissive in a firewall-tunnel computer. The firewall-tunnel computer and the message address confirmation computer interface directly to the Internet via secure protocol. The approach enables bi-directional multi-protocol communications by using HTTP protocol communications to the Internet in a computer systems infrastructure without need for re-configuration of firewall or NAT devices installed between the Internet and a network otherwise protected by a firewall or NAT device.
28 Citations
35 Claims
-
1. A method for network communication from a client computer accessing an application service computer through use of the Internet, comprising:
validating each computer message instance between said client computer and said application service computer against a first message permissive in a message address confirmation computer and a second message permissive in a firewall-tunnel computer wherein said firewall-tunnel computer interfaces said application service computer to said Internet and said message address confirmation computer interfaces to said Internet. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32)
-
13. A method for network communication from a client computer accessing an application service computer through use of the Internet, comprising:
-
providing a firewall-tunnel computer in data communication to said application service computer and to said Internet;
providing a message address confirmation computer in data communication to said firewall-tunnel computer through said Internet and in data communication to said client through said Internet; and
validating each computer message instance of said communication between said client computer and said application service computer against a first permissive database in said message address confirmation computer and a second permissive database in said firewall-tunnel computer. - View Dependent Claims (14, 15, 16, 17)
-
-
18. An apparatus for network communication from a client computer accessing an application service computer through use of the Internet, comprising:
-
a firewall-tunnel computer in data communication to said application service computer and to said Internet, said firewall-tunnel computer programmed to validate each computer message instance of said communication between said client computer and said application service computer; and
a message address confirmation computer in data communication to said firewall-tunnel computer through said Internet and in data communication to said client through said Internet, said message address confirmation computer programmed to validate each computer message instance of said communication between said client computer and said application service computer. - View Dependent Claims (19, 20)
-
-
21. An apparatus for network communication from a client computer accessing an application service computer through use of the Internet, comprising:
means for validating each computer message instance between said client computer, and said application service computer against a first message permissive in a message address confirmation computer and a second message permissive in a firewall-tunnel computer wherein said firewall-tunnel computer interfaces to said Internet and said message address confirmation computer interfaces to said Internet. - View Dependent Claims (22, 33, 34, 35)
Specification