Secure network gateway
First Claim
1. A method for facilitating secure communication between a first node on a first network and a second node on a second network, the method comprising the steps of:
- (a) authorizing the first node to access a service provided by the second node;
(b) transmitting from the first node a message indicating that the first node desires to access the service;
(c) confirming the identity of the first node;
(d) confirming the identity of the second node;
(e) establishing an encrypted peer to peer connection between the first node and the second node following the successful confirmation of the identity of the first node and the identity of the second node;
(f) transmitting a request for a service from the first node to the second node; and
(g) controlling the encrypted peer to peer connection to provide access to authorized services and prevent access to unauthorized services.
0 Assignments
0 Petitions
Accused Products
Abstract
A secure gateway is disclosed which facilitates communication between a first network and a second network through an intermediate network. The secure gateway, when operated in conjunction with at least one other secure gateway, supports secure peer to peer connectivity with integral security features such as mutual authentication, authorization specific access, and end to end auditing. An authorized service can be served securely through this gateway, across the open network, to a known requester, without fear of compromising the security or privacy of the server'"'"'s or requesters networks.
-
Citations
57 Claims
-
1. A method for facilitating secure communication between a first node on a first network and a second node on a second network, the method comprising the steps of:
-
(a) authorizing the first node to access a service provided by the second node;
(b) transmitting from the first node a message indicating that the first node desires to access the service;
(c) confirming the identity of the first node;
(d) confirming the identity of the second node;
(e) establishing an encrypted peer to peer connection between the first node and the second node following the successful confirmation of the identity of the first node and the identity of the second node;
(f) transmitting a request for a service from the first node to the second node; and
(g) controlling the encrypted peer to peer connection to provide access to authorized services and prevent access to unauthorized services. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
-
-
22. A system for facilitating secure communication between a first node on a first network and a second node on a second network that is not the first network, through a plurality of secure gateways, the system comprising:
-
a provider gateway on the second network configured to (a) control access to the second node and (b) facilitate communications from the second node;
a requester gateway on the first network configured to (a) control access to the first node (b) facilitate communications from the first node, (c) transmit a message requesting access to an authorized service;
a first processor that confirms the identity of the first node;
a second processor that confirms the identity of the second node, a third processor that prevents the first node from accessing an unauthorized service at the second node, wherein an encrypted peer to peer connection between the requester gateway and the provider gateway is established upon the confirmation of the identity of the first node and the confirmation of the identity of the second node in response to a request for the service from the first network, and wherein the third processor prevents the first node from accessing an unauthorized service at the second node by controlling the encrypted peer to peer connection. - View Dependent Claims (23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50)
-
-
51. A secure requester gateway on a first network for facilitating secure communication from a first node on the first network to a second node on a second network that is not the first network, the secure requester gateway comprising:
a transceiver for supporting secure communications with an authorized service at the second node, wherein the transceiver supports secure communications through an encrypted peer to peer connection that is established after the confirmation of the identity of the first node and the confirmation of the identity of the second node, wherein the encrypted peer to peer connection is controlled to provide access to authorized services and prevent access to unauthorized services. - View Dependent Claims (52)
-
53. A computer readable medium, upon which program for facilitating secure communication with a server that serves an authorized service is stored, the program comprising of the steps of:
-
(a) transmitting a message indicating that access to the service is desired;
(b) participating in a mutual authentication process;
(c) transmitting a request for the service; and
(d) interacting with the service through an encrypted peer to peer connection that is established after the mutual authentication process is successfully concluded, wherein the encrypted peer to peer connection is controlled to allow access to authorized services and prevent access to unauthorized services.
-
-
54. A system comprising a first network that serves an authorized service to a second network through gateways that are connected by an encrypted peer to peer connection, wherein the connection is established after confirming the identities of the first and second nodes, and the connection is controlled to allow access to authorized services and prevent access to unauthorized services.
-
55. A secure provider gateway on a first network for facilitating the secure communication from a first node on the first network to a second node on a second network that is not the first network, the secure provider gateway comprising:
a transceiver for supporting the secure communication of an authorized service to the second node through an encrypted peer to peer connection that is established after the confirmation of the identity of the first node and the confirmation of the identity of the second node, wherein the encrypted peer to peer connection is controlled to allow access to authorized services and prevent access to unauthorized services. - View Dependent Claims (56)
-
57. A computer readable medium, wherein the computer readable medium contains a program for facilitating the secure provision of an authorized service to a requester, the program comprising of the steps of:
(a) providing the authorized service to the requester through an encrypted peer to peer connection that is established after a mutual authentication process has been successfully concluded, wherein the encrypted peer to peer connection is controlled to allow access to authorized services and prevent access to unauthorized services.
Specification