Buffering proxy for telnet access

US 20060155721A1
Filed: 01/12/2005
Published: 07/13/2006
Est. Priority Date: 01/12/2005
Status: Active Grant

First Claim

Patent Images

1. A buffering communication protocol proxy for connection between a first party and a second party, comprising:

a data store;

a first communication protocol proxy system for authentication operative, in response to receipt of at least one communication option negotiation request from the first party before a communication connection is established between the first party and the second party, to store the received at least one communication option negotiation request in the data store; and

a second communication protocol proxy system for setup operative to establish a communication connection to the second party and to send the stored at least one communication option negotiation request to the second party after the communication connection is established;

wherein the first communication protocol proxy system for authentication and the second communication protocol proxy system for setup are operative to pass data through the communication protocol proxy, between the first party and the second party, after the communication connection is established.

View all claims

12 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A single- or multi-protocol buffering proxy accepts communication option negotiation commands from a client before establishing a connection between the client and a host. The proxy negotiates a limited set of options with the client before the connection is established and buffers (accepts and temporarily stores without responding to) other option negotiation commands from the client. The proxy accepts credentials from a user and establishes, or denies the connection based on the credentials. If the connection is established, the proxy buffers option negotiation commands sent by the host. After the proxy logs in to the host on behalf of the user or the user logs in directly, the proxy sends each party'"'"'s buffered option negotiation commands to the other party, ceases buffering option negotiation commands and enters a “pass-through” mode, in which the proxy passes characters and commands between the parties until the session ends. The proxy uses the credentials to allow or deny subsequent connection requests, without re-prompting for credentials.

148 Citations

53 Claims

1. A buffering communication protocol proxy for connection between a first party and a second party, comprising:
- a data store;
  
  a first communication protocol proxy system for authentication operative, in response to receipt of at least one communication option negotiation request from the first party before a communication connection is established between the first party and the second party, to store the received at least one communication option negotiation request in the data store; and
  
  a second communication protocol proxy system for setup operative to establish a communication connection to the second party and to send the stored at least one communication option negotiation request to the second party after the communication connection is established;
  
  wherein the first communication protocol proxy system for authentication and the second communication protocol proxy system for setup are operative to pass data through the communication protocol proxy, between the first party and the second party, after the communication connection is established.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23)
- - 2. The buffering communication protocol proxy of claim 1, wherein:
    - the at least one communication option negotiation request is a Telnet option negotiation request; and
      
      the communication connection to the second party is a Telnet connection.
  - 3. The buffering communication protocol proxy of claim 1, wherein the data is character data.
  - 4. The buffering communication protocol proxy of claim 1, wherein the first party is a Telnet client.
  - 5. The buffering communication protocol proxy of claim 1, wherein the first party is a Telnet proxy.
  - 6. The buffering communication protocol proxy of claim 1, wherein the second party is a Telnet server.
  - 7. The buffering communication protocol proxy of claim 1, wherein the second party is a Telnet proxy.
  - 8. The buffering communication protocol proxy of claim 1, wherein the second communication protocol proxy system for setup is further operative to send the stored at least one communication option negotiation request to the second party after an account entity is logged in to the second party over the communication connection.
  - 9. The buffering communication protocol proxy of claim 1, wherein:
    - the first communication protocol proxy system for authentication is further operative, in response to receipt of data from the first party before the communication connection is established, to store the received data in the data store; and
      
      the second communication protocol proxy system for setup is further operative to send the stored data to the second party after the communication connection is established.
  - 10. The buffering communication protocol proxy of claim 9, wherein the second communication protocol proxy system for setup is further operative to send the stored data to the second party after an account entity is logged in to the second party over the communication connection.
  - 11. The buffering communication protocol proxy of claim 1, wherein the first communication protocol proxy system for authentication is further operative, in response to receipt of valid user credentials from the first party, to establish the communication connection.
  - 12. The buffering communication protocol proxy of claim 11, further comprising an authentication database, wherein the first communication protocol proxy system for authentication is further operative to validate the user credentials by accessing the authentication database.
  - 13. The buffering communication protocol proxy of claim 12, wherein the authentication database is directly connected to the buffering communication protocol proxy.
  - 14. The buffering communication protocol proxy of claim 12, wherein the authentication database comprises an authentication server connected to the buffering communication protocol proxy via a network.
  - 15. The buffering communication protocol proxy of claim 12, wherein the authentication database stores user credentials for an account on the second party, and the second communication protocol proxy system for setup is further operative, in response to establishment of the communication connection, to send the user credentials stored in the authentication database to the second party to thereby log in to the second party on behalf of the first party.
  - 16. The buffering communication protocol proxy of claim 15, wherein the second communication protocol proxy system for setup is further operative, in response to the second communication protocol proxy system for setup logging in to the second party on behalf of the first party, to send the stored at least one communication option negotiation request to the second party.
  - 17. The buffering communication protocol proxy of claim 15, wherein:
    - the first communication protocol proxy system for authentication is further operative, in response to the second communication protocol proxy system for setup logging in to the second party on behalf of the first party, to receive data from the first party and to store the received data in the data store; and
      
      the second communication protocol proxy system for setup is further operative, in response to the second communication protocol proxy system for setup logging in to the second party on behalf of the first party, to send the stored data to the second party.
  - 18. The buffering communication protocol proxy of claim 1, further comprising a log, wherein the first communication protocol proxy system for authentication and the second communication protocol proxy system for setup are operative to write information into the log when at least one predetermined event related to the first party occurs.
  - 19. The buffering communication protocol proxy of claim 16, wherein the at least one predetermined event related to the first party is receipt of valid user credentials.
  - 20. The buffering communication protocol proxy of claim 16, wherein the at least one predetermined event related to the first party is receipt of invalid user credentials.
  - 21. The buffering communication protocol proxy of claim 16, wherein the at least one predetermined event related to the first party is successful establishment of the communication connection.
  - 22. The buffering communication protocol proxy of claim 16, wherein the at least one predetermined event related to the first party is a failure to establish the communication connection.
  - 23. The buffering communication protocol proxy of claim 1, wherein the first communication protocol proxy system for authentication is operative to receive and store the received at least one communication option negotiation request in the data store without responding to the first party.

24. A method of establishing a communication connection between a first party and a second party, comprising:
- receiving at least one communication option negotiation request from the first party;
  
  storing the received at least one communication option negotiation request;
  
  after storing the at least one communication option negotiation request, establishing the communication connection between the first party and the second party;
  
  after establishing the communication connection, sending the stored at least one communication option negotiation request to the second party and passing data between the first party and the second party.
- View Dependent Claims (25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41)
- - 25. The method of claim 24, wherein:
    - the at least one communication option negotiation request is a Telnet option negotiation request; and
      
      the communication connection between the first party and the second party is a Telnet connection.
  - 26. The method of claim 24, wherein the data is character data.
  - 27. The method of claim 24, wherein sending the stored at least one communication option negotiation request to the second party comprises sending the stored at least one communication option negotiation request to the second party after an account entity is logged in to the second party over the communication connection.
  - 28. The method of claim 24, further comprising:
    - before the communication connection is established, receiving data from the first party;
      
      storing the received data; and
      
      after the communication connection is established, sending the stored data to the second party.
  - 29. The method of claim 28, wherein sending the stored data to the second party comprises sending the stored data to the second party after an account entity is logged in to the second party over the communication connection.
  - 30. The method of claim 28, further comprising:
    - logging in to the second party on behalf of the first party; and
      
      wherein sending the stored data to the second party comprises sending the stored data to the second party after logging in to the second party on behalf of the first party.
  - 31. The method of claim 24, further comprising:
    - receiving user credentials from the first party; and
      
      wherein establishing the communication connection comprises establishing the communication connection only if the user credentials are valid.
  - 32. The method of claim 31, further comprising validating the received user credentials by accessing a local authentication database.
  - 33. The method of claim 31, further comprising validating the received user credentials by accessing an authentication server via a network.
  - 34. The method of claim 24, further comprising logging in to the second party on behalf of the first party.
  - 35. The method of claim 24, wherein sending the stored at least one communication option negotiation request to the second party comprises sending the stored at least one communication option negotiation request to the second party after logging in to the second party on behalf of the first party.
  - 36. The method of claim 24, further comprising:
    - detecting at least one predetermined event related to the first party; and
      
      in response to detecting the at least one predetermined event related to the first party, writing information into a log.
  - 37. The method of claim 36, wherein detecting at least one predetermined event comprises receiving valid user credentials.
  - 38. The method of claim 36, wherein detecting at least one predetermined event comprises receiving invalid user credentials.
  - 39. The method of claim 36, wherein detecting at least one predetermined event comprises successfully establishing the communication connection.
  - 40. The method of claim 36, wherein detecting at least one predetermined event comprises failing to establish the communication connection.
  - 41. The method of claim 24, wherein receiving the at least one communication option negotiation request and storing the received at least one communication option negotiation request comprises receiving and storing the at least one communication option negotiation request without responding to the first party.

42. An article of manufacture, comprising:
- a computer-readable medium storing computer instructions for;
  
  receiving at least one communication option negotiation request from a first party;
  
  storing the received at least one communication option negotiation request;
  
  after storing the at least one communication option negotiation request, establishing a communication connection between the first party and a second party;
  
  after establishing the communication connection, sending the stored at least one communication option negotiation request to the second party and passing data between the first party and the second party.
- View Dependent Claims (43, 44)
- - 43. The article of manufacture of claim 42, wherein:
    - the at least one communication option negotiation request is a Telnet option negotiation request; and
      
      the communication connection to the second party is a Telnet connection.
  - 44. The article of manufacture of claim 42, wherein the data is character data.

45. An authenticating multi-protocol proxy, comprising:
- a data store; and
  
  a proxy operative to establish a connection according to one of a plurality of protocols between a first party having an identifier and a second party, wherein the plurality of protocols includes Telnet, HTTP and FTP, the proxy being further operative to;
  
  prompt for user credentials before establishing a first connection between the first party and the second party;
  
  based on entered user credentials, obtain data indicative of user access rights;
  
  store the obtained information indicative of user access rights in the data store and associate the stored information with the identity of the first party;
  
  based on the data indicative of user access rights, either establish or not establish the first connection between the first party and the second party; and
  
  subsequently use the stored information to determine whether to establish or not establish a second connection between the first party and another party, without prompting for user credentials.
- View Dependent Claims (46, 47, 48, 49, 50, 51, 52, 53)
- - 46. The authenticating multi-protocol proxy of claim 45, wherein the first party is a client.
  - 47. The authenticating multi-protocol proxy of claim 45, wherein the first party is a proxy.
  - 48. The authenticating multi-protocol proxy of claim 45, wherein the second party is a server.
  - 49. The authenticating multi-protocol proxy of claim 45, wherein the second party is a proxy.
  - 50. The authenticating multi-protocol proxy of claim 45, wherein the identifier of the first party is an Internet protocol (IP) address.
  - 51. The authenticating multi-protocol proxy of claim 45, wherein the data indicative of user access rights identifies at least one second party to which a connection is permitted.
  - 52. The authenticating multi-protocol proxy of claim 45, wherein:
    - the data indicative of user access rights includes user credentials for an account on the second party; and
      
      the proxy is further operative, in response to establishment of the first connection, to send the user credentials in the data indicative of user access rights to the second party to thereby log in to the second party on behalf of the first party.
  - 53. The authenticating multi-protocol proxy of claim 45, further comprising:
    - a Telnet server for authentication operative, in response to receipt of at least one Telnet option negotiation request from the first party before a Telnet connection is established between the first party and the second party, to store the received at least one Telnet option negotiation request in the data store; and
      
      a Telnet client for setup operative to establish a Telnet connection to the second party and to send the stored at least one Telnet option negotiation request to the second party after the Telnet connection is established;
      
      wherein the Telnet server for authentication and a Telnet client for setup are operative to pass character data through the Telnet proxy, between the first party and the second party, after the Telnet connection is established.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
CA, Inc. (d/b/a CA Technologies) (Broadcom, Inc.)
Original Assignee
Network Appliance Incorporated (NetApp, Inc.)
Inventors
Grunwald, David, Ayyar, Kartik

Granted Patent

US 8,788,674 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

H04L 63/083   using passwords cryptograph...

H04L 63/0884   by delegation of authentica...

H04L 67/08   specially adapted for termi...

H04L 67/131   Protocols for games, networ...

H04L 67/56   Provisioning of proxy servi...

H04L 67/562   Brokering proxy services

Buffering proxy for telnet access

First Claim

12 Assignments

0 Petitions

Accused Products

Abstract

148 Citations

53 Claims

Specification

Solutions

Use Cases

Quick Links

Buffering proxy for telnet access

First Claim

12 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

148 Citations

53 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links