Strategies for Securely Applying Connection Policies via a Gateway
First Claim
1. A method for securely transmitting data from a first entity to a second entity via a gateway using a remote-operating protocol, comprising:
- establishing a first secure channel between the gateway and the second entity;
receiving policy information from the gateway at the second entity via the first secure channel, the policy information identifying a manner in which the second entity is to interact with first entity;
establishing a second secure channel between the first entity and the second entity;
receiving data at the second entity from the first entity via the second secure channel; and
taking action on the data at the second entity based on the policy information which was previously transmitted from the gateway to the second entity.
2 Assignments
0 Petitions
Accused Products
Abstract
A strategy is described for securely applying connection policies in a system that includes a first entity (e.g., a TS client) connected to a second entity (e.g., a TS server) via a gateway using a remote-operating protocol (e.g., RDP). The strategy involves establishing a first secure channel between the gateway and the TS server and transmitting policy information from the gateway to the TS server. The strategy then involves deactivating the first secure channel and setting up a second secure channel between the TS client and the TS server. The strategy uses the second secure channel to transmit RDP data from the TS client to the TS server. The TS server uses the previously-transmitted policy information to determine whether to enable or disable a feature that affects the TS client, such as device redirection.
117 Citations
20 Claims
-
1. A method for securely transmitting data from a first entity to a second entity via a gateway using a remote-operating protocol, comprising:
-
establishing a first secure channel between the gateway and the second entity; receiving policy information from the gateway at the second entity via the first secure channel, the policy information identifying a manner in which the second entity is to interact with first entity; establishing a second secure channel between the first entity and the second entity; receiving data at the second entity from the first entity via the second secure channel; and taking action on the data at the second entity based on the policy information which was previously transmitted from the gateway to the second entity. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A method for securely transmitting data from a terminal service (TS) client to a TS server via a gateway using a remote-operating protocol, comprising:
-
establishing a first secure channel between the gateway and the TS server; sending policy information from the gateway to the TS server via the first secure channel, the policy information identifying a manner in which the TS server is to interact with the TS client; deactivating the first secure channel; and sending data to the TS server via a second secure channel. - View Dependent Claims (14, 15, 16, 17)
-
-
18. A system for securely transmitting data using a remote-operating protocol, comprising:
-
a terminal service (TS) server; and a gateway for proxying the data between at least one TS client and the TS server, wherein the system is configured to establish a first secure channel between the gateway and the TS server to transmit policy information from the gateway to the TS server, wherein the system is configured to establish a second secure channel between said at least one TS client and the TS server to receive data from said at least one client, wherein the TS server is configured to take action on the received data based on the policy information which was previously transmitted from the gateway. - View Dependent Claims (19, 20)
-
Specification