SECURE CUSTOMER INTERFACE FOR WEB BASED DATA MANAGEMENT
First Claim
1. A security system for communications network management having an integrated customer interface, said security system comprising:
- (a) a plurality of client web browsers to enable interactive secure communications with said system, each of said web browsers identified with a customer and providing an integrated interface for said customer, each of said web browsers supporting client identification, client authentication and secure sockets layer communications protocol;
(b) at least one secure web server for managing secure client sessions over the internet, said secure web server supporting secure socket layer for encrypted communication between said client browser and said secure web server, said secure server also providing session management including client identification, validation and session management to link said session with said client;
(c) at least one dispatcher server for communicating with said secure web server through a first firewall, and communicating with a plurality of proxy services and system resources using an internal network, said dispatcher server providing verification of system access after client entitlements have been verified;
(d) said plurality of system resources providing communications network management capabilities for said client, each of said system resources responsive to a request from one of said plurality of client browsers to generate client data or instructions relating to said communications network.
7 Assignments
0 Petitions
Accused Products
Abstract
An integrated series of security protocols is disclosed that protect remote user communications with remote enterprise services, and simultaneously protect the enterprises services from third parties. In the first layer, an implementation of the Secure Sockets Layer (SSL) version of HTTPS provides communications security, including authentication of the enterprise web server and the security of the transmitted data. The protocols provide for an identification of the user, and an authentication of the user to ensure the user is who he/she claims to be and a determination of entitlements that the user may avail themselves of within the enterprise system. Session security is described, particularly as to the differences between a remote user'"'"'s copper wire connection to a legacy system and a user'"'"'s remote connection to the enterprise system over a “stateless” public Internet, where each session is a single transmission, rather than an interval of time between logon and logoff, as is customary in legacy systems. Security for the enterprise network and security for the data maintained by the various enterprise applications is also described.
35 Citations
1 Claim
-
1. A security system for communications network management having an integrated customer interface, said security system comprising:
-
(a) a plurality of client web browsers to enable interactive secure communications with said system, each of said web browsers identified with a customer and providing an integrated interface for said customer, each of said web browsers supporting client identification, client authentication and secure sockets layer communications protocol; (b) at least one secure web server for managing secure client sessions over the internet, said secure web server supporting secure socket layer for encrypted communication between said client browser and said secure web server, said secure server also providing session management including client identification, validation and session management to link said session with said client; (c) at least one dispatcher server for communicating with said secure web server through a first firewall, and communicating with a plurality of proxy services and system resources using an internal network, said dispatcher server providing verification of system access after client entitlements have been verified; (d) said plurality of system resources providing communications network management capabilities for said client, each of said system resources responsive to a request from one of said plurality of client browsers to generate client data or instructions relating to said communications network.
-
Specification