METHOD FOR THE PROVISION OF A NETWORK SERVICE
First Claim
1. A method for the provision of a network service, the method being implemented using:
- (a) a network processing service comprising;
i. a service network comprising one or more service devices, each of which can provide a service over a network,ii. a client network comprising one or more client devices, one or more of which is a client of the service network, and(b) information available to the client network, but not the service network, which is necessary for the functioning of the network processing service provided by the service devices of the service network,wherein a client device comprising a data propagation agent acts toi. retrieve the information from the client network necessary for the service network to fulfil a request from the client network,ii. create a UID, which uniquely identifies the client device on the client networkiii. aggregate UID and associated information into a key-value bundle, and issue said bundle to the service networkiv. amend one or more network communication agents on the client device such that every network communication issued by the network communication agent contains the UID, andwherein the service device;
v. on receipt of a new key-value bundle, acts to store the key-value bundle in its local data-store, and propagate that key-value bundle to all other service devices on the service network, andvi. on receipt of a network communication from the network communication agent located on a client device acts to;
A. extract the UID from the request issued by the network communication agentB. interrogate its data-store for information associated with that UID, such information being essential to the provision of the network processing service, andC. perform the requested service described in the network communication and issue a network communication in turn to the client device with a suitable response.
2 Assignments
0 Petitions
Accused Products
Abstract
Methods and systems provide for sharing information between computer networks in which the information to be shared is required at one location (e.g. for the provision of a data-processing service) but is only available at a separate location. The information may be deliberately absent (e.g. for privacy reasons) or may be unavailable as an artifact of the computer network(s) involved. For the provision of a data-processing service, where several different devices on one network may service contiguous requests from a client device on another network according to a load-balancing strategy, data is propagated once only through the service network. Network communication software is subsequently amended to provide the minimal information necessary for a device on the service network to retrieve the information pertinent to the client device and necessary for its service. Therefore, a web-based single sign-on scheme can operate over HTTP to authorize data-processing services, such as web-filtering services.
116 Citations
45 Claims
-
1. A method for the provision of a network service, the method being implemented using:
-
(a) a network processing service comprising; i. a service network comprising one or more service devices, each of which can provide a service over a network, ii. a client network comprising one or more client devices, one or more of which is a client of the service network, and (b) information available to the client network, but not the service network, which is necessary for the functioning of the network processing service provided by the service devices of the service network, wherein a client device comprising a data propagation agent acts to i. retrieve the information from the client network necessary for the service network to fulfil a request from the client network, ii. create a UID, which uniquely identifies the client device on the client network iii. aggregate UID and associated information into a key-value bundle, and issue said bundle to the service network iv. amend one or more network communication agents on the client device such that every network communication issued by the network communication agent contains the UID, and wherein the service device; v. on receipt of a new key-value bundle, acts to store the key-value bundle in its local data-store, and propagate that key-value bundle to all other service devices on the service network, and vi. on receipt of a network communication from the network communication agent located on a client device acts to; A. extract the UID from the request issued by the network communication agent B. interrogate its data-store for information associated with that UID, such information being essential to the provision of the network processing service, and C. perform the requested service described in the network communication and issue a network communication in turn to the client device with a suitable response. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 41, 42, 43)
-
-
36. A system for providing a network service, the system comprising:
-
(a) a network processing service that comprises; i. a service network comprising one or more service devices, each of which can provide a service over a network, ii. a client network comprising one or more client devices, one or more of which is a client of the service network, and (b) information available to the client network, but not available to the service network, which is necessary for the functioning of the network processing service provided by the service devices of the service network, wherein a client device comprises a data propagation agent that operates to; i. retrieve the information from the client network necessary for the service network to fulfil a request from the client network, ii. create a UID, which uniquely identifies the client device on the client network iii. aggregate the UID and associated information into a key-value bundle and issue said bundle to the service network iv. amend one or more network communication agents on the client device such that every network communication issued by the network communication agent contains the UID, and wherein the service device operates; v. on receipt of a new key-value bundle, to store the key-value bundle in its local data-store, and propagate that key-value bundle to all other service devices on the service network, and vi. on receipt of a network communication from the network communication agent located on a client device, to; A. extract the UID from the request issued by the network communication agent B. interrogate its data-store for information associated with that UID, such information being essential to the provision of the network processing service, and C. perform the requested service described in the network communication and issue a network communication in turn to the client device with a suitable response. - View Dependent Claims (37, 38)
-
-
39. A method of providing a network service using a service network comprising one or more service devices, and a client network comprising one or more client devices, the method comprising:
-
(a) a client device; i. retrieving from the client network information necessary for the service network to fulfil a request from the client network, said information being available to the client network but not the service network, and necessary for the functioning of a network processing service provided by a service device of the service network ii. creating a UID that uniquely identifies the client device on the client network iii. aggregating the UID and associated information into a key-value bundle, and issuing said bundle to the service network iv. amending one or more network communication agents on the client device such that every network communication issued by the network communication agent contains the UID, and (b) the service device; i. on receipt of a new key-value bundle, acting to store the key-value bundle in a local data-store, and propagating that key-value bundle to all other service devices on the service network, and ii. on receipt of a network communication from the network communication agent located on a client device; A. extracting the UID from the request issued by the network communication agent B. interrogating the local data-store for information associated with that UID, such information being essential to the provision of the network processing service, and C. performing the requested service described in the network communication and issuing a network communication in turn to the client device with a suitable response.
-
-
40. A system for providing a network service, the system comprising:
-
(a) a service network comprising one or more service devices, each of which can provide a service over a network, and (b) a client network comprising one or more client devices, one or more of which is a client of the service network, wherein at least one said client device comprises a data propagation agent that operates to; i. retrieve the information from the client network necessary for the service network to fulfil a request from the client network, said information being available to the client network, but not available to the service network, which is necessary for the functioning of the network processing service provided by the service devices of the service network, ii. create a UID, which uniquely identifies the client device on the client network iii. aggregate the UID and associated information into a key-value bundle and issue said bundle to the service network iv. amend one or more network communication agents on the client device such that every network communication issued by the network communication agent contains the UID, and wherein the service device operates; v. on receipt of a new key-value bundle, to store the key-value bundle in its local data-store, and propagate that key-value bundle to all other service devices on the service network, and vi. on receipt of a network communication from the network communication agent located on a client device, to; A. extract the UID from the request issued by the network communication agent B. interrogate its data-store for information associated with that UID, such information being essential to the provision of the network processing service, and C. perform the requested service described in the network communication and issue a network communication in turn to the client device with a suitable response.
-
- 44. An Internet-level network processing service operable according to claim 44, which is a web security service.
Specification