SYSTEM AND METHOD FOR CONTROLLING ACCESS TO A PLANT NETWORK
First Claim
Patent Images
1. A system for centrally controlling access by computers in a corporate network to a plant network that runs plant applications, the system comprising:
- an access control computer in communication with the corporate network and including;
a memory;
a processor coupled to the memory;
a multi-user application stored in the memory and executable by the processor, the stored multi-user application capable of;
communicating with a plurality of computers in the corporate network concurrently;
communicating with at least one plant application running in the plant network to retrieve data from and pass data to the plant application on behalf of the plurality of computers in the corporate network concurrently.
2 Assignments
0 Petitions
Accused Products
Abstract
A system for centrally controlling access by computers in a corporate network to a plant network that runs plant applications. The system includes an access control computer in communication with the corporate network and includes a memory, a processor coupled to the memory and a multi-user application stored in the memory and executable by the processor. The multi-user application communicates with a plurality of computers in the corporate network concurrently and communicates with at least one plant application running in the plant network to retrieve data from and pass data to the plant application on behalf of the plurality of computers in the corporate network concurrently. Since all communication from the plurality of computers is tunneled through the access control computer, the likelihood of any virus or worm spreading into the plant network is minimized.
28 Citations
20 Claims
-
1. A system for centrally controlling access by computers in a corporate network to a plant network that runs plant applications, the system comprising:
an access control computer in communication with the corporate network and including; a memory; a processor coupled to the memory; a multi-user application stored in the memory and executable by the processor, the stored multi-user application capable of; communicating with a plurality of computers in the corporate network concurrently; communicating with at least one plant application running in the plant network to retrieve data from and pass data to the plant application on behalf of the plurality of computers in the corporate network concurrently.
-
2. The system of claim 1, further comprising a filtering device positioned between the access control computer and the plant network and adapted to pass to the plant network only the messages originated by the access control computer.
-
3. The system of claim 2, wherein the filtering device includes a firewall device.
-
4. The system of claim 2, wherein the filtering device includes a network layer firewall device.
-
5. The system of claim 1, further comprising a filtering device positioned between the access control computer and the plant network and adapted to pass to the plant network only the messages originated by the multi-user application.
-
6. The system of claim 5, wherein the filtering device includes a network layer firewall device.
-
7. The system of claim 1, further comprising a hosting software stored in the memory and executable by the processor, the hosting software adapted to host the multi-user application.
-
8. The system of claim 7, further comprising a filtering device positioned between the access control computer and the plant network and adapted to pass to the plant network only the messages originated by the hosted multi-user application.
-
9. A system for centrally controlling access by computers in a corporate network to a plant network that runs plant applications, the system comprising:
an access control computer in communication with the corporate network and including; a memory; a processor coupled to the memory; a hosting software stored in the memory and executable by the processor, the hosting software adapted to host a hosted application capable of; communicating with a plurality of computers in the corporate network; and communicating with at least one plant application running in the plant network to retrieve data from and pass data to the plant application on behalf of the plurality of computers in the corporate network.
-
10. The system of claim 9, further comprising a filtering device positioned between the access control computer and the plant network and adapted to pass to the plant network only the messages originated by the access control computer.
-
11. The system of claim 10, wherein the filtering device includes a firewall device.
-
12. The system of claim 10, wherein the filtering device includes a network layer firewall device.
-
13. The system of claim 9, further comprising a filtering device positioned between the access control computer and the plant network and adapted to pass to the plant network only the messages originated by the hosted application.
-
14. The system of claim 13, wherein the filtering device includes a network layer firewall device.
-
15. A system for centrally controlling access by computers in a corporate network to a plant network that runs plant applications, the system comprising:
-
a single access control computer in communication with the corporate network and including; a memory; a processor coupled to the memory; a multi-user application stored in the memory and executable by the processor, the stored multi-user application capable of; communicating with at least one plant application running in the plant network; and communicating with a plurality of computers in the corporate network concurrently; and a filtering device connected between the single access control computer and the plant network and adapted to block any message originated by any one of the plurality of computers in the corporate network and to pass to the plant network messages originated by the multi-user application running in the single access control computer.
-
-
16. The system of claim 15, further comprising a hosting software stored in the memory and adapted to host the multi-user application.
-
17. The system of claim 15, wherein the filtering device includes a firewall device.
-
18. The system of claim 15, wherein the filtering device includes a network layer firewall device.
-
19. A method of centrally controlling access by computers in a corporate network to a plant network that runs plant applications, the method comprising:
-
providing an access control computer in communication with the corporate network, the access control computer including; a memory; a processor coupled to the memory; a multi-user application stored in the memory and executable by the processor, the stored multi-user application capable of; communicating with a plurality of computers in the corporate network concurrently; communicating with at least one plant application running in the plant network to retrieve data from and pass data to the plant application on behalf of the plurality of computers in the corporate network concurrently; receiving a message by a filtering device; passing the received message to the plant network only if the received message is from the access control computer.
-
-
20. The method of claim 19, wherein the step of passing includes passing the received message to the plant network only if the received message is from the multi-user application running in the access control computer.
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeSaudi Arabian Oil Company (Government of Saudi Arabia)
-
Original AssigneeSaudi Arabian Oil Company (Government of Saudi Arabia)
-
InventorsAl-Salem, Hussain A., Al-Khabbaz, Fouad M., Abu Al-Saud, Zakarya A., Al-Harbi, Saad A., Al-Khunaizi, Osama R.
-
Granted Patent
-
Time in Patent OfficeDays
-
Field of Search
-
US Class Current726/13
-
CPC Class CodesG06Q 10/06 Resources, workflows, human...G06Q 10/067 Enterprise or organisation ...H04L 63/0209 Architectural arrangements,...H04L 63/0236 Filtering by address, proto...
