Method and system for allowing remote procedure calls through a network firewall

US 5,828,833 A
Filed: 08/15/1996
Issued: 10/27/1998
Est. Priority Date: 08/15/1996
Status: Expired due to Term

First Claim

Patent Images

1. A method for allowing an application server to receive remote procedure calls through a network firewall, comprising:

receiving a request from the application server to allow remote procedure calls to pass through a firewall;

processing the request to determine whether the application server is authorized to receive remote procedure calls that have passed through the firewall;

placing an identification of the application server in a filter table associated with the firewall if the application server is authorized to receive remote procedure calls that have passed through the firewall; and

allowing a remote procedure call to pass through the firewall to the application server if the identification of the application server was placed in the filter table.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The invention comprises a method and system for allowing remote procedure calls through a network firewall. In accordance with an embodiment of the method of the invention, a request is received from an application server to allow remote procedure calls to pass through a firewall. The request is processed to determine whether the application server is authorized to receive remote procedure calls that have passed through the firewall. If the application server was authorized, then an identification of the application server is placed in a filter table associated with the firewall and remote procedure calls are allowed to pass through the firewall to the application server if the identification of that application server appears in the filter table.

Citations

28 Claims

1. A method for allowing an application server to receive remote procedure calls through a network firewall, comprising:
- receiving a request from the application server to allow remote procedure calls to pass through a firewall;
  
  processing the request to determine whether the application server is authorized to receive remote procedure calls that have passed through the firewall;
  
  placing an identification of the application server in a filter table associated with the firewall if the application server is authorized to receive remote procedure calls that have passed through the firewall; and
  
  allowing a remote procedure call to pass through the firewall to the application server if the identification of the application server was placed in the filter table.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, wherein the application server comprises a distributed computing environment application server.
  - 3. The method of claim 1, wherein the identification comprises an Internet protocol address, a service port identification, and a protocol identification.
  - 4. The method of claim 1, further comprising:
    - updating a data structure if the application server is authorized to receive remote procedure calls that have passed through the firewall, wherein the data structure is used to monitor which application servers have been placed in the filter table.
  - 5. The method of claim 4, further comprising:
    - determining whether the application server is still active;
      
      removing the identification of the application server from the filter table if the application server is no longer active; and
      
      updating the data structure to reflect that the application server is no longer active if the application server was removed from the filter table.
  - 6. The method of claim 5, wherein the application server comprises a distributed computing environment application server.
  - 7. The method of claim 5, wherein the determining step further comprises determining on a periodic basis whether the application server is still active.
  - 8. The method of claim 4, wherein the application server comprises a distributed computing environment application server, and wherein the processing step further comprises:
    - checking the data structure to see if the application server is authorized to receive remote procedure calls that have passed through the firewall;
      
      retrieving the application server'"'"'s Internet protocol port address using the distributed computing environment if the application server is authorized;
      
      determining whether the application server is listening as an authenticated process if the application server is authorized; and
      
      approving the application server to receive remote procedure calls through the network if the application server is listening as an authenticated process.
  - 9. The method of claim 1, further comprising:
    - receiving a request from an application server to disable remote procedure calls to the application server through the firewall;
      
      removing the identification of the application server from the filter table in response to the request to disable.

10. A system for allowing an application server to receive remote procedure calls through a computer network firewall, comprising:
- a computer-readable medium; and
  
  a computer program encoded on the computer-readable medium, the computer program further operable toreceive a request from the application server to allow remote procedure calls to pass through a firewall;
  
  process the request to determine whether the application server is authorized to receive remote procedure calls that have passed through the firewall; and
  
  place an identification of the application server in a filter table associated with the firewall if the application server is authorized to receive remote procedure calls that have passed through the firewall; and
  
  allow a remote procedure call to pass through the firewall to the application server if the identification of the application server was placed in the filter table.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
- - 11. The system of claim 10, wherein the application server comprises a distributed computing environment application server.
  - 12. The system of claim 10, wherein the identification comprises an Internet protocol address, a service port identification, and a protocol identification.
  - 13. The system of claim 10, wherein the computer program is further operable to:
    - update a data structure if the application server is authorized to receive remote procedure calls that have passed through the firewall, wherein the data structure is used to monitor which application servers have been placed in the filter table.
  - 14. The system of claim 13, wherein the computer program is further operable to:
    - determine whether the application server is still active;
      
      remove the identification of the application server from the filter table if the application server is no longer active; and
      
      update the data structure to reflect that the application server is no longer active if the application server was removed from the filter table.
  - 15. The system of claim 14, wherein the application server comprises a distributed computing environment application server.
  - 16. The system of claim 14, wherein the computer program is further operable to:
    - determine on a periodic basis whether the application server is still active.
  - 17. The system of claim 13, wherein the application server comprises a distributed computing environment application server, and wherein the computer program is further operable to:
    - check the data structure to see if the application server is authorized to receive remote procedure calls that have passed through the firewall;
      
      retrieve the application server'"'"'s Internet protocol port address using the distributed computing environment if the application server is authorized;
      
      determine whether the application server is listening as an authenticated process if the application server is authorized; and
      
      approve the application server to receive remote procedure calls through the network if the application server is listening as an authenticated process.

18. A system for allowing an application server to receive remote procedure calls through a computer network firewall, comprising:
- a first computer;
  
  a second computer;
  
  a computer network connecting the first and second computer;
  
  an application server program running on the second computer and operable to generate a request to receive remote procedure calls from outside of the computer network;
  
  a firewall program running on the first computer and operable to determine whether a remote procedure call from outside of the computer network is allowed to pass through the computer network, the firewall program comprising a filter table wherein the firewall program allows remote procedure calls from outside of the computer network to pass through the computer network provided that those remote procedure calls are intended for an application server that is listed in the filter table; and
  
  a dynamic firewall configuration application running on the first computer and operable to process the request to determine whether the application server is authorized to receive remote procedure calls that have passed through the firewall and place an identification of the application server in the filter table if the application server is authorized to receive remote procedure calls that have passed through the firewall.
- View Dependent Claims (19, 20, 21)
- - 19. The system of claim 18, wherein the application server comprises a distributed computing environment application server and wherein the dynamic firewall configuration application comprises a distributed computing environment application server.
  - 20. The system of claim 18, wherein the application server causes a request to be sent through the computer network to the dynamic firewall configuration application by calling an application program interface that is resident on the second computer.
  - 21. The system of claim 18, wherein the dynamic firewall configuration application is further operable to:
    - update a data structure if the application server is authorized to receive remote procedure calls that have passed through the firewall, wherein the data structure is used to monitor which application servers have been placed in the filter table;
      
      determine whether the application server is still active;
      
      remove the identification of the application server from the filter table if the application server is no longer active; and
      
      update the data structure to reflect that the application server is no longer active if the application server was removed from the filter table.

22. A method for allowing remote procedure calls through a network firewall, comprising:
- receiving a request from an application client outside of a computer network to make remote procedure calls through the network firewall;
  
  processing the request to determine whether the application client is authorized to generate remote procedure calls that pass through the network firewall;
  
  placing an identification of the application client in a filter table associated with the firewall if the application client is authorized to generate remote procedure calls that pass through the network firewall; and
  
  allowing all remote procedure calls from the application client to pass through the firewall while the identification of the application client remains in the filter table.
- View Dependent Claims (23, 24, 25, 26, 27, 28)
- - 23. The method of claim 22, wherein the application client comprises a distributed computing environment application client.
  - 24. The method of claim 22, wherein the identification comprises an IP address and an IP protocol identification.
  - 25. The method of claim 22, further comprising:
    - updating a data structure if the application client is authorized to generate remote procedure calls that pass through the firewall, wherein the data structure is used to monitor which application clients have been placed in the filter table.
  - 26. The method of claim 25, further comprising:
    - determining whether the application client has generated a remote procedure call during a time interval;
      
      removing the identification of the application client from the filter table if the application client has not generated a remote procedure call during the time interval; and
      
      updating the data structure to reflect that the application client is no longer active if the application client was removed from the filter table.
  - 27. The method of claim 26, wherein the application client comprises a distributed computing environment application client.
  - 28. The method of claim 22, further comprising:
    - receiving a request from an application server to allow remote procedure calls to the application server to pass through the network firewall;
      
      processing the request to determine whether the application server is authorized to receive remote procedure calls that have passed through the firewall;
      
      placing an identification of the application server in a filter table associated with the firewall if the application server is authorized to receive remote procedure calls that have passed through the firewall; and
      
      allowing a remote procedure call from the application client to the application server to pass through the firewall if the identification of both the application client and application server were placed in the filter table.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Hewlett Packard Enterprise Development LP (Hewlett-Packard Enterprise Company)
Original Assignee
Electronic Data Systems Corporation (Perspecta, Inc.)
Inventors
Belville, Daniel R., Goble, George R.
Primary Examiner(s)
Beausoliel, Jr., Robert W.
Assistant Examiner(s)
Elmore, Stephen C.

Application Number

US08/700,617
Time in Patent Office

803 Days
Field of Search

395/187.01, 395/186, 395/200.31, 395/200.55, 395/200.59, 395/684, 340/825.34, 711/154, 711/163
US Class Current

726/11
CPC Class Codes

G06F 21/31   User authentication

G06F 9/547   Remote procedure calls [RPC...

H04L 63/0236   Filtering by address, proto...

H04L 63/029   Firewall traversal, e.g. tu...

H04L 63/101   Access control lists [ACL]

H04L 9/40   Network security protocols

Method and system for allowing remote procedure calls through a network firewall

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

Citations

28 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for allowing remote procedure calls through a network firewall

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

28 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links