Secure middleware and server control system for querying through a network firewall

US 6,088,796 A
Filed: 08/06/1998
Issued: 07/11/2000
Est. Priority Date: 08/06/1998
Status: Expired due to Fees

First Claim

Patent Images

1. A secure access query system, comprising:

a communication server for receiving queries from a user and transmitting replies to the user;

an application server for establishing a secure connection and providing replies to queries;

a network firewall for preventing unauthorized access to the application server;

a messenger system means, coupled to the communication server for receiving queries from the communication server, transmitting the query across the network firewall along a secure pathway established by the application server between the messenger system means and the application server, receiving replies to queries from the application server along the secure pathway and transmitting the replies to the communication server;

whereby queries from the user, outside of the network firewall, are communicated in a secure fashion to the application server, within the firewall, and replies are provided to the user from the application server through the secure pathway with the messenger system means and the communication server.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A secure access query system incorporating a messenger system. The system includes a communication server for receiving queries from a user and transmitting replies to the user, an application server for providing replies to queries, a network firewall for preventing unauthorized access to the application server and a messenger system, coupled to the communication server for receiving queries from the communication server, transmitting the query across the network firewall along a secure pathway established by the application server between the messenger system means and the application server, receiving replies from the application server along the secure pathway and transmitting the replies to the communication server. Queries from the user, outside of the network firewall, are thus communicated in a secure fashion to the application server, within the firewall, and replies are provided to the user from the application server through the secure pathway with the messenger system and the communication server.

343 Citations

30 Claims

1. A secure access query system, comprising:
- a communication server for receiving queries from a user and transmitting replies to the user;
  
  an application server for establishing a secure connection and providing replies to queries;
  
  a network firewall for preventing unauthorized access to the application server;
  
  a messenger system means, coupled to the communication server for receiving queries from the communication server, transmitting the query across the network firewall along a secure pathway established by the application server between the messenger system means and the application server, receiving replies to queries from the application server along the secure pathway and transmitting the replies to the communication server;
  
  whereby queries from the user, outside of the network firewall, are communicated in a secure fashion to the application server, within the firewall, and replies are provided to the user from the application server through the secure pathway with the messenger system means and the communication server.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The secure access query system of claim 1 wherein the communication server is an Internet web server.
  - 3. The secure access query system of claim 2 wherein the Internet web access server is accessible by users through the Internet.
  - 4. The secure access query system of claim 1 wherein the communication server includes a gateway module for translating the query received from the user to a messenger system means protocol.
  - 5. The secure access query system of claim 4 wherein the messenger system means protocol is a native protocol to the messenger system means.
  - 6. The secure access query system of claim 1 wherein the application server includes a User Agent module which translates queries received from the messenger system means from a messenger system protocol to the protocol utilized by the application server and translates replies generated by the application server from the application server protocol to the messenger system means protocol.
  - 7. The secure access query system of claim 6 wherein the User Agent initiates the secure pathway between the application server and the messenger system means across the network firewall.
  - 8. The secure access query system of claim 7 wherein the User Agent maintains the secure pathway open as a warm socket which provides for full duplex communication between the application server and the messenger system means until the secure pathway is terminated by the application server.
  - 9. The secure access query system of claim 1 wherein the application server maintains the secure pathway between the application server and the messenger system means as a warm socket whether or not queries or replies are being transmitted along the secure pathway.
  - 10. The secure access query system of claim 1 wherein the network firewall prevents any access through the firewall to the application server initiated from outside of the network firewall.
  - 11. The secure access query system of claim 1 wherein the messenger system means transmits queries to the application server which are responded to only if they are of a type authorized by the application server.
  - 12. The secure access query system of claim 1 wherein there are a plurality of communication servers coupled to the messenger system means.
  - 13. The secure access query system of claim 1 wherein there are at least 2 application servers coupled to the messenger system means, each application server being connected to the messenger system means along a secure pathway established by each application server between the messenger system means and the application server.
  - 14. The secure access query system of claim 13 wherein each of the application servers restricts its secure pathway with the messenger system means to a specified port of the messenger system means.
  - 15. The secure access query system of claim 13 wherein the messenger system means establishes a subscription list identifying each of the application servers with a secure pathway to the messenger system means.

16. A middleware control system for a secure access query system including a communication server and an application server, comprising:
- a gateway module, coupled to the communication server, for converting the communication server protocol to a messenger system protocol for queries received from a user and for converting replies from the application server from the messenger system protocol to the communication server protocol for transmission to the user;
  
  a network firewall for preventing unauthorized access to the application server and for preventing any connections established from outside of the firewall;
  
  a user agent module, coupled to an application server, for establishing a secure connection and for converting the messenger system protocol to the application server protocol for receiving queries from the communication server and converting the application server protocol to the messenger system protocol for providing replies to queries;
  
  messenger system means, coupled to the gateway module of the communication server and the user agent module, for receiving queries from the communication server in a messenger system protocol, for transmitting the query across the network firewall along a secure pathway established by the user agent module of the application server between the messenger system means and the user agent module, for receiving replies to the queries from the application server along the secure pathway and transmitting the replies to the communications server;
  
  whereby queries from the user outside of the network firewall are communicated in a secure fashion to the application server within the firewall and replies are provided to the user from the application server through the secure pathway with the messenger system means.

17. A secure access query system, comprising:
- an application server for establishing a secure pathway and for providing replies to queries;
  
  a network firewall for preventing unauthorized access to the application server;
  
  messenger system means, for receiving queries from a user, transmitting the query across the network firewall along a secure pathway established by the application server between the messenger system means and the application server, receiving replies to the query from the application server along the secure pathway and transmitting the replies to the user;
  
  whereby queries from the user outside of the network firewall are communicated in a secure fashion to the application server within the firewall and replies are provided to the user from the application server through the secure pathway with the messenger system means.

18. A secure access query system, comprising:
- at least two application servers for establishing secure pathways and for providing replies to queries;
  
  a network firewall for preventing unauthorized access to the application servers;
  
  messenger system means, for receiving queries from a user, transmitting the query across the network firewall along secure pathways established by the application servers between the messenger system means and the application servers, receiving replies to the queries from the application server along the secure pathway and transmitting the replies to the user, and for dynamically load balancing the queries received from the user to the at least two application servers by selecting which of the application servers receives a query;
  
  whereby queries from the user outside of the network firewall are communicated in a secure fashion to the application server within the firewall and replies are provided to the user from the application server through the secure pathway with the messenger system means and the load of queries between the application servers is dynamically balanced.

19. A secure access query system, comprising:
- a communication server for receiving queries from a user and transmitting replies to the user;
  
  at least two application servers for establishing secure pathways and for providing replies to queries;
  
  a network firewall for preventing unauthorized access to the application servers;
  
  messenger system means, coupled to the communication server and the application servers, for transmitting the queries across the network firewall along secure pathways established by the application servers between the messenger system means and the application servers, receiving replies to the queries from the application server along the secure pathway and transmitting the replies to the communication server, and for dynamically load balancing the queries received from the user to the at least two application servers by selecting which of the application servers receives a query;
  
  whereby queries from the user outside of the network firewall are communicated in a secure fashion to the application server within the firewall and replies are provided to the user from the application server through the secure pathway with the messenger system means and the load of queries between the application servers is dynamically balanced.

20. A middleware system, comprising:
- access means for obtaining access to and querying at least one application component;
  
  at least one application component for responding to queries;
  
  a user agent module, coupled to each of the at least one application components for establishing a connection;
  
  messenger system means, coupled to the access means and to the each user agent module for directing queries from the access means to the user agent module of an appropriate application component in a transfer protocol and for directing replies to the queries from the user agent module of the appropriate application component to the access means in the transfer protocol;
  
  the access means converting the queries into the transfer protocol for transmission to the messenger system means in the transfer protocol and converting the replies received from the messenger system means from the transfer protocol to an access means protocol;
  
  the user agent module converts the queries from the transfer protocol to the application component protocol and converts the replies from the application component from the application component protocol to the transfer component and establishes the connection to the messenger system means;
  
  whereby queries between access means and application components can be implemented without regard to the programming language, operating system or protocol used by either the access means or the application components.

21. An access control system, comprising:
- a firewall for preventing unauthorized access from outside the firewall;
  
  a resource, incorporating information and/or logic, inside the firewall and for establishing a secure pathway;
  
  a middleware system, outside the firewall, coupled to the resource on a secured pathway established by the resource, and enabled to communicate with the resource along the secured pathway, and obtain authorized access to the resource'"'"'s information and/or logic, wherein the firewall blocks any connection from outside the firewall;
  
  whereby the resource is protected against any access from outside the firewall except through the middleware system.
- View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30)
- - 22. The access control system of claim 21 wherein the resource includes a database server.
  - 23. The access control system of claim 22 wherein the resource includes an application server.
  - 24. The access control system of claim 21 wherein the middleware system communicates with other resources outside of the firewall.
  - 25. The access control system of claim 24 wherein the resources outside of the firewall include a web server.
  - 26. The access control system of claim 24 wherein the middleware system acts as a communications server which communicates with other servers seeking access to the resource'"'"'s information.
  - 27. The access control system of claim 21 wherein the resource includes at least two application servers, each of which has its own secured pathway to the middleware system across the firewall.
  - 28. The access control system of claim 27 wherein the middleware system balances the requests for access between the application servers.
  - 29. The access control system of claim 21 wherein the information includes data in a database.
  - 30. The access control system of claim 21 wherein the logic includes program code which is executed by the resource.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Tempest Software, Inc.
Original Assignee
Tempest Software, Inc.
Inventors
Sohn, Adam H., Cianfrocca, Francis
Primary Examiner(s)
Black, Thomas G.
Assistant Examiner(s)
TRINH, WILLIAM B

Application Number

US09/129,800
Time in Patent Office

705 Days
Field of Search

707/9-10, 709/225, 709/300, 709/302, 713/200, 713/201, 713/152, 713/153, 713/154
US Class Current

713/152
CPC Class Codes

G06F 16/958   Organisation or management ...

H04L 63/0209   Architectural arrangements,...

H04L 63/029   Firewall traversal, e.g. tu...

Y10S 707/99939   Privileged access

Secure middleware and server control system for querying through a network firewall

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

343 Citations

30 Claims

Specification

Solutions

Use Cases

Quick Links

Secure middleware and server control system for querying through a network firewall

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

343 Citations

30 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links