System and method for connecting to a device on a protected network
First Claim
Patent Images
1. A system, comprising:
- a local area network, said local area network including a local entity, a connection entity coupled to the local entity, and an access control mechanism coupled to the connection entity;
a trusted arbitrator coupled to the access control mechanism via a wide area network; and
a remote entity coupled to the trusted arbitrator via the wide area network, wherein the trusted arbitrator receives a first request, the first request being sent by the remote entity across the wide area network to the trusted arbitrator and being directed at least in part to the local entity on the local area network, wherein the trusted arbitrator authenticates the remote entity as a valid requestor before the first request is transmitted to the local entity, and is an intermediary between the remote entity and the local entity across the wide area network, wherein the connection entity continuously polls the trusted arbitrator via the access control mechanism across the wide area network to determine whether any requests directed to devices on the local area network are pending in the trusted arbitrator, wherein the trusted arbitrator sends a first response via the wide area network to the connection entity on the local area network, the first response including the first request from the remote entity and being in response to polling by the connection entity, and wherein the connection entity forwards at least a portion of the first request to the local entity.
1 Assignment
0 Petitions
Accused Products
Abstract
A novel system and method for connecting to an entity behind a firewall or proxy enhances network security and eliminates the costs and risks associated with modifying the firewall or proxy. The invention uses a trusted arbitrator as an intermediary between (1) a local area network protected by an access control mechanism such as a firewall or proxy and (2) external entities seeking to connect with an entity within the network. Requests from external entities are routed to the trusted arbitrator, which communicates with a connection entity located behind the firewall or proxy.
57 Citations
16 Claims
-
1. A system, comprising:
-
a local area network, said local area network including a local entity, a connection entity coupled to the local entity, and an access control mechanism coupled to the connection entity;
a trusted arbitrator coupled to the access control mechanism via a wide area network; and
a remote entity coupled to the trusted arbitrator via the wide area network, wherein the trusted arbitrator receives a first request, the first request being sent by the remote entity across the wide area network to the trusted arbitrator and being directed at least in part to the local entity on the local area network, wherein the trusted arbitrator authenticates the remote entity as a valid requestor before the first request is transmitted to the local entity, and is an intermediary between the remote entity and the local entity across the wide area network, wherein the connection entity continuously polls the trusted arbitrator via the access control mechanism across the wide area network to determine whether any requests directed to devices on the local area network are pending in the trusted arbitrator, wherein the trusted arbitrator sends a first response via the wide area network to the connection entity on the local area network, the first response including the first request from the remote entity and being in response to polling by the connection entity, and wherein the connection entity forwards at least a portion of the first request to the local entity. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method, comprising:
-
transmitting a first request, directed to a local entity from a remote entity to a trusted arbitrator, storing the first request on a trusted arbitrator, the first request being sent by a remote entity across a wide area network to the trusted arbitrator and being directed at least in part to a local entity on a local area network;
authenticating the remote entity as a valid requestor by the trusted arbitrator before the first request is transmitted to the local entity;
polling continuously, by a connection entity on the local area network to determine whether any requests directed to devices on the local area network are pending in the trusted arbitrator;
sending a first response from the trusted arbitrator across the wide area network to the connection entity on the local area network, the first response including a first request from the remote entity and being in response to polling of the connection entity; and
forwarding at least a portion of the first request from the connection entity to the local entity, wherein the trusted arbitrator is an intermediary between the remote entity and the local entity across the wide area network. - View Dependent Claims (10, 11, 12)
-
-
13. A data storage medium having machine-readable code stored thereon, the machine-readable code comprising instructions executable by logic elements, the instructions defining a method comprising:
-
storing a first request on a trusted arbitrator, the first request being sent by a remote entity across a wide area network to the trusted arbitrator and being directed at least in part to a local entity on a local area network;
authenticating the remote entity as a valid requestor by the trusted arbitrator before transmitting the first request to the local entity;
receiving continuous polling by a connection entity on the local area network to determine whether any requests directed to devices on the local area network are pending in the trusted arbitrator; and
sending a first response from the trusted arbitrator across the wide area network to the connection entity on the local area network, the first response including the first request from the remote entity and being in response to polling by the connection entity, wherein at least a portion of the first request is forwarded from the connection entity to the local entity, and the trusted arbitrator is an intermediary between the remote entity and the local entity across the wide area network. - View Dependent Claims (14, 15, 16)
-
Specification