Secure intranet access
First Claim
1. A computer readable medium including a border server software, said border server software comprising:
- secure connection software for secure communication with a client where the client resides in an insecure network;
insecure connection software for communicating with a target server where the target server resides in a secure network; and
a transformer software configured to transform a secure request received from the client to an insecure request for the target server, the transformer software configured to transform insecure data received from the target server into secure data wherein the transformer software enables said request and data transformation simultaneously with client authentication; and
the transformer software configured to send the secure data to the client upon authentication of the client.
8 Assignments
0 Petitions
Accused Products
Abstract
Methods, signals, devices, and systems are provided for secure access to a network from an external client. Requests for access to confidential data may be redirected from a target server to a border server, after which a secure sockets layer connection between the border server and the external client carries user authentication information. After the user is authenticated to the network, requests may be redirected back to the original target server. Web pages sent from the target server to the external client are scanned for non-secure URLs such as those containing “http://” and modified to make them secure. The target server and the border server utilize various combinations of secure and non-secure caches. Although tunneling, may be used, the extensive configuration management burdens imposed by virtual private networks are not required.
-
Citations
20 Claims
-
1. A computer readable medium including a border server software, said border server software comprising:
-
secure connection software for secure communication with a client where the client resides in an insecure network;
insecure connection software for communicating with a target server where the target server resides in a secure network; and
a transformer software configured to transform a secure request received from the client to an insecure request for the target server, the transformer software configured to transform insecure data received from the target server into secure data wherein the transformer software enables said request and data transformation simultaneously with client authentication; and
the transformer software configured to send the secure data to the client upon authentication of the client. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method for operating a border server software, said method comprising:
-
receiving a secure request a client over an insecure network;
transforming the secure request into an insecure request, wherein the transforming of the secure request are enabled and executed simultaneously with the client authentication, sending the insecure request to a target server residing in a secure network;
receiving insecure data from the target server; and
transforming the insecure data into secure data and sending the secure data to the client over the insecure network, if the client was successfully authenticated. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A method for operating a border server software, comprising:
-
intercepting a secure request issued from a client for secure data accessible from a secure network, wherein the secure request is intercepted from an insecure network;
authenticating the client during an operation to transform the secure request into an insecure request within the secure network, wherein the client authentication and transformation of the secure request are enabled and executed simultaneously; and
locating the secure data within the secure network and transforming the secure data into insecure data for delivery to the client over the insecure network using secure communications. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification