Proxy on demand
First Claim
Patent Images
1. An apparatus comprising:
- a database interface for interfacing with a database; and
a protocol gateway coupled to said database, said protocol gateway configured to;
receive at a point of presence (PoP) in a first domain of a data communications network a network access request from a user, said network access request specifying a second domain which is not the same as said first domain;
forward the network access request to a proxy service at the PoP;
determine the user'"'"'s domain;
look up information in said database regarding a plurality of authentication, authorization and accounting (AAA) services associated with the user'"'"'s domain;
check the information to determine which of the plurality of AAA services associated with the user'"'"'s domain are available;
select an available AAA service associated with the user'"'"'s domain; and
proxy an access request to said selected AAA service.
1 Assignment
0 Petitions
Accused Products
Abstract
In a first aspect of the present invention, a Wholesaler dynamically identifies one of a plurality of AAA services at a remote domain to route an access request to. The AAA service is selected based upon a set of rules applied to information which has been received dynamically from the plurality of AAA services and is indicative of load and status of the plurality of AAA services. In a second aspect of the present invention, a Wholesaler, based upon a Service Level Agreement (SLA) between the Wholesaler and a user, routes the user to one of a plurality of sub-service providers.
43 Citations
34 Claims
-
1. An apparatus comprising:
-
a database interface for interfacing with a database; and a protocol gateway coupled to said database, said protocol gateway configured to; receive at a point of presence (PoP) in a first domain of a data communications network a network access request from a user, said network access request specifying a second domain which is not the same as said first domain; forward the network access request to a proxy service at the PoP; determine the user'"'"'s domain; look up information in said database regarding a plurality of authentication, authorization and accounting (AAA) services associated with the user'"'"'s domain; check the information to determine which of the plurality of AAA services associated with the user'"'"'s domain are available; select an available AAA service associated with the user'"'"'s domain; and proxy an access request to said selected AAA service. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. An apparatus comprising:
-
a database interface for interfacing with a database; and a protocol gateway coupled to said database, said protocol gateway configured to; receive at a point of presence (PoP) of the data communications network a network access request to use a sub-service from a user; authenticate the user; look up in said database a service level agreement applicable to the user; look up in said database available sub-service-providers and corresponding service level agreements; determine the “
best”
sub-service provider to match with the user'"'"'s request;request the sub-service provider to render the sub-service; and have the sub-service provider render the service. - View Dependent Claims (16, 17, 18)
-
-
19. An apparatus for managing sub-service network access requests to a data communications network, said apparatus comprising:
-
means for receiving at a point of presence (PoP) of the data communications network a network access request to use the sub-service from a user; means for authenticating the user; means for looking up a service level agreement applicable to the user; means for looking up available sub-service-providers and corresponding service level agreements; means for determining the “
best”
sub-service provider to match with the user'"'"'s request;means for requesting the sub-service provider to render the sub-service; and means for having the sub-service provider render the service. - View Dependent Claims (20)
-
-
21. Logic provided in software and encoded in one or more computer-readable media and when executed by a processor is operable to:
-
receive at a point of presence (PoP) in a first domain of the data communications network a network access request from a user, said network access request specifying a second domain which is not the same as said first domain; forward the network access request to a proxy service at the PoP; determine the user'"'"'s domain; look up information in a database regarding a plurality of authentication, authorization and accounting (AAA) services associated with the user'"'"'s domain; check the information to determine which of the plurality of AAA services associated with the user'"'"'s domain are available; select an available AAA service associated with the user'"'"'s domain; and proxy an access request to said selected AAA service. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32)
-
-
33. Logic provided in software and encoded in one or more computer-readable media and when executed by a processor is operable to:
-
receive at a point of presence (PoP) of a data communications network a network access request to use a sub-service from a user; authenticate the user; look up in a database a service level agreement applicable to the user; look up in said database available sub-service-providers and corresponding service level agreements; determine the “
best”
sub-service provider to match with the user'"'"'s request;request the sub-service provider to render the sub-service; and have the sub-service provider render the service. - View Dependent Claims (34)
-
Specification