Method and transaction interface for secure data exchange between distinguishable networks
First Claim
1. A method of secure data exchange comprising:
- receiving, through an external firewall, a user request from an external network in a first interface server;
comparing, on the first interface server, the user request with a set of permissible requests;
storing the user request in an interface memory coupled to the first interface server;
checking, through an internal firewall, the interface memory exclusively from an internal server on an internal network;
processing the user request in the internal server if the user request matches one of the permissible requests; and
not processing the user request in the internal server if it does not match one of the permissible requests.
1 Assignment
0 Petitions
Accused Products
Abstract
In one embodiment, the present invention includes a method for secure data exchange between an external network and an internal network (1 and 2) via a transaction interface (3), in which an external user can undertake predetermined data transactions within the internal network (2). An interface server (7) and interface memory (11) may be coupled between an external network and an internal network. The present invention discloses security techniquest that may be used, including encryption, request processing, and checking. In one embodiment, a first firewall is coupled between the external network and the interface server and a second firewall is coupled between the interface server and the internal network.
-
Citations
49 Claims
-
1. A method of secure data exchange comprising:
-
receiving, through an external firewall, a user request from an external network in a first interface server; comparing, on the first interface server, the user request with a set of permissible requests; storing the user request in an interface memory coupled to the first interface server; checking, through an internal firewall, the interface memory exclusively from an internal server on an internal network; processing the user request in the internal server if the user request matches one of the permissible requests; and not processing the user request in the internal server if it does not match one of the permissible requests. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method of secure data exchange comprising:
-
receiving, from an external network through an external firewall, a user request in a first interface server; verifying the user request on the first interface server based on permissible requests; storing the user request in memory coupled to the first interface server if the user request is verified; querying the memory exclusively from an internal server on an internal network through an internal firewall to determine if the user request was verified as permissible; and sending the user request to the internal server when the query indicates the user request was verified as permissible, wherein the user request is not sent to the internal server if the query indicates the user request was not permissible. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23)
-
-
24. A secure data exchange system comprising:
-
a first interface server; an interface memory coupled to the first interface server; a first firewall coupled between the first interface server and an external network; a second firewall coupled between the first interface server and an internal server on an internal network, wherein the first interface server receives a user request from the external network, wherein the user request is compared with a set of permissible requests, wherein the user request is stored in the interface memory, and wherein the interface memory is queried exclusively from the internal server; and wherein the user request is sent to the internal server for processing in response to the query if the user request matches a permissible request, and the user request is not sent to the internal server for processing if the user request does not match the permissible request. - View Dependent Claims (25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35)
-
-
36. A system of secure data exchange comprising:
-
means for receiving a user request from an external network through an external firewall in a first interface server; means for comparing, on the first interface server, the user request with a set of permissible requests; means for storing the user request in the first interface server; means for checking for stored user requests exclusively from an internal server on an internal network through an internal firewall and sending the user request to the internal network only if the user request matches one of the permissible requests; and means for processing the user request in the internal network. - View Dependent Claims (37)
-
-
38. A method of secure data exchange comprising:
-
receiving one or more requests from an external user in a portal in an external network to perform a data transaction with an internal network, wherein the requests are conditioned by an interface server in a neutral zone and temporarily stored in precisely defined form in an interface memory in the neutral zone, wherein the neutral zone is behind, in access direction, the external network; and exclusively interrogating the interface memory from an internal server located in the internal network at a defined frequency, wherein complete processing of the data transaction includes authenticating the user within the internal network, wherein the user is authenticated while the one or more requests are stored in the interface memory and the one or more requests are not processed within the internal network if the user is not authenticated, wherein secure data exchange between the external and internal network is via a transaction interface in which the external user performs predetermined data transactions within the internal network, and wherein the transaction interface comprises said portal, said neutral zone, and said internal server. - View Dependent Claims (39, 40)
-
-
41. A computer system comprising modules containing software for controlling the computer system to perform a method for secure data exchange, wherein the computer system comprises a first interface server and an internal server, the method comprising:
-
receiving, through an external firewall, a user request from an external network in the first interface server; comparing, on the first interface server, the user request with a set of permissible requests; storing the user request in an interface memory coupled to the first interface server; checking, through an internal firewall, the interface memory exclusively from the internal server on an internal network; processing the user request in the internal server if the user request matches one of the permissible requests; and not processing the user request in the internal server if it does not match one of the permissible requests. - View Dependent Claims (42, 43, 44, 45, 46, 47, 48, 49)
-
Specification