Method for a secure information transfer
First Claim
1. A method for connecting a user device located in a first intranet and a data server located in a second intranet, comprising:
- sending a request from the user device located in the first intranet to a first computing device located in the first intranet to connect with the data server located in the second intranet;
generating, by a connection module of the first computing device, a unique session identification for a subsequent connection setup between the user device and the data server, the unique session identification being valid for only one connection setup;
transmitting from the first computing device to a second computing device located in the second intranet a request message containing an identification of the first intranet company and the unique session identification;
validating the unique session identification at the second intranet;
after validating the unique session identification, storing in a database located in the second intranet, via a storage module of the second computing device, the unique session identification, and sending, via the second computing device, a confirmation message to the connection module of the first computing device, wherein said confirmation message comprises address information related to the data server;
sending said address information and the unique session identification from the connection module of the first computing device to the user device;
initializing a connection to the data server by the user device, using said address information and the unique session identification;
before accepting the connection, performing an authorization check by the data server, the authorization check being performed by comparing the unique session identification received from the user device with the unique session identification stored in the database; and
accepting the connection between the data server and the user device if access by the user device is recognized through said authorization check.
2 Assignments
0 Petitions
Accused Products
Abstract
A method of securely transmitting information between a user device and a central computing device, located in a self-contained network. The method includes: sending a request from the user device to a second computing device located outside of the self-contained network to connect with the central computing device; transmitting from the second network device to a third computing device located in the self-contained network a message containing a unique identification; storing in a database, via the third computing device, the unique identification when the identification is validated, and sending, via the third computing device, a confirmation message to the second computing device; and initializing a connection with the central computing device through the user device, using information contained in the confirmation message to initialize a connection with the central computing device, and the connection through the central computing device is accepted when access by the user device is authorized.
-
Citations
15 Claims
-
1. A method for connecting a user device located in a first intranet and a data server located in a second intranet, comprising:
-
sending a request from the user device located in the first intranet to a first computing device located in the first intranet to connect with the data server located in the second intranet; generating, by a connection module of the first computing device, a unique session identification for a subsequent connection setup between the user device and the data server, the unique session identification being valid for only one connection setup; transmitting from the first computing device to a second computing device located in the second intranet a request message containing an identification of the first intranet company and the unique session identification; validating the unique session identification at the second intranet; after validating the unique session identification, storing in a database located in the second intranet, via a storage module of the second computing device, the unique session identification, and sending, via the second computing device, a confirmation message to the connection module of the first computing device, wherein said confirmation message comprises address information related to the data server; sending said address information and the unique session identification from the connection module of the first computing device to the user device; initializing a connection to the data server by the user device, using said address information and the unique session identification; before accepting the connection, performing an authorization check by the data server, the authorization check being performed by comparing the unique session identification received from the user device with the unique session identification stored in the database; and accepting the connection between the data server and the user device if access by the user device is recognized through said authorization check. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A method for connecting a user device located in a first intranet and a data server located in a second intranet, comprising:
-
sending a request from the user device located in the first intranet to a first computing device located in the first intranet to connect with the data server located in the second intranet; generating, by a connection module of the first computing device, a unique session identification for a subsequent connection setup between the user device and the data server, the unique session identification being valid for only one connection setup, the unique session identification not identifying access rights of an individual user; transmitting from the first computing device to a second computing device located in the second intranet a request message containing an identification of the first intranet company and the unique session identification; validating the unique session identification at the second intranet; after validating the unique session identification, storing in a database located in the second intranet, via a storage module of the second computing device, the unique session identification, and sending, via the second computing device, a confirmation message to the connection module of the first computing device, wherein said confirmation message comprises address information related to the data server; sending said address information and the unique session identification from the connection module of the first computing device to the user device; initializing a connection to the data server by the user device, using said address information and the unique session identification; before accepting the connection, performing an authorization check by the data server, the authorization check being performed by comparing the unique session identification received from the user device with the unique session identification stored in the database; and accepting the connection between the data server and the user device if access by the user device is recognized through said authorization check.
-
-
15. A method for connecting a user device located in a first intranet and a data server located in a second intranet, comprising:
-
sending a request from the user device located in the first intranet to a first computing device located in the first intranet to connect with the data server located in the second intranet; generating by a connection module of the first computing device a unique session identification for a subsequent connection setup between the user device and the data server, the unique session identification being valid for only one connection setup; transmitting from the first computing device to a second computing device located in the second intranet a request message containing an identification of the first intranet company and the unique session identification; validating the unique session identification at the second intranet; after validating the unique session identification, storing in a database located in the second intranet, via a storage module of the second computing device, the unique session identification along with an information about a period of validity expiry of the unique session identification, and sending, via the second computing device, a confirmation message to the connection module of the first computing device, wherein said confirmation message comprises address information related to the data server; sending said address information and the unique session identification from the connection module of the first computing device to the user device as a link; activating the link at the user device to thereby initialize a connection to the data server by the user device, using said address information and the unique session identification; before accepting the connection, performing an authorization check by the data server, the authorization check being performed by comparing the unique session identification received from the user device with the unique session identification stored in the database; accepting the connection between the data server and the user device if access by the user device is recognized through said authorization check and the period of validity stored in the database indicates that the unique session identification transmitted by the user device has not expired; and securely transmitting information over the connection between the user device and the data server if the connection was accepted.
-
Specification