System and method for providing secure access to a remote desktop across firewalls in an interactive grid environment
First Claim
1. An interactive grid computing system comprising:
- a computing service provider side comprising;
an interactive grid computing service provider comprising;
a grid distributed resource management system (grid DRM) configured for managing a plurality of execution nodes;
at least one resource that said grid DRM reserves for a client based on a request from said client, through a submission node, for an interactive session for a service that said resource is enabled to provide, wherein said at least one resource comprises at least one remote execution node of said plurality of remote execution nodes and at least one fine grained resource, said at least one resource reserved for a requested duration of said interactive session;
a first firewall coupled to said at least one resource and configured for protecting said at least one resource, wherein said first firewall is hosting a VNC proxy server;
a remote display server coupled to said first firewall for providing, at a requested time, secure access, by said submission node, to said at least one resource over a secure connection and for providing interactive graphical data associated with said at least one resource, wherein said client is enabled to communicate directly with said at least one resource over said secure connection during said interactive session;
a software agent associated with said at least one resource, wherein if said at least one resource is requested by said client, said software agent initiates interactive communication between said remote display server and a remote display resource; and
a client side coupled to said interactive grid computing service provider, said client side comprising;
a client comprising said remote display resource configured for communicating with said remote display server through said secure connection to access said interactive graphical data provided by said remote display server, wherein said remote display resource is a virtual network computing viewer modified for secure access and for viewing a graphical desktop display associated with said at least one resource, wherein a modification of said virtual network computing viewer comprises;
an established connection between said virtual network computing viewer and said VNC proxy server using a destination host and a destination port address;
a retrieved handle configured for facilitating a creation of a secure socket, said retrieved handle used to create said secure connection through a socks tunnel; and
a second firewall configured for protecting said client, said second firewall hosting a SOCKS proxy server, wherein said secure connection is through said socks tunnel and is used to tunnel said interactive graphical data through said second firewall.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and method for secure access to a remote desktop across firewalls in an interactive grid environment is disclosed. Embodiments of the present invention include an interactive grid computing system comprising an interactive grid computing service provider comprising: a resource for use over the interactive grid, a first firewall for protecting the resource and a remote display server for providing a secure connection and for providing interactive graphical data associated with the resource. The system further comprises a client comprising: a second firewall protecting the client and a remote display resource for providing a secure connection and for viewing the interactive graphical data provided by the remote display server.
15 Citations
15 Claims
-
1. An interactive grid computing system comprising:
-
a computing service provider side comprising; an interactive grid computing service provider comprising; a grid distributed resource management system (grid DRM) configured for managing a plurality of execution nodes; at least one resource that said grid DRM reserves for a client based on a request from said client, through a submission node, for an interactive session for a service that said resource is enabled to provide, wherein said at least one resource comprises at least one remote execution node of said plurality of remote execution nodes and at least one fine grained resource, said at least one resource reserved for a requested duration of said interactive session; a first firewall coupled to said at least one resource and configured for protecting said at least one resource, wherein said first firewall is hosting a VNC proxy server; a remote display server coupled to said first firewall for providing, at a requested time, secure access, by said submission node, to said at least one resource over a secure connection and for providing interactive graphical data associated with said at least one resource, wherein said client is enabled to communicate directly with said at least one resource over said secure connection during said interactive session; a software agent associated with said at least one resource, wherein if said at least one resource is requested by said client, said software agent initiates interactive communication between said remote display server and a remote display resource; and a client side coupled to said interactive grid computing service provider, said client side comprising; a client comprising said remote display resource configured for communicating with said remote display server through said secure connection to access said interactive graphical data provided by said remote display server, wherein said remote display resource is a virtual network computing viewer modified for secure access and for viewing a graphical desktop display associated with said at least one resource, wherein a modification of said virtual network computing viewer comprises; an established connection between said virtual network computing viewer and said VNC proxy server using a destination host and a destination port address; a retrieved handle configured for facilitating a creation of a secure socket, said retrieved handle used to create said secure connection through a socks tunnel; and a second firewall configured for protecting said client, said second firewall hosting a SOCKS proxy server, wherein said secure connection is through said socks tunnel and is used to tunnel said interactive graphical data through said second firewall. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A method for interactively accessing a remote desktop across a secure network comprising:
-
receiving a request for at least one resource provided by a grid distributed resource management system (grid DRM), said grid DRM configured for managing a plurality of execution nodes, wherein said at least one resource is protected by a first firewall, wherein said at least one resource comprises at least one remote execution node of said plurality of remote execution nodes and at least one fine grained resource, wherein said first firewall comprises a VNC proxy server; initiating, at a requested time, a remote display server, said remote display server configured for providing interactive graphical data associated with said at least one resource to a remote display viewer, wherein said remote display viewer is protected by a second firewall and is a virtual network computing viewer modified for secure access and for viewing a graphical desktop display associated with said at least one resource, wherein modifying said virtual network computing viewer comprises; establishing a secure socket layer (SSL) connection between said virtual network computing viewer and said VNC proxy server using a destination host and a destination port address, wherein said virtual network computing viewer is enabled to communicate directly with said VNC proxy server; retrieving a handle that is configured for facilitating a creation of a secure socket; utilizing said retrieved handle to create said secure connection through a socks tunnel; and communicating interactive graphical data between said virtual network computing viewer and said VNC proxy server directly through said SSL connection, and wherein said second firewall hosts a SOCKS proxy server, wherein said secure connection is through said socks tunnel and is used to tunnel said interactive graphical data through said second firewall. - View Dependent Claims (7, 8, 9, 10)
-
-
11. An interactive grid computer system comprising a processor coupled to a bus and a memory coupled to said bus and comprising instructions that when executed implement a method for accessing a remote desktop across firewalls comprising:
-
receiving a request for at least one resource provided by a grid distributed resource management system (grid DRM), said grid DRM configured for managing a plurality of execution nodes, wherein said at least one resource is protected by a first firewall, wherein said at least one resource comprises at least one remote execution node of said plurality of remote execution nodes and at least one fine grained resource, wherein said first firewall hosts a VNC proxy server; initiating, at a requested time, a remote display server, said remote display server configured for providing interactive graphical data associated with said at least one resource to a remote display viewer, wherein said remote display viewer is protected by a second firewall and is a virtual network computing viewer modified for secure access and for viewing a graphical desktop display associated with said at least one resource, wherein modifying said virtual network computing viewer comprises; establishing a secure socket layer (SSL) connection between said virtual network computing viewer and said VNC proxy server using a destination host and a destination port address, wherein said virtual network computing viewer is enabled to communicate directly with said VNC proxy server; retrieving a handle that is configured for facilitating a creation of a secure socket; utilizing said retrieved handle to create said secure connection through a socks tunnel; and communicating interactive graphical data between said virtual network computing viewer and said VNC proxy server directly through said SSL connection, and wherein said second firewall hosts a SOCKS proxy server, wherein said secure connection is through said socks tunnel and is used to tunnel said interactive graphical data through said second firewall. - View Dependent Claims (12, 13, 14, 15)
-
Specification