Techniques for securely managing and accelerating data delivery
First Claim
1. A method for managing and accelerating the delivery of data implemented in a computer-readable storage medium and processed on a proxy device for performing the method, comprising:
- receiving a secure communications request for data associated with a remote site, wherein the request is received from a client and the secure communications request occurs via Secure Socket Layer (SSL) communications with the client and wherein the request is received at a forward proxy that processes within a local networking environment of the client, the local networking environment within a same physical and geographical location for the client and the forward proxy;
determining that a local managing service is needed to mediate between the client and the remote site based on an identity for the remote site, the remote site associated with an external networking environment, the external networking environment existing in a different physical and geographical location from that of the client and the forward proxy;
processing the local managing service from within the local networking environment of the client;
passing the request to the local managing service for processing acting as the forward proxy for the client, the local managing service is capable of caching the data for servicing the secure communications request of the client within the local networking environment of the client and capable of securely interfacing with the remote site via the external networking environment, the local managing service houses the identity for the remote site and local managing service is trusted by the remote site and the remote site delegates authority to the local managing service to vend data of the remote site within the local networking environment of the client;
creating, by the proxy device, a secure communications tunnel between the client and the local managing service; and
creating, by the proxy device, another secure communications tunnel between the local managing service and the remote site, the local managing service also acts as a reverse proxy on behalf of the remote site from within the local networking environment of the client, the remote site delegates data vending on behalf of the remote site to be managed and distributed by the local managing service from within the local networking environment of the client and the local managing service presents itself to the client as the remote site appearing to originate from the external networking environment.
9 Assignments
0 Petitions
Accused Products
Abstract
Techniques are provided for securely managing and accelerating the delivery of data associated with remote sites. A client desires to establish secure communications with a remote site. Requests made from the client to the remote site are intercepted or forwarded to a proxy, which locates a local managing service associated with handling the requests. The local managing service acts as an intermediary between the client and the remote site and communicates securely with the client. Data associated with the client'"'"'s requests is at least partially cached by the local managing service for purposes of accelerating the delivery of that data to the client.
66 Citations
24 Claims
-
1. A method for managing and accelerating the delivery of data implemented in a computer-readable storage medium and processed on a proxy device for performing the method, comprising:
-
receiving a secure communications request for data associated with a remote site, wherein the request is received from a client and the secure communications request occurs via Secure Socket Layer (SSL) communications with the client and wherein the request is received at a forward proxy that processes within a local networking environment of the client, the local networking environment within a same physical and geographical location for the client and the forward proxy; determining that a local managing service is needed to mediate between the client and the remote site based on an identity for the remote site, the remote site associated with an external networking environment, the external networking environment existing in a different physical and geographical location from that of the client and the forward proxy; processing the local managing service from within the local networking environment of the client; passing the request to the local managing service for processing acting as the forward proxy for the client, the local managing service is capable of caching the data for servicing the secure communications request of the client within the local networking environment of the client and capable of securely interfacing with the remote site via the external networking environment, the local managing service houses the identity for the remote site and local managing service is trusted by the remote site and the remote site delegates authority to the local managing service to vend data of the remote site within the local networking environment of the client; creating, by the proxy device, a secure communications tunnel between the client and the local managing service; and creating, by the proxy device, another secure communications tunnel between the local managing service and the remote site, the local managing service also acts as a reverse proxy on behalf of the remote site from within the local networking environment of the client, the remote site delegates data vending on behalf of the remote site to be managed and distributed by the local managing service from within the local networking environment of the client and the local managing service presents itself to the client as the remote site appearing to originate from the external networking environment. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method of managing and accelerating delivery of data implemented in a computer-readable storage medium and to process within a local networking environment of a client for performing the method, comprising:
-
processing a local service of a proxy for communicating securely with the client and for acting on behalf of the client during interactions between the client and a remote site, the local service processed based on an identity of the remote site that identity used to determine that the local service is needed to mediate between the client and the remote site, the local service processes from within a local networking environment of the client and uses Secure Socket Layer (SSL) communications when interacting with the client, the local networking environment within a same physical and geographical location as the client, and the local service presents itself to the client as the remote site appearing from an external networking environment, the external networking environment existing within a different physical and geographical location from that which is associated with the client and the local service, and the local service acts as a reverse proxy on behalf of the remote site from the local networking environment of the client, the remote site delegates data vending from the remote site to the local service for distributing to the client; managing authority from the remote site at the local service, wherein authority is managed by accessing a certificate of the remote site at the local service and within the local networking environment of the client; establishing a secure tunnel between the local service of the proxy and the client for interactions between the client and the local service; establishing another secure tunnel between the local service and the remote site for interactions between the local service and the remote site; and caching, within the local service, data received from the remote site, and portions of the data are sent to the client in order to service data requests made from the client to the remote site. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A data management and acceleration delivery system implemented in computer-readable storage media and to process on devices of a network, the system comprising:
-
a proxy; a local service accessible to the proxy; and a remote site external to the proxy, the proxy directs secure requests received from a client for the remote site to the local service, the secure requests are directed to the local service based on an identity for the remote site that is used to determine that the local service is needed to mediate between the client and the remote site, the local service;
acts as a transparent proxy on behalf of the client, processes within a local networking environment of the client, and communicates securely with the client using Secure Socket Layer (SSL) communications via a first secure tunnel established by the proxy for interactions between the local service and the client, the local computing environment within a same physical and geographical location as the client, and the local service interacts securely with the remote site via a second secure tunnel established by the proxy for interactions between the local service and the remote site, communication with the remote site occurring over an external networking environment that is at a different physical and geographical location from that which is associated with the client and the local service, the interactions between the local service and the remote site is to acquire data on behalf of the client, the local service also configured for acting as a reverse proxy on behalf of the remote site and from within the local networking environment of the client, the remote site delegates data vending to the local service for distribution to the client and the local service presents itself to the client as the remote site, and portions or all of the acquired data are cached within the local service and used to service requests made by the client from within the local networking environment of the client. - View Dependent Claims (14, 15, 16, 17, 18, 19)
-
-
20. A data management and acceleration delivery system implemented in a computer-readable storage medium and to process on one or more devices of a network, the system comprising:
-
a proxy; and one or more local services directly accessible to the proxy, the proxy acts as an intermediary between one or more clients and one or more remote sites, the proxy detects attempts made by the clients for establishing secure communications with the remote sites and based on the identities of a particular client and particular remote site identifies a particular local service and determines based on a particular identity for the particular remote site that the particular local service is needed to mediate between the particular remote site and the particular client, the particular local service;
communicates securely with the particular client via Secure Socket Layer (SSL) communications as a transparent proxy to the particular client and via a first tunnel established by the proxy between the particular local service and the particular client, the particular local service processes within a local networking environment of the particular client and within a same physical and geographical location as that of the particular client, and the particular local service also securely communicates with the particular remote site as a reverse proxy for the particular remote service via a second tunnel established by the proxy between the particular local service and the particular remote site, communication with the particular remote site occurring over a particular external networking environment that is at a different physical and geographical location from that which is associated with the particular client and the particular local service, and the particular local service acts as the reverse proxy for the particular remote service from within the local networking environment of the particular client, and the particular remote site delegates data vending to the particular local service for distribution to the particular client and the particular local service presents itself to the particular client as the particular remote site from within the local networking environment of the particular client and the particular local service caches data received from the particular remote site for purposes of servicing requests for portions of that data requested by the particular client and the cached data resides within the local networking environment of the particular client. - View Dependent Claims (21, 22, 23, 24)
-
Specification