Secure server architecture for web based data management
First Claim
1. A system for supporting secure networking, the system comprising:
- a first firewall configured to receive a service request from a client and to control access to a first set of addresses; and
a second firewall configured to receive the service request from a server associated with one of the first set of addresses, the second firewall being further configured to control access to a second set of addresses,wherein the server establishes a communication session with the client, the communication session having an identifier encapsulated in a cookie, the server communicating with a dispatch server associated with one of the second set of addresses, the dispatch server being configured to receive the service request via the second firewall and to dispatch the service request to a proxy service in response to the service request.
7 Assignments
0 Petitions
Accused Products
Abstract
A double firewalled system is disclosed for protecting remote enterprise servers that provide communication services to telecommunication network customers from unauthorized third parties. A first router directs all connection requests to one or more secure web servers, which may utilize a load balancer to efficiently distribute the session connection load among a high number of authorized client users. On the network side of the web servers, a second router directs all connection requests to a dispatcher server, which routes application server calls to a proxy server for the application requested. A plurality of data security protocols are also employed. The protocols provide for an identification of the user, and an authentication of the user to ensure the user is who he/she claims to be and a determination of entitlements that the user may avail themselves of within the enterprise system. Session security is described, particularly as to the differences between a remote user'"'"'s copper wire connection to a legacy system and a user'"'"'s remote connection to the enterprise system over a “stateless” public Internet, where each session is a single transmission, rather than an interval of time between logon and logoff, as is customary in legacy systems.
-
Citations
6 Claims
-
1. A system for supporting secure networking, the system comprising:
-
a first firewall configured to receive a service request from a client and to control access to a first set of addresses; and a second firewall configured to receive the service request from a server associated with one of the first set of addresses, the second firewall being further configured to control access to a second set of addresses, wherein the server establishes a communication session with the client, the communication session having an identifier encapsulated in a cookie, the server communicating with a dispatch server associated with one of the second set of addresses, the dispatch server being configured to receive the service request via the second firewall and to dispatch the service request to a proxy service in response to the service request. - View Dependent Claims (2, 3, 4, 5, 6)
-
Specification