Systems and methods for secure remote access
First Claim
Patent Images
1. A method for encapsulating remote access session data, comprising:
- receiving, from an end user computer, a request for a remote connection to an onsite system behind a firewall, wherein the firewall prevents inbound connections;
initiating, by one or more onsite processors associated with a central system, a session request message within a reply to a previous message from the onsite system, wherein the request message is sent to a pre-selected traffic port that prevents non-outbound communications and blocks non-reply messages;
receiving the request message by an intelligent software module residing on one or more onsite processors associated with the onsite system;
establishing, by the intelligent software module, a connection between the onsite system and a remote connection server;
opening a secure tunnel at the central system by the onsite system;
encrypting data for transmission by the onsite system, wherein the data comprises operational information from a plurality of onsite controllers in communication with a plurality of sensors;
completing an authentication process by the onsite system;
establishing a connection between the end user computer and the onsite system; and
transferring the data from the onsite system to the end user computer.
1 Assignment
0 Petitions
Accused Products
Abstract
Embodiments of the disclosure can include systems and methods for secure remote transfers. The onsite monitoring system secure file transfer solution can allow for transferring operational data by an onsite system behind a firewall to a central monitoring and diagnostic infrastructure by sending asynchronous, concurrent, parallel files over a port using a previously opened connection. The asynchronous TLS tunneling based remote desktop protocol solution is uni-directional because the communication ports are typically open outbound only.
10 Citations
15 Claims
-
1. A method for encapsulating remote access session data, comprising:
-
receiving, from an end user computer, a request for a remote connection to an onsite system behind a firewall, wherein the firewall prevents inbound connections; initiating, by one or more onsite processors associated with a central system, a session request message within a reply to a previous message from the onsite system, wherein the request message is sent to a pre-selected traffic port that prevents non-outbound communications and blocks non-reply messages; receiving the request message by an intelligent software module residing on one or more onsite processors associated with the onsite system; establishing, by the intelligent software module, a connection between the onsite system and a remote connection server; opening a secure tunnel at the central system by the onsite system; encrypting data for transmission by the onsite system, wherein the data comprises operational information from a plurality of onsite controllers in communication with a plurality of sensors; completing an authentication process by the onsite system; establishing a connection between the end user computer and the onsite system; and transferring the data from the onsite system to the end user computer. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system for encapsulating remote access session data, the system comprising:
-
a central system with one or more computer processors operable to receive from an end user computer a request for a remote connection to an onsite system behind a firewall, wherein the firewall prevents inbound connections; the central system, in communication with the onsite system, and the one or more computer processors are operable to; initiate a session request message within a reply to a previous message from the onsite system, wherein the request message is sent to a pre-selected traffic port that prevents non-outbound communications and blocks non-reply messages;
wherein the onsite system is operable to;receive the request message by an intelligent software module residing on one or more onsite processors associated with the onsite system; connect to a remote desktop server; open a secure tunnel to the central system; encrypt data for transmission to the central system, wherein the data comprises operational information from a plurality of onsite controllers in communication with a plurality of sensors; complete an authentication process; and transmit the data to the central system. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. One or more non-transitory computer readable media comprising instructions, which when executed by one or more processors, perform the following operations:
-
receive, from an end user computer, a request for a remote connection to an onsite system behind a firewall, wherein the firewall prevents inbound connections; initiate, by a central system, a session request message within a reply to a previous message from the onsite system, wherein the request message is sent to a pre-selected traffic port that prevents non-outbound communications and blocks non-reply messages and is received by an intelligent software module residing on one or more onsite processors associated with the onsite system; establish a connection between the onsite system and a remote connection server; open a secure tunnel at the central system by the onsite system; encrypt data for transmission, wherein the data comprises operational information from a plurality of onsite controllers in communication with a plurality of sensors; complete an authentication process by the onsite system; establish a connection between the end user computer and the onsite system; and transfer the data from the central system to the onsite system.
-
Specification