System and method for secure access of a remote system
First Claim
1. A method for providing a user of a plurality of users with remote access to a network device via a computer system that comprises a processing device and memory accessible by the processing device, and that is configured to communicate with the network device via a first network and with a user of the plurality of users via a second network, wherein the memory stores computer-accessible program code and a web application, the method comprising the steps of:
- receiving, at the web application via the second network, a login request from a first user of the plurality of users that includes a login credential;
validating the login credential received from the first user at the login request receiving step against a predetermined login credential that is unique to the first user with respect to login credentials among other users of the plurality of users;
receiving, at the web application via the second network, a request from the first user for access to the network device;
retrieving from memory a login credential for the network device that is common to the plurality of users;
dynamically creating a path to the network device that comprises the first network, an endpoint of the path being automatically defined by masked data within the memory comprising at least one of the group consisting of login credential, IP address, and port setting of the network device, and forwarding the login credential of the network device retrieved from memory to the network device via the path;
thereafter receiving a response from the network device; and
providing the first user access, by the web application via the second network, to the response from the network device without providing the first user access to the at least one of the login credential, IP address, and port setting that comprise the masked data.
3 Assignments
0 Petitions
Accused Products
Abstract
A system and method for providing a user with secure access to devices operatively connected to a network comprising at least one processing device that has access to a database. The database maintains information for each user of the system, such as the user'"'"'s login credentials and access level or permissions, along with information corresponding to each network device, such as, for example, the device'"'"'s login credentials, IP address, and port settings. The processing device authenticates each user and then provides each user with access to the network devices as defined by the data maintained in the database corresponding to the respective user and the network devices.
27 Citations
8 Claims
-
1. A method for providing a user of a plurality of users with remote access to a network device via a computer system that comprises a processing device and memory accessible by the processing device, and that is configured to communicate with the network device via a first network and with a user of the plurality of users via a second network, wherein the memory stores computer-accessible program code and a web application, the method comprising the steps of:
-
receiving, at the web application via the second network, a login request from a first user of the plurality of users that includes a login credential; validating the login credential received from the first user at the login request receiving step against a predetermined login credential that is unique to the first user with respect to login credentials among other users of the plurality of users; receiving, at the web application via the second network, a request from the first user for access to the network device; retrieving from memory a login credential for the network device that is common to the plurality of users; dynamically creating a path to the network device that comprises the first network, an endpoint of the path being automatically defined by masked data within the memory comprising at least one of the group consisting of login credential, IP address, and port setting of the network device, and forwarding the login credential of the network device retrieved from memory to the network device via the path; thereafter receiving a response from the network device; and providing the first user access, by the web application via the second network, to the response from the network device without providing the first user access to the at least one of the login credential, IP address, and port setting that comprise the masked data. - View Dependent Claims (6)
-
-
2. A system for automating a login to a network device, comprising:
-
a computer system that comprises a processing device and memory accessible by the processing device, and that is configured to communicate with a network device via a first network and with a first user of a plurality of users via a second network, wherein the memory stores computer-executable program code that comprises a database, wherein the database includes, for each user of the plurality of users, a login credential that is unique to the user with respect to login credentials among the other users of the plurality of users and includes a login credential for the network device that is common to the plurality of users, and wherein the computer-executable program code is executable by the processing device to implement a method comprising the steps of receiving a login request from the first user via the second network that includes a login credential, validating the login credential received from the first user at the login request receiving step against the unique login credential for the first user at the database, receiving, from the first user via the second network, a request to access the network device, in response to the request at the access request receiving step, retrieving the login credential for the network device, dynamically creating a path to the network device that comprises the first network, an endpoint of the path being automatically defined by masked data within the database comprising at least one of the group consisting of login credential, IP address, and port setting of the network device, and forwarding the retrieved login credential to the network device via the path, thereafter receiving a response from the network device and providing the first user access, via the second network, to the response without providing the first user access to the at least one of the login credential, IP address, and port setting for the network device that comprise the masked data. - View Dependent Claims (3, 4, 7)
-
-
5. A system for automating a login to a network device, comprising:
-
a computer system that comprises a processing device and memory accessible by the processing device, and that is in communication with a network device via a first network and configured to communicate with a first user of a plurality of users via a second network, wherein the memory stores computer-executable program code, wherein the memory includes a login credential for the network device that is common to the plurality of users and includes a login credential for the first user, and wherein the computer-executable program code is executable by the processing device to implement a method comprising the steps of receiving a login request from the first user via the second network, the login request including a login credential, validating the login credential received from the first user at the login request receiving step against the login credential for the first user at the memory, receiving, from the first user via the second network, a request to access the network device, in response to the request at the access request receiving step, retrieving the login credential for the network device, dynamically creating a path to the network device that comprises the first network, an endpoint of the path being automatically defined by masked data within the memory comprising at least the login credential of the network device, and forwarding the retrieved login credential to the network device, via the path, thereafter receiving a response from the network device, removing from the response the login credential for the network device that comprises the masked data, and thereafter providing the first user access, via the second network, to the response. - View Dependent Claims (8)
-
Specification