Methods and systems for accessing data from different security domains
First Claim
Patent Images
1. A method for presenting information from a plurality of security domains, said method comprising:
- receiving, by a computing device, a first request for a first communication component provided by a first server in a first security domain that is associated with a first security classification;
receiving, by the computing device, a second request for a second communication component provided by a second server in a second security domain that is associated with a second security classification comprising a restriction level that is different than the first security classification, wherein the first server is unable to access the second server and the second server is unable to access the first server due to the difference in security classifications;
determining whether the first server is authorized to access the first security domain;
determining whether the second server is authorized to access the second security domain;
based on the determination that the first server is authorized to access the first security domain and that the second server is authorized to access the second security domain, said method comprises;
forwarding the first request to the first server;
forwarding the second request to the second server;
combining, by the computing device, first data received from the first server via the first communication component and second data received from the second server via the second communication component to create combined data; and
providing, by the computing device, the combined data for presentation to a user; and
based on the determination that at least one of the first server is not authorized to access the first security domain and that the second server is not authorized to access the second security domain, returning neither the first data nor the second data.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods and apparatus for use in presenting information from a plurality of security domains. A first request for first data from a first data source and a second request for second data from a second data source are transmitted by a computing device. The first data source is associated with a first security domain, and the second data source is associated with a second security domain. A bridge computing device forwards the first request and/or the second request based on determining that the requests are authorized. The first data and the second data may be received and combined by the computing device.
14 Citations
20 Claims
-
1. A method for presenting information from a plurality of security domains, said method comprising:
-
receiving, by a computing device, a first request for a first communication component provided by a first server in a first security domain that is associated with a first security classification; receiving, by the computing device, a second request for a second communication component provided by a second server in a second security domain that is associated with a second security classification comprising a restriction level that is different than the first security classification, wherein the first server is unable to access the second server and the second server is unable to access the first server due to the difference in security classifications; determining whether the first server is authorized to access the first security domain; determining whether the second server is authorized to access the second security domain; based on the determination that the first server is authorized to access the first security domain and that the second server is authorized to access the second security domain, said method comprises; forwarding the first request to the first server; forwarding the second request to the second server; combining, by the computing device, first data received from the first server via the first communication component and second data received from the second server via the second communication component to create combined data; and providing, by the computing device, the combined data for presentation to a user; and based on the determination that at least one of the first server is not authorized to access the first security domain and that the second server is not authorized to access the second security domain, returning neither the first data nor the second data. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system for presenting information from a plurality of security domains, said system comprising:
-
a first server computing device configured to; receive a request for combined data from a client computing device, wherein the combined data includes first data is provided by a first data source associated with a first security domain and second data provided by a second data source associated with a second security domain and also associated with a second server computing device, the first security domain comprising a first security classification that has a restriction level that is different than a second security classification associated with the second security domain, wherein the first server is unable to access the second server and the second server is unable to access the first server due to the difference in security classifications; transmit a first request for the first data to a bridge computing device; and transmit a second request for the second data to the bridge computing device; and a bridge computing device coupled in communication with said first server computing device and the second server computing device and configured to; receive the first request and the second request from the first server computing device; determine whether the first server computing device is authorized to access the first security domain; determine whether the second server computing device is authorized to access the second security domain; based on the determination that the first server computing device is authorized to access the first security domain and that the second server computing device is authorized to access the second security domain, said bridge computing device is configured to; forward the first request to the first data source; forward the second request to the second data source; and combine the first data retrieved from the first data source and the second data retrieved from the second data source; and based on the determination that at least one of the first server computing device is not authorized to access the first security domain and that the second server computing device is not authorized to access the second security domain, said bridge computing device is configured to return neither the first data nor the second data. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
-
-
16. One or more non-transitory computer readable media having computer-executable components, said components comprising:
a bridge component that when executed by at least one processor unit causes the at least one processor unit to; receive a request for first data provided by a first data source that is associated with a first security domain; receive a request for second data provided by a second data source that is associated with a second security domain, the first security domain comprising a first security classification that has a restriction level that is different than a second security classification associated with the second security domain, wherein the first server is unable to access the second server and the second server is unable to access the first server due to the difference in security classifications; determine whether the first server is authorized to access the first security domain; determine whether the second server is authorized to access the second security domain; based on the determination that the first server is authorized to access the first security domain and that the second server is authorized to access the second security domain, said bridge component is configured to; forward the request for the first data to the first data source; forward the request for the second data to the second data source; receive the first data from the first data source; and receive the second data from the second data source; and a data combination component that when executed by at least one processor unit causes the at least one processor unit to combine the first data and the second data to create combined data; and based on the determination that at least one of the first server computing device is not authorized to access the first security domain and that the second server computing device is not authorized to access the second security domain, said bridge computing device is configured to return neither the first data nor the second data. - View Dependent Claims (17, 18, 19, 20)
Specification