SYSTEM FOR PERFORMING REMOTE OPERATION BETWEEN FIREWALL-EQUIPPED NETWORKS OR DEVICES
First Claim
1. A system which is provided with a servicing unit connected to a first internal network in which a first firewall is installed for an external network and a serviced unit connected to a second internal network in which a second firewall is installed for said external network, wherein said servicing unit performs a remote operation on said serviced unit through said external network, said serviced unit comprising:
- packet communications means for transmitting an identifier specifying the address of said servicing unit connected to said first internal network, setting up a connection with said servicing unit via said second firewall and said first firewall, and transmitting packets to or from said servicing unit over said connection; and
remote operation execution means for fetching remote operation directive information from packets received by said packet communications means and performing a remote operation on said serviced unit as indicated by said remote operation directive information.
1 Assignment
0 Petitions
Accused Products
Abstract
A remote operation system is disclosed which is used with a network environment in which a unit that provides remote operation services through networks and a unit that receives the services are each safeguarded by a firewall (or “each equipped with a firewall for”) from an external network. The remote operation service receiving unit sets up a connection A with the firewall installed on the remote operation service providing unit side and transmits security check information to that firewall. The firewall checks this security check information and then sets up a connection B with the remote operation service providing unit via its associated internal network when it is determined that the security check information has been sent from a contract user unit. Thereby, information used for remote operation can be transmitted between the two units over a logical path composed of the connections A and B.
38 Citations
32 Claims
-
1. A system which is provided with a servicing unit connected to a first internal network in which a first firewall is installed for an external network and a serviced unit connected to a second internal network in which a second firewall is installed for said external network, wherein said servicing unit performs a remote operation on said serviced unit through said external network, said serviced unit comprising:
-
packet communications means for transmitting an identifier specifying the address of said servicing unit connected to said first internal network, setting up a connection with said servicing unit via said second firewall and said first firewall, and transmitting packets to or from said servicing unit over said connection; and
remote operation execution means for fetching remote operation directive information from packets received by said packet communications means and performing a remote operation on said serviced unit as indicated by said remote operation directive information.
-
-
2. A system which is provided with a servicing unit connected to a first internal network in which a first firewall is installed for an external network and a serviced unit connected to a second internal network in which a second firewall is installed for said external network, wherein said servicing unit performs a remote operation on said serviced unit through said external network, said serviced unit comprising:
-
packet communications means for setting up a connection with said first firewall via said second firewall and transmitting packets to or from said first firewall over said connection; and
security check means for checking remote operation directive information contained in packets received by said packet communications means for validity;
remote operation execution means for performing a remote operation on said serviced unit as indicated by said remote operation directive information which has been validated by said security check means; and
execution result return means for returning the result of execution of said remote operation by said remote operation execution means to said first firewall through said packet communications means.
-
-
3. A system which is provided with a servicing unit connected to a first internal network in which a first firewall is installed for the Internet and a serviced unit connected to a second internal network in which a second firewall is installed for the Internet, wherein said servicing unit performs a remote operation on said serviced unit through said Internet, said serviced unit comprising:
-
packet communications means for transmitting an identifier specifying the address of said servicing unit connected to said first internal network, setting up a connection with said servicing unit via said second firewall and said first firewall, and transmitting packets to or from said servicing unit over said connection; and
remote operation execution means for fetching remote operation directive information from packets received by said packet communications means and performing a remote operation on said serviced unit as indicated by said remote operation directive information.
-
-
4. A system which is provided with a servicing unit connected to a first internal network in which a first firewall is installed for the Internet and a serviced unit connected to a second internal network in which a second firewall is installed for said Internet, wherein said servicing unit performs a remote operation on said serviced unit through said Internet, said serviced unit comprising:
-
packet communications means for setting up a connection with said first firewall via said second firewall and transmitting packets to or from said first firewall over said connection; and
security check means for checking remote operation directive information contained in packets received by said packet communications means for validity;
remote operation execution means for performing a remote operation on said serviced unit as indicated by said remote operation directive information which has been validated by said security check means; and
execution result return means for returning the result of execution of said remote operation by said remote operation execution means to said first firewall through said packet communications means.
-
-
5. A central unit which functions as a second firewall against access to a servicing unit via an external network by a serviced unit connected to a first internal network in which a first firewall is installed for said external network, comprising:
-
first packet communications means for setting up a first connection with said serviced unit via said first firewall and said external network and transmitting packets to or from said serviced unit over said first connection;
security check means for determining whether or not packets received by said packet communications means after said first connection has been set up are packets transmitted from a serviced unit of a contract user; and
second packet communications means for, when the determination by said security check means is that said packets are packets from said serviced unit of a contract user, setting up a second connection with said servicing unit via a second internal network connected to said central unit and transmitting packets to or from said servicing unit connected to said second internal network over said second connection. - View Dependent Claims (6, 7)
-
-
8. A central unit which functions as a second firewall against access to a servicing unit via the Internet by a serviced unit connected to a first internal network in which a first firewall is installed for said Internet, comprising:
-
first packet communication means for setting up a first connection with said serviced unit via said first firewall and said Internet and transmitting packets to or from said serviced unit over said first connection;
security check means for determining whether or not packets received by said packet communications means after said first connection has been set up are packets transmitted from a serviced unit of a contract user; and
second packet communications means for, when the determination by said security check means is that said packets are packets from said serviced unit of contract user, setting up a second connection with said servicing unit via a second internal network connected to said central unit and transmitting packets to or from said servicing unit connected to said second internal network over said second connection. - View Dependent Claims (9, 10)
-
-
11. A remote operation system which is provided with a serviced unit connected to a first internal network in which a first firewall is installed for an external network and a servicing unit connected to a second internal network in which a second firewall is installed for said external network for providing remote operation services to said serviced unit, said servicing unit comprising:
-
packet communications means for setting up a connection with said second firewall and transmitting packets to or from said serviced unit over said connection; and
remote operation execution means for producing packets containing a command to perform a remote operation on said serviced unit and transmitting said packets to said second firewall via said packet communications means. - View Dependent Claims (12)
-
-
13. A remote operation system which is provided with a serviced unit connected to a first internal network in which a first firewall is installed for the Internet and a servicing unit connected to a second internal network in which a second firewall is installed for said Internet for providing remote operation services to said serviced unit, said servicing unit comprising:
-
packet communications means for setting up a connection with said second firewall and transmitting data containing packets to or from said serviced unit over said connection; and
remote operation execution means for fetching remote operation directive information set up by said serviced unit from packets received by said packet communications means, producing packets containing a command to perform a remote operation indicated by said directive information and transmitting said packets to said second firewall. - View Dependent Claims (14)
-
-
15. A remote operation service system in which first and second internal networks are connected to an external network by first and second firewalls which are respectively installed in said first and second networks, and a servicing unit connected to said second internal network provides remote operation services to a serviced unit connected to said first internal network,
said serviced unit including: -
means for setting up a first connection with said second firewall installed for said second internal network via said first internal network and said first firewall installed for said first internal network; and
means for transmitting packets containing data for a remote operation to or from said servicing unit over said first connection, said second firewall including;
means for, after said first connection has been set up with said serviced unit, setting up a second connection with said servicing unit via said second internal network; and
means for relaying packets between said serviced unit and said servicing unit using said first and second connections, and said servicing unit including;
means for providing remote operation services to said serviced unit by transmitting packets to or from said serviced unit via said second firewall and said second connection. - View Dependent Claims (16, 17)
-
-
18. A remote operation service system in which first and second internal networks are connected to the Internet by first and second firewalls which are respectively installed in said first and second networks, and a servicing unit connected to said second internal network provides remote operation services to a serviced unit connected to said first internal network,
said serviced unit including: -
means for setting up a first connection with said second firewall installed for said second internal network via said first internal network and said first firewall installed for said first internal network; and
means for transmitting packets containing data for a remote operation to or from said servicing unit over said first connection, said second firewall including;
means for, after said first connection has been set up with said serviced unit, setting up a second connection with said servicing unit via said second internal network; and
means for relaying packets between said serviced unit and said servicing unit using said first and second connections, and said servicing unit including;
means for providing remote operation services to said serviced unit by transmitting packets to or from said serviced unit via said second firewall and said second connection. - View Dependent Claims (19, 20)
-
-
21. A remote operation service providing method in a remote operation service system in which first and second internal networks are connected to an external network by first and second firewalls which are respectively installed in said first and second networks and a servicing unit connected to said second internal network provides remote operation services to a serviced unit connected to said first internal network, said remote operation service providing method comprising the steps of:
-
in said serviced unit, setting up a first connection with said second firewall installed for said second internal network via said first internal network and said first firewall for said first internal network;
in said serviced unit, transmitting packets containing data for performing a remote operation to or from said servicing unit connected to said second internal network over said first connection;
in said second firewall, setting up a second connection with said servicing unit via said second internal network after said first connection has been set up with said serviced unit;
in said second firewall, relaying packets between said serviced unit and said servicing unit over said first and second connections; and
in said servicing unit, providing a remote operation service to said serviced unit by transmitting packets to or from said serviced unit via said second firewall and said second connection.
-
-
22. A unit to be serviced which is connected to a first internal network in which a first firewall is installed for an external network and receives a remote operation service from a servicing unit connected to a second internal network in which a second firewall is installed for the external network, comprising:
-
packet communications means for transmitting an identifier specifying an address of the servicing unit connected to the second internal network, establishing a connection to the servicing unit through the first and second firewalls, and transmitting a packet to and from the servicing unit through the connection; and
remote operation execution means for retrieving remote operation directive information from the packet received by said packet communications means, and performing a remote operation on the unit to be serviced. - View Dependent Claims (23)
-
-
24. A unit to be serviced which is connected to a first internal network in which a first firewall is installed for an external network and receives a remote operation service from a servicing unit connected to a second internal network in which a second firewall is installed for the external network, comprising:
-
packet communications means for establishing a connection to the second firewall through the first firewall, and transmitting a packet to and from the second firewall through the connection;
security check means for checking security of remote operation directive information stored in the packet received by said packet communications means;
remote operation execution means for performing a remote operation on the unit to be serviced according to the remote operation directive information whose security is checked by said security check means; and
execution result return means for returning an execution result of the remote operation performed by said remote operation execution means to the second firewall through said packet communications means. - View Dependent Claims (25)
-
-
26. A servicing unit which is connected to the second internal network in which the second firewall is installed for the external network and provides a remote operation service for a unit to be serviced connected to a first internal network in which a first firewall is installed for an external network, comprising:
-
packet communications means for establishing a connection to the second firewall, and transmitting a packet storing data to be transmitted to and from the unit to be serviced through the connection; and
remote operation execution means for generating the packet for which a command to perform a remote operation is set for the unit to be serviced, and transmitting the packet to the second firewall through said packet communications means. - View Dependent Claims (27, 28)
-
-
29. A remote operation method for use with a unit to be serviced which is connected to a second internal network in which a second firewall is installed for an external network and receives a remote operation service from a servicing unit connected to a first internal network in which a first firewall is installed for the external network, comprising the steps of:
-
establishing a connection to the servicing unit through the second and first firewalls after transmitting an identifier specifying an address of the servicing unit connected to the first internal network;
transmitting a packet to and from the servicing unit through the connection; and
retrieving remote operation directive information from the received packet and performing a remote operation on the unit to be serviced.
-
-
30. A remote operation method for use with a servicing unit, connected to a second internal network in which a second firewall is installed for an external network, for providing a remote operation service for a unit to be serviced which is connected to a first internal network in which a first firewall is installed for the external network, comprising the steps of:
-
establishing a connection to the second firewall;
transmitting a packet storing data to be transmitted to and from the unit to be serviced through the connection;
generating a packet in which a command to perform a remote operation on the unit to be serviced is set; and
transmitting the packet to the second firewall through the connection.
-
-
31. A remote operation method for use with a unit to be serviced which is connected to a second internal network in which a second firewall is installed for an external network and receives a remote operation service from a servicing unit connected to a first internal network in which a first firewall is installed for the external network, comprising the steps of:
-
establishing a connection to the first firewall through the second firewall;
transmitting a packet to and from the first firewall through the connection;
checking security of remote operation directive information stored in a received packet;
performing a remote operation on the unit to be serviced according to the remote operation directive information whose security is checked; and
transmitting an execution result of the remote operation to the first firewall through the connection.
-
-
32. A security check method for use with a center device functioning as a second firewall in response to access through an external network to a servicing unit by a unit to be serviced which is connected to a first internal network in which a first firewall is installed for the external network, comprising the steps of:
-
establishing a first connection to the unit to be serviced through the first firewall and external network;
transmitting a packet to and from the unit to be serviced through the first connection;
checking after establishing the first connection whether or not a received packet is transmitted from the unit to be serviced of a subscriber;
establishing a second connection to the servicing unit through an internal network when it is determined as a result of the checking that the received packet is transmitted from the unit to be serviced of the subscriber; and
transmitting the packet to and from the servicing unit connected to the internal network through the second connection.
-
Specification