Method for secure network access via message intercept
First Claim
1. A method of providing security for a network having one or more application services to which connections may be made from outside said network, said method comprising the steps of:
- intercepting a plurality of connection request messages each of which establishes a first connection request for an application service provided on said network;
establishing a second connection, said second connection being established with a security service;
confirming, through said second connection, said first connection request;
transmitting a message on said network after said confirming step confirms said first connection request;
establishing said second connection with a source hose having a source host address;
sending data describing ones of said intercepted connection request messages which originated from said source host address to said source host through said second connection; and
receiving selection data from said source host through said second connection, said selection data identifying a selected one of intercepted connection request messages wherein said message transmitted by said transmitting step corresponds to said selected one of intercepted connection request messages.
3 Assignments
0 Petitions
Accused Products
Abstract
Security is provided for an inside network (14) by a security host (26). Connection request messages sent from source hosts (22) in an outside network (12) are intercepted (94) in the security host (26) and prevented from being transmitted on the inside network (14). The user of the source host (22) then establishes a connection (78) to the security host (26) where a dialog session (80, 98, 100) occurs to confirm the user'"'"'s authenticity and authorization. After the user is confirmed, the intercepted connection request message is released (116) for transmission on the inside network (14) where the intended application service will respond and a communication session will commence.
335 Citations
16 Claims
-
1. A method of providing security for a network having one or more application services to which connections may be made from outside said network, said method comprising the steps of:
-
intercepting a plurality of connection request messages each of which establishes a first connection request for an application service provided on said network; establishing a second connection, said second connection being established with a security service; confirming, through said second connection, said first connection request; transmitting a message on said network after said confirming step confirms said first connection request; establishing said second connection with a source hose having a source host address; sending data describing ones of said intercepted connection request messages which originated from said source host address to said source host through said second connection; and receiving selection data from said source host through said second connection, said selection data identifying a selected one of intercepted connection request messages wherein said message transmitted by said transmitting step corresponds to said selected one of intercepted connection request messages. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method of providing security for a network having one or more application services to which connections may be made from outside said network, said method comprising the steps of:
-
receiving a connection request message at a security host coupled to said network, said connection request message providing a first connection request to an application service provided on said network whereby said connection request message is originated in response to actions taken by a user at a source host; establishing a second connection at said security host; confirming, through said second connection, said first connection request thereby authenticating a user; preventing, prior to said confirming step, said connection request message from being transmitted on said network; and transmitting said connection request message on said network after said confirming step confirms said first connection request. - View Dependent Claims (12)
-
-
13. A method of providing security for a network having an application service to which a connection may be established from outside said network, said connection being initiated through actions taken by a user at a source host having a source host address, and said method comprising the steps of:
-
intercepting a plurality of connection request messages from said source host, each of said connection request messages requesting establishment of a first connection to said application service provided on said network; establishing a connection between said source host and a security service; authenticating said user through said connection between said source host and said security service; and transmitting said connection request message on said network after said authenticating step authenticates said user; sending data describing ones of intercepted connection request messages which originated from said source host address to said source host through said connection between said source host and said security service; and receiving selection data from said source host through said connection between said source host and said security service, said selection data identifying a selected one of said intercepted connection request messages, wherein said message transmitted by said transmitting step corresponds to said selected one of said intercepted connection request messages. - View Dependent Claims (14, 15, 16)
-
Specification