System for performing remote operation between firewall-equipped networks or devices
First Claim
Patent Images
1. A remote operation service system in which first and second internal networks are connected to an external network by first and second firewalls which are respectively installed in said first and second networks, and a servicing unit connected to said second internal network provides remote operation services to a serviced unit connected to said first internal network,said serviced unit including:
- means for setting up a first connection with said second firewall installed for said second internal network via said first internal network and said first firewall installed for said first internal network; and
means for transmitting packets containing data for a remote operation to or from said servicing unit over said first connection, said second firewall including;
means for, after checking whether or not the received packets being the packets transmitted from the said serviced unit belonging to a contract user, and after said first connection has been set up with said serviced unit, setting up a second connection with said servicing unit via said second internal network; and
means for relaying packets between said serviced unit and said servicing unit using said first and second connections, and said servicing unit including;
means for providing remote operation services to said serviced unit by transmitting packets to or from said serviced unit via said second firewall and said second connection.
1 Assignment
0 Petitions
Accused Products
Abstract
A remote operation system is disclosed which is used with a network environment in which a unit that provides remote operation services through networks and a unit that receives the services are each safeguarded by a firewall (or “each equipped with a firewall for”) from an external network. The remote operation service receiving unit sets up a connection A with the firewall installed on the remote operation service providing unit side and transmits security check information to that firewall. The firewall checks this security check information and then sets up a connection B with the remote operation service providing unit via its associated internal network when it is determined that the security check information has been sent from a contract user unit. Thereby, information used for remote operation can be transmitted between the two units over a logical path composed of the connections A and B.
76 Citations
7 Claims
-
1. A remote operation service system in which first and second internal networks are connected to an external network by first and second firewalls which are respectively installed in said first and second networks, and a servicing unit connected to said second internal network provides remote operation services to a serviced unit connected to said first internal network,
said serviced unit including: -
means for setting up a first connection with said second firewall installed for said second internal network via said first internal network and said first firewall installed for said first internal network; and
means for transmitting packets containing data for a remote operation to or from said servicing unit over said first connection, said second firewall including;
means for, after checking whether or not the received packets being the packets transmitted from the said serviced unit belonging to a contract user, and after said first connection has been set up with said serviced unit, setting up a second connection with said servicing unit via said second internal network; and
means for relaying packets between said serviced unit and said servicing unit using said first and second connections, and said servicing unit including;
means for providing remote operation services to said serviced unit by transmitting packets to or from said serviced unit via said second firewall and said second connection. - View Dependent Claims (2)
-
-
3. A remote operation service system in which first and second internal networks are connected to the Internet by first and second firewalls which are respectively installed in said first and second networks, and a servicing unit connected to said second internal network provides remote operation services to a serviced unit connected to said first internal network,
said serviced unit including: -
means for setting up a first connection with said second firewall installed for said second internal network via said first internal network and said first firewall installed for said first internal network; and
means for transmitting packets containing data for a remote operation to or from said servicing unit over said first connection, said second firewall including;
means for, after checking whether or not the received packets being the packets transmitted from the said serviced unit belonging to a contract user, and after said first connection has been set up with said serviced unit, setting up a second connection with said servicing unit via said second internal network; and
means for relaying the received packets between said serviced unit and said servicing unit using said first and second connections if the received packets belonged to the contract user, and said servicing unit including;
means for providing remote operation services to said serviced unit by transmitting packets to or from said serviced unit via said second firewall and said second connection. - View Dependent Claims (4)
-
-
5. A remote operation service providing method in a remote operation service system in which first and second internal networks are connected to an external network by first and second firewalls which are respectively installed in said first and second networks and a servicing unit connected to said second internal network provides remote operation services to a serviced unit connected to said first internal network, said remote operation service providing method comprising the steps of:
-
in said serviced unit, setting up a first connection with said second firewall installed for said second internal network via said first internal network and said first firewall for said first internal network;
in said serviced unit, transmitting packets containing data for performing a remote operation to or from said servicing unit connected to said second internal network over said first connection;
in said second firewall, setting up a second connection with said servicing unit via said second internal network, after checking whether or not the received packets being the packets transmitted from the said serviced unit belonging to a contract user, and after said first connection has been set up with said serviced unit;
in said second firewall, relaying packets between said serviced unit and said servicing unit by transmitting packets to or from said serviced unit via said second firewall and said second connection.
-
-
6. A remote operation method for use with a unit to be serviced which is connected to a second internal network in which a second firewall is installed for an external network and receives a remote operation service from a servicing unit connected to a first internal network in which a first firewall is installed for the external network, comprising:
-
establishing by the unit to be serviced a connection to the first firewall through the second firewall;
transmitting by the unit to be serviced a packet to and from the first firewall through the connection;
determining by the first firewall whether the unit to be serviced belongs to the contract user based upon contents of the received packet, and forwarding to the servicing unit only received packets sent from a contract user;
checking, by the unit to be serviced, security of remote operation directive information stored in a received packet;
performing, by the servicing unit, a remote operation on the unit to be serviced according to the remote operation directive information whose security is checked by the first firewall; and
transmitting, by the unit to be serviced, an execution result of the remote operation to the first firewall through the connection.
-
-
7. A security check method for use with a center device functioning as a second firewall in response to access through an external network to a servicing unit by a unit to be serviced which is connected to a first internal network in which a first firewall is installed for the external network, comprising:
-
establishing by the center device a first connection to the unit to be serviced through the first firewall and the external network;
transmitting by the center device a packet to and from the unit to be serviced through the first connection;
checking by the center device after establishing the first connection whether received packet is transmitted from the unit to be serviced of a subscriber;
establishing by the center device a second connection to the servicing unit through an internal network when the center device determines as a result of the checking that the received packet is transmitted from the unit to be serviced of the subscriber; and
transmitting by the center device the packet to and from the servicing unit connected to the internal network through the second connection, wherein only packets transmitted from the unit to be serviced of the subscriber are transmitted to the servicing unit.
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeFujitsu Limited
-
Original AssigneeFujitsu Limited
-
InventorsTanno, Kazuhira
-
Primary Examiner(s)Rinehart, Mark H.
-
Assistant Examiner(s)Thompson, Marc D.
-
Application NumberUS09/245,921Publication NumberTime in Patent Office1,163 DaysField of Search709/225, 709/227, 709/228, 709/229, 709/249, 370/401, 370/402, 713/200, 713/201, 340/825.34US Class Current709/227CPC Class CodesH04L 63/02 for separating internal fro...H04L 63/029 Firewall traversal, e.g. tu...H04L 67/125 involving control of end-de...
