Centralized publishing of network resources
First Claim
Patent Images
1. A computer implemented method, comprising:
- maintaining a centralized allow list to control access to applications of a computer network in a computer-readable central database;
receiving an update to the centralized allow list in the computer-readable central database from a terminal server that hosts one or more network applications that are access controlled according to the centralized allow list and remotely executable from a client computing device, the update being uploaded to the terminal server from an administrative tool that communicates with the terminal server;
receiving an access query for access from the client computing device to a particular application that is on the one or more terminal servers at the computer-readable central database, the access query including an alias for a name of the particular application, the alias specifying a communication protocol for accessing the particular application;
evaluating information in the access query against the centralized allow list to ascertain whether access privilege exists for accessing the particular application using the client computing device; and
when the access privilege is affirmative, granting access to the particular application on a specified terminal server at the client computing device, the granting including providing an identity of the specified terminal server from which to access the particular application.
3 Assignments
0 Petitions
Accused Products
Abstract
Techniques for centralized publishing of network resources within computer networks are described. Publication of and access to the network resources are controlled from a single, centralized location, advantageously improving the uniformity of network administration responsibilities, and overall robustness of the network.
163 Citations
15 Claims
-
1. A computer implemented method, comprising:
-
maintaining a centralized allow list to control access to applications of a computer network in a computer-readable central database; receiving an update to the centralized allow list in the computer-readable central database from a terminal server that hosts one or more network applications that are access controlled according to the centralized allow list and remotely executable from a client computing device, the update being uploaded to the terminal server from an administrative tool that communicates with the terminal server; receiving an access query for access from the client computing device to a particular application that is on the one or more terminal servers at the computer-readable central database, the access query including an alias for a name of the particular application, the alias specifying a communication protocol for accessing the particular application; evaluating information in the access query against the centralized allow list to ascertain whether access privilege exists for accessing the particular application using the client computing device; and when the access privilege is affirmative, granting access to the particular application on a specified terminal server at the client computing device, the granting including providing an identity of the specified terminal server from which to access the particular application. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. One or more non-transmissible computer-readable storage media containing instructions that, when executed by a computer, perform acts for providing access to network resources in a computer network having a plurality of resource hosts, the acts comprising:
-
maintaining an allow list in a centralized database operatively coupled to the plurality of resource hosts, the allow list controlling access to each of the network resources stored on the plurality of resource hosts; receiving an update to the allow list in the centralized database from a resource host that hosts one or more network applications that are access controlled according to the allow list and remotely executable from a client computing device, the update being uploaded to the resource host from an administrative tool that communicates with the resource host; receiving an access query for a requester to access a network resource from the client computing device; determining an access privilege based on the allow list of the centralized database for the requester; and granting access to the network resource stored on a specified resource host at the client computing device using a communication protocol in response to determining the allow list authorizes access by the requester, the granting access including performing a load balancing determination between the plurality of resource hosts to select the specified resource host and identifying the specified resource host to the requester. - View Dependent Claims (12, 13)
-
-
14. A computer implemented method, comprising:
-
providing a list of network applications available on a computer network having a plurality of resource hosts to one or more client computing devices; maintaining an access record in a computer-readable centralized database server, the computer-readable centralized database server being distinct from the plurality of resource hosts; receiving an update to the access record from a resource host that provides one or more network applications that are access controlled according to the access record and remotely executable from a client device, the update being uploaded to the resource host from an administrative tool that communicates with the resource host; receiving an access query from a requester at a client computing device for access to a network application; determining an access privilege of the requester to access the network application using the access record in the centralized database server; determining one of the plurality of resource hosts that include the network application as a suitable resource host to launch the network application and a communication protocol setting for accessing the network application, the suitable resource host being selected through a load balancing determination between the plurality of resource hosts; and granting or denying access to the network application on the suitable resource host based on the access privilege, the granting including providing an identity of the suitable resource host from which to access the network application, and providing the communication protocol setting for communicating with the suitable resource host. - View Dependent Claims (15)
-
Specification