发明名称 |
Secure server architecture for web based data management |
摘要 |
A double firewalled system is disclosed for protecting remote enterprise servers that provide communication services to telecommunication network customers from unauthorized third parties. A first router directs all connection requests to one or more secure web servers, which may utilize a load balancer to efficiently distribute the session connection load among a high number of authorized client users. On the network side of the web servers, a second router directs all connection requests to a dispatcher server, which routes application server calls to a proxy server for the application requested. A plurality of data security protocols are also employed. The protocols provide for an identification of the user, and an authentication of the user to ensure the user is who he/she claims to be and a determination of entitlements that the user may avail themselves of within the enterprise system. |
申请公布号 |
US8935772(B2) |
申请公布日期 |
2015.01.13 |
申请号 |
US201213648679 |
申请日期 |
2012.10.10 |
申请人 |
Verizon Patent and Licensing Inc. |
发明人 |
Devine Carol Y.;Shifrin Gerald A.;Shoulberg Richard W. |
分类号 |
G06F15/16;H04L29/06;G06F11/07;G06F11/32;G06F11/34;G06F17/30;G06F21/00;G06F21/41;G06F21/55;G06Q10/10;G06Q20/10;G06Q20/38;G06Q30/02;G06Q30/06;G06Q99/00;H04L12/14;H04L12/26;H04L12/24;H04M3/51;H04M15/00;G06F11/20;H04L12/58 |
主分类号 |
G06F15/16 |
代理机构 |
|
代理人 |
|
主权项 |
1. A method comprising:
receiving a service request over a private data network from a server within a secure network area that employs a plurality of firewalls, the server receiving the service request from a client via a communication session over a public data network, wherein the communication session is associated with a session identifier stored at the client; and dispatching the service request, via a back-end server to a proxy service linking to one of a plurality of applications; wherein a first one of the plurality of firewalls accepts the service request from the client and routes the service request from the client to at least one of a plurality of preselected addresses behind the first one of the firewalls in accordance with a first set of filtering rules; and a second one of the plurality of firewalls accepts the service request from the server and routes the service request from the server to at least one of a plurality of preselected addresses behind the second one of the firewalls in accordance with a second set of filtering rules. |
地址 |
Basking Ridge NJ US |