利索-全球专利检索

  1. 登录
  2. 注册

搜索结果

56 条记录 (耗时 0.037 秒)

    Providing consistent application aware firewall traversal
    1.
    发明授权
    Providing consistent application aware firewall traversal 有权
    提供一致的应用感知防火墙穿越

    公开(公告)号:US07685633B2

    公开(公告)日:2010-03-23

    申请号:US11326992

    申请日:2006-01-05

    申请人: Ido Ben-Shachar Ashwin Palekar David C. Steere Joy Chik Tudor A. Baraboi Meher P. Malakapalli

    发明人: Ido Ben-Shachar Ashwin Palekar David C. Steere Joy Chik Tudor A. Baraboi Meher P. Malakapalli

    IPC分类号: G06F15/16

    CPC分类号: H04L63/029 H04L63/0227 H04L63/08 H04L63/102

    摘要: Implementations of the present invention relate to a communication framework that is readily adaptable to a wide variety of resources intended to be accessible through a firewall. In general, a communication framework at a gateway server can provide a specific connection to a requested resource in accordance with a wide range of resource and/or network access policies. In one instance, a client requests a connection to a specific resource behind a firewall. The communication framework authenticates the connection, and quarantines the connection until determining, for example, that the client is using an appropriate resource features. If appropriately authenticated, the communication framework can pass control of the connection to an appropriately identified protocol plug-in processor, which facilitates a direct connection to the requested resource at an application layer of a communication stack.

    摘要翻译: 本发明的实现涉及一种易于适应旨在通过防火墙访问的各种资源的通信框架。 通常,网关服务器处的通信框架可以根据广泛的资源和/或网络访问策略提供与请求的资源的特定连接。 在一种情况下,客户端请求与防火墙后面的特定资源的连接。 通信框架认证连接,并隔离连接,直到确定客户端正在使用适当的资源特征。 如果适当地认证,则通信框架可以将连接的控制传递到适当识别的协议插件处理器,这有助于在通信栈的应用层处直接连接到所请求的资源。

    Securely Pushing Connection Settings to a Terminal Server Using Tickets
    3.
    发明申请
    Securely Pushing Connection Settings to a Terminal Server Using Tickets 审中-公开
    使用门票将连接设置安全地推送到终端服务器

    公开(公告)号:US20090259757A1

    公开(公告)日:2009-10-15

    申请号:US12103542

    申请日:2008-04-15

    申请人: Ido Ben-Shachar Meher P. Malakapalli Donghang Guo Ashwin Palekar

    发明人: Ido Ben-Shachar Meher P. Malakapalli Donghang Guo Ashwin Palekar

    IPC分类号: G06F15/16

    CPC分类号: H04L63/0807 G06F21/335

    摘要: Systems and techniques for securely pushing connection settings to a terminal server using tickets are described. In one embodiment, a request is received at a first network component from a client for access to a second network component. A ticket associated with one or more connection settings is created and provided to the client. The ticket is provided by the client to the second network component. The ticket is provided from the second network component to the first network component, and the one or more connection settings associated with the ticket are received from the first network component back to the second network component. The one or more connection settings are enforced at the second network component.

    摘要翻译: 描述使用票据将连接设置安全地推送到终端服务器的系统和技术。 在一个实施例中,在来自客户端的用于访问第二网络组件的第一网络组件处接收到请求。 创建与一个或多个连接设置相关联的故障单并提供给客户端。 该客票由客户端提供给第二网络组件。 从第二网络组件提供票据到第一网络组件,并且将与票据相关联的一个或多个连接设置从第一网络组件接收回第二网络组件。 一个或多个连接设置在第二个网络组件实施。

    Providing consistent application aware firewall traversal
    5.
    发明申请
    Providing consistent application aware firewall traversal 有权
    提供一致的应用感知防火墙穿越

    公开(公告)号:US20060195899A1

    公开(公告)日:2006-08-31

    申请号:US11326992

    申请日:2006-01-05

    申请人: Ido Ben-Shachar Ashwin Palekar David Steere Joy Chik Tudor Baraboi Meher Malakapalli

    发明人: Ido Ben-Shachar Ashwin Palekar David Steere Joy Chik Tudor Baraboi Meher Malakapalli

    IPC分类号: G06F15/16

    CPC分类号: H04L63/029 H04L63/0227 H04L63/08 H04L63/102

    摘要: Implementations of the present invention relate to a communication framework that is readily adaptable to a wide variety of resources intended to be accessible through a firewall. In general, a communication framework at a gateway server can provide a specific connection to a requested resource in accordance with a wide range of resource and/or network access policies. In one instance, a client requests a connection to a specific resource behind a firewall. The communication framework authenticates the connection, and quarantines the connection until determining, for example, that the client is using an appropriate resource features. If appropriately authenticated, the communication framework can pass control of the connection to an appropriately identified protocol plug-in processor, which facilitates a direct connection to the requested resource at an application layer of a communication stack.

    摘要翻译: 本发明的实现涉及一种易于适应旨在通过防火墙访问的各种资源的通信框架。 通常,网关服务器处的通信框架可以根据广泛的资源和/或网络访问策略提供与请求的资源的特定连接。 在一种情况下,客户端请求与防火墙后面的特定资源的连接。 通信框架认证连接,并隔离连接,直到确定客户端正在使用适当的资源特征。 如果适当地认证,则通信框架可以将连接的控制传递到适当识别的协议插件处理器,这有助于在通信栈的应用层处直接连接到所请求的资源。

    PLUGGABLE MODULES FOR TERMINAL SERVICES
    6.
    发明申请
    PLUGGABLE MODULES FOR TERMINAL SERVICES 审中-公开
    终端服务的可扩展模块

    公开(公告)号:US20090183225A1

    公开(公告)日:2009-07-16

    申请号:US11972443

    申请日:2008-01-10

    申请人: Meher P. Malakapalli Ashwin Palekar

    发明人: Meher P. Malakapalli Ashwin Palekar

    IPC分类号: G06F21/00

    CPC分类号: H04L63/0823 G06F21/335 H04L63/0272 H04L63/102

    摘要: Embodiments that facilitate the use of pluggable policy modules and authentication modules for access to a Terminal Services (TS) server are disclosed. In accordance with various embodiments, a method includes accessing one or more pluggable modules at a Terminal Services Gateway (TSG) server or a Terminal Services (TS) server. The method further includes processing a TS server access request from a TS client at the TSG server or the TS server. The TS server access request is processed in part based on the one or more pluggable modules. In one particular embodiment, the one or more pluggable modules include at least one of a connection authorization policy (CAP) module, a resource authorization policy (RAP) module, and an authentication module.

    摘要翻译: 公开了有助于使用可插拔策略模块和认证模块来访问终端服务(TS)服务器的实施例。 根据各种实施例,一种方法包括访问终端服务网关(TSG)服务器或终端服务(TS)服务器处的一个或多个可插拔模块。 该方法还包括从TSG服务器或TS服务器处的TS客户机处理TS服务器访问请求。 TS服务器访问请求部分基于一个或多个可插拔模块进行处理。 在一个特定实施例中,一个或多个可插拔模块包括连接授权策略(CAP)模块,资源授权策略(RAP)模块和认证模块中的至少一个。

    Providing remote application access in accordance with decentralized configuration information
    10.
    发明申请
    Providing remote application access in accordance with decentralized configuration information 审中-公开
    根据分散配置信息提供远程应用程序访问

    公开(公告)号:US20070233804A1

    公开(公告)日:2007-10-04

    申请号:US11395905

    申请日:2006-03-31

    申请人: Ashwin Palekar Ido Ben-Shachar Robert Leitman Russell Morgan

    发明人: Ashwin Palekar Ido Ben-Shachar Robert Leitman Russell Morgan

    IPC分类号: G06F15/16

    CPC分类号: H04L67/025 H04L67/08 H04L67/28 H04L67/2861

    摘要: The present invention extends to methods, systems, and computer program products for providing remote application access in accordance with decentralized configuration information. Client side data representing a request for a list of remote applications is received. One or more lists of remote applications resident at terminal servers are accessed. Filter criteria to apply to the one or more lists of available remote applications are identified based on the client side data. The identified filter criteria are applied to the one or more lists of available remote applications to reduce the one or more lists of available remote applications to a targeted subset of remote applications. Application access data is returned for each remote application in the subset of remote applications to the client computer system such that the client computer system can use the application access data to remotely execute targeted remote applications.

    摘要翻译: 本发明扩展到用于根据分散配置信息提供远程应用访问的方法,系统和计算机程序产品。 接收到表示远程应用程序列表请求的客户端数据。 访问驻留在终端服务器的一个或多个远程应用程序列表。 基于客户端数据来识别应用于可用远程应用的一个或多个列表的过滤标准。 所识别的过滤标准被应用于可用远程应用程序的一个或多个列表,以将可用远程应用程序的一个或多个列表减少到远程应用程序的目标子集。 将远程应用程序子集中的每个远程应用程序的应用程序访问数据返回给客户端计算机系统,以便客户端计算机系统可以使用应用程序访问数据来远程执行目标远程应用程序。