-
公开(公告)号:CZ295858B6
公开(公告)日:2005-11-16
申请号:CZ138799
申请日:1997-10-02
Applicant: IBM
Inventor: JADE PRASHANTH , MOORE VICTOR STUART , RAO ARUN MOHAN , WALTERS GLEN ROBERT
Abstract: A firewall (1) isolates computer and network resources inside the firewall (1) from networks, computers and computer applications outside the firewall (1). Typically, the internal means can be represented by private databases and local area networks (LANs) and the outside objects can be represented by individuals and computer applications operating through the mediation of public communication networks such as Internet. Usually, a firewall (1) allows for an inside user or object to originate connection to an outside object or network, but does not allow for connections to be generated in the reverse direction; i.e. from outside in. The disclosed invention provides a special "tunneling" mechanism, operating on both sides of a firewall (1), for establishing such "outside in" connections when they are requested by certain "trusted" individuals or objects or applications outside the firewall (1). The mechanism includes special tunneling applications, running on interface servers inside and outside the firewall (1), and a special table of "trusted sockets" created and maintained by the inside a tunneling application. Items contained in the table of "trusted sockets" define objects inside the firewall (1) and consists of special inside ports, a communication protocol which is to be used on each port, and a ôhostö being connected with each port. Each item is a ôtrusted itemö in such a sense that it is probably known only to individuals possessing authority to have a "tunnelingö access through the firewall (1) from outside. These applications use the table to establish connection through the firewall (1) by response to outside requests determining valid items in the table.
-
公开(公告)号:BR9705094A
公开(公告)日:1999-06-29
申请号:BR9705094
申请日:1997-10-20
Applicant: IBM
Inventor: MOORE VICTOR STUART , JADE PRASHANTH , RAO ARUN MOHAN , WALTERS GLEN ROBERT
Abstract: A firewall isolates computer and network resources inside the firewall from networks, computers and computer applications outside the firewall. Typically, the inside resources could be privately owned databases and local area networks (LAN's), and outside objects could include individuals and computer applications operating through public communication networks such as the Internet. Usually, a firewall allows for an inside user or object to originate connection to an outside object or network, but does not allow for connections to be generated in the reverse direction; i.e. from outside in. The disclosed invention provides a special "tunneling" mechanism, operating on both sides of a firewall, for establishing such "outside in" connections when they are requested by certain "trusted" individuals or objects or applications outside the firewall. The intent here is to minimize the resources required for establishing "tunneled" connections (connections through the firewall that are effectively requested from outside), while also minimizing the security risk involved in permitting such connections to be made at all. The mechanism includes special tunneling applications, running on interface servers inside and outside the firewall, and a special table of "trusted sockets" created and maintained by the inside tunneling application. Entries in the trusted sockets table define objects inside the firewall consisting of special inside ports, a telecommunication protocol to be used at each port, and a host object associated with each port. Each entry is "trusted" in the sense that it is supposedly known only by individuals authorized to have "tunneling" access through the firewall from outside.
-
公开(公告)号:MY127656A
公开(公告)日:2006-12-29
申请号:MYPI9704377
申请日:1997-09-19
Applicant: IBM
Inventor: JADE PRASHANTH , MOORE VICTOR STUART , RAO ARUN MOHAN , WALTERS GLEN ROBERT
IPC: G06F11/00 , G06F12/14 , G06F13/00 , G06F13/16 , G06F13/36 , H04L9/32 , H04L12/56 , H04L12/66 , H04L29/06
Abstract: A FIREWALL ISOLATES COMPUTER AND NETWORK RESOURCES INSIDE THE FIREWALL FROM NETWORKS, COMPUTERS AND COMPUTER APPLICATIONS OUTSIDE THE FIREWALL. TYPICALLY, THE INSIDE RESOURCES COULD BE PRIVATELY OWNED DATABASES AND LOCAL AREA NETWORKS (LAN’S), AND OUTSIDE OBJECTS COULD INCLUDE INDIVIDUALS AND COMPUTER APPLICATIONS OPERATING THROUGH PUBLIC COMMUNICATION NETWORKS SUCH AS THE INTERNET. USUALLY, A FIREWALL ALLOWS FOR AN INSIDE USER OR OBJECT TO ORIGINATE CONNECTION TO AN OUTSIDE OBJECT OR NETWORK, BUT DOES NOT ALLOW FOR CONNECTIONS TO BE GENERATED IN THE REVERSE DIRECTION; I.E. FROM OUTSIDE IN. THE DISCLOSED INVENTION PROVIDES A SPECIAL “TUNNELING” MECHANISM, OPERATING ON BOTH SIDES OF A FIREWALL (1), FOR ESTABLISHING SUCH “OUTSIDE IN” CONNECTIONS WHEN THEY ARE REQUESTED BY CERTAIN “TRUSTED” INDIVIDUALS OR OBJECTS OR APPLICATIONS OUTSIDE THE FIREWALL. THE INTENT HERE IS TO MINIMIZE THE RESOURCES REQUIRED FOR ESTABLISHING “TUNNELED” CONNECTIONS (CONNECTIONS THROUGH THE FIREWALL THAT ARE EFFECTIVELY REQUESTED FROM OUTSIDE), WHILE ALSO MINIMIZING THE SECURITY RISK INVOLVED IN PERMITTING SUCH CONNECTIONS TO BE MADE AT ALL. THE MECHANISM INCLUDES SPECIAL TUNNELING APPLICATIONS, RUNNING ON INTERFACE SERVERS (2, 3) INSIDE AND OUTSIDE THE FIREWALL, AND A SPECIAL TABLE OF “TRUSTED SOCKETS” CREATED AND MAINTAINED BY THE INSIDE TUNNELING APPLICATION. ENTRIES IN THE TRUSTED SOCKETS TABLE DEFINE OBJECTS INSIDE THE FIREWALL CONSISTING OF SPECIAL INSIDE PORTS, A TELECOMMUNICATION PROTOCOL TO BE USED AT EACH PORT, AND A HOST OBJECT ASSOCIATED WITH EACH PORT. EACH ENTRY IS “TRUSTED” IN THE SENSE THAT IT IS SUPPOSEDLY KNOWN ONLY BY INDIVIDUALS AUTHORIZED TO HAVE “TUNNELING” ACCESS THROUGH THE FIREWALE FROM OUTSIDE. THESE APPLICATIONS USE THE TABLE TO EFFECT CONNECTIONS THROUGH THE FIREWALL IN RESPONSE TO OUTSIDE REQUESTS IDENTIFYING VALID TABLE ENTRIES. (FIG. 3)
-
公开(公告)号:CA2269544C
公开(公告)日:2004-12-28
申请号:CA2269544
申请日:1997-10-02
Applicant: IBM
Inventor: MOORE VICTOR STUART , RAO ARUN MOHAN , WALTERS GLEN ROBERT , JADE PRASHANTH
Abstract: A firewall isolates computer and network resources inside the firewall from networks, computers and computer applications outside the firewall. Usually, a firewall allows for an inside user or object to originate connection to an outside object or network, but does not allow for connections to be generated in the reverse direction; i.e. from outside in. The disclosed invention provides a special "tunnelling" mechanism, operating on both sides of a firewall, for establishing such "outside in" connections when they are requested by certain "trusted" individuals or objects or applications outside the firewall. The mechanism includes special tunnelling applications, running on interface servers inside and outside the firewall, and a special table of "trusted sockets" created and maintained by the inside tunnelling application.
-
公开(公告)号:AT285151T
公开(公告)日:2005-01-15
申请号:AT97943996
申请日:1997-10-02
Applicant: IBM
Inventor: JADE PRASHANTH , MOORE VICTOR STUART , RAO ARUN MOHAN , WALTERS GLEN ROBERT
Abstract: A firewall isolates computer and network resources inside the firewall from networks, computers and computer applications outside the firewall. Typically, the inside resources could be privately owned databases and local area networks (LAN's), and outside objects could include individuals and computer applications operating through public communication networks such as the Internet. Usually, a firewall allows for an inside user or object to originate connection to an outside object or network, but does not allow for connections to be generated in the reverse direction; i.e. from outside in. The disclosed invention provides a special "tunneling" mechanism, operating on both sides of a firewall, for establishing such "outside in" connections when they are requested by certain "trusted" individuals or objects or applications outside the firewall. The intent here is to minimize the resources required for establishing "tunneled" connections (connections through the firewall that are effectively requested from outside), while also minimizing the security risk involved in permitting such connections to be made at all. The mechanism includes special tunneling applications, running on interface servers inside and outside the firewall, and a special table of "trusted sockets" created and maintained by the inside tunneling application. Entries in the trusted sockets table define objects inside the firewall consisting of special inside ports, a telecommunication protocol to be used at each port, and a host object associated with each port. Each entry is "trusted" in the sense that it is supposedly known only by individuals authorized to have "tunneling" access through the firewall from outside.
-
Patent Agency Ranking
公开(公告)号:BR9712635A
公开(公告)日:1999-10-26
申请号:BR9712635
申请日:1997-10-02
Applicant: IBM
Inventor: JADE PRASHANTH , MOORE VICTOR STUART , RAO ARUN MOHAN , WALTERS GLEN ROBERT
Abstract: A firewall isolates computer and network resources inside the firewall from networks, computers and computer applications outside the firewall. Typically, the inside resources could be privately owned databases and local area networks (LAN's), and outside objects could include individuals and computer applications operating through public communication networks such as the Internet. Usually, a firewall allows for an inside user or object to originate connection to an outside object or network, but does not allow for connections to be generated in the reverse direction; i.e. from outside in. The disclosed invention provides a special "tunneling" mechanism, operating on both sides of a firewall, for establishing such "outside in" connections when they are requested by certain "trusted" individuals or objects or applications outside the firewall. The intent here is to minimize the resources required for establishing "tunneled" connections (connections through the firewall that are effectively requested from outside), while also minimizing the security risk involved in permitting such connections to be made at all. The mechanism includes special tunneling applications, running on interface servers inside and outside the firewall, and a special table of "trusted sockets" created and maintained by the inside tunneling application. Entries in the trusted sockets table define objects inside the firewall consisting of special inside ports, a telecommunication protocol to be used at each port, and a host object associated with each port. Each entry is "trusted" in the sense that it is supposedly known only by individuals authorized to have "tunneling" access through the firewall from outside.
-
公开(公告)号:CZ9901387A3
公开(公告)日:1999-08-11
申请号:CZ138799
申请日:1997-10-02
Applicant: IBM
Inventor: JADE PRASHANTH , MOORE VICTOR STUART , RAO ARUN MOHAN , WALTERS GLEN ROBERT
CPC classification number: H04L63/0272 , H04L29/06 , H04L63/029
-
公开(公告)号:CA2269544A1
公开(公告)日:1998-04-30
申请号:CA2269544
申请日:1997-10-02
Applicant: IBM
Inventor: MOORE VICTOR STUART , JADE PRASHANTH , RAO ARUN MOHAN , WALTERS GLEN ROBERT
Abstract: A firewall isolates computer and network resources inside the firewall from networks, computers and computer applications outside the firewall. Usually, a firewall allows for an inside user or object to originate connection to an outside object or network, but does not allow for connections to be generated in the reverse direction; i.e. from outside in. The disclosed invention provides a special "tunnelling" mechanism, operating on both sides of a firewall, for establishing such "outside in" connections when they are requested by certain "trusted" individuals or objects or applications outside the firewall. The mechanism includes special tunnelling applications, running on interface servers inside and outside the firewall, and a special table of "trusted sockets" created and maintained by the inside tunnelling application.
-
公开(公告)号:ES2231895T3
公开(公告)日:2005-05-16
申请号:ES97943996
申请日:1997-10-02
Applicant: IBM
Inventor: JADE PRASHANTH , MOORE VICTOR STUART , RAO ARUN MOHAN , WALTERS GLEN ROBERT
Abstract: UN CORTAFUEGOS AISLA LOS RECURSOS DEL ORDENADOR Y DE LA RED DENTRO DEL CORTAFUEGOS DE LAS REDES, ORDENADORES Y APLICACIONES DE ORDENADOR QUE ESTAN FUERA DEL CORTAFUEGOS. NORMALMENTE, UN CORTAFUEGOS PERMITE A UN USUARIO O A UN OBJETO INTERNO ESTABLECER UNA CONEXION CON UN OBJETO EXTERNO O UNA RED EXTERNA, PERO NO PERMITE QUE LAS CONEXIONES SE ESTABLEZCAN EN EL SENTIDO CONTRARIO; ES DECIR, DESDE EL EXTERIOR HACIA EL INTERIOR. LA PRESENTE INVENCION PROPORCIONA UN MECANISMO DE "TUNEL", QUE FUNCIONA EN AMBOS LADOS DEL CORTAFUEGOS, PARA ESTABLECER CONEXIONES DESDE EL EXTERIOR HACIA EL INTERIOR CUANDO SON SOLICITADAS POR CIERTOS INDIVIDUOS, OBJETOS O APLICACIONES DE "CONFIANZA" QUE ESTAN FUERA DEL CORTAFUEGOS. EL MECANISMO INCLUYE APLICACIONES ESPECIALES DE TUNEL, QUE SE EJECUTAN EN SERVIDORES DE INTERFAZ DENTRO Y FUERA DEL CORTAFUEGOS, Y UNA TABLA ESPECIAL DE "CONECTORES DE CONFIANZA" CREADA Y MANTENIDA POR LA APLICACION DE TUNEL INTERNA.
-
公开(公告)号:AU2003232359A1
公开(公告)日:2003-12-31
申请号:AU2003232359
申请日:2003-06-03
Applicant: IBM
Inventor: CREAMER THOMAS , MOORE VICTOR , WALTERS GLEN ROBERT , WINTERS SCOTT LEE
Abstract: A voice browser configured to process voice markup language documents can include a voice processing application and an integrated communications interface for interacting with a voice processing system. The voice browser can be configured to load the voice processing application independently of a received telephone call. The integrated communications interface can include at least one of an integrated transaction capabilities application part component for receiving a transaction capabilities application part query and an integrated ISUP component for receiving a telephony control signal.
-
-
-
-
-
-
-
-
-
Search Results
13
records
(took 0.017 seconds)
