Secure authentication proxy architecture for a web-based wireless intranet application
Abstract
A method and server system for exchanging data between a wireless electronic device and another computer system. This system allows a wireless electronic device to securely communicate with an Intranet by verifying authentication parameters. The first authentication parameter is the device serial number and a password which authenticates the network connection. The second authentication parameter is a user name and password that authenticates the user's access to applications on the Intranet. The system uniquely integrates the authentication parameters into every query the wireless device makes to the Intranet to maintain the session between the wireless device and the Intranet. Beneficially, the authentication parameters are not stored on any particular network device and do not burden either the server or the wireless device with maintaining the session. In another embodiment of the present invention, the server system uses a link rewriter service for examining web pages generated by applications of the Intranet to identify links that target any application that is resident on the Intranet. The link rewriter uses a look up table in a database to rewrite the link to include a keyword that designates the targeted application and its Intranet server. The keyword is then used to route links to the Intranet and if a link is not resident on the Intranet, the query will be routed to the Internet.
Claims
exact text as granted — not AI-modified1 . A server system comprising:
a network translator for communicating with wireless electronic devices and translating between a wireless communication protocol and an IP communication protocol; an Intranet comprising a plurality of Intranet servers, each Intranet server comprising applications; a proxy server coupled to said network translator and said Intranet and for routing queries received from said wireless electronic devices to an appropriate server destination and also for routing responses to said wireless electronic devices, said proxy server comprising:
a link rewriter service for examining web pages generated by applications of said Intranet to identify links that point to any application that is resident in said Intranet, said link rewriter service also for translating each identified link to include a keyword that designates both the targeted application and its Intranet server; and
a router service for examining queries sent from said wireless electronic devices and for routing queries with recognized keywords to said Intranet and for routing others to the Internet.
2 . A server system as described in claim 1 wherein said proxy server also comprises an authentication adder service for adding authentication parameters to said links that target any application that is resident in said Intranet.
3 . A server system as described in claim 1 further comprising a keyword database in which each recognized keyword has an associated URL that specifies an Intranet server and an application within said Intranet server.
4 . A server system as described in claim 1 wherein said proxy server is also coupled to the Internet.
5 . A server system as described in claim 2 wherein said authentication parameters include a user name and a device serial number.
6 . A server system as described in claim 1 wherein said network translator translates between wireless protocol and said IP protocol.
7 . A server system as described in claim 1 wherein said proxy server also comprises an authentication user service for confirming received queries as being associated with an valid user based on a database of valid user information.
8 . A server system comprising:
a translator means for communicating with wireless electronic devices and translating between a wireless communication protocol and an IP communication protocol; a routing means for examining queries sent from said wireless electronic devices and for routing queries with recognized keywords to said Intranet and for routing others to the Internet; an Intranet comprising a plurality of Intranet servers, each Intranet server comprising applications; a proxy server coupled to said translator means, said routing means, and said Intranet, said proxy server including:
link rewriting means for examining web pages generated by
applications of said Intranet to identify links that point to any application that is resident in said Intranet, said link rewriting means also for translating each identified link to include a keyword that designates both the targeted application and its Intranet server.
9 . A server system as described in claim 8 wherein said proxy server also comprises an authentication adder means for adding authentication parameters to said links that target any application that is resident in said Intranet.
10 . A server system as described in claim 8 further comprising a keyword database in which each recognized keyword has an associated file path that specifies an Intranet server and an application within said Intranet server.
11 . A server system as described in claim 8 wherein said proxy server is also coupled to the Internet.
12 . A server system as described in claim 9 wherein said authentication parameters include a user name and a device identifying number.
13 . A server system as described in claim 8 wherein said translator means translates between ECC wireless protocol and said IP protocol.
14 . A server system as described in claim 8 wherein said proxy server also comprises an authentication user means for confirming received queries as being associated with an valid user based on a database of valid user information.
15 . In a server system, a method of communicating with wireless electronic devices comprising the steps of:
a) receiving a web page representing a response to a query sent by a wireless electronic device, said web page generated by an application residing in an Intranet that comprises a plurality of Intranet servers, each having applications; b) identifying links within said web page that point to any application of said Intranet; c) for links identified in step b), rewriting each identified link to include a keyword that designates both the targeted application and its Intranet server; d) routing rewritten links to an appropriate wireless electronic device; and e) for queries received by said server system and sent by said wireless electronic devices, routing those queries having a recognized keyword to said Intranet and otherwise routing received queries to the Internet.
16 . A method as described in claim 15 wherein said step c) further comprises the step of adding authentication parameters to links generated from said applications of said Intranet server.
17 . A method as described in claim 16 wherein said authentication parameters include a user name and a device serial number.
18 . A method as described in claim 16 further comprising a keyword database in which each recognized keyword has an associated URL that specifies an Intranet server and an application within said Intranet server.
19 . A method as described in claim 18 wherein said step e) further comprises the steps of:
analyzing said queries for keywords that match a keyword database; replacing recognized keywords with the corresponding file pathways from said keyword database; and routing said links to appropriate applications of said Intranet as indicated by said file pathways.
20 . A method as described in claim 15 further comprising the step of performing a protocol translation on received queries between an ECC wireless protocol and said IP protocol.Join the waitlist — get patent alerts
Track US2007282909A1 — get alerts on status changes and closely related new filings.
We store only your email — no account needed. See our privacy policy.