Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Protection at a particular protocol layer
Reexamination Certificate
2000-03-15
2004-08-31
Peeso, Thomas R. (Department: 2132)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Protection at a particular protocol layer
C713S152000, C713S168000, C713S182000, C713S189000, C713S193000
Reexamination Certificate
active
06785819
ABSTRACT:
TECHNICAL FIELD
The present invention relates to a service supplying method between computer systems such as LAN (local area network) connected via an internet or a public channel and a computer system that uses the service supplying method. The computer system and the service supplying method of the present invention supplies a service safely and smoothly to a user, and this is made possible by the agent method.
BACKGROUND ART
Recently, a computer system that uses LAN is commonly being adopted in organizations. Commonly, a plurality of LANs located in various locations in an organization's interoffice network are connected altogether to form an intranet. Extending further, an extranet which includes the organization's allied companies to form a network altogether is also becoming widespread.
There are various ways to connect a plurality of LANs located in various locations. To give one example, there is a case of using a low-cost internet instead of a leased line. In this case, access from outside should be regulated, so a firewall is generally set at a boundary of outside and inside of the network. This helps to increase the safety factor inside the LANs. The firewall is a technique which only permits access from outside to a specific location or to a specific application of the LAN. An example of this technique is disclosed in Japanese unexamined patent publication HEI 7-87122.
Specifically, the firewall is mostly used in a system which only allows SMTP (simple mail transfer protocol), which is an electronic mail transfer protocol, to pass through. In this case, only an electronic mail message can pass through the firewall. As other examples, there are a system which allows HTTP (hyper text transfer protocol) to pass through, which is a data communication protocol of WWW (world wide web), a system which allows a CORBA (common object request broker architecture) communication protocol IIOP (internet inter-ORB protocol) to pass through, and a system which allows a communication protocol such as RMI prepared by JAVA processing system to pass through.
In a network computer system, services under a LAN environment such as file sharing, printing to common printer, or use of CPU server cannot be adopted because of the firewall.
Accordingly, in cases when one wishes to obtain a certain data or a program from other location, then the one can only rely on someone at the other location to transmit a required data or the program using an independent channel, or the one can only rely on a method of mailing media such as a tape.
The present invention attempts to eliminate disadvantages of conventional techniques such as those described above. An objective of the present invention is to request from outside via the internet for the services of computer system such as LAN where the firewall is being installed, and aims to supply a method to safely and smoothly receive the services.
A detailed example of the agent method adopted in the present invention is disclosed in Japanese unexamined patent publication HEI 7-182174 (corresponding to Japanese application U.S. Pat. No. 5,603,031 by General Magic Inc., U.S. company). An agent moves between agent processing systems responding to its needs. That is, the agent is configured to execute processing based on a data and a processing procedure stored in itself.
Also, as a related technique, a technique to set a delivery destination database and to manage the database in one-dimension in order to deliver an electronic mail to a plurality of LANs connected to the internet via the firewalls is disclosed in U.S. Pat. No. 005632011A. This system is configured to transmit an updated data of the delivery destination database as an electronic mail message.
DISCLOSURE OF THE INVENTION
According to one aspect of the present invention, an agent method for transferring an agent inside a network system including a first computer system having an access control unit which allows access in case of meeting a pre-determined communication condition and a second computer system, comprises steps of:
authenticating the second computer system for transmitting the agent, and transmitting the pre-determined communication condition of the first computer system to the authenticated second computer system;
receiving and storing the pre-determined communication condition, creating the agent, and transmitting the agent according to the pre-determined communication condition by the second computer system; and
receiving the agent via the access control unit and executing the agent by the first computer system.
According to another aspect of the present invention, the agent method further comprises a step of authenticating an agent issuing user.
According to another aspect of the present invention, the agent method includes the first computer system which can use a plurality of information exchanging methods. The agent method further comprises a step of selecting an information exchanging method based on an attribute of the information exchanging method of the first computer system by the second computer system.
According to another aspect of the present invention, the agent method includes the first computer system which has a plurality of agent processing systems that can execute the agent. The step of creating the agent includes a step of selecting the agent processing system based on an attribute of the agent processing system and a step of writing an identification information of the selected agent processing system to a part of the agent. The step of executing the agent includes a step of reading the identification information of the selected agent processing system and a step of transferring the agent to an agent processing system specified by the identification information.
According to another aspect of the present invention, the agent method includes the step of creating the agent including a step of writing an identification information of an agent issuing user to a part of the agent. The step of executing the agent includes a step of reading the identification information of the agent issuing user and a step of accessing a service according to an access right of the agent issuing user specified by the identification information.
According to another aspect of the present invention, the agent method further comprises a step of transmitting an agent execution status by the first computer system and a step of receiving the agent execution status by the second computer system.
According to another aspect of the present invention, the agent method further comprises a step of encrypting at least a part of the agent by the second computer system, and a step of decrypting the encrypted part of the agent by the first computer system.
According to another aspect of the present invention, the agent method further comprises a step of combining the predetermined communication conditions of a plurality of the first computer systems.
According to another aspect of the present invention, the agent method includes a second computer system which can use a plurality of information exchanging methods. The agent method further comprises a step of storing an agent transmission log including an identification information of the information exchanging method used in transmitting the agent, and a step of selecting the information exchanging method based on the agent transmission log by the second computer system.
According to another aspect of the present invention, the agent method includes the step of authenticating the second computer system includes a step of authenticating by a third party authenticating center.
According to another aspect of the present invention, the agent method further comprising a step of transmitting an user authentication data, and a step of receiving and storing the user authentication data by a plurality of the second computer systems, wherein the step of authenticating the agent issuing user includes a step of reading the user authentication data by the second computer system.
According to another aspect of the present invention, the agent method fu
Birch & Stewart Kolasch & Birch, LLP
Mitsubishi Denki Kabushki Kaisha
Peeso Thomas R.
LandOfFree
Agent method and computer system does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Agent method and computer system, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Agent method and computer system will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3346135