Electrical computers and digital processing systems: multicomput – Distributed data processing – Processing agent
Reexamination Certificate
1997-02-13
2001-01-09
Dinh, Dung C. (Department: 2757)
Electrical computers and digital processing systems: multicomput
Distributed data processing
Processing agent
C709S217000, C709S241000
Reexamination Certificate
active
06173311
ABSTRACT:
COPYRIGHT NOTIFICATION
Portions of this patent application contain materials that are subject to copyright protection. The copyright owner has no objection to the facsimile reproduction by anyone of the patent document, or the patent disclosure, as it appears in the Patent and Trademark Office.
FIELD OF THE INVENTION
This invention generally relates to improvements in computer systems, and more specifically, to improved servicing of client requests on a network.
BACKGROUND OF THE INVENTION
An internet is a group of networks and individual computers communicating via a common protocol. The Internet is a world-wide “network of networks” that use the TCP/IP (Transmission Control Protocol/Internet Protocol) protocol suite for communications. TCP/IP is a set of protocols and programs used to interconnect computer networks and to route traffic among different types of computers. These protocols describe allowable data formats, error handling, message passing, and communication standards. Computer systems that use TCP/IP speak a common language, regardless of hardware or operating system differences.
Part of the popularity of the TCP/IP protocol suite is due to its ability to be implemented on top of a variety of communications channels and lower-level protocols such as T1 and X.25, Ethernet, and RS-232-controlled serial lines. Most sites use Ethernet connections at local area networks to connect hosts and client systems, and then connect that network via a T1 line to a regional network (i.e., a regional TCP/IP backbone) that connects to other organizational networks and backbones. Sites customarily have one connection to the Internet, but large sites often have two or more connections. Modem speeds are increasing as new communications standards are being approved, thus versions of TCP/IP that operate over the switched telephone network are becoming more popular. Many sites and individuals use PPP (Point-to-Point Protocol) and SLIP (Serial Line IP), to connect networks and workstations to other networks using the switched telephone network.
Many large networks conform to these protocols, including the Internet. Thousands of computers at universities, government agencies, and corporations are connected to a network that follows the TCP/IP protocols. Any machine on the Internet can communicate with any other. Machines on the Internet are referred to as hosts or nodes and are defined by their Internet (or IP) address.
The Internet was created initially to help foster communication among government-sponsored researchers. Throughout the 1980's, the Internet grew steadily to include educational institutions, government agencies, commercial organizations, and international organizations. In the 1990's, the Internet has undergone phenomenal growth, with connections increasing faster than any other network ever created (including the telephone network). Many millions of users are now connected to the Internet, with roughly half being business users. The Internet is being used as the basis for the National Information Infrastructure (NII).
Many organizations are in the process of connecting to the Internet to take advantage of Internet services and resources. Businesses and agencies are now using the Internet or considering Internet access for a variety of purposes, including exchanging e-mail, distributing agency information to the public, and conducting research. Many organizations are connecting their existing internal local area networks to the Internet so that local area network workstations can have direct access to Internet services.
Internet connectivity can offer enormous advantages, however security needs to be a major consideration when planning an Internet connection. There are significant security risks associated with the Internet that often are not obvious to new (and existing) users. In particular, intruder activity, as well as vulnerabilities that could assist intruder activity, are widespread. Intruder activity is difficult to predict and at times can be difficult to discover and correct. Many organizations already have lost productive time and money in dealing with intruder activity; some organizations have had their reputations suffer as a result of intruder activity at their sites being publicized.
A firewall system is one technique that has proven highly effective for improving the overall level of site security. A firewall system is a collection of systems and routers logically placed at a site's central connection to a network. A firewall system can be a router, a personal computer, a host, or a collection of hosts, set up specifically to shield a site or intranet from protocols and services that can be abused from hosts outside the intranet. A firewall system is usually located at a higher-level gateway, such as a site's connection to the Internet; however, firewall systems can be located at lower-level gateways to provide protection for some smaller collection of hosts or intranets. A firewall forces all network connections to pass through the gateway, where they can be examined and evaluated, and provides other services such as advanced authentication measures to replace simple passwords. The firewall may then restrict access to or from selected systems, or block certain services, or provide other security features. The main purpose of a firewall system is to control access to or from a protected network (i.e., a site). It implements a network access policy by forcing connections to pass through the firewall, where they can be examined and evaluated.
The general reasoning behind firewall usage is that, without a firewall, an intranet's systems expose themselves to inherently insecure services and to probes and attacks from hosts elsewhere on the network. A firewall provides numerous advantages to sites by helping to increase protection from vulnerable services, controlled access to site systems, concentrated security, enhanced privacy, logging and statistics on network use, and misuse policy enforcement. In a firewall-less environment, network security relies totally on host security and all hosts must, in a sense, cooperate to achieve a uniformly high level of security. The larger the intranet, the less manageable it is to maintain all hosts at the same level of security. As mistakes and lapses in security become more common, break-ins occur, not as the result of complex attacks, but because of simple errors in configuration and inadequate passwords.
A firewall provides the means for implementing and enforcing a network access policy. In effect, a firewall provides access control to users and services. Thus, a network access policy can be enforced by a firewall. One problem is that Intranets that have a significant number of clients deployed often overwhelm the throughput capacity of the firewall.
A proxy server in general is a process that provides a cache of items available on other servers which are presumably slower or more expensive to access.
More specifically, a caching proxy server is used for a World-Wide Web server which accepts uniform resource locators (URLs) with a particular prefix. When it receives a request for such a URL, it strips off the prefix and looks for the resulting URL in its local cache. If found, it returns the document immediately, otherwise it fetches it from the remote server on the Internet, saves a copy in the cache and returns it to the requester. The cache will usually have an expiry algorithm which flushes documents according to their age, size, and access history. Caching proxy servers are often implemented to alleviate the problem of firewalls or proxy gateway servers that are overwhelmed by requests.
In comparison, a proxy gateway server is a computer and associated software which will pass on a request for a URL from a Internet browser to an outside server and return the results. This provides clients on Intranets a trusted agent that can access the Internet on their behalf. The proxy gateway is transparent to the client. A proxy gateway is a server that simply forwards requests from clients or other
Collins Harry
Dayal Vibha
Hassett Gregory P.
Blakely & Sokoloff, Taylor & Zafman
Dinh Dung C.
PointCast, Inc.
LandOfFree
Apparatus, method and article of manufacture for servicing... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Apparatus, method and article of manufacture for servicing..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Apparatus, method and article of manufacture for servicing... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2460718