Network for on demand business
Original Publication Date: 2004-Apr-19
Included in the Prior Art Database: 2004-Apr-19
Network for on deman business is a network system that enables users in mixed business role communicates and provide service access over a virtualized network which embraces different carrier services, and select a carrier service based on service level and sucurity requirement for corresponding business groups. This system suites for communication requirements that demands variable security and business needs for various type of business roles.
Network for on demand business
Disclosed is a system, which provides communications between users in different business roles, and corresponding services systems for the roles through controlled access path using communications carrier services of selected Service Level, with appropriate security and integrity.
The principle of the systems is based on the following method;
1. A group of users in a same business role, e.g. companies employee, temporary workers or business partners, have access into permitted Virtual LAN after the user authentication and network access authorization.
2. Path selection function selects a communications path pre-defined based on the type of the access communications and carrier services graded with defined service levels.
3. The path provides users on the Virtual LAN a connection to the corresponding Virtual LAN on which the service systems for the group of the business role in the Data Center.
4. Different communications of different business applications in the same business role have communication path of differentiated service level, i.e. different carrier services.
Fig.1 Concept Diagram
Network Control provides three major functions; the first is Virtual LAN with user authentication and authorization, the second is Path Selection with Path Control Table, and the third is Path Control. Users access is controlled into authorized Virtual LAN and kept security and integrity between different business groups, i.e. different business role.
Service Zone (Employee)
Service Zone (Partner)
VPN Service-A VPN Service-B
Path Selection accepts communications request from users, selects service-level-differentiated communications path using Path Table, and destined the request to the corresponding gateway to the specified carrier services. Path Control establish a communications path through the carrier service network with proper security attributes, e.g. IPsec tunnel, GRE tunnel or tunnel which uses other protocols, depending on the type of the security of the carrier networks. In the destined location, Path Selection forwards the request to the corresponding Virtual LAN looking up the originating Virtual LAN in Path Control Tables, thus establishing logical end-to-end communication path between user groups.
Fig.2 System Overview
Virtual LAN A-1 Virtual LAN A-2
Virtual LAN HUB
IEEE 802.1q LAN
Path Control A-P-1
Path Control A-P-2
Path Control A-P-3
Path A-1-1 Path A-2-2 Path A-1-3 Path A-2-3
IPsec Tunnel GRE Tunn...