Dismiss
InnovationQ will be updated on Sunday, Oct. 22, from 10am ET - noon. You may experience brief service interruptions during that time.
Browse Prior Art Database

A Secure Communication Method Between Public Cloud and Enterprise Intranet Server

IP.com Disclosure Number: IPCOM000243517D
Publication Date: 2015-Sep-29
Document File: 7 page(s) / 96K

Publishing Venue

The IP.com Prior Art Database

Abstract

This disclosure provides a secure communication method between Public Cloud and Enterprise Intranet Server. In our invention, we provide a buffer pool and a filter in the Public Cloud side. The requests from the extranet users will be all placed into this buffer pool firstly. The filter is responsible for filtering all these requests. Then these filtered requests will be sent to the Enterprise Intranet Server in a package at a certain frequency. The responses from the Enterprise Intranet Server will be directly fed back to the related extranet users respectively.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 52% of the total text.

Page 01 of 7

A Secure Communication Method Between Public Cloud and Enterprise Intranet Server

Nowadays, many Public Cloud products can provide a mechanism to expose the APIs of Enterprise Intranet Server to the extranet users to call. However, most of the Public Cloud products provide this service by just letting the extranet users to directly call these APIs . In this way, malicious calls to these APIs would happen, for example, hackers write a script to call APIs provided by one particular server many times in a short period of time, which will bring performance problem to the Enterprise Intranet Server, influences its normal operation or even leads to the server's crash.

This disclosure will provide a more secure method for the Enterprise Intranet Server APIs to be called by the extranet users through Public Cloud.

Core Idea: In our invention, we provide a buffer pool and a filter in the Public Cloud side. The requests from the extranet users will be all placed into this buffer pool firstly. The filter is responsible for filtering all these requests, such as removing the invalid requests, wiping off the malicious ones and so on, and to clean the pool. Then these filtered requests will be sent to the Enterprise Intranet Server in a package at a certain frequency. The responses from the Enterprise Intranet Server will be directly fed back to the related extranet users respectively.

Advantages:

In our invention, extranet users could not call the enterprise APIs directly through the cloud platform, instead, their requested will be filtered in the cloud side firstly. Also, cloud side will only send one long record to the enterprise side regularly, instead of sending each request individually on demand. Malicious calls will be refused and server pressure will be reduced.

Our disclosure introduced a more secure way to communicate between the End User, Cloud Platform and Enterprise Servers. The concept view of our disclosure is shown in FIG.1.

Before the system's operation, all Enterprise APIs as well as the the Request Handler must be registered in the cloud side. Three tables are defined for these APIs and the Request Handler. Enterprise Application Table defines all applications that expose APIs to the Cloud Platform, which is shown in FIG.2. Every application should specify how to handle the requests belonging to it. Request Handler Table defines the request handler policies, including which API should handle the requests and the executing cycle(Check Interval) , which is shown in FIG.3. Enterprise API Table defines all the APIs, including the APIs which should be called by the Request Handler, which is shown in FIG.4. Also it should define the format of the input parameters for syntax check.

Preparation Work:


1. Register Enterprise Applications/APIs and corresponding Request Handlers in the cloud platform.


2. Allocate one Request Pool and Request Trash for each application.

1



Page 02 of 7

How the system operates:


1....