System and method for globally and securely accessing unified information in a computer network

Abstract

A client stores a first set of workspace data, and is coupled via a computer network to a global server. The client may be configured to synchronize portions of the first set of workspace data with the global server, which stores independently modifiable copies of the portions. The global server may also store workspace data which is not downloaded from the client, and thus stores a second set of workspace data. The global server may be configured to identify and authenticate a user seeking global server access from a remote terminal, and is configured to provide access to the first set or to the second set. Further, services may be stored anywhere in the computer network. The global server may be configured to provide the user with access to the services. The system may further include a synchronization-start module at the client site (which may be protected by a firewall) that initiates interconnection and synchronization with the global server when predetermined criteria have been satisfied.

Description

CROSS-REFERENCE TO RELATED APPLICATIONS [0001] This application claims priority to and incorporates by reference parent application U.S. patent application Ser. No. 08 / 903,118, entitled “System And Method For Globally And Securely Accessing Unified Information In A Computer Network” of Daniel J. Mendez, Mark D. Riggins, Prasad Wagle, Hong Q. Bui, Mason Ng, Sean Michael Quinlan, Christine C. Ying, Christopher R. Zuleeg, David J. Cowan, Joanna A. Aptekar-Strober and R. Stanley Bailes, which is a continuation-in-part of co-pending patent application entitled “System and Method for Globally Accessing Computer Services,” Ser. No. 08 / 766,307, filed on Dec. 13, 1996, by inventors Mark D. Riggins, R. Stanley Bailes, Hong Q. Bui, David J. Cowan, Daniel J. Mendez, Mason Ng, Sean Michael Quinlan, Prasad Wagle, Christine C. Ying, Christopher R. Zuleeg and Joanna A. Aptekar-Strober; and of co-pending patent application entitled “System and Method for Enabling Secure Access to Services in a Compu...

AI Technical Summary

Benefits of technology

[0012] A client stores a first set of workspace data, and is coupled via a computer network to a global server. The client is configured to synchronize selected portions of the first set of workspace data (comprising workspace elements) with the global server, which stores independently modifiable copies of the selected portions. The global server may also store workspace data not received from the client, such as e-mail sent directly to the global server. Accordingly, the global server stores a second set of workspace data. The global server is configured to identify and authenticate a user attempting to access it from a remote terminal, and is configured to provide access based on the client configuration either to the first set of workspace data stored on the client or to the second set of workspace data stored on the global server. It will be appreciated that the global server can manage multiple clients and can synchronize workspace data between clients.

[0017] The system and methods of the present invention advantageously provide a secure globally accessible third party, i.e. the global server. The system and methods provide a secure technique for enabling a user to access the global server and thus workspace data remotely and securely. Because of the global firewall and the identification and security services performed by the global server, corporations can store relatively secret information on the global server for use by authorized clients. Yet, the present invention also enables corporations to maintain only a portion of their secret information on the global server, so that there would be only limited loss should the global server be compromised. Further, the global server may advantageously act as a client proxy for controlling access to services, logging use of keys and logging access of resources.

[0018] A client user who maintains a work site, a home site, an off-site and the global server site can securely synchronize the workspace data or portions thereof among all four sites. Further, the predetermined criteria (which control when the synchronization-start module initiates synchronization) may be set so that the general synchronization module synchronizes the workspace data upon user request, at predetermined times during the day such as while the user is commuting, or after a predetermined user action such as user log-off or user log-on. Because the system and method operate over the Internet, the system is accessible using any connected terminal having a web engine such as an internet-enabled smart phone, television settop (e.g., web TV), etc. and is accessible over any distance. Since the system and method include format translation, merging of workspace elements between different application programs and different platforms is possible. Further, because synchronization is initiated from within the firewall, the typical firewall, which prevents in-bound communications and only some protocols of out-bound communications, does not act as an impediment to workspace element synchronization.

[0020] The present invention may further benefit the roaming user who needs emergency access to information. The roaming user may request a Management Information Systems (MIS) director controlling the client to provide the global server with the proper keys to enable access to the information on the client. If only temporary access is desired, the keys can then be later destroyed either automatically or upon request. Alternatively, the MIS director may select the needed information as workspace elements to be synchronized and may request immediate synchronization with the global server. Accordingly, the global server and the client can synchronize the needed information, and the user can access the information from the global server after it has completed synchronization.

Problems solved by technology

A roaming user, i.e., a user who travels and accesses a workstation remotely, is faced with several problems.

However, slow computers and slow communication channels make downloading large files and programs a time-consuming process.

Further, downloading files and programs across insecure channels severely threatens the integrity and confidentiality of the downloaded data.

For example, when maintaining multiple independently modifiable copies of a document, a user risks using an outdated version.

By the time the user notices an inconsistency, interparty miscommunication or data loss may have already resulted.

The problem of data inconsistency is exacerbated when multiple copies of a document are maintained at different network locations.

Without access to the other sites, the user cannot confirm that the version on the accessible site is the most recent draft.

Data consistency problems may also arise when using application programs from different vendors.

However, since each web engine uses different formats and stores bookmarks in different files, the bookmarks are not interchangeable.

A user who, for example, runs the Internet Explorer™ web engine at home and runs the Netscape Navigator™ web engine at work risks having inconsistent bookmarks at each location.

Images