| US 7,502,754 B2 | ||
| Secure web server system for unattended remote file and message transfer | ||
| Eric Campbell, Rye, N.H. (US); Robert F Hoffman, Baldwin, N.Y. (US); Robert Maloney, Jr., Massapequa Park, N.Y. (US); Maris N Lemanis, Smithtown, N.Y. (US); and Andrew Mintzer, Fort Salonga, N.Y. (US) | ||
| Assigned to Bottomline Technologies (DE), Inc., Portsmouth, N.H. (US) | ||
| Filed on Nov. 01, 2004, as Appl. No. 10/979,045. | ||
| Application 10/979045 is a continuation in part of application No. 10/879233, filed on Jun. 29, 2004. | ||
| Application 10/879233 is a continuation in part of application No. 10/139596, filed on May 06, 2002. | ||
| Application 10/139596 is a continuation in part of application No. 10/041513, filed on Jan. 08, 2002, abandoned. | ||
| Prior Publication US 2005/0086298 A1, Apr. 21, 2005 | ||
| Int. Cl. G06Q 40/00 (2006.01) | ||
| U.S. Cl. 705—35 [709/227; 709/228; 709/229; 380/255; 380/277] | 4 Claims |
| 1. A system for secure automated transfer of files between a database and a remote file transfer client over a network the
Internet, the system comprising:
a local area network;
the database:
wherein the database is coupled to the local area network; and
wherein the database comprises the transfer tables;
a computer hardware system:
wherein the computer hardware system is coupled a second network;
wherein the second network is coupled to the local area network by an inner firewall and coupled to the Internet by an outer
firewall; and
wherein the computer hardware system includes an encoded hypertext transport protocol (HTTP) server application and an encoded
web services server application;
wherein the HTTP server application is configured to:
provide a web page to an HTTP client over the Internet to obtain user input, wherein said user input comprises:
file transfer event parameters defining each of a plurality of file exchange events; and
identification of the remote file transfer client to which the file transfer event parameters are associated; and
send the file transfer event parameters in association with the identification of the remote file transfer client to the database
over the local area network, wherein the database stores the file transfer event parameters in association with the identification
of the remote file transfer client in the file transfer tables;
wherein the web services server application comprises a plurality of file transfer methods available to the remote file transfer
client making method calls thereto, the plurality of transfer methods comprising:
a session ID method, wherein the session ID method is configured to, in response to receiving a session ID method call from
the remote transfer client that includes authentication credentials of the remote transfer client;
assign a session ID to a web services session with the remote transfer client only if the authentication credentials of the
remote transfer client match those of a valid remote transfer client;
store the session ID in association with identification of the remote transfer client in a user ID table; and
return the session ID to the remote transfer client;
an event definition method, wherein said event definition method is configured to provide, to the remote transfer client,
the file transfer event parameters that are associated with the remote transfer client in response to receiving a method call
from the remote transfer client that includes the session ID returned to the remote transfer client;
a plurality of file exchange methods, wherein each file exchange method begin configured to execute a file exchange event
with the remote transfer client in response to receiving a method call from the remote transfer client that includes file
transfer parameters that define the file exchange event and the session ID returned to the remote transfer client;
a symmetrical key definition method, wherein the symmetrical key method is configured to, in response to receiving a create
key method call from the remote transfer client that includes a client public encryption key generated by the remote transfer
client;
calculate a symmetrical encryption key for use with a predetermined symmetrical encryption algorithm from the client public
encryption key and a server private encryption key; and
return a server public encryption key to the remote transfer client as a message encrypted using the predetermined symmetrical
encryption algorithm and the client public encryption key;
wherein, each method call from the remote transfer client is packaged as a message sent over the Internet and encrypted using
the predetermined symmetrical encryption algorithm and the symmetrical encryption key;
wherein, each response to the remote transfer client is packaged as a message sent over the Internet and encrypted using the
predetermined symmetrical encryption algorithm and the symmetrical encryption key;
wherein symmetrical encryption key comprises both:
a remainder of the server private encryption key raised to a power of the client public encryption key, divided by a predetermined
prime integer; and
a remainder of the client private encryption key raised to a power of the server public encryption key, divided by the predetermined
prime integer;
wherein, the server private encryption key is an integer value generated by the web services server;
wherein, the server public encryption key is the remainder of a predetermined generator value raised to the power of the server
private encryption key, divided by the predetermined prime integer;
wherein, the client private encryption key is an integer value generated by the remote transfer client; and
wherein the client public encryption key is the remainder of the predetermined generator value raised to the power of the
client private encryption key, divided by the predetermined prime integer.
|