Software diagnosis using transparent decompilation
US-2021149788-A1 · May 20, 2021 · US
Broker-mediated connectivity for third parties
US11570269B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-11570269-B2 |
| Application number | US-202017008891-A |
| Country | US |
| Kind code | B2 |
| Filing date | Sep 1, 2020 |
| Priority date | Sep 1, 2020 |
| Publication date | Jan 31, 2023 |
| Grant date | Jan 31, 2023 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Methods and systems are disclosed for providing third party connectivity to installed software at a customer site through a broker infrastructure. A uniform facility for powerful and secure third party access to customer software installations is provided. Multiple TCP-based session types including source code debug and database sessions are supported. A target backend and session type are selected by an authorized agent logged into the broker infrastructure. A communication session is established between environments of the agent's frontend tool and the backend. The agent can perform maintenance or troubleshooting on the backend using the full capabilities of the frontend tool. Data exchange between frontend and backend utilizes TCP connections within the communication session, and is mediated by a connectivity framework within the broker infrastructure. Customer control over access to target backends is supported.
First claim
Opening claim text (preview).
We claim: 1. A system comprising: a broker computing environment, comprising one or more computer processors with memory coupled thereto and one or more network interfaces, wherein the broker computing environment is separately coupled to a target computing environment and a partner computing environment over respective first and second networks; a remote connectivity portal implemented in the broker computing environment and configured to: authenticate a remote agent; provide the authenticated remote agent with access to resources within the broker computing environment for selecting an application instance in the target computing environment and initiating a session request; present the authenticated remote user with a menu listing a plurality of available application instances, wherein the presented available application instances are restricted to application instances for which the authenticated remote agent is authorized, wherein authorizations of the application instances for the authenticated remote user are configured at least in part by a customer-side agent; and receive, from the authenticated remote agent, an indication of the selected application instance from the menu; and a remote connectivity framework implemented in the broker computing environment and configured to respond to the session request from the authenticated remote agent by: initiating a first secure link with the target computing environment; and initiating a second secure link with the partner computing environment; joining the first and second secure links to establish a secure duplex communication session between the partner and target computing environments. 2. The system of claim 1 , wherein the remote connectivity framework is further configured to forward, between a frontend application in the partner computing environment and a backend application in the target computing environment, requests to establish connections within the secure duplex communication session and to forward data over the established connections. 3. The system of claim 1 , further comprising a remote connectivity gateway implemented in the partner computing environment and configured to provide an endpoint for the second secure link within the partner computing environment. 4. The system of claim 1 , wherein the secure duplex communication session is a first secure session, and the target computing environment is a first target computing environment; and wherein the remote connectivity framework is configured to concurrently support a plurality of secure sessions, including the first secure session, between: respective remote computing environments, including the partner computing environment and at least a second remote computing environment, and respective target computing environments, including the first target computing environment. 5. A computer-implemented method for managing a session request, comprising: by a remote connectivity portal implemented in a broker computing environment, wherein the broker computing environment is separately coupled to a target computing environment and a partner computing environment over respective first and second networks: presenting, to an agent of the partner computing environment, a plurality of available session types including a source code debug session type and a database session type; receiving, from the agent of the partner computing environment, a selection of a session type from among the plurality of available types; by a remote connectivity framework implemented in the broker computing environment: initiating a first secure link with the target computing environment; initiating a second secure link with the partner computing environment; and joining the first and second secure links to establish a secure duplex communication session, having the selected session type, between the partner and target computing environments. 6. The computer-implemented method of claim 5 , further comprising, by the broker computing environment: forwarding a first request for establishing a connection within the secure duplex communication session, received from a partner application at the partner computing environment through the first secure link, to a target application instance at the target computing environment through the second secure link; and forwarding data traffic between the partner application and the target application instance over the established connection. 7. The computer-implemented method of claim 5 , wherein: the selected session type is the source code debug session type; and the secure duplex communication session enables the agent to perform live source code debugging at the target computing environment, from the partner computing environment. 8. The computer-implemented method of claim 7 , wherein the target application instance is selected from among a plurality of available application instances by the agent and the plurality of available application instances is restricted to application instances for which the agent is authorized. 9. The computer-implemented method of claim 8 , wherein a second instance of the available application instances, distinct from the target application instance, is located within a second computing environment, distinct from the target computing environment. 10. The computer-implemented method of claim 5 , wherein the plurality of available types conform to respective TCP-based protocols. 11. The computer-implemented method of claim 5 , wherein the selected session type is the database session type, and the secure duplex communication session is an interactive database session. 12. The computer-implemented method of claim 5 , wherein the plurality of available session types is restricted to types for which the agent is authorized. 13. The computer-implemented method of claim 5 , wherein links between the broker computing environment and the partner computing environment, including the first secure link, are restricted to links initiated from the broker computing environment. 14. The computer-implemented method of claim 5 , further comprising: closing the secure duplex communication session, from within the broker computing environment, when work of the secure duplex communication session is complete. 15. The computer-implemented method of claim 5 , wherein: the selected session type is the database session type or the source code debug session type. 16. One or more non-transitory computer-readable media storing executable instructions for a broker computing environment comprising one or more computer processors with memory coupled thereto and one or more network interfaces, wherein the broker computing environment is separately coupled to a target computing environment and a partner computing environment over respective first and second networks, and the instructions comprise: first instructions which, when executed in the broker computing environment, implement a remote connectivity portal configured to: authenticate a remote client; receive a selection of a target application in a target computing environment from the remote client; and send notifications to the remote client; and second instructions which, when executed in the broker computing environment, implement a remote connectivity framework configured to: initiate a secure link with a gateway in a remote partner computing environment, responsive to the selection of the target application; forward a request, received from a support application in the remote partner computing environment via the secure link, to the target computing environment, for e
Assignees
Inventors
Classifications
Setup of application sessions (admission control or resource allocation in data switching networks H04L47/70) · CPC title
Arrangements for connecting between networks having differing types of switching systems, e.g. gateways · CPC title
- H04L67/562Primary
Brokering proxy services · CPC title
Markers for unambiguous identification of a particular session, e.g. session cookie or URL-encoding · CPC title
Implementation or adaptation of Internet protocol [IP], of transmission control protocol [TCP] or of user datagram protocol [UDP] · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11570269B2 cover?
- Methods and systems are disclosed for providing third party connectivity to installed software at a customer site through a broker infrastructure. A uniform facility for powerful and secure third party access to customer software installations is provided. Multiple TCP-based session types including source code debug and database sessions are supported. A target backend and session type are sele…
- Who is the assignee on this patent?
- Sap Se
- What technology area does this patent fall under?
- Primary CPC classification H04L67/562. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Jan 31 2023 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 7 related publications on this page (citations in our corpus or others sharing the same primary CPC).