WO2004030308A1 - Method for transferring, data, e.g. emails, from a computer protected by a firewall to an external device, e.g. a mobile terminal - Google Patents

Method for transferring, data, e.g. emails, from a computer protected by a firewall to an external device, e.g. a mobile terminal Download PDF

Info

Publication number
WO2004030308A1
WO2004030308A1 PCT/DK2002/000674 DK0200674W WO2004030308A1 WO 2004030308 A1 WO2004030308 A1 WO 2004030308A1 DK 0200674 W DK0200674 W DK 0200674W WO 2004030308 A1 WO2004030308 A1 WO 2004030308A1
Authority
WO
WIPO (PCT)
Prior art keywords
firewall
computer
external device
external
data
Prior art date
Application number
PCT/DK2002/000674
Other languages
French (fr)
Inventor
Paul Natorp
Lars Houbak
Thomas Ravnholt
Original Assignee
Mobilethink A/S
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Mobilethink A/S filed Critical Mobilethink A/S
Priority to AU2002342591A priority Critical patent/AU2002342591A1/en
Publication of WO2004030308A1 publication Critical patent/WO2004030308A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L51/00User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
    • H04L51/58Message adaptation for wireless communication

Definitions

  • the present invention relates to a method of providing secure access from mobile devices to corporate data, such as e-mails, residing behind a firewall.
  • the method according to the first aspect secures:
  • the secured connection through the firewall is established as a result of an automatically generated HTTP-request by a client application through the firewall from the firewall-protected computer to the external computer.
  • the secured connection through the firewall is established through port 80 of the firewall.
  • Data may be provided from the firewall-protected computer to the external computer in response to a command being received by the firewall- protected computer from the server application running on the external computer, the command being a result of the request from the external device to the external computer.
  • the data provided from the firewall-protected computer to a external computer is encrypted data - for example by using SSL.
  • the secured connection through the firewall is established via a network, such as the Internet.
  • the firewall-protected computer may be a server or a personal computer.
  • the external network may comprise a wireless network, such as a GSM network.
  • the external device is capable of running a client application so that data, such as e-mails, delivered from the external computer to the external device may be delivered through a service based on the POP3 protocol, and wherein e-mails delivered from the external device to the external computer are delivered through a service based on the SMTP protocol.
  • the external device may comprise a mobile device selected from the group consisting of: mobile phones, laptops, handheld devices, such as a PDAs, or any combination thereof.
  • the external computer is adapted to run a server application for supporting a client application running on the external device.
  • the external device is capable of running a browser.
  • the external device may be selected from the group consisting of: mobile phones, computers, such as laptops, handheld devices, such as a PDAs, or any combination thereof.
  • the external network comprises a wired network, such as the Internet.
  • the external device is capable of running a client application.
  • Data delivered from the external computer to the external device may be delivered through a service based on the POP3 protocol, and wherein e-mails delivered from the external device to the external computer are delivered through a service based on the SMTP protocol.
  • the external device may comprise a computer selected from the group consisting of: personal computers, laptops, handheld devices, such as a PDAs, or any combination thereof.
  • the data delivered to the external device in any of the above-mentioned embodiments comprises emails.
  • the present invention relates to a method of distributing a mobile Internet service to an external device associated with a user, the method comprising the steps of:
  • the external device comprises a mobile device selected from the group consisting of: mobile phones, laptops, handheld devices, such as a PDAs, or any combination thereof.
  • a mobile device selected from the group consisting of: mobile phones, laptops, handheld devices, such as a PDAs, or any combination thereof.
  • the userid may comprise the mobile telephone number of a mobile phone.
  • the step of installing the client application on the firewall-protected computer is performed using a secured connection through the firewall between the firewall- protected computer and the external computer.
  • figure 1 shows an overview of the overall system
  • figure 2 illustrates the architecture of the system
  • figure 3 illustrates the data transmission security
  • the present invention provides a mobile Internet business solution that provides secure access from mobile devices to corporate data residing behind a firewall. Such corporate data may be e-mails.
  • the solution according to the present invention requires no server installation and supports all standard POP3 e-mail clients and WAP clients on mobile devices. This is made possible through the unique technology of the present invention, which combines an e- mail service provided from a server on the Internet with a secure delivery method through a client application installed on a PC behind the firewall.
  • MBC Mobile Business Connector
  • the MBC Server retrieves e-mails from the firewall protected PC. E-mails are then delivered to the mobile device through a POP3 e-mail service.
  • the mobile device connects to the MBC Server using a POP3 e-mail client and receives e-mails from the firewall protected PC running the MBC Desktop Client.
  • the architecture of the technical solution is illustrated in figure 2. In the following sections, reference will be made to boxes A, B and C or figure 2.
  • a - MBC Desktop Client the MBC Desktop Client is typically a Windows application that is installed on the PC behind the firewall.
  • the application connects to Microsoft Outlook using a MAPI interface (Microsoft Application Developer Interface) and accesses e-mails from Outlook.
  • MAPI interface Microsoft Application Developer Interface
  • the MBC Desktop Client establishes a secure connection between the firewall protected PC and the MBC Server by sending HTTP-requests through the firewall to the MBC Server.
  • HTTP is a protocol used for sending and receiving data over the Internet, e.g. HTML-pages that are viewed through a web-browser are sent over the Internet using HTTP.
  • Commands to be executed by the MBC Desktop Client e.g. to deliver e-mails from the Outlook inbox to the MBC Server
  • the MBC Server is running a number of services, which allows it to deliver e-mails from the firewall protected PC to an external device, such as a mobile device, such as a mobile phone.
  • the MBC Server is running POP3 and SMTP services for receiving and sending e-mails from e-mail clients on external devices.
  • the mobile device sees the MBC Server as an ordinary e-mail server and connects to the POP3 service and the SMTP service using a standard e-mail client application.
  • the server works as a virtual mail server between the MBC Desktop Client and the external device.
  • an external device contacts the server to retrieve e-mails using the POP3 protocol
  • the server posts a command for the MBC Desktop Client to deliver all unread e-mail messages from the Outlook inbox on the PC.
  • the command is collected from the server and executed on the PC.
  • the server When sending e-mails from an external device using the SMTP protocol, the server will post the entire message to be collected by the MBC Desktop Client running on the firewall protected PC. The message is subsequently placed in the Outlook outbox on the PC and sent as any other ordinary e-mail. No e-mails are stored on the MBC Server. With every request from an external device, e-mails are retrieved from the firewall protected PC, delivered to the external device and subsequently deleted from the MBC Server.
  • any external device containing an e-mail client application can connect to the MBC Server and retrieve e-mails from a firewall protected PC with MBC Desktop Client installed.
  • External devices without e-mail clients can connect to the MBC Server using a WAP application, which is provided as part of the MBC solution.
  • the MBC solution solves all the three issues through the unique technology in the MBC Desktop Client and the MBC Server.
  • the secure gateway - the MBC Desktop Client establishes a secure connection between the firewall protected PC and the MBC Server.
  • General firewall configurations place restrictions on all incoming traffic. Direct access from a mobile device to the corporate mailbox is therefore not possible.
  • the communication is based on outgoing traffic.
  • the MBC Desktop Client is communicating with the MBC Server by sending outgoing HTTP requests through port 80 of the corporate firewall. Since the same protocol and port number is being used for browsing the Internet, general firewall configurations allow the MBC Desktop Client to connect to the MBC Server.
  • the MBC Desktop Client is using the outgoing HTTP requests to listen for commands that trigger actions to be performed on the PC.
  • the MBC Server places a new command for the MBC Desktop Client. With the following request received from the MBC Desktop Client the command will trigger delivery of unread e-mail messages from the Outlook inbox on the PC.
  • the MBC Server acts as a virtual mail server between the PC with the MBC Desktop Client installed and the e-mail client on an external device. But unlike an ordinary POP3 mail server, the MBC Server does not store any e-mails.
  • the MBC Server When the MBC Server receives a request from an e-mail client, the request is processed by the MBC Server and sent to the MBC Desktop Client running on the PC of the user. While the e-mail client on the external device is holding an open session, unread e-mails are delivered from the Outlook inbox to the MBC Connection Server and again from the POP3 service of the MBC Server to the external device. After delivery to the mobile device all e-mails are deleted from the MBC Server.
  • the MBC Server is acting as an ordinary mail server supporting the POP3 and SMTP protocols. Since POP3 and SMTP are the most basic standards for receiving and sending e-mails, the solution supports all standard e-mail clients.
  • the solution In order to allow mobile phones without embedded e-mail clients to use MBC, the solution also implements a WAP e-mail client, which can be used on all WAP enabled devices.
  • the MBC solution is designed to allow access to firewall protected e-mails from mobile phones. But the general support for standard e-mail clients means that the solution also supports mobile access to firewall protected e-mails from other external devices like PDA's or laptops.
  • E-mail clients used from external devices implement two levels of security:
  • the e-mail client does not support encryption of data communication between the client and the mail server. E-mails are received and sent unencrypted. In some cases userid and password used for login on the mail server can be encrypted.
  • the e-mail client supports encryption of data communication between the client and the mail server. E-mails are received and sent encrypted if the mail server has implemented support for SSL encryption and the client is configured to use SSL.
  • the MBC service can be used in most IT environments, since the MBC Desktop Client is using a standard HTTPS connection for communication between the desktop PC and the MBC Server.
  • the MBC Desktop Client maintains an outbound-initiated connection through port 80 using standard https.
  • the MBC Desktop Client does not require any change in configuration of the existing network or firewall, because the same kind of connection is used for browsing the world wide web. Because only the out-bound connection is required, there is no "hole" in the firewall and the user can install the MBC Desktop Client and use the service without violating corporate IT security policy.
  • the desktop PC must remain on and the e-mail client open in order to exchange incoming messages between the MBC Desktop Client and Server while the user is away from the office.
  • the registration of a new user starts at the MBC Web Service.
  • the user is requested to enter a mobile phone number (which will be used as username) and choose a password.
  • the system automatically generates a 4-digit activation code, which is sent to the users mobile phone via SMS.
  • the activation code is only used for first time login. Subsequent logins will be based on the username and password entered by the user.
  • the MBC Desktop Client After authentication of the user the MBC Desktop Client can be downloaded and installed on the PC.
  • the MBC Desktop Client When installing the MBC Desktop Client the user is prompted for a valid username and password.
  • the MBC Desktop Client establishes a secure connection to the MBC Server using Secure Socket Layer (SSL). After authentication of the user a unique key containing username and password is generated and a copy is stored in an encrypted hidden file on the PC.
  • SSL Secure Socket Layer

Abstract

The present invention relates to a method of transferring data from a firewall-protected computer to an external device, the method comprising the steps of providing data from the firewall-protected computer to the external computer via a secured connection, temporary storing the provided data on the external computer, delivering the temporary stored data to the external device via an external network, and deleting the temporary stored data from the external computer so that no data provided from the firewall-protected computer to the external computer is stored on the external computer after the data has been successfully delivered to the external device.

Description

Method for transferring, data, e . g . emails , from a computer protected by a firewall to an external device, e .g . a mobile terminal .
FIELD OF THE INVENTION
The present invention relates to a method of providing secure access from mobile devices to corporate data, such as e-mails, residing behind a firewall.
BACKGROUND OF THE INVENTION
Mobile access to data, e.g. e-mails, is of high importance for people spending much time away from their office. Staying connected while travelling has been a very difficult task for companies without being forced to invest a significant amount of money in wireless gateway products in order to obtain mobile access to firewall- protected servers.
At present, most existing mobile data solutions require considerable investments in servers and network infrastructure - a cost that is considered too high by most companies. Or they present the user with significant technical problems that require high technical expertise to overcome.
Mobile operators have worked closely together with IT- integrators to sell and distribute mobile office solutions to large corporations. However, solutions directed towards small and medium sized enterprises have been overlooked since no products have essentially been offered for their needs.
Thus, there is a need for mobile business solutions for small and medium sized enterprises. In order for such solutions to be attractive for small and medium sized enterprises, no additional IT investments and no additional server installation should be required. The solution should be provided directly to the end-user and should enable a fast and hassle-free set-up/configuration of individual wireless access from basically any kind of mobile handset, such as a mobile phone.
It is an object of the present invention to provide a low cost method that provides secure access from mobile devices to corporate data, such as e-mails, residing behind a firewall. It is a further object of the present invention that the above-mentioned method is easy to set-up and configure from e.g. a website.
SUMMARY OF THE INVENTION
The above-mentioned are complied with by providing, in a first aspect, a method of transferring data from a firewall-protected computer to an external device, the firewall protected computer being adapted to run a client application, the method comprising the steps of:
- providing, upon request from the external device to an external computer running a server application, data from the firewall- protected computer to the external computer via a secured connection through the firewall protecting the firewall- protected computer,
- temporary storing the provided data on the external computer,
- delivering, from the external computer, the temporary stored data to the external device via an external network, and
- deleting the temporary stored data from the external computer so that no data provided from the firewall-protected computer to the external computer is stored on the external computer after the data has been successfully delivered to the external device.
The method according to the first aspect secures:
1. mobile access to corporate data residing behind a firewall,
2. easy set-up and configuration from a website, 3. that no server installation is required,
4. automatic configuration of handsets using e.g. over-the-air (OTA) provisioning,
5. support for all WAP or POP3 e-mail enabled mobile phones and PDAs,
6. maximum security by avoiding personal e-mail storage outside of corporation firewall, and 7. advanced profiling of e-mail clients for increased performance. Preferably, the secured connection through the firewall is established as a result of an automatically generated HTTP-request by a client application through the firewall from the firewall-protected computer to the external computer. In a preferred embodiment, the secured connection through the firewall is established through port 80 of the firewall.
Data may be provided from the firewall-protected computer to the external computer in response to a command being received by the firewall- protected computer from the server application running on the external computer, the command being a result of the request from the external device to the external computer.
Preferably, the data provided from the firewall-protected computer to a external computer is encrypted data - for example by using SSL.
The secured connection through the firewall is established via a network, such as the Internet. The firewall-protected computer may be a server or a personal computer.
The external network may comprise a wireless network, such as a GSM network.
In one embodiment, the external device is capable of running a client application so that data, such as e-mails, delivered from the external computer to the external device may be delivered through a service based on the POP3 protocol, and wherein e-mails delivered from the external device to the external computer are delivered through a service based on the SMTP protocol.
The external device may comprise a mobile device selected from the group consisting of: mobile phones, laptops, handheld devices, such as a PDAs, or any combination thereof.
In a second embodiment the external computer is adapted to run a server application for supporting a client application running on the external device. In this second embodiment, the external device is capable of running a browser. The external device may be selected from the group consisting of: mobile phones, computers, such as laptops, handheld devices, such as a PDAs, or any combination thereof.
In a third embodiment, the external network comprises a wired network, such as the Internet. In this third embodiment, the external device is capable of running a client application. Data delivered from the external computer to the external device may be delivered through a service based on the POP3 protocol, and wherein e-mails delivered from the external device to the external computer are delivered through a service based on the SMTP protocol. The external device may comprise a computer selected from the group consisting of: personal computers, laptops, handheld devices, such as a PDAs, or any combination thereof.
Preferably, the data delivered to the external device in any of the above-mentioned embodiments comprises emails.
In a second aspect, the present invention relates to a method of distributing a mobile Internet service to an external device associated with a user, the method comprising the steps of:
- signing up the external device, and providing the user of the external device with a userid and a password for the Internal service through a website, the userid and the password being provided by an external computer,
- installing a client application on a firewall-protected computer associated with the user, and registering the installation so that the client application automatically connects to the Internet service, and
- delivering over the air, and to the external device, a configuration of the external device so that it, upon request from the external device, connects to the Internet service.
Preferably, the external device comprises a mobile device selected from the group consisting of: mobile phones, laptops, handheld devices, such as a PDAs, or any combination thereof.
The userid may comprise the mobile telephone number of a mobile phone. Preferably, the step of installing the client application on the firewall-protected computer is performed using a secured connection through the firewall between the firewall- protected computer and the external computer. BRIEF DESCRIPTION OF THE INVENTION The present invention will now be explained in further details with reference to the accompanying figures, where
figure 1 shows an overview of the overall system,
figure 2 illustrates the architecture of the system, and
figure 3 illustrates the data transmission security.
While the invention is susceptible to various modifications and alternative forms, specific embodiments have been shown by way of example in the drawings and will be described in detail herein. It should be understood, however, that the invention is not intended to be limited to the particular forms disclosed. Rather, the invention is to cover all modifications, equivalents, and alternatives falling within the spirit and scope of the invention as defined by the appended claims.
DETAILED DESCRIPTION OF THE INVENTION
The present invention provides a mobile Internet business solution that provides secure access from mobile devices to corporate data residing behind a firewall. Such corporate data may be e-mails. The solution according to the present invention requires no server installation and supports all standard POP3 e-mail clients and WAP clients on mobile devices. This is made possible through the unique technology of the present invention, which combines an e- mail service provided from a server on the Internet with a secure delivery method through a client application installed on a PC behind the firewall.
The overall solution according to the present invention is shown in figure 1, where
1. The Mobile Business Connector (MBC) Desktop Client installed on the firewall protected PC establishes a secure connection to the MBC Server through the Internet.
2. The MBC Server retrieves e-mails from the firewall protected PC. E-mails are then delivered to the mobile device through a POP3 e-mail service.
3. The mobile device connects to the MBC Server using a POP3 e-mail client and receives e-mails from the firewall protected PC running the MBC Desktop Client. The architecture of the technical solution is illustrated in figure 2. In the following sections, reference will be made to boxes A, B and C or figure 2.
In A - MBC Desktop Client - the MBC Desktop Client is typically a Windows application that is installed on the PC behind the firewall. The application connects to Microsoft Outlook using a MAPI interface (Microsoft Application Developer Interface) and accesses e-mails from Outlook.
The MBC Desktop Client establishes a secure connection between the firewall protected PC and the MBC Server by sending HTTP-requests through the firewall to the MBC Server. (HTTP is a protocol used for sending and receiving data over the Internet, e.g. HTML-pages that are viewed through a web-browser are sent over the Internet using HTTP.) Commands to be executed by the MBC Desktop Client (e.g. to deliver e-mails from the Outlook inbox to the MBC Server) are collected from the MBC Server and executed on the PC.
In B - MBC Server - the MBC Server is running a number of services, which allows it to deliver e-mails from the firewall protected PC to an external device, such as a mobile device, such as a mobile phone. The MBC Server is running POP3 and SMTP services for receiving and sending e-mails from e-mail clients on external devices. The mobile device sees the MBC Server as an ordinary e-mail server and connects to the POP3 service and the SMTP service using a standard e-mail client application.
The server works as a virtual mail server between the MBC Desktop Client and the external device. When an external device contacts the server to retrieve e-mails using the POP3 protocol, the server posts a command for the MBC Desktop Client to deliver all unread e-mail messages from the Outlook inbox on the PC. With the next HTTP- request sent from the MBC Desktop Client the command is collected from the server and executed on the PC.
When sending e-mails from an external device using the SMTP protocol, the server will post the entire message to be collected by the MBC Desktop Client running on the firewall protected PC. The message is subsequently placed in the Outlook outbox on the PC and sent as any other ordinary e-mail. No e-mails are stored on the MBC Server. With every request from an external device, e-mails are retrieved from the firewall protected PC, delivered to the external device and subsequently deleted from the MBC Server.
In C - External device - any external device containing an e-mail client application can connect to the MBC Server and retrieve e-mails from a firewall protected PC with MBC Desktop Client installed. External devices without e-mail clients can connect to the MBC Server using a WAP application, which is provided as part of the MBC solution.
Three main challenges in providing mobile access to e-mail residing behind a corporate firewall are:
(1) Secure gateway: Establish access to protected data through the corporate firewall, (2) No data storage: Avoid storage of protected data outside the corporate firewall,
(3) Standard e-mail clients: Allow access from mobile devices using standard clients
The MBC solution solves all the three issues through the unique technology in the MBC Desktop Client and the MBC Server.
Regarding (1) - the secure gateway - the MBC Desktop Client establishes a secure connection between the firewall protected PC and the MBC Server. General firewall configurations place restrictions on all incoming traffic. Direct access from a mobile device to the corporate mailbox is therefore not possible. In order to establish connection between the PC with MBC Desktop Client installed and the MBC Server outside the firewall the communication is based on outgoing traffic.
The MBC Desktop Client is communicating with the MBC Server by sending outgoing HTTP requests through port 80 of the corporate firewall. Since the same protocol and port number is being used for browsing the Internet, general firewall configurations allow the MBC Desktop Client to connect to the MBC Server.
The MBC Desktop Client is using the outgoing HTTP requests to listen for commands that trigger actions to be performed on the PC. When a MBC user is connecting to the service from a mobile device in order to read e-mails, the MBC Server places a new command for the MBC Desktop Client. With the following request received from the MBC Desktop Client the command will trigger delivery of unread e-mail messages from the Outlook inbox on the PC.
Regarding (2) - no data storage - the MBC Server acts as a virtual mail server between the PC with the MBC Desktop Client installed and the e-mail client on an external device. But unlike an ordinary POP3 mail server, the MBC Server does not store any e-mails.
When the MBC Server receives a request from an e-mail client, the request is processed by the MBC Server and sent to the MBC Desktop Client running on the PC of the user. While the e-mail client on the external device is holding an open session, unread e-mails are delivered from the Outlook inbox to the MBC Connection Server and again from the POP3 service of the MBC Server to the external device. After delivery to the mobile device all e-mails are deleted from the MBC Server.
Regarding (3) - standard e-mail clients - from the point of view of the external device the MBC Server is acting as an ordinary mail server supporting the POP3 and SMTP protocols. Since POP3 and SMTP are the most basic standards for receiving and sending e-mails, the solution supports all standard e-mail clients.
In order to allow mobile phones without embedded e-mail clients to use MBC, the solution also implements a WAP e-mail client, which can be used on all WAP enabled devices.
The MBC solution is designed to allow access to firewall protected e-mails from mobile phones. But the general support for standard e-mail clients means that the solution also supports mobile access to firewall protected e-mails from other external devices like PDA's or laptops.
Referring now to figure 3, all communication between the MBC Desktop Client and the MBC Server is encrypted using the Secure Socket Layer standard (SSL). For communication between the MBC Server and Mobile Clients the solution implements the best possible security by supporting SSL data encryption. Support for SLL encryption is not implemented equally in all handsets. Since the MBC service is supporting standard e-mail clients on mobile devices, end-to-end security depends on the type of client application used for receiving and sending e-mail from the external device.
E-mail clients used from external devices implement two levels of security:
[A] SSL encryption not supported:
The e-mail client does not support encryption of data communication between the client and the mail server. E-mails are received and sent unencrypted. In some cases userid and password used for login on the mail server can be encrypted.
[B] SSL encryption supported:
The e-mail client supports encryption of data communication between the client and the mail server. E-mails are received and sent encrypted if the mail server has implemented support for SSL encryption and the client is configured to use SSL.
The MBC service can be used in most IT environments, since the MBC Desktop Client is using a standard HTTPS connection for communication between the desktop PC and the MBC Server.
The MBC Desktop Client maintains an outbound-initiated connection through port 80 using standard https. The MBC Desktop Client does not require any change in configuration of the existing network or firewall, because the same kind of connection is used for browsing the world wide web. Because only the out-bound connection is required, there is no "hole" in the firewall and the user can install the MBC Desktop Client and use the service without violating corporate IT security policy.
The desktop PC must remain on and the e-mail client open in order to exchange incoming messages between the MBC Desktop Client and Server while the user is away from the office.
The registration of a new user starts at the MBC Web Service. The user is requested to enter a mobile phone number (which will be used as username) and choose a password. The system automatically generates a 4-digit activation code, which is sent to the users mobile phone via SMS. The activation code is only used for first time login. Subsequent logins will be based on the username and password entered by the user.
After authentication of the user the MBC Desktop Client can be downloaded and installed on the PC.
When installing the MBC Desktop Client the user is prompted for a valid username and password. The MBC Desktop Client establishes a secure connection to the MBC Server using Secure Socket Layer (SSL). After authentication of the user a unique key containing username and password is generated and a copy is stored in an encrypted hidden file on the PC.

Claims

1. A method of transferring data from a firewall-protected computer to an external device, the firewall protected computer being adapted to run a client application, the method comprising the steps of:
- providing, upon request from the external device to an external computer running a server application, data from the firewall- protected computer to the external computer via a secured connection through the firewall protecting the firewall-protected computer,
- temporary storing the provided data on the external computer,
- delivering, from the external computer, the temporary stored data to the external device via an external network, and
- deleting the temporary stored data from the external computer so that no data provided from the firewall- protected computer to the external computer is stored on the external computer after the data has been successfully delivered to the external device.
2. A method according to claim 1, wherein the secured connection through the firewall is established as a result of an automatically generated HTTP-request by a client application through the firewall from the firewall-protected computer to the external computer.
3. A method according to claim 2, wherein the secured connection through the firewall is established through port 80 of the firewall.
4. A method according to claims 2 or 3, wherein data are provided from the firewall- protected computer to the external computer in response to a command, the command being a result of the request from the external device to the external computer, the command being received by the firewall-protected computer from the server application running on the external computer.
5. A method according to any of the preceding claims, wherein the data provided from the firewall-protected computer to an external computer is encrypted data.
6. A method according to claim 5, wherein the encrypted data is encrypted using SSL.
7. A method according to any of the preceding claims, wherein the secured connection 5 through the firewall is established via a network.
8. A method according to claim 7, wherein the network comprises the Internet.
9. A method according to any of the preceding claims, wherein the firewall- protected computer is a server.
10
10. A method according to any of claims 1-8, wherein the firewall-protected computer is a personal computer.
11. A method according to any of the preceding claims, wherein the external network 15 comprises a wireless network.
12. A method according to claim 11, wherein the wireless network comprises a GSM network.
20 13. A method according to claims 11 or 12, wherein the external device is capable of running a client application.
14. A method according to any of claims 11-13, wherein data delivered from the external computer to the external device is delivered through a service based on the
25 POP3 protocol, and wherein data delivered from the external device to the external computer is delivered through a service based on the SMTP protocol.
15. A method according to claim 14, wherein the external device comprises a mobile device selected from the group consisting of: mobile phones, laptops, handheld
30 devices, such as a PDAs, or any combination thereof.
16. A method according to any of claims 1-12, wherein the external computer is adapted to run a server application for supporting a client application running on the external device.
35
17. A method according to claim 16, wherein the external device is capable of running a browser.
18. A method according to claim 17, wherein the external device is selected from the group consisting of: mobile phones, computers, such as laptops, handheld devices, such as a PDAs, or any combination thereof.
5
19. A method according to any of claims 1-10, wherein the external network comprises a wired network, such as the Internet.
20. A method according to claim 19, wherein the external device is capable of running 10 a client application.
21. A method according to claims 19 or 20, wherein data delivered from the external computer to the external device is delivered through a service based on the POP3 protocol, and wherein data delivered from the external device to the external computer is delivered though a service based on the SMTP protocol.
15
22. A method according to claim 21, wherein the external device comprises a computer selected from the group consisting of: personal computers, laptops, handheld devices, such as a PDAs, or any combination thereof.
20 23. A method according to any of the preceding claims, wherein the data delivered to the external device comprises emails.
24. A method of distributing a mobile Internet service to an external device associated with a user, the method comprising the steps of: 25
- signing up the external device, and providing the user of the external device with a userid and a password for the Internal service through a website, the userid and the password being provided by an external computer,
30 - installing a client application on a firewall-protected computer associated with the user, and registering the installation so that the client application automatically connects to the Internet service, and
- delivering over the air, and to the external device, a configuration of the
35 external device so that it, upon request from the external device, connects to the Internet service.
25. A method according to claim 24, wherein the external device comprises a mobile device selected from the group consisting of: mobile phones, laptops, handheld devices, such as a PDAs, or any combination thereof.
26. A method according to claims 24 or 25, wherein the userid comprises the mobile telephone number of a mobile phone.
27. A method according to any of claims 24-26, wherein the installing of the client application on the firewall-protected computer is performed using a secured connection through the firewall between the firewall-protected computer and the external computer.
28. A method according to claim 27, wherein the secured connection through the firewall is established through port 80 of the firewall.
PCT/DK2002/000674 2002-09-30 2002-10-08 Method for transferring, data, e.g. emails, from a computer protected by a firewall to an external device, e.g. a mobile terminal WO2004030308A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU2002342591A AU2002342591A1 (en) 2002-09-30 2002-10-08 Method for transferring, data, e.g. emails, from a computer protected by a firewall to an external device, e.g. a mobile terminal

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US41434302P 2002-09-30 2002-09-30
US60/414,343 2002-09-30

Publications (1)

Publication Number Publication Date
WO2004030308A1 true WO2004030308A1 (en) 2004-04-08

Family

ID=32043383

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/DK2002/000674 WO2004030308A1 (en) 2002-09-30 2002-10-08 Method for transferring, data, e.g. emails, from a computer protected by a firewall to an external device, e.g. a mobile terminal

Country Status (2)

Country Link
AU (1) AU2002342591A1 (en)
WO (1) WO2004030308A1 (en)

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2009031976A1 (en) 2007-09-05 2009-03-12 Creative Technology Ltd. Method of enabling access to data protected by firewall
WO2009036679A1 (en) * 2007-09-19 2009-03-26 Tencent Technology (Shenzhen) Company Limited Method, system and server for receiving email
US8365272B2 (en) 2007-05-30 2013-01-29 Yoggie Security Systems Ltd. System and method for providing network and computer firewall protection with dynamic address isolation to a device
US8381297B2 (en) 2005-12-13 2013-02-19 Yoggie Security Systems Ltd. System and method for providing network security to mobile devices
US8631488B2 (en) 2008-08-04 2014-01-14 Cupp Computing As Systems and methods for providing security services during power management mode
US8789202B2 (en) 2008-11-19 2014-07-22 Cupp Computing As Systems and methods for providing real time access monitoring of a removable media device
US8869270B2 (en) 2008-03-26 2014-10-21 Cupp Computing As System and method for implementing content and network security inside a chip
US9762614B2 (en) 2014-02-13 2017-09-12 Cupp Computing As Systems and methods for providing network security using a secure digital device
US9973501B2 (en) 2012-10-09 2018-05-15 Cupp Computing As Transaction security systems and methods
US10313368B2 (en) 2005-12-13 2019-06-04 Cupp Computing As System and method for providing data and device security between external and host devices
US11157976B2 (en) 2013-07-08 2021-10-26 Cupp Computing As Systems and methods for providing digital content marketplace security

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1999051003A2 (en) * 1998-04-01 1999-10-07 Telia Ab (Publ) Improvements in, or relating to, electronic badges
US6012088A (en) * 1996-12-10 2000-01-04 International Business Machines Corporation Automatic configuration for internet access device
US6104716A (en) * 1997-03-28 2000-08-15 International Business Machines Corporation Method and apparatus for lightweight secure communication tunneling over the internet
WO2002006963A1 (en) * 2000-07-19 2002-01-24 Fusionone, Inc. Remote access communication architecture apparatus and method
WO2002046971A1 (en) * 2000-12-05 2002-06-13 Softdomain Remote service agent for sending commands and receiving data over e-mail network

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6012088A (en) * 1996-12-10 2000-01-04 International Business Machines Corporation Automatic configuration for internet access device
US6104716A (en) * 1997-03-28 2000-08-15 International Business Machines Corporation Method and apparatus for lightweight secure communication tunneling over the internet
WO1999051003A2 (en) * 1998-04-01 1999-10-07 Telia Ab (Publ) Improvements in, or relating to, electronic badges
WO2002006963A1 (en) * 2000-07-19 2002-01-24 Fusionone, Inc. Remote access communication architecture apparatus and method
WO2002046971A1 (en) * 2000-12-05 2002-06-13 Softdomain Remote service agent for sending commands and receiving data over e-mail network

Cited By (58)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8627452B2 (en) 2005-12-13 2014-01-07 Cupp Computing As System and method for providing network security to mobile devices
US9497622B2 (en) 2005-12-13 2016-11-15 Cupp Computing As System and method for providing network security to mobile devices
US10089462B2 (en) 2005-12-13 2018-10-02 Cupp Computing As System and method for providing network security to mobile devices
US11461466B2 (en) 2005-12-13 2022-10-04 Cupp Computing As System and method for providing network security to mobile devices
US9781164B2 (en) 2005-12-13 2017-10-03 Cupp Computing As System and method for providing network security to mobile devices
US8381297B2 (en) 2005-12-13 2013-02-19 Yoggie Security Systems Ltd. System and method for providing network security to mobile devices
US11822653B2 (en) 2005-12-13 2023-11-21 Cupp Computing As System and method for providing network security to mobile devices
US10839075B2 (en) 2005-12-13 2020-11-17 Cupp Computing As System and method for providing network security to mobile devices
US10541969B2 (en) 2005-12-13 2020-01-21 Cupp Computing As System and method for implementing content and network security inside a chip
US9747444B1 (en) 2005-12-13 2017-08-29 Cupp Computing As System and method for providing network security to mobile devices
US10621344B2 (en) 2005-12-13 2020-04-14 Cupp Computing As System and method for providing network security to mobile devices
US20150215282A1 (en) 2005-12-13 2015-07-30 Cupp Computing As System and method for implementing content and network security inside a chip
US10313368B2 (en) 2005-12-13 2019-06-04 Cupp Computing As System and method for providing data and device security between external and host devices
US10417421B2 (en) 2005-12-13 2019-09-17 Cupp Computing As System and method for providing network security to mobile devices
US10999302B2 (en) 2007-03-05 2021-05-04 Cupp Computing As System and method for providing data and device security between external and host devices
US10419459B2 (en) 2007-03-05 2019-09-17 Cupp Computing As System and method for providing data and device security between external and host devices
US10567403B2 (en) 2007-03-05 2020-02-18 Cupp Computing As System and method for providing data and device security between external and host devices
US11652829B2 (en) 2007-03-05 2023-05-16 Cupp Computing As System and method for providing data and device security between external and host devices
US10284603B2 (en) 2007-05-30 2019-05-07 Cupp Computing As System and method for providing network and computer firewall protection with dynamic address isolation to a device
US20180302444A1 (en) 2007-05-30 2018-10-18 Cupp Computing As System and method for providing network and computer firewall protection with dynamic address isolation to a device
US8365272B2 (en) 2007-05-30 2013-01-29 Yoggie Security Systems Ltd. System and method for providing network and computer firewall protection with dynamic address isolation to a device
US10904293B2 (en) 2007-05-30 2021-01-26 Cupp Computing As System and method for providing network and computer firewall protection with dynamic address isolation to a device
US11757941B2 (en) 2007-05-30 2023-09-12 CUPP Computer AS System and method for providing network and computer firewall protection with dynamic address isolation to a device
US10057295B2 (en) 2007-05-30 2018-08-21 Cupp Computing As System and method for providing network and computer firewall protection with dynamic address isolation to a device
US9391956B2 (en) 2007-05-30 2016-07-12 Cupp Computing As System and method for providing network and computer firewall protection with dynamic address isolation to a device
US9756079B2 (en) 2007-05-30 2017-09-05 Cupp Computing As System and method for providing network and computer firewall protection with dynamic address isolation to a device
TWI473483B (en) * 2007-09-05 2015-02-11 Creative Tech Ltd Method of enabling access to data protected by firewall
US8281384B2 (en) 2007-09-05 2012-10-02 Creative Technology Ltd Method of enabling access to data protected by firewall
WO2009031976A1 (en) 2007-09-05 2009-03-12 Creative Technology Ltd. Method of enabling access to data protected by firewall
WO2009036679A1 (en) * 2007-09-19 2009-03-26 Tencent Technology (Shenzhen) Company Limited Method, system and server for receiving email
US8204947B2 (en) 2007-09-19 2012-06-19 Tencent Technology (Shenzhen) Company Ltd. Method, system and server for popping E-mail
US8869270B2 (en) 2008-03-26 2014-10-21 Cupp Computing As System and method for implementing content and network security inside a chip
US11757835B2 (en) 2008-03-26 2023-09-12 Cupp Computing As System and method for implementing content and network security inside a chip
US11050712B2 (en) 2008-03-26 2021-06-29 Cupp Computing As System and method for implementing content and network security inside a chip
US8631488B2 (en) 2008-08-04 2014-01-14 Cupp Computing As Systems and methods for providing security services during power management mode
US11449613B2 (en) 2008-08-04 2022-09-20 Cupp Computing As Systems and methods for providing security services during power management mode
US9516040B2 (en) 2008-08-04 2016-12-06 Cupp Computing As Systems and methods for providing security services during power management mode
US11947674B2 (en) 2008-08-04 2024-04-02 Cupp Computing As Systems and methods for providing security services during power management mode
US11775644B2 (en) 2008-08-04 2023-10-03 Cupp Computing As Systems and methods for providing security services during power management mode
US9106683B2 (en) 2008-08-04 2015-08-11 Cupp Computing As Systems and methods for providing security services during power management mode
US10404722B2 (en) 2008-08-04 2019-09-03 Cupp Computing As Systems and methods for providing security services during power management mode
US10084799B2 (en) 2008-08-04 2018-09-25 Cupp Computing As Systems and methods for providing security services during power management mode
US9843595B2 (en) 2008-08-04 2017-12-12 Cupp Computing As Systems and methods for providing security services during power management mode
US11036836B2 (en) 2008-11-19 2021-06-15 Cupp Computing As Systems and methods for providing real time security and access monitoring of a removable media device
US8789202B2 (en) 2008-11-19 2014-07-22 Cupp Computing As Systems and methods for providing real time access monitoring of a removable media device
US11604861B2 (en) 2008-11-19 2023-03-14 Cupp Computing As Systems and methods for providing real time security and access monitoring of a removable media device
US10417400B2 (en) 2008-11-19 2019-09-17 Cupp Computing As Systems and methods for providing real time security and access monitoring of a removable media device
US10904254B2 (en) 2012-10-09 2021-01-26 Cupp Computing As Transaction security systems and methods
US9973501B2 (en) 2012-10-09 2018-05-15 Cupp Computing As Transaction security systems and methods
US10397227B2 (en) 2012-10-09 2019-08-27 Cupp Computing As Transaction security systems and methods
US11757885B2 (en) 2012-10-09 2023-09-12 Cupp Computing As Transaction security systems and methods
US11157976B2 (en) 2013-07-08 2021-10-26 Cupp Computing As Systems and methods for providing digital content marketplace security
US10291656B2 (en) 2014-02-13 2019-05-14 Cupp Computing As Systems and methods for providing network security using a secure digital device
US11743297B2 (en) 2014-02-13 2023-08-29 Cupp Computing As Systems and methods for providing network security using a secure digital device
US11316905B2 (en) 2014-02-13 2022-04-26 Cupp Computing As Systems and methods for providing network security using a secure digital device
US10666688B2 (en) 2014-02-13 2020-05-26 Cupp Computing As Systems and methods for providing network security using a secure digital device
US9762614B2 (en) 2014-02-13 2017-09-12 Cupp Computing As Systems and methods for providing network security using a secure digital device
US20180205760A1 (en) 2014-02-13 2018-07-19 Cupp Computing As Systems and methods for providing network security using a secure digital device

Also Published As

Publication number Publication date
AU2002342591A1 (en) 2004-04-19

Similar Documents

Publication Publication Date Title
US20210359967A1 (en) System and method of a relay server for managing communications and notification between a mobile device and application server
US10298708B2 (en) Targeted notification of content availability to a mobile device
CA2305358C (en) Electronic mail forwarding system and method
US8719397B2 (en) Method and system for email and PIM synchronization and updating
US9252977B2 (en) Method and system for an uncompromising connection from a computing device having information storage like email server to a wireless mobile device
JP4686596B2 (en) System and method for personal identification number message transmission
US8051987B2 (en) System and method for wirelessly provisioning a mobile communication device
US20020123328A1 (en) Method and system for pushing e-mails to a mobile device
US20150215291A1 (en) Secure decentralized content management platform and transparent gateway
US20020103851A1 (en) Remote proxy server agent
US11575767B2 (en) Targeted notification of content availability to a mobile device
WO2004030308A1 (en) Method for transferring, data, e.g. emails, from a computer protected by a firewall to an external device, e.g. a mobile terminal
US20040037240A1 (en) Method and apparatus for establishing multiple bandwidth-limited connections for a communication device
US20050015617A1 (en) Internet security
EP2608591B1 (en) Self-configuration of a mobile terminal for connecting to a secure wireless network
US20040184613A1 (en) Method of safely sending e-mails over LAN
EP1976234A1 (en) A method and system for email and pim synchronization and updating
CA2409327A1 (en) Enterprise mobile server platform

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ OM PH PL PT RO RU SD SE SG SI SK SL TJ TM TN TR TT TZ UA UG US UZ VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR IE IT LU MC NL PT SE SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP

WWW Wipo information: withdrawn in national office

Country of ref document: JP