SYSTEM AND METHOD FOR AUTOMATICALLY DISCOVERING ACCESSIBLE SERVICES ON A COMPUTER NETWORK AND PROVIDING
AUTOMATIC ACCESS THERETO
BACKGROUND OF THE INVENTION
1 Field of the Invention
The present invention relates generally to a computer network server, and relates more particularly to a system and method for automatically detecting accessible services on an mside computer network, and providing access to the detected accessible services from an outside computer network
2 Descnption of the Background Art Due, at least in part, to the increasing populaπty of the Internet and the ability to share information or network services between computers, it is frequently desirable to provide access to certain network services on an mside network, such as a building wiring network, to computer on an outside network, such as the Internet In one common configuration, multiple computers are coupled to an mside network, which is separated from oi interfaced with the outside network by a gateway device Generally, a gateway device acts an entrance from one network to anothei Typically, gateway devices are employed to interface an mside network and an outside network, such as the Internet
For example, it is desirable, m some instances, to configure one or more computers on an mside network as web servers Despite the advantages of having web server services or other network services available on an mside network, it is often cumbersome to make these mside network services visible, or otherwise available, over the outside network
Indeed, the initial set up of such a system can be cumbersome and time consuming, particulaily for novice users Additionally, m circumstances where network services are frequently added to or removed from the mside network, this set up must also be updated frequentlλ Hence, significant difficulties exist m permitting the services of a plurality of mside network devices to be visible and accessible from outside computers on the outside network At least part of this difficulty stems from determining which computers or other devices aie present on the mside network and what services are available on these devices
An additional difficulty relates to permitting computer users outside the mside netwoik to access the various network services available on the mside network That is, once the network services available on the mside network are detected, these services need to be accessible by computers over the outside network
Therefore, an improved system and method are needed to provide quick and easy access to an mside network, such as a building computer network from computers on an outside computer network, such as the Internet to provide access to the available inside network services An additional need exists to provide a system and method by which a gateway device can automatically detect the network services available on the mside network Yet another need exists to provide a system and method by which the network services available on the mside network may be accessed by outside network computers
SUMMARY OF THE INVENTION A system and method are disclosed to automatically detect or discover accessible services on an inside computer network, to publish links to the detected services on a web page, and to automatically permit a selected network service to be accessed from an outside network via a gateway device.
In general, the present invention provides a gateway server interposed between an inside network, such as a building wiring network, and an outside network, such as the Internet. The gateway server periodically scans, or polls, the various devices on the inside network to discover or detect available services on the inside network. Advantageously, the gateway server includes a web server for publishing over the outside network, on a gateway server web page, dynamic links to the available services as determined by the scanning, or polling, function. By performing this scanning function periodically, the gateway server continually updates the dynamic links to the available inside network services. In this manner, the available services on the inside wiring network may be visible, accessible, or both, from outside computers on the outside network via the gateway server.
According to one embodiment, the scanning function is accomplished by the gateway server periodically attempting to establish a com ection, or socket, with an inside network device port that is associated with a particular inside network service. If a connection is established, then the gateway server assumes that the associated service is available at that port of that device and creates a dynamic link associated with that inside network service. The gateway server advantageously scans the ports associated with a predetermined set of network services for each building network device. Alternatively, the gateway server receives broadcasts or multicasts from the inside network services to detect
or discover the available network services on the mside network and subsequently publishes those detected services on the gateway device web page, which is accessible from the outside network
Then, when a user opens the gateway device web page, using an outside client browsei, and selects a dynamic link associated with a certain network service, the gateway device forwards, proxies, routes, or transparently redirects connection from the outside client browser to the associated mside network detected service In one embodiment, this is done using transparent redirection, in which the gateway server uses HTTP (HyperText Transfer Protocol) redirect, to redirect the outside client browser to the selected inside network service via a portal associated with that service Alternatively, the gateway device may initiate a proxy application associated with the particular type of mside network service selected and redirect the outside client browser to the proxy application Once the outside client browser has been redirected to the proxy application, the proxy application manages communications between the outside client browser and the selected mside network servrce
Other advantages and features of the present invention will be apparent from the drawings and detailed description as set forth below
BRIEF DESCRIPTION OF THE DRAWLNGS FIG 1 is a schematic diagram illustrating a gateway server interposed between an mside computer network and an outside network, m accordance with the present invention, FIG 2 is a block diagram of the gateway server shown m FIG 1, according to the present invention,
FIG 3 is a block diagram of the non- volatile memory located withm the gateway server as shown m FIG 2, in accordance with the present invention.
FIG 4 is a block diagram of the RAM located within the gateway server as shown in FIG 2. in accordance with the present invention, FIG 5 is a flowchart illustrating a method for scanning an mside computer network for accessible services, according to the present invention,
FIG 6 is a flowchart illustrating one embodiment of a method for establishing a connection between a client browser on an outside network and a selected network service on the building network, according to the present invention, and FIG 7 is a flowchart illustrating one embodiment of a method for establishing a connection between a client browser on an outside network and a selected network service on the mside network, according to the present invention
DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT The present invention relates to a gateway server that scans for and detects available network services on an mside network The gateway server also publishes dynamic links to the detected network services on a gateway server web page so that these services may be accessed from an outside network via the gateway server web page Various modifications to the preferred embodiment will be readily apparent to those skilled in the art and the generic principles herein may be applied to other embodiments
FIG. 1 is a schematic diagram of one embodiment of a system 100 that includes a gateway server 1 10 located with a building, such as a home 112 As shown, the gateway server 1 10 is coupled via an internal network line 114 to an side network 116 having at least one mside network device 1 18 The mside network 116 may comprise a building wiring network The mside network devices 118 may include, for example, network servers, shared printers, shared files, shared directories, and the like. A communications link 122 connects the gateway server 110 to an outside network 120, such as the Internet As those skilled in the art will appreciate, the link 122 may comprise a telephone line, an ISDN line, or any other type of suitable communications link
The mside network 1 16 can be accessed from an outside network client computei 124. such as an office computer, via the outside netwoik 120 from an office 126 that is also connected to the outside network 120 via a communication link 128 In a preferred embodiment, the outside network 120 comprises the Internet Advantageously, the outside client computer 124 includes a standard web browser (not shown), such as Netscape Navigator rM or Microsoft Internet Explorei ™, to access a web page published by the gateway servei 1 10
FIG 2 illustrates a block diagram of one embodiment of the gateway server 1 10 As shown, the gateway servei 1 10 may include a central processing unit (CPU) 210, a lead-only memory (ROM) 212, a random-access memory (RAM) 214, a non-volatile memoiy 216, a mside network communications interface 218, and an outside network communications interface 220 connected via a bus 222 The mside network communications interface 218 and the outside network communications interface 220 respectively connect to the mside network 116 and to the outside network 120 conventionally
FIG 3 is a block diagram of one embodiment of the non-volatile memory 216 located within the gateway server 1 10 As illustrated, the non-volatile memory 216 includes a scanning engine 310, a timer 312, a service list 314, a DHCP (Dynamic Host Configuration Protocol) server 315, a web server 316, dynamic links 318, and proxy applications 320
The scanning engine 310 periodically scans the network devices 118 on the inside netwoik 116 to automatically detect accessible network services located on the inside netw ork 1 16 Since the scanning engine 310 of the gateway server 110 automatically detects the available network services on the mside network 116, the addition, removal, or othei changes of the available network services on the mside network 116 is substantially simplified Specifically, in the present embodiment, users are not required to go through a cumbersome configuration or reconfiguration of the gateway server 110 each time a netwoik service is added to or removed from the mside network 116 Particular details of the scanning function of the scanning engine 310 are described in more detail below
Upon detecting, or discovering, certain available network services on the mside netw oik 1 16, the scanning engine 310 creates a list of the detected or discovered services,
which list may be stored m either the non-volatile memor) 216 or the RAM 214 In one embodiment, the list of detected or discovered available services is published to the outside netwoik 120 on a gate ay server web page Specifically, the scanning engine advantageously creates a set of dynamic links wherein each dynamic link is associated with a particular detected service The links are then stored as dynamic links 318 m the non-volatile memory 216 Alternatively or additionally, the dynamic links can be stored and accessed m RAM 214, as is shown in FIG 4, since the dynamic links are continually being created and updated The accessible services can include, for example, web servers, web pages, FTP servers, FTP files, shared folders, directories, files, shared pπnters, hard drives, and other types of computer services that may be made accessible on a computei network
As those skilled in the art will appreciate, access to the dynamic links 318 can be optionally password controlled at the gateway server 1 10 for added security In this embodiment, the secured accessible services would still be listed m the dynamic links, but a password would be required after selecting the dynamic link In another embodiment, a passw ord may be required to view the dynamic links
Upon creating the dynamic lurks, the gateway server 1 10 stores the dynamic links withm a memory, such as the non-volatile memory 216 or RAM 214 The web server 312 then updates a gateway web page viewable from computers on the outside network 120, such as the outside network client computei 124 (FIG 1 ) The gateway server web page displays the dynamic links to the accessible services on the side network 116. thereb\ allowing quick and easy access to this information from computers on the outside netwoik 120
In this configuration, a user at an outside network client computer 124 may access detected building network services by browsing to the web page of the gateway server 1 10 and selecting a dynamic link displayed thereon The gateway server 110, in response to the selection of one of the dynamic links then forwards, proxies, routes, or transparently redirects connection from the outside client network 124 to the associated mside network detected service, details of which are discussed in more detail below m connection with FIGS 6 and 7
The timer 312 periodically invokes the scanning engine 310 so that the scanning engine 310 scans for available network services on the mside network 116 on a regulai basis The timer 312 can be set to invoke the scanning engine 310 on a regular, predetermined basis to periodically and dynamically provide current and valid dynamic links to accessible services on the inside network 116 Those skilled in the art will appreciate that the features of the timer 312 may be incorporated withm the scanning engine 310 rather than as a separate module The service list 314 comprises a list of potentially available network services on the mside network 1 16 as well as program mstiuctions and protocols for locating the various types of network services that may be available on the mside network 116 Indeed, those skilled in the art will appreciate that the specific details ot scanning for different types of netwoik sei vices may differ with respect to each service type In general, however, the gatewav servei 110, for each dev ice on the building netw ork 116 attempts to establish a connection for each of the types of sei vices m the service list to determine which, if am net ork services are available at that device
Typically, each network serv ice oi a network device is associated with a particular port on that device Hence, to determine whether a particular service is accessible on a
given network device, the gateway server 1 10 attempts to establish a connection, or socket, with the port associated with that particular service
For example, as the gateway server 110 scans a particular device 118 on the mside network 1 16 for HTTP server services, the gateway server 1 10 attempts to establish a connection on the specific TCP (Transfer Control Protocol) port address that is associated with HTTP server services for the particular device For many devices, the HTTP servei services are accessed via TCP port "80 " If the gateway server 1 10 can open a connection, oi a socket, with the TCP port associated with HTTP server services, then, at least in one embodiment, the gateway server 1 10 assumes that HTTP server services are present on that device and creates a dynamic link to this service Those skilled in the art will appreciate that the gateway server 110 can validate or confirm the availability of the detected service by initiating additional exchange with the associated device port
If, however, the gateway server 1 10 can not open such a connection, then the gateway server 1 10 assumes that no HTTP server services are available at that inside network device and, accordingly, does not create a dynamic link to that service. This method of scanning for available network services on the inside network 116 is described m more detail below in connection with FIG 5
The DHCP (Dynamic Host Configuration Protocol) server 315 detects network devices 1 18 that are connected to the mside network 1 16 and centrally manages and automates the assignment of Internet Protocol (IP) addresses the mside network 116
The DHCP server 315 assigns an IP address for each computer or device that is connected to the mside netwoik 116 In particular, as each computer or device connected to the mside network 1 16 is initialized, it connects to the DHCP sen er 315 to obtain an IP address The DHCP server 315 provides the input to the host list 410 (FIG 4), which
compnses a list of the computers and othei network devices that are present, or active, on the mside network 1 16 Those skilled m the art will appreciate that the DHCP server 315 could alternatively comprise a separate module or device connected to the side network 1 16 The web server 316 publishes the current set of dynamic links to all of the accessible services on the mside network 1 16 to the outside network 120, such as the Internet Hence, in this configuration, the accessible services on the mside network 1 16 may be viewed at a web page on the gateway server 110 and may be accessed through the gatew ay sen ei web page The proxy applications 320 provide application level gateway support for a selected netwoik service available on the mside network 116 Advantageously, a separate proxy application is provided for each type of network service so that an individual using a client browser on an outside network client computer can communicate or otherwise interact with the netwoik services Details relating to the purpose and function of the proxy applications 320 are discussed below in connection with FIG 7
FIG 4 is a block diagram of one embodiment of the RAM 214 located withm the gateway seiver 110 In the FIG 4 embodiment RAM 214 preferably includes a host list 410, and can also include a set of dynamic links 412 As discussed earlier, the dynamic links can be stored in either non- volatile memon 216 or RAM 214 The DHCP sen'er 315 as discussed above provides the input to the host list
The host list 410 maintains a list of computers and other network devices that are connected to the gateway server 1 10 As each computei oi device connects to the gateway seiv ei 1 10, the DHCP servei 315 assigns an IP address to that particular computer oi device The gateway server 1 10 then stores the IP address, or a reference, of that computei
01 dev ice in the host list 410 If a network device to the gateway server 100 is turned off, disconnected, or otherw ise deactivated, then the associated IP address is lost and the reference m the host list 410 is removed Therefore, the host list 410 maintains a substantiall current list of active computers and devices connected to the gateway servei 1 10
FIG 5 is a flowchart 500 that illustrates one embodiment for scanning a computei netw ork using the gateway server 110 At block 510, the scanning engine 310 is started As discussed abo e the timer 312 periodically starts the scanning engine 310 In block 512 the scanning engine 310 checks the host list 410 to determine if there are any mside netw oik dev ices or computei s connected to the gateway server 1 10 and selects an unscanned mside network device from the host lrst 410
After an unscanned device has been selected, then the scanning engine 310 selects an unscanned service from the service list 314, pursuant to block 518 Next, pursuant to block 518, the scanning engine 310 attempts to create a connection, or open a socket, with the device port of the selected device that is associated with the selected unscanned sen ice If, pursuant to block 520, the attempt to establish a connection was successful and an av ailable service has been detected or disco ered, then pursuant to block 521, the detected service is added to a list of detected network services A dynamic link is then cieated foi that particular service and is stored m the dynamic links 318 or 412 pursuant to block 522
The scanning engine 310 then continues to attempt to establish a connection foi each of the remaining netwoik services of the service list 314 for the selected device Hence if the result of the determination of block 523 is "yes," execution returns to block 516 to commence scanning for other network services on the selected network device
After the scanning engine 310 has attempted to establish a connection with the selected network device for each service on the service list 314, the scanning engine 310 determines whether all of the devices on the host list 410 have been scanned pursuant to block 524 If all of the devices on the host list 410 have been scanned, then the scanning engine terminates its scan pursuant to block 526
However if there aie network devices on the host list 410 that the scanning engine 310 has not scanned, the process returns to block 512 so that the scanning engine 310 can scan the next network device on the host list 410 Once all of the devices on the host list 410 hav e been searched for available services, the scanning process ends at block 526 As discussed above, the list of available network semces is advantageously published to the outside network 120 in the form of dynamrc hnks on a gateway server web page usmg the gateway web server 316 These dynamrc hnks can then be accessed and/or viewed by a user over the Internet by a client browser by browsing to the gateway sen er web page Advantageously, when a user at a computer on the outside network 120 browses to the gateway sen'er web page and selects one of the dynamic links displayed thereon, the gate ay server 1 10 lorwaids, proxies, routes, or transparently redirects connection from the outside network 120 to the associated sen'ice on the mside netwoik 1 16 Particular methods of enabling communication between a client browser on the outside network 120 and a selected network serv ice on the building network 1 16 aie described below in connection with FIGS 6 and 7
FIG 6 shows a flowchart 600 of a method of enabling communication between a client biowsei on the outside netwoik 120 and a selected sen ice on the mside network 1 16 In particular, the flowchart 600 illustrates a method for transparent redrrection and
network address translation. The method 600 begins at block 602, in which an outside network client browser opens the gateway server web page, such as by entering the URL (Uniform Resource Locator) for the gateway server web page. Once the gateway server web page is open on the client browser, an end user may obtain access to a selected network service by mouse clicking (double clicking) or otherwise selecting the published dynamic link associated with the network service, such as a particular file or directory, pursuant to block 604. Mouse clicking on the dynamic link causes the client browser to transmit a request for that network service, or resource, to the gateway server 110.
In response to the request for the network service, the gateway server 110 uses an HTTP redirect to transparently redirect the client browser to access another address associated with a portal associated with the selected network service. This redirect address is transmitted back to the outside client browser pursuant to block 606. The outside client browser then accesses the selected network sendee via the gateway server portal by following the redirect address. The gateway server 1 10 creates the portal associated with the redirect address, or the selected network service, so that the selected network service and the outside client browser may communicate via the portal pursuant to block 608. Lastly, the outside client computer may access and communicate with the selected network service via the portal pursuant to block 610. The method 600 is "transparent" to the end user at the outside client browser in that the end user need not actively participate in the redirection process. In this manner, the end user at the outside client browser may access a selected network service via a portal created by the gateway server 1 10 by simply mouse clicking on the dynamic link associated with the selected service.
FIG 7 illustrates an alternate method of permitting an end user at an outside client browser to access a netwoik service or resource of the mside network 116 by selecting an associated link on the gateway sender web page In particular the flowchart 700 commences with the end user opening a gateway server web page using an outside client browser pursuant to block 702 Next, pursuant to block 704, the end user selects, bv mouse clicking, the dynamic link on the gatew y sender web page that is associated with a selected mside network service Mouse clicking on the dynamic link causes the client brow sei to transmit a lequest for that network service, or resource, to the gateway servei 110 Upon receipt of the request for the network service from the outside client browser, the gateway server identifies and initiates the proxy application 320 that is associated with the type of selected network service pursuant to block 706 In addition, the gateway server transmits a redirect address to the outside client browser to redirect the outside client browser to the initiated proxy application, pursuant to block 708 Once the outside client browser is connected directly to the initiated proxy application, the proxy application manages communications between the outside client browser and the selected inside net oik sen ice pursuant to block 710
In particular, the proxy application modifies the communications between the selected mside netwoik service and the outside client browser For example, the proxv application may translate addressing information withm the communications according to the particular mside network service being accessed In this manner, the end user at the outside client browser may access a selected network service via a proxy application initiated by the gateway server 1 10 by simply mouse clicking on the dynamic link associated with the selected service
The invention has been explained above with reference to presently preferred embodiments Other embodiments w ill be apparent to those skilled m the art m light of this disclosure For example, the present invention may readily be implemented using configurations other than those described in the preferred embodiment above Therefore, these and other variations upon the preferred embodrments are mtended to be covered by the present invention, which is limited only by the appended claims