1. Field of the Invention
The embodiments of the invention relate to the protection of server resources. Specifically, the embodiments of the invention relate to the protection of backend resources by the utilization of a frontend system in a demilitarized zone that services user requests for backend resources where the frontend system is accessible through a first protocol and the frontend system accesses resources on a backend system using a second protocol.
2. Background
Servers provide access to a set of resources over a network to users that are located on remote machines. The remote machines utilize a client application to access the servers, sometimes referred to as the ‘backend’ of the system. The client application utilizes a commonly understood protocol to communicate with the backend system. For example, the client application may be a web browser that communicates with a web server on the backend system. The client application and web server communicate using the hyper text transfer protocol (HTTP). The client application generates an HTTP request specifying data that is requested, such as a hypertext markup-language (HTML) page, and sends the HTTP request over the network to the server. The server receives the request, accesses the appropriate resources such as a database or similar storage system, retrieves the requested data and sends the requested data back to the client application.
However, these systems are vulnerable to unauthorized access through a number of different methods of attack. Malicious programs and individuals can use the same communication protocol that is normally used to legitimately communicate with the server to gain access or alter resources that are not intended to be accessible or alterable by such programs or individuals. The servers can be placed behind firewalls in some instances and utilize authorization services such as password and user name authentication to attempt to limit the access to unauthorized users and malicious attacks. However, the protocol for accessing the server and the type of firewall that protects that server is easily determined. Knowing about the firewall and the protocol that is utilized by the server gives malicious programmers an advantage in trying to overcome these protection mechanisms. This knowledge can be utilized to find security holes and exploits that can be utilized to gain unauthorized access to the resources provided by the server.