1. Technical Field
The present invention relates generally to a system and method for establishing a secure connection between a server and a client over a public network and specifically to a method for providing secure remote access to the client by the server.
2. Discussion of the Related Art
Referring to FIG. 1, a system for a remote software product environment is illustrated generally by numeral 100. The system 100 includes a customer system 102 and a service organization system 104. The customer system 102 includes a software product 106 and a service client 108. The service organization 104 includes a service gateway 110 and a session end point 112. The service client 108 is coupled with the service gateway 110 via a network 114. Typically, the network 114 is a public network, such as the Internet. Optionally, one or both of the service client 108 and the service gateway 110 are connected to the network 114 via a firewall 116.
Servicing a remote software product has many challenges, including transferring diagnostic data from the customer system 102 to the organization system 104, transferring software product updates from the organization system 104 to the customer system 102, and remote troubleshooting for problem diagnosis.
Transferring diagnostic data from the customer system 102 to the organization system 104 is an issue since diagnostic data often contains sensitive information. Typically, a File Transfer Protocol (FTP) is used for transferring files, even though it is inconvenient for the customers and insecure for both the customers and the service organization.
Transferring software product updates, such as fixpaks and service releases to customer system 102 from the organization system 104 is an issue since the organization system 104 providing the latest software product update should be authenticated to ensure that a malicious server is not providing malicious software instead of the expected software product update. Typically, certificates issued by a trusted third party are used for authenticating the organization system 104.
Yet further, the need for remote troubleshooting between the customer system 102 and the organization system 104 provides several issues. For example, telephone support is typically provided by many organizations. Telephone conversations can easily lead to lost information and many errors are difficult to communicate over the telephone. Alternately, some customers will allow a telnet connection into their customer system 102, which is very insecure.
Today, there is no convenient and secure facility that can alleviate these challenges. As software and hardware products become more complex, the need for convenient and a secure remote service facility is becoming more and more critical. In fact, such a solution is already desperately required. As a result, it is an object of the present invention to obviate or mitigate at least some of the above mentioned disadvantages.