Secure access to internal data resources is facilitated through a gateway
CGI on an internet visible computer system with an internet visible web server
configured by rules to forward calls to the gateway CGI. The gateway CGI packages
information from the call to send by secure socket connection to a server-like
access control program on a secure host system which can reconstitute the call
if authenticated and/or validated and serve the request, returning the sought after
data or resource through an encrypted channel if desired. Variations for high throughput
environments and operation with application program session controllers are described.