Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Protection at a particular protocol layer
Patent
1997-01-27
1999-08-24
Beausoliel, Jr., Robert W.
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Protection at a particular protocol layer
G06F 1300
Patent
active
059419881
ABSTRACT:
A method of merging two separate TCP connections terminating at a common host and "gluing" them into a single connection between two end systems, where the single connection preserves TCP end-to-end semantics. The technique retains the session setup functions of the transport layer proxy, but provides a method to push the data copying into kernel space to improve the relay operation. More specifically, a byte stream arriving on one end of the split connection is mapped directly into the sequence number space of the other split connection. This process of mapping, or TCP gluing, involves updating a subset of TCP and IP header fields; that is, source and destination addresses, port numbers, sequence numbers and checksum. The changes to the TCP/IP packet headers are on-the-fly as packets are relayed over the glued connection between the original separate TCP connections.
REFERENCES:
patent: 5021949 (1991-06-01), Morten et al.
patent: 5249292 (1993-09-01), Chiappa
patent: 5550816 (1996-08-01), Hardwick et al.
patent: 5566170 (1996-10-01), Bakke et al.
patent: 5668809 (1997-09-01), Rostoker et al.
patent: 5692124 (1997-11-01), Holden et al.
patent: 5781715 (1998-07-01), Sheu
patent: 5802287 (1998-09-01), Rostoker et al.
patent: 5848227 (1998-10-01), Sheu
patent: 5852721 (1998-12-01), Dillon et al.
Bellovin et al., "Network Firewalls", IEEE, pp. 1-8, Sep. 1994.
Chinitz et al., "Snare Works: A Transparent Security Framework for TCP/IP and Legacy Application", An Intellisoft White Paper, pp. 1-14, Aug. 1996.
Parker, "Teach Yourself TCP/IP in 14 Days", SAMS Publishing, pp. 89-111, Apr. 1996.
Siyan et al., "Internet Firewalls and Network Security", New Riders Publishing, pp. 154-173, 273-302, and 306-316, Jan. 1995.
David Koblas and Michelle R. Koblas, "SOCKS", UNIX Security Symposium, USENIX Association (199.sub.-), pp. 77-83.
Ying-Da Lee, "SOCKS: A protocol for TCP proxy across firewalls", http://www.socks.nec.com/socks4.protocol.
M. Leech, M. Ganis, Y. Lee, R. Kuris, D. Koblas, and L. Jones, "SOCKS Protocol Version 5", ftp://ds.internic.net/rfc/rfc1928.txt.
Bhagwat Pravin
Maltz David Aaron
Beausoliel, Jr. Robert W.
Cameron Douglas W.
Elmore Stephen C.
International Business Machines - Corporation
LandOfFree
Session and transport layer proxies via TCP glue does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Session and transport layer proxies via TCP glue, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Session and transport layer proxies via TCP glue will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-462680