Electrical computers and digital processing systems: multicomput – Computer-to-computer session/connection establishing
Reexamination Certificate
2000-01-26
2002-02-26
Maung, Zarni (Department: 2155)
Electrical computers and digital processing systems: multicomput
Computer-to-computer session/connection establishing
C709S219000, C709S248000
Reexamination Certificate
active
06351772
ABSTRACT:
BACKGROUND OF THE INVENTION
TECHNICAL FIELD OF THE INVENTION
The present invention relates to computer system communications, and more particularly to a server for supporting connection-oriented type applications (also called “state” applications) over a connectionless-oriented (“stateless”) type protocol.
BACKGROUND OF THE INVENTION
Internet workstations are connectionless-oriented socket clients or applications that connect to a server only long enough to retrieve an installment of data.
Once the data is retrieved, connectionless oriented socket applications generally disconnect until the next data transaction is initiated by the client. Connection oriented applications assume that the client maintains the connection to the server for the duration of the session. The client only disconnects when the session is being ended.
With connection-oriented applications, the identity and synchronization of both the client and server are known to both sides of the connection. Thus, it is taken for granted that the client is trusted and the data exchange is synchronized (in particular, the “current” or “active” application panel is known).
However, in connectionless-oriented applications, in which the Hypertext Transfer Protocol (HTTP) class of service belongs, this connection is not maintained, and thus the identity and synchronization of either the client or server, or both, may change unknown to the other side. This has the potential to result in “out-of-sync” data exchanges, and it is not known if the reconnecting client was the original session initiator. This could “break” an application or expose sensitive data to another, unauthorized client. Consequently, there is a need in the art to assure that once an application is started with a given web browser, another browser cannot come along and connect or “spoof” (that is, steal, or take over) that browsers connection and application.
The IBM 5250 datastream is a device specific datastream for an IBM AS/400 computer system. Such a device specific datastream may be a serial stream of data bytes in hexadecimal form. A Workstation Gateway (WSG), acting as a protocol converter, receives IBM 5250 datastreams from connection-oriented type applications that depend on a connected state of direct communication with the attached device. The WSG converts the native 5250 datastreams into an equivalent Hypertext Mark-up Language (HTML) document and delivers the document to the destination client host browser over a connectionless-oriented protocol, called Hypertext Transfer Protocol (HTTP).
The problem of job management is complicated by the fact that all browser-to-application sessions can only be initiated through the one WSG server that owns the socket with the “well-known” port defined for this service. Each session that is initiated must somehow be assigned to another WSG server by the one WSG server owning the “well-known” port.
It is an object therefore of the invention to provide an internet connection for a workstation gateway that supports connection-oriented type applications (can also be called “state” applications) over a connectionless-oriented (or “stateless”) type protocol.
It is a further object of the invention to provide a workstation gateway server that supports and connects/reconnects multiple applications and clients through a single server, which maintains the illusion of a connectionless-oriented environment to the browser and a connection-oriented appearance to the interactive application.
It is a further object of the invention to manage multiplexing of web browsers and applications through one or more workstation gateway servers, where each such server may handle one or more browser to application connections.
It is a further object of the invention to provide a connectionless-oriented environment in which screen spoofing does not occur.
SUMMARY OF THE INVENTION
In accordance with this invention, in an internet system having a plurality of applications, and a plurality of servers for attachment from a plurality of web browsers, the system supports connection-oriented applications over a connectionless protocol. At least one of the servers is a master server Work Station Gateway owning a well-known port, and the other servers are slave servers supporting established web browser to application state sessions.
In accordance with a further aspect of the invention, dynamic session authentication checking is done by the server to prevent the occurrence of screen spoofing. This is accomplished by providing authentication keys which are unique to each session and each panel, such that spoofing can only occur via real-time interception of the keys.
REFERENCES:
patent: 5604896 (1997-02-01), Duxbury et al.
patent: 5708780 (1998-01-01), Levergood et al.
patent: 5754774 (1998-05-01), Bittinger et al.
patent: 5754830 (1998-05-01), Butts et al.
patent: 5805823 (1998-09-01), Seitz
patent: 5838682 (1998-11-01), Dekelbaum et al.
patent: 6049820 (2000-04-01), Murphy, Jr. et al.
Williams, Ross N.A Painless Guide to CRC Error Detection Algorithms, Version 3, Rocksoft Pty Ltd, Hazelwood Park, Australia, 46 pages, Aug. 19, 1993.
Stevens, W. Richard.UNIX Network Programming, Prentice Hall Software Series, copyright 1990, pp. 260-261.
Ritter, Terry. “The Great CRC Mystery,”Dr. Dobb's Journal, Feb. 1986, 6 pages, beginning at p. 26.
IBM.IBM AS/400 System API Reference, vol. 1 Version 3. IBM publication SC41-3801-00, Sep. 1994, pp. 65-3 through 65-74.
T. Berners-Lee et al., Uniform Resource Locators (URL), Network Working Group, RFC d1738, pp. 1-25, Dec. 1994.
William Stallings, Data and Computer Communications, 4th Ed., Prentice Hall, pp. 582-587, Jan 1994.
Murphy, Jr. Thomas Edwin
Stevens Jeffrey Scott
Beckstrand Shelley M
Maung Zarni
Winder Patrice
LandOfFree
Multiplexing of clients and applications among multiple servers does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Multiplexing of clients and applications among multiple servers, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Multiplexing of clients and applications among multiple servers will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2939520