XML message validation in a network infrastructure element

US 20070005786A1
Filed: 06/21/2006
Published: 01/04/2007
Est. Priority Date: 06/21/2005
Status: Active Grant

First Claim

Patent Images

1. A data processing apparatus, comprising:

a plurality of network interfaces that are coupled to a data network for receiving one or more packets therefrom and sending one or more packets thereto;

one or more processors;

a switching system coupled to the one or more processors and packet forwarding logic, wherein the switching system and packet forwarding logic are configured to receive packets on a first network interface, determine a second network interface on which to send the packets, and to send the packets on the second network interface;

logic which when executed by the one or more processors is operable to cause;

receiving and storing one or more validation scope rules that define a portion of an extensible markup language (XML) schema for validation;

receiving and storing the XML schema;

receiving over the network an application-layer message comprising one or more of the packets;

identifying a particular XML element in an XML payload of the application-layer message, wherein the particular XML element is within the portion of the XML schema defined in the one or more validation scope rules;

determining whether the particular XML element conforms to the XML schema; and

performing a responsive action based on whether the particular XML element conforms to the XML schema.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A network infrastructure element such as a router or switch performs transparent and optimized validation of XML schemas of XML payloads received in the network element. The network element comprises logic for receiving and storing one or more validation scope rules that define a portion of an extensible markup language (XML) schema for validation; receiving and storing the XML schema; receiving over the network an application-layer message comprising one or more of the packets; identifying a particular XML element in an XML payload of the application-layer message, wherein the particular XML element is within the portion of the XML schema defined in the one or more validation scope rules; determining whether the particular XML element conforms to the XML schema; and performing a responsive action based on whether the particular XML element conforms to the XML schema.

219 Citations

44 Claims

1. A data processing apparatus, comprising:
- a plurality of network interfaces that are coupled to a data network for receiving one or more packets therefrom and sending one or more packets thereto;
  
  one or more processors;
  
  a switching system coupled to the one or more processors and packet forwarding logic, wherein the switching system and packet forwarding logic are configured to receive packets on a first network interface, determine a second network interface on which to send the packets, and to send the packets on the second network interface;
  
  logic which when executed by the one or more processors is operable to cause;
  
  receiving and storing one or more validation scope rules that define a portion of an extensible markup language (XML) schema for validation;
  
  receiving and storing the XML schema;
  
  receiving over the network an application-layer message comprising one or more of the packets;
  
  identifying a particular XML element in an XML payload of the application-layer message, wherein the particular XML element is within the portion of the XML schema defined in the one or more validation scope rules;
  
  determining whether the particular XML element conforms to the XML schema; and
  
  performing a responsive action based on whether the particular XML element conforms to the XML schema.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The data processing apparatus of claim 1, wherein the logic when executed by the one or more processors is operable to cause:
    - receiving the XML schema and one or more programmatic element objects that represent XML elements of the schema, wherein each element object comprises a constructor method which when executed returns a valid data type of that element object;
      
      invoking the constructor method of a particular element object that corresponds to the particular XML element; and
      
      performing a responsive action based on whether invoking the constructor method succeeds.
  - 3. The data processing apparatus of claim 1, wherein one of the validation scope rules defines all of the XML schema for validation.
  - 4. The data processing apparatus of claim 2, wherein the logic when executed by the one or more processors is operable to cause:
    - receiving one or more constraint functions for one or more of the element objects, wherein each of the constraint functions specifies a constraint to which a valid XML element must conform;
      
      storing the one or more constraint functions in executable form in the one or more element objects.
  - 5. The data processing apparatus of claim 2, wherein the logic when executed by the one or more processors is operable to cause:
    - receiving unique hash codes for each of the element objects;
      
      storing the unique hash codes, portions of the XML schema corresponding to the element objects associated with the hash codes, and the one or more element objects in the apparatus in a hashtable.
  - 6. The data processing apparatus of claim 5, wherein the logic when executed by the one or more processors is operable to cause:
    - looking up, in the hashtable, a name of a particular XML element in an XML payload of the application-layer message;
      
      invoking the constructor method of a particular element object that is found in the hashtable and that corresponds to the particular XML element.
  - 7. The data processing apparatus of claim 2, wherein the logic when executed by the one or more processors is operable to cause discarding the received application-layer message when invoking the constructor method fails.
  - 8. The data processing apparatus of claim 2, wherein the logic when executed by the one or more processors is operable to cause forwarding the received application-layer message to a next hop when invoking the constructor method succeeds for all XML elements in the XML payload of the application-layer message.
  - 9. The data processing apparatus of claim 2, wherein the logic when executed by the one or more processors is operable to perform, based on whether the constructor method succeeds, any one of:
    - discarding the received application-layer message;
      
      forwarding the received application-layer message to a next hop;
      
      generating a notification message; and
      
      creating a log file entry.
  - 10. The data processing apparatus of claim 2, wherein the logic when executed by the one or more processors is operable to perform receiving the element objects after the element objects have been compiled by a compiler of an object-oriented programming language that generates objects having data types.
  - 11. The data processing apparatus of claim 1, wherein the responsive action comprises any one of:
    - discarding the received application-layer message;
      
      forwarding the received application-layer message to a next hop;
      
      generating a notification message; and
      
      creating a log file entry.

12. A data processing apparatus, comprising:
- a plurality of network interfaces that are coupled to a data network for receiving one or more packets therefrom and sending one or more packets thereto;
  
  one or more processors;
  
  a switching system coupled to the one or more processors and packet forwarding logic, wherein the switching system and packet forwarding logic are configured to receive packets on a first network interface, determine a second network interface on which to send the packets, and to send the packets on the second network interface;
  
  means for receiving and storing one or more validation scope rules that define a portion of an extensible markup language (XML) schema for validation;
  
  means for receiving and storing the XML schema;
  
  means for receiving over the network an application-layer message comprising one or more of the packets;
  
  means for identifying a particular XML element in an XML payload of the application-layer message, wherein the particular XML element is within the portion of the XML schema defined in the one or more validation scope rules;
  
  means for determining whether the particular XML element conforms to the XML schema; and
  
  means for performing a responsive action based on whether the particular XML element conforms to the XML schema.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
- - 13. The data processing apparatus of claim 12, further comprising:
    - means for receiving the XML schema and one or more programmatic element objects that represent XML elements of the schema, wherein each element object comprises a constructor method which when executed returns a valid data type of that element object;
      
      means for invoking the constructor method of a particular element object that corresponds to the particular XML element; and
      
      means for performing a responsive action based on whether invoking the constructor method succeeds.
  - 14. The data processing apparatus of claim 12, wherein one of the validation scope rules defines all of the XML schema for validation.
  - 15. The data processing apparatus of claim 13, further comprising:
    - means for receiving one or more constraint functions for one or more of the element objects, wherein each of the constraint functions specifies a constraint to which a valid XML element must conform;
      
      means for storing the one or more constraint functions in executable form in the one or more element objects.
  - 16. The data processing apparatus of claim 13, further comprising:
    - means for receiving unique hash codes for each of the element objects;
      
      means for storing the unique hash codes, portions of the XML schema corresponding to the element objects associated with the hash codes, and the one or more element objects in the apparatus in a hashtable.
  - 17. The data processing apparatus of claim 16, further comprising:
    - means for looking up, in the hashtable, a name of a particular XML element in an XML payload of the application-layer message;
      
      means for invoking the constructor method of a particular element object that is found in the hashtable and that corresponds to the particular XML element.
  - 18. The data processing apparatus of claim 13, further comprising means for discarding the received application-layer message when invoking the constructor method fails.
  - 19. The data processing apparatus of claim 13, further comprising means for forwarding the received application-layer message to a next hop when invoking the constructor method succeeds for all XML elements in the XML payload of the application-layer message.
  - 20. The data processing apparatus of claim 13, means for performing, based on whether the constructor method succeeds, any one of:
    - discarding the received application-layer message;
      
      forwarding the received application-layer message to a next hop;
      
      generating a notification message; and
      
      creating a log file entry.
  - 21. The data processing apparatus of claim 13, further comprising means for receiving the element objects after the element objects have been compiled by a compiler of an object-oriented programming language that generates objects having data types.
  - 22. The data processing apparatus of claim 12, wherein the responsive action comprises any one of:
    - discarding the received application-layer message;
      
      forwarding the received application-layer message to a next hop;
      
      generating a notification message; and
      
      creating a log file entry.

23. A computer-implemented method, comprising:
- receiving, in a network infrastructure element comprising a plurality of network interfaces that are coupled to a data network for receiving one or more packets therefrom and sending one or more packets thereto, one or more processors, and a switching system coupled to the one or more processors and packet forwarding logic, wherein the switching system and packet forwarding logic are configured to receive packets on a first network interface, determine a second network interface on which to send the packets, and to send the packets on the second network interface, one or more validation scope rules that define a portion of an extensible markup language (XML) schema for validation;
  
  receiving and storing the XML schema;
  
  receiving over the network an application-layer message comprising one or more of the packets;
  
  identifying a particular XML element in an XML payload of the application-layer message, wherein the particular XML element is within the portion of the XML schema defined in the one or more validation scope rules;
  
  determining whether the particular XML element conforms to the XML schema; and
  
  performing a responsive action based on whether the particular XML element conforms to the XML schema.
- View Dependent Claims (24, 25, 26, 27, 28, 29, 30, 31, 32, 33)
- - 24. The method of claim 23, further comprising:
    - receiving the XML schema and one or more programmatic element objects that represent XML elements of the schema, wherein each element object comprises a constructor method which when executed returns a valid data type of that element object;
      
      invoking the constructor method of a particular element object that corresponds to the particular XML element; and
      
      performing a responsive action based on whether invoking the constructor method succeeds.
  - 25. The method of claim 23, wherein one of the validation scope rules defines all of the XML schema for validation.
  - 26. The method of claim 24, further comprising:
    - receiving one or more constraint functions for one or more of the element objects, wherein each of the constraint functions specifies a constraint to which a valid XML element must conform;
      
      storing the one or more constraint functions in executable form in the one or more element objects.
  - 27. The method of claim 24, further comprising:
    - receiving unique hash codes for each of the element objects;
      
      storing the unique hash codes, portions of the XML schema corresponding to the element objects associated with the hash codes, and the one or more element objects in the apparatus in a hashtable.
  - 28. The method of claim 27, further comprising:
    - looking up, in the hashtable, a name of a particular XML element in an XML payload of the application-layer message;
      
      invoking the constructor method of a particular element object that is found in the hashtable and that corresponds to the particular XML element.
  - 29. The method of claim 24, further comprising discarding the received application-layer message when invoking the constructor method fails.
  - 30. The method of claim 24, further comprising forwarding the received application-layer message to a next hop when invoking the constructor method succeeds for all XML elements in the XML payload of the application-layer message.
  - 31. The method of claim 24, further comprising performing, based on whether the constructor method succeeds, any one of:
    - discarding the received application-layer message;
      
      forwarding the received application-layer message to a next hop;
      
      generating a notification message; and
      
      creating a log file entry.
  - 32. The method of claim 24, further comprising receiving the element objects after the element objects have been compiled by a compiler of an object-oriented programming language that generates objects having data types.
  - 33. The method of claim 23, wherein the responsive action comprises any one of:
    - discarding the received application-layer message;
      
      forwarding the received application-layer message to a next hop;
      
      generating a notification message; and
      
      creating a log file entry.

34. A computer-readable storage medium encoded with logic which when executed by one or more processors is operable to cause:
- receiving, in a network infrastructure device comprising a plurality of network interfaces that are coupled to a data network for receiving one or more packets therefrom and sending one or more packets thereto, the one or more processors, and a switching system coupled to the one or more processors and packet forwarding logic, wherein the switching system and packet forwarding logic are configured to receive packets on a first network interface, determine a second network interface on which to send the packets, and to send the packets on the second network interface, one or more validation scope rules that define a portion of an extensible markup language (XML) schema for validation;
  
  receiving and storing the XML schema;
  
  receiving over the network an application-layer message comprising one or more of the packets;
  
  identifying a particular XML element in an XML payload of the application-layer message, wherein the particular XML element is within the portion of the XML schema defined in the one or more validation scope rules;
  
  determining whether the particular XML element conforms to the XML schema; and
  
  performing a responsive action based on whether the particular XML element conforms to the XML schema.
- View Dependent Claims (35, 36, 37, 38, 39, 40, 41, 42, 43, 44)
- - 35. The computer-readable medium of claim 34, wherein the logic when executed by the one or more processors is operable to cause:
    - receiving the XML schema and one or more programmatic element objects that represent XML elements of the schema, wherein each element object comprises a constructor method which when executed returns a valid data type of that element object;
      
      invoking the constructor method of a particular element object that corresponds to the particular XML element; and
      
      performing a responsive action based on whether invoking the constructor method succeeds.
  - 36. The computer-readable medium of claim 34, wherein one of the validation scope rules defines all of the XML schema for validation.
  - 37. The computer-readable medium of claim 35, wherein the logic when executed by the one or more processors is operable to cause:
    - receiving one or more constraint functions for one or more of the element objects, wherein each of the constraint functions specifies a constraint to which a valid XML element must conform;
      
      storing the one or more constraint functions in executable form in the one or more element objects.
  - 38. The computer-readable medium of claim 35, wherein the logic when executed by the one or more processors is operable to cause:
    - receiving unique hash codes for each of the element objects;
      
      storing the unique hash codes, portions of the XML schema corresponding to the element objects associated with the hash codes, and the one or more element objects in the apparatus in a hashtable.
  - 39. The computer-readable medium of claim 38, wherein the logic when executed by the one or more processors is operable to cause:
    - looking up, in the hashtable, a name of a particular XML element in an XML payload of the application-layer message;
      
      invoking the constructor method of a particular element object that is found in the hashtable and that corresponds to the particular XML element.
  - 40. The computer-readable medium of claim 35, wherein the logic when executed by the one or more processors is operable to cause discarding the received application-layer message when invoking the constructor method fails.
  - 41. The computer-readable medium of claim 35, wherein the logic when executed by the one or more processors is operable to cause forwarding the received application-layer message to a next hop when invoking the constructor method succeeds for all XML elements in the XML payload of the application-layer message.
  - 42. The computer-readable medium of claim 35, wherein the logic when executed by the one or more processors is operable to perform, based on whether the constructor method succeeds, any one of:
    - discarding the received application-layer message;
      
      forwarding the received application-layer message to a next hop;
      
      generating a notification message; and
      
      creating a log file entry.
  - 43. The computer-readable medium of claim 35, wherein the logic when executed by the one or more processors is operable to perform receiving the element objects after the element objects have been compiled by a compiler of an object-oriented programming language that generates objects having data types.
  - 44. The computer-readable medium of claim 34, wherein the responsive action comprises any one of:
    - discarding the received application-layer message;
      
      forwarding the received application-layer message to a next hop;
      
      generating a notification message; and
      
      creating a log file entry.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Original Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Inventors
Jin, Yi, Kumar, Sandeep, Ramarao, Karempudi, Anthias, Tefcros, Jiang, Yuquan

Granted Patent

US 8,090,839 B2
Time in Patent Office

Days
Field of Search
US Class Current

709/230
CPC Class Codes

G06F 2221/2141   Access rights, e.g. capabil...

G06F 8/656   while running

H04L 41/026   using e-messaging for trans...

H04L 41/06   Management of faults, event...

H04L 41/0893   Assignment of logical group...

H04L 41/0894   Policy-based network config...

H04L 41/12   Discovery or management of ...

H04L 41/22   comprising specially adapte...

H04L 41/5003   Managing SLA; Interaction b...

H04L 41/5009   Determining service level p...

H04L 41/5012   determining service availab...

H04L 41/5096   wherein the managed service...

H04L 43/0811   by checking connectivity

H04L 45/00   Routing or path finding of ...

H04L 45/56   Routing software

H04L 45/563   Software download or update

H04L 63/0245   Filtering by information in...

H04L 63/0428   wherein the data content is...

H04L 63/08   for authentication of entit...

H04L 63/102   Entity profiles

H04L 63/12 : Applying verification of th...

H04L 67/02 : based on web technology, e....

H04L 67/34 : involving the movement of s...

H04L 69/22 : Parsing or analysis of headers

H04L 9/40 : Network security protocols

View All

XML message validation in a network infrastructure element

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

219 Citations

44 Claims

Specification

Solutions

Use Cases

Quick Links

XML message validation in a network infrastructure element

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

219 Citations

44 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links