SYSTEM AND METHOD OF OBFUSCATING QUEUE MANAGEMENT

US 20100217807A1
Filed: 02/23/2009
Published: 08/26/2010
Est. Priority Date: 02/23/2009
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method of managing message exchanges between a first computing device and a second computing device over a communications network, said method comprising:

intercepting a first message from the first computing device, transmitted to the second computing device over the communications network, where the first message includes a unique first identifier identifying the first computing device;

substituting the first identifier with a unique second identifier, which is different from the first identifier, in the first message before the first message is transmitted to the second computing device;

subsequently intercepting a second message from the second computing device, transmitted to the first computing device over the communications network, where the second message includes the second identifier; and

substituting the second identifier with the first identifier before the second message is transmitted to the first computing device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention is generally directed to a method, system, and article of manufacture that avoid exposing the sensitive information (e.g., infrastructure details) to untrusted clients. For example, in one embodiment of the present invention, message destinations are protected from a client in an HTTP bridged scenario. Thus, according to one embodiment of the present invention, the replyTo message destination are obfuscated (e.g., via a hash function) and sent to the client as a replyTo address. Consequently, the embodiments of the present invention negate the requirement to expose the sensitive information to the untrusted client applications.

Citations

24 Claims

1. A computer-implemented method of managing message exchanges between a first computing device and a second computing device over a communications network, said method comprising:
- intercepting a first message from the first computing device, transmitted to the second computing device over the communications network, where the first message includes a unique first identifier identifying the first computing device;
  
  substituting the first identifier with a unique second identifier, which is different from the first identifier, in the first message before the first message is transmitted to the second computing device;
  
  subsequently intercepting a second message from the second computing device, transmitted to the first computing device over the communications network, where the second message includes the second identifier; and
  
  substituting the second identifier with the first identifier before the second message is transmitted to the first computing device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method according to claim 1, wherein said substituting applies a hash function to the unique first identifier to produce the unique second identifier.
  - 3. The method according to claim 2, further comprising storing the first identifier and second identifier in a hash table.
  - 4. The method according to claim 1, wherein the message includes a message-oriented middleware message.
  - 5. The method according to claim 1, wherein the message includes a replyTo header and at least one of the first identifier and second identifier are included in the reply to header.
  - 6. The method according to claim 1, wherein the unique first identifier identifies a queue manager
  - 7. The method according to claim 1, wherein the unique first identifier identifies a queue name.
  - 8. The method according to claim 1, wherein the first message is transmitted according to the Hyper-Text Transmission Protocol.

9. A computer-readable medium embodying computer-readable instructions, that when executed adapt a computing device to perform a method of managing message exchanges between a first computing device and a second computing device over a communications network, said method comprising:
- intercepting a first message from the first computing device, transmitted to the second computing device over the communications network, where the first message includes a unique first identifier identifying the first computing device;
  
  substituting the first identifier with a unique second identifier, which is different from the first identifier, in the first message before the first message is transmitted to the second computing device;
  
  subsequently intercepting a second message from the second computing device, transmitted to the first computing device over the communications network, where the second message includes the unique second identifier; and
  
  substituting the unique second identifier with the unique first identifier before the second message is transmitted to the first computing device.
- View Dependent Claims (10, 11, 12, 13, 15, 16)
- - 10. The computer-readable medium according to claim 9, wherein the first computing device applies a hash function to the unique first identifier to produce the unique second identifier.
  - 11. The computer-readable medium according to claim 10, further comprising storing, by the first computing device, the unique first identifier and the unique second identifier in a hash table.
  - 12. The computer-readable medium according to claim 9, wherein the first message includes a message-oriented middleware message.
  - 13. The computer-readable medium according to claim 9, wherein the message includes a replyTo header and the unique first identifier and the unique second identifier are included therein.
  - 15. The computer-readable medium according to claim 9, wherein the unique first identifier identifies a queue name.
  - 16. The computer-readable medium according to claim 9, wherein the message is transmitted according to a Hyper-Text Transmission Protocol.

14. The computer-readable medium according to claim, wherein the unique first identifier identifies a queue manager

17. A system of managing message exchanges, comprising:
- a communications network connecting a plurality of computing devices;
  
  a first computing device connected to the communications network and adapted to send and receive messages;
  
  a second computing device connected to the communications network and adapted to send and receive messages;
  
  a third computing device connected to the communications network and including;
  
  a means for intercepting a first message from the first computing device, transmitted to the second computing device, wherein the first message includes a unique first identifier identifying the first computing device;
  
  a means for substituting the unique first identifier with a unique second identifier, which is different from the unique first identifier, in the first message before the first message is transmitted to the second computing device;
  
  a means for subsequently intercepting a second message from the second computing device, wherein the unique second message includes the unique second identifier;
  
  a means for substituting the unique second identifier with the unique first identifier before the second message is transmitted to the first computing device.
- View Dependent Claims (18, 19, 20, 21, 22, 23, 24)
- - 18. The system according to claim 17, wherein the third computing device applies a hash function to the unique first identifier to produce the unique second identifier.
  - 19. The system according to claim 18, further comprising storing, by the third computing device, the unique first identifier and the unique second identifier in a hash table.
  - 20. The system according to claim 17, wherein the message includes a message oriented middleware message
  - 21. The system according to claim 17, wherein the message includes a replyTo header and at least one of the unique first identifier and the unique second identifier are included in the reply To header.
  - 22. The system according to claim 17, wherein the unique first identifier identifies a queue manager
  - 23. The system according to claim 17, wherein the unique first identifier identifies a queue name.
  - 24. The system according to claim 17, wherein the message is transmitted according to Hyper-Text Transmission Protocol.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Hawkins, John Christopher

Granted Patent

US 8,005,923 B2
Time in Patent Office

Days
Field of Search
US Class Current

709/206
CPC Class Codes

G06F 9/546 Message passing systems or ...

SYSTEM AND METHOD OF OBFUSCATING QUEUE MANAGEMENT

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

SYSTEM AND METHOD OF OBFUSCATING QUEUE MANAGEMENT

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links