Vault controller dispatcher and methods of operation for handling interaction between browser sessions and vault processes in electronic business systems
First Claim
Patent Images
1. In a vault controller for conducting electronic business between a message source and an application running in a secure vault in the controller, a dispatcher in the secure vault for processing messages between the application and the message source, comprising:
- a message listening source for receiving messages;
an event creator responsive to the message listening means for forming an event object;
an event handler means responsive to the event object for parsing the message and extracting an application domain, a local context, and an application alias name;
means for locating the application domain and application alias name in a shared library; and
a server pool responsive to the event handler for executing the application and providing a response for transmission to the message source in a non-stateless environment.
1 Assignment
0 Petitions
Accused Products
Abstract
A vault controller in an electronic business system includes a dispatcher for servicing browser requests initiated by a user for conducting business with an enterprise or organization using a vault process. The dispatcher further responds to a secure depositor receiving requests from other vault processes running in the controller. The request is in the form a URL containing an application domain/local context and application name. The request is detected and processed by event creator which forms an event object definitive of the request in the URL. An event handler parses the event object and enters a vault system application registry to locate the application in a shared memory. The location of the application is passed to a server pool, which assign a processing thread to handle the request. The thread engages a context manager which decrypts and imports application domain, application function and local context information from external storage to process the request. The application is located in the shared memory and the request implemented. The context manager encrypts and exports the processed information to external storage and provides a return code in the response to the user. The return code is used to locate the context information in a subsequent request by the user. The requests received from other vault processes through the secure depositor are handled in like manner to the user request. After execution of a user request, the vault process loops for some defined time during which other requests are received from the user. The absence of requests causes the vault process to shut down and store the variables for the next user request which retraces the steps of the original request.
86 Citations
24 Claims
-
1. In a vault controller for conducting electronic business between a message source and an application running in a secure vault in the controller, a dispatcher in the secure vault for processing messages between the application and the message source, comprising:
-
a message listening source for receiving messages;
an event creator responsive to the message listening means for forming an event object;
an event handler means responsive to the event object for parsing the message and extracting an application domain, a local context, and an application alias name;
means for locating the application domain and application alias name in a shared library; and
a server pool responsive to the event handler for executing the application and providing a response for transmission to the message source in a non-stateless environment. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
a secure depositor in the secure vault coupled to the controller for receiving requests from other vault processes running in the controller.
-
-
3. The system of claim 1 further comprising:
a secure depositor queue and a queue handler in the secure vault coupled to the event creator for transmitting requests from other vault processes running in the controller to the dispatcher for processing.
-
4. The system of claim 1 further comprising:
a context manager in the secure vault responsive to the server pool for executing the user request.
-
5. The system of claim 1 further comprising:
-
means for processing user browser requests and servicing these requests by launching the corresponding applications in the user'"'"'s own vault, thereby providing a secure application execution environment in which the application only has access to the user'"'"'s own vault contents; and
means for processing requests from other vaults and executing the corresponding applications securely in the vault environment.
-
-
6. The system of claim 1 further comprising:
means for handling interactions between user browser sessions and other vault process requests in a timely, efficient process without burdening the resources of a vault controller in responding to the request.
-
7. The system of claim 1 further comprising:
means for creating a service pool of multiple processing threads for handling requests and responses.
-
8. The system of claim 1 further comprising:
means for linking a user request to an application domain, application function and context of an application.
-
9. The system of claim 1 further comprising:
means for loading, on demand, the shared library containing the required application.
-
10. The system of claim 1 further comprising:
means for converting a function name into a function pointer for an application contained in a user request.
-
11. The system of claim 1 further comprising:
means for loading only the application contained in the user request.
-
12. The system of claim 1 further wherein the message is a URL containing descriptors of the application domain/local context and application name.
-
13. In a vault controller, an application running in a secure vault, a method for processing messages between the application and a message sources, comprising the steps of:
-
listening for requests from the message source;
forming an event object from the requests;
parsing the requests and extracting an application domain, a local context and an application alias name;
determining the location of the application and application alias name in a shared library;
loading the application in the shared library;
mapping the application to a function pointer;
queuing a request to a server pool for execution of the application; and
providing the message source with a response to the request. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21)
loading in the shared memory only the application contained in the request.
-
-
15. The method of claim 13 further comprising the step of:
receiving requests from other vault processes running in the controller.
-
16. The method of claim 13 further comprising the step of:
processing user browser requests and servicing these requests by launching the corresponding applications in the user'"'"'s own vault, thereby providing a secure application execution environment in which the application only has access to the user'"'"'s own vault contents.
-
17. The method of claim 13 further comprising the step of:
handling interactions between user browser sessions and other vault process requests in a timely, efficient process without burdening the resources of the vault controller in responding to the request.
-
18. The method of claim 13 further comprising the step of:
creating a service pool of multiple processing threads for handling requests and responses.
-
19. The method of claim 13 further comprising the step of:
linking a user request to an application domain, application function and context of an application.
-
20. The method of claim 13 further comprising the step of:
converting a function name into a function pointer for an application contained in the user request.
-
21. The method of claim 13 wherein the message is a URL containing descriptors of the application domain/local context and application name.
-
22. An article of manufacturing:
-
a program medium executable in a computer system for conducting electronic business between message sources running in a secure vault contained in a controller, the program medium comprising;
program instructions for listening to the message source and receiving messages;
program instructions responding to the messages and forming an event object;
program instructions responsive to the event object for parsing the message and extracting an application domain, a local context, and an application alias name;
program instruction for locating the application domain and application alias name in a shared library; and
program instruction for executing user requests in the application and providing a response to the controller for transmission to the user in a non-stateless environment.
-
-
23. An article of manufacturing:
-
a program medium executable in a computer system for conducting electronic business between a message source and an application running in a secure vault contained in a controller, the program medium comprising;
program instructions for listening to requests from the message source;
program instructions forming an event object from the requests;
program instructions parsing the requests and extracting an application domain, a local context and an application alias name;
program instructions determining the location and function of the application and function name in a shared library;
program instructions loading the application in the shared library;
program instructions mapping the application to a function pointer;
program instructions queuing a request to a server pool for execution of the application; and
program instructions providing a message source with a response to the request.
-
-
24. In a vault controller, a message source and an application running in a secure vault, a dispatcher in the secure vault for processing messages between the application and message source, comprising:
-
means for receiving messages;
means responsive to the messages for forming an event object;
means for parsing the message and extracting an application domain, a local context and application alias name;
means for locating the application domain and application alias name in a shared library; and
means for executing the application and providing a response for transmission to the message source in a non-stateless environment.
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeInternational Business Machines Corporation
-
Original AssigneeInternational Business Machines Corporation
-
InventorsGhafir, Hatem, Poetzschke, Dieter
-
Primary Examiner(s)Peeso, Thomas R.
-
Application NumberUS09/343,403Time in Patent Office622 DaysField of Search713/201, 713/151, 713/162, 713/164, 713/165, 713/166US Class Current726/3CPC Class CodesG06F 2209/5011 PoolG06F 9/5027 the resource being a machin...H04L 2463/102 applying security measure f...H04L 63/0428 wherein the data content is...H04L 63/0823 using certificates cryptogr...H04L 67/02 based on web technology, e....H04L 67/142 Managing session states for...H04L 67/56 Provisioning of proxy servi...H04L 67/565 Conversion or adaptation of...H04L 69/329 in the application layer [O...
