Communication stack for network communication and routing

US 7,191,248 B2
Filed: 08/29/2003
Issued: 03/13/2007
Est. Priority Date: 08/29/2003
Status: Active Grant

First Claim

Patent Images

1. A computer-readable medium having computer-executable components of a communication stack on an origin computer for delivering a message from an application on the origin computer to an application on a target computer, the communication stack comprising:

a message layer interfacing with the application to obtain from the application on the origin computer a message to be delivered to the application on the target computer and routing information identifying the target computer and routing computers in a selected route to the target computer, the routing information including data identifying a transport protocol to be used with each routing computer in the selected route to the target computer;

a communication layer callable by the message layer to open a secured connection to the target computer through the selected route provided by the application on the origin computer and sending a message payload to the target computer through the connection;

a security layer callable by the communication layer for performing security operations on outgoing and incoming network communications;

a transport protocol layer callable by the communication layer for sending messages via a selected transport protocol, the transparent protocol layer having a plurality of plug-in transport protocol modules implementing different transport protocols;

the communication layer being programmed to use the transport protocol layer to send a connection message via the selected route to the target computer to establish the secured connection, and call the security layer after the secured connection is established to negotiate security parameters with the target computer and perform security operations on subsequent communications with the target computer.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A communication stack enables computers implementing it to send, receive, or route network communications. The communication stack includes a message layer, a communication layer, a security layer, and a transport protocol layer, with plug-in transport protocol modules and plug-in security protocol modules. Each of the origin computer, target computer, and routing computers involved in delivering a message implements the communication stack. An application on the origin computer calls the message layer of the computer to send messages to a target computer and identifies routing computers on the route for delivering the message to the target computer. The message layer calls the communication layer to establish a connection to the target computer. The communication layer uses the transport protocol layer to establish an initial connection with the target computer, and uses the security layer to negotiate security parameters and to handle secured communications between the origin and target computers.

137 Citations

28 Claims

1. A computer-readable medium having computer-executable components of a communication stack on an origin computer for delivering a message from an application on the origin computer to an application on a target computer, the communication stack comprising:
- a message layer interfacing with the application to obtain from the application on the origin computer a message to be delivered to the application on the target computer and routing information identifying the target computer and routing computers in a selected route to the target computer, the routing information including data identifying a transport protocol to be used with each routing computer in the selected route to the target computer;
  
  a communication layer callable by the message layer to open a secured connection to the target computer through the selected route provided by the application on the origin computer and sending a message payload to the target computer through the connection;
  
  a security layer callable by the communication layer for performing security operations on outgoing and incoming network communications;
  
  a transport protocol layer callable by the communication layer for sending messages via a selected transport protocol, the transparent protocol layer having a plurality of plug-in transport protocol modules implementing different transport protocols;
  
  the communication layer being programmed to use the transport protocol layer to send a connection message via the selected route to the target computer to establish the secured connection, and call the security layer after the secured connection is established to negotiate security parameters with the target computer and perform security operations on subsequent communications with the target computer.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. A computer-readable medium as in claim 1, wherein the plug-in transport protocol modules implement TCP and UDP.
  - 3. A computer-readable medium as in claim 1, wherein the security layer has a plurality of plug-in security protocol modules selectable for applying different security mechanisms.
  - 4. A computer-readable medium as in claim 1, wherein the message layer on the origin computer receives the message to be delivered and routing information from the application on the origin computer in an XML document.
  - 5. A computer-readable medium as in claim 1, wherein the message layer on the origin computer is programmed to store the message to be delivered in a persistent storage if said message cannot be delivered at a present time.
  - 6. A computer-readable medium as in claim 1, wherein the communication stack further includes a plurality of cryptographic application programming interface (API) functions callable for providing cryptographic services.
  - 7. A computer-readable medium as in claim 1, wherein the security layer on the origin computer is programmed to negotiate security parameters with a corresponding security layer of a corresponding communication stack on the target computer after the secured connection is established between the origin computer and the target computer.
  - 8. A computer-readable medium as in claim 1, wherein the security layer is programmed to negotiate with the corresponding security layer of the target computer to obtain a symmetric security key for encrypting and signing subsequent communications with the target computer after the secured connection is established between the origin computer and the target computer.
  - 9. A computer-readable medium as in claim 1, wherein the message payload has a message header containing data identifying computers in the route to the target computer.
  - 10. A computer-readable medium as in claim 1, wherein the message layer exposes a first group of application programming interface (API) functions callable by the application on the origin computer to use functionality of the message layer for message delivery.
  - 11. A computer-readable medium as in claim 10, wherein the communication layer exposes a second group of application programming interface (API) functions callable by the message layer to use functionality of the communication layer.
  - 12. A computer-readable medium as in claim 11, wherein the security layer exposes a third group of application programming interface (API) functions callable by the communication layer for performing security operations.
  - 13. A computer-readable medium as in claim 12, wherein the transport protocol layer exposes a fourth group of application programming interface (API) functions callable by the communication layer and the security layer for sending messages using a selected pluggable transport protocol module.

14. A method for delivering a message to a target computer, comprising:
- providing a communication stack on an origin computer having a message layer, a communication layer, a security layer, and a transport protocol layer, the transport layer having a plurality of plug-in transport protocol modules implementing different transport protocols; and
  
  invoking the message layer to deliver the message, including passing to the message layer the message to be delivered to the target computer and routing information identifying the target computer and routing computers in a selected route to the target computer, the routing information including data identifying a transport protocol to be used with each routing computer in the selected route to the target computer,the communication layer being callable by the message layer to open a secured connection to the target computer through the selected route provided by an application on the origin computer and send messages to the target computer through the connection, the security layer being callable by the communication layer for performing security operations on outgoing and incoming network communications, and the transport protocol layer being callable by the communication layer for sending messages via a selected transport protocol module, the communication layer being programmed to use the transport protocol layer to send a connection message via the selected route to the target computer to establish the secured connection, and to call the security layer to negotiate security parameters with the target computer and perform security operations on subsequent communications with the target computer after establishing the secured connection.
- View Dependent Claims (15, 16, 17, 18, 19)
- - 15. A method as in claim 14, wherein the step of invoking the message layer calls an application programming interface (API) function exposed by the message layer.
  - 16. A method as in claim 14, wherein transport protocol module is used with each routing computer.
  - 17. A method as in claim 14, wherein the step of invoking the message layer includes passing information to the message layer identifying a plurality of security mechanisms to be tried by the security layer with the target computer for establishing security parameters after the secured connection is established between the origin computer and the target computer.
  - 18. A method as in claim 14, wherein the step of invoking the message layer includes passing the message to be sent to the target computer and routing information in an XML document.
  - 19. A method as in claim 14, wherein the message layer is programmed to store a message to be delivered to the target computer in a persistent storage if said message cannot be delivered at a present time.

20. A computer networking system for network communications, comprising:
- an origin computer, a target computer, and at least one routing computer disposed between the origin computer and target computer for routing network communications between the origin and target computers, each of the origin, target, and routing computers implementing a communication stack including a message layer, a communication layer, a security layer, and a transport protocol layer, the transport protocol layer of the origin computer having a plurality of plug-in transport protocol modules implementing different transport protocols; and
  
  an application on the origin computer using the communication stack on the origin computer to delivery a message to a target application on the target computer by invoking the message layer of the origin computer and passing the message to be delivered and routing information identifying a selected route from the origin computer to the target computer, said selected route including said at least one routing computer, said routing information including data identifying a transport protocol to be used with each routing computer in the selected route to the target computer;
  
  wherein the message layer of the origin computer calls the communication layer of the origin computer to connect to the target computer, the communication layer of the origin computer calls the transport protocol layer of the origin computer to send a connection message through the selected route to the target computer to establish a secured connection, and calls the security layer of the origin computer to negotiate security parameters with the security layer of the target computer and to perform security operations on subsequent messages sent to and received from the target computer after the secured connection is established, andwherein the communication stack of the routing computer receives the connection message, recognizes that the routing computer is not a destination of the connection message, forwards the connection message to a next stop in the selected route toward the target computer, and routes subsequent communications between the origin computer and the target computer.
- View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28)
- - 21. A computer networking system as in claim 20, wherein the communication stack of the target computer recognizes that the target computer is the destination of the connection message and calls the security layer of the communication stack of the target computer to negotiate with the security layer of the communication stack of the origin computer.
  - 22. A computer networking system as in claim 21, wherein the communication stack of the target computer registers a message handler for the target application to receive communications from the origin computer.
  - 23. A computer networking system as in claim 20, wherein the application on the origin computer passes the message to be delivered and the routing information to the message layer in an XML document.
  - 24. A computer networking system as in claim 20, wherein the plug-in transport protocol modules implement TCP and UDP.
  - 25. A computer networking system as in claim 20, wherein the security layer of the origin computer has a plurality of plug-in security protocol modules selectable for applying different security mechanisms.
  - 26. A computer networking system as in claim 20, wherein the message layers of the origin and routing computers are programmed to store a message to be delivered to the target computer in a persistent storage if said message cannot be delivered at a present time.
  - 27. A computer networking system as in claim 20, wherein the communication stack of the origin computer further includes a plurality of cryptographic application programming interface (API) functions callable for providing cryptographic services.
  - 28. A computer networking system as in claim 20, wherein each message to be delivered by the origin computer to the target computer has a message header containing data identifying routing computers in the selected route to the target computer.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Padisetty, Sivaprasad, Chattopadhyay, Somak, Gulick, Trevor
Primary Examiner(s)
Najjar; Saleh
Assistant Examiner(s)
Korobov; V.

Application Number

US10/651,780
Publication Number

US 20050050203A1
Time in Patent Office

1,292 Days
Field of Search

709/217, 709/218, 709227-230, 709236-238, 709249-250, 710/11
US Class Current

709/238
CPC Class Codes

H04L 63/0428   wherein the data content is...

H04L 67/63   Routing a service request d...

H04L 69/16   Implementation or adaptatio...

H04L 69/161   Implementation details of T...

H04L 69/22   Parsing or analysis of headers

H04L 69/24   Negotiation of communicatio...

H04L 69/329   in the application layer [O...

H04L 9/40   Network security protocols

Communication stack for network communication and routing

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

137 Citations

28 Claims

Specification

Solutions

Use Cases

Quick Links

Communication stack for network communication and routing

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

137 Citations

28 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links