Hybrid Java-C network appliance
First Claim
Patent Images
1. A method for applying security policies to data in a network, said method comprising the steps of:
- intercepting data being transferred across the network;
determining that a security function to be performed can be offloaded for acceleration;
utilizing a JAVA®
Cryptographic Engine (JCE) to transparently offload the data;
performing the security function in hardware, said hardware performing the steps of;
entering a request in a JCE layer for a cryptographic function to be performed;
invoking JAVA®
Native Interface (JNI) hooks in a JNI layer to function as an interface to an operating system specific C programming language interface library;
unpacking data from the intercepted data so that the unpacked data can be manipulated in the operating system specific programming language; and
marshalling the unpacked data in a cryptographic messaging layer so that the unpacked data can be transformed to a standard format.
1 Assignment
0 Petitions
Accused Products
Abstract
A network appliance that runs both C and Java integrated software to provide a flexible architecture for rapid prototyping of XML security functionality, including SSL acceleration, XML encryption, XML decryption, XML signature, and XML verification, while the network appliance continues to provide high-speed performance.
11 Citations
12 Claims
-
1. A method for applying security policies to data in a network, said method comprising the steps of:
-
intercepting data being transferred across the network; determining that a security function to be performed can be offloaded for acceleration; utilizing a JAVA®
Cryptographic Engine (JCE) to transparently offload the data;performing the security function in hardware, said hardware performing the steps of; entering a request in a JCE layer for a cryptographic function to be performed; invoking JAVA®
Native Interface (JNI) hooks in a JNI layer to function as an interface to an operating system specific C programming language interface library;unpacking data from the intercepted data so that the unpacked data can be manipulated in the operating system specific programming language; and marshalling the unpacked data in a cryptographic messaging layer so that the unpacked data can be transformed to a standard format. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
Specification