XML message validation in a network infrastructure element
First Claim
1. A data processing apparatus, comprising:
- a plurality of network interfaces that are coupled to a data network for receiving one or more packets therefrom and sending one or more packets thereto;
one or more processors;
a switching system coupled to the one or more processors and packet forwarding logic, wherein the switching system and packet forwarding logic are configured to receive packets on a first network interface, determine a second network interface on which to send the packets, and to send the packets on the second network interface;
logic which when executed by the one or more processors is operable to cause;
prior to receiving, over the data network, an application-layer message that comprises the one or more packets;
receiving and storing one or more validation scope rules that define a portion of an extensible markup language (XML) schema for validation;
receiving and storing the XML schema and one or more XML element objects that represent XML elements of the XML schema and comprise a corresponding constructor method which when executed returns a data type of one of the XML element objects;
computing hash codes for each of the XML element objects in the XML schema, and storing the hash codes in a hashtable;
wherein a hash code for an XML element object is computed by hashing a plurality of characters in the XML element object;
wherein the hashtable comprises hash codes for all the XML element objects in the XML schema;
upon receiving, over the data network, the application-layer message comprising the one or more of packets;
identifying a particular XML element in an XML payload of the application-layer message, wherein the particular XML element is within the portion of the XML schema defined in the one or more validation scope rules;
in response to finding a name of the particular XML element in the XML payload of the application-layer message in the hashtable, invoking the corresponding constructor method to return the data type of the particular XML element;
determining whether the particular XML element in the XML payload and the data type of the particular XML element conform to the XML schema by hashing a plurality of characters in an XML element object of the particular XML element to compute a particular hash value and comparing the particular hash value for the particular XML element with the hash codes stored in the hashtable; and
performing a responsive action based on whether the particular XML element conforms to the XML schema.
2 Assignments
0 Petitions
Accused Products
Abstract
A network infrastructure element such as a router or switch performs transparent and optimized validation of XML schemas of XML payloads received in the network element. The network element comprises logic for receiving and storing one or more validation scope rules that define a portion of an extensible markup language (XML) schema for validation; receiving and storing the XML schema; receiving over the network an application-layer message comprising one or more of the packets; identifying a particular XML element in an XML payload of the application-layer message, wherein the particular XML element is within the portion of the XML schema defined in the one or more validation scope rules; determining whether the particular XML element conforms to the XML schema; and performing a responsive action based on whether the particular XML element conforms to the XML schema.
173 Citations
44 Claims
-
1. A data processing apparatus, comprising:
-
a plurality of network interfaces that are coupled to a data network for receiving one or more packets therefrom and sending one or more packets thereto; one or more processors; a switching system coupled to the one or more processors and packet forwarding logic, wherein the switching system and packet forwarding logic are configured to receive packets on a first network interface, determine a second network interface on which to send the packets, and to send the packets on the second network interface; logic which when executed by the one or more processors is operable to cause; prior to receiving, over the data network, an application-layer message that comprises the one or more packets; receiving and storing one or more validation scope rules that define a portion of an extensible markup language (XML) schema for validation; receiving and storing the XML schema and one or more XML element objects that represent XML elements of the XML schema and comprise a corresponding constructor method which when executed returns a data type of one of the XML element objects; computing hash codes for each of the XML element objects in the XML schema, and storing the hash codes in a hashtable; wherein a hash code for an XML element object is computed by hashing a plurality of characters in the XML element object; wherein the hashtable comprises hash codes for all the XML element objects in the XML schema; upon receiving, over the data network, the application-layer message comprising the one or more of packets; identifying a particular XML element in an XML payload of the application-layer message, wherein the particular XML element is within the portion of the XML schema defined in the one or more validation scope rules; in response to finding a name of the particular XML element in the XML payload of the application-layer message in the hashtable, invoking the corresponding constructor method to return the data type of the particular XML element; determining whether the particular XML element in the XML payload and the data type of the particular XML element conform to the XML schema by hashing a plurality of characters in an XML element object of the particular XML element to compute a particular hash value and comparing the particular hash value for the particular XML element with the hash codes stored in the hashtable; and performing a responsive action based on whether the particular XML element conforms to the XML schema. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A data processing apparatus, comprising:
-
a plurality of network interfaces that are coupled to a data network for receiving one or more packets therefrom and sending one or more packets thereto; one or more processors; a switching system coupled to the one or more processors and packet forwarding logic, wherein the switching system and packet forwarding logic are configured to receive packets on a first network interface, determine a second network interface on which to send the packets, and to send the packets on the second network interface; means, executed prior to receiving, over the data network, an application-layer message that comprises the one or more packets; for receiving and storing one or more validation scope rules that define a portion of an extensible markup language (XML) schema for validation; for receiving and storing the XML schema and one or more XML element objects that represent XML elements of the XML schema and comprise a constructor method which when executed returns a data type of one of the XML element objects; for computing hash codes for each of the XML element objects in the XML schema, and storing the hash codes in a hashtable; wherein a hash code for an XML element object is computed by hashing a plurality of characters in the XML element object; wherein the hashtable comprises hash codes for all the XML element objects in the XML schema; means for receiving over the data network the application-layer message comprising the one or more of packets; means, executed upon receiving, over the data network, the application-layer message, comprising the one or more packets; for identifying a particular XML element in an XML payload of the application-layer message, wherein the particular XML element is within the portion of the XML schema defined in the one or more validation scope rules; for invoking the corresponding constructor method to return the data type of the particular XML element in response to finding a name of the particular XML element in the XML payload of the application-layer message in the hashtable; for determining whether the particular XML element and the type of the XML element for the particular XML element conform to the XML schema by hashing a plurality of characters in an XML element object of the particular XML element to compute a particular hash value and comparing the particular hash value for the particular XML element with the hash code stored in the hashtable; and for performing a responsive action based on whether the particular XML element conforms to the XML schema. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
-
-
23. A computer-implemented method, comprising:
-
prior to receiving, over a data network, an application-layer message that comprises one or more packets; receiving, in a network infrastructure element comprising a plurality of network interfaces that are coupled to the data network for receiving the one or more packets therefrom and sending the one or more packets thereto, one or more processors, and a switching system coupled to the one or more processors and packet forwarding logic, wherein the switching system and packet forwarding logic are configured to receive packets on a first network interface, determine a second network interface on which to send the packets, and to send the packets on the second network interface, one or more validation scope rules that define a portion of an extensible markup language (XML) schema for validation; receiving and storing the XML schema and one or more XML element objects that represent XML elements of the XML schema and comprise a constructor method which, when executed, returns a data type of one of the XML element objects; computing hash codes for each of the XML element objects in the XML schema, and storing the hash codes in a hashtable; wherein a hash code for an XML element object is computed by hashing a plurality of characters in the XML element object; wherein the hashtable comprises hash codes for all the XML element objects in the XML schema; upon receiving, over the data network, the application-layer message, comprising the one or more packets; identifying a particular XML element in an XML payload of the application-layer message, wherein the particular XML element is within the portion of the XML schema defined in the one or more validation scope rules; in response to finding a name of the particular XML element in the XML payload of the application-layer message in the hashtable, invoking the corresponding constructor method to return the data type of the particular XML element; determining whether the particular XML element and the data type of the particular XML element conform to the XML schema by hashing a plurality of characters in an XML element object of the particular XML element to compute a particular hash value and comparing the hash value for the particular XML element with the hash codes stored in the hashtable; and performing a responsive action based on whether the particular XML element conforms to the XML schema; wherein the method is performed by one or more processors. - View Dependent Claims (24, 25, 26, 27, 28, 29, 30, 31, 32, 33)
-
-
34. A non-transitory computer-readable volatile or non-volatile storage medium comprising one or more sequences of instructions, which when executed by one or more processors, cause performing:
-
prior to receiving, over a data network, an application-layer message that comprises one or more packets; receiving, in a network infrastructure device comprising a plurality of network interfaces that are coupled to the data network for receiving the one or more packets therefrom and sending the one or more packets thereto, the one or more processors, and a switching system coupled to the one or more more processors and packet forwarding logic, wherein the switching system and packet forwarding logic are configured to receive packets on a first network interface, determine a second network interface on which to send the packets, and to send the packets on the second network interface, one or more validation scope rules that define a portion of an extensible markup language (XML) schema for validation; receiving and storing the XML schema and one or more XML element objects that represent XML elements of the XML schema and comprise a constructor method which, when executed, returns a data type of one of the XML element objects; computing hash codes for each of the XML element objects in the XML schema, and storing the hash codes in a hashtable; wherein a hash code for an XML element object is computed by hashing a plurality of characters in the element object; wherein the hashtable comprises hash codes for all the XML element objects in the XML schema; upon receiving, over the data network, the application-layer message, comprising the one or more packets; identifying a particular XML element in an XML payload of the application-layer message, wherein the particular XML element is within the portion of the XML schema defined in the one or more validation scope rules; in response to finding a name of the particular XML element in the XML payload of the application-layer message in the hashtable, invoking the corresponding constructor method to return the data type of the particular XML element; determining whether the particular XML element and the data type of the particular XML element conform to the XML schema by hashing a plurality of characters in an XML element object of the particular XML element to compute a particular hash value and comparing the particular hash value for the particular XML element with the hash codes stored in the hashtable; and performing a responsive action based on whether the particular XML element conforms to the XML schema. - View Dependent Claims (35, 36, 37, 38, 39, 40, 41, 42, 43, 44)
-
Specification