Secure request handling using a kernel level cache
First Claim
Patent Images
1. A method for handling requests comprising:
- replicating an application security environment of an application layer of a kernel for use by a transport layer security service, wherein said replicating maintains security endpoint affinity with the application layer;
the transport layer security service performing authentication actions that utilize authentication data acquired from the application security environment;
receiving a request from a remotely located client over a secure communication channel;
executing the transport layer security service for the secure communication channel within a transport layer of the kernel to decrypt content of the request that was previously encrypted within the secure communication channel;
executing a request handling service to determine if the request is able to be handled using a kernel level cache, wherein the request handling service executes within the transport layer of the kernel;
upon a determination that the request is able to be handled using the kernel level cache, generating a response to the request at the transport layer using the kernel level cache;
upon a determination that the request is not able to be handled using the kernel level cache, conveying the request through an application layer of the kernel where an application-level handling service executes to produce a response to the request; and
executing the transport layer security service to encrypt the response for conveyance over the secure communication channel to the remotely located client, wherein, upon a determination that the request is able to be handled using the kernel level cache the request is handled without requiring the request to be conveyed beyond the transport layer of the kernel.
1 Assignment
0 Petitions
Accused Products
Abstract
The present invention discloses a system, method, apparatus, and computer usable product code for handling requests. The invention can include a kernel level cache, a request handling service, and a transport layer security service. The kernel level cache can store request handling data. The request handling service can handle secure requests at a transport layer of a kernel when request handling data is present in the kernel level cache. The transport layer security service can handle encryption/decryption operations for the secure requests and request responses at the transport layer.
-
Citations
20 Claims
-
1. A method for handling requests comprising:
-
replicating an application security environment of an application layer of a kernel for use by a transport layer security service, wherein said replicating maintains security endpoint affinity with the application layer; the transport layer security service performing authentication actions that utilize authentication data acquired from the application security environment; receiving a request from a remotely located client over a secure communication channel; executing the transport layer security service for the secure communication channel within a transport layer of the kernel to decrypt content of the request that was previously encrypted within the secure communication channel; executing a request handling service to determine if the request is able to be handled using a kernel level cache, wherein the request handling service executes within the transport layer of the kernel; upon a determination that the request is able to be handled using the kernel level cache, generating a response to the request at the transport layer using the kernel level cache; upon a determination that the request is not able to be handled using the kernel level cache, conveying the request through an application layer of the kernel where an application-level handling service executes to produce a response to the request; and executing the transport layer security service to encrypt the response for conveyance over the secure communication channel to the remotely located client, wherein, upon a determination that the request is able to be handled using the kernel level cache the request is handled without requiring the request to be conveyed beyond the transport layer of the kernel. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer program product for handling requests, the computer program product comprising:
-
a non-transitory computer usable storage medium having computer usable program code embodied therewith, the computer usable program code comprising; computer usable program code configured to replicate an application security environment of an application layer of a kernel for use by a transport layer security service, wherein the replication maintains security endpoint affinity with the application layer; computer usable program code associated with the transport layer security service configured to performing authentication actions that utilize authentication data acquired from the application security environment; computer usable program code configured to receive a request from a remotely located client over a secure communication channel; computer usable program code configured to execute the transport layer security service for the secure communication channel within a transport layer of the kernel to decrypt content of the request that was previously encrypted within the secure communication channel; computer usable program code configured to execute a request handling service to determine if the request is able to be handled using a kernel level cache, wherein the request handling service executes within the transport layer of the kernel;
computer usable program code configured to generate a response to the request at the transport layer using the kernel level cache upon a determination that the request handling service indicates that the request is able to be handled using the kernel level cache;computer usable program code configured to convey the request through an application layer of the kernel where an application-level handling service executes to produce a response to the request upon a determination that the request handling service indicates that the request is not able to be handled using the kernel level cache; and computer usable program code configured to execute the transport layer security service to encrypt the response for conveyance over the secure communication channel to the remotely located client, wherein upon a determination that the request is able to be handled using the kernel level cache the request is handled without requiring the request to be conveyed beyond the transport layer of the kernel. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A system for handling requests comprising:
-
computer usable program code stored in at least one non-transitory storage medium configured to replicate an application security environment of an application layer of a kernel for use by a transport layer security service, wherein the replication maintains security endpoint affinity with the application layer; computer usable program code stored in at least one non-transitory storage medium associated with the transport layer security service configured to perform authentication actions that utilize authentication data acquired from the application security environment; kernel level cache configured to store a set comprising more than one request handling data; a request handling service configured to handle secure requests at a transport layer of the kernel upon a determination that request handling data is present in the kernel level cache; and the transport layer security service configured to handle encryption and decryption operations for the secure requests and request responses at the transport layer. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification