Securing communications between different network zones

US 8,701,180 B2
Filed: 12/04/2009
Issued: 04/15/2014
Est. Priority Date: 12/04/2009
Status: Active Grant

First Claim

Patent Images

1. A method of communicating a protocol request at a network zone, the method comprising:

receiving the protocol request from a computing device;

encapsulating the protocol request in a different protocol;

transmitting the encapsulated protocol request to a different network zone by way of the different protocol over a first communication channel;

closing the first communication channel after transmitting the encapsulated protocol request;

opening a second communication channel with the different network zone;

checking by the network zone, a shared disk file system shared between the network zone and the different network zone for a message from the different network zone by way of the different protocol over the second communication channel;

accessing tail the message, the message including a protocol response to the protocol request;

extracting the protocol response from the message; and

transmitting the extracted protocol response to the computing device,wherein the transmitting of the protocol request includes writing the protocol request to the shared disk file system by way of the different protocol, and wherein the accessing of the message from the different network zone includes reading the message from the shared disk file system by way of the different protocol.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In an embodiment, a method is provided for communicating a protocol request at a network zone. In this method, the protocol request is received from a computing device and this protocol request is encapsulated in a different protocol. The protocol request is then transmitted to a different network zone by way of the different protocol. A message is then accessed from the different network zone by way of the different protocol, and this message includes a protocol response to the protocol request. The protocol response is extracted from the message and transmitted to the computing device.

Citations

21 Claims

1. A method of communicating a protocol request at a network zone, the method comprising:
- receiving the protocol request from a computing device;
  
  encapsulating the protocol request in a different protocol;
  
  transmitting the encapsulated protocol request to a different network zone by way of the different protocol over a first communication channel;
  
  closing the first communication channel after transmitting the encapsulated protocol request;
  
  opening a second communication channel with the different network zone;
  
  checking by the network zone, a shared disk file system shared between the network zone and the different network zone for a message from the different network zone by way of the different protocol over the second communication channel;
  
  accessing tail the message, the message including a protocol response to the protocol request;
  
  extracting the protocol response from the message; and
  
  transmitting the extracted protocol response to the computing device,wherein the transmitting of the protocol request includes writing the protocol request to the shared disk file system by way of the different protocol, and wherein the accessing of the message from the different network zone includes reading the message from the shared disk file system by way of the different protocol.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein the protocol request is a Hypertext Transfer Protocol (HTTP) request and the protocol response is an HTTP response.
  - 3. The method of claim 1, wherein the protocol request is communicated at a connectivity layer of a server architecture.
  - 4. The method of claim 3, wherein the connectivity layer includes an Internet communication framework (ICF) module.
  - 5. The method of claim 1, further comprising checking the shared disk file system at regular intervals for the receipt of the protocol response.
  - 6. The method of claim 5, wherein the different protocol is a File Transfer Protocol (FTP).
  - 7. The method of claim 1, wherein the different protocol is Simple Mail Transfer Protocol (SMTP).
  - 8. The method of claim 1, wherein the different network zone is an intranet, and wherein the network zone is a demilitarized network zone.

9. A method of communicating a protocol response at a network zone, the method comprising:
- accessing a message from a different network zone by way of a different protocol, the message including a protocol request over a first communication channel;
  
  closing the first communication channel after accessing the message;
  
  extracting the protocol request from the message;
  
  providing the extracted protocol request to an application, the application configured to generate the protocol response to the protocol request;
  
  encapsulating the protocol response in the different protocol;
  
  opening a second communication channel with the different network zone;
  
  transmitting the encapsulated protocol response to the different network zone by way the different protocol over the second communication channel,wherein the network zone and the different network zone include a shared disk file system, wherein the accessing of the message from the different network zone includes reading the message from the shared disk file system by way of the different protocol over the first communication channel, and wherein the transmitting of the encapsulated protocol response includes writing the protocol response to the shared disk file system by way of the different protocol over the second communication channel.
- View Dependent Claims (10, 11, 12, 13)
- - 10. The method of claim 9, wherein the protocol response is a Hypertext Transfer Protocol (HTTP) response and the protocol request is an HTTP request.
  - 11. The method of claim 9, wherein the protocol response is communicated at a connectivity layer of a server architecture.
  - 12. The method of claim 11, wherein the connectivity layer includes an Internet communication framework module.
  - 13. The method of claim 9, wherein the different network zone is a demilitarized network zone, and wherein the network zone is a local area network.

14. A non-transitory machine-readable medium that stores instructions, which, when performed by a machine, cause the machine to perform operations comprising:
- receiving a protocol request from a computing device;
  
  encapsulating the protocol request in a different protocol;
  
  transmitting, the encapsulated protocol request to a different network zone by way of the different protocol over a first communication channel;
  
  closing the first communication channel after transmitting the encapsulated protocol request;
  
  opening a second communication channel with the different network zone;
  
  checking by the network zone, a shared disk file system shared between the network zone and the different network zone for a message from the different network zone by way of the different protocol over the second communication channel;
  
  accessing all the message, the message including a protocol response to the protocol request;
  
  extracting the protocol response from the message; and
  
  transmitting the extracted protocol response to the computing device,wherein the transmitting of the protocol request includes writing the protocol request to the shared disk file system by way of the different protocol, and wherein the accessing of the message from the different network zone includes reading the message from the shared disk file system by way of the different protocol.

15. A non-transitory machine-readable medium that stores instructions, which, when performed by a machine, cause the machine to perform operations comprising:
- accessing a message from a different network zone by way of a protocol over a first communication channel, the message including a protocol request that is formatted in a different protocol;
  
  closing the first communication channel after accessing the message extracting the protocol request from the message;
  
  providing the extracted protocol request to an application, the application configured to generate the protocol response to the protocol request;
  
  encapsulating the protocol response in the protocol;
  
  opening a second communication channel with the different network zone;
  
  transmitting the encapsulated protocol response to the different network zone by way of the protocol over the second communication channel,wherein the network zone and the different network zone include a shared disk file system, wherein the accessing of the message from the different network zone includes reading the message from the shared disk file system by way of the different protocol over the first communication channel, and wherein the transmitting of the encapsulated protocol response includes writing the protocol response to the shared disk file system by way of the different protocol over the second communication channel.

16. A computing device comprising:
- at least one processor; and
  
  a memory in communication with the at least one processor, the memory being configured to store an application server and an application that are executable by the at least one processor, the application server having instructions that when executed by the at least one processor, cause operations to be performed, the operations comprising;
  
  accessing a message from a different network zone by way of a protocol, the message including a protocol request that is formatted in a different protocol over a first communication channel;
  
  closing the first communication channel;
  
  extracting the protocol request from the message;
  
  providing the extracted protocol request to the application, the application configured to generate the protocol response to the protocol request;
  
  encapsulating the protocol response in the different protocol;
  
  opening a second communication channel with the different network zone;
  
  transmitting the encapsulated protocol response to the different network zone by way of the different protocol over the second communication channel,wherein the network zone and the different network zone include a shared disk file system, wherein the accessing of the message from the different network zone includes reading the message from the shared disk file system by way of the different protocol over the first communication channel, and wherein the transmitting of the encapsulated protocol response includes writing the protocol response to the shared disk file system by way of the different protocol over the second communication channel.
- View Dependent Claims (17, 18)
- - 17. The computing device of claim 16, wherein different network zone is a demilitarized network zone.
  - 18. The computing device of claim 16, wherein the application server includes an Internet communication framework module, and the protocol request is extracted and the protocol response is encapsulated at the Internet communication framework module.

19. A computing device comprising:
- at least one processor; and
  
  a memory in communication with the at least one processor, the memory being configured to store an application server executable by the at least one processor, the application server having instructions that when executed by the at least one processor, cause operations to be performed, the operations comprising;
  
  receiving a protocol request from a further computing device;
  
  encapsulating the protocol request in, a different protocol;
  
  transmitting the encapsulated protocol request to a different network zone by way of the different protocol over a first communication channel;
  
  closing the first communication channel after transmitting, the encapsulated protocol request;
  
  opening a second communication channel with the network zone;
  
  checking by the network zone, a shared disk file system shared between the network zone and the different network zone for a message from the different network zone by way of the different protocol the second communication channel;
  
  accessing the message, the message including an protocol response to the protocol request;
  
  extracting the protocol response from the message; and
  
  transmitting the extracted protocol response to the further computing device,wherein the transmitting of the protocol request includes writing the protocol request to the shared disk the system by way of the different protocol, and wherein the accessing of the message from the different network zone includes reading the message from the shared disk file system by way of the different protocol.
- View Dependent Claims (20, 21)
- - 20. The computing device of claim 19, wherein the application server includes an Internet communication framework (ICF) module, and wherein the instructions are included in the ICF module.
  - 21. The computing device of claim 19, wherein the different protocol is a remote function call (RFC).

Specification

Resources

Litigation Campaign Assessment

Current Assignee
SAP SE
Original Assignee
SAP AG (SAP SE)
Inventors
Jolfaei, Masoud Aghadavoodi
Primary Examiner(s)
PEARSON, DAVID J

Application Number

US12/631,466
Publication Number

US 20110138457A1
Time in Patent Office

1,593 Days
Field of Search

None
US Class Current

726/14
CPC Class Codes

H04L 63/0209   Architectural arrangements,...

H04L 63/168   above the transport layer

H04L 67/02   based on web technology, e....

H04L 67/133   Protocols for remote proced...

H04L 69/08   Protocols for interworking;...

H04L 69/18   Multiprotocol handlers, e.g...

Securing communications between different network zones

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Securing communications between different network zones

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links