Method and device for performing integrated caching in a data communication network
First Claim
1. A method for performing integrated caching at a kernel level of an operating system to more efficiently process network communications comprising the steps of:
- (a) receiving, by a packet engine of an appliance in communication with a cache of the appliance at a kernel level, an encrypted response from a server to a request of a client, the encrypted response providing an object, the packet engine operating at the kernel level of an operating system of the appliance and providing the object as a kernel level data structure of the packet engine stored in memory of kernel space;
(b) decrypting, by an Secure Socket Layer (SSL) engine of the appliance, the encrypted response from the same kernel level data structure of the packet engine stored in memory to provide a decrypted response, the SSL engine in communication with the packet engine and operating at the kernel level;
(c) storing, by a cache management logic of the appliance, the object of the decrypted response in a cache, the cache management logic in communication with the packet engine and operating at the kernel level, the cache management logic operating on the object from the same kernel level data structure of the packet engine stored in memory accessed by one of the packet engine or the SSL engine;
(d) determining, by a policy engine of the appliance, the client is authorized to access the object identified by the decrypted request, the policy engine in communication with the packet engine and operating at the kernel level;
(e) transmitting, by the packet engine, one of the encrypted response or the decrypted response to the client.
10 Assignments
0 Petitions
Accused Products
Abstract
A device that implements a method for performing integrated caching in a data communication network. The device is configured to receive a packet from a client over the data communication network, wherein the packet includes a request for an object. At the operating system/kernel level of the device, one or more of decryption processing of the packet, authentication and/or authorization of the client, and decompression of the request occurs prior to and integrated with caching operations. The caching operations include determining if the object resides within a cache, serving the request from the cache in response to a determination that the object is stored within the cache, and sending the request to a server in response to a determination that the object is not stored within the cache.
801 Citations
21 Claims
-
1. A method for performing integrated caching at a kernel level of an operating system to more efficiently process network communications comprising the steps of:
-
(a) receiving, by a packet engine of an appliance in communication with a cache of the appliance at a kernel level, an encrypted response from a server to a request of a client, the encrypted response providing an object, the packet engine operating at the kernel level of an operating system of the appliance and providing the object as a kernel level data structure of the packet engine stored in memory of kernel space; (b) decrypting, by an Secure Socket Layer (SSL) engine of the appliance, the encrypted response from the same kernel level data structure of the packet engine stored in memory to provide a decrypted response, the SSL engine in communication with the packet engine and operating at the kernel level; (c) storing, by a cache management logic of the appliance, the object of the decrypted response in a cache, the cache management logic in communication with the packet engine and operating at the kernel level, the cache management logic operating on the object from the same kernel level data structure of the packet engine stored in memory accessed by one of the packet engine or the SSL engine; (d) determining, by a policy engine of the appliance, the client is authorized to access the object identified by the decrypted request, the policy engine in communication with the packet engine and operating at the kernel level; (e) transmitting, by the packet engine, one of the encrypted response or the decrypted response to the client. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. An appliance for performing integrated caching at a kernel level of an operating system to more efficiently process network communications, the appliance comprising a packet engine in communication with a cache at the kernel level, the appliance comprising:
-
a hardware processor coupled to a memory, the hardware processor executing a packet engine, an Secure Socket Layer (SSL) engine, and a cache management logic, and a policy engine, and wherein; the packet engine is configured for receiving an encrypted response from a server to a request of a client, the encrypted response providing an object, the packet engine operating at a kernel level of the operating system of the appliance and providing the object as a kernel level data structure of the packet engine stored in a kernel space of the memory; the SSL engine is configured for decrypting the encrypted response via the same kernel level data structure of the packet engine stored in the kernel space of the memory to provide a decrypted response, the SSL engine in communication with the packet engine and operating at the kernel level; the cache management logic is configured for storing the object of the decrypted response in a cache, the cache management logic in communication with the packet engine and operating at the kernel level, the cache management logic operating on the object from the same kernel level data structure of the packet engine stored in the kernel space of the memory accessed by one of the packet engine or the SSL engine; wherein the policy engine is configured for determining the client is authorized to access the object identified by the decrypted request, the policy engine in communication with the packet engine and operating at the kernel level; and wherein the packet engine is further configured for transmitting one of the encrypted response or the decrypted response to the client. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A method for performing integrated decryption, authentication and authorization at a kernel level of an operating system to more efficiently process network communications comprising the steps of:
-
(a) receiving, by a packet engine of an appliance in communication with a policy engine and an Secure Socket Layer (SSL) engine of the appliance at the kernel level, an encrypted request from a client to a server, the encrypted request requesting access to an object, the packet engine operating at a kernel level of the operating system of the appliance and providing the object as a kernel level data structure of the packet engine stored in memory of kernel space; (b) decrypting, by the SSL engine of the appliance, the encrypted request from the same kernel level data structure of the packet engine stored in memory to provide a decrypted request, the SSL engine in communication with the packet engine and operating at the kernel level; (c) authenticating, by the policy engine of the appliance, the client, the policy engine in communication with the packet engine and operating at the kernel level; (d) determining, by the policy engine, a user of the client is authorized to access the object identified by the decrypted request, the policy engine operating on the object via the same kernel level data structure of the packet engine stored in memory; and (e) determining, by a cache management logic of the appliance, that the object identified by the decrypted request is stored in cache, the cache management logic in communication with the packet engine and operating at the kernel level, the cache management logic identifying the object using the same kernel level data structure of the packet engine accessed by one of the packet engine or the policy engine; and (f) transmitting, by the packet engine, to the client in response to the encrypted request a response encrypted by the SSL engine and having the object stored in the cache. - View Dependent Claims (18)
-
-
19. A method for performing integrated caching and compression at a kernel level of an operating system to more efficiently process network communications comprising the steps of:
-
(a) receiving, by a packet engine of an appliance in communication with a cache, compression logic, and an Secure Socket Layer (SSL) engine of the appliance at the kernel level, an encrypted response from a server to a request of a client, the response providing an object, the packet engine operating at a kernel level of the operating system of the appliance and providing the object as a kernel level data structure stored in memory of kernel space, the encrypted response decrypted by the SSL engine of the appliance via the same kernel level data structure of the packet engine; (b) compressing, by the compression logic of the appliance, the object of the response, the compression logic operating at a kernel level of the operating system of the appliance to provide a compressed object, and accessing the object via the same kernel level data structure of the packet engine stored in memory; (c) storing, by the cache management logic of the appliance, the compressed object of the response in a cache, the cache management logic in communication with the packet engine and operating at the kernel level, the cache management logic operating on the object using the same kernel level data structure of the packet engine stored in memory accessed by one of the packet engine or the compression logic; (d) determining, by a policy engine of the appliance, the client is authorized to access the object identified by the decrypted request, the policy engine in communication with the packet engine and operating at the kernel level; and (e) transmitting, by the packet engine, the response to the client. - View Dependent Claims (20)
-
-
21. A method for performing integrated caching at a kernel level of an operating system to more efficiently process network communications, the method comprising the steps of:
-
(a) receiving, by a packet engine of an appliance deployed between a client and a server, an encrypted response from the server to a request of the client, the encrypted response comprising an object, the packet engine operating at a kernel level of a kernel of an operating system of the appliance; (b) providing, from a kernel level data structure stored in memory of kernel space, the object for each of the packet engine, an Secure Socket Layer (SSL) engine of the appliance and a cache management logic of the appliance, each of the packet engine, the SSL engine and the cache management logic accessing the object within the same kernel level data structure in the kernel space without using a service call, each of the packet engine, the SSL engine and the cache management logic having an equal status to access the object via the kernel level data structure stored in memory; (c) decrypting, by the SSL engine, the encrypted response from the same kernel level data structure stored in memory and without using a service call to access the kernel, the SSL engine in communication with the packet engine and operating at the kernel level; (d) storing, by a cache management logic of the appliance, the encrypted object from the encrypted response in a cache, the cache management logic in communication with the packet engine and operating on the object from the same kernel level data structure stored in memory and without using a service call to access the kernel; (e) determining, by a policy engine of the appliance, the client is authorized to access the object identified by the decrypted request, the policy engine in communication with the packet engine and operating at the kernel level; and (f) transmitting, by the packet engine, one of the encrypted response or the decrypted response to the client.
-
Specification