Processing

Please wait...

Settings

Settings

Goto Application

1. WO1999028819 - OBJECT GATEWAY

Publication Number WO/1999/028819
Publication Date 10.06.1999
International Application No. PCT/GB1998/003632
International Filing Date 04.12.1998
Chapter 2 Demand Filed 02.07.1999
IPC
G06F 9/46 2006.1
GPHYSICS
06COMPUTING; CALCULATING OR COUNTING
FELECTRIC DIGITAL DATA PROCESSING
9Arrangements for program control, e.g. control units
06using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
46Multiprogramming arrangements
H04L 29/06 2006.1
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
29Arrangements, apparatus, circuits or systems, not covered by a single one of groups H04L1/-H04L27/136
02Communication control; Communication processing
06characterised by a protocol
H04L 29/08 2006.1
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
29Arrangements, apparatus, circuits or systems, not covered by a single one of groups H04L1/-H04L27/136
02Communication control; Communication processing
06characterised by a protocol
08Transmission control procedure, e.g. data link level control procedure
CPC
G06F 9/548
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
9Arrangements for program control, e.g. control units
06using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
46Multiprogramming arrangements
54Interprogram communication
547Remote procedure calls [RPC]; Web services
548Object oriented; Remote method invocation [RMI]
H04L 63/02
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
02for separating internal from external traffic, e.g. firewalls
H04L 63/0218
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
02for separating internal from external traffic, e.g. firewalls
0209Architectural arrangements, e.g. perimeter networks or demilitarized zones
0218Distributed architectures, e.g. distributed firewalls
H04L 63/0236
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
02for separating internal from external traffic, e.g. firewalls
0227Filtering policies
0236Filtering by address, protocol, port number or service, e.g. IP-address or URL
H04L 63/0245
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
02for separating internal from external traffic, e.g. firewalls
0227Filtering policies
0245Filtering by information in the payload
H04L 63/0281
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
02for separating internal from external traffic, e.g. firewalls
0281Proxies
Applicants
  • HEWLETT-PACKARD COMPANY [US]/[US] (AllExceptUS)
  • REES, Robert, Thomas, Owen [GB]/[GB] (UsOnly)
  • EDWARDS, Nigel, John [GB]/[GB] (UsOnly)
Inventors
  • REES, Robert, Thomas, Owen
  • EDWARDS, Nigel, John
Agents
  • LAWMAN, Matthew, John, Mitchell
Priority Data
9725742.204.12.1997GB
Publication Language English (en)
Filing Language English (EN)
Designated States
Title
(EN) OBJECT GATEWAY
(FR) PASSERELLE DANS SYSTEME ORIENTE OBJETS
Abstract
(EN) A network gateway (1005) is described, wherein an object invocation (1020) containing an embedded object reference (1025), which points to a further object (1002), is modified on passing through the gateway. The gateway validates the object invocation and enacts a number of security tests thereon before forwarding it on. In preferred embodiments, the embedded object reference is replaced by an object reference (1035) to a gateway proxy specific to the further object (1002). The replacement object reference (1035) also includes information enabling the recovery of the original object reference (1025). The gateway proxy is generated on or after receipt of the invocation (1020). In the event the further object (1002), which was the subject of the object reference, is itself invoked, the invocation is directed to the gateway proxy, which in turn recovers the original object reference and forwards the invocation on to the further object (1002).
(FR) L'invention concerne une passerelle (1005) entre réseaux dans laquelle on modifie un appel (1020) d'objet contenant une référence (1025) objet incorporé, qui pointe vers un objet suivant (1002) lors de son passage dans la passerelle. La passerelle autorise l'appel d'objet et met en marche un certain nombre de tests de sécurité avant de transmettre l'appel. Selon des modes de réalisation préférés, la référence objet incorporé est remplacée par une référence (1035) objet vers un proxy de passerelle spécifiquement pour l'objet suivant (1002). La référence (1035) de l'objet de remplacement comprend aussi assez d'informations sur la récupération de la référence (1025) objet d'origine. Le proxy de passerelle est généré au moment ou après réception de l'appel (1020). Dans le cas où l'objet suivant (1002), sujet de la référence objet, serait appelé, on achemine l'appel vers le proxy de passerelle qui récupère, à son tour, la référence objet d'origine et transfère l'appel sur l'objet suivant (1002).
Latest bibliographic data on file with the International Bureau