| 发明名称 | Performing secure and non-secure communication over the same socket | ||
| 摘要 | A packet processing type determiner includes a non-secure packet processing module configured to process packets received over a single socket using a non-secure protocol. The packet processing type determiner also includes a data indicator checking module configured to check the packets for a first indicator denoting a beginning of a secure data record. The packet processing type determiner further includes a secure packet processing module configured to use a secure protocol to process the packets when a packet with the first indicator is detected until a packet with a second indicator denoting an end of the secure data record is detected. | ||
| 申请公布号 | US8914631(B2) | 申请公布日期 | 2014.12.16 |
| 申请号 | US200912496270 | 申请日期 | 2009.07.01 |
| 申请人 | Oracle International Corporation | 发明人 | Shukla Amitabh |
| 分类号 | H04L29/06;G06F21/60 | 主分类号 | H04L29/06 |
| 代理机构 | Miles & Stockbridge, P.C. | 代理人 | Miles & Stockbridge, P.C. |
| 主权项 | 1. A non-transitory computer readable medium having instructions stored thereon that, when executed by a processor, cause the processor to perform a process that facilitates both secure and non-secure communication over a single port, the process comprising: processing a plurality of data packets received through a first Transmission Control Protocol (TCP) connection over a single socket using Hypertext Transfer Protocol (HTTP), wherein the single socket is associated with the single port, wherein the processing comprises receiving an indication of a number of data packets to be received; parsing each received data packet for a first out of band data byte denoting a beginning of a secure data record; when a packet with the first out of band data byte is detected, using Secure Sockets Layer (SSL) with a first cipher to process the packets received through the first TCP connection over the single socket; when a packet is detected with a second out of band data byte denoting a cipher change, using SSL with a second cipher to process the packets that is different from the first cipher, wherein the change occurs without requiring a full SSL renegotiation; when a packet is detected with a third out of band data byte denoting an end of the changed cipher, changing back to using SSL with the first cipher to process the packets received through the first TCP connection over the single socket; and when a packet is detected with a fourth out of band data byte denoting an end of the secure data record, while keeping the first TCP connection active, returning to processing packets received using HTTP through the first TCP connection over the same single socket that subsequently follow the fourth out of band data byte. | ||
| 地址 | Redwood Shores CA US | ||