Browse Prior Art Database

Secure Bidirectional Cross-System Communications Framework

IP.com Disclosure Number: IPCOM000027931D
Original Publication Date: 2004-Apr-12
Included in the Prior Art Database: 2004-Apr-12
Document File: 5 page(s) / 80K

Publishing Venue

IBM

Abstract

Disclosed is a Secure Bidirectional Cross-System Communications Framework bridged across two systems (A and B) facilitating any cross-system applications to dynamically send an event signal or data request from system A to system B, or from system B to system A. All bidirectional communications between systems A and B are initiated from system A.

This text was extracted from a PDF file.
At least one non-text object (such as an image or picture) has been suppressed.
This is the abbreviated version, containing approximately 40% of the total text.

Page 1 of 5

Secure Bidirectional Cross-System Communications Framework

In a normal firewall implementation, inside-out data flows are allowed from the network containing systems inside a firewall to the network containing systems outside a firewall; however, outside-in data flows are not permitted. This inbound data flow limitation prevents a system outside a firewall from initiating any dynamic data flow to a system inside the firewall. Therefore, all data flows have to be initiated inside-out in an often non-dynamic manner which can result in a temporary loss of an application's data integrity. To compensate for this limitation in a normal firewall implementation, each application maintaining data integrity between systems (inside and outside the firewall) needs unique client/server code written to attempt to dynamically maintain data integrity. Not all networks strictly use TCP/IP communications, some strictly use SNA, a combination of both, or another communication protocol. Since SNA communications are permitted bidirectionally and have no data flow limitations like TCP/IP, application developers regularly need to be able to code to both communication protocols within each of their applications. There is no consistent framework in place allowing system management applications to use the same type of communication processes regardless of the underlying protocol (TCP/IP and/or SNA, etc.) used for cross-system communications.

    The Secure Bidirectional Cross-System Communications Framework is comprised of a set of components working together to provide a standard communications framework for applications to dynamically route requests from one system to another. Figure 1 displays the framework components together. Figure 2 describes the components. Figures 3 and 4 show the steps the Request Push and Pull jobs take to initiate a connection from system A (inside the firewall) to system B (outside the firewall).

    Cross-system applications place requests into either System A's or B's request queue and they dynamically get pushed or pulled between systems via the request push and pull jobs. The request push and pull jobs are initiated from, and are only active on, System A. Once an application request is pushed or pulled from a source system to a target system, the target system's request router job takes the request and routes it to the appropriate application queue. An application is then responsible for removing the data requests from its own application queue for processing.

Highlights of the Secure Bidirectional Cross-System Communications Framework

are:


1) The bidirectional framework supports inbound and outbound data flows through a firewall because all cross-system connections are initiated from a system inside the firewall without violating the outside-in data flow limitation.
2) This framework supports a Hub/Node environment allowing a Node system to send requests to the highest priority Hub, all defined Hubs, or the highest available and...