| Secure network architecture with quality of service -> Monitor Keywords |
|
|
  Secure network architecture with quality of serviceUSPTO Application #: 20070297335Title: Secure network architecture with quality of service Abstract: In a wide area network arrangement composed of some number of secure local networks and an Internet service provider (ISP) back-bone, LAN hosts are able to indirectly access network routers, through an ISP quality of service (QoS) module, to request that information transmitted during certain specified sessions be given priority treatment by the network. (end of abstract)
Agent: Hensley Kim & Holzer, LLC - Denver, CO, US Inventor: Heidi Picher-Dempsey USPTO Applicaton #: 20070297335 - Class: 370235000 (USPTO) Related Patent Categories: Multiplex Communications, Data Flow Congestion Prevention Or Control, Flow Control Of Data Transmission Through A Network The Patent Description & Claims data below is from USPTO Patent Application 20070297335. Brief Patent Description - Full Patent Description - Patent Application Claims
CROSS-REFERENCE TO RELATED APPLICATIONS [0001] The present application is a continuation of U.S. Nonprovisional application Ser. No. 08/990,096, entitled "SECURE NETWORK ARCHITECTURE WITH QUALITY OF SERVICE," filed on Dec. 12, 1997, which is specifically incorporated by reference herein for all that it discloses and teaches. BACKGROUND OF THE INVENTION [0002] The present invention relates generally to network communication, and more particularly to establishing dedicated and secure communication sessions over a wide area network. [0003] Certain types of business activities create the need to transfer information in a timely and secure manner. For instance, banks periodically "backup" their computer files to a remote central database and need to know that these files were successfully copied to the remote database without having been attacked or corrupted during the process. Video conferencing is another example of an application that demands the timely and secure transmission of information (video/voice/data). Network transmission delay or the successful attack by a hacker can cause significant business problems or render applications useless. [0004] One solution to the problem of network delay is to lease dedicated point-to-point digital data lines, such as an ISDN or T1 line, over which time critical information is sent. In addition to carrying the critical traffic, however, these lines carry traffic that is not time critical between the two end points as well. Because neither of the two traffic types is given precedence under these circumstances, time critical traffic may be delayed. [0005] A typical solution to the precedence problem is to introduce a "priority queuing" mechanism into the network. Such queuing mechanisms give precedence to certain time critical traffic while handling the rest of the traffic on a "best effort" basis. However, both dedicated leased lines and priority queuing require a significant configuration effort, usually by the system manager. Typically, the system manager is not on site or may not even be an employee of the company using the service. As a result, the user may have no ready means to modify the configuration, which dictates that the service being provided is static in nature and not adaptable to applications where the timing of critical traffic cannot be regularly scheduled. [0006] Another solution to the problem of network delay typically utilized by network managers is to incorporate an asynchronous transfer mode (ATM) backbone between the various local networks to handle the transfer of information. ATM was designed to provide a wide range of quality of service (QoS) capabilities. An ATM network can support some number of virtual channels (VCs) over which traffic with certain defined QoS characteristics can travel. These QoS characteristics can be used to group traffic according to precedence, and VCs can be established to transmit the different traffic types. [0007] Using ATM interfaces to carry QoS Internet traffic, however, requires the router to map Internet protocol (IP) data flows into the VCs based on QoS characteristics. In addition, the current practice is to default to a single Permanent Virtual Channel (PVC) between routers, which does not allow for multiple service classes within the ATM net work. Although multiple PVCs are sometimes configured, there is no standard way of mapping QoS characteristics to PVCs. Also, there are no multicast PVCs, so Internet multicast traffic cannot be delivered over an equivalent PVC. Consequently, it must be duplicated and sent over separate PVCs to each multicast designation, which uses up a lot more bandwidth. [0008] Inherently, the Internet protocol only provides for the "best effort" transmission of information. This means that all traffic is of equal precedence meaning that if there is more traffic to be transmitted than the network can handle, this traffic must be buffered in a FIFO arrangement for some period of time until it gets to the top of the buffer at which time it would be transmitted. Clearly, "best effort" transmission is not suitable for time critical traffic. [0009] To overcome the problems of "best effort" transmission, the RSVP protocol was developed to allow an application to request QoS on the Internet and avoid delaying time critical traffic. Applications designed to employ this protocol are able to dynamically request specific QoS from a network, thereby ensuring that time critical traffic is transmitted over dedicated network resources. Specifically, the RSVP protocol reserves network bandwidth for certain traffic. Despite these benefits, the RSVP protocol is relatively new, and as a result, most applications have not been redesigned to process RSVP messages. [0010] Security is another critical characteristic that certain types of customers demand before conducting their business over the Internet. Typically, Internet security is provided by a firewall placed between a local area network (LAN) router, or premises router, and the host computers attached to the LAN. Firewall products, such as Gauntlet, are offered commercially by TIS Co. [0011] Because QoS-enhanced applications do not typically include security provisions, firewall type products are needed to provide application security. However, since such firewall products have not been designed to process RSVP messages, Internet security and QoS are mutually exclusive characteristics of Internet communication at the present time, even though both are desirable. SUMMARY OF THE INVENTION [0012] Systems and methods consistent with the present invention provide a QoS server that operates such that commercially available firewall products can be utilized by local networks to maintain security. In addition, existing commercially available IP routers can be utilized to fulfill QoS requests from secure local networks. [0013] A server system, consistent with the present invention, includes means for receiving a session request for establishing a communication path for transmitting information, means for sending a message to an originating router in the communication path in response to the request, the message including a request to reserve resources for transmitting the information, and means for monitoring the originating router to determine whether all of the routers along the transmission path have sufficient resources to establish the communication path in accordance with the session request. [0014] Both the foregoing general description and the following detailed description provide examples and explanations only. They do not restrict the claimed invention. DESCRIPTION OF THE DRAWINGS [0015] The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and, together with the description, explain the advantages and principles of the invention. In the drawings, [0016] FIG. 1 is a block diagram of a secure network architecture consistent with the present invention. [0017] FIG. 2 is a block diagram of the IP/QoS module of FIG. 1. [0018] FIGS. 3A and 3B are flowcharts showing steps, consistent with the present invention, for establishing a QoS session. [0019] FIG. 4 is a screenshot of a session request interface consistent with the present invention. DESCRIPTION OF THE PREFERRED EMBODIMENT Continue reading... Full patent description for Secure network architecture with quality of service Brief Patent Description - Full Patent Description - Patent Application Claims Click on the above for other options relating to this Secure network architecture with quality of service patent application. ###  How KEYWORD MONITOR works... a FREE service from FreshPatents1. Sign up (takes 30 seconds). 2. Fill in the keywords to be monitored. 3. Each week you receive an email with patent applications related to your keywords. Start now! - Receive info on patent apps like Secure network architecture with quality of service or other areas of interest. ### Previous Patent Application: Packet classification in a network security device Next Patent Application: Methods, systems, and computer program products for managing congestion in a multi-layer telecommunications signaling network protocol stack Industry Class: Multiplex communications ### FreshPatents.com Support Thank you for viewing the Secure network architecture with quality of service patent info. IP-related news and info Results in 0.78294 seconds Other interesting Feshpatents.com categories: Computers: Graphics , I/O , Processors , Dyn. Storage , Static Storage , Printers |
||
