What technology area does this patent fall under?

Primary CPC classification H04L63/166. Mapped technology areas include Electricity.

When was this patent published?

Publication date Tue Sep 19 2017 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).

Systems and methods for SSL session management in a cluster system

US9769205B2 · US · B2

Patent metadata
Field	Value
Publication number	US-9769205-B2
Application number	US-201414245528-A
Country	US
Kind code	B2
Filing date	Apr 4, 2014
Priority date	Apr 6, 2013
Publication date	Sep 19, 2017
Grant date	Sep 19, 2017

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

The present invention is directed towards systems and methods for managing one or more SSL sessions. A first node from a cluster of nodes intermediary between a client and a server may receive a first request from the client to use a first session established with the server. The first request may include a session identifier of the first session. The first node may determine that the first session is not identified in a cache of the first node. The first node may identify, via a hash table responsive to the determination, an owner node of the first session from the cluster using a key. The key may be determined based on the session identifier. The first node may send a second request to the identified owner node for session data of the first session. The session data may be for establishing a second session with the server.

First claim

Opening claim text (preview).

We claim: 1. A method for managing one or more secure socket layer (SSL) sessions, the method comprising: (a) receiving, by a first core of a first node from a cluster of nodes interconnected by a communication back plane and intermediary between a client and a server, a first request from the client to use a first session established with the server, the first request comprising a session identifier of the first session; (b) determining, by the first core of the first node, that the first session is not identified in a cache of the first node; (c) identifying, by the first node via a hash table responsive to the determination, an owner node and owner core of the first session from the cluster of nodes using a key, the key determined based on the session identifier, wherein the owner node comprises a second node of the plurality of nodes and the owner core comprises a second core on the second node; (d) sending via the communication back plane a second request to the identified owner node and owner core for session data of the first session, the session data for establishing a second session with the server; and (e) establishing, by the first core of the first node responsive to the first request, a new session if a response to the second request does not include the requested session data of the first session, or; (f) establishing, by the first core of the first node responsive to the first request, the second session as a copy of the first session if a response to the second request includes the requested session data of the first session. 2. The method of claim 1 , wherein (a) comprises receiving the first request to reuse, resume or clone the first session. 3. The method of claim 1 , wherein (a) comprises receiving the first request from the client as part of a handshaking process for establishing a SSL session with the server. 4. The method of claim 1 , wherein (b) comprises determining that the first session is not identified in the cache based on the session identifier of the first session. 5. The method of claim 1 , wherein (b) comprises determining that the first node is not the owner node of the first session. 6. The method of claim 1 , wherein (c) comprises generating the key based on at least one of the session identifier or a unique identifier of an entity from which the first request is received. 7. The method of claim 1 , further comprising receiving a response to the second request, the response indicating that the requested first session is invalid, expired or not resumable. 8. The method of claim 1 , further comprising establishing, by the first node, the new session if there is no response to the second request. 9. The method of claim 1 , further comprising establishing, by the first node, the second session comprising a session cloned from the first session using the requested session data. 10. The method of claim 1 , further comprising storing information about the second session in at least one of the hash table or the cache of the first node. 11. A system for managing one or more secure socket layer (SSL) sessions, the system comprising: a cluster of nodes interconnected by a communication back plane and intermediary between a client and a server; and a first core of a first node from the cluster of nodes, the first core of the first node configured to: receive a first request from the client to use a first session established with the server, the first request comprising a session identifier of the first session; determine whether the first session is identified in a cache of the first node; identify, via a hash table responsive to the determination, an owner node and owner core of the first session using a key, the key determined based on the session identifier; send a second request via the communication back plane to the identified owner node and owner core for session data of the first session, the session data for establishing a second session with the server, wherein the owner node comprises a second node of the plurality of nodes and the owner core comprises a second core on the second node; and wherein the first node is configured to establish a new session responsive to the first request if the response to the second request does not include the requested session data of the first session or establish the second session, responsive to the first request, as a copy of the first session if a response to the second request includes the requested session data of the first session. 12. The system of claim 11 , wherein the first node is configured to receive the first request, the first request to reuse, resume or clone the first session. 13. The system of claim 11 , wherein the first node is configured to receive the first request from the client as part of a handshaking process for establishing a SSL session with the server. 14. The system of claim 11 , wherein the first node is configured to determine whether the first session is identified in the cache based on the session identifier of the first session. 15. The system of claim 11 , wherein the first node is configured to determine whether the first node is the owner node of the first session. 16. The system of claim 11 , wherein the first node is configured to generate the key based on at least one of the session identifier or a unique identifier of an entity from which the first request is received. 17. The system of claim 11 , wherein the first node is configured to receive a response to the second request, the response indicating that the requested first session is invalid, expired or not resumable. 18. The system of claim 11 , wherein the first node is configured to establish a new session if there is no response to the second request. 19. The system of claim 11 , wherein the first node is configured to establish the second session comprising a session cloned from the first session using the requested session data. 20. The system of claim 11 , wherein the first node is configured to store information about the second session in at least one of the hash table or the cache of the first node.

Assignees

Citrix Systems Inc

Inventors

Classifications

H04L67/14
Session management (for real-time applications in data packet communications networks H04L65/1066) · CPC title
H04L63/166Primary
at the transport layer · CPC title
H04L69/30
Definitions, standards or architectural aspects of layered protocol stacks · CPC title
H04L63/168Primary
above the transport layer · CPC title
H04L67/1002
Electricity · mapped topic

Patent family

Related publications grouped by family.

View patent family 51655343

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US9769205B2 cover?: The present invention is directed towards systems and methods for managing one or more SSL sessions. A first node from a cluster of nodes intermediary between a client and a server may receive a first request from the client to use a first session established with the server. The first request may include a session identifier of the first session. The first node may determine that the first ses…
Who is the assignee on this patent?: Citrix Systems Inc
What technology area does this patent fall under?: Primary CPC classification H04L63/166. Mapped technology areas include Electricity.
When was this patent published?: Publication date Tue Sep 19 2017 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).