System and method for sharing objects between computers over network

FIELD: physics; computer engineering.

SUBSTANCE: present invention relates to a method and system for sharing objects which can be located in different machines. These objects can be accessed and shared over a computer network, for example the Internet. The objects can be computer programming objects which can include application programming interfaces (API), programming object libraries, determination of computer program objects and other similar information for applications based on a computer network. The method and the system do not require a server computer since the invention can work as a peer-to-peer or a multipoint computer network.

EFFECT: method and system can work with peer-to-peer networks and "client-server" networks without requirement for identification of computers on the network as servers or non-server computers (clients).

20 cl, 9 dwg

 

The technical field to which the invention relates

The present invention relates to the sharing of information between computers over a network, and more specifically, it relates to peer-to-peer or point-to-point network that allows sharing of computer objects between computers.

Prior art

Known environment sharing computer facilities typically use a “client-server”, according to which the client computers access the Central server to run programs or data retrieval. Architecture “client-server” is the General form of the distribution of a computer system in which software is split between server tasks and client tasks. The client can send requests to the server according to a certain Protocol, asking for information or action, and the server can respond to this query.

Model “client-server” is similar to the consumer (customer), which sends the order according to the order form to the supplier (server)that sends the goods and the invoice (answer). Order form and invoice are part of the "Protocol"used in this case for the relationship.

Refer now to Figure 1, which illustrates a known architecture 100 “klie the t-server, in which the server 105 provides the first, second and third client computers 110A, 110B and 110C access to network objects 115, located on the server 105. According to this illustrative architecture 100 “client-server”, if the first computer 110A you want to send the video file to the second computer 110B of the network, the first computer 110A must transfer the file to the server 105. The server 105, in turn, must transfer the video file to the second computer 110B. In this scenario, the file transfer server 105 slows down the transfer of information between the first and second computers 110A and 110B.

According to another illustrative scenario, when one of the computers 110 wishes to change the network object 115, located on the server 105, the computer 110 should expect parcels server 105 back messages on the computer 110, confirming that the change was made. This waiting period can be called a delay. The delay may cause inconvenience when you need an immediate change of network objects 115. For example, the delay may be very undesirable for collaborative applications in real time, such as interactive communication and presentation applications that require "live" changes or dissemination of information, which may include audio and computer data.

Another problem associated with f the th architecture 100 “client-server”, as well as application programming peer-to-peer communication, is that if you write programs that use a network object, you must specify the type of computer architecture, in which the connection is related to the network object. In other words, it is necessary to identify whether the network object to be shared within the architecture 100 “client-server or within a peer-to-peer network (not shown in figure 1). This means that the known technology must identify which communication protocols will be used to access the network object and manipulate them.

Another problem associated with the prior art, is that the network object can be shared only within the same type of computer architecture, but not between different types of network architectures, because the type of communication Protocol for a particular network must be defined and it must be done orientation when writing any computer code. This means that the program cannot be written with well-known computer programs, where the network object is shared as peer-to-peer network, and the network “client-server”. Known computer program must specify only one but not both types of computer architectures.

Thus, am is there a need for technology method and system who can share network objects on various types of computer architectures, such as architecture “client-server and peer-to-peer architecture type, without specifying the communication Protocol required for communication on different architectures. Next, there is a need in the technique in significantly reducing or eliminating the latency normally associated with the joint use of network objects between computers, with the aim of improving communication between computers in real-time. Finally, there is a need for techniques that can be written computer programs using standard object-oriented techniques, regardless of the type of computer architecture that will accommodate any network objects.

The invention

The present invention provides a method and system for sharing objects that may reside on different machines and are available through a computer network such as the Internet. Objects may contain any computer programming objects, which may include, but is not in a restrictive sense, the application programming interfaces (APIs), libraries of programming objects, identifying objects, computer programs, and other such information for applications fundamentals of audacia on a computer network. The system and method may allow to write a computer program that executes the query to the network objects on other computers connected to the network.

One of the advantages of the present invention is that it does not require a computer server, as the invention may function more like a peer-to-peer computer network. Another advantage of the present invention is that it can interpret the peer computers in the same way, even if the peer computer is a computer server. In other words, the present invention can operate as a peer-to-peer networks and networks “client-server”without requiring identification of computers as servers or computers non-server based type (clients).

The application of this invention may include collaboration in real time clock (RTC), which can allow computers connected through a network to communicate and share information in real time, almost simultaneously, in comparison with the known architecture “client-server”. Illustrative applications RTC may include, but not restrictively, the following examples: mutual exchange of information through interactive communication, which can nahoditsya different computers, sharing documents within programs, word processing, which can reside on different computers, sharing spreadsheets within programmes of work on spreadsheets, which can reside on different computers, share presentations between presentation applications that can reside on different computers, data sharing between game programs that can reside on different computers, and other similar applications RTC where it is profitable to share data between multiple computers in real time.

To ensure that information sharing among computers on the network, objects or shared objects that support applications RTC, usually found on each computer. However, in some situations, the first computer that may need to use a network object may not have a copy of the network object, and the first computer may be given access to the said network object that can reside on a second computer. This sharing of network objects can take place, if the first computer has limited memory, the first computer may be a handheld computer is om, such as a personal digital assistant (PDA).

When a computer program executes a call to the network object that can be run security checks in order to determine whether the computer running this program, access to a particular network object. For example, security checks can be run locally within the computer executing the program to determine whether to access the network object, which can also be locally stored in the computer. Similarly, the security check can also be executed over the network to other computers that have a copy of the network object in order to determine whether access to a network object, the computer executing the program.

If the computer performing the call to the network object has permission to access the network object, then the computer can synchronize network object in its memory, with all the same facilities that may be located on other computers in the network. Thus, each computer that has access to a specific network object and a copy of a specific network object can get all of the latest updates that can be made in respect of the network object, and updates can take place in real time.

the case of the application of computer programming, using network objects, once created, the object class, where the class may include network objects that can be used in standard object-oriented techniques to work with all objects in the class, including any network objects. The system and method according to the invention can intercept such method calls made to the network objects, and to handle method calls according to the network attributes network objects.

For example, the call to the network object that can be on the computer that is making the call may not be performed or completed, will not be accepted until receipt of confirmation all other computers that have a copy of the network object from which you want to give them a receipt confirmation. If the call is made to the network object that has a fully ordered method, the steps which must occur in a specific sequence, then from all other computers with a copy of the network object, you may need consent from the sequence before the call is executed or run locally on the computer that is making the call to the network object.

To manage network objects and track network objects, the system according to the invention may use contexts. Each network object system which may have one associated context. And each network object can be part of the same context. Each context may contain information that traverses one or more of the relationships between multiple system network objects and the relationship between computers that may have copies of objects and/or access to objects.

Each context can identify which computers have one or more specific network objects, and it can help to manage the network objects that are part of a particular context. The context can help to make sure that every computer that is part of the context, has the same version of the one or more network objects that can be context. Each context can have sublists security, to help determine which computers can access certain network objects in list context, and what computers can modify objects in the context.

The context can be in various States. Inactive status may indicate that computers with network objects that are part of a particular context, may not use these network objects. The active state may mean that computers with network objects use these network objects in some way, and communications related to network objects that takes place between a computer is Rami, available in the context.

The system and method may also use the fully ordered packages for various communications between computers in the context of the case, to maintain the consistency and integrity of the network object.

List of figures

Figure 1 - block diagram of a known computer architecture “client-server”.

Figure 2 is a block diagram of a network personal computer, and provides an illustrative operating environment for the present invention.

Figure 3 - functional block diagram showing an illustrative system for sharing network objects according to one illustrative variant implementation of the present invention.

Figa - functional block diagram showing an illustrative high-level architecture of a system for sharing objects between computers through a network according to one illustrative variant implementation of the present invention.

Figw - functional block diagram listing the various time periods, which can occur during the sequence object is created according to one illustrative variant implementation of the present invention.

5 is a functional block diagram showing illustrative components that may be detecting the wife in the context according to one illustrative variant implementation of the present invention.

Figa - functional block diagram illustrating a variety of different sessions that can take place between computers that have objects that are part of the context, according to one illustrative variant implementation of the present invention.

Figw - functional block diagram illustrating details of the first session, which is part of the first context Figa, according to one illustrative variant implementation of the present invention.

Figs - functional block diagram illustrating details of the second session, which is part of the second context Figa, according to one illustrative variant implementation of the present invention.

7 is a functional block diagram showing an illustrative system architecture of the network object, according to one illustrative variant implementation of the present invention.

Fig - logical precedence diagram generally showing an illustrative process of sharing objects between computers through a network, where the second computer joins a session with the first computer, according to one illustrative variant implementation of the present invention.

Fig.9 - Il is strativa functional block diagram showing a shared object and how this shared object can be accessed by other network nodes, according to one illustrative variant implementation of the present invention.

Detailed description of exemplary embodiments.

The method and system can share objects that may reside on different computers. These objects can be accessed, and they can be shared through a computer network such as the Internet. Objects may contain any computer programming objects, which may include, but is not in a restrictive sense, the application programming interfaces (APIs), libraries of programming objects, identifying objects, computer programs, and other such information for applications based on computer networks. The method and system operate like peer-to-peer or multi-point computer network instead of the famous architecture “client-server”.

The method and system can work with both peer-to-peer networks and networks “client-server”without requiring identification of computers on the network as servers or computers non-server based type (clients). The application of the method and system may include joint work in the real BP is the seed (RTC), that can allow computers connected through a network to communicate and share information in real time and almost simultaneously.

Illustrative operating environment

Illustrative embodiments of the present invention will be further described with reference to the drawings, in which same reference numbers represent the same elements in the several drawings. Figure 2 shows an illustrative operating environment 200 for implementing the present invention.

Illustrative operating environment 200 includes a computing device General purpose as well-known personal computer 120. Usually, the personal computer 120 includes a processor 121, a system memory 122, and a system bus 123 that connects various system components including the system memory 122 to the CPU 121. The system bus 123 may be any of several types of structures tires, including a memory bus or memory controller, a peripheral bus and a local bus using any of a number of bus architectures. The system memory includes a permanent storage device (ROM, RAM) 124, and a random access memory (R, RAM) 125. The system basic input/output system (BIOS) 126, containing the basic routines that help to transfer information between elements in predetermining computer 120, for example, during start-up, is in ROM 124.

Personal computer 120 further includes a drive 127 on hard drives for reading from the hard drive and write to it, not shown; a magnetic disk drive 128 for reading from a removable magnetic disk 129, or writing to him, and optical disk drive 130 for reading from a removable optical disk 131 such as a ROM on CD-ROM (CD-ROM) or other optical media, or write to it. Drive 127 on the hard disk, magnetic disk drive 128, and optical disk drive 130 is connected to the system bus 123 via an interface 132 of the hard drive interface 133 of the magnetic disk drive and interface 134 optical drive, respectively.

Although described here for illustrative environment uses the hard disk drive 127, a removable magnetic disk 129 and a removable optical disk 131, specialists in the art should understand that other types of computer-readable media that can store data and to which the computer can access, for example, magnetic cassettes, flash memory cards, digital video disks, Bernoulli cartridges, device RAM device, a ROM and the like, can also be used in the illustrative operating environment. Drives and drives and their associated computer-readable media provide nonvolatile storage Malinovaya who's instructions, data structures, program modules and other data for the personal computer 120.

A number of program modules may be stored on hard disk 127, magnetic disk 129, optical disk 131, ROM 124 or RAM 125, including an operating system 135, the application program 410 that contains a network object 315, which includes software modules. Software modules can include, but is not in a restrictive sense, procedures, routines, programs, objects, components, data structures, etc. that perform particular tasks or implement certain abstract data types.

The user can enter commands and information into the personal computer 120 through input devices, such as a keyboard 140 and a pointing device 142. Pointing devices may include a mouse, a trackball, and an electronic pen that can be used together with an electronic tablet. Other input devices (not shown)may include a microphone, joystick, game pad, satellite dish, scanner, or the like, These and other input devices are often connected to the processor 122 via the interface 146 serial port that is connected to the system bus 123, but may be connected by other interfaces such as a parallel port, game port,universal serial bus (USB) or the like Display device 147 may also be connected to system bus 123 via an interface, such as a video adapter 148. In addition to the monitor, personal computers typically include other peripheral output devices (not shown), such as speakers and printers.

The personal computer 120 may operate in a networked environment using logical connections to one or more remote computers 149. Remote computer 149 may be another personal computer, a server, a client, a router, a network PC, a peer device or other common network node. Although the remote computer 149 typically includes many or all of the elements described above in relation to personal computer 120, only the storage device 150 shown in the figure. The logical connections depicted in the figure, include a local area network (LAN) 151 and a wide area network (WAN) 152. Such networking environments are common in offices, computer networks scale enterprises, intranets and the Internet.

When using in a network environment LAN personal computer 120 is often connected to the local network 151 through a network interface or adapter 153. When used in a WAN network environment, the personal computer 120 typically includes a modem 154 or other means for establishing communications over the WAN 152, such as the Internet. Fashion is 154, which may be internal or external, is connected to system bus 123 via an interface 146 serial port. In a networked environment, program modules depicted relative to the personal computer 120, or portions thereof, may be stored in the remote storage device 150. It should be understood that the illustrated network connections are illustrative and that can be used other means of establishing lines of communication between computers.

In addition, the experts in this field of technology should be understood that the present invention can be implemented in other configurations of computer systems, including handheld devices, multiprocessor systems, microprocessor-based or programmable consumer electronics, network personal computers, minicomputers, a universal computing machine (mainframe) and the like. The invention can also be implemented in distributed computing environments where tasks are performed by remote processing unit connected through a communication network. In a distributed computing environment, program modules may be located on both local and remote storage devices.

General system overview

Now consider Figure 3, which shows an illustrative system 300 for joint the CSOs use objects 315 between computers 310 through the network. Each computer 310 may be associated with other relevant computer 310 via line 305 connection. Line 305 connection may include a connection made through the Internet or direct connection, for example a telephone line. Line 305 may be part of the transport and abstract level (TAL), which will be discussed below with reference to Figure 4.

Each computer or machine 310 may store one or more objects 315 locally, for example, on a storage device, such as a hard disk, or in memory within the computer 310. Each computer 310 may store some objects, such as the first Object X 315, with the exception of the fifth computer 310B. In addition, each computer 310 can also store different objects 315, for example, the second and third Objects Y and z As shown in Fig. 3, the second and third Objects Y and Z are not all computers 310.

Method and system 300 of the present invention allow the computers 310 to communicate with each other in such a direct and transparent way that the system can form a perceived shared space 320 in which computers share virtual objects 325. In other words, from the point of view of programming, strings of computer code that is written to access the objects 315 in accordance with the present and the finding, can perceive objects 315 as virtual objects 325, which are in shared space 320, and not in other computers. Computer code that uses objects 315 according to the present invention does not require the identification of whether these objects in peer-to-peer network or on the server. Any computer code that uses objects 315 according to the present invention does not require placing themselves to the mechanism of communication between the computers 310, which form a network 300.

As mentioned above, the present invention works with any type of computer 310, regardless of whether the computer is a server, such as server 310D, either Autonomous or independent computer, like the first, second, third and fifth computer 310A-C and E-F. Further, corresponding to the invention, the system 300 allows the Association of objects regardless of whether the computer 310 to store the object 315. For example, the third computer 310C can function as a virtual server to the second computer 310B, because the second computer 310B may be a device with low memory, such as a personal digital assistant (PDA), which may be unable to store any of the objects 315, supported by a network 300.

Figure 3 shows how the computers 310 may be interconnected using the x lines 305 connection. For example, the third computer 310C may be associated with a second computer 310B with low memory via line 305 connection. A third computer 310C may be associated with the server 310D, the fifth computer 310E and the sixth computer 310F via an additional line 305 connection. The second, third, fifth computers (V, 310C and 310E) and the server 310D can each have two of the same object, for example, a local Object X and Y. Meanwhile, the third computer 310C may not have the same two objects X, Y 315C1 and 315C2 as the sixth computer 310F. That is, the third computer 310C may not have a third object Z posted in this computer, while the sixth computer 310F may have a third object Z that is hosted on this computer.

Although each object 315 may not be in every computer 310, the computer 310 without a specific object 315 can access non-local objects 315 in other computers 310, if a particular computer 310 has permission to access this non-local object 315. Permission to access any object 315 (including nonlocal objects 315) may be supported in the context 500, as will be discussed in further detail below, with reference to Figure 5.

Illustrative high-level architecture of the system

Refer now to Figure 4, which shows an illustrative high-level architecture 400 of a system for co-IP is the use of objects 315 between computers 310 through a computer network. Each computer 310 has a transport abstraction layer (TAL), which may form part of the line 305 connection discussed above with reference to Figure 3. Transport abstract level 305 may be connected to the system network objects (SNO) 315, as shown in Figure 3.

System network objects (SNO) 315 can support program 410 applications, which may include, but is not in a restrictive sense, collaborative software real-time clock (RTC) for the exchange of information through interactive communication, which can be located in different computers, sharing documents within programs, word processing, which can be located in different computers, sharing spreadsheets within programmes of work on spreadsheets, which can be located in different computers, sharing presentations between applications presentations, which can be located in different computers, sharing data between game programs, which can be located in different computers, and other similar applications RTC where beneficial to share data in real time among several different computers.

The transport abstraction layer 305 may include a set of interfaces that can is to allow one computer 310 to communicate with one or more other computers 310 in the network. The transport abstraction layer can be used, but not in a restrictive sense interfaces, such as TCP (transmission control Protocol), a Peer net (peer-to-peer network), HTTP (hypertext transfer Protocol) or any other similar communication technology that allows your computer 310 to send messages to other computers 310 over the network and receive messages from them. The transport abstraction layer 305 can generate a virtual communication link or session 415 between the system network objects 315, located in different computers 310. Session 415 will be described below.

Illustrative diagram of the sequence of operations and a way to share objects between 315 computers on the network

The processes and operations described below with respect to all the logical sequence diagrams of the operations may include executed by the processor manipulating signals and storing these signals in the data structures that reside on one or more storage devices. For the purposes of this discussion, the process can be generally represented as a sequence of executable computer stages, leading to the desired result.

These steps usually require physical manipulations of physical quantities. Usually, though not necessarily, these quantities take the form of electrical, magnetic, or optical signals is s, which can be stored, transferred, combined, compared or processed in any other way. Traditionally, specialists in the art of talk about the representations of these signals as bits, bytes, words, information, elements, symbols, characters, numbers, points, data, inputs, objects, images, files or the like, it Should be borne in mind, however, that these and similar terms are associated with the appropriate physical quantities for computer operations, and that these terms are merely conventional signs applied to physical quantities that exist within and during operation of the computer.

It should also be understood that manipulations within the computer are often called by terms such as creating, adding, calculating, comparing, moving, receiving, identification, identification, filling, loading, execution, etc. that is often associated with manual operations performed by the operator. The operations described herein may be machine operations performed in conjunction with a variety of input data provided by the operator or user that interacts with the computer.

In addition, it should be understood that the programs, processes, methods, etc. described above are not associated with any particular computer or device and is not limited to them. On the contrary, different Ty is s General purpose machines may be used in the following process in accordance with the ideas described here.

The present invention may contain a computer program, or hardware, or combination thereof, which embody the functions described herein and shown in the attached block diagram. However, it should be obvious that there can be many different ways of implementing the invention in computer programming or designing hardware, and the invention should not be construed as limited to any one set of instructions of a computer program.

Further, a skilled programmer should be able to write such a computer program or to identify suitable hardware-based schemes to easily implement the disclosed invention on the basis of, for example, the block diagrams and the corresponding descriptions in the text of the application. Therefore, disclosure of a particular set of instructions of the program code or a detailed description of the hardware devices is not considered necessary for an adequate understanding of how to implement and use the invention. Corresponding to the invention the functionality of the claimed processes performed by the computer, will be explained in more detail in the following description, together with the other Figures, illustrating the other sequences of operations.

Further, certain steps in the processes or sequences of operations which, described below on all the logic circuits of a sequence of operations must naturally precede others to the present invention functioned as described. However, the present invention is not limited to the order described steps, if such order or sequence does not alter the functionality of the present invention. That is, it is recognized that some steps may be performed before, after or in parallel with other steps, without going beyond the scope and essence of the present invention.

The transport abstraction layer 305

The transport abstraction layer (TAL) 305 may include an interface that can use network objects SNO 315, for communication with other machines 310 through a computer network. Computer networks may use different standards and different protocols for the exchange of different data types. According to known technology application 410 that need to communicate with other machines 310 in the network, are often forced to adhere to different standards/protocols. For example, some networks use TCP/IP over Ethernet for reliable transmission, and other uses HTTP over TCP/IP over Ethernet.

This means that the application 410 is typically required to communicate using different types of protocols to send and the data packets. Opposite to well-known technology, TAL 305 can abstract any differences in protocols, to any machine 310 using SNO 315, was not required to modify the individual SNO 315 to work with another network or in another network. Instead, the levels TAL 305 can be set in accordance with their networks. TAL 305 can abstract network protocols using simple interfaces that other developers can modify and to ensure the implementation of appropriate to their needs. Levels TAL 305 can be directly set in accordance with network protocols. For example, channels 417 (discussed below) within levels TAL 305 may correspond to the TCP port.

The developer, codereuse network application using SNO 315, it is usually necessary to create a session 415, which sets the base contact between different machines 310. As part of establishing a session 415, the application 410 may require authentication, for example, exchange signatures/mandates to establish authenticity. Once you have established a session 415, objects SNO 315 and data within objects SNO 315 can be shared. For each SNO 315 to be sharing, you create a context 500, while SNO 315 is logged within the context 500. Further details contexts 500 will be described below with reference to Fig.6.

who from now on will refer to FIGU-6C, where each SNO 315 is shared within the context 500, which has one channel 417. Session 415 may be characterized as a large line associated with other machines 310, while the channels 417 can be described as smaller padmasiri that can exchange information about individual SNO 315 between machines 310. According to one illustrative option exercise from each machine or node 310 in the session 415 is not required to adhere to all channels 417 session 415. A subset of nodes 310 may participate in a single channel 417 and the other or overlapping subset may participate in another channel 417.

When SNO 315 is created and shared in the context of 500, it can be realized (converted into a linear sequence suitable for transmission to a remote location in a format to be transported over the network messages (potentially binary format or XML format (extensible markup language) - see 1130 figure 9, discussed below) and can be sent to other machines 310 in the channel 417, using a method referred to as IChannel.SendMessage, which will be described in additional detail below. When SNO 315 made and saved changes, new changes can also be sent using the method IChannel.SendMessage.

To deliver messages within a channel 417 and session 415 in some cases m which can be used a total ordering of these messages, while others can be used for partial ordering or even ordering may not be used. A total ordering, partial ordering and the lack of ordering are standard terms used in computer network applications and known to the ordinary skilled in this technical field. But for the sake of clarity and completeness, below are the following typical brief definitions/examples for these words: total ordering can relate to the scenario when node a sends the first packet at time T1, the Node sends the second packet at time T2 (T2 later than T1). All nodes 310 in the channel 417 see that the first and second packets arrive in the same order as they were sent (i.e., the first packet arrives before the second package).

A partial ordering can relate to the scenario where node a sends the first packet in T1 and the second packet at T2, the Node sends the third packet in T3 and the fourth package in T4. Different nodes can observe the first, second, third and fourth packets in a different order, but all the packets originating from the same site, will arrive in the order in which they were sent. For example, the Node could take first, third and fourth packets, and then the first and second packages. But they do not accept the second packet before the first packet included four or the th packet before the third package.

No ordering is a scenario where there is no guarantee any particular order. Packets can arrive in any order from any source.

Interface 436 ISession

Interface 436 ISession can be used by the application 410 to create a network session 415 connection. The application 410 can choose the authentication and authorization authentication of the nodes with which it is in session 415. The exchange of information related to the session is carried out using the method SendMessage interface 436 ISession.

Interface 436 ISession may also include a mechanism for receiving notification when another node communicates with the local node 310. Each node 310 may register a handler that manages all standard notifications. When the session is created, the notification SessionOpenedEvent is sent to the nodes 310 within the channel 417. When a session is closed, the notification SessionClosedEvent is sent to the nodes 310 within the channel 417. When the message is accepted, the notification SessionMessageEvent is sent to the other nodes 310 within the channel 417.

An instance of a multipoint session 415 contains methods control session; for example, sending/receiving messages, creating new channels and monitoring/maintaining the status of the session.

The following is an illustrative pseudo-code for the public interface 436 ISession. The term "initiated", use the tion below, indicates that a message is sent to all nodes 310 in a particular channel 417. The specialist in this field of technology should be clear that changes of this pseudocode can be made without going beyond the scope and essence of the present invention:

{

// Triggered when a message is received from another node.

event SessionMessageEvent Message;

// Triggered when the session was not able to send // the message.

event SessionMessageErrorEvent MessageError;

// Triggered when a session is opened.

event SessionOpenedEvent Opened;

// Triggered when the session is closed.

event SessionClosedEvent Closed;

// Gets the node represented by the local user in // the session.

INode MyNode

// Gets a value that provides an indication of open // the session.

bool IsOpen

// Closes the session.

void Close();

// Checks the connection.

bool CheckConnection(INode who);

// Creates a new unopened channel.

IChannel CreateChannel(string name);

// Sends a message in a separate node in the session.

IMessage SendMessage(object message, INode to, bool ordered, object cookie);

// Stops the event messages and organizes the // incoming message.

void BeginDeferMessages();

// Removes from the queue all messages and resume events // messages.

void EndDeferMessages();

}

IChannel 433: Methods of Control Channels

If briefly refer to FIGU, it shows the different time stages, who may exist within the sequence of object creation. Once created session 415, the application 410 may create one or more objects SNO 315 and can give the interface 433 IChannel each containing objects SNO 315 context 500. Context 500 may create a channel 417 using the CreateChannel method of composition ISession 436.

IChannel 433 contains methods of control channels, such as closure, monitoring the channel status, the sending/receiving messages and identification of nodes. Each context 500 can attach handlers to events, present an open channel 417, and this context is notified when events occur. When another node joins the channel 417 or leaves the channel 417, initiated ChannelJoinedEvent and ChannelLeftEvent, respectively. When a node is considered acceptable to join a channel, initiated ChannelJoinRequestEvent.

The following is an illustrative pseudo-code for the public interface 433 IChannel. The term "initiated"as used below, means that the message is sent to all nodes 310-specific channel 417. Specialists in this field of technology should be clear that changes in this pseudocode can be made without going beyond the scope and essence of the present invention:

public interface 433 IChannel

{

// Called when the channel receives a message.

event ChannelMessageEvent Message;

// Called when the channel was not able to send // the message.

event ChnnelMessageErrorEvent MessageError;

// Called when the channel is open.

event ChannelOpenedEvent Opened;

// Called when the channel is closed. All nodes 310 // disconnected.

event ChannelClosedEvent Closed;

// Called when the local node is attached to // the channel.

event ChannelJoinedEvent Joined;

// Called when the local node leaves the channel.

event ChannelLeftEvent Left;

// Called when a node is considered acceptable to // join the channel.

event ChannelJoinRequestEvent JoinRequest;

// Called when a node joins the channel.

event ChannelNodeJoinedEvent NodeJoined;

// Called when a node leaves the channel.

event ChannelNodeLeftEvent NodeLeft;

// Called when the nodes on the channel does not have the same version of // objects SNO.

// May have been loss of data that could lead to the fact that the objects SNO in the channel are different versions of each // other.

event ChannelSynchronizationFailureEvent SynchronizationFailure;

// Called when the channel is restored after a failure // synchronization.

event ChannelSynchronizationRecoveryEvent SynchronizationRecovery;

// Gets the unique name of the channel.

string Name

// Gets the node represented by the local user to // this channel.

INode MyNode

// Get the nodes present in the channel.

INode[] Nodes

// Gets a value that provides an indication of open // the channel.

bool IsOpen

// Opens the channel.

void Open();

// Detaches all nodes from the channel.

void Close(object info);

// Connec the em to the channel of the deleted nodes.

void Join(INode from, object info);

// Disconnects channel.

void Leave(object info);

// Sends a message to all the nodes in the channel.

IMessage SendMessage(object message, MessageOrderingType orderingType, object cookie);

// Sends a message in a separate node in the channel.

IMessage SendMessage(object message, INode to, bool ordered, object cookie);

// Stops the event messages and organizes the // incoming message.

void BeginDeferMessages();

// Removes from the queue all messages and resume events // messages.

void EndDeferMessages();

}

Interface INode

Each machine 310 in the session 415 is identified by the interface INode. This interface contains a URI (Universal Identifier Information Resource) and the IIdentity interface. IIdentity standard interface defined .Net.

// Specifies a standard interface to identify the network // node.

public interface INode

{

// unique URI for the node.

string URI

// User identification data node.

IIdentity Identity

}

Types of ordering of messages:

The following enumeration defines the types of ordering of messages.

Public enum MessageOrderingType

{

// No ordering

None,

// Message sent from one node takes the // same order as they were sent.

Partial (partial),

// Messages sent from all nodes that are accepted in one // the same order.

Full,

}

IMessage:

Single multipoint (network) message; contains properties for identification:

// Specifies a standard interface for exchanging messages, // public interface IMessage

{

// Receives the one who sent the message.

INode From

// Gets the content of the message.

object Message

// Gets the type of ordering of messages.

MessageOrderingType Ordering

// Gets the optional cookie messages.

object Cookie

}

A summary of TAL 305 and its relationship with objects SNO 315

To use objects SNO 315 typically require separate implementations of interfaces TAL, because objects SNO 315 use TAL 305 to communicate with other machines 310 in the network.

In order to ensure the implementation of TAL 305, the correct version of the implementation of the network Protocol. If no version is available, you should consider the following: identify a standard network Protocol used for communication with other machines 310. For example, if the connection will be made with the Web server, the preferred Protocol may be HTTP. Interfaces TAL 305 can then be set in accordance with interfaces HTTP. For example, when TAL 305 is created for a session 415 may be created corresponding to the HTTP session. When invoked badmethod ISession.SendMessage, this message can be sent using the methods put (placed the s) and get the HTTP Protocol.

TAL 305 provides a level of abstraction for objects SNO 315, so no change is needed, if it is desirable to use SNO 315 with another network Protocol. In addition, it may be possible to share the implementation of the TAL of another person or to share implementations, if the network Protocol is appropriate.

Illustrative context 500 for the system network objects 315

Refer now to Figure 5, which shows illustrative components that may be found in the context 500. Each object 315 system may have one associated context 500. And each object 315 may be part of the same context 500. Each context 500 may contain information that traverses one or more links between a variety of system network objects (SNO) 315 and linkages between the computers 310, which may have copies of objects 315 or access to objects 315, or both. Each context 500 can contain its own unique identifier 505, which may include the number or sequence of letters, or a combination of both.

Each context 500 may also contain one or more of the following: sublist 510 security settings and permissions for each computer 310 having objects 315 in the context 500, 515 events, which may include information the accession of the computer 310 to the context 500 or leaving the computer 310 context 500, refer to the object, such as used or unused together, state changes for objects 315 in the context of 500 and state changes for the context 500; sublist 520 network objects 315, which is part of the specific context 500; sublist 525 identifiers of computers for each computer 310, which is part of the context 500.

Sublist 510 may include a set of principals (users or processes, which account for access control), which may include the permissions list, identifying which computers 310 can access the objects 315 in the context 500, and what levels of access can have the computer 310. For example, one computer 310 may be entitled only to read in relation to a specific object 315, while another computer 310 may have rights how to read and write with respect to a specific object 315.

Context 500 can identify which computers 310 has one or more specific objects 315, and can help to manage objects 315, which is part of the specific context 500. Each computer 310 has a partial or full copy of the context 500, so the computer 310 is part of it. Context 500 can help to make sure that each computer 310, which is part of the context 50, has the same version of the said one or more objects 315, which may represent a context 500. With podpiska 510 security context 500 can help you determine which computers 310 can access certain objects 315 in the context of the 500 and what the computers 310 can modify objects 315 in the context 500.

Context 500 can have an active and inactive state. In the active state of each computer 310, which is part of a separate context 500 can be provided with information about the objects 315. For example, if you have made any changes to the objects 315, which is part of the context 500, this information may be provided to the computers 310, which are copies of the interest object 315. During the active state of the context 500, each computer 310 may communicate (receive or transmit) any information concerning objects 315, which is part of the context 500.

Illustrative session 415, containing various contexts 500

Let us now turn to Figa, which shows the session 415, existing between computers 1-4. Session 415 contains a unique identifier, which is used for machines 310 wishing to join this session. Machine 310 may reside in multiple sessions at the same time. Session 415 can contain multiple contexts 50. Session 415 represents the set of machines 310, which communicate with each other. This message can occur in various contexts 500 during the session.

Let us now turn to Figv, which shows details of the first context 500A, which is part of a larger session 415 on Figa. All of the computers 310 in the context 500A, has permission to use the first and second objects 315, have a copy or at least access to the first and second objects 315, regardless of their location. For illustrative variant implementation, shown in Fig. 6A and 6B, only the first, third and fourth computers 310 are first and second objects 315. Machine 2 is not part of the context 500A, and, consequently, the machine 2 may not access or obtain a copy of the second object (but machine 2 is part of a larger session 415, as illustrated in figa).

Let us now turn to Figs, which shows details of the second context 500B, which is part of a larger session 415 on Figa. All of the computers 310 in the context of 500V, have permission to use the first and third objects 315, have a copy or at least access to the first and third objects 315, regardless of their location. For illustrative variant implementation, shown in Fig. 6A and 6C, only the first, second and fourth computers 310 have the first and third objects 315. M the bus 3 is not part of the context 500A, and, therefore, machine 3 is unable to access or obtain a copy of the object three (but the car 3 is part of a larger session 415, as shown in Figa).

Illustrative architecture of a system network object 315

Let us turn now to Fig.7, which shows an illustrative architecture of a system network object 315 according to the first illustrative variant implementation of the present invention. System network object 315 may contain shared methods that are invoked at each node in the context, local methods, which are invoked only on the local machine, and other special synchronization code, which is specific to the shared network object 315.

Creating a context 500 system with network objects 315

First machine 310, as a rule, should join the session 415. This can be accomplished by using TAL 305. The set of principals can be created and added to the context 500. They describe lists, security/access, supported by a management tool (Manager) 705 lists context shared context and implemented locally. For a system of enterprise-wide set of principals access can be obtained from a trusted location, such as Active Directory (active directory) from Microsoft or deserve ivalsa trust machine 310 in the session 415. Channel 417, which is associated with the context, can be created using the session 415.

Sharing context 500 on multiple machines 310

Sharing context 500 on multiple machines 310, method, referred to as "Share ("sharing", can be called from the Shared objec Services (services shared objects) 439, which as arguments can be passed to the channel 417 and context 500. After this happens the transmission of information, the context 500 is considered to be "shared".

Joining a context 500

In order to join the context 500, method, referred to as “Join” ("Accession"), can be called from services 439 shared objects, taking as arguments the channel 417, 500 and context node 310, which is desirable connection. Typically, the node 310 must already exist in the channel 417. And the attach request is usually sent to the specified node 310. Once the node 310 receives this message "OnJoinRequest", which may contain powers/identity joining node and the additional properties to be job Creator context 500, the receiving node 310 can choose to accept or reject the request.

And in any case, the receiving node 310 typically sends fully sequenced message in Pris is Edinaya node 310, which may contain additional information specific to the implementation of this shared context 500. This message is usually completely ordered so that any data sent in this message were synchronized with other messages sent to the channel 417. Thus, the joining node 310 may start with its context 500 in a synchronized state.

Illustrative context 500 may use this data to send existing shared objects 315 in the context of the 500 in the joining node 310, thereby maintaining a synchronized context. Joining node 310 may accept these details as a message OnJoinResponse. If the message contains the acceptance in the context 500, joining node 310 is now considered to be in the context 500.

Context 500 may receive messages indicating the status of each node 310 in the context 500. The state of the nodes may include, but not restrictively, the following: connecting, connected, disconnect, disconnected and discarded. The order of events for a node 310, joining the context 500, almost always as follows: disconnected- > connecting- > connected.

To detach the node 310 from the context 500, the order of events is usually as follows : the m: connected -> disconnect -> disconnected. At any stage node 310 may go into the reset state, indicating that the node 310 was suddenly dropped from the context.

An illustrative way to share objects between computers - attach to context 500

Let us now turn to Fig, which is a logical sequence of operations, in a General view showing an illustrative process 800 sharing sites 315 between computers 310 over the network, where the second computer 310 is attached to the session 415 to the first computer 310, according to the first illustrative variant implementation of the present invention. Step 803 is the first step in the illustrative process 800, which create the context 500 with a unique identifier relating at least to the first computer 310. On stage the first computer or node 310 may create a context 500, with a unique alphanumeric or numeric, or alphanumeric identifier, as discussed above in relation to Figure 5. The unique ID of the context can be written in the context of 500 at step 806.

At step 809 branching determines sent if the second node 310 a request to join the context 500 created by the first node 310. If the result of step 809 branching negative, then the process follows the branches "No" and returns back n the step 809. If the result of step 809 branching is positive, then the branch "Yes" proceed to step 812 branching.

At step 812 branching determine whether the second node 310 the necessary authorisation (s) to join the session with the first node 310. At this stage, the first node 310 can check their list of the 500 context, and more specifically, sublist 510 security context 500 to determine whether the first node 310 permit (permission) to access objects 315 context 500.

If the result of step 812 branching decision is negative, then the branch "No" proceed to step 815, where the fault is transmitted to the second node 310. Next, at step 818, the process 800 ends.

If the result of step 812 decision is positive, then the branch "Yes" proceed to step 821 where the context 500 add a unique identifier to the second node. Then, at step 824, generate a response to the request message to join, and format it as a fully ordered the package that includes the data of the current session and the list of recent numbers of the packages from the current nodes 310 in the session 415.

The list of recent numbers of the packages will be used at step 839, which will be discussed below with further details. At step 827, the answer intended the second node 310 and including the last batch numbers, write in the context 500. At step 836 from the et in the form of a fully ordered packet is delivered to the second node 310.

At step 833 in any other nodes in the context 500 may be sent a message regarding the fact, that the second node 310 is attached to the context 500. At step 836 branching define accepted if any of the packets in the second node 310 within the context 500. If the result of step 836 branching negative, then the branch "No" proceed to step 848.

If the result of step 836 branching is positive, then the branch "Yes" proceed to step 839 branching, where determine whether received packets older than the number of packets specified in the fully sequenced packet from the first node 310. In other words, at step 839 branching define, did the second node 310 packages or information that occurred prior to attaching the second node 310 to the context 500. The second node 310 should not use the information concerning the objects 315 context 500, which is dated and which occurred prior to the point in time at which the second node 310 has joined the session 415 and context 500.

If the result of step 839 branching is positive, meaning that the received packets contain dated information, the branch "Yes" proceed to step 842 where packets are ignored by the second node 310. If the result of step 839 branching negative, meaning that the package contains new information concerning the point in time at which the second node 310 connec is the very context 500, by branch "No" proceed to step 845, where the second node 310 processes the received packets.

Then, in step 848, the second node 310 can send a message to all other nodes 310 in the context of the 500 in that he joined the context 500. Then at step 851 branching define left if any node 310 session 415 or whether there was any node 310 flushed from a session 415. If the result of step 851 branching negative, then the branch "No" followed by the end of the process 800.

If the result of step 851 branching is positive, then the branch "Yes" to follow the procedure 857 and send the message to all nodes 310 in that node 310 left context 500. At step 860 unique identifier for the node 310, which dropped out, write in the context 500. The process 800 ends.

Description shared object 315S

Refer now to Figure 9, where given an illustrative functional block diagram showing a shared object 315S and how that object 315S can be accessed by other nodes 310 in a computer network. Shared object 315S can contain object 315, which can be used as an intermediary (that is, in the case of infrastructure .net the MarshalByRef object), and usually must declare itself as allowing joint use. According to the illustrative method Clare the population of interest 315 as allowing joint use you can use the attribute or implement the interface. Shared object 315S may contain a set of shared methods 1105. Shared methods 1105 can contain methods that, when called, are activated on all nodes 310, is connected to this shared object 315S in the context 500.

Shared methods 1105 declared with attributes that describe how must be caused by or addressed to a shared method. Attributes can be classified into at least three categories: flags of order message flags enable message and places the message. For further classifications of the attributes, see the section below for detailed descriptions, entitled "Attributes shared methods."

Attributes shared methods

Flags "order messages" can describe the way in which messages activation is sent on the shared context 500S in the other nodes 310. Three types of order messages may include, but is not in a restrictive sense: no ordering, partial ordering and total ordering. These types of ordering of the messages described above in connection with the description of TAL 305. Illustrative variant implementation of the present invention may contain a total ordering as the default option as a total ordering ensures no loss of sync.

Flags activation of shared method can determine when it should be activated shared method 1105. Shared object 315S can receive the activation shared method multiple times, each time, respectively, the change in the phase ordering of messages. The ordering of the messages, as described in TAL 305 above, usually takes place in the following way: lack of orderliness -> partial ordering -> full order -> guaranteed. At any time, at some point, the message may have failed, changing the status to "failed" (“bad”).

Shared method 1105 may declare, in any state it would be desirable to activate it. A shared context 500S usually does not guarantee that he will call the shared method 1105 at any stage except the final stage, which will either phase failure or phase specified by the flag of the order of the method. During the activation of shared method 1105 can determine the node 310, which activates this method, the current stage is activated, and any shared context 500S belongs to node 310.

Illustrative variant implementation may include the default values set in the "total ordering" is "guaranteed". This default setting can make a shared object 315S as if it existed in the local machine 310 and could not (get out of synchronism) to lose its mirror status with other nodes 310. The default is "guaranteed" ensures that shared method 1105 will not be called, if it can't be called with each node 310 in the context 500. "The institution of the message is set-up, which is a measure of the concern about whether the message is delivered to all machines 310 or not.

Registration and deregistration of shared objects 315S in the context 500

A shared context 500S can register shared objects 315S. When a shared object 315S is registered, usually requires a unique identifier. This identifier can be used to uniquely distinguish the shared object 315 in the shared context 500S. In this scenario, a proxy object 315P is returned, and the shared object 315 is now connected in the context 500. A proxy object 315P usually should be used by clients/nodes 310 of the shared object 315P. The calls to the methods of the proxy 315P can be Packed into the message activation methods and sent in a shared context 500S. It is when the message 1110 activation methods accepted in the shared context 500S, in the message using the unique identifier to locate the shared object 315, the method which should be activated. But a shared context 500S usually does not activate the shared method 1105 immediately.

Instead, a shared context 500S usually first checks at step 1115 branching its own set of principals in the sublists 510 security settings and permissions to determine whether the sending node 310 permission to activate a shared method 1105. If the result of step 1115 branching is negative, then the branch "No" proceed to step 1120, where the message is reset and the event locally is initiated in the shared context 500S. Otherwise, if the result of step 1115 positive branching, branch "Yes" proceed to step 1125 where the General context 500S activate method of a shared object 315S. Illustrative system must use the principals .Net as security principals.

It should be understood that the foregoing relates only to the illustrative options for the implementation of the present invention and that numerous changes may be made without departing from the scope of the essence and scope of the invention defined by the attached claims.

1. A way to share the system exclusive network objects between computers each system network object has multiple copies stored on different computers, including the stages at which
provide a shared context, and this shared context has a unique ID, a number associated with it a system of network objects, the identity of the computers, which store copies of each system network object, and security-related permissions that specifies the access rights of the computers to the context and system of network objects;
receive from the first computer a request to join a shared context, identifiable mentioned the unique identifier;
in response to receiving from the first computer a request to join a shared context determine whether the first computer resolution to join a shared context, and if the first computer has permission to join a shared context, allow the first computer to join a shared context; and
after the first computer was joined to a shared context,
receive from the first computer a request to modify a first system of the network object associated the th shared context,
in response to receiving from the first computer a request for modification of the first system of the network object associated with the shared context, determine whether the first computer for permission to modify the first system network object, and if the first computer has permission to modify the first system network object, allow the first computer to modify the first system network object,
when the first computer is permitted to modify the first system network object, determine whether each computer on which is stored a copy of the first system network object, as indicated shared context, to modify its copy, with a shared context indicates that at least three computer stores a copy of the first system network object,
when it is determined that each computer on which is stored a copy of the first system network object available for modification of its copy, synchronize the first system network object by notice to each computer on which is stored a copy of the first system network object, about the mentioned modifications, so that each computer can modify your copy of the first system network object, and
when at least one of the computer stores a copy of the first system network entity, not available for modification of its copy, no modify, no copy of the first system network object.

2. The method according to claim 1, wherein the request to modify the first system network object includes a request for the method call to the first network system object.

3. The method according to claim 1, wherein the first computer is stored in at least one copy of the first system network object.

4. The method according to claim 1, wherein the first computer is not stored copy of the first system network object.

5. The method according to claim 1, additionally containing a phase in which notify the computers associated with the shared context, when the first computer joins a shared context.

6. Machine-readable media containing instructions for sharing system network objects between computers, where each system network object has multiple copies stored on different computers, with the said instructions implementing a method comprising the steps, at which
provide a shared context, and this shared context has a number of associated system of network objects;
receive from the first computer a request to join the shared pin is KSTU;
determine whether the first computer resolution to join a shared context, and if the first computer has permission to join a shared context, allow the first computer to join a shared context; and
after the first computer was joined to a shared context,
receive from the first computer a request to modify a first system of the network object associated with the shared context,
determine whether the first computer for permission to modify the first system network object, and if the first computer has permission to modify the first system network object, allow the first computer to modify the first system network object,
when the first computer is permitted to modify the first system network object, determine whether each computer on which is stored a copy of the first network system of the object to modify its copy,
when it is determined that each computer on which is stored a copy of the first system network object available for modification of its copy, synchronize the first system network object by notice to each computer on which is stored a copy of the first sitenohomego object, about the mentioned modifications, so that each computer can modify your copy of the first system network entity, at least three computer stores a copy of the first system network object.

7. Machine-readable medium according to claim 6, in which a shared context further comprises identification data computers, which store copies of each system network object, and security-related permissions that specifies the access rights of the computers to the context and system of network objects.

8. Machine-readable medium according to claim 6, in which the request to modify the first system network object includes a request for the method call to the first network system object.

9. Machine-readable medium according to claim 6, in which the first computer is stored in at least one copy of the first system network object.

10. Machine-readable medium according to claim 6, in which the first computer is not stored copy of the first system network object.

11. Machine-readable medium according to claim 6, in which the method further comprises a stage on which notify the computers associated with the shared context, when the first computer joins a shared context.

12. Machine-readable medium according to claim 6, in which when at the ore one computer, stores the copy of the first system network object is not available for modification of its copy, no copy of the first system network object is not modified.

13. A computer system for sharing network system objects between computers, where each system network object has multiple copies stored on different computers containing
processor;
a component that provides a shared context, and this shared context has a number of associated system of network objects;
a component that receives from the first computer a request to join a shared context;
a component that determines whether the first computer resolution to join a shared context, and if the first computer has permission to join a shared context, allows the first computer to join a shared context; and
a component that, after the first computer was joined to a shared context,
receives from the first computer a request to access the first system network object associated with the shared context, the first computer and n is at least two other computer stores a copy of the first system network entity, and
determines whether the first computer has access permission to the first system network object and, if the first computer has permission to access the first network system object allows the first computer to access the first network system object; and
a component that, when it is determined that each computer on which is stored a copy of the first system network object available for modification of its copy, synchronize the copy of the first system network object by sending a notice to each computer on which is stored a copy of the first system network entity to the first network system object has been modified only when each computer on which is stored a copy of the first system network entity that is available to modify its copy.

14. A computer system according to item 13, in which a shared context further comprises identification data computers, which store copies of each system network object, and security-related permissions that specifies the access rights of the computers to the context and system of network objects.

15. A computer system according to item 13, in which the request to access the first system network object includes a request for the method call Pervov the system network object.

16. A computer system according to item 13, which additionally contains a component that associates at least one system network object stored on the first computer, shared context, when the first computer joins a shared context.

17. A computer system according to item 13, in which the first computer is not stored copy of the first system network object.

18. A computer system according to item 13, which additionally contains a component that notifies the computers associated with the shared context, when the first computer joins a shared context.

19. A computer system according to item 13, in which the request to access the first system network object includes a request to modify a first system network object.

20. A computer system according to item 13, in which the component that synchronizes contains
a component that, after the first computer is permitted to modify the first system network object, determines whether each computer on which is stored a copy of the first network system of the object to modify its copy, and
a component that, when it is determined that each computer on which is stored a copy of the first system network object available to DL the modification of its copy, synchronizes the first system network object by notice to each computer on which is stored a copy of the first system network object, about the mentioned modifications, so that each computer can modify your copy of the first system network object, and when the at least one computer on which is stored a copy of the first system network object is not available for modification of its copy, no modify, no copy of the first system network object.



 

Same patents:

FIELD: physics; communications.

SUBSTANCE: invention relates to communication systems. A method is proposed for sending information from a session initiating protocol intermediate node to a first session initiating protocol terminal. The method involves, upon receiving a session initiation request at the session initiation protocol intermediate node, establishment of a first session initiation protocol dialogue between the session initiation protocol intermediate node and the first session initiation protocol terminal, sending information through the said first dialogue, forwarding the said request from the session initiation protocol intermediate node to the second terminal (session initiation protocol terminal destination) before, during and after establishing the said first dialogue, and establishment of the second session initiation protocol dialogue between the first and second session initiation protocol terminals.

EFFECT: increased dialogue efficiency when establishing a communication session.

9 cl, 4 dwg

FIELD: physics; communications.

SUBSTANCE: invention relates to data transmission networks. A device and a method are proposed for administration management of a communication device using a simple network management protocol (SNMP). When a developer creates a header file of the SNMP interface through an application program during compilation apparatus for extraction based on the interface header file generates a management information base (MIB) file and object identifier information (OIDinfo). If the administrator sends a request in accordance with SNMP during execution of the program, the agent then sends OIDInfor contained in the message with the request in accordance with SNMP to an OIDInfo processing device. The OIDInfo processing device accesses a memory unit for OIDInfo and sends the agent global messaging service information (GMS). Request/response of the global messaging service (GMS) is then transmitted between the agent and the application program based on the global messaging service information (GMS).

EFFECT: improved mechanism of managing networks.

10 cl, 19 dwg, 24 tbl

FIELD: physics; communications.

SUBSTANCE: invention relates to communication engineering and specifically to establishing emergency communication sessions, for example emergency calls in IP networks. Proposed are a method and a system for establishing an emergency communication session in a communication system, which contains at least one unit of user equipment and one or more network objects participating in establishing an emergency communication session. When user equipment initiates session establishment by sending a message to a network object, in which an identifier is indicated, for example a call number or logical name of the called object, one of the network objects analyses the received identifier. Upon detection that the initiated session is an emergency communication session, information is returned to the user equipment to inform the latter that, the initiated session is an emergency communication session. After that user equipment initiates establishment of an emergency communication session. That way, even if the user equipment cannot detect on its own whether the given session is an emergency communication session, the network will inform the user equipment on the emergency communication session so as to enable its corresponding processing.

EFFECT: more reliable establishment of emergency communication session.

29 cl, 4 dwg

FIELD: physics; communications.

SUBSTANCE: invention relates to systems for transmitting code set signals and specifically to a device and a method for transmitting code set signals for naming routes using different languages when transmitting data on a system for encoding characters of route names in a message of a carousel of objects. A client using the method of transmitting code set signals includes a demultiplexer which demultiplexes the packetised elementary stream (PES), which corresponds to a program selected by the user from the broadcast stream which is received by a system interface; an image decoder which decodes the demultiplexed image PES; a sound decoder which decodes demultiplexed sound PES; and a processor which extracts from the demultiplexed message PES information on the transmission code set of the character string used in the message of the carousel of objects, and which decodes the character string used in the message of the carousel of objects based on the extracted information on the transmission code set.

EFFECT: design of a method and device for transmitting information on an encoding system, so as to present route names using different languages in a system which uses a carousel of objects.

60 cl, 9 dwg

FIELD: physics; communications.

SUBSTANCE: invention relates to data transmission networks. Data are routed from a terminal to a wide area network (WAN) through several communication channels. Communication channels connect several terminals with the WAN and all terminals are connected to each other over a local area network (LAN). For an average user, the Internet connection is not used 90-95% of the time. Therefore, combination of several connections provides the user with better bandwidth.

EFFECT: optimisation of loading a communication channel.

12 cl, 2 dwg, 4 app

FIELD: physics; communications.

SUBSTANCE: invention relates to communication systems. The method involves registration of at least one user equipment by a service provider, where after transmission of information on possible media for transmitting data between at least one user equipment and service provider, the information is then stored. The method involves sending an additional request for a data transmission session with at least one user equipment and using the stored information when establishing the requested data transmission session. Also provided are a communication system, application server and user equipment, configured for corresponding operation.

EFFECT: improved communication session establishment.

31 cl, 5 dwg

FIELD: physics; communication.

SUBSTANCE: invention relates to a method and system for efficient data transmission in communication networks. The method involves determination of information on length of at least one of the transmitted data streams, and association of the information on stream length with a system parametre message. The system parametre message, which contains information on stream length, is transmitted separately from the data stream and is included in the channel of service data characters (0IS). The given procedure simplifies demultiplexing separate streams and processing data in a stream, even if one or more separate streams are received with errors.

EFFECT: reduced error of transmitting data in wireless communication networks.

18 cl, 10 dwg

FIELD: information technologies.

SUBSTANCE: data carrier (10) receives downloading task from operator's device, channel of coded data transfer is established, and multimedia information from reliable nonlocal server (30) is sent in coded form through channel of data transfer and is recorded into memory of data carrier. Operator's device and software product are configured so that to provide user interface, for realisation of method for downloading of multimedia information.

EFFECT: prevention of unauthorised copying of information.

18 cl, 2 dwg

FIELD: information technologies.

SUBSTANCE: method of mutual authentication provides protection of applications with mobile terminals that support inherited modules for subscriber identification (for instance, SIM GSM or R-UIM CDMA2000, which do not support mechanisms AKA 3G). Exchange of query-response keys is realized between bootstrapping server function (BSF) and mobile terminal (MT). BSF generates authentication inquiry and sends it to MT according to mechanism of server-authenticated open key. MT receives query and defines whether it originated from BSF, on the basis of bootstrapping server certificate. MT formulates reply to authentication query on the basis of keys derived from authentication query and earlier jointly used secret key. BSF receives authentication reply and determines whether it originated from MT. As soon as verification is completed, BSF and MT independently calculate key of application protection provision, which BSF sends to inquiring function of network application for establishment of protected communication with MT.

EFFECT: improved protection of applications.

24 cl, 6 dwg

FIELD: information technologies.

SUBSTANCE: method is provided through method of useful data selection (initial multimedia data 13/B; 14/B'), transferred prior to completion (20) of call connection establishment (1-12; 15-19) between user-initiator of call connection establishment (terminal device A) and at least one user-addressee of call (terminal device B or terminal device B') through at least one telecommunication network (SIP-moderator), in which user-initiator (A) of call connection establishment in response message (9, 10 from B or 11,12 from B') applies data of reception address (IP-B, Port-B of terminal device B or IP-B', Port-B' of terminal device B') of user-addressee of call for at least one user-addressee (B or B') of call, so that by user-addressee (B or B') of call together with data of transfer address (IP-b, Port-b for B; IP-b', Port-b' for B') of user-addressee of call to select sent useful data (intial multimedia data 13 from B/14 from B'), at the same time data of reception address (IP-B, Port-B of B device) of user-addressee of call for addressee (B) of call also provide data of transfer address (IP-b, Port-b) of this user-addressee (B) of call.

EFFECT: improved efficiency of selection of initial multimedia useful data flows selection.

14 cl, 1 dwg

FIELD: physics; computer engineering.

SUBSTANCE: invention relates to protection of information systems, and specifically to assessment of security of information systems through presentation of system states, security requirements and a model for monitoring and controlling access using predicate logic and automatic verification of meeting security requirements on several system states, taking into account rules of the model for monitoring and controlling access. The result is achieved due to predicate presentation of system states, a model for monitoring and controlling access, security requirements, as well as application of resolution (output) rules, automating verification of security requirements on system states.

EFFECT: cutting on number of security management errors, increased guarantee of meeting security requirements, cutting on time and resource expenses on assessing security of information systems.

10 cl, 3 dwg

FIELD: physics; communications.

SUBSTANCE: invention relates to inspection technology and can be used in telecommunication systems. Values of disruptive effects on a communication line are monitored, while simultaneously evaluating transmission capacity of each type of communication line. The obtained values are scaled relative maximum values for each class of parametres. The given values are used to train artificial neural networks with radial basic elements for approximating dependency of efficiency of each type of communication line on values of disruptive effects. Matrices of synaptic weights of trained neural networks are filled and further installed in accordance with a specific designed communication network for evaluating transmission capacity from forecast values of disruptive effects, obtained with time delay. Based on the forecast values of transmission capacity for each communication line, the available network resource is allocated between subscribers taking into account their priority categories.

EFFECT: wider functional capabilities, lying in timely rendering of information services to subscribers of different categories with external disruptive effects acting on a communication network.

11 dwg

FIELD: physics; computer engineering.

SUBSTANCE: invention relates to management of security of Windows family operating systems (including Microsoft Windows 2000 Professional, Microsoft Windows 2000 Server, Microsoft Windows XP Professional, Microsoft Windows Server 2003, Microsoft Windows Server 2008, Microsoft Windows Vista Ultimate, Enterprise and Business 32-x and 64-x versions of any localisation), and specifically to comparison of configuration characteristics of operating systems from the view point of assessing their security. The result is achieved owing to possibility of comparing configuration parametres, monitoring the behaviour of changes in status and detection from a given "standard" status in Windows family operating systems after proposal of a procedure for comparing security status and switching to the analysed complete set of configuration parameters of security of user layer resources.

EFFECT: increased efficiency of assessing system security.

3 cl, 1 dwg

FIELD: physics; communications.

SUBSTANCE: invention relates to the technology of protecting digital content, and specifically to playing back digital content using licenses. A chain comprises an end license associated with content at one end, and a root license at the other end and all intermediate licenses in between. The end license and all intermediate licenses in the chain are attached to neighbouring licenses in the chain towards the root license, and the root license is attached to the private key owner (PR-U). Each license in the chain is verified and confirmation is made of whether the license allows content playback. A decryption key is obtained from the end license based on application of (PR-U) to the root license. The obtained key is used to decrypt the encrypted content, and the decrypted content is played back.

EFFECT: provision of playback of encrypted digital content on a computer in accordance with a license chain, on which a request for playing back encrypted content is received and a license chain corresponding to that content is found.

5 cl, 5 dwg

FIELD: physics; computer engineering.

SUBSTANCE: invention relates to systems and methods for coordinating software components. Version management policy, which is included in the target component, shows how to access the target component, for instance either as a library component or as a platform component. A component can be designated a library component when it creates a version which is compatible at the binary code level. When other components request for such a component, they receive exactly the component version which they requested. On the other hand, a component can be designated a platform component when it creates a version which is compatible at the bit code level. When other components request for such a component, they receive the last updated version of the requested component instead. That way, access to the corresponding component version is provided (even a version which is different from the requested version). Other implementation versions include mechanisms for stratification of the component application field, based on different data processing levels.

EFFECT: improved version management.

23 cl, 8 dwg

FIELD: physics; computer engineering.

SUBSTANCE: invention relates to computer security. In the system, according to the invention, a basic operating system is used together with a highly reliable operating system. The basic operating system is at least a certain part of infrastructure of the highly reliable system. Occlusion of elements of the graphical user interface, related to the highly reliable operating system, is prevented. Also part of the secret information, which upon command can be displayed by elements of the graphical user interface, related to the highly reliable system, is stored. Coordination of defined components of images of all elements of the graphical user interface, related to the highly reliable operating system, also enables identification of valid elements. In the system for managing windows of the basic operating system there is public heading information for window identification, belonging to the process operating under control of the highly reliable operating system. Information of the secret heading, related to same window, is used only in the highly reliable operating system.

EFFECT: invention increases security of computer systems from hacking.

30 cl, 9 dwg

FIELD: physics; computer engineering.

SUBSTANCE: invention relates to architecture and a method of permitting display of digital content with the corresponding digital license, associated with a specific computer device. Transmitting and receiving computer devices are connected to each other over a network. A transmitting device transmits protected digital content to a receiving device such that, the receiving device can access that content even if the content is directly licensed to the transmitting device and not to the receiving device.

EFFECT: coordinated access to content between computer devices on a network.

20 cl, 6 dwg

FIELD: information technologies.

SUBSTANCE: inventions are related to computer systems and methods for provision of protected access to database. System comprises memory device for protection descriptors, which store information about protection, related to at least one line of database, besides database contains at least one table that includes at least one line and two columns, in one of columns there is a protection descriptor stored, being related to line, information stored in protection descriptor comprises data about which type of access and to which principal is permitted or prohibited; database processor that issues response to query of database, based at least partially on information about protection stored in protection descriptor, which is assessed on the basis of information stored in database, and context of user that makes query; query component that contains optimiser of queries, which defines optimal route for response provision to query.

EFFECT: improved protection of access to database.

20 cl, 9 dwg, 2 tbl

FIELD: information technologies.

SUBSTANCE: there chosen is domain identifier and connection of at least one user (P1, P2, …, PN1), at least one device (D1, D2, …, DM) and at least one information element (C1, C2, …, CN2) to Authorised Domain (AD) specified with domain identifier (Domain_ID). By means of that there have been obtained many checked devices (D1, D2, …, DM) and many checked personalities (P1, P2, …, PN1), which is authorised for access to information element of the above Authorised Domain (100). Thus, access of user who controls the device to information element of authorised domain is obtained either by checking the fact that information element and user are connected to one and the same domain or by checking the fact that device and information element are connected to one and the same domain.

EFFECT: ensuring method and system for providing Authorised Domain structure based both on personalities and on devices.

12 cl, 6 dwg

FIELD: information technologies.

SUBSTANCE: checking method of certificate validity, which includes the key connected to network devices, involves the step of receiving the encoded content and validity index connected to that content in the network. Certificate validity is evaluated from the time index included in the certificate where the time index has the value corresponding to the certificate issuing date, and from validity index connected to the above encoded content.

EFFECT: simplifying the checking process of certificate validity, which provides access to data without reducing data access security.

20 cl, 12 dwg

FIELD: physics; computer engineering.

SUBSTANCE: invention relates to device control in a network. A network is controlled by running task codes and assessing results of the task codes. Task codes are instruments designed for extracting information on a specific network device. A service is made with possibility of coordinating scheduling, execution and collection of data and aggregation of each task code on different networks, for example multiple domains. Each task code is executed at the scheduled time and sends results to an analyser. The analyser formats the results and provides the service with formatted data. The service stores collected data in a database. A client can schedule and/or browse results of control actions by communicating with the service. Collected data can be compared or filtered in accordance with templates based on rules which determine acceptable configurations of the network device. Reports can be generated based on the templates so that a client can assess results of task codes executed on the entire network.

EFFECT: improved scheduling of applications.

16 cl, 7 dwg

Up!