A. Field of the Invention
The present invention relates to a system and method for network communication, especially to a system and method which allows host computers in computer networks to share data and resources without being blocked by security systems.
B. Description of the Prior Art
In a computer network, host computers can share data and resources via a network connection. In such cases, the host computers may either have been configured to grant the access right to designated computers or protected under the same security system. Current Internet technology encourages a distributed system for allocating data and resource over the Internet and then integrates the resources and data via a browser, an operating system or an application software. For instance, a web page may have many reference links to other web pages or forms located in other web sites. Or, a host computer in one city may have access rights to printer resources in a host computer in another city as long as they can establish a network connection.
Conventionally, the network connection is established under the control of the servers or gateways. The server may maintain a database for recording legal connections based on the identifier, network address, or communication protocols. The gateways may block illegal accesses via a list of restricted network addresses. Many enterprises also implement firewalls in their servers or host computers to prevent from illegal accesses. A host computer in an enterprise network may be protected under several layers of security systems. Consequently, with so many security systems built in the networks, the data and resource sharing among host computers is getting more complicated and hard to control. Before a network connection is established, a user may have to pass several identity checks. Thus, it makes real-time data or resource sharing almost impossible.
Accordingly, it is an object of the present invention to provide a system and method which can provide an obstacle-free communication services on the computer networks, thereby to allow host computers to share data and resources freely without being blocked by their security systems.
It is another object of the present invention to provide a system and method which can allow almost real-time data and resource sharing among host computers, thereby to enhance the network communication.
It is yet still another object of the present invention to provide a system and method which can save the efforts on modifying existing security systems for data and resource sharing on the Internet.
Briefly described, the present invention encompasses a system of obstacle-free network communication. The system mainly comprises three elements, namely Agent module, Initiator module, and Acceptor module. The Agent module is implemented in a computer server while the Initiator module and the Acceptor in host computers. When there is a security system in the network of the Acceptor, the Initiator will sign up a reverse connection request to the Agent. At the same time, the Acceptor will periodically query the Agent to see if there is a connection request for the Acceptor. If there is such a request, the Agent will reply for the Acceptor to build a reverse connection to the Initiator so that the Initiator can send data to the Acceptor.
On the other hand, when both the Initiator and the Acceptor are blocked by security systems, the Initiator will have to sign up a virtual connection request to the Agent and send the data to the Agent. The Acceptor also query the Agent periodically to check if there is a connection request for the Acceptor. If yes, the Agent will reply for the Acceptor to build a virtual connection to the Agent. And then the Acceptor will fetch data from the Agent. Consequently, even when no direct connection can be established between the Iniator and the Acceptor, their communication is still available via the Agent.
When both host computers are blocked by their security systems, the method of the invention comprises the steps of: (1) first, sending a virtual connection request from an Initiator module of a host computer to an Agent module of a computer server. (2) Then, transmitting data from the Initiator module of the first host computer to the Agent module of the computer server. (3) Storing the virtual connection request bound with the data in a storage means of the computer server, such as a memory device, a database, or a hard disk. (4) Periodically querying the Agent module of the computer server from an Acceptor module of the second host computer to see if the storage means is empty. (5) When the storage means is not empty, fetching the virtual connection request and the data from the computer server.
On the other hand, when only the Acceptor is protected under a security system, the method of the invention comprises the steps of: (1) Sending a reverse connection request from the Initiator to an Agent. (2) Storing the reverse connection request in a storage means of the Agent, such as a database, a memory device, or a hard disk. (3) Periodically querying the Agent from an Acceptor to see if the storage means is not empty. (4) when said storage means is not empty, fetching the reverse connection request from the Agent to said Acceptor. (5) Establishing a reverse connection from the Acceptor to the Initiator to receive data from the Initiator.
When there is no security system between the Acceptor and the Initiator, the Acceptor and the Initiator can communicate to each other without the coordination of the Agent.