Computer systems may be coupled together in various ways to enable communications between them, including being coupled together in networks such as local area networks (LANs), wide area networks (WANs), or combinations of networks, such as the Internet. Data may be transferred (e.g., copied or moved) between computer systems in various ways. For example, a particular data file may be transmitted from a source computer system to a destination computer system in the form of a stream of packets. In the case of IP (Internet protocol) packets, each packet contains a portion of the data of the data file, and includes an IP address for the destination computer system. The destination computer system receives the stream of packets, reassembles the data file, and may store and/or process the data file in any manner.
An important issue in computer communications is the maintaining of security for the transferred data. It is desired to be able to transfer data between computer systems over a network without the data being intercepted and exploited by unintended entities (e.g., third parties). Various security protocols exist for securing communications by authenticating and/or encrypting each data packet of a data stream. Examples of such security protocols include Internet Protocol Security (IPsec), Secure Sockets Layer (SSL), Transport Layer Security (TLS), and Secure Shell (SSH).
A computer system may include an “agent” configured to enable secure data transfers with other computer systems. A first agent (e.g., at the source computer system) may ensure that data packets representing objects (e.g., content) are sent in order and as part of a session, and a corresponding agent (e.g., at the destination computer system) determines whether the data packets are received in order and if any data packets are not received. Agents may be configured in various ways to perform data transfers.
For instance, in a first type of data transfer session, the source and destination agents perform an authentication process, and a cookie or similar mechanism is established at the source and destination computer systems to be used for authentication. Data representing an object is transferred from the source agent in the form of packets that are each encrypted according to the cookie. The destination agent receives the packets, ensuring that each received packet is part of the session and is received in order. After confirming an object is successfully received, the destination agent requests a next object. The source and destination agents may re-perform the authentication process prior to transferring the next object, or may proceed with transferring the next object using the already-established cookie for authentication.
This type of data transfer session has disadvantages. For example, authentication is a lengthy/costly process, and if authentication is performed before transferring each object, a relatively high process cost is incurred. Alternatively, if multiple objects are transferred based on a single authentication (e.g., using a single cookie), data transfer security is reduced.
In another type of data transfer session, the source and destination agents perform an authentication process, and all objects to be transferred from the source agent are transferred. The destination agent waits until it receives the objects, and then indicates to the source agent whether all of the objects were successfully received. This type of data transfer session also has disadvantages. For example, the data packets representing the objects must all be confirmed to be received by the destination agent prior to completing the session. The destination computer system may need a relatively large amount of memory/storage to store the received packets representing the objects prior to determining that the session is complete. If the destination agent crashes before all data packets are received, and loses its state with regard to the session, the session may need to be completely re-performed, including re-performing authentication and transmission of all data packets.