The present application relates to computer architecture, and particularly to techniques for interfacing added modules into existing e-mail programs.
Background: Computer Communications
xe2x80x9cComputer communicationsxe2x80x9d was regarded as a specialized area in the 1960s or so, but now most communication is converging to a paradigm of data communication. The endpoints of data communication are not necessarily computers, but can be audio, video, or image interfaces, sensors, switches, control units, or many kinds of xe2x80x9csmartxe2x80x9d devices. Thus the established engineering principles of computer networks are becoming applicable to a wide range of applications.
Background: Networks, Packets, and Protocols
Computer network structure and operation is one of the basic areas of computer science, and a vast amount of literature has been published. One of the basic ways to structure communications over a network is to use packets of data, as in the pioneering xe2x80x9cpacket-switchedxe2x80x9d ARPANET which evolved into the Internet.
Background: Data Translations Generally
There are many types of transformations which can be useful to perform on a stream or packet of data. One very simple example is hashing. Another common example is encryption and decryption, where data is converted from a xe2x80x9cplainxe2x80x9d text (which can be read directly with the appropriate application to and from an encrypted text (which cannot be easily read without knowledge of the secret xe2x80x9ckeyxe2x80x9d data).
Background: Data Compression
In general, random (unpredictable) data cannot be compressed without loss of precision. However, many types of commonly-used data blocks are not perfectly random. To the extent that the data is not perfectly random, it can be compressed.
A wide variety of techniques have been developed for data compression. A popular, and very simple, algorithm achieves significant compression of any data stream which contains long chains of repeated bytes, and has the advantage that it will not produce a compressed output which is significantly longer than the input (as some algorithms will).
Compression does not have to be lossless, but can also be lossy. Many image compression algorithms do not permit the full original data to be recovered exactly, and such algorithms are not lossless.
Data compression can be particularly important when streaming video is sent over the Internet, as is increasingly common.
Background: Hashing
One of the simplest types of data translation is xe2x80x9chashing,xe2x80x9d where data is reversibly transformed in a way which randomizes the statistical distribution of bytes. Hashing can be a useful way to disarm viruses and/or provide a more nearly stochastic distribution of data. (Equalizing symbol distribution can help in increasing S/N ratio of data transmission.)
Background: Filtering
A special kind of data translation is filtering, where data is transformed conditionally depending on a certain test. xe2x80x9cPacket filteringxe2x80x9d is a more specific term for content-dependent routing. Any router performs address-dependent routing, but filtering implies that the data in the packet is analyzed in some fashion to affect routing. (For example, packets in which a virus signature is found may be discarded.)
Background: Digital Signature and Identification
Public-key algorithms (RSA etc.) can be useful for authenticating digital documents. An extension of this is for identification of the specific human who has chosen to authenticate the document. There are many circumstances where it would be useful for persons communicating over the Internet (or over a network) to be able to identify themselves reliably. For example, in arm""s-length Internet sales, it can be useful to definitely identify the other party. For another example, electronic publishing over the internet becomes much more practical if working access can be limited to only those users who have paid for it. For another example, some users would like to filter incoming email to exclude mailings (such as spam) which are not tagged with a reliable certificate of origin.
Keys used for digital signatures are a very long series of bits, which can be represented as long series of alphanumeric characters. Unlike Personal Identification Numbers (PINs), it is simply not feasible for individuals to remember them. For access control, such key data is typically stored in a chip (or other electronic memory), which can be embedded in a plastic card, or in another physical object such as a ring.
Background: Interfacing to Programs
In the past decade it has become increasingly difficult to introduce innovative business software products for the personal computer market. Such products must be able to interface to the widely used software application packages, and this is not always easy. In particular, it is important for communications-related software to be able to interface to Outlook, Notes, and GroupWise, and none of these are easy to program for. (The documentation provided to third-party developers is unclear and difficult to use.)
Computer communications are a somewhat unusual area of software development, in that many functions may need to be combined. A user""s full-range email program should be able to handle (using calls to other programs as needed) various compression or authentication formats, various image formats, various audio formats, various HTML or XTML extensions, various drawing formats, various special fonts, virus-checking, and other new functions as they come up. (For example, the secure communications capabilities of PGP were integrated into some email programs, such as Eudora, long before PGP was available in other email programs.) As this list indicates, the boundary between browser functions and email functions has blurred somewhat in the last decade, and this trend may continue. Thus, since email handling necessarily involves so many different data types and data operations, smooth integration is particularly important.
Background: Dongles
A recurrent theme in the software industry has been the desire to find some way to make copied software unusable. One of the earliest ways to do this was the xe2x80x9cdongle,xe2x80x9d in which a physical package containing an electronic key was attached to a port of the computer.
Data Translation Architecture
The present application describes a new system architecture for adding in functionality, and particularly for adding data translation functions between a communications program and its target (e.g. the outside world). The preferred embodiment achieves this without any need to intrude on management of the TCP/IP stack; instead, data for communication is simply addressed to a reserved (preferably loopback) address, and is snooped by a xe2x80x9ctranslation agentxe2x80x9d (software routine or hardware) either when it is being sent to the network interface unit or when it is echoed back. The translation agent can provide authentication, privacy, data reformatting, or other such functions. In alternative embodiments these ideas can be used in digital systems which are not computers, or can be used as part of a firewall or gateway, or to interface between networks using different protocols, or used in other analogous ways.
The disclosed innovations, in various embodiments, provide one or more of at least the following advantages:
simple interface into existing software;
added IP address uses without added stack handling;
good invisibility to viruses;
easy integration, even with undocumented e-mail programs;
can secure all non-protocol-level data on any TCP/IP port;
transparent to applications which use TCP/IP;
device, platform and operating system independent;
independent of any specific methodology for securing data;
recipient-dependent email modifications are easy.