Load balancing approach for scaling secure sockets layer performance
US7111162B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Sep 10, 2001 |
| Grant date | Sep 19, 2006 |
| Priority date | — |
| Expiry date | Dec 28, 2023 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L67/1034
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A load-balancing approach for scaling Secure Sockets Layer (SSL) performance is disclosed. During a handshake phase of establishing a SSL connection among a client and server, a processor card identifier value, processor identifier value, and session index value are encoded in a session identifier value that is sent to a client. When the client subsequently resumes the SSL session, it provides the session identifier value, and the encoded values are used for routing the session to an SSL processor that has the negotiated security parameters for the session. In one embodiment, a load balancer distributes the SSL sessions across multiple SSL termination engines that actually carry out SSL processing, based on the card identifier value and the processor identifier. If one of the SSL termination engine cards fails, the load balancer card routes all sessions destined for the failed card to other cards that are operating. The SSL processor that receives such session data determines that it does not have a session table entry matching the session identifier, creates a new session identifier and gives the new session identifier to the client.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.