EP-4740432-A1 - SYSTEM AND A METHOD FOR BIDIRECTIONAL SCHEME TRANSLATION

EP4740432A1EP 4740432 A1EP4740432 A1EP 4740432A1EP-4740432-A1

Abstract

The present disclosure relates to a system (125) and a method (600) for bidirectional scheme translation The system (125) includes a conversion unit (220) converts a first scheme to a second scheme based on acceptable schemes of a second node (406), when the request is initiated to be transmitted from a first node (402) to the second node. A storage unit (225) stores data pertaining to the first scheme, the second scheme and the request at a memory. A transceiver (230) transmits the request from the first node to the second node and receives a response from the second node subsequent to transmission of the request from the first node to the second node. Further, the conversion unit (220) converts the second scheme to the first scheme. Further, the transceiver (230) transmits the response from second node to first node. The method (600) includes various steps for bidirectional scheme translation.

Inventors

BHATNAGAR, AAYUSH
BISHT, SANDEEP
MISHRA, RAHUL
Sharma, Nupur
SINHA, ANURAG
PANDEY, PRASHANT KUMAR

Assignees

Jio Platforms Limited

Dates

Publication Date: 20260513
Application Date: 20240701

Claims (20)

1. A method (600) for bidirectional scheme translation, the method (600) comprises the steps of: converting (602), by the one or more processors (205), a first scheme associated with a request to a second scheme based on checking one or more acceptable schemes of a second node (406), when the request is initiated to be transmitted from a first node (402) to the second node (406); storing (604), by the one or more processors (205), data pertaining to, the first node (402) and the associated first scheme, the second node (406) and the associated second scheme and the request at a cache memory (404); transmitting (606), by the one or more processors (205), the request from the first node (402) to the second node (406) utilizing the second scheme associated with the first node (402); receiving (608), by the one or more processors (205), a response from the second node (406) utilizing the second scheme subsequent to transmission of the request from the first node (402) to the second node (406); converting (610), by the one or more processors (205), the second scheme to the first scheme pertaining to the response from the second node (406) subsequent to checking at the cache memory of utilization of the first scheme by the first node (402) while transmitting the request to the second node (406); and transmitting (612), by the one or more processors (205), the response from the second node (406) to the first node (402) utilizing the converted first scheme.
2. The method (600) as claimed in claim 1 , wherein the scheme is at least one of, a protocol.
3. The method (600) as claimed in claim 1, wherein the first scheme is a Hypertext Transfer Protocol Secure (HTTPS) and the second scheme is a Hypertext Transfer Protocol (HTTP).
4. The method (600) as claimed in claim 1, wherein the one or more acceptable schemes of the second node (406) include schemes which the second node (406) is compatible to transmit and receive data.
5. The method (600) as claimed in claim 1, wherein the one or more processors (205), performs conversion pertaining to the schemes utilizing a Security Edge Protection Proxy (SEPP), wherein the SEPP is at least one of, a Consumer SEPP (cSEPP) (104), Producer SEPP (pSEPP) (110).
6. The method (600) as claimed in claim 1 , wherein the request received from the first node (402) is at least one of, a Uniform Resource Locator (URL).
7. The method (600) as claimed in claim 1, wherein the cache memory (404) stores a mapping information pertaining to the first scheme with the second scheme.
8. The method (600) as claimed in claim 7, wherein the mapping information including at least one of, identified URL attributes such as an Internet Protocol (IP) address, a Port number or a Fully Qualified Domain Name (FQDN) service name, wherein the one or more combinations of the URL attributes are mapped with the SEPP verified FQDN.
9. The method (600) as claimed in claim 1, wherein one or more processors (205), performs at least one of, enabling or disabling the conversions pertaining to the schemes based on one or more flags with true or false conditions related to the one or more acceptable schemes pertaining to the second node (406).
10. A system (125) for bidirectional scheme translation, the system (125) comprising: a conversion unit (220), configured to, convert, a first scheme associated with a request to a second scheme based on checking one or more acceptable schemes of a second node (406), when the request is initiated to be transmitted from a first node (402) to the second node (406); a storage unit (225), configured to, store, data pertaining to, the first node (402) and the associated first scheme, the second node (406) and the associated second scheme and the request at a cache memory (404); a transceiver (230), configured to: transmit, the request from the first node (402) to the second node (406) utilizing the second scheme associated with the first node (402); receive, a response from the second node (406) utilizing the second scheme subsequent to transmission of the request from the first node (402) to the second node (406); the conversion unit (220), configured to, convert, the second scheme to the first scheme pertaining to the response from the second node (406) subsequent to checking at the cache memory (404) of utilization of the first scheme by the first node (402) while transmitting the request to the second node (406); and the transceiver (230), configured to, transmit, the response from the second node (406) to the first node (402) utilizing the converted first scheme.
11. The system (125) as claimed in claim 10, wherein the scheme is at least one of, a protocol.
12. The system (125) as claimed in claim 10, wherein the first scheme is a Hypertext Transfer Protocol Secure (HTTPS) and the second scheme is a Hypertext Transfer Protocol (HTTP).
13. The system (125) as claimed in claim 10, wherein the one or more acceptable schemes of the second node (406) include schemes which the second node (406) is compatible to transmit and receive data.
14. The system (125) as claimed in claim 10, wherein the one or more processors (205), performs conversion pertaining to the schemes utilizing a Security Edge Protection Proxy (SEPP), wherein the SEPP is at least one of, a Consumer SEPP (cSEPP) (104), Producer SEPP (pSEPP) (110).
15. The system (125) as claimed in claim 10, wherein the request received from the first node (402) is at least one of, a Uniform Resource Locator (URL).
16. The system (125) as claimed in claim 10, wherein the cache memory (404) stores a mapping information pertaining to the first scheme with the second scheme.
17. The system (125) as claimed in claim 16, wherein the mapping information including at least one of, identified URL attributes such as an Internet Protocol (IP) address, a Port number or a Fully Qualified Domain Name (FQDN) service name, wherein the one or more combinations of the URL attributes are mapped with the SEPP verified FQDN.
18. The system (125) as claimed in claim 10, wherein one or more processors (205), performs at least one of, enabling or disabling the conversions pertaining to the schemes based on one or more flags with true or false conditions related to the one or more acceptable schemes pertaining to the second node (406).
19. A User Equipment (UE) (102), comprising: one or more primary processors (305) communicatively coupled to one or more processors (205), the one or more primary processors (305) coupled with a memory (310), wherein said memory (310) stores instructions which when executed by the one or more primary processors (305) causes the UE (102) to: transmit, a request to a second node (406) in order to avail one or more services; and wherein the one or more processors (205) is configured to perform the steps as claimed in claim 1.
0. A non-transitory computer-readable medium having stored thereon computer- readable instructions that, when executed by a processor (205), causes the processor (205) to: convert, a first scheme associated with a request to a second scheme based on checking one or more acceptable schemes of a second node (406), when the request is initiated to be transmitted from a first node (402) to the second node (406); store, data pertaining to, the first node (402) and the associated first scheme, the second node (406) and the associated second scheme and the request at a cache memory (404); transmit, the request from the first node (402) to the second node (406) utilizing the second scheme associated with the first node (402); receive, a response from the second node (406) utilizing the second scheme subsequent to transmission of the request from the first node (402) to the second node (406); convert, the second scheme to the first scheme pertaining to the response from the second node (406) subsequent to checking at the cache memory (404) of utilization of the first scheme by the first node (402) while transmitting the request to the second node (406); and transmit, the response from the second node (406) to the first node (402) utilizing the converted first scheme.

Description

A SYSTEM AND A METHOD FOR BIDIRECTIONAL SCHEME TRANSLATION FIELD OF THE INVENTION [0001] The present invention generally relates to communication networks, and more particularly relates to a system and a method for bidirectional scheme conversion integrated within a Security Edge Protection Proxy (SEPP). BACKGROUND OF THE INVENTION [0002] Security Edge Protection Proxy (SEPP) is a proxy deployed at an edge or a perimeter of a Public Land Mobile Network (PLMN) and enables secured communication between inter-PLMN network messages. SEPP is a just proxy enabled to authenticate, provide confidentiality protection, and enable integration protection between two different mobile service providers i.e., inter-PLMN. [0003] For e.g., a person visiting India with a SIM issued in another country can access the mobile network in India, with roaming enabled using the SEPP deployed at various geo-sites. Further the SEPP implemented transport layer security (TLS) for the service layer information exchanged between two different PLMNs. The TLS connection may be implemented on a User Datagram Protocol (UDP) or a Transmission Control Protocol (TCP). [0004] Further as the SEPP is deployed at the edge of the network, the SEPP may act as interface between the two inter-PLMN networks. Since, the deployment of the SEPP is at the edge of the network, and SEPP relies on the TLS, non-secured communication can be exchanged within the periphery or within the edge of the network. [0005] Using of HTTP or unencrypted communication within the edge of the SEPP, enables reduced latency in the communication, since time is not lost in encryption and decryption. [0006] However, converting HTTP into HTTPS and vice versa provides a major challenge, and therefore there is need for a system and a method enabling bidirectional translation. SUMMARY OF THE INVENTION [0007] One or more embodiments of the present disclosure provide a system and method for bidirectional scheme translation. [0008] In one aspect of the present invention, a system for bidirectional scheme translation is disclosed. The system includes a conversion unit configured to convert a first scheme associated with a request to a second scheme based on checking one or more acceptable schemes of a second node, when the request is initiated to be transmitted from a first node to the second node. The system further includes a storage unit configured to store data pertaining to the first node and the associated first scheme, the second node and the associated second scheme and the request at a cache memory. The system further includes a transceiver configured to transmit the request from the first node to the second node utilizing the second scheme associated with the first node. Further, the system includes the transceiver configured to receive a response from the second node utilizing the second scheme subsequent to transmission of the request from the first node to the second node. The system further includes the conversion unit configured to convert the second scheme to the first scheme pertaining to the response from the second node subsequent to checking at the cache memory of utilization of the first scheme by the first node while transmitting the request to the second node. Further the system includes the transceiver unit configured to transmit the response from the second node to the first node utilizing the converted first scheme. [0009] In one embodiment, the scheme is at least one of a protocol. [0010] In another embodiment, the first scheme is a Hypertext Transfer Protocol Secure (HTTPS) and the second scheme is a Hypertext Transfer Protocol (HTTP). [0011] In yet another embodiment, the one or more acceptable schemes of the second node include schemes which the second node is compatible to transmit and receive data. [0012] In yet another embodiment, the one or more processors performs conversion pertaining to the schemes utilizing a Security Edge Protection Proxy (SEPP). The SEPP is at least one of, a Consumer SEPP (cSEPP), Producer SEPP (pSEPP). [0013] In yet another embodiment, the request received from the first node is at least one of, a Uniform Resource Locator (URL). [0014] In yet another embodiment, the cache memory stores a mapping information pertaining to the first scheme with the second scheme. [0015] In yet another embodiment, the mapping information including at least one of, identified URL attributes such as an Internet Protocol (IP) address, a Port number or a Fully Qualified Domain Name (FQDN) service name, wherein the one or more combinations of the URL attributes are mapped with the SEPP verified FQDN. [0016] In yet another embodiment, the one or more processors performs at least one of, enabling or disabling the conversions pertaining to the schemes based on one or more flags with true or false conditions related to the one or more acceptable schemes pertaining to the second node. [0017] In another aspect of the present invention, a method for bidirection