Architecture of XMPP proxy for server-to-server connections

The Extensible Messaging and Presence Protocol (XMPP) is one of the most popular Instant Messaging (IM) protocols which uses a client-server working mode. This protocol uses different connection primitives for both client-to-server (c2s) and server-to-server (s2s) connections. It is actively used in mission-critical operations where the reliability and security of communication systems is always imperative. One approach to secure services and private networks is to use proxy services as security gateways. Proxies enable interoperability between different security domains acting as Information Exchange Gateways (IEGs). In this paper we present an architecture of the XMPP proxy for s2s connections. The system is based on an Openfire XMPP server with a Hazelcast clustering plugin, and a Hazelcast clustering link is used between the XMPP server and the XMPP Proxy. We have constructed an implementation to verify and validate the presented approach. Our proposal enables an effective seamless connection for XMPP proxies. Furthermore, it increases the system security for example, terminating both TCP and XMPP flows to prevent malicious attacks. Finally, we show that the proposal does not significantly increase the anticipated delay of the communication.