Apparatus and method for securely connecting to a remote server
First Claim
1. A method for securely connecting to a remote server, comprising:
- receiving, by a client, a request to connect to a remote server associated with a domain name;
in response to receiving the request to connect to the remote server associated with the domain name, obtaining a Domain Name System (DNS) resolution from a Domain Name System (DNS) server,the DNS resolution obtained from the DNS server including an Internal Protocol (IP) address for the remote server,the DNS resolution obtained from the DNS server further including a service (SRV) record,the SRV record included in the DNS resolution obtained from the DNS server including at least one parameter indicating that the remote server supports at least one defined IP layer security protocol;
determining, by the client, that the remote server supports the at least one defined IP layer security protocol based on the at least one parameter indicating that the remote server supports the at least one defined IP layer security protocol included in the SRV record included in the DNS resolution obtained from the DNS server;
performing, by the client, a key exchange protocol with the remote server to generate at least one shared secret in response to determining that the remote server supports the at least one defined IP layer security protocol; and
connecting, by the client, to the remote server using the at least one shared secret in the at least one defined IP layer security protocol.
2 Assignments
0 Petitions
Accused Products
Abstract
A method for securely connecting to a remote server that provides improved Internet security. In the method, a client receives a request to connect to a remote server associated with a domain name. The client, when resolving the domain name, determines whether the remote server supports at least one predetermined IP layer security protocol. The client performs a key exchange protocol with the remote server to generate at least one shared secret in response to determining that the remote server supports the at least one predetermined IP layer security protocol. The client connects to the remote server using the at least one shared secret in the IP layer security protocol.
-
Citations
12 Claims
-
1. A method for securely connecting to a remote server, comprising:
-
receiving, by a client, a request to connect to a remote server associated with a domain name; in response to receiving the request to connect to the remote server associated with the domain name, obtaining a Domain Name System (DNS) resolution from a Domain Name System (DNS) server, the DNS resolution obtained from the DNS server including an Internal Protocol (IP) address for the remote server, the DNS resolution obtained from the DNS server further including a service (SRV) record, the SRV record included in the DNS resolution obtained from the DNS server including at least one parameter indicating that the remote server supports at least one defined IP layer security protocol; determining, by the client, that the remote server supports the at least one defined IP layer security protocol based on the at least one parameter indicating that the remote server supports the at least one defined IP layer security protocol included in the SRV record included in the DNS resolution obtained from the DNS server; performing, by the client, a key exchange protocol with the remote server to generate at least one shared secret in response to determining that the remote server supports the at least one defined IP layer security protocol; and connecting, by the client, to the remote server using the at least one shared secret in the at least one defined IP layer security protocol. - View Dependent Claims (2, 3)
-
-
4. An apparatus for securely connecting to a remote server, comprising:
-
means for receiving a request to connect to a remote server associated with a domain name; means for, in response to receiving the request to connect to the remote server associated with the domain name, obtaining a Domain Name System (DNS) resolution from a Domain Name System (DNS) server, the DNS resolution obtained from the DNS server including an Internal Protocol (IP) address for the remote server, the DNS resolution obtained from the DNS server further including a service (SRV) record, the SRV record included in the DNS resolution obtained from the DNS server including at least one parameter indicating that the remote server supports at least one defined IP layer security protocol; means for determining, that the remote server supports the at least one defined IP layer security protocol when resolving the domain name based on the at least one parameter indicating that the remote server supports the at least one defined IP layer security protocol included in the SRV record included in the DNS resolution obtained from the DNS server; means for performing a key exchange protocol with the remote server to generate at least one shared secret in response to determining that the remote server supports the at least one defined IP layer security protocol; and means for connecting to the remote server using the at least one shared secret in the at least one defined IP layer security protocol. - View Dependent Claims (5, 6)
-
-
7. An apparatus, comprising:
a processor configured to; receive a request to connect to a remote server associated with a domain name; in response to receiving the request to connect to the remote server associated with the domain name, obtain a Domain Name System (DNS) resolution from a Domain Name System (DNS) server, the DNS resolution obtained from the DNS server including an Internal Protocol (IP) address for the remote server, the DNS resolution obtained from the DNS server further including a service (SRV) record, the SRV record included in the DNS resolution obtained from the DNS server including at least one parameter indicating that the remote server supports at least one defined IP layer security protocol; determine that the remote server supports the at least one defined IP layer security protocol when resolving the domain name based on the at least one parameter indicating that the remote server supports the at least one defined IP layer security protocol included in the SRV record included in the DNS resolution obtained from the DNS server; perform a key exchange protocol with the remote server to generate at least one shared secret in response to determining that the remote server supports the at least one defined IP layer security protocol; and connect to the remote server using the at least one shared secret in the at least one defined IP layer security protocol. - View Dependent Claims (8, 9)
-
10. A non-transitory computer-readable medium, comprising:
-
code for causing a computer to receive a request to connect to a remote server associated with a domain name; code for causing the computer to, in response to receiving the request to connect to the remote server associated with the domain name, obtain a Domain Name System (DNS) resolution from a Domain Name System (DNS) server, the DNS resolution obtained from the DNS server including an Internal Protocol (IP) address for the remote server, the DNS resolution obtained from the DNS server further including a service (SRV) record, the SRV record included in the DNS resolution obtained from the DNS server including at least one parameter indicating that the remote server supports at least one defined IP layer security protocol; code for causing the computer to determine that the remote server supports the at least one defined IP layer security protocol when resolving the domain name based on the at least one parameter indicating that the remote server supports the at least one defined IP layer security protocol included in the SRV record included in the DNS resolution obtained from the DNS server; code for causing the computer to perform a key exchange protocol with the remote server to generate at least one shared secret in response to determining that the remote server supports the at least one defined IP layer security protocol; and code for causing the computer to connect to the remote server using the at least one shared secret in the at least one defined IP layer security protocol. - View Dependent Claims (11, 12)
-
Specification