Agile network protocol for secure communications using secure domain names
First Claim
1. A device, comprising:
- a first communication interface connected to a first link having a first bandwidth;
a second communication interface connected to a second link having a second bandwidth, wherein the first bandwidth is greater than the second bandwidth;
memory storing instructions for a link guard function; and
one or more processors configured to execute the instructions to;
receive, via the first communication interface, a packet transmitted over the first link, the packet being destined for a node on the second link, wherein the node on the second link comprises an edge server;
determine that the first bandwidth of the first link is greater than the second bandwidth of the second link;
cryptographically authenticate the packet responsive to determining that the first bandwidth of the first link is greater than the second bandwidth of the second link;
determine, based on a result of cryptographically authenticating the packet, whether the packet belongs to a virtual private network;
when it is determined that the packet belongs to the virtual private network, transmitting the packet on the second link with a first quality of service; and
when it is determined that the packet does not belong to the virtual private network, transmitting the packet on the second link with a second quality of service that is lower than the first quality of service.
2 Assignments
0 Petitions
Accused Products
Abstract
A network device comprises a storage device storing an application program for a secure communications service, and at least one processor configured to execute the application program for the secure communications service so as to enable the network device to send a request to look up a network address of a second device based on an identifier associated with the second device, receive an indication that the second device is available for the secure communications service, the indication including the requested network address and provisioning information for a secure communication link, connect to the second device over the secure communication link, using the received network address of the second device and the provisioning information for the secure communication link, and communicate at least one of video data and audio data with the second device using the secure communications service via the secure communication link.
365 Citations
12 Claims
-
1. A device, comprising:
-
a first communication interface connected to a first link having a first bandwidth; a second communication interface connected to a second link having a second bandwidth, wherein the first bandwidth is greater than the second bandwidth; memory storing instructions for a link guard function; and one or more processors configured to execute the instructions to; receive, via the first communication interface, a packet transmitted over the first link, the packet being destined for a node on the second link, wherein the node on the second link comprises an edge server; determine that the first bandwidth of the first link is greater than the second bandwidth of the second link; cryptographically authenticate the packet responsive to determining that the first bandwidth of the first link is greater than the second bandwidth of the second link; determine, based on a result of cryptographically authenticating the packet, whether the packet belongs to a virtual private network; when it is determined that the packet belongs to the virtual private network, transmitting the packet on the second link with a first quality of service; and when it is determined that the packet does not belong to the virtual private network, transmitting the packet on the second link with a second quality of service that is lower than the first quality of service. - View Dependent Claims (2, 5, 6, 7, 8)
-
-
3. A method, comprising:
-
receiving, at a first communication interface connected to a first link, a packet destined for a node on a second link, the first link having a greater bandwidth than second link, wherein the node on the second link comprises an edge server; determining, based at least in part on the first link having the greater bandwidth than the second link, that a link guard function is to be implemented; cryptographically authenticating the packet based at least in part on determining that the link guard function is to be implemented; determining, based on a result of cryptographically authenticating the packet, whether the packet belongs to a virtual private network; when it is determined that the packet belongs to the virtual private network, transmitting the packet on the second link with a first quality of service; and when it is determined that does not belong to the virtual private network, transmitting the packet on the second link via a second communication interface with a second quality of service that is lower than the first quality of service. - View Dependent Claims (4, 9, 10, 11, 12)
-
Specification