System and Method for Application-Level Virtual Private Network
First Claim
1. A method for application-level virtual private networking, comprising the steps of:
- requesting access for sending requestor messages to an external resource by a requestor application within a user workstation;
identifying the requester application and calculating a hash value of the requestor application by a connection manager within the user workstation;
forwarding the requestor messages and the calculated application hash value by the connection manager over a network to a channel gateway;
receiving the requestor messages and the calculated application hash value by a channel receiver within the channel gateway;
authenticating the received requestor messages using the calculated application hash value and forwarding the requestor messages to the external resource; and
receiving the requestor messages by the external resource.
1 Assignment
0 Petitions
Accused Products
Abstract
A method for enabling users to securely share application information and resources by granting resource owners access to user-application combinations. It provides a means for ensuring that only approved and unaltered applications may access available resources. A connection negotiation scheme allows both ends of a communication channel to agree on a specific version of a specific application to be used to access a target resource. Once agreement is reached, a virtual private network channel may be established between approved applications and designated resources that enable channel encryption using an encryption key and a verified signature using a calculated hash value of the negotiated application.
-
Citations
22 Claims
-
1. A method for application-level virtual private networking, comprising the steps of:
-
requesting access for sending requestor messages to an external resource by a requestor application within a user workstation;
identifying the requester application and calculating a hash value of the requestor application by a connection manager within the user workstation;
forwarding the requestor messages and the calculated application hash value by the connection manager over a network to a channel gateway;
receiving the requestor messages and the calculated application hash value by a channel receiver within the channel gateway;
authenticating the received requestor messages using the calculated application hash value and forwarding the requestor messages to the external resource; and
receiving the requestor messages by the external resource. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A system for application-level virtual private networking, comprising:
-
means for requesting access for sending requestor messages to an external resource by a requestor application within a user workstation;
means for identifying the requestor application and calculating a hash value of the requestor application by a connection manager within the user workstation;
means for forwarding the requestor messages and the calculated application hash value by the connection manager over a network to a channel gateway;
means for receiving the requestor messages and the calculated application hash value by a channel receiver within the channel gateway;
means for authenticating the received requester messages using the calculated application hash value and forwarding the requestor messages to the external resource; and
means for receiving the requestor messages by the external resource. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
-
-
21. A user interface method for application-level virtual private networking, comprising:
defining a remote resource to be accessed without connection negotiation, including;
selecting a remote resource to be accessed;
designating a local port for accessing a virtual private network;
providing an IP address of the remote resource;
assigning a port number where the remote resource is available;
defining a connection for the requestor application, including;
using an executable application program for connecting to the remote resource;
selecting a remote resource designation;
supplying a user ID;
entering a password; and
clicking an enable button for accessing the remote resource. - View Dependent Claims (22)
Specification