Method and system for user created personal private network (PPN) with secure communications and data transfer

US 20050132183A1
Filed: 12/16/2003
Published: 06/16/2005
Est. Priority Date: 12/16/2003
Status: Abandoned Application

First Claim

Patent Images

1. A personalized private network (PPN), comprising:

two or more participating parties (clients) with digital information devices each with an Internet or network oriented enabled set of objects that links the client to a computer network infrastructure to establish and maintain a secure connection between the client and the PPN client server of a PPN;

a PPN client server (PCS) that receives and responds to the requests or communications received from any actual or potential PPN client having, through a set of enabled objects, access to the computer network infrastructure;

a set of browser-based management objects (BBMO) that allow any actual or potential source participant (source client (SC)) that is capable of accessing a computer network infrastructure through a set of enabled objects to setup and maintain a PPN;

a set of browser-based management objects that allows any actual or potential recipient participant (recipient client (RC)) that is capable of accessing the computer network infrastructure through a set of enabled objects to establish and maintain a communication relationship with a source client and potentially a plurality of recipient clients of a PPN;

a set of browser-based information management objects that allows a plurality of recipient clients, that have been authorized by a source client, to access and participate in the transfer of communication and data though a PPN;

a customized infrastructure of PPN secure pipelines created by the PPN client server at the direction of the source client specifically to fulfill the point to point communications requirements defined by the source client;

an encryption process which utilizes the U.S. Government approved Advanced Encryption System (AES), or other encryption scheme, as the encrypted format, between the plurality of recipient clients and the source client on the established PPN;

where the keys to the encrypted format of the data transferred over all of the secure pipelines is keyed with a set of manually established key inputs and a set of automated key inputs that are combined according to a PPN based cryptographic algorithms to create a secure key access code;

a set of browser-based information management objects that allows the source client at his discretion to disconnect and terminate from access and participation on the PPN, any one or all of the plurality of, recipient clients on the established PPN;

a set of browser-based information management objects that allows the source client and the recipient participants to monitor the real-time communications access status and access rights to each RC and SC on an established PPN;

a set of browser-based information management objects that allows any authorized RC on a PPN to withdraw from an active connection, and also return to an active connection status on an established PPN;

a set of browser-based information management objects that operates an RC authentication system located at least partially within the secure PPN network, the secure PPN being configured to allow direct access to the PPN client server by an RC only after the RC is authenticated by the client authentication system;

a set of browser-based information management objects that operates a resource locator transformer which modifies non-secure resource locators in data being sent from the PPN client server to the RCs and SC by replacing them with corresponding secure resource locators; and

the physical components of a least one or more Recipient Clients (RCs);

one or more the PPN Client Server (PPNCS); and

one or more Source Clients (SCs) and the optional component, one or more Removable Storage Devices (RSDs).

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods and systems are provided for any individual with access to a network to create, operate and thereafter dismantle a personal private network (PPN) which is secure across all forms of media which facilitate digital data transfer, including but not limited to, both wireless and wireline based networks. In one embodiment, utilizing browser-based management objects and a PPN client server the present invention provides for any individual with access to the Internet or other types of networks to create, control and utilize his own PPN with any one or a plurality of authorized participants. This invention facilities this capability with the creation of secure pipelines between each authorized participant of the PPN, where, if necessary, to establish these secure pipelines, a tunnel under, around or through border servers and/or firewalls is created. Each PPN provides the authorized participants with complete freedom to communicate, to review information and to transfer data between participants with full and complete encryption security. The creation, operation and the dismantlement of a PPN is totally within the capabilities and control of the originating party, the source client, and requires no actions from any network or system administrators. Additionally, all of the PPN secure pipeline creation and infrastructure mapping for the enablement of the PPN, plus access controls and codes for authorizing participation and initiating participation and disconnection can be encased in a PPN secure access key.

Citations

23 Claims

1. A personalized private network (PPN), comprising:
- two or more participating parties (clients) with digital information devices each with an Internet or network oriented enabled set of objects that links the client to a computer network infrastructure to establish and maintain a secure connection between the client and the PPN client server of a PPN;
  
  a PPN client server (PCS) that receives and responds to the requests or communications received from any actual or potential PPN client having, through a set of enabled objects, access to the computer network infrastructure;
  
  a set of browser-based management objects (BBMO) that allow any actual or potential source participant (source client (SC)) that is capable of accessing a computer network infrastructure through a set of enabled objects to setup and maintain a PPN;
  
  a set of browser-based management objects that allows any actual or potential recipient participant (recipient client (RC)) that is capable of accessing the computer network infrastructure through a set of enabled objects to establish and maintain a communication relationship with a source client and potentially a plurality of recipient clients of a PPN;
  
  a set of browser-based information management objects that allows a plurality of recipient clients, that have been authorized by a source client, to access and participate in the transfer of communication and data though a PPN;
  
  a customized infrastructure of PPN secure pipelines created by the PPN client server at the direction of the source client specifically to fulfill the point to point communications requirements defined by the source client;
  
  an encryption process which utilizes the U.S. Government approved Advanced Encryption System (AES), or other encryption scheme, as the encrypted format, between the plurality of recipient clients and the source client on the established PPN;
  
  where the keys to the encrypted format of the data transferred over all of the secure pipelines is keyed with a set of manually established key inputs and a set of automated key inputs that are combined according to a PPN based cryptographic algorithms to create a secure key access code;
  
  a set of browser-based information management objects that allows the source client at his discretion to disconnect and terminate from access and participation on the PPN, any one or all of the plurality of, recipient clients on the established PPN;
  
  a set of browser-based information management objects that allows the source client and the recipient participants to monitor the real-time communications access status and access rights to each RC and SC on an established PPN;
  
  a set of browser-based information management objects that allows any authorized RC on a PPN to withdraw from an active connection, and also return to an active connection status on an established PPN;
  
  a set of browser-based information management objects that operates an RC authentication system located at least partially within the secure PPN network, the secure PPN being configured to allow direct access to the PPN client server by an RC only after the RC is authenticated by the client authentication system;
  
  a set of browser-based information management objects that operates a resource locator transformer which modifies non-secure resource locators in data being sent from the PPN client server to the RCs and SC by replacing them with corresponding secure resource locators; and
  
  the physical components of a least one or more Recipient Clients (RCs);
  
  one or more the PPN Client Server (PPNCS); and
  
  one or more Source Clients (SCs) and the optional component, one or more Removable Storage Devices (RSDs).
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 2. Wherein the PPN defined in claim 1, including the browser-based information management objects, enables many different kinds of computers and digital information devices, such as, but not limited to, desk-top and lap-top personal computers (PCs);
    - workstations, personal digital assistants (PDAs); and
      
      other wireline and wireless digital information devices, to connect and maintain access to a PPN; and
      
      thereby allowing the PPN to operate from and across many types of communication media and digital information devices; and
      
      , in effect, making the PPN a computer and network platform-independent operation.
  - 3. Wherein the PPN defined in claim 1, including the browser-based information management objects, enables many different kinds of computers and digital information devices, such as, but not limited to, desk-top and lap-top personal computers (PCs);
    - workstations, personal digital assistants (PDAs); and
      
      other wireline and wireless digital information devices to simultaneously access the PPN; and
      
      to utilize the existing network resources such as, but not limited to, network printers, servers and disk storage.
  - 4. Wherein the PPN defined in claim 1, including the browser-based information management objects, enables many different kinds of computers and digital information devices, such as, but not limited to, desk-top and lap-top personal computers (PCs);
    - workstations;
      
      personal digital assistants (PDAs); and
      
      other wireline and wireless digital information devices;
      
      to perform remote access from remote sites through standard Internet browsers.
  - 5. Wherein the PPN defined in claim 1, enables many PPN clients (both RCs and SC) utilizing many different kinds of computers and digital information devices to simultaneously setup and maintain a uniquely identifiable and separately operated PPN, where the source client can originate, maintain and operate a PPN from an desk top PC;
    - a workstation;
      
      a laptop;
      
      a personal digital assistant (PDA);
      
      or any other digital information device which can gain access to the Internet, an Intranet, or some other media which allows the browser-based information management objects to transfer digital information between two or more clients.
  - 6. Wherein the PPN defined in claim 1, enables browser-based information objects to perform queries, to transfer of digital information, and to retrieve information by and between PPN clients in a secure environment.
  - 7. Wherein the PPN defined in claim 1, enables operation in a digitally secure environment between the PPN clients by creating one or more secure digital pipelines, providing secure communications, irrespective of the medium of digital communications, including, but not limited to, such media as wireline and wireless systems and networks.
  - 8. Wherein the PPN defined in claim 1, enables operations in a digitally secure environment between the PPN clients by creating one of more secure digital pipelines, providing secure communications, irrespective of the operating environment from which the participating PPN client resides, or through which the secure pipeline must pass, including, but not limited to, such operating environments as wide area networks (WANs), local area networks (LANs) and open access, or no-area-networks (NOANs).
  - 9. Wherein the PPN defined in claim 1, enables every PPN client utilizing many different kinds of computers and digital information devices to simultaneously query, access, transfer and retrieve information between PPN clients who are attached to a specific PPN.
  - 10. Wherein the PPN defined in claim 1, enables a PPN client to actively and simultaneously participate as a client on one or more PPNs.
  - 11. Wherein the PPN defined in claim 1, enables the PPN client server using an Internet or network oriented enabled set of objects and secure pipeline software to create a secure tunnel between the PPN client and the PPN client server through any and all firewalls, border or network servers and other digital devices.
  - 12. Wherein the PPN defined in claim 1, is configured to allow direct access to the authorized PPN clients using network addresses within the secure PPN while denying direct access from unauthorized network addresses outside of the PPN.
  - 13. Wherein the PPN defined in claim 1, is configured to allow direct access to the authorized PPN clients by transmitting communications and data to the PPN clients over secure pipeline tunnels through any and all firewalls and network servers and establishes a secure digital data pipeline for continued use by the PPN clients during the useful operational life of the PPN.
  - 14. Wherein the PPN defined in claim 1, is configured as a personal, source client (SC) defined, private, secured intranet to which the source client may add and delete recipient clients and through which all participating clients may query, receive, transfer and distribute data and information.
  - 15. Wherein the PPN defined in claim 1, enables the SC and the recipient client (RC) to collect, store and upon demand utilize the code, data and logic needed to create a PPN and to participate in a PPN and that such embodiment may reside in any digital median including a computer hard drive or a PPN secure access device, such as a flash USB drive, a DVD, a CD, a diskette or other form of removable media device. Additionally, all of the PPN secure pipeline creation and infrastructure mapping for the enablement of the PPN, plus access controls and codes for authorizing participation and initiating participation and disconnection can be encased in a PPN secure access key.
  - 16. Wherein the PPN defined in claim 1, the using steps include, but are not limited to, each PPN client providing to the PPN client server:
    - a client user name and a user password;
      
      a request for access to the PPN client server;
      
      a request for the creation of a secure connection between the PPN client server and the PPN client by and through any and all firewalls, border or network servers and other digital devices;
      
      the identification of the specific PPN to which the secure connection is to be attached;
      
      a PPN client authentication system to authenticate the right of the client to access the specified PPN;
      
      an indication that the PPN client is operating in a stand-by state;
      
      a live state;
      
      a dormant state or such other states of communication participation; and
      
      a request for termination of participation in the PPN.

17. A method of providing secure pipeline connections between a source client'"'"'s digital information device and one or more recipient client'"'"'s digital information device, comprising:
- through the use of a set of browser-based management objects, receiving, at the PPN client server, information regarding the source client digital device and the one or more recipient client'"'"'s digital devices sufficient to facilitate establishment of a secure pipeline connection between a source client'"'"'s digital information device and one or more recipient clients'"'"' digital information devices;
  
  by first creating an end-to-end secure private digital data link between a source client'"'"'s digital information device and the PPN client server; and
  
  second by creating a second end-to-end secure private digital data link between the one or more recipient clients'"'"' digital information devices and the PPN client server; and
  
  thereby establishing a secure, private pipeline connections between the parties that is functionally administered as to the establishment, the addition and the deletion of clients and maintenance of the security by an PPN client server, who'"'"'s actions are directed by the creating client the source client.

18. A data processing system which utilizes mini-web browsers operating on the digital information device of a participating individual'"'"'s digital network access device for providing a connection between an initiating computer or digital network access device and one or more recipient computers or digital network access devices, comprising:
- a PPN client server that receives information regarding the requests of these accessing devices, thought the use of a set of browser-based management objects, to facilitate the establishment and on-going operations of a secure connections between these multiple computers and digital network access devices;
  
  one initiating computer or digital network access devices;
  
  one or more recipient computers or digital network access devices; and
  
  an end-to-end secure digital data transfer link between the initiating computer or digital network access device and one or more recipient computers or digital network access devices.

19. A computer-readable medium containing instructions for controlling a computer network to perform a method for providing a connection and a secure pipeline between a source computer and a response computer, or a plurality of response computers, where the term computer means any device which will function to provide access to a network infrastructure and will support the operation of a mini-web browser and the use of a set of browser-based management objects, the method comprising:
- receiving, at a third computer, also known as an PPN client server, a set of browser based management objects information provided by the source and the response computer'"'"'s mini-browsers, browser-based management objects and additional information received by the web browser operated by the PPN client server regarding the source and the response computers such as to facilitate the establishment of a secure connection between the source computer and the one or more response computers;
  
  using such information and specific browser-based management object'"'"'s information to create, first an end-to-end secure link between the source computer and PPN client server;
  
  next, to create a second end-to-end secure links between the one or more response computers and the PPN client server;
  
  thereafter, to merge these multiple end-to-end secure links into a network of secure pipelines and create a personal private network (PPN) which is serviced by the PPN client server, a set of browser-based management objects and directed by the source computer; and
  
  to maintain and operate the PPN until directed by the source computer or other events to dismantle the network.

20. A system for enabling an individual user to establish and control the member participants of a network between a first processor (the digital information device within the control of the PPN network creating user) and a second processor (the digital information device within the control of the PPN network recipient user), wherein the first and second processors are separate from said system and are each identifiable by a name, said system comprising:
- a tunneling interface that provides for one or more processors separate from the system a set of names that includes the name of the first processor, receives information indicating on behalf of the first processor a selection of one or more of the names in the set of names, receives information indicating a consent on behalf of the first processor for enabling a tunnel extending from the first processor to the second processor, and receives information indicating a consent on behalf of the second processor for enabling a tunnel extending from the second processor to the first processor, wherein the indication of consent on behalf of the second processor includes selecting the name of the first processor; and
  
  a controller that determines a first virtual address for the first processor and a second virtual address for the second processor such that the first and second virtual addresses uniquely identify the first and second processors, respectively, and are routable through the network, and that provides to each of the first and second processors the first and second virtual addresses to enable one or more tunnels between the first and the second processors.
- View Dependent Claims (21, 22, 23)
- - 21. The system of claim 20, including the ability for supporting a single first processor and a plurality of second processors within a personal private network (PPN).
  - 22. The system of claim 20, including the ability for full and complete encryption security of all data transferred through the tunnels.
  - 23. The system of claim 20, including the ability for full and complete independent operations and support of a plurality of simultaneously operating and functioning, and totally independent PPNs

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Glenn Gearhart
Original Assignee
Glenn Gearhart
Inventors
Gearhart, Glenn

Application Number

US10/737,685
Publication Number

US 20050132183A1
Time in Patent Office

Days
Field of Search
US Class Current

713/150
CPC Class Codes

H04L 63/029 Firewall traversal, e.g. tu...

H04L 63/0428 wherein the data content is...

Method and system for user created personal private network (PPN) with secure communications and data transfer

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

23 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for user created personal private network (PPN) with secure communications and data transfer

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

23 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links