Automatic hardware-enabled virtual private network system
First Claim
1. An automatic hardware-enabled virtual private network system comprising:
- a first token, wherein said first token is configured to be coupled to a computing device, a subnet box, and a key database, wherein said key database comprises a serial number and a secret cryptographic key associated with said token.
2 Assignments
0 Petitions
Accused Products
Abstract
The present invention provides a technique for automatically establishing efficient, remote, secure client connections to one or more locations using a smart card enabled client driver and a smart card enabled network edge device (“Subnet Box”) capable of establishing an end-to-end hardware encrypted tunnel between itself and the client. In an embodiment of the invention, a method of establishing a secure communications tunnel comprises the steps of: authenticating a remote client to a subnet box on a private network, wherein the remote client is connected to the subnet box via a public network, establishing a tunnel between the remote client and the subnet box, and encapsulating all traffic in the tunnel, wherein the tunnel is established only when a unique physical token is coupled to the remote device. The unique physical token comprises a smartcard and is configured to be inserted into a communications port of the remote device. The step of authenticating comprises the steps of: receiving an authentication packet, wherein the first authentication packet comprises an identifier identifying the unique physical token and a first random number, and transmitting a response authentication packet, wherein the response authentication packet comprise a second random number. The step of establishing a secure communications tunnel comprises the step of generating a cryptographic key based on the first and second random numbers.
-
Citations
12 Claims
-
1. An automatic hardware-enabled virtual private network system comprising:
-
a first token, wherein said first token is configured to be coupled to a computing device, a subnet box, and a key database, wherein said key database comprises a serial number and a secret cryptographic key associated with said token. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method of establishing a secure communications tunnel, the method comprising the steps of:
-
authenticating a remote client to a node on a private network, wherein said remote client is connected to said node via a public network, establishing a tunnel between said remote client and said node, and encapsulating all traffic in said tunnel, wherein said tunnel is established only when a unique physical token is coupled to said remote device. - View Dependent Claims (9, 10, 11, 12)
-
Specification