Creating secure interactive connections with remote resources
First Claim
1. At a server in a computerized system in which the server communicates data with a client computer system through a secure connection, a method of creating the secure connection by authenticating the user initiating the connection from the client computer system relatively early in a connection process, comprising the acts of:
- receiving a connection request from a client computer system to communicate with one or more remote server resources at a server, the connection request indicating a plurality of secure communication protocols with which the client computer system is enabled;
sending a connection response to the client computer system, the connection response indicating a preferred secure communication protocol of the plurality of secure communication protocols;
confirming use of the preferred secure communication protocol through a data exchange in a secured channel set up with the client computer system; and
communicating data with a client application program of the client computer system through the preferred secure communication protocol.
2 Assignments
0 Petitions
Accused Products
Abstract
Implementations of the present invention efficiently establish secure connections between a client and server, at least in part by authenticating the client and server early on in the connection setup phases. A client initiating a connection with a server identifies the secure communication protocols enabled at the client, and identifies these protocols in a connection request it sends to the server. The server processes the message and responds with a communication protocol it deems appropriate for the connection. The client and server then exchange appropriate authentication information, and then establish a connection session that implements the chosen communication protocol, and encrypts messages using the negotiated communication protocol. Additional implementations relate to reestablishing dropped connections behind virtual Internet Protocol addresses, without necessarily having to recommit much connection resource overhead.
396 Citations
20 Claims
-
1. At a server in a computerized system in which the server communicates data with a client computer system through a secure connection, a method of creating the secure connection by authenticating the user initiating the connection from the client computer system relatively early in a connection process, comprising the acts of:
-
receiving a connection request from a client computer system to communicate with one or more remote server resources at a server, the connection request indicating a plurality of secure communication protocols with which the client computer system is enabled;
sending a connection response to the client computer system, the connection response indicating a preferred secure communication protocol of the plurality of secure communication protocols;
confirming use of the preferred secure communication protocol through a data exchange in a secured channel set up with the client computer system; and
communicating data with a client application program of the client computer system through the preferred secure communication protocol. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. At a client computer system configured to communicate data with a server through a secure connection, a method of creating the secure connection with the server by authenticating relatively early in a connection process, comprising:
-
an act of identifying a plurality of secure communication protocol capabilities at a client computer system;
a step for negotiating a preferred one of the plurality of secure communication protocol capabilities with a server, such that a mutually preferred secure communication protocol is identified;
an act of exchanging authentication information with the server using the preferred secure communication protocol, wherein authentication information from the server comprises any one of a self-signed certificate, a manually installed certificate, or a certificate received from a remote certificate authority; and
a step for confirming use of the secure communication protocol negotiated with the server with one or more initial data packets communicated during negotiation with the server. - View Dependent Claims (15, 16, 17, 18, 19)
-
-
20. At a server in a computerized system in which the server communicates data with a client computer system through a secure connection, a computer program product having computer-executable instructions that, when executed, cause one or more processors at the server to perform a method of creating the secure connection by authenticating the client computer system relatively early in a connection process, comprising the acts of:
-
receiving a connection request from a client computer system to communicate with one or more remote server resources at a server, the connection request indicating a plurality of secure communication protocols with which the client computer system is enabled;
sending a connection response to the client computer system, the connection response indicating a preferred secure communication protocol of the plurality of secure communication protocols;
confirming use of the preferred secure communication protocol through a data exchange in a secured channel set up with the client computer system; and
communicating data with a client application program of the client computer system through the preferred secure communication protocol.
-
Specification