PRIVATE NETWORK SYSTEM AND METHOD
First Claim
1. A method for forming a secure virtual private network (VPN) consisting of two or more linked entities having internet connectability where each entity has links with at least one other device on the VPN, said method comprising the steps of:
- (a) providing a lookup device having a known address with an undatable index of entities known to be connectable to the VPN, which look up device accepts requests from known entities (“
joining entity”
) wishing to link to the VPN,(b) causing at least one pre-designated contact entity on the VPN to periodically poll the lookup device for received joining requests,(c) said lookup device receiving a request from a joining entity to connect to the VPN(d) in response to a poll for joining requests said lookup device notifying the polling contact entity of at least the address of each joining entity,(e) if the contact entity permits a connection to the VPN, the contact entity supplies at least its address to the lookup device which passes this to the joining entity,(f) the joining entity and contact entity establish a first link between them,(g) the joining entity and the contact entity conduct an authentication process over said first link,(h) and if the authentication process is successful the contact entity notifies the joining entity of at least the status of other entities belonging to the VPN and notifies all entities on the VPN that the joining device is joining the VPN,(i) said joining device using the status of other entities belonging to the VPN to calculate its node position in the VPN including the one or two neighbour entities it will connect to,(j) said one or two neighbour entities initiating a process of the type specified in steps (c) to (f) with said lookup entity to establish one or more second links with said joining entity and terminating said first link,(k) and said joining entity and at least one neighbour entity conducting a mutual authentication process which if successful sustains said one or more second links.
1 Assignment
0 Petitions
Accused Products
Abstract
A method for forming a secure virtual private network (VPN) is described. The secure virtual private network consists of two or more linked entities having internet connectability where each entity has links with at least one other device on the VPN. The method comprising the steps of: providing a lookup device having a known address with an updatable index of entities known to be connectable to the VPN. Causing at least one pre-designated contact entity on the VPN to periodically poll the lookup device for received joining requests. The look up device accepts requests from known entities (“joining entity”) wishing to link to the VPN. The lookup device receives a request from a joining entity to connect to the VPN. In response to a poll for joining requests the lookup device notifies the polling contact entity of at least the address of each joining entity. If the contact entity permits a connection to the VPN, the contact entity supplies at least its address to the lookup device which passes this to the joining entity. The joining entity and contact entity establish a first link between them. The joining entity and the contact entity conduct an authentication process over the first link. If the authentication process is successful the contact entity notifies the joining entity of at least the status of other entities belonging to the VPN and notifies all entities on the VPN that the joining device is joining the VPN. The joining device uses the status of other entities belonging to the VPN to calculate its node position in the VPN including the one or two neighbour entities it will connect to. The one or two neighbour entities initiating a process of the type specified above to connect with the lookup entity to establish one or more second links with the joining entity and terminating the first link. The joining entity and at least one neighbour entity conducting a mutual authentication process which if successful sustains the one or more second links.
67 Citations
19 Claims
-
1. A method for forming a secure virtual private network (VPN) consisting of two or more linked entities having internet connectability where each entity has links with at least one other device on the VPN, said method comprising the steps of:
-
(a) providing a lookup device having a known address with an undatable index of entities known to be connectable to the VPN, which look up device accepts requests from known entities (“
joining entity”
) wishing to link to the VPN,(b) causing at least one pre-designated contact entity on the VPN to periodically poll the lookup device for received joining requests, (c) said lookup device receiving a request from a joining entity to connect to the VPN (d) in response to a poll for joining requests said lookup device notifying the polling contact entity of at least the address of each joining entity, (e) if the contact entity permits a connection to the VPN, the contact entity supplies at least its address to the lookup device which passes this to the joining entity, (f) the joining entity and contact entity establish a first link between them, (g) the joining entity and the contact entity conduct an authentication process over said first link, (h) and if the authentication process is successful the contact entity notifies the joining entity of at least the status of other entities belonging to the VPN and notifies all entities on the VPN that the joining device is joining the VPN, (i) said joining device using the status of other entities belonging to the VPN to calculate its node position in the VPN including the one or two neighbour entities it will connect to, (j) said one or two neighbour entities initiating a process of the type specified in steps (c) to (f) with said lookup entity to establish one or more second links with said joining entity and terminating said first link, (k) and said joining entity and at least one neighbour entity conducting a mutual authentication process which if successful sustains said one or more second links. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. Computer software for forming a secure virtual private network (VPN) consisting of two or more linked entities having internet connectability where each entity has links with at least one other entity on the VPN and a lookup device connected to the internet having a known address with an updatable index of entities known to be connectable to the VPN, said software residing on each said entity and comprising:
-
(a) a routine for connecting to said lookup device and making a request to said lookup device to join to the VPN, (b) a routine for polling the lookup device for received joining requests, (c) a routine for receiving from the lookup device at least the address of each joining entity, (d) a routine for matching the address of each joining entity with stored criteria, (e) a routine which allows matched entities to establish a first link between them, (f) an authentication routine which enables entities which have established a first link to mutually authenticate the identity of the other, (g) a routine which if the authentication process is successful notifies the joining entity of at least the status of other entities belonging to the VPN and notifies all entities on the VPN that the joining device is joining the VPN, (h) a routine which uses the status of other entities belonging to the VPN to calculate the node position in the VPN and the one or two neighbour entities that the entity on which the routine resides will connect to, (i) a routine which through said lookup device establishes one or more second links with said one or more neighbouring entities in said VPN and ends said first link, (j) a routine which invokes said authentication routine to conduct mutual authentication between said linked neighbouring entities and which if successful sustains said one or more second links. - View Dependent Claims (18, 19)
-
Specification