Secure Remote Access Public Communication Environment

US 20100161960A1
Filed: 12/15/2009
Published: 06/24/2010
Est. Priority Date: 12/17/2008
Status: Active Grant

First Claim

Patent Images

1. A method in a user device for establishing a connection between a user application and an enterprise application through a virtual private network (VPN) client, the method comprising the steps of:

intercepting, by an agent, a request to an operating system service for establishing the connection, the request originating from the user application; and

establishing a communication channel between the VPN client and the agent based upon the intercepted request.

View all claims

8 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system provide a user device with secure access to an enterprise application in an enterprise network through VPN. The enterprise application is accessed from a user device such that it sends and receives data packets through the VPN client. For this, a request to send packets, originating from the user application, is intercepted by a VPN agent associated with the user application. In turn, the VPN agent associates an address of a loop-back interface with the user application. Thereafter, packets sent by the user application, are re-directed to the VPN client through the loop-back interface. Similarly, packets received by the VPN client from the enterprise network are routed through the loop-back interface to the user application.

65 Citations

View as Search Results

20 Claims

1. A method in a user device for establishing a connection between a user application and an enterprise application through a virtual private network (VPN) client, the method comprising the steps of:
- intercepting, by an agent, a request to an operating system service for establishing the connection, the request originating from the user application; and
  
  establishing a communication channel between the VPN client and the agent based upon the intercepted request.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 15)
- - 2. The method of claim 1, wherein the request comprises a socket application program interface (API) call.
  - 3. The method of claim 1, wherein the step of establishing a communication channel between the VPN client and the agent comprises creating a loop-back interface between the VPN client application and the agent.
  - 4. The method of claim 3, wherein the creation of the loop-back interface comprises changing a destination address in the request to a loop-back interface address.
  - 5. The method of claim 4, further comprising the step of requesting, by the agent to the VPN client, to listen in the loop-back interface.
  - 6. The method of claim 1, wherein the agent is associated with the user application by the VPN client.
  - 7. The method of claim 1, wherein the step of intercepting by the agent comprises hooking an application program interface (API) call for creation of a socket.
  - 15. The method of claim 1, wherein the step of intercepting by the agent comprises hooking an application program interface (API) call for creation of a socket.

8. A method in a user device for transmitting a data packet from a user application through a VPN client to an enterprise application, the method comprising the steps of:
- changing a destination address of the data packet to a loop-back interface address, the loop-back interface address having been associated with the user application in response to intercepting by an agent a request to an operating system service for establishing a connection with the enterprise application, the request originating from the user application; and
  
  forwarding the data packet to the VPN client.
- View Dependent Claims (9, 10)
- - 9. The method of claim 8, further comprising the step of mapping the loop-back interface address to an address associated with a VPN tunnel.
  - 10. The method of claim 9, further comprising the step of using a Transport Control Protocol/Internet Protocol (TCP/IP) stack to prepare the data packet for transmission by a tunnel in accordance with the mapping.

11. A method in a user device for establishing a connection between an enterprise application and a user application through a virtual private network (VPN) client, the method comprising the steps of:
- intercepting, by an agent, a request to an operating system service to enable listening for requests by other applications to connect with the user application, the request originating from the user application;
  
  requesting by the agent to the VPN client to forward connection requests from the enterprise application;
  
  receiving by the VPN client connection requests from the enterprise application through a VPN tunnel; and
  
  establishing a communication channel between the VPN client and the agent based upon the received connection requests.
- View Dependent Claims (12, 13, 14)
- - 12. The method of claim 11, wherein the request to an operating system service comprises a socket application program interface (API) call.
  - 13. The method of claim 11, wherein the step of establishing a communication channel between the VPN client and the agent comprises creating a loop-back interface between the VPN client application and the agent.
  - 14. The method of claim 11, wherein the agent is associated with the user application by the VPN client.

16. A system for remote virtual private network (VPN) access, comprising:
- an enterprise network including an enterprise application; and
  
  a user device, wherein the user device includes an agent module adapted to intercept a request to an operating system service for establishing a connection from a user application to an enterprise application and establish a communication channel between the VPN client and the agent based upon the intercepted request.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The system of claim 16, wherein the request comprises a socket application program interface (API) call.
  - 18. The system of claim 16, wherein the agent module is further adapted to create a loopback interface between the VPN client application and the agent.
  - 19. The system of claim 18, wherein the agent is further adapted to request the VPN client to listen in the loop-back interface.
  - 20. The system of claim 16, wherein the agent has been associated with the user application by the VPN client.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
RPX Clearinghouse LLC (RPX Corporation)
Original Assignee
Nortel Networks Limited (Nortel Networks Corporation)
Inventors
Sadasivan, Biju

Granted Patent

US 8,893,260 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/152
CPC Class Codes

H04L 63/0272 Virtual private networks

H04L 63/1408 by monitoring network traff...

Secure Remote Access Public Communication Environment

First Claim

8 Assignments

0 Petitions

Accused Products

Abstract

65 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Secure Remote Access Public Communication Environment

First Claim

8 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

65 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links