Agile Network Protocol For Secure Communications With Assured System Availability.
First Claim
1. A method for establishing an encrypted channel between a client and a target, comprising the steps of:
- (i) generating a DNS request from the client; and
(ii) based on the DNS request, automatically establishing the encrypted channel between the client and the target,wherein the encrypted channel is capable of supporting services.
2 Assignments
0 Petitions
Accused Products
Abstract
A plurality of computer nodes communicate using seemingly random Internet Protocol source and destination addresses. Data packets matching criteria defined by a moving window of valid addresses are accepted for further processing, while those that do not meet the criteria are quickly rejected. Improvements to the basic design include (1) a load balancer that distributes packets across different transmission paths according to transmission path quality; (2) a DNS proxy server that transparently creates a virtual private network in response to a domain name inquiry; (3) a large-to-small link bandwidth management feature that prevents denial-of-service attacks at system chokepoints; (4) a traffic limiter that regulates incoming packets by limiting the rate at which a transmitter can be synchronized with a receiver; and (5) a signaling synchronizer that allows a large number of nodes to communicate with a central node by partitioning the communication function between two separate entities.
-
Citations
52 Claims
-
1. A method for establishing an encrypted channel between a client and a target, comprising the steps of:
-
(i) generating a DNS request from the client; and (ii) based on the DNS request, automatically establishing the encrypted channel between the client and the target, wherein the encrypted channel is capable of supporting services. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A method for establishing a secure communication link between a first device and a second device, the method comprising steps of:
- generating a request for access to a second device and automatically initiating a secure communication link between a first device and the second device, wherein the secure communication link is capable of supporting a plurality of services.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37)
- 38. A method for establishing an encrypted channel between a client and a secure device, comprising the step of automatically creating the encrypted channel as a response to a DNS request for a domain name, wherein the encrypted channel is capable of supporting services.
- 42. A method for establishing an encrypted channel between a client and a secure device, comprising the step of automatically creating the encrypted channel in response to a request for access to an IP address, wherein the encrypted channel is capable of supporting services.
-
46. A computer readable medium comprising computer readable instructions that, when executed, perform steps of:
- when a DNS request corresponds to a secure device, determining whether a client is authorized to access the secure device and, if so, automatically initiating an encrypted channel between the client and the secure device, wherein the encrypted channel is capable of supporting services.
- View Dependent Claims (47, 48)
-
49. A machine readable medium comprising machine readable instructions for performing steps of:
- generating a request for access to a second device and automatically initiating a secure communication link between a first device and the second device, wherein the secure communication link is capable of supporting a plurality of services.
-
50. A device comprising memory, the device for performing a method for creating a secure communication link, the method comprising steps of:
- generating a request for access to a second device and automatically initiating a secure communication link between the device and the second device, wherein the secure communication link is capable of supporting a plurality of services.
- View Dependent Claims (52)
-
51. A device comprising memory, the device for performing the steps of:
- receiving information as to whether a DNS request is associated with a secure device; and
when the DNS request is associated with a secure device, automatically initiating a secure communication link with the secure device, wherein the secure communication link is capable of supporting a plurality of services.
- receiving information as to whether a DNS request is associated with a secure device; and
Specification