Method and apparatus for providing secure communication with a relay in a network
First Claim
1. A method of providing a connection between a first computer and a second computer, comprising:
- receiving, at a third computer, information regarding one of the first and second computers to facilitate establishment of a secure connection between the first computer and the second computer;
creating a first end-to-end security link between the first computer and third computer; and
creating a second end-to-end security link between the second computer and the third computer to establish the secure connection.
2 Assignments
0 Petitions
Accused Products
Abstract
Methods and systems of the present invention include providing a connection between a first computer and a second computer by receiving, at a third computer, information regarding one of the first and second computers to facilitate establishment of a secure connection between the first computer and the second computer, creating a first end-to-end security link between the first computer and third computer, and creating a second end-to-end security link between the second computer and the third computer to establish the secure connection. The first and second computers could be a client and a server on the Internet, and these methods and systems can, for example, increase the possible number of new secure connections to the server. The third computer also permits processing of information transmitted between the client and server in the third computer. For example, the information could be reformatted or used in testing a process of one of the first and second computers.
285 Citations
26 Claims
-
1. A method of providing a connection between a first computer and a second computer, comprising:
-
receiving, at a third computer, information regarding one of the first and second computers to facilitate establishment of a secure connection between the first computer and the second computer;
creating a first end-to-end security link between the first computer and third computer; and
creating a second end-to-end security link between the second computer and the third computer to establish the secure connection. - View Dependent Claims (2, 3, 4, 5, 6)
processing information transmitted between the first and second computers in the third computer.
-
-
5. The method according to claim 4, wherein the processing includes reformatting information received at the third computer from one of the first and second computers.
-
6. The method according to claim 4, wherein the processing includes testing a process of one of the first and second computers.
-
7. A method of processing data transmitted between a client and a server, comprising:
-
providing an authentication token of the client to a trusted relay computer;
receiving a request from the user for a connection between the client and the server;
transmitting the request to the trusted relay computer;
creating a first end-to-end security link between the client and the trusted relay computer;
providing the authentication token to the server;
authenticating the client in the server;
creating a second end-to-end security link between the server and the trusted relay computer;
initiating transfer of information between the client and the server through the trusted relay computer; and
during the transfer, processing, in the trusted relay computer, the information transferred between the client and the server. - View Dependent Claims (8, 9, 10)
-
-
11. A method of connecting a plurality of clients to a server, comprising:
-
providing a plurality of trusted relays between the plurality of clients and the server;
providing each of the trusted relays with a certificate of the server and a private key of the server;
for each of the trusted relays, creating first end-to-end security links between a number of the plurality of clients and a respective trusted relay using the certificate and public key of the server; and
creating second end-to-end security links between the server and each of the respective trusted relays. - View Dependent Claims (12, 13, 14)
-
-
15. A data processing system for providing a connection between a first computer and a second computer, comprising:
-
a third computer that receives information regarding one of the first and second computers to facilitate establishment of a secure connection between the first computer and the second computer;
a first end-to-end security link between the first computer and third computer; and
a second end-to-end security link between the second computer and the third computer to establish the secure connection. - View Dependent Claims (16, 17, 18, 19, 20)
-
-
21. A system including a client that receives a request from a user for a connection between the client and a server, which authenticates the client based on an authentication token, the system comprising:
-
a trusted relay including a storage device that stores the authentication token of the client and a device that processes information transmitted between the client and the server;
a first end-to-end security link between the client and the relay; and
a second end-to-end security link between the server and the relay. - View Dependent Claims (22, 23, 24)
-
-
25. A system of connecting a plurality of clients to a server, comprising:
-
a plurality of trusted relays between the plurality of clients and the server, each including a storage device that stores a certificate of the server and a private key of the server;
first end-to-end security links between each of the plurality of clients and any one of the relays, the first end-to-end security links created using the certificate and public key of the server; and
second end-to-end security links between the server and each of the relays.
-
-
26. A computer-readable medium containing instructions for controlling a computer network to perform a method for providing a connection between a first computer and a second computer, the method comprising:
-
receiving, at a third computer, information regarding one of the first and second computers to facilitate establishment of a secure connection between the first computer and the second computer;
creating a first end-to-end security link between the first computer and third computer; and
creating a second end-to-end security link between the second computer and the third computer to establish the secure connection.
-
Specification