Network-based mobile workgroup system
DC CAFCFirst Claim
1. A network-based mobile workgroup system comprising:
- a plurality of mobile client nodes, each mobile client node providing an interface for user interaction by a mobile user;
a plurality of mobile service router nodes, each mobile service router node providing a mobile Virtual Private Network (VPN) to the mobile client nodes spanning multiple router hops and sites;
a network address identifier (NAI) with which a user of a mobile client is uniquely identified to the mobile VPN system; and
a set of firewall filters and route policies with which the workgroup is protected, wherein the mobile VPN provides each mobile client secure data access to the VPN and provides secure data access to each mobile client from within the mobile VPN, wherein a point of attachment of any mobile client node to the mobile VPN may change without affecting that mobile client node'"'"'s participation in the mobile VPN.
6 Assignments
Litigations
1 Petition
Accused Products
Abstract
A network-based mobile workgroup system has considerably wider appeal and application than normal virtual private networks in that it provides seamless mobility across a number of access technologies at the same time as it offers a granular security separation down to workgroup level. The mobile workgroup system is an access management system for mobile users with VPN and firewall functionality inbuilt. The mobile user can access the mobile workgroup system over a set of access technologies and select server resources and correspondent nodes to access pending their workgroup membership approvals. All workgroup policy rules are defined in a mobile service manager and pushed down to one or more mobile service routers for policy enforcement. The mobile service router closest to the mobile client, and being part of the mobile virtual private network, performs regular authentication checks of the mobile client during service execution. At the same time it performs traffic filtering based on the mobile user'"'"'s workgroup memberships. Together, these two components constitute an unprecedented security lock, effectively isolating a distributed workgroup into a mobile virtual private network.
525 Citations
101 Claims
-
1. A network-based mobile workgroup system comprising:
-
a plurality of mobile client nodes, each mobile client node providing an interface for user interaction by a mobile user;
a plurality of mobile service router nodes, each mobile service router node providing a mobile Virtual Private Network (VPN) to the mobile client nodes spanning multiple router hops and sites;
a network address identifier (NAI) with which a user of a mobile client is uniquely identified to the mobile VPN system; and
a set of firewall filters and route policies with which the workgroup is protected, wherein the mobile VPN provides each mobile client secure data access to the VPN and provides secure data access to each mobile client from within the mobile VPN, wherein a point of attachment of any mobile client node to the mobile VPN may change without affecting that mobile client node'"'"'s participation in the mobile VPN. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87, 88, 89, 90, 91, 92, 93, 94, 95, 96, 97, 98, 99, 100, 101)
-
Specification