Method and apparatus for encrypted communications to a secure server
First Claim
1. A method comprising:
- at a first server in a first Internet domain outside of a firewall, receiving, over a secure connection, encrypted data from a computer behind said firewall, wherein said receiving over said secure connection includes decrypting said encrypted data according to a protocol specified by said secure connection to produce decrypted data, wherein said decrypted data includes a request for a web page in a second Internet domain that is different from the first Internet domain, wherein said request is directed to a first address hosted by the first server in the first Internet domain by directing the request to a URL including an encrypted address of said web page appended after an unencrypted form of the first address;
said first server decrypting the encrypted address of the web page;
in response to said decrypting, said first server communicating with a second server in the second Internet domain to retrieve the web page from the second Internet domain; and
said first server sending data to said computer over the secure connection via the firewall, wherein said sending data includes encrypting said data, wherein said encrypted data includes said retrieved web page.
7 Assignments
0 Petitions
Accused Products
Abstract
An embodiment of the invention includes a secure server. A user at a terminal, communicatively coupled to the secure server by a secure link, can obtain web pages from web sites in a network, in encrypted form, via the secure link. Addresses associated with the web pages are altered to make it appear as if the web pages come from the secure server rather than from the web sites. Spoofing units may be used as alternative access points to the secure server, with the secure server sending the requested web pages directly to the terminal. In general, address rewriting and other manipulation can be performed on the requested web pages, such that the true sources of the web pages are disguised and such that subsequent communications from the terminal are directed to the secure server and/or spoofing unit, rather than to the true source of the web pages. Components of the user'"'"'s privacy may be sold, or advertisements may be provided, in exchange for protection of the user'"'"'s identity.
-
Citations
13 Claims
-
1. A method comprising:
-
at a first server in a first Internet domain outside of a firewall, receiving, over a secure connection, encrypted data from a computer behind said firewall, wherein said receiving over said secure connection includes decrypting said encrypted data according to a protocol specified by said secure connection to produce decrypted data, wherein said decrypted data includes a request for a web page in a second Internet domain that is different from the first Internet domain, wherein said request is directed to a first address hosted by the first server in the first Internet domain by directing the request to a URL including an encrypted address of said web page appended after an unencrypted form of the first address; said first server decrypting the encrypted address of the web page; in response to said decrypting, said first server communicating with a second server in the second Internet domain to retrieve the web page from the second Internet domain; and said first server sending data to said computer over the secure connection via the firewall, wherein said sending data includes encrypting said data, wherein said encrypted data includes said retrieved web page. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A server system, including
a first server outside of a firewall and accessible via a first Internet domain, wherein said first server includes: -
a processor; and a memory storing program instructions executable by the processor to; receive, over a secure connection, encrypted data from a computer behind said firewall, wherein said receiving over said secure connection includes decrypting said encrypted data according to a protocol specified by said secure connection to produce decrypted data, wherein said decrypted data includes a request for a web page in a second Internet domain that is different from the first Internet domain, wherein said request is directed to a first address hosted by the first server in the first Internet domain by directing the request to a URL including an encrypted address of said web page appended after an unencrypted form of the first address; decrypt the encrypted address of the web page; in response to said decrypting, communicate with a second server in the second Internet domain to retrieve the requested web page from the second Internet domain; and send data to said computer over the secure connection via the firewall, wherein said sending data includes encrypting said data according to said protocol, wherein said encrypted data includes said retrieved web page. - View Dependent Claims (7)
-
-
8. A computer-readable memory medium, including program instructions executable to:
-
at a first server in a first Internet domain outside of a firewall, receive, over a secure connection, encrypted data from a computer behind said firewall, wherein said receiving over said secure connection includes decrypting said data according to a protocol specified by said secure connection to produce decrypted data, wherein said decrypted data includes a request for a web page in a second Internet domain that is different from the first Internet domain, wherein said request is directed to a first address hosted by the first server in the first Internet domain by directing the request to a URL including an encrypted address of said web page appended after an unencrypted form of the first address; decrypt the encrypted address of the web page; in response to said decrypting, communicate with a second server in the second Internet domain to retrieve the requested web page from the second Internet domain; and send data to said computer over the secure connection via the firewall, wherein said sending data includes encrypting said data according to said protocol, wherein said encrypted data includes said retrieved web page. - View Dependent Claims (9, 10)
-
-
11. A method comprising:
-
at a first server in a first Internet domain outside of a firewall, receiving via a second server in a second Internet domain different from the first Internet domain, over a secure connection, encrypted data originating from a computer behind said firewall, wherein said receiving over said secure connection includes decrypting said encrypted data according to a protocol specified by said secure connection to produce decrypted data, wherein said decrypted data includes a request for a web page in a third Internet domain that is different from the first and second Internet domains, wherein said request is directed to a first address hosted by the first server in the first Internet domain by directing the request to a URL including an encrypted address of the web page appended after an unencrypted form of the first address; the first server decrypting the encrypted address of the web page; in response to said decrypting, the first server communicating with a third server in the third Internet domain to retrieve the web page from the third Internet domain; and the first server sending data to said computer over the secure connection via the firewall, wherein said sending data includes encrypting said data, wherein said encrypted data includes said retrieved web page. - View Dependent Claims (12, 13)
-
Specification