Secure login credentials for substantially anonymous users
First Claim
Patent Images
1. A method comprising:
- receiving in a user computer a certificate from a virtual private network (VPN) server;
establishing a first secure connection between the user computer and the VPN server using a Transport Layer Security (TLS) protocol based on the certificate provided by the VPN server;
in the user computer, receiving over the first secure connection from the VPN server a login credential including a username and a password to login to the VPN server, the username and the password having been generated by the VPN server and without any identifying information provided to the VPN server;
calculating a secret encryption key based on the username and the password;
establishing a second secure connection with the VPN server using a Point-to-Point Tunneling Protocol (PPTP) tunnel based on the username and the password and the secret encryption key;
logging in to the VPN server over the second secure connection using the username and the password; and
maintaining the second secure connection indefinitely, even after the login credential expires.
2 Assignments
0 Petitions
Accused Products
Abstract
Methods and apparatus for secure communications. The techniques feature receiving over the first connection a login credential for the server, generated by the server without the use of any information identifying a computer user. The techniques further feature establishing a second secure connection with the server using a secure protocol and the login credential provided by the server.
-
Citations
15 Claims
-
1. A method comprising:
-
receiving in a user computer a certificate from a virtual private network (VPN) server; establishing a first secure connection between the user computer and the VPN server using a Transport Layer Security (TLS) protocol based on the certificate provided by the VPN server; in the user computer, receiving over the first secure connection from the VPN server a login credential including a username and a password to login to the VPN server, the username and the password having been generated by the VPN server and without any identifying information provided to the VPN server; calculating a secret encryption key based on the username and the password; establishing a second secure connection with the VPN server using a Point-to-Point Tunneling Protocol (PPTP) tunnel based on the username and the password and the secret encryption key; logging in to the VPN server over the second secure connection using the username and the password; and maintaining the second secure connection indefinitely, even after the login credential expires.
-
-
2. A method comprising:
-
on a server computer, receiving an anonymous request from a user computer to establish a first secure connection, the request including no identifying information of a user of the user computer; establishing the first secure connection between the server computer and the user computer using a Transport Layer Security (TLS) protocol; sending over the first secure connection to the user computer a username and a password, without using any identifying information identifying the user; receiving a login request containing the username and the password from the user computer; providing a distinct second secure connection between the server computer and the user computer using a Point-to-Point Tunneling Protocol (PPTP) tunnel based on the username and the password; on the server computer, receiving encrypted communications from the client computer over the second secure connection; sending encrypted communications to the client computer over the second secure connection; and maintaining the second secure connection indefinitely, even after the user name and the password expire. - View Dependent Claims (3, 4, 5, 6, 7)
-
-
8. A method comprising:
-
on a server computer, receiving an anonymous request from a user computer to establish a first secure connection, the request including no identifying information of a user of the user computer, wherein the server computer is a virtual private network (VPN) server; establishing the first secure connection between the server computer and the user computer using a Transport Layer Security (TLS) protocol or a Secure Sockets Layer (SSL) protocol; generating a username and a password without using andy information identifying the user; sending over the first secure connection to the user computer the username and the password; receiving a login request containg the username and the password from the user computer; providubg a distinct second secure connection between the server computer and the user computer based on the username and the password; and maintaining the second secure connection indefinitely, even after the user name and the password expire. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
-
Specification