Third party VPN certification

US 7,986,688 B2
Filed: 09/14/2006
Issued: 07/26/2011
Est. Priority Date: 01/18/2001
Status: Expired due to Fees

First Claim

Patent Images

1. A method of creating a virtual private network (VPN) between first and second devices, comprising:

from the first device querying an online database to request a secure domain name address of the second device, wherein the querying supplies a remote name of a pre-authorized VPN name pair to the online database;

receiving the secure domain name address in response to the querying;

forwarding to and receiving from the second device respective verified certificates for the VPN connection, wherein the certificates each contain at least one verified VPN parameter for the first and second devices, respectively; and

establishing a VPN connection using the VPN parameters.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A virtual private network (VPN) over a telecommunications network is created by sending a request from a first VPN device to a second VPN device for establishing a VPN between the first and second VPN devices. The request includes a first signed certificate having a verified VPN parameter for the first VPN device. A reply is received at the first VPN device from the second VPN device that includes a second signed certificate having a verified VPN parameter for the second VPN device. The VPN is established between the first and second VPN devices based on each verified VPN parameter for each of the first and second VPN devices.

21 Citations

View as Search Results

22 Claims

1. A method of creating a virtual private network (VPN) between first and second devices, comprising:
- from the first device querying an online database to request a secure domain name address of the second device, wherein the querying supplies a remote name of a pre-authorized VPN name pair to the online database;
  
  receiving the secure domain name address in response to the querying;
  
  forwarding to and receiving from the second device respective verified certificates for the VPN connection, wherein the certificates each contain at least one verified VPN parameter for the first and second devices, respectively; and
  
  establishing a VPN connection using the VPN parameters.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, further comprising:
    - storing information identifying a plurality of pre-authorized VPN name pairs, the name pairs each including a local device name and a remote device name for a VPN connection.
  - 3. The method of claim 2, wherein the information identifying the plurality of pre-authorized VPN name pairs further includes information identifying a VPN connection type for the pair.
  - 4. The method of claim 2, wherein the information identifying the plurality of pre-authorized VPN name pairs further includes wildcard information in at least one of the local or remote device names.
  - 5. The method of claim 1, further comprising:
    - storing a plurality of verified certificates for the first device, the plurality of verified certificates containing different VPN parameters.
  - 6. The method of claim 5, further comprising:
    - associating the stored plurality of verified certificates with a plurality of different local names.
  - 7. The method of claim 1, wherein the querying further supplies a public key of the first device to the online database, and wherein the online database uses the public key to verify the identity of the first device.
  - 8. The method of claim 1, wherein forwarding to and receiving from the second device respective verified certificates for the VPN connection includes using the received secure domain name address.
  - 9. The method of claim 1, wherein the at least one VPN parameter in the certificates identifies a plurality of VPN parameters, and wherein the establishing uses a subset of the plurality of VPN parameters from the certificates.

10. A non-transitory computer-readable medium storing computer-executable instructions for performing the following on a first device:
- forwarding a query to an online database to request a secure domain name address of a second device, wherein the query supplies a remote name of a pre-authorized VPN name pair to the online database;
  
  receiving the secure domain name address in response to the forwarding of the query;
  
  forwarding to and receiving from the second device respective verified certificates associated with the VPN connection between the first and second devices using the secure domain name address, wherein the certificates respectively forwarded to the second device and received from the second device each contain at least one verified VPN parameter for the first and second devices, respectively; and
  
  establishing a VPN connection using the VPN parameters.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
- - 11. The medium of claim 10, further comprising computer-executable instructions for:
    - storing on the first device information identifying a plurality of pre-authorized VPN name pairs, the name pairs each including a local device name and a remote device name for a VPN connection.
  - 12. The medium of claim 11, wherein the information identifying the plurality of pre-authorized VPN name pairs further includes information identifying a VPN connection type for the pair.
  - 13. The medium of claim 11, wherein the information identifying the plurality of pre-authorized VPN name pairs further includes wildcard information in at least one of the local or remote device names.
  - 14. The medium of claim 10, further comprising computer-executable instructions for:
    - storing on the first device a plurality of verified certificates for the first device, the plurality of verified certificates containing different VPN parameters.
  - 15. The medium of claim 14, further comprising computer-executable instructions for:
    - associating the stored plurality of verified certificates with a plurality of different local names.
  - 16. The medium of claim 10, wherein the query further supplies a public key of the first device to the online database.
  - 17. The medium of claim 10, wherein the at least one VPN parameter in the certificates identifies a plurality of VPN parameters, and wherein establishing a VPN connection includes using a subset of the plurality of VPN parameters from the certificates.

18. A virtual private network (VPN) device, comprising:
- a memory configured to store a plurality of verified certificates for VPN connections with at least one other device, wherein the certificates include different VPN parameter settings, the certificates are associated with different local names, and wherein the device is associated with the different local names; and
  
  a processor configured to receive a request for a VPN connection from a second device, locate a name in the request and compare the name with the plurality of different local names to identify VPN parameter settings for a desired VPN connection.
- View Dependent Claims (19, 20)
- - 19. The device of claim 18, wherein said memory is further configured to store information identifying policy restrictions associated with one or more of the local names.
  - 20. The device of claim 18, wherein said device is further configured to provide VPN connections for a plurality of client devices.

21. A method of creating a virtual private network (VPN) between first and second devices, comprising:
- from the first device;
  
  querying an online database of a certification authority to request a secure domain name address for the second device, wherein the querying supplies one VPN parameter that will be used to establish the VPN between the first and second devices;
  
  receiving a signed certificate containing a second VPN parameter for use by the first device to establish a VPN connection if the VPN connection between the first and second devices has been preauthorized; and
  
  using the VPN parameters to establish the VPN.

22. A non-transitory computer-readable medium storing computer-executable instructions for performing the following on a first device:
- forwarding a query to an online database of a certification authority to request a secure domain name address for a second device, wherein the query supplies one VPN parameter that will be used to establish a VPN between the first and second device;
  
  receiving a signed certificate containing a second VPN parameter for use by the first device to establish a VPN connection if the VPN connection between the first and second devices has been preauthorized; and
  
  establishing a VPN connection using the VPN parameters.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
VirnetX Inc. (Virnetx Holding Corporation)
Original Assignee
Vimetx Incorporated
Inventors
Larson, Victor
Primary Examiner(s)
Phunkulh, Bob A

Application Number

US11/532,002
Publication Number

US 20070022477A1
Time in Patent Office

1,776 Days
Field of Search

None
US Class Current

370/389
CPC Class Codes

H04L 2209/64   Self-signed certificates

H04L 41/0806   for initial configuration o...

H04L 41/12   Discovery or management of ...

H04L 41/40   using virtualisation of net...

H04L 47/805   QOS or priority aware

H04L 63/0272   Virtual private networks

H04L 63/04   for providing a confidentia...

H04L 63/0428   wherein the data content is...

H04L 63/0435   wherein the sending and rec...

H04L 63/061   for key exchange, e.g. in p...

H04L 63/0823   using certificates cryptogr...

H04L 63/12   Applying verification of th...

H04L 63/20   for managing network securi...

H04L 9/3263   involving certificates, e.g...

Third party VPN certification

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

21 Citations

22 Claims

Specification

Use Cases

Quick Links

Others

Third party VPN certification

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

21 Citations

22 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others