Always-on virtual private network access

US 8,707,406 B2
Filed: 07/26/2002
Issued: 04/22/2014
Est. Priority Date: 07/26/2002
Status: Active Grant

First Claim

Patent Images

1. A computer implemented method comprising:

establishing a security association between a Virtual Private Network (VPN) server and an application processor of an Internet appliance;

storing information regarding the security association in a memory corresponding to the application processor;

sending a first message from the application processor to a wireless data network module of the Internet appliance, requesting access to a wireless data network;

determining, by the application processor, to enter a suspend state;

sending a second message from the application processor to the wireless data network module, the second message indicating the application processor is about to power down;

sending an acknowledgement of the second message from the wireless data network module to the application processor; and

responsive the acknowledgement, placing the application processor in the suspend state while maintaining the security association, wherein the suspend state retains the security association information in a memory corresponding to the application processor, the wireless data network module electrically decoupled from the application processor such that the application processor may enter the suspend state without powering down the wireless data network module while retaining the security association information in the memory.

View all claims

8 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An application processor is electrically and logically decoupled from a wireless data network module so that it may go to sleep independently. A security association may be established between the wireless data network module and a wireless data network. Then the application processor may be placed in a suspend state while maintaining the security association between the wireless data network module and the wireless data network. This allows email polling, for example, to occur without having to re-establish the security association by logging in again.

54 Citations

View as Search Results

32 Claims

1. A computer implemented method comprising:
- establishing a security association between a Virtual Private Network (VPN) server and an application processor of an Internet appliance;
  
  storing information regarding the security association in a memory corresponding to the application processor;
  
  sending a first message from the application processor to a wireless data network module of the Internet appliance, requesting access to a wireless data network;
  
  determining, by the application processor, to enter a suspend state;
  
  sending a second message from the application processor to the wireless data network module, the second message indicating the application processor is about to power down;
  
  sending an acknowledgement of the second message from the wireless data network module to the application processor; and
  
  responsive the acknowledgement, placing the application processor in the suspend state while maintaining the security association, wherein the suspend state retains the security association information in a memory corresponding to the application processor, the wireless data network module electrically decoupled from the application processor such that the application processor may enter the suspend state without powering down the wireless data network module while retaining the security association information in the memory.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The method of claim 1, further comprising:
    - polling the wireless data network for email while the application processor is not in the suspend state.
  - 3. The method of claim 2, wherein the polling comprises polling an email server.
  - 4. The method of claim 2, further comprising:
    - if the application processor is in a suspend state, waking up the application processor before the polling.
  - 5. The method of claim 2, further comprising:
    - waking up the application processor before the polling after a predefined polling period.
  - 6. The method of claim 1, wherein the wireless data network module is a wireless modem.
  - 7. The method of claim 1, further comprising re-establishing the security association if the connection between the wireless Internet appliance and the VPN server is lost.
  - 8. The method of claim 1, further comprising waking the application processor if a network event occurs.
  - 9. The method of claim 8, wherein the network event is a receipt of an IP packet.
  - 10. The method of claim 8, wherein the network event is a connection clear alert.
  - 11. The method of claim 8, wherein the network event is an incoming email notification.
  - 12. The method of claim 4, wherein the waking comprises waking the application processor using a RING signal.
  - 13. The method of claim 8, wherein the waking comprises waking the application processor using a RING signal.

14. A wireless Internet appliance comprising:
- an application processor; and
  
  a wireless data network module communicatively coupled to the application processor, the application processor configured to send a first message to the wireless data network module requesting access to a wireless data network, the application processor further configured to determine to enter a suspend state, the application processor further configured to send a second message to the wireless data network module, the second data message indicating the application processor is about to power down, the wireless data network module further configured to send an acknowledgement of the second message to the application processor, the application processor further configured to, responsive to the acknowledgement, place the application processor in the suspend state, wherein the wireless data network module is electrically decoupled from the application processor such that the application processor may enter the suspend state without powering down the wireless data network module while retaining security association information in a memory corresponding to the application processor.
- View Dependent Claims (15, 16, 17, 18)
- - 15. The wireless Internet appliance of claim 14, wherein the wireless data network module is a wireless modem.
  - 16. The apparatus of claim 14, further comprising:
    - a wireless data network email poller configured to poll the wireless data network for email while the application processor is not in the suspend state.
  - 17. The apparatus of claim 16, further comprising:
    - an application processor waker coupled to the wireless data network email poller configured to wake up the application processor before the polling.
  - 18. The apparatus of claim 16, comprising:
    - an application processor polling period waker coupled to the wireless data network email poller and configured to wake up the application processor before the polling after a predefined period.

19. An apparatus comprising:
- means for establishing a security association between a Virtual Private Network (VPN) server and an application processor of an Internet appliance;
  
  means for storing information regarding the security association in memory corresponding to the application processor;
  
  means for sending a first message from the application processor to a wireless data network module of the Internet appliance, requesting access to a wireless data network;
  
  means for determining, by the application processor, to enter a suspend state;
  
  means for sending a second message from the application processor to the wireless data network module, the second message indicating the application processor is about to power down;
  
  means for sending an acknowledgement of the second message from the wireless data network module to the application processor; and
  
  means for, responsive to the acknowledgement, placing the application processor in a suspend state while maintaining the security association, wherein the suspend state retains the security association information in a memory corresponding to the application processor, the wireless data network module electrically decoupled from the application processor such that the application processor may enter the suspend state without powering down the wireless data network module while retaining the security association information in the memory.
- View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31)
- - 20. The apparatus of claim 19, further comprising:
    - means for polling the wireless data network for email while the application processor is not in the suspend state.
  - 21. The apparatus of claim 20, wherein the means for polling comprises means for polling an email server.
  - 22. The apparatus of claim 20, further comprising:
    - means for, if the application processor is in the suspend state, waking up the application processor before the polling.
  - 23. The apparatus of claim 20, further comprising:
    - means for waking up the application processor before the polling after a predefined polling period.
  - 24. The apparatus of claim 19, wherein the wireless data network module is a wireless modem.
  - 25. The apparatus of claim 19, further comprising means for re-establishing the security association if the connection between the wireless Internet appliance and the VPN server is lost.
  - 26. The apparatus of claim 25, further comprising means for waking the application processor if a network event occurs.
  - 27. The apparatus of claim 26, wherein the network event is a receipt of an IP packet.
  - 28. The apparatus of claim 26, wherein the network event is a connection clear alert.
  - 29. The apparatus of claim 26, wherein the network event is an incoming email notification.
  - 30. The apparatus of claim 22, wherein the means for waking comprises means for waking the application processor using a RING signal.
  - 31. The apparatus of claim 26, wherein the means for waking comprises means for waking the application processor using a RING signal.

32. A program storage device readable by a machine, tangibly embodying a program of instructions executable by the machine to perform a method, the wireless Internet appliance having a wireless data network module and an application processor, the method comprising:
- establishing a security association between a Virtual Private Network (VPN) server and an application processor of an Internet appliance;
  
  storing information regarding the security association in a memory corresponding to the application processor;
  
  sending a first message from the application processor to a wireless data network module of the Internet appliance, requesting access to a wireless data network;
  
  determining, by the application processor, to enter a suspend state;
  
  sending a second message from the application processor to the wireless data network module, the second message indicating the application processor is about to power down;
  
  sending an acknowledgement of the second message from the wireless data network module to the application processor; and
  
  responsive the acknowledgement, placing the application processor in the suspend state while maintaining the security association, wherein the suspend state retains the security association information in a memory corresponding to the application processor, the wireless data network module electrically decoupled from the application processor such that the application processor may enter the suspend state without powering down the wireless data network module while retaining the security association information in the memory.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Semtech Corporation
Original Assignee
Sierra Wireless Incorporated
Inventors
Tosey, Joseph Peter Robert
Primary Examiner(s)
Kyle, Tamara T

Application Number

US10/206,681
Publication Number

US 20040068666A1
Time in Patent Office

4,288 Days
Field of Search

726/7, 726/15
US Class Current

726/7
CPC Class Codes

H04L 51/58   Message adaptation for wire...

H04L 63/0272   Virtual private networks

H04L 67/14   Session management for real...

H04L 69/329   in the application layer [O...

H04W 12/08   Access security

H04W 12/50   Secure pairing of devices

H04W 52/0225   using monitoring of externa...

H04W 52/028   switching on or off only a ...

H04W 74/00   Wireless channel access

H04W 74/06   using polling

Y02D 30/70   in wireless communication n...

Always-on virtual private network access

First Claim

8 Assignments

0 Petitions

Accused Products

Abstract

54 Citations

32 Claims

Specification

Solutions

Use Cases

Quick Links

Always-on virtual private network access

First Claim

8 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

54 Citations

32 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links