Secure tunneling platform system and method
First Claim
Patent Images
1. A system for identifying a user and for providing a virtual tunnel over the Internet for communications of the user, the system comprising:
- a tunneling server module configured to receive a user request for authorization to communicate over the virtual tunnel pursuant to a virtual tunneling protocol, and to transmit, based on the user request, an authorization request to an authorization module;
the authorization module configured to receive the authorization request from the tunneling server module, and to transmit to the tunneling server module an authorization accept message for the user only when an authorization determination based on a password contained in the user request determines that the user has been authenticated, wherein the password is transmitted to the user by a remote server module and a transmission indicating the authorization determination is received by the authorization module from a server remote from the authorization module;
the tunneling server module configured to conduct communication with the user via the virtual tunnel only after the tunneling server module receives the authorization accept message for the user, to receive from the user via the virtual tunnel an Internet request, and to forward the Internet request to a destination address contained in the Internet request; and
the tunneling server module configured to receive, responsive to the Internet request, over the Internet, a reply, and to transmit the reply to the user.
3 Assignments
0 Petitions
Accused Products
Abstract
A system identifies a user, even a user behind a wireless router, and provides a virtual tunnel over the internet for communication with the user. A data center at an Internet Service Provider may work in concert with a central data center to authenticate the user and to provide access, for example using a layer 2 tunneling protocol and a point-to-point data (PPP) link protocol. A layer 2 tunneling protocol network server (LNS) may provide public IP address translation services.
74 Citations
34 Claims
-
1. A system for identifying a user and for providing a virtual tunnel over the Internet for communications of the user, the system comprising:
-
a tunneling server module configured to receive a user request for authorization to communicate over the virtual tunnel pursuant to a virtual tunneling protocol, and to transmit, based on the user request, an authorization request to an authorization module; the authorization module configured to receive the authorization request from the tunneling server module, and to transmit to the tunneling server module an authorization accept message for the user only when an authorization determination based on a password contained in the user request determines that the user has been authenticated, wherein the password is transmitted to the user by a remote server module and a transmission indicating the authorization determination is received by the authorization module from a server remote from the authorization module; the tunneling server module configured to conduct communication with the user via the virtual tunnel only after the tunneling server module receives the authorization accept message for the user, to receive from the user via the virtual tunnel an Internet request, and to forward the Internet request to a destination address contained in the Internet request; and the tunneling server module configured to receive, responsive to the Internet request, over the Internet, a reply, and to transmit the reply to the user. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A method of identifying a user and providing a virtual tunnel for communication of the user over the Internet, the method comprising:
-
receiving, by a tunneling server module, a user request for authorization to communicate over the virtual tunnel pursuant to a virtual tunneling protocol; transmitting by the tunneling server module, based on the user request, an authorization request to an authorization module; foreseeing by the authorization module, the authorization request from the tunneling server module, and transmitting to a remote authorization server a request for an authorization determination based on a password contained in the user request, the password having been received by the user from a remote user information server; receiving, by the authorization module, an authorization determination responsive to the request for authorization determination, and transmitting to the tunneling server module the response; conducting, by the tunneling server module, communication with the user via the virtual tunnel only after the tunneling server module receives an authorization accept message for the user as said response from the authorization module; receiving, via the tunneling server module, from the user via the virtual tunnel an Internet request, and forwarding the Internet request to a destination address contained in the Internet request, and receiving, by the tunneling server module, responsive to the Internet request, over the Internet, a reply to the Internet request, and transmitting the reply to the user. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
-
-
21. A method of identifying a user and providing a virtual tunnel for communication of the user over the Internet, the method comprising, by a tunneling server module:
-
(A) receiving a user request to communicate over the virtual tunnel pursuant to a virtual tunneling protocol; (B) transmitting, based on the user request, an authorization request to an authorization module, the authorization request comprising a password, the password having been received by the user from a remote user information server; (C) receiving, from said authorization module, an authorization determination response; and
then, only after the tunneling server module receives as said authorization determination an authorization accept message for the user,(D) conducting communication with the user via the virtual tunnel, including; (D)(1) receiving, from the user via the virtual tunnel, an Internet request, and forwarding the Internet request to a destination address contained in the Internet request, and (D)(2) receiving, responsive to the Internet request, over the Internet, a reply to the Internet request, and transmitting the reply to the user, wherein the authorization module;
(i) obtained the authorization request from the tunneling server module, (ii) transmitted to a remote authorization server a request for an authorization determination based on said password in the user request; and
(iii) responsive to the request for authorization determination, received an authorization determination from the remote authorization server, and (iv) transmitted the authorization determination response to the tunneling server module. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29)
-
-
30. A tunneling server module, operable in a system for identifying a user and for providing a virtual tunnel over the Internet for communications of the user, the tunneling server module configured to:
-
(A) receive a user request to communicate over the virtual tunnel pursuant to a virtual tunneling protocol; (B) transmit, based on the user request, an authorization request to an authorization module, the authorization request comprising a password, the password having been received by the user from a remote user information server; (C) receive, from said authorization module, an authorization determination response; and
, only after the tunneling server module receives as said authorization determination an authorization accept message for the user,(D)(1) receive, from the user via the virtual tunnel, an Internet request, and forward the Internet request to a destination address contained in the Internet request, and (D)(2) receive, responsive to the Internet request, over the Internet, a reply to the Internet request, and transmit the reply to the user, wherein the authorization module;
(i) obtained the authorization request from the tunneling server module, (ii) transmitted to a remote authorization server a request for an authorization determination based on said password in the user request; and
(iii) responsive to the request for authorization determination, received an authorization determination from the remote authorization server, and (iv) transmitted the authorization determination response to the tunneling server module. - View Dependent Claims (31, 32, 33, 34)
-
Specification