Dynamic trust session
First Claim
1. A network communication system in a network comprising:
- a first electronic device of the network; and
a second electronic device of the network, the first electronic device configured to transmit a connection-request to the network to begin a session, the connection-request being authenticated by the second electronic device, and then the second electronic device configured to transmit a session-request in response to the connection-request to the network, and the session-request being reverse-authenticated by the first electronic device, based upon at least one redirector-pattern formed by the session-request, by comparing the at least one redirector-pattern to an expected value of the at least one redirector-pattern,wherein the at least one redirector-director pattern includes identification information of at least two entities of the network that the session-request traversed between the second electronic device and the first electronic device,the first electronic device comprises;
first authenticator circuitry configured to reverse-authenticate the session-request; and
first session manager circuitry configured to wait to receive a tunnel-request corresponding to the session-request, andthe first session manager circuitry is configured to;
authenticate the tunnel-request,record tunnel-parameters, andtransmit communication data through a tunnel based on the tunnel-parameters.
1 Assignment
0 Petitions
Accused Products
Abstract
A secure session of communication between two entities in a network is disclosed. Using client-server terminology, a client sends a connection-request to a server that authenticates the connection-request and transmits a session-request to the client in response. The client reverse-authenticates the session-request and then passively waits to receive a tunnel-request transmitted by the server. The tunnel-request sets up one or more overlapping tunnels between the client and the server to support the desired communications. Each of the tunnels exists only for a specified time and is replaced by another tunnel that is set up after a selected time delay after the start of a previous tunnel.
61 Citations
19 Claims
-
1. A network communication system in a network comprising:
-
a first electronic device of the network; and a second electronic device of the network, the first electronic device configured to transmit a connection-request to the network to begin a session, the connection-request being authenticated by the second electronic device, and then the second electronic device configured to transmit a session-request in response to the connection-request to the network, and the session-request being reverse-authenticated by the first electronic device, based upon at least one redirector-pattern formed by the session-request, by comparing the at least one redirector-pattern to an expected value of the at least one redirector-pattern, wherein the at least one redirector-director pattern includes identification information of at least two entities of the network that the session-request traversed between the second electronic device and the first electronic device, the first electronic device comprises; first authenticator circuitry configured to reverse-authenticate the session-request; and first session manager circuitry configured to wait to receive a tunnel-request corresponding to the session-request, and the first session manager circuitry is configured to; authenticate the tunnel-request, record tunnel-parameters, and transmit communication data through a tunnel based on the tunnel-parameters. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 19)
-
-
12. A method for communication in a network comprising:
-
transmitting a connection-request by a first electronic device to the network; authenticating the connection-request in a second electronic device; transmitting a session-request by the second electronic device to the network; reverse-authenticating the session-request in the first electronic device, based upon at least one redirector-pattern formed by the session-request, by comparing the at least one redirector-pattern to an expected value of the at least one redirector-pattern; waiting to receive one or more tunnel-requests corresponding to the session-request; authenticating the tunnel-request; recording tunnel-parameters; and transmitting communication data through a tunnel based on the tunnel-parameters, wherein the at least one redirector-director pattern includes identification information of at least two entities of the network that the session-request traversed between the second electronic device and the first electronic device. - View Dependent Claims (13, 14, 15, 16, 17, 18)
-
Specification