Methods and apparatuses for secure communication
First Claim
Patent Images
1. A method of establishing a secure communications path between a first local server on a local network and a device on a wide area network, the method comprising:
- establishing a first secure communications connection between a second local server on the local network and the device, the first secure communications connection using a first secure protocol;
receiving, at the second local server, a request from the device on the wide area network for a connection with the first local server;
receiving, at the second local server, a message from the first local server over the local network including;
an encrypted first part; and
a second part;
passing, from the second local server, the encrypted first part of the message to the device for decryption by the device while withholding the second part from the device;
receiving, at the second local server, at least a portion of a decrypted first part of the message from the device over the first secure communications connection, the device having decrypted the encrypted first part of the message;
establishing a second secure communications connection between the second local server and the first local server using the portion of the decrypted first part of the message and the second part withheld from the device, the establishing of the second secure communications connection performed in a second secure protocol that is different from the first secure protocol; and
proxying, by the second local server, data between the first local server and the device.
2 Assignments
0 Petitions
Accused Products
Abstract
A method of establishing a secure communications path between a first local server on a local network and a device on a wide area network comprising: establishing a first secure communications connection between a second local server on the local network and the device; establishing a second secure communications connection between the second local server and the first local server, wherein the second local server impersonates the device for at least a portion of the connection request; and proxying data between the local server and the device.
-
Citations
49 Claims
-
1. A method of establishing a secure communications path between a first local server on a local network and a device on a wide area network, the method comprising:
-
establishing a first secure communications connection between a second local server on the local network and the device, the first secure communications connection using a first secure protocol; receiving, at the second local server, a request from the device on the wide area network for a connection with the first local server; receiving, at the second local server, a message from the first local server over the local network including; an encrypted first part; and a second part; passing, from the second local server, the encrypted first part of the message to the device for decryption by the device while withholding the second part from the device; receiving, at the second local server, at least a portion of a decrypted first part of the message from the device over the first secure communications connection, the device having decrypted the encrypted first part of the message; establishing a second secure communications connection between the second local server and the first local server using the portion of the decrypted first part of the message and the second part withheld from the device, the establishing of the second secure communications connection performed in a second secure protocol that is different from the first secure protocol; and proxying, by the second local server, data between the first local server and the device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 47, 48, 49)
-
-
17. A system for establishing a secure communications path between a local server on a local network and a device on a wide area network comprising:
-
a firewall separating the local network from the wide area network; a second server, comprising a processor operatively coupled with a computer memory, located on the local network and in communication with both the wide area network and local network, wherein the second server is configured to; establish a first secure communications connection with the device over the wide area network, the first secure communications connection using a first secure protocol; receive a request from the device on the wide area network for a connection with the local server; receive a message from the first local server over the local network including; an encrypted first part; and a second part; pass the encrypted first part of the message to the device for decryption by the device while withholding the second part from the device; receive at least a portion of a decrypted first part of the message from the device over the first secure communications connection, the device having decrypted the encrypted first part of the message; establish a second secure communications connection with the local server using the portion of the decrypted first part of the message and the second part withheld from the device, the establishment of the second secure communications connection performed in a second secure protocol that is different from the first secure protocol; and proxy, by the second server, data between the local server and the device. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25, 26, 27)
-
-
39. A non-transitory computer readable storage medium embodying information indicative of instructions for establishing a secure communications path between a first local server on a local network and a device on a wide area network, the instructions causing one or more computers to perform operations comprising:
-
establishing a first secure communications connection between a second local server on the local network and the device, the first secure communications connection using a first secure protocol; receiving, at the second local server, a request from the device on the wide area network for a connection with the first local server; receiving, at the second local server, a message from the first local server over the local network including; an encrypted first part; and a second part; passing, from the second local server, the encrypted first part of the message to the device for decryption by the device while withholding the second part from the device; receiving, at the second local server, at least a portion of a decrypted first part of the message from the device over the first secure communications connection, the device having decrypted the encrypted first part of the message; establishing a second secure communications connection between the second local server and the first local server using the portion of the decrypted first part of the message and the second part withheld from the device, the establishing of the second secure communications connection performed in a second secure protocol that is different from the first secure protocol; and proxying, by the second local server, data between the first local server and the device. - View Dependent Claims (40, 41, 42, 43, 44, 45, 46)
-
Specification