Private and secure communication architecture without utilizing a public cloud based routing server
First Claim
1. A method for setting up communications between a first smart device client and a second smart device client by a private cloud routing server (PCRS), comprising:
- utilizing, by the PCRS located on a public cloud network, an authentication process to setup a relationship between the PCRS and the first and second smart device client, respectively, wherein the authentication process comprises;
sending, by the PCRS, a first session based message from a message box of the PCRS to a message box of a first smart device client located on the public cloud network, wherein the first session based message includes an address of the message box of the PCRS,receiving, by the PCRS from the first smart device client, a first session based access request in the message box of the PCRS, wherein the first session based access request includes an address of the message box of the first smart device client, a public IP address of the first smart device client, and a private IP address of the first smart device client,determining, by the PCRS, that the first session based access request is valid and registering the address of the message box of the first smart device client and both the public and the private IP address of the first smart device client, and transmitting, by the PCRS, a session based acknowledgment to the message box of the first smart device client, wherein the session based acknowledgment includes both a current public and a current private IP address of the PCRS;
in response to a determination by the first smart device client that the session based acknowledgment is valid, binding a public IP address and a private IP address of the PCRS with a registered private IP address of the first smart device client,wherein the first smart device client connects with the PCRS by at least one connection of;
in response to the private IP address of the PCRS being in a same first Local Area Network (LAN) as the first smart device client, the first smart device client directly connects to the PCRS using the private IP address of the PCRS, andin response to the private IP address of the PCRS not being in the same first LAN as the first smart device client, the first smart device client connects through a first WAN to the public cloud network using the public IP address of the PCRS,wherein the first smart device client and the PCRS communicate with each other after the first session based message is authenticated, andwherein a private network service is then accessible by the first smart device client through the public cloud network based upon the authenticated first session based message;
sending, by the PCRS, a second session based message from the message box of the PCRS to a message box of the second smart client located on the public cloud network, wherein the second session based message includes the address of the message box of the PCRS;
receiving, by the PCRS from the second smart device client, a second session based access request in the message box of the PCRS, wherein the second session based access request includes an address of the message box of the second smart device client, a public IP address of the second smart device client, and a private IP address of the second smart device client;
determining, by the PCRS, that the second session based access request is valid and registering the address of the message box of the second smart device client and both the public and the private IP address of the second smart device client;
transmitting, by the PCRS, a session based acknowledgment to the message box of the second smart device client, wherein the session based acknowledgment includes both a current public and a current private IP address of the PCRS; and
in response to a determination by the second smart device client that the second session based acknowledgment is valid, binding the public IP address and the private IP address of the PCRS with a registered private IP address of the second smart device client,wherein the second smart device client connects with the PCRS by at least one connection of;
in response to the private IP address of the PCRS being in a same second LAN as the second smart device client, the second smart device client directly connects to the PCRS using the private IP address of the PCRS, andin response to the private IP address of the PCRS not being in the same second LAN as the second smart device client, the second smart device client connects through the first WAN to the public cloud network using the public IP address of the PCRS,wherein the first smart device client and the second smart device client communicate with the PCRS after the first and second session based messages are authenticated, andwherein the first smart device client and the second smart device client communicate with each other through the public cloud network.
1 Assignment
0 Petitions
Accused Products
Abstract
A method for use with a public cloud network is disclosed. The method includes setting up a private cloud routing server and a smart device client in a client server relationship. The private cloud routing server includes a first message box. The smart client includes a second message box. The first and second message boxes are located on the public cloud network. The method also includes passing an authenticated session based message between the first and the second message boxes in a secure manner. The smart device client and the private cloud routing server can communicate with each other after authentication to provide security. The method also includes setting up another smart device client in a client server relationship with the private cloud routing server. The two smart device clients can privately and securely communicate with each other through the public cloud network.
-
Citations
21 Claims
-
1. A method for setting up communications between a first smart device client and a second smart device client by a private cloud routing server (PCRS), comprising:
-
utilizing, by the PCRS located on a public cloud network, an authentication process to setup a relationship between the PCRS and the first and second smart device client, respectively, wherein the authentication process comprises; sending, by the PCRS, a first session based message from a message box of the PCRS to a message box of a first smart device client located on the public cloud network, wherein the first session based message includes an address of the message box of the PCRS, receiving, by the PCRS from the first smart device client, a first session based access request in the message box of the PCRS, wherein the first session based access request includes an address of the message box of the first smart device client, a public IP address of the first smart device client, and a private IP address of the first smart device client, determining, by the PCRS, that the first session based access request is valid and registering the address of the message box of the first smart device client and both the public and the private IP address of the first smart device client, and transmitting, by the PCRS, a session based acknowledgment to the message box of the first smart device client, wherein the session based acknowledgment includes both a current public and a current private IP address of the PCRS; in response to a determination by the first smart device client that the session based acknowledgment is valid, binding a public IP address and a private IP address of the PCRS with a registered private IP address of the first smart device client, wherein the first smart device client connects with the PCRS by at least one connection of; in response to the private IP address of the PCRS being in a same first Local Area Network (LAN) as the first smart device client, the first smart device client directly connects to the PCRS using the private IP address of the PCRS, and in response to the private IP address of the PCRS not being in the same first LAN as the first smart device client, the first smart device client connects through a first WAN to the public cloud network using the public IP address of the PCRS, wherein the first smart device client and the PCRS communicate with each other after the first session based message is authenticated, and wherein a private network service is then accessible by the first smart device client through the public cloud network based upon the authenticated first session based message; sending, by the PCRS, a second session based message from the message box of the PCRS to a message box of the second smart client located on the public cloud network, wherein the second session based message includes the address of the message box of the PCRS; receiving, by the PCRS from the second smart device client, a second session based access request in the message box of the PCRS, wherein the second session based access request includes an address of the message box of the second smart device client, a public IP address of the second smart device client, and a private IP address of the second smart device client; determining, by the PCRS, that the second session based access request is valid and registering the address of the message box of the second smart device client and both the public and the private IP address of the second smart device client; transmitting, by the PCRS, a session based acknowledgment to the message box of the second smart device client, wherein the session based acknowledgment includes both a current public and a current private IP address of the PCRS; and in response to a determination by the second smart device client that the second session based acknowledgment is valid, binding the public IP address and the private IP address of the PCRS with a registered private IP address of the second smart device client, wherein the second smart device client connects with the PCRS by at least one connection of; in response to the private IP address of the PCRS being in a same second LAN as the second smart device client, the second smart device client directly connects to the PCRS using the private IP address of the PCRS, and in response to the private IP address of the PCRS not being in the same second LAN as the second smart device client, the second smart device client connects through the first WAN to the public cloud network using the public IP address of the PCRS, wherein the first smart device client and the second smart device client communicate with the PCRS after the first and second session based messages are authenticated, and wherein the first smart device client and the second smart device client communicate with each other through the public cloud network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A private cloud routing server (PCRS), comprising:
-
a computing device; a connection through a router to a network; and a non-volatile storage storing a program that, in response to execution by the computing device, causes the PCRS to; utilize an authentication process to setup a relationship between the PCRS and a first and second smart device client, respectively, wherein the authentication process comprises; sending, by the PCRS, a first session based message from a message box of the PCRS to a message box of a first smart device client located on the public cloud network, wherein the first session based message includes an address of the message box of the PCRS, receiving, by the PCRS from the first smart device client, a first session based access request in the message box of the PCRS, wherein the first session based access request includes an address of the message box of the first smart device client, a public IP address of the first smart device client, and a private IP address of the first smart device client, determining, by the PCRS, that the first session based access request is valid and registering the address of the message box of the first smart device client and both the public and the private IP address of the first smart device client, and transmitting, by the PCRS, a session based acknowledgment to the message box of the first smart device client, wherein the session based acknowledgment includes both a current public and a current private IP address of the PCRS; wherein in response to a determination by the first smart device client that the session based acknowledgment is valid, binding a public IP address and a private IP address of the PCRS with a registered private IP address of the first smart device client, wherein the first smart device client connects with the PCRS by at least one connection of; in response to the private IP address of the PCRS being in a same first Local Area Network (LAN) as the first smart device client, the first smart device client directly connects to the PCRS using the private IP address of the PCRS, and in response to the private IP address of the PCRS not being in the same first LAN as the first smart device client, the first smart device client connects through a first WAN to the public cloud network using the public IP address of the PCRS, wherein the first smart device client and the PCRS communicate with each other after the first session based message is authenticated, and wherein a private network service is then accessible by the first smart device client through the public cloud network based upon the authenticated first session based message; send a second session based message from the message box of the PCRS to a message box of the second smart client located on the public cloud network, wherein the second session based message includes the address of the message box of the PCRS; and receive from the second smart device client, a second session based access request in the message box of the PCRS, wherein the second session based access request includes an address of the message box of the second smart device client, a public IP address of the second smart device client, and a private IP address of the second smart device client; determine, by the PCRS, that the second session based access request is valid and registering the address of the message box of the second smart device client and both the public and the private IP address of the second smart device client; and transmit, by the PCRS, a session based acknowledgment to the message box of the second smart device client, wherein the session based acknowledgment includes both a current public and a current private IP address of the PCRS; wherein in response to a determination by the second smart device client that the second session based acknowledgment is valid, binding the public IP address and the private IP address of the PCRS with a registered private IP address of the second smart device client, wherein the second smart device client connects with the PCRS by at least one connection of; in response to the private IP address of the PCRS being in a same second LAN as the second smart device client, the second smart device client directly connects to the PCRS using the private IP address of the PCRS, and in response to the private IP address of the PCRS not being in the same second LAN as the second smart device client, the second smart device client connects through the first WAN to the public cloud network using the public IP address of the PCRS, wherein the first smart device client and the second smart device client communicate with the PCRS after the first and second session based messages are authenticated, and wherein the first smart device client and the second smart device client communicate with each other through the public cloud network. - View Dependent Claims (11)
-
-
12. A smart device client, comprising:
-
a computing device; a connection through a router to a network; and a non-volatile storage of the router storing a program that, in response to execution, causes the smart device client to; retrieve a session based invitation from a smart device client message box, send a session based access request to a private cloud routing server message box of a private cloud routing server (PCRS), wherein the PCRS receives from the smart device client, the session based access request in the private cloud routing server message box of the PCRS, wherein the session based access request includes an address of the smart device client message box, a public IP address of the smart device client, and a private IP address of the smart device client, and wherein the PCRS determines that the session based access request is valid and registers the address of the smart device client message box and both the public and the private IP address of the smart device client, retrieve a session based acknowledgement from the smart device client message box, wherein the session based acknowledgment includes both a current public and a current private IP address of the PCRS, send a communication request to the PCRS, punch a hole in the router to stay open pending a PCRS response; determine that the session based acknowledgment is valid, in response to receiving a valid session based acknowledgement, binding, by the smart device client, a public IP address and a private IP address of the PCRS with the registered private IP address of the smart device client via an authentication process, route an incoming request from the PCRS to the smart device client, connect with the PCRS by at least one connection of; in response to the private IP address of the PCRS being in a same first Local Area Network (LAN) as the smart device client, the smart device client directly connects to the PCRS using the private IP address of the PCRS, and in response to the private IP address of the PCRS not being in the same first LAN as the smart device client, the smart device client connects through a first WAN to the public cloud network using the public IP address of the PCRS, establish a peer-to-peer communication with the PCRS, access private network service through the PCRS, and communicate with at least another smart device client through the PCRS. - View Dependent Claims (13, 14)
-
-
15. A smart device client, comprising:
-
a computing device; a connection to a network; and a non-volatile storage storing a program that, in response to execution, causes the smart device client to; retrieve a session based invitation from a smart device client message box, send a session based reply to a private cloud routing server message box of a private cloud routing server (PCRS), wherein the PCRS receives from the smart device client, the session based reply in the private cloud routing server message box of the PCRS, wherein the session based reply includes an address of the smart device client message box, a public IP address of the smart device client, and a private IP address of the smart device client, and wherein the PCRS determines that the session based reply is valid and registers the address of the smart device client message box and both a public and a private IP address of the smart device client, retrieve a session based acknowledgement from the smart device client message box, wherein the session based acknowledgment includes both a current public and a current private IP address of the PCRS, send an access request to the PCRS, wait for the PCRS response, determine that the session based acknowledgment is valid, in response to receiving a valid session based acknowledgement, binding, by a router of the smart device client, a public IP address and a private IP address of the private cloud server with the registered private IP address of the smart device client via an authentication process, routes incoming request from the PCRS to the smart device client, connect with the PCRS by at least one connection of; in response to the private IP address of the PCRS being in a same first Local Area Network (LAN) as the smart device client, the smart device client directly connects to the PCRS using the private IP address of the PCRS, and in response to the private IP address of the PCRS not being in the same first LAN as the smart device client, the smart device client connects through a first WAN to the public cloud network using the public IP address of the PCRS, establish a peer-to-peer communication with the PCRS, access private network service through the PCRS, and communicate with at least another smart device client through the PCRS. - View Dependent Claims (16, 17)
-
-
18. A smart device client, comprising:
-
a computing device; a connection to a network; and a non-volatile storage storing a program that, in response to execution, locates a private cloud routing server (PCRS) and causes the smart device client to; retrieve a session based invitation from the smart device client message box, send a session based reply to a PCRS message box, wherein the PCRS receives from the smart device client, the session based reply in the private cloud routing server message box of the PCRS, wherein the session based reply includes an address of the smart device client message box, a public IP address of the smart device client, and a private IP address of the smart device client, and wherein the PCRS determines that the session based reply is valid and registers the address of the smart device client message box and both the public and the private IP address of the smart device client, retrieve a session based acknowledgement from the smart device client message box, wherein the session based acknowledgment includes both a current public and a current private IP address of the PCRS, send an access request to the PCRS, wait for the PCRS response, determine that the session based acknowledgment is valid, in response to receiving a valid session based acknowledgement, binding, by a router of the smart device client, a public IP address and a private IP address of the PCRS with the registered private IP address of the smart device client via an authentication process, routes incoming request from the PCRS to the smart device client, connect with the PCRS by at least one connection of; in response to the private IP address of the PCRS being in a same first Local Area Network (LAN) as the smart device client, the smart device client directly connects to the PCRS using the private IP address of the PCRS, and in response to the private IP address of the PCRS not being in the same first LAN as the smart device client, the smart device client connects through a first WAN to the public cloud network using the public IP address of the PCRS, establish a peer-to-peer communication with the PCRS, join a virtual local area network (VLAN) under the PCRS, access private network service through the at least one PCRS, start a communication session as a host, create and host a communication session, invite a communication guest, scan for a recognizable guest, start communication with a guest, receive a communication invitation and joins the communication session as a guest, scan for a recognizable host, log-in communication authentication, join a communication session, and start communication with the host. - View Dependent Claims (19, 20, 21)
-
Specification