×

Private and secure communication architecture without utilizing a public cloud based routing server

  • US 9,935,930 B2
  • Filed: 03/19/2015
  • Issued: 04/03/2018
  • Est. Priority Date: 09/09/2011
  • Status: Active Grant
First Claim
Patent Images

1. A method for setting up communications between a first smart device client and a second smart device client by a private cloud routing server (PCRS), comprising:

  • utilizing, by the PCRS located on a public cloud network, an authentication process to setup a relationship between the PCRS and the first and second smart device client, respectively, wherein the authentication process comprises;

    sending, by the PCRS, a first session based message from a message box of the PCRS to a message box of a first smart device client located on the public cloud network, wherein the first session based message includes an address of the message box of the PCRS,receiving, by the PCRS from the first smart device client, a first session based access request in the message box of the PCRS, wherein the first session based access request includes an address of the message box of the first smart device client, a public IP address of the first smart device client, and a private IP address of the first smart device client,determining, by the PCRS, that the first session based access request is valid and registering the address of the message box of the first smart device client and both the public and the private IP address of the first smart device client, and transmitting, by the PCRS, a session based acknowledgment to the message box of the first smart device client, wherein the session based acknowledgment includes both a current public and a current private IP address of the PCRS;

    in response to a determination by the first smart device client that the session based acknowledgment is valid, binding a public IP address and a private IP address of the PCRS with a registered private IP address of the first smart device client,wherein the first smart device client connects with the PCRS by at least one connection of;

    in response to the private IP address of the PCRS being in a same first Local Area Network (LAN) as the first smart device client, the first smart device client directly connects to the PCRS using the private IP address of the PCRS, andin response to the private IP address of the PCRS not being in the same first LAN as the first smart device client, the first smart device client connects through a first WAN to the public cloud network using the public IP address of the PCRS,wherein the first smart device client and the PCRS communicate with each other after the first session based message is authenticated, andwherein a private network service is then accessible by the first smart device client through the public cloud network based upon the authenticated first session based message;

    sending, by the PCRS, a second session based message from the message box of the PCRS to a message box of the second smart client located on the public cloud network, wherein the second session based message includes the address of the message box of the PCRS;

    receiving, by the PCRS from the second smart device client, a second session based access request in the message box of the PCRS, wherein the second session based access request includes an address of the message box of the second smart device client, a public IP address of the second smart device client, and a private IP address of the second smart device client;

    determining, by the PCRS, that the second session based access request is valid and registering the address of the message box of the second smart device client and both the public and the private IP address of the second smart device client;

    transmitting, by the PCRS, a session based acknowledgment to the message box of the second smart device client, wherein the session based acknowledgment includes both a current public and a current private IP address of the PCRS; and

    in response to a determination by the second smart device client that the second session based acknowledgment is valid, binding the public IP address and the private IP address of the PCRS with a registered private IP address of the second smart device client,wherein the second smart device client connects with the PCRS by at least one connection of;

    in response to the private IP address of the PCRS being in a same second LAN as the second smart device client, the second smart device client directly connects to the PCRS using the private IP address of the PCRS, andin response to the private IP address of the PCRS not being in the same second LAN as the second smart device client, the second smart device client connects through the first WAN to the public cloud network using the public IP address of the PCRS,wherein the first smart device client and the second smart device client communicate with the PCRS after the first and second session based messages are authenticated, andwherein the first smart device client and the second smart device client communicate with each other through the public cloud network.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×