Agile network protocol for secure communications with assured system availability
First Claim
1. A data processing device, comprising:
- a memory storing instructions; and
a processor configured to execute the instructions to provide a domain name server (DNS) proxy module that intercepts DNS requests sent by a client and, for each intercepted DNS request, when the intercepted DNS request corresponds to a secure server, determines whether the client is authorized to access the secure server and, if so, automatically initiates an encrypted channel that enables communications of at least one of audio data or video data between the client and the secure server.
2 Assignments
0 Petitions
Accused Products
Abstract
A plurality of computer nodes communicate using seemingly random Internet Protocol source and destination addresses. Data packets matching criteria defined by a moving window of valid addresses are accepted for further processing, while those that do not meet the criteria are quickly rejected. Improvements to the basic design include (1) a load balancer that distributes packets across different transmission paths according to transmission path quality; (2) a DNS proxy server that transparently creates a virtual private network in response to a domain name inquiry; (3) a large-to-small link bandwidth management feature that prevents denial-of-service attacks at system chokepoints; (4) a traffic limiter that regulates incoming packets by limiting the rate at which a transmitter can be synchronized with a receiver; and (5) a signaling synchronizer that allows a large number of nodes to communicate with a central node by partitioning the communication function between two separate entities.
199 Citations
19 Claims
-
1. A data processing device, comprising:
-
a memory storing instructions; and a processor configured to execute the instructions to provide a domain name server (DNS) proxy module that intercepts DNS requests sent by a client and, for each intercepted DNS request, when the intercepted DNS request corresponds to a secure server, determines whether the client is authorized to access the secure server and, if so, automatically initiates an encrypted channel that enables communications of at least one of audio data or video data between the client and the secure server. - View Dependent Claims (2, 3, 4)
-
-
5. A non-transitory computer-readable medium storing a domain name server (DNS) proxy module that, when executed by a processor, intercepts DNS requests sent by a client and, for each intercepted DNS request, performs the steps of:
-
(i) determining whether the intercepted DNS request corresponds to a secure server; (ii) when the intercepted DNS request does not correspond to a secure server, forwarding the DNS request to a DNS function that returns an IP address of a non-secure computer; and (iii) when the intercepted DNS request corresponds to a secure server, automatically initiating an encrypted channel that enables communications of at least one of audio data or video data between the client and the secure server.
-
-
6. A data processing device, comprising:
-
a memory storing instructions; and a processor configured to execute the instructions to provide a domain name server (DNS) proxy module that intercepts DNS requests sent by a client and, for each intercepted DNS request, when the intercepted DNS request corresponds to a secure site, determines whether the client is authorized to access the secure site and, if so, automatically initiates an encrypted channel that enables communications of at least one of audio data or video data between the client and the secure site. - View Dependent Claims (7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A method comprising:
-
using a domain name server (DNS) proxy module, intercepting DNS requests sent by a client; and for each intercepted DNS request, when the intercepted DNS request corresponds to a secure server, determining whether the client is authorized to access the secure server and, if so, automatically initiating an encrypted channel that enables communications of at least one of audio data or video data between the client and the secure server.
-
Specification