Agile network protocol for secure communications using secure domain names

CAFC

US 8,868,705 B2
Filed: 09/13/2012
Issued: 10/21/2014
Est. Priority Date: 10/30/1998
Status: Expired due to Fees

- Alert
- Pin

Associated Cases

Associated Defendants

First Claim

Patent Images

1. A method of transparently creating an encrypted communications channel between a client device and a target device, each device being configured to allow secure data communications between the client device and the target device over the encrypted communications channel once the encrypted communications channel is created, the method comprising:

(1) intercepting from the client device a request to look up an Internet Protocol (IP) address corresponding to a domain name associated with the target device;

(2) determining whether the request to look up the IP address transmitted in step (1) corresponds to a device that accepts an encrypted channel connection with the client device; and

(3) in response to determining, in step (2), that the request to look up the IP address in step (2) corresponds to a device that accepts an encrypted communications channel connection with the client device, providing provisioning information required to initiate the creation of the encrypted communications channel between the client device and the target device such that the encrypted communications channel supports secure data communications transmitted between the two devices, the client device being a device at which a user accesses the encrypted communications channel.

View all claims

0 Assignments

Timeline View

Assignment View

2 Petitions

Accused Products

Abstract

A method is used to transparently create an encrypted communications channel between a client device and a target device. Each device is configured to allow audio/video communications between the client and target devices over the encrypted communications channel once the encrypted communications channel is created. The method comprises receiving from the client device a request for a network address associated with the target device, determining whether the request is requesting access to a device that accepts an encrypted channel connection with the client device, and in response to determining that the request is requesting access to a device that accepts an encrypted communications channel connection with the client device, providing provisioning information required to initiate the creation of the encrypted communications channel between the client device and the target device such that the encrypted communications channel supports secure audio/video communications transmitted between the two devices.

282 Citations

34 Claims

1. A method of transparently creating an encrypted communications channel between a client device and a target device, each device being configured to allow secure data communications between the client device and the target device over the encrypted communications channel once the encrypted communications channel is created, the method comprising:
- (1) intercepting from the client device a request to look up an Internet Protocol (IP) address corresponding to a domain name associated with the target device;
  
  (2) determining whether the request to look up the IP address transmitted in step (1) corresponds to a device that accepts an encrypted channel connection with the client device; and
  
  (3) in response to determining, in step (2), that the request to look up the IP address in step (2) corresponds to a device that accepts an encrypted communications channel connection with the client device, providing provisioning information required to initiate the creation of the encrypted communications channel between the client device and the target device such that the encrypted communications channel supports secure data communications transmitted between the two devices, the client device being a device at which a user accesses the encrypted communications channel.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 2. The method of claim 1, wherein providing the provisioning information required to initiate the encrypted communications channel is based on a determination that the target device is a device with which an encrypted communications channel can be established when the IP address request corresponds to a target device identified in an network address lookup.
  - 3. The method of claim 1, wherein the domain name is a secure domain name.
  - 4. The method of claim 1, wherein the encrypted communications channel is a broadband connection.
  - 5. The method of claim 1, wherein the encrypted communications channel is an unmodulated transmission link.
  - 6. The method of claim 1, wherein the encrypted communications channel is a modulated transmission link.
  - 7. The method of claim 1, wherein the encrypted communications channel supports at least one of the following:
    - FDM, TDM and CDMA.
  - 8. The method of claim 1, wherein the client device is a phone.
  - 9. The method of claim 8, wherein providing the provisioning information required to initiate the encrypted communications channel is based on a determination that the target device is a device with which an encrypted communications channel can be established when the IP address request corresponds to a target device identified in an network address lookup.
  - 10. The method of claim 8, wherein the domain name is a secure domain name.
  - 11. The method of claim 8, wherein the encrypted communications channel is an unmodulated transmission link.
  - 12. The method of claim 8, wherein the encrypted communications channel is a modulated transmission link.
  - 13. The method of claim 8, wherein the encrypted communications channel supports at least one of the following:
    - FDM, TDM and CDMA.
  - 14. The method of claim 1, wherein the target device is a server.
  - 15. The method of claim 1, wherein the target device is a phone.
  - 16. The method according to claim 1, wherein intercepting the request consists of receiving the request to determine whether the target device accepts an encrypted channel connection with the client device.
  - 17. The method according to claim 1, wherein the intercepting the request occurs within another device that is separate from the client device.
  - 18. The method according to claim 1, wherein the encrypted communications channel supports a plurality of services.
  - 19. The method according to claim 18, wherein the plurality of services comprises a plurality of communication protocols, a plurality of application programs, multiple sessions, or a combination thereof.
  - 20. The method according to claim 19, wherein the plurality of other application programs comprises at least one of the following:
    - e-mail, a word processing program, and telephony.

21. A system for transparently creating an encrypted communications channel between a client device and a target device, each device being configured to allow secure data communications therebetween over an encrypted communications channel once the encrypted communications channel is created, the system including a memory storing instructions, and a server configuration arranged to:
- (1) intercept from the client device a request to look up an Internet Protcol (IP) address corresponding to a domain name associated with the target device;
  
  (2) determine whether the request to look up the IP address transmitted in step (1) corresponds to a device that accepts an encrypted channel connection with the client device; and
  
  (3) in response to determining, in step (2), that the request to look up the IP address corresponds to a device that accepts an encrypted communications channel connection with the client device, provide provisioning information required to initiate the creation of the encrypted communications channel between the client device and the target device such that the encrypted communications channel supports secure data communications transmitted between the two devices, the client device being a device at which a user accesses the encrypted communications channel.
- View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34)
- - 22. A system according to claim 21, wherein the encrypted communications channel supports a plurality of services.
  - 23. The system according to claim 21, wherein the plurality of services comprises a plurality of communication protocols, a plurality of application programs, multiple sessions, or a combination thereof.
  - 24. The system according to claim 23, wherein the plurality of other application programs comprises at least one of the following:
    - e-mail, a word processing program, and telephony.
  - 25. The system according to claim 21, wherein the domain name is a secure domain name.
  - 26. The system according to claim 21, wherein the encrypted communications channel is a broadband connection.
  - 27. The system according to claim 21, wherein the encrypted communications channel is an unmodulated transmission link.
  - 28. The system according to claim 21, wherein the encrypted communications channel is a modulated transmission link.
  - 29. The system according to claim 21, wherein the encrypted communications channel supports at least one of the following:
    - FDM, TDM and CDMA.
  - 30. The system according to claim 21, wherein the client device is a phone.
  - 31. The system according to claim 21, wherein the target device is a server.
  - 32. The system according to claim 21, wherein the target device is a phone.
  - 33. The system according to claim 21, wherein intercepting the request consists of the system receiving the request to determine whether the target device accepts an encrypted channel connection with the client device.
  - 34. The system according to claim 21, wherein intercepting the request occurs within another device that is separate from the client device.

Specification

Resources

Litigation Campaign Assessment

Litigation Data

Current Assignee
VirnetX Inc. (Virnetx Holding Corporation)
Original Assignee
VirnetX Inc. (Virnetx Holding Corporation)
Inventors
Larson, Victor, Short, Robert Dunham III, Munger, Edmund Colby, Williamson, Michael
Primary Examiner(s)
Lim, Krisna

Application Number

US13/615,557
Publication Number

US 20130067224A1
Time in Patent Office

768 Days
Field of Search

709222-227
US Class Current

709/222
CPC Class Codes

G06F 16/951   Indexing; Web crawling tech...

G06F 21/606   by securing the transmissio...

H04L 12/4641   Virtual LANs, VLANs, e.g. v...

H04L 2101/30   Types of network names

H04L 2101/604   Address structures or formats

H04L 41/00   Arrangements for maintenanc...

H04L 45/00   Routing or path finding of ...

H04L 45/24   Multipath

H04L 45/28   using route fault recovery

H04L 61/30   Managing network names, e.g...

H04L 61/3015   Name registration, generati...

H04L 61/35   involving non-standard use ...

H04L 61/4511   using domain name system [DNS]

H04L 61/5007   Internet protocol [IP] addr...

H04L 61/5076   Update or notification mech...

H04L 61/5092   by self-assignment, e.g. pi...

H04L 63/0227   Filtering policies mail mes...

H04L 63/0272   Virtual private networks

H04L 63/04   for providing a confidentia...

H04L 63/0407   wherein the identity of one...

H04L 63/0421 : Anonymous communication, i....

H04L 63/0428 : wherein the data content is...

H04L 63/0435 : wherein the sending and rec...

H04L 63/0478 : applying multiple layers of...

H04L 63/0485 : Networking architectures fo...

H04L 63/08 : for supporting authenticati...

H04L 63/0876 : based on the identity of th...

H04L 63/105 : Multiple levels of security

H04L 63/1408 : by monitoring network traff...

H04L 63/1416 : Event detection, e.g. attac...

H04L 63/1458 : Denial of Service

H04L 63/1466 : Active attacks involving in...

H04L 63/164 : at the network layer

H04L 63/168 : above the transport layer

H04L 67/14 : Session management for real...

H04L 67/141 : Setup of application sessio...

View All

Agile network protocol for secure communications using secure domain names

First Claim

0 Assignments

2 Petitions

Accused Products

Abstract

282 Citations

34 Claims

Specification

115 Family Members

Thank you for your feedback