-
公开(公告)号:US20170063799A1
公开(公告)日:2017-03-02
申请号:US15200388
申请日:2016-07-01
CPC分类号: H04L63/0272 , G06F8/61 , G06F16/951 , G06F21/606 , H04L61/1511 , H04L61/2038 , H04L61/6013 , H04L61/6022 , H04L63/0281 , H04L63/0421 , H04L63/0435 , H04L63/0478 , H04L63/0485 , H04L63/0853 , H04L63/0876 , H04L63/0884 , H04L63/10 , H04L63/1416 , H04L63/1458 , H04L63/1466 , H04N7/15
摘要: In one embodiment, a method includes generating a Domain Name Service (DNS) request comprising a domain name, determining that the DNS request corresponds to a first computer configured to communicate securely, and sending, based on the determination, a request to establish a communication link with the first computer configured to communicate securely, the request including an identifier of a client device used to determine whether the client device is authorized to communicate with the first computer. The method includes receiving, in response to the request to establish the communication link, a resource used to establish the communication link, wherein the resource corresponds to a qualify of service level for the communication link, determining, in response to the request to establish a communication link, whether a software module for communicating securely requires installation on the client device, and if it is determined that the software module requires installation on the client device: accessing a network address for downloading the software module, downloading the software module, and installing the software module on the client device. The method also includes automatically establishing the communication link having the quality of service level using the received resource communicating securely with the first computer over the established communication link having the quality of service, wherein the communication link passes through one or more intermediate devices that provide anonymity of at least one of the client device and the first computer, and client device is a user device.
摘要翻译: 在一个实施例中,一种方法包括生成包括域名的域名服务(DNS)请求,确定DNS请求对应于配置为安全地通信的第一计算机,并且基于该确定发送建立通信的请求 与被配置为安全通信的第一计算机的链接,该请求包括用于确定客户端设备是否被授权与第一计算机通信的客户端设备的标识符。 所述方法包括响应于建立所述通信链路的请求,接收用于建立所述通信链路的资源,其中所述资源对应于所述通信链路的服务级别的限定,响应于建立所述通信链路的请求, 通信链路,用于安全通信的软件模块是否需要在客户端设备上进行安装,以及如果确定软件模块需要在客户端设备上安装:访问用于下载软件模块的网络地址,下载软件模块和安装 客户端设备上的软件模块。 该方法还包括使用接收到的资源自动建立具有服务质量水平的通信链路,所述资源通过建立的具有服务质量的通信链路与第一计算机进行安全通信,其中通信链路通过提供匿名的一个或多个中间设备 的客户端设备和第一计算机中的至少一个,客户端设备是用户设备。
-
公开(公告)号:US20160294793A1
公开(公告)日:2016-10-06
申请号:US15185760
申请日:2016-06-17
CPC分类号: H04L63/0272 , G06F8/61 , G06F16/951 , G06F21/606 , H04L61/1511 , H04L61/2038 , H04L61/6013 , H04L61/6022 , H04L63/0281 , H04L63/0421 , H04L63/0435 , H04L63/0478 , H04L63/0485 , H04L63/0853 , H04L63/0876 , H04L63/0884 , H04L63/10 , H04L63/1416 , H04L63/1458 , H04L63/1466 , H04N7/15
摘要: A network device comprises a storage device storing an application program for a secure communications service, and at least one processor configured to execute the application program for the secure communications service so as to enable the network device to send a request to look up a network address of a second device based on an identifier associated with the second device, receive an indication that the second device is available for the secure communications service, the indication including the requested network address and provisioning information for a secure communication link, connect to the second device over the secure communication link, using the received network address of the second device and the provisioning information for the secure communication link, and communicate at least one of video data and audio data with the second device using the secure communications service via the secure communication link.
-
3.发明授权公开(公告)号:US09374346B2
公开(公告)日:2016-06-21
申请号:US13615528
申请日:2012-09-13
IPC分类号: G06F15/16 , H04L29/06 , H04L12/46 , H04L29/12 , H04L12/701 , H04L12/707 , H04L12/703 , G06F21/60 , H04L12/24 , H04L29/08 , G06F17/30
CPC分类号: H04L63/0485 , G06F17/30864 , G06F21/606 , H04L12/4641 , H04L29/12066 , H04L29/12216 , H04L29/12301 , H04L29/1232 , H04L29/12594 , H04L29/12783 , H04L29/12801 , H04L41/00 , H04L45/00 , H04L45/24 , H04L45/28 , H04L61/1511 , H04L61/2007 , H04L61/2076 , H04L61/2092 , H04L61/3015 , H04L61/303 , H04L61/35 , H04L61/6004 , H04L63/0227 , H04L63/0272 , H04L63/04 , H04L63/0407 , H04L63/0421 , H04L63/0428 , H04L63/0435 , H04L63/0478 , H04L63/08 , H04L63/0876 , H04L63/105 , H04L63/1408 , H04L63/1416 , H04L63/1458 , H04L63/1466 , H04L63/164 , H04L63/168 , H04L67/14 , H04L67/141
摘要: A network device comprises a storage device storing an application program for a secure communications service, and at least one processor configured to execute the application program for the secure communications service so as to enable the network device to send a request to look up a network address of a second device based on an identifier associated with the second device, receive an indication that the second device is available for the secure communications service, the indication including the requested network address and provisioning information for a secure communication link, connect to the second device over the secure communication link, using the received network address of the second device and the provisioning information for the secure communication link, and communicate at least one of video data and audio data with the second device using the secure communications service via the secure communication link.
摘要翻译: 网络设备包括存储用于安全通信服务的应用程序的存储设备,以及配置为执行安全通信服务的应用程序的至少一个处理器,以使得网络设备能够发送查询网络地址的请求 基于与第二设备相关联的标识符接收第二设备可用于安全通信服务的指示,包括所请求的网络地址和用于安全通信链路的供应信息的指示连接到第二设备 通过所述安全通信链路,使用所接收的所述第二设备的网络地址和所述安全通信链路的供应信息,并且经由所述安全通信链路使用所述安全通信服务与所述第二设备通信视频数据和音频数据中的至少一个 。
-
4.发明授权Method for establishing secure communication link between computers of virtual private network 有权在虚拟专用网计算机之间建立安全通信链路的方法公开(公告)号:US09094399B2
公开(公告)日:2015-07-28
申请号:US13181041
申请日:2011-07-12
IPC分类号: G06F15/16 , H04L29/06 , H04L12/701 , H04L12/707 , H04L12/703 , H04L29/12
CPC分类号: H04L63/0876 , H04L29/12047 , H04L29/12216 , H04L29/12301 , H04L29/1232 , H04L29/12783 , H04L29/12801 , H04L45/00 , H04L45/24 , H04L45/28 , H04L61/15 , H04L61/2007 , H04L61/2076 , H04L61/2092 , H04L61/35 , H04L61/6004 , H04L63/0227 , H04L63/0272 , H04L63/0281 , H04L63/029 , H04L63/0414 , H04L63/0421 , H04L63/0428 , H04L63/061 , H04L63/10 , H04L63/1458 , H04L63/1491 , H04L63/18
摘要: A technique is disclosed for establishing a secure communication link between a first computer and a second computer over a computer network. Initially, a secure communication mode of communication is enabled at a first computer without a user entering any cryptographic information for establishing the secure communication mode of communication. Then, a secure communication link is established between the first computer and a second computer over a computer network based on the enabled secure communication mode of communication. The secure communication link is a virtual private network communication link over the computer network in which one or more data values that vary according to a pseudo-random sequence are inserted into each data packet.
摘要翻译: 公开了一种通过计算机网络在第一计算机和第二计算机之间建立安全通信链路的技术。 最初,在第一计算机上启用安全通信通信模式,而无需用户输入用于建立安全通信通信模式的任何密码信息。 然后,基于启用的安全通信通信模式,通过计算机网络在第一计算机和第二计算机之间建立安全通信链路。 安全通信链路是计算机网络上的虚拟专用网络通信链路,其中根据伪随机序列变化的一个或多个数据值被插入到每个数据分组中。
-
5.发明授权System and method employing an agile network protocol for secure communications using secure domain names 有权使用敏捷网络协议的安全域名安全通信的系统和方法公开(公告)号:US08516131B2
公开(公告)日:2013-08-20
申请号:US13336958
申请日:2011-12-23
IPC分类号: G06F15/16
CPC分类号: H04L63/0485 , G06F17/30864 , G06F21/606 , H04L12/4641 , H04L29/12066 , H04L29/12216 , H04L29/12301 , H04L29/1232 , H04L29/12594 , H04L29/12783 , H04L29/12801 , H04L41/00 , H04L45/00 , H04L45/24 , H04L45/28 , H04L61/1511 , H04L61/2007 , H04L61/2076 , H04L61/2092 , H04L61/3015 , H04L61/303 , H04L61/35 , H04L61/6004 , H04L63/0227 , H04L63/0272 , H04L63/04 , H04L63/0407 , H04L63/0421 , H04L63/0428 , H04L63/0435 , H04L63/0478 , H04L63/08 , H04L63/0876 , H04L63/105 , H04L63/1408 , H04L63/1416 , H04L63/1458 , H04L63/1466 , H04L63/164 , H04L63/168 , H04L67/14 , H04L67/141
摘要: A network device comprises a storage device storing an application program for a secure communications service; and at least one processor configured to execute the application program enabling the network device to: (a) send a request to look up a network address of a second network device based on an identifier; (b) receive an indication that the second network device is available for the secure communications service, the indication including the requested network address of the second network device and provisioning information for a secure communication link; (c) connect to the second network device over the secure communication link, using the received network address of the second network device and the provisioning information for the secure communication link; and (d) communicate at least one of video data and audio data with the second network device using the secure communications service via the secure communication link.
摘要翻译: 网络设备包括存储用于安全通信服务的应用程序的存储设备; 以及至少一个处理器,被配置为执行所述应用程序,使得所述网络设备能够:(a)基于标识符发送查找第二网络设备的网络地址的请求; (b)接收关于所述第二网络设备可用于所述安全通信服务的指示,所述指示包括所述第二网络设备的所请求的网络地址以及用于安全通信链路的供应信息; (c)使用所接收的第二网络设备的网络地址和安全通信链路的供应信息,通过安全通信链路连接到第二网络设备; 以及(d)使用所述安全通信服务经由所述安全通信链路与所述第二网络设备通信视频数据和音频数据中的至少一个。
-
6.发明申请Agile Network Protocol for Secure Communications with Assured System Availability 有权用于确保系统可用性的安全通信的敏捷网络协议公开(公告)号:US20130091354A1
公开(公告)日:2013-04-11
申请号:US13475637
申请日:2012-05-18
申请人: Edmund Colby Munger , Vincent J. Sabio , Robert Dunham Short, III , Virgil D. Gligor , Douglas Charles Schmidt
发明人: Edmund Colby Munger , Vincent J. Sabio , Robert Dunham Short, III , Virgil D. Gligor , Douglas Charles Schmidt
IPC分类号: H04L29/06
CPC分类号: H04L61/2539 , H04L9/065 , H04L29/12216 , H04L29/12301 , H04L29/1232 , H04L29/12801 , H04L45/20 , H04L45/24 , H04L61/2007 , H04L61/2076 , H04L61/2092 , H04L61/30 , H04L61/6004 , H04L63/0272 , H04L63/04 , H04L63/0407 , H04L63/0421 , H04L63/0428 , H04L63/0435 , H04L63/1441 , H04L63/1491 , H04M3/42008
摘要: A plurality of computer nodes communicates using seemingly random IP source and destination addresses and (optionally) a seemingly random discriminator field. Data packets matching criteria defined by a moving window of valid addresses are accepted for further processing, while those that do not meet the criteria are rejected. In addition to “hopping” of IP addresses and discriminator fields, hardware addresses such as Media Access Control addresses can be hopped. The hopped addresses are generated by random number generators having non-repeating sequence lengths that are easily determined a-priori, which can quickly jump ahead in sequence by an arbitrary number of random steps and which have the property that future random numbers are difficult to guess without knowing the random number generator's parameters. Synchronization techniques can be used to re-establish synchronization between sending and receiving nodes.
摘要翻译: 多个计算机节点使用看似随意的IP源和目的地址和(可选地)看似随机的鉴别符字段进行通信。 由有效地址的移动窗口定义的数据包匹配条件被接受进一步处理,而不符合条件的数据包将被拒绝。 除了跳转IP地址和鉴别字段之外,还可以跳过媒体访问控制地址等硬件地址。 跳跃地址由具有非重复序列长度的随机数生成器产生,其可以先前容易地确定,其可以通过任意数量的随机步骤快速地向前跳跃,并且具有将来随机数难以猜测的性质 不知道随机数生成器的参数。 同步技术可用于重新建立发送和接收节点之间的同步。
-
7.发明申请ESTABLISHING SECURE COMMUNICATION LINK BETWEEN COMPUTERS OF VIRTUAL PRIVATE NETWORK 审中-公开建立虚拟私有网络计算机之间的安全通信链路公开(公告)号:US20130013795A1
公开(公告)日:2013-01-10
申请号:US13620270
申请日:2012-09-14
IPC分类号: G06F15/16
CPC分类号: H04L63/0876 , H04L29/12047 , H04L29/12216 , H04L29/12301 , H04L29/1232 , H04L29/12783 , H04L29/12801 , H04L45/00 , H04L45/24 , H04L45/28 , H04L61/15 , H04L61/2007 , H04L61/2076 , H04L61/2092 , H04L61/35 , H04L61/6004 , H04L63/0227 , H04L63/0272 , H04L63/0281 , H04L63/029 , H04L63/0414 , H04L63/0421 , H04L63/0428 , H04L63/061 , H04L63/10 , H04L63/1458 , H04L63/1491 , H04L63/18
摘要: A technique is disclosed for establishing a secure communication link between a first computer and a second computer over a computer network. Initially, a secure communication mode of communication is enabled at a first computer without a user entering any cryptographic information for establishing the secure communication mode of communication. Then, a secure communication link is established between the first computer and a second computer over a computer network based on the enabled secure communication mode of communication. The secure communication link is a virtual private network communication link over the computer network in which one or more data values that vary according to a pseudo-random sequence are inserted into each data packet.
摘要翻译: 公开了一种通过计算机网络在第一计算机和第二计算机之间建立安全通信链路的技术。 最初,在第一计算机上启用安全通信通信模式,而无需用户输入用于建立安全通信通信模式的任何密码信息。 然后,基于启用的安全通信通信模式,通过计算机网络在第一计算机和第二计算机之间建立安全通信链路。 安全通信链路是计算机网络上的虚拟专用网络通信链路,其中根据伪随机序列变化的一个或多个数据值被插入到每个数据分组中。
-
8.发明申请SYSTEM AND METHOD EMPLOYING AN AGILE NETWORK PROTOCOL FOR SECURE COMMUNICATIONS USING SECURE DOMAIN NAMES 有权使用安全通信使用安全域名的“协作网络协议”的系统和方法公开(公告)号:US20120102204A1
公开(公告)日:2012-04-26
申请号:US13339257
申请日:2011-12-28
IPC分类号: G06F15/16
CPC分类号: H04L63/0485 , G06F17/30864 , G06F21/606 , H04L12/4641 , H04L29/12066 , H04L29/12216 , H04L29/12301 , H04L29/1232 , H04L29/12594 , H04L29/12783 , H04L29/12801 , H04L41/00 , H04L45/00 , H04L45/24 , H04L45/28 , H04L61/1511 , H04L61/2007 , H04L61/2076 , H04L61/2092 , H04L61/3015 , H04L61/303 , H04L61/35 , H04L61/6004 , H04L63/0227 , H04L63/0272 , H04L63/04 , H04L63/0407 , H04L63/0421 , H04L63/0428 , H04L63/0435 , H04L63/0478 , H04L63/08 , H04L63/0876 , H04L63/105 , H04L63/1408 , H04L63/1416 , H04L63/1458 , H04L63/1466 , H04L63/164 , H04L63/168 , H04L67/14 , H04L67/141
摘要: A system and method connect a first network device and a second network device by initiating a secure communication link. The system includes one or more servers configured to: receive, from the first network device, a request to look up a network address of the second network device based on an identifier associated with the second network device; determine, in response to the request, whether the second network device is available for a secure communications service; and initiate a secure communication link between the first network device and the second network device based on a determination that the second network device is available for the secure communications service; wherein the secure communications service uses the secure communication link to communicate at least one of video data and audio data between the first network device and the second network device.
摘要翻译: 系统和方法通过发起安全通信链路来连接第一网络设备和第二网络设备。 该系统包括一个或多个服务器,其被配置为:基于与第二网络设备相关联的标识符,从第一网络设备接收查询第二网络设备的网络地址的请求; 响应于所述请求确定所述第二网络设备是否可用于安全通信服务; 并且基于所述第二网络设备可用于所述安全通信服务的确定,发起所述第一网络设备和所述第二网络设备之间的安全通信链路; 其中所述安全通信服务使用所述安全通信链路在所述第一网络设备和所述第二网络设备之间传送视频数据和音频数据中的至少一个。
-
9.发明授权Agile network protocol for secure communications with assured system availability 有权用于安全通信的敏捷网络协议,确保系统可用性公开(公告)号:US07933990B2
公开(公告)日:2011-04-26
申请号:US11839969
申请日:2007-08-16
申请人: Edmund Colby Munger , Douglas Charles Schmidt , Robert Dunham Short, III , Victor Larson , Michael Williamson
发明人: Edmund Colby Munger , Douglas Charles Schmidt , Robert Dunham Short, III , Victor Larson , Michael Williamson
IPC分类号: G06F15/173
CPC分类号: H04L65/403 , H04L45/00 , H04L45/24 , H04L45/28 , H04L61/1511 , H04L61/2007 , H04L61/2076 , H04L61/2092 , H04L61/35 , H04L61/6004 , H04L63/0272 , H04L63/0407 , H04L63/0414 , H04L63/0428 , H04L63/08 , H04L63/10 , H04L63/1458 , H04L63/1466 , H04L63/1491
摘要: A plurality of computer nodes communicate using seemingly random Internet Protocol source and destination addresses. Data packets matching criteria defined by a moving window of valid addresses are accepted for further processing, while those that do not meet the criteria are quickly rejected. Improvements to the basic design include (1) a load balancer that distributes packets across different transmission paths according to transmission path quality; (2) a DNS proxy server that transparently creates a virtual private network in response to a domain name inquiry; (3) a large-to-small link bandwidth management feature that prevents denial-of-service attacks at system chokepoints; (4) a traffic limiter that regulates incoming packets by limiting the rate at which a transmitter can be synchronized with a receiver; and (5) a signaling synchronizer that allows a large number of nodes to communicate with a central node by partitioning the communication function between two separate entities.
摘要翻译: 多个计算机节点使用看似随机的因特网协议源和目的地址进行通信。 由有效地址的移动窗口定义的数据包匹配条件被接受进一步处理,而不符合标准的数据包将被快速拒绝。 对基本设计的改进包括(1)根据传输路径质量在不同传输路径上分发数据包的负载平衡器; (2)响应于域名查询透明地创建虚拟专用网络的DNS代理服务器; (3)一个大到小的链路带宽管理功能,可防止系统阻塞点的拒绝服务攻击; (4)流量限制器,其通过限制发射机与接收机同步的速率来调节输入分组; 和(5)信令同步器,其允许大量节点通过分割两个单独实体之间的通信功能而与中央节点进行通信。
-
10.发明授权公开(公告)号:US07921211B2
公开(公告)日:2011-04-05
申请号:US11840560
申请日:2007-08-17
IPC分类号: G06F15/173
CPC分类号: H04L63/0485 , G06F17/30864 , G06F21/606 , H04L12/4641 , H04L29/12066 , H04L29/12216 , H04L29/12301 , H04L29/1232 , H04L29/12594 , H04L29/12783 , H04L29/12801 , H04L41/00 , H04L45/00 , H04L45/24 , H04L45/28 , H04L61/1511 , H04L61/2007 , H04L61/2076 , H04L61/2092 , H04L61/3015 , H04L61/303 , H04L61/35 , H04L61/6004 , H04L63/0227 , H04L63/0272 , H04L63/04 , H04L63/0407 , H04L63/0421 , H04L63/0428 , H04L63/0435 , H04L63/0478 , H04L63/08 , H04L63/0876 , H04L63/105 , H04L63/1408 , H04L63/1416 , H04L63/1458 , H04L63/1466 , H04L63/164 , H04L63/168 , H04L67/14 , H04L67/141
摘要: A secure domain name service for a computer network is disclosed that includes a portal connected to a computer network, such as the Internet, and a domain name database connected to the computer network through the portal. The portal authenticates a query for a secure computer network address, and the domain name database stores secure computer network addresses for the computer network. Each secure computer network address is based on a non-standard top-level domain name, such as .scom, .sorg, .snet, .snet, .sedu, .smil and .sint.
摘要翻译: 公开了一种用于计算机网络的安全域名服务,其包括连接到计算机网络(例如因特网)的门户,以及通过门户连接到计算机网络的域名数据库。 门户验证安全计算机网络地址的查询,域名数据库存储计算机网络的安全计算机网络地址。 每个安全的计算机网络地址基于非标准的顶级域名,如.scom,.sorg,.snet,.snet,.sedu,.smil和.sint。
-
-
-
-
-
-
-
-
-
搜索结果
61 条记录 (耗时 0.079 秒)
