公开(公告)号：US09077694B2

公开(公告)日：2015-07-07

申请号：US13615536

申请日：2012-09-13

Applicant: Victor Larson ,  Robert Dunham Short, III ,  Edmund Colby Munger ,  Michael Williamson

Inventor： Victor Larson ,  Robert Dunham Short, III ,  Edmund Colby Munger ,  Michael Williamson

IPC: G06F15/16 ,  H04L29/06 ,  H04L12/46 ,  H04L29/12 ,  H04L12/701 ,  H04L12/707 ,  H04L12/703 ,  G06F21/60 ,  H04L12/24 ,  H04L29/08

CPC classification number: H04L63/0485 ,  G06F17/30864 ,  G06F21/606 ,  H04L12/4641 ,  H04L29/12066 ,  H04L29/12216 ,  H04L29/12301 ,  H04L29/1232 ,  H04L29/12594 ,  H04L29/12783 ,  H04L29/12801 ,  H04L41/00 ,  H04L45/00 ,  H04L45/24 ,  H04L45/28 ,  H04L61/1511 ,  H04L61/2007 ,  H04L61/2076 ,  H04L61/2092 ,  H04L61/3015 ,  H04L61/303 ,  H04L61/35 ,  H04L61/6004 ,  H04L63/0227 ,  H04L63/0272 ,  H04L63/04 ,  H04L63/0407 ,  H04L63/0421 ,  H04L63/0428 ,  H04L63/0435 ,  H04L63/0478 ,  H04L63/08 ,  H04L63/0876 ,  H04L63/105 ,  H04L63/1408 ,  H04L63/1416 ,  H04L63/1458 ,  H04L63/1466 ,  H04L63/164 ,  H04L63/168 ,  H04L67/14 ,  H04L67/141

Abstract: A client device comprises: (a) a memory, (b) an application program, and (c) a signal processing configuration. The memory is configured and arranged to facilitate a connection of the client device with a target device over a secure communication link created based on (i) an address request generated by the client device, and (ii) a determination as a result of the address request that the target device is a device with which a secure communication link can be established when the requested address is identified in an address lookup. The application program is configured and arranged so as to allow participation in audio/video communications with the target device over the secure communication link once the secure communication link is established. The signal processing configuration is arranged to execute the application program.

Abstract translation: 客户端设备包括：（a）存储器，（b）应用程序，和（c）信号处理配置。 存储器被配置和布置成便于通过基于（i）由客户端设备产生的地址请求而创建的安全通信链路来促进客户端设备与目标设备的连接，以及（ii）作为地址的结果的确定 请求目标设备是当在地址查找中识别所请求的地址时可以建立安全通信链路的设备。 应用程序被配置和布置，以便一旦建立了安全通信链路，就可以通过安全通信链路参与与目标设备的音频/视频通信。 信号处理配置被布置成执行应用程序。

公开(公告)号：US09027116B2

公开(公告)日：2015-05-05

申请号：US13544582

申请日：2012-07-09

Applicant: Robert Dunham Short, III ,  Victor Larson ,  Michael Williamson

Inventor： Robert Dunham Short, III ,  Victor Larson ,  Michael Williamson

IPC: H04L29/12 ,  H04L29/06

CPC classification number: H04L61/2046 ,  G06F17/30952 ,  H04L61/1511 ,  H04L61/2053 ,  H04L61/2514 ,  H04L61/2592 ,  H04L61/6095 ,  H04L63/0272 ,  H04L63/029 ,  H04L63/0428

Abstract: Methods and related systems are presented that relate to automatically avoiding address conflicts when establishing a secure communications link over a public network between a local computer, associated with a local network, and a remote computer, located outside the local network. In order to avoid address conflict, addresses reserved for use by the local network and addresses reserved for use by the remote network are determined. At least one local address is selected from among available local addresses such that the selected local address is an address that does not conflict with the reserved addresses of the local network and the reserved addresses of the remote network. The selected local address is used in connection with establishment of the secure communications link between the local computer and the remote computer.

Abstract translation: 提出了涉及在本地计算机与本地网络相关联的本地计算机与位于本地网络外部的远程计算机之间的公共网络上建立安全通信链路时自动避免地址冲突的方法和相关系统。 为了避免地址冲突，确定了由本地网络使用的地址和被保留供远程网络使用的地址。 从可用本地地址中选择至少一个本地地址，使得所选择的本地地址是不与本地网络的保留地址和远程网络的保留地址冲突的地址。 所选择的本地地址与本地计算机和远程计算机之间建立安全通信链路有关。

公开(公告)号：US08868705B2

公开(公告)日：2014-10-21

申请号：US13615557

申请日：2012-09-13

Applicant: Victor Larson ,  Robert Dunham Short, III ,  Edmund Colby Munger ,  Michael Williamson

Inventor： Victor Larson ,  Robert Dunham Short, III ,  Edmund Colby Munger ,  Michael Williamson

IPC: G06F15/173 ,  H04L29/12 ,  H04L29/06 ,  H04L12/707 ,  H04L12/24 ,  H04L12/701 ,  H04L29/08 ,  H04L12/703 ,  G06F21/60

CPC classification number: H04L63/0485 ,  G06F17/30864 ,  G06F21/606 ,  H04L12/4641 ,  H04L29/12066 ,  H04L29/12216 ,  H04L29/12301 ,  H04L29/1232 ,  H04L29/12594 ,  H04L29/12783 ,  H04L29/12801 ,  H04L41/00 ,  H04L45/00 ,  H04L45/24 ,  H04L45/28 ,  H04L61/1511 ,  H04L61/2007 ,  H04L61/2076 ,  H04L61/2092 ,  H04L61/3015 ,  H04L61/303 ,  H04L61/35 ,  H04L61/6004 ,  H04L63/0227 ,  H04L63/0272 ,  H04L63/04 ,  H04L63/0407 ,  H04L63/0421 ,  H04L63/0428 ,  H04L63/0435 ,  H04L63/0478 ,  H04L63/08 ,  H04L63/0876 ,  H04L63/105 ,  H04L63/1408 ,  H04L63/1416 ,  H04L63/1458 ,  H04L63/1466 ,  H04L63/164 ,  H04L63/168 ,  H04L67/14 ,  H04L67/141

Abstract: A method is used to transparently create an encrypted communications channel between a client device and a target device. Each device is configured to allow audio/video communications between the client and target devices over the encrypted communications channel once the encrypted communications channel is created. The method comprises receiving from the client device a request for a network address associated with the target device, determining whether the request is requesting access to a device that accepts an encrypted channel connection with the client device, and in response to determining that the request is requesting access to a device that accepts an encrypted communications channel connection with the client device, providing provisioning information required to initiate the creation of the encrypted communications channel between the client device and the target device such that the encrypted communications channel supports secure audio/video communications transmitted between the two devices.

Abstract translation: 一种方法用于在客户端设备和目标设备之间透明地创建加密的通信信道。 每个设备被配置为一旦创建了加密的通信信道，就允许客户端和目标设备之间通过加密的通信信道进行音频/视频通信。 该方法包括从客户端设备接收与目标设备相关联的网络地址的请求，确定该请求是否请求访问接受与客户端设备的加密信道连接的设备，以及响应于确定该请求是 请求访问接受与客户端设备的加密通信信道连接的设备，提供在客户端设备和目标设备之间启动加密通信信道的创建所需的提供信息，使得加密的通信信道支持安全的音频/视频通信 在两个设备之间传输。

公开(公告)号：US08571025B2

公开(公告)日：2013-10-29

申请号：US13110509

申请日：2011-05-18

Applicant: Victor Larson

Inventor： Victor Larson

IPC: H04L12/28

CPC classification number: H04L9/3263 ,  H04L41/0806 ,  H04L41/12 ,  H04L47/805 ,  H04L63/0272 ,  H04L63/04 ,  H04L63/0428 ,  H04L63/0435 ,  H04L63/061 ,  H04L63/0823 ,  H04L63/12 ,  H04L63/20 ,  H04L2209/64

Abstract: A virtual private network (VPN) over a telecommunications network is created by sending a request from a first VPN device to a second VPN device for establishing a VPN between the first and second VPN devices. The request includes a first signed certificate having a verified VPN parameter for the first VPN device. A reply is received at the first VPN device from the second VPN device that includes a second signed certificate having a verified VPN parameter for the second VPN device. The VPN is established between the first and second VPN devices based on each verified VPN parameter for each of the first and second VPN devices.

公开(公告)号：US20130067224A1

公开(公告)日：2013-03-14

申请号：US13615557

申请日：2012-09-13

Applicant: Victor Larson ,  Robert Dunham Short, III ,  Edmund Colby Munger ,  Michael Williamson

Inventor： Victor Larson ,  Robert Dunham Short, III ,  Edmund Colby Munger ,  Michael Williamson

IPC: H04L9/00

CPC classification number: H04L63/0485 ,  G06F17/30864 ,  G06F21/606 ,  H04L12/4641 ,  H04L29/12066 ,  H04L29/12216 ,  H04L29/12301 ,  H04L29/1232 ,  H04L29/12594 ,  H04L29/12783 ,  H04L29/12801 ,  H04L41/00 ,  H04L45/00 ,  H04L45/24 ,  H04L45/28 ,  H04L61/1511 ,  H04L61/2007 ,  H04L61/2076 ,  H04L61/2092 ,  H04L61/3015 ,  H04L61/303 ,  H04L61/35 ,  H04L61/6004 ,  H04L63/0227 ,  H04L63/0272 ,  H04L63/04 ,  H04L63/0407 ,  H04L63/0421 ,  H04L63/0428 ,  H04L63/0435 ,  H04L63/0478 ,  H04L63/08 ,  H04L63/0876 ,  H04L63/105 ,  H04L63/1408 ,  H04L63/1416 ,  H04L63/1458 ,  H04L63/1466 ,  H04L63/164 ,  H04L63/168 ,  H04L67/14 ,  H04L67/141

Abstract: A method is used to transparently create an encrypted communications channel between a client device and a target device. Each device is configured to allow audio/video communications between the client and target devices over the encrypted communications channel once the encrypted communications channel is created. The method comprises receiving from the client device a request for a network address associated with the target device, determining whether the request is requesting access to a device that accepts an encrypted channel connection with the client device, and in response to determining that the request is requesting access to a device that accepts an encrypted communications channel connection with the client device, providing provisioning information required to initiate the creation of the encrypted communications channel between the client device and the target device such that the encrypted communications channel supports secure audio/video communications transmitted between the two devices.

Abstract translation: 一种方法用于在客户端设备和目标设备之间透明地创建加密的通信信道。 每个设备被配置为一旦创建了加密的通信信道，就允许客户端和目标设备之间通过加密的通信信道进行音频/视频通信。 该方法包括从客户端设备接收与目标设备相关联的网络地址的请求，确定该请求是否请求访问接受与客户端设备的加密信道连接的设备，以及响应于确定该请求是 请求访问接受与客户端设备的加密通信信道连接的设备，提供在客户端设备和目标设备之间启动加密通信信道的创建所需的提供信息，使得加密的通信信道支持安全的音频/视频通信 在两个设备之间传输。

公开(公告)号：US20130067103A1

公开(公告)日：2013-03-14

申请号：US13615536

申请日：2012-09-13

Applicant: Victor Larson ,  Robert Dunham Short, III ,  Edmund Colby Munger ,  Michael Williamson

Inventor： Victor Larson ,  Robert Dunham Short, III ,  Edmund Colby Munger ,  Michael Williamson

IPC: G06F15/16

CPC classification number: H04L63/0485 ,  G06F17/30864 ,  G06F21/606 ,  H04L12/4641 ,  H04L29/12066 ,  H04L29/12216 ,  H04L29/12301 ,  H04L29/1232 ,  H04L29/12594 ,  H04L29/12783 ,  H04L29/12801 ,  H04L41/00 ,  H04L45/00 ,  H04L45/24 ,  H04L45/28 ,  H04L61/1511 ,  H04L61/2007 ,  H04L61/2076 ,  H04L61/2092 ,  H04L61/3015 ,  H04L61/303 ,  H04L61/35 ,  H04L61/6004 ,  H04L63/0227 ,  H04L63/0272 ,  H04L63/04 ,  H04L63/0407 ,  H04L63/0421 ,  H04L63/0428 ,  H04L63/0435 ,  H04L63/0478 ,  H04L63/08 ,  H04L63/0876 ,  H04L63/105 ,  H04L63/1408 ,  H04L63/1416 ,  H04L63/1458 ,  H04L63/1466 ,  H04L63/164 ,  H04L63/168 ,  H04L67/14 ,  H04L67/141

Abstract: A client device comprises: (a) a memory, (b) an application program, and (c) a signal processing configuration. The memory is configured and arranged to facilitate a connection of the client device with a target device over a secure communication link created based on (i) an address request generated by the client device, and (ii) a determination as a result of the address request that the target device is a device with which a secure communication link can be established when the requested address is identified in an address lookup. The application program is configured and arranged so as to allow participation in audio/video communications with the target device over the secure communication link once the secure communication link is established. The signal processing configuration is arranged to execute the application program.

Abstract translation: 客户端设备包括：（a）存储器，（b）应用程序，和（c）信号处理配置。 存储器被配置和布置成便于通过基于（i）由客户端设备产生的地址请求而创建的安全通信链路来促进客户端设备与目标设备的连接，以及（ii）作为地址的结果的确定 请求目标设备是当在地址查找中识别所请求的地址时可以建立安全通信链路的设备。 应用程序被配置和布置，以便一旦建立了安全通信链路，就可以通过安全通信链路参与与目标设备的音频/视频通信。 信号处理配置被布置成执行应用程序。

公开(公告)号：US20130019280A1

公开(公告)日：2013-01-17

申请号：US13620371

申请日：2012-09-14

Applicant: Victor Larson ,  Robert Dunham Short, III ,  Edmund Colby Munger ,  Michael Williamson

Inventor： Victor Larson ,  Robert Dunham Short, III ,  Edmund Colby Munger ,  Michael Williamson

IPC: G06F21/00

CPC classification number: H04L63/0876 ,  H04L29/12047 ,  H04L29/12216 ,  H04L29/12301 ,  H04L29/1232 ,  H04L29/12783 ,  H04L29/12801 ,  H04L45/00 ,  H04L45/24 ,  H04L45/28 ,  H04L61/15 ,  H04L61/2007 ,  H04L61/2076 ,  H04L61/2092 ,  H04L61/35 ,  H04L61/6004 ,  H04L63/0227 ,  H04L63/0272 ,  H04L63/0281 ,  H04L63/029 ,  H04L63/0414 ,  H04L63/0421 ,  H04L63/0428 ,  H04L63/061 ,  H04L63/10 ,  H04L63/1458 ,  H04L63/1491 ,  H04L63/18

Abstract: A technique is disclosed for establishing a secure communication link between a first computer and a second computer over a computer network. Initially, a secure communication mode of communication is enabled at a first computer without a user entering any cryptographic information for establishing the secure communication mode of communication. Then, a secure communication link is established between the first computer and a second computer over a computer network based on the enabled secure communication mode of communication. The secure communication link is a virtual private network communication link over the computer network in which one or more data values that vary according to a pseudo-random sequence are inserted into each data packet.

公开(公告)号：US20120117382A1

公开(公告)日：2012-05-10

申请号：US13343465

申请日：2012-01-04

Applicant: Victor Larson ,  Robert Dunham Short, III ,  Edmond Colby Munger ,  Michael Williamson

Inventor： Victor Larson ,  Robert Dunham Short, III ,  Edmond Colby Munger ,  Michael Williamson

IPC: H04L29/06

CPC classification number: H04L63/0485 ,  G06F17/30864 ,  G06F21/606 ,  H04L12/4641 ,  H04L29/12066 ,  H04L29/12216 ,  H04L29/12301 ,  H04L29/1232 ,  H04L29/12594 ,  H04L29/12783 ,  H04L29/12801 ,  H04L41/00 ,  H04L45/00 ,  H04L45/24 ,  H04L45/28 ,  H04L61/1511 ,  H04L61/2007 ,  H04L61/2076 ,  H04L61/2092 ,  H04L61/3015 ,  H04L61/303 ,  H04L61/35 ,  H04L61/6004 ,  H04L63/0227 ,  H04L63/0272 ,  H04L63/04 ,  H04L63/0407 ,  H04L63/0421 ,  H04L63/0428 ,  H04L63/0435 ,  H04L63/0478 ,  H04L63/08 ,  H04L63/0876 ,  H04L63/105 ,  H04L63/1408 ,  H04L63/1416 ,  H04L63/1458 ,  H04L63/1466 ,  H04L63/164 ,  H04L63/168 ,  H04L67/14 ,  H04L67/141

Abstract: A method and system are used to transparently create an encrypted communications channel between a client device and a target device. Audio video communications between the client device and the target device are allowed over the encrypted communications channel once the encrypted communications channel is created. The method comprises: (1) receiving from the client device a request for a network address associated with the target device; (2) determining whether the request is requesting access to a device that accepts an encrypted channel connection with the client device; and (3) depending on the determination made in step (2) providing provisioning information required to initiate the creation of the encrypted communications channel between the client device and the target device such that the encrypted communications channel supports secure audio/video communications transmitted between the two devices.

Abstract translation: 一种方法和系统用于在客户端设备和目标设备之间透明地创建加密的通信信道。 一旦加密的通信信道被创建，客户端设备和目标设备之间的音频视频通信被允许通过加密的通信信道。 该方法包括：（1）从客户端设备接收与目标设备相关联的网络地址的请求; （2）确定请求是否请求访问接受与客户端设备的加密信道连接的设备; 和（3）取决于步骤（2）中作出的确定提供在客户端设备和目标设备之间启动加密的通信信道的创建所需的供应信息，使得加密的通信信道支持安全的音频/视频通信 两个设备。

公开(公告)号：US20110185169A1

公开(公告)日：2011-07-28

申请号：US13075081

申请日：2011-03-29

Applicant: Edmund Colby Munger ,  Douglas Charles Schmidt ,  Robert Dunham Short, III ,  Victor Larson ,  Michael Williamson

Inventor： Edmund Colby Munger ,  Douglas Charles Schmidt ,  Robert Dunham Short, III ,  Victor Larson ,  Michael Williamson

IPC: H04L29/06

CPC classification number: H04L65/403 ,  H04L45/00 ,  H04L45/24 ,  H04L45/28 ,  H04L61/1511 ,  H04L61/2007 ,  H04L61/2076 ,  H04L61/2092 ,  H04L61/35 ,  H04L61/6004 ,  H04L63/0272 ,  H04L63/0407 ,  H04L63/0414 ,  H04L63/0428 ,  H04L63/08 ,  H04L63/10 ,  H04L63/1458 ,  H04L63/1466 ,  H04L63/1491

Abstract: A plurality of computer nodes communicate using seemingly random Internet Protocol source and destination addresses. Data packets matching criteria defined by a moving window of valid addresses are accepted for further processing, while those that do not meet the criteria are quickly rejected. Improvements to the basic design include (1) a load balancer that distributes packets across different transmission paths according to transmission path quality; (2) a DNS proxy server that transparently creates a virtual private network in response to a domain name inquiry; (3) a large-to-small link bandwidth management feature that prevents denial-of-service attacks at system chokepoints; (4) a traffic limiter that regulates incoming packets by limiting the rate at which a transmitter can be synchronized with a receiver; and (5) a signaling synchronizer that allows a large number of nodes to communicate with a central node by partitioning the communication function between two separate entities.

Abstract translation: 多个计算机节点使用看似随机的因特网协议源和目的地址进行通信。 由有效地址的移动窗口定义的数据包匹配条件被接受进一步处理，而不符合标准的数据包将被快速拒绝。 对基本设计的改进包括（1）根据传输路径质量在不同传输路径上分发数据包的负载平衡器; （2）响应于域名查询透明地创建虚拟专用网络的DNS代理服务器; （3）一个大到小的链路带宽管理功能，可防止系统阻塞点的拒绝服务攻击; （4）流量限制器，其通过限制发射机与接收机同步的速率来调节输入分组; 和（5）信令同步器，其允许大量节点通过分割两个单独实体之间的通信功能而与中央节点进行通信。

公开(公告)号：US20110167087A1

公开(公告)日：2011-07-07

申请号：US13049552

申请日：2011-03-16

Applicant: Victor Larson ,  Robert Dunham Short, III ,  Edmund Colby Munger ,  Michael Williamson

Inventor： Victor Larson ,  Robert Dunham Short, III ,  Edmund Colby Munger ,  Michael Williamson

IPC: G06F17/30

CPC classification number: H04L63/0485 ,  G06F17/30864 ,  G06F21/606 ,  H04L12/4641 ,  H04L29/12066 ,  H04L29/12216 ,  H04L29/12301 ,  H04L29/1232 ,  H04L29/12594 ,  H04L29/12783 ,  H04L29/12801 ,  H04L41/00 ,  H04L45/00 ,  H04L45/24 ,  H04L45/28 ,  H04L61/1511 ,  H04L61/2007 ,  H04L61/2076 ,  H04L61/2092 ,  H04L61/3015 ,  H04L61/303 ,  H04L61/35 ,  H04L61/6004 ,  H04L63/0227 ,  H04L63/0272 ,  H04L63/04 ,  H04L63/0407 ,  H04L63/0421 ,  H04L63/0428 ,  H04L63/0435 ,  H04L63/0478 ,  H04L63/08 ,  H04L63/0876 ,  H04L63/105 ,  H04L63/1408 ,  H04L63/1416 ,  H04L63/1458 ,  H04L63/1466 ,  H04L63/164 ,  H04L63/168 ,  H04L67/14 ,  H04L67/141

Abstract: A secure domain name service for a computer network is disclosed that includes a portal connected to a computer network, such as the Internet, and a domain name database connected to the computer network through the portal. The portal authenticates a query for a secure computer network address, and the domain name database stores secure computer network addresses for the computer network. Each secure computer network address is based on a non-standard top-level domain name, such as .scom, .sorg, .snet, .snet, .sedu, .smil and .sint.

Abstract translation: 公开了一种用于计算机网络的安全域名服务，其包括连接到计算机网络（例如因特网）的门户，以及通过门户连接到计算机网络的域名数据库。 门户验证安全计算机网络地址的查询，域名数据库存储计算机网络的安全计算机网络地址。 每个安全的计算机网络地址基于非标准的顶级域名，如.scom，.sorg，.snet，.snet，.sedu，.smil和.sint。