公开(公告)号：US10511573B2

公开(公告)日：2019-12-17

申请号：US15185760

申请日：2016-06-17

申请人： VIRNETX, INC.

发明人： Victor Larson ,  Robert Dunham Short, III ,  Edmund Colby Munger ,  Michael Williamson

IPC分类号： H04L29/06 ,  G06F21/60 ,  G06F16/951 ,  H04L29/12 ,  G06F8/61 ,  H04N7/15

摘要： A network device comprises a storage device storing an application program for a secure communications service, and at least one processor configured to execute the application program for the secure communications service so as to enable the network device to send a request to look up a network address of a second device based on an identifier associated with the second device, receive an indication that the second device is available for the secure communications service, the indication including the requested network address and provisioning information for a secure communication link, connect to the second device over the secure communication link, using the received network address of the second device and the provisioning information for the secure communication link, and communicate at least one of video data and audio data with the second device using the secure communications service via the secure communication link.

公开(公告)号：US10187387B2

公开(公告)日：2019-01-22

申请号：US15230396

申请日：2016-08-06

申请人： VIRNETX, INC.

发明人： Victor Larson ,  Robert Dunham Short, III ,  Edmund Colby Munger ,  Michael Williamson

IPC分类号： H04L29/06 ,  H04L29/12 ,  H04L12/701 ,  H04L12/707 ,  H04L12/703

摘要： A method performed by a first network device for communicating over a network, the method includes receiving, at the first network device, a request to connect to a second network device. The method includes, based on the request to connect, determining whether the first network device is set to an encrypted communication mode. The method further includes, based on a determination that the first network device is set to the encrypted communication mode, sending, to a first name service, a first name associated with the second network device and for which the first name service supports establishing an encrypted connection to the second network device. The method further includes receiving, at the first network device, a resource for the encrypted connection to the second network device, wherein the resource indicates a quality of service level for the encrypted connection determined by the first name service, and communicating with the second network device over the network via the encrypted connection using the received resource indicating the determined service level for the encrypted connection.

公开(公告)号：US20160344733A1

公开(公告)日：2016-11-24

申请号：US15230396

申请日：2016-08-06

申请人： VIRNETX, INC.

发明人： Victor LARSON ,  Robert Dunham SHORT, III ,  Edmund Colby MUNGER ,  Michael WILLIAMSON

IPC分类号： H04L29/06

CPC分类号： H04L63/0876 ,  H04L29/12047 ,  H04L29/12216 ,  H04L29/12301 ,  H04L29/1232 ,  H04L29/12783 ,  H04L29/12801 ,  H04L45/00 ,  H04L45/24 ,  H04L45/28 ,  H04L61/15 ,  H04L61/2007 ,  H04L61/2076 ,  H04L61/2092 ,  H04L61/35 ,  H04L61/6004 ,  H04L63/0227 ,  H04L63/0272 ,  H04L63/0281 ,  H04L63/029 ,  H04L63/0414 ,  H04L63/0421 ,  H04L63/0428 ,  H04L63/061 ,  H04L63/10 ,  H04L63/1458 ,  H04L63/1491 ,  H04L63/18

摘要： A method performed by a first network device for communicating over a network, the method includes receiving, at the first network device, a request to connect to a second network device. The method includes, based on the request to connect, determining whether the first network device is set to an encrypted communication mode. The method further includes, based on a determination that the first network device is set to the encrypted communication mode, sending, to a first name service, a first name associated with the second network device and for which the first name service supports establishing an encrypted connection to the second network device. The method further includes receiving, at the first network device, a resource for the encrypted connection to the second network device, wherein the resource indicates a quality of service level for the encrypted connection determined by the first name service, and communicating with the second network device over the network via the encrypted connection using the received resource indicating the determined service level for the encrypted connection.

摘要翻译： 一种由第一网络设备执行的用于通过网络通信的方法，所述方法包括在所述第一网络设备处接收连接到第二网络设备的请求。 该方法基于连接请求，确定第一网络设备是否被设置为加密通信模式。 该方法还包括：基于第一网络设备被设置为加密通信模式的确定，向名字服务发送与第二网络设备相关联的名字，并且该名称服务支持建立加密的通信模式 连接到第二网络设备。 该方法还包括在第一网络设备处接收用于到第二网络设备的加密连接的资源，其中资源指示由该名称服务确定的加密连接的服务质量水平，并与第二网络通信 设备通过使用所接收的资源通过加密连接在网络上指示用于加密连接的确定的服务级别。

公开(公告)号：US09100375B2

公开(公告)日：2015-08-04

申请号：US13617446

申请日：2012-09-14

申请人： Victor Larson ,  Robert Dunham Short, III ,  Edmond Colby Munger ,  Michael Williamson

发明人： Victor Larson ,  Robert Dunham Short, III ,  Edmond Colby Munger ,  Michael Williamson

IPC分类号： G06F15/173 ,  H04L29/06 ,  H04L12/46 ,  H04L29/12 ,  H04L12/701 ,  H04L12/707 ,  H04L12/703 ,  G06F21/60 ,  H04L12/24 ,  H04L29/08

CPC分类号： H04L63/0485 ,  G06F17/30864 ,  G06F21/606 ,  H04L12/4641 ,  H04L29/12066 ,  H04L29/12216 ,  H04L29/12301 ,  H04L29/1232 ,  H04L29/12594 ,  H04L29/12783 ,  H04L29/12801 ,  H04L41/00 ,  H04L45/00 ,  H04L45/24 ,  H04L45/28 ,  H04L61/1511 ,  H04L61/2007 ,  H04L61/2076 ,  H04L61/2092 ,  H04L61/3015 ,  H04L61/303 ,  H04L61/35 ,  H04L61/6004 ,  H04L63/0227 ,  H04L63/0272 ,  H04L63/04 ,  H04L63/0407 ,  H04L63/0421 ,  H04L63/0428 ,  H04L63/0435 ,  H04L63/0478 ,  H04L63/08 ,  H04L63/0876 ,  H04L63/105 ,  H04L63/1408 ,  H04L63/1416 ,  H04L63/1458 ,  H04L63/1466 ,  H04L63/164 ,  H04L63/168 ,  H04L67/14 ,  H04L67/141

摘要： A method of establishing a secure communication link comprises: (a) receiving a request that (i) includes an identifier of a client and (ii) was sent in response to a determination that a DNS request from the client corresponds to a first computer configured to communicate securely; (b) comparing the received client identifier to at least one stored client identifier; (c) determining, based on the comparison, whether the client is authorized to communicate with the first computer; (d) generating a resource used to establish the secure communication link between the client and the first computer; (e) generating a message in response to determining that the client is not authorized to communicate with the first computer; and (f) in response to determining that the client is authorized to communicate with the first computer, making the resource available to the client to automatically establish the secure communication link.

摘要翻译： 一种建立安全通信链路的方法包括：（a）接收（i）包括客户端的标识符和（ii）响应于来自客户端的DNS请求对应于配置的第一计算机的确定而发送的请求 安全通信 （b）将接收到的客户端标识符与至少一个存储的客户端标识符进行比较; （c）基于比较确定客户端是否被授权与第一计算机进行通信; （d）生成用于建立客户端与第一计算机之间的安全通信链路的资源; （e）响应于确定所述客户端未被授权与所述第一计算机通信而产生消息; 以及（f）响应于确定所述客户端被授权与所述第一计算机通信，使得所述资源可用于所述客户端以自动建立所述安全通信链路。

公开(公告)号：US09038163B2

公开(公告)日：2015-05-19

申请号：US13950877

申请日：2013-07-25

申请人： VIRNETX, INC.

发明人： Victor Larson ,  Robert Dunham Short, III ,  Edmund Colby Munger ,  Michael Williamson

IPC分类号： G06F9/00 ,  H04L29/06 ,  H04L12/46 ,  H04L29/12 ,  H04L12/701 ,  H04L12/707 ,  H04L12/703 ,  G06F21/60 ,  H04L12/24 ,  H04L29/08

CPC分类号： H04L63/0485 ,  G06F17/30864 ,  G06F21/606 ,  H04L12/4641 ,  H04L29/12066 ,  H04L29/12216 ,  H04L29/12301 ,  H04L29/1232 ,  H04L29/12594 ,  H04L29/12783 ,  H04L29/12801 ,  H04L41/00 ,  H04L45/00 ,  H04L45/24 ,  H04L45/28 ,  H04L61/1511 ,  H04L61/2007 ,  H04L61/2076 ,  H04L61/2092 ,  H04L61/3015 ,  H04L61/303 ,  H04L61/35 ,  H04L61/6004 ,  H04L63/0227 ,  H04L63/0272 ,  H04L63/04 ,  H04L63/0407 ,  H04L63/0421 ,  H04L63/0428 ,  H04L63/0435 ,  H04L63/0478 ,  H04L63/08 ,  H04L63/0876 ,  H04L63/105 ,  H04L63/1408 ,  H04L63/1416 ,  H04L63/1458 ,  H04L63/1466 ,  H04L63/164 ,  H04L63/168 ,  H04L67/14 ,  H04L67/141

摘要： Systems and methods for connecting a first network device and a second network device over a communication network are disclosed. An exemplary method includes receiving, from the first network device, a request to look up a network address of the second network and evaluating the request to determine whether an identifier associated with the second network device is registered with a name service that facilitates resolving the identifier and further facilitates establishing direct encrypted communication links. It is determined whether the second network device is available to communicate through a direct encrypted communication link facilitated by the name service, the establishment of the direct encrypted communication link between the first network device and the second network device is facilitated. This includes provisioning the first network device or the second network device with one or more resources for the direct encrypted communication link. The established direct encrypted communication link carries encrypted data communicated between the first network device and the second network device, and the first network device is a user device.

摘要翻译： 公开了通过通信网络连接第一网络设备和第二网络设备的系统和方法。 一种示例性方法包括从第一网络设备接收查询第二网络的网络地址的请求，并且评估该请求以确定与第二网络设备相关联的标识符是否与易于解析标识符的名称服务注册 并且进一步便于建立直接加密的通信链路。 确定第二网络设备是否可用于通过名称服务促进的直接加密通信链路进行通信，便于在第一网络设备和第二网络设备之间建立直接加密的通信链路。 这包括为第一网络设备或第二网络设备提供用于直接加密通信链路的一个或多个资源。 建立的直接加密通信链路携带在第一网络设备和第二网络设备之间传送的加密数据，第一网络设备是用户设备。

公开(公告)号：US09037713B2

公开(公告)日：2015-05-19

申请号：US13080680

申请日：2011-04-06

申请人： Victor Larson ,  Robert Dunham Short, III ,  Edmund Colby Munger ,  Michael Williamson

发明人： Victor Larson ,  Robert Dunham Short, III ,  Edmund Colby Munger ,  Michael Williamson

IPC分类号： G06F15/16 ,  H04L29/06 ,  H04L12/46 ,  H04L29/12 ,  H04L12/701 ,  H04L12/707 ,  H04L12/703 ,  G06F21/60 ,  H04L12/24 ,  H04L29/08

CPC分类号： H04L63/0485 ,  G06F17/30864 ,  G06F21/606 ,  H04L12/4641 ,  H04L29/12066 ,  H04L29/12216 ,  H04L29/12301 ,  H04L29/1232 ,  H04L29/12594 ,  H04L29/12783 ,  H04L29/12801 ,  H04L41/00 ,  H04L45/00 ,  H04L45/24 ,  H04L45/28 ,  H04L61/1511 ,  H04L61/2007 ,  H04L61/2076 ,  H04L61/2092 ,  H04L61/3015 ,  H04L61/303 ,  H04L61/35 ,  H04L61/6004 ,  H04L63/0227 ,  H04L63/0272 ,  H04L63/04 ,  H04L63/0407 ,  H04L63/0421 ,  H04L63/0428 ,  H04L63/0435 ,  H04L63/0478 ,  H04L63/08 ,  H04L63/0876 ,  H04L63/105 ,  H04L63/1408 ,  H04L63/1416 ,  H04L63/1458 ,  H04L63/1466 ,  H04L63/164 ,  H04L63/168 ,  H04L67/14 ,  H04L67/141

摘要： A secure domain name service for a computer network is disclosed that includes a portal connected to a computer network, such as the Internet, and a domain name database connected to the computer network through the portal. The portal authenticates a query for a secure computer network address, and the domain name database stores secure computer network addresses for the computer network. Each secure computer network address is based on a non-standard top-level domain name, such as .scom, .sorg, .snet, .snet, .sedu, .smil and .sint.

摘要翻译： 公开了一种用于计算机网络的安全域名服务，其包括连接到计算机网络（例如因特网）的门户，以及通过门户连接到计算机网络的域名数据库。 门户验证安全计算机网络地址的查询，域名数据库存储计算机网络的安全计算机网络地址。 每个安全的计算机网络地址基于非标准的顶级域名，如.scom，.sorg，.snet，.snet，.sedu，.smil和.sint。

公开(公告)号：US09027115B2

公开(公告)日：2015-05-05

申请号：US14482956

申请日：2014-09-10

申请人： VirnetX, Inc.

发明人： Victor Larson ,  Robert Dunham Short, III ,  Edmund Colby Munger ,  Michael Williamson

IPC分类号： H04L29/02 ,  H04L29/06 ,  H04L12/46 ,  H04L29/12 ,  H04L12/701 ,  H04L12/707 ,  H04L12/703 ,  G06F21/60 ,  H04L12/24 ,  H04L29/08 ,  H04L9/12

CPC分类号： H04L63/0485 ,  G06F17/30864 ,  G06F21/606 ,  H04L12/4641 ,  H04L29/12066 ,  H04L29/12216 ,  H04L29/12301 ,  H04L29/1232 ,  H04L29/12594 ,  H04L29/12783 ,  H04L29/12801 ,  H04L41/00 ,  H04L45/00 ,  H04L45/24 ,  H04L45/28 ,  H04L61/1511 ,  H04L61/2007 ,  H04L61/2076 ,  H04L61/2092 ,  H04L61/3015 ,  H04L61/303 ,  H04L61/35 ,  H04L61/6004 ,  H04L63/0227 ,  H04L63/0272 ,  H04L63/04 ,  H04L63/0407 ,  H04L63/0421 ,  H04L63/0428 ,  H04L63/0435 ,  H04L63/0478 ,  H04L63/08 ,  H04L63/0876 ,  H04L63/105 ,  H04L63/1408 ,  H04L63/1416 ,  H04L63/1458 ,  H04L63/1466 ,  H04L63/164 ,  H04L63/168 ,  H04L67/14 ,  H04L67/141

摘要： A method for connecting a first network device to a second network device includes receiving a request to resolve a network address of the second network device. The request includes a name associated with the second network device that corresponds to the network address. The request is evaluated to confirm that the name is registered with a name service that facilitates resolving the name and facilitates establishing communication links, which use encryption, between the first network device and the second network device over the network. It is determined whether the second network device is available to establish the communication link. If so, the communication link is automatically established, including sending a signal to a provisioning server to provision the first network device or the second network device with a resource for the communication link.

摘要翻译： 一种将第一网络设备连接到第二网络设备的方法包括：接收解决第二网络设备的网络地址的请求。 请求包括与网络地址对应的与第二网络设备相关联的名称。 评估该请求以确认该名称已经与名称服务注册，该名称服务便于解析该名称，并且有助于通过网络在第一网络设备和第二网络设备之间建立使用加密的通信链路。 确定第二网络设备是否可用于建立通信链路。 如果是，则自动建立通信链路，包括向供应服务器发送信号以向第一网络设备或第二网络设备提供用于通信链路的资源。

公开(公告)号：US08843643B2

公开(公告)日：2014-09-23

申请号：US13950919

申请日：2013-07-25

申请人： VirnetX, Inc.

发明人： Victor Larson ,  Robert Dunham Short, III ,  Edmund Colby Munger ,  Michael Williamson

IPC分类号： G06F15/16 ,  H04L12/24 ,  H04L12/701 ,  H04L29/12 ,  H04L12/707 ,  G06F21/60 ,  H04L29/08 ,  H04L12/703 ,  H04L29/06

CPC分类号： H04L63/0485 ,  G06F17/30864 ,  G06F21/606 ,  H04L12/4641 ,  H04L29/12066 ,  H04L29/12216 ,  H04L29/12301 ,  H04L29/1232 ,  H04L29/12594 ,  H04L29/12783 ,  H04L29/12801 ,  H04L41/00 ,  H04L45/00 ,  H04L45/24 ,  H04L45/28 ,  H04L61/1511 ,  H04L61/2007 ,  H04L61/2076 ,  H04L61/2092 ,  H04L61/3015 ,  H04L61/303 ,  H04L61/35 ,  H04L61/6004 ,  H04L63/0227 ,  H04L63/0272 ,  H04L63/04 ,  H04L63/0407 ,  H04L63/0421 ,  H04L63/0428 ,  H04L63/0435 ,  H04L63/0478 ,  H04L63/08 ,  H04L63/0876 ,  H04L63/105 ,  H04L63/1408 ,  H04L63/1416 ,  H04L63/1458 ,  H04L63/1466 ,  H04L63/164 ,  H04L63/168 ,  H04L67/14 ,  H04L67/141

摘要： A method and system are used to transparently create an encrypted communications channel between a client device and a target device. Audio video communications between the client device and the target device are allowed over the encrypted communications channel once the encrypted communications channel is created. The method comprises: (1) receiving from the client device a request for a network address associated with the target device; (2) determining whether the request is requesting access to a device that accepts an encrypted channel connection with the client device; and (3) depending on the determination made in step (2) providing provisioning information required to initiate the creation of the encrypted communications channel between the client device and the target device such that the encrypted communications channel supports secure audio/video communications transmitted between the two devices.

摘要翻译： 一种方法和系统用于在客户端设备和目标设备之间透明地创建加密的通信信道。 一旦加密的通信信道被创建，客户端设备和目标设备之间的音频视频通信被允许通过加密的通信信道。 该方法包括：（1）从客户端设备接收与目标设备相关联的网络地址的请求; （2）确定请求是否请求访问接受与客户端设备的加密信道连接的设备; 和（3）取决于步骤（2）中作出的确定提供在客户端设备和目标设备之间启动加密的通信信道的创建所需的供应信息，使得加密的通信信道支持安全的音频/视频通信 两个设备。

公开(公告)号：US20130263220A1

公开(公告)日：2013-10-03

申请号：US13903788

申请日：2013-05-28

申请人： VIRNETX, INC.

发明人： Victor Larson ,  Robert Dunham Short, III ,  Edmund Colby Munger ,  Michael Williamson

IPC分类号： H04L29/06

CPC分类号： H04L63/0485 ,  G06F17/30864 ,  G06F21/606 ,  H04L12/4641 ,  H04L29/12066 ,  H04L29/12216 ,  H04L29/12301 ,  H04L29/1232 ,  H04L29/12594 ,  H04L29/12783 ,  H04L29/12801 ,  H04L41/00 ,  H04L45/00 ,  H04L45/24 ,  H04L45/28 ,  H04L61/1511 ,  H04L61/2007 ,  H04L61/2076 ,  H04L61/2092 ,  H04L61/3015 ,  H04L61/303 ,  H04L61/35 ,  H04L61/6004 ,  H04L63/0227 ,  H04L63/0272 ,  H04L63/04 ,  H04L63/0407 ,  H04L63/0421 ,  H04L63/0428 ,  H04L63/0435 ,  H04L63/0478 ,  H04L63/08 ,  H04L63/0876 ,  H04L63/105 ,  H04L63/1408 ,  H04L63/1416 ,  H04L63/1458 ,  H04L63/1466 ,  H04L63/164 ,  H04L63/168 ,  H04L67/14 ,  H04L67/141

摘要： A network device comprises: a storage device storing an application program for a secure communications service; and at least one processor. The processor is configured to enable the network device to (a) send a request to look up a network address of a second network device based on an identifier associated with the second network device; (b) receive an indication that the second network device is available for the secure communications service, the indication including the requested network address of the second network device and provisioning information for a virtual private network communication link; (c) connect to the second network device, using the received network address of the second network device and the provisioning information for the virtual private network communication link; and (d) communicate with the second network device using the secure communications service via the virtual private network communication link.

摘要翻译： 网络设备包括：存储用于安全通信服务的应用程序的存储设备; 和至少一个处理器。 处理器被配置为使得网络设备能够（a）基于与第二网络设备相关联的标识符发送查询第二网络设备的网络地址的请求; （b）接收关于所述第二网络设备可用于所述安全通信服务的指示，所述指示包括所述第二网络设备的所请求的网络地址以及用于虚拟专用网络通信链路的供应信息; （c）使用所接收的第二网络设备的网络地址和虚拟专用网络通信链路的供应信息连接到第二网络设备; 以及（d）使用所述安全通信服务经由所述虚拟专用网络通信链路与所述第二网络设备进行通信。

公开(公告)号：US08504696B2

公开(公告)日：2013-08-06

申请号：US13337757

申请日：2011-12-27

申请人： Victor Larson ,  Robert Dunham Short, III ,  Edmond Colby Munger ,  Michael Williamson

发明人： Victor Larson ,  Robert Dunham Short, III ,  Edmond Colby Munger ,  Michael Williamson

IPC分类号： G06F15/16

CPC分类号： H04L63/0485 ,  G06F17/30864 ,  G06F21/606 ,  H04L12/4641 ,  H04L29/12066 ,  H04L29/12216 ,  H04L29/12301 ,  H04L29/1232 ,  H04L29/12594 ,  H04L29/12783 ,  H04L29/12801 ,  H04L41/00 ,  H04L45/00 ,  H04L45/24 ,  H04L45/28 ,  H04L61/1511 ,  H04L61/2007 ,  H04L61/2076 ,  H04L61/2092 ,  H04L61/3015 ,  H04L61/303 ,  H04L61/35 ,  H04L61/6004 ,  H04L63/0227 ,  H04L63/0272 ,  H04L63/04 ,  H04L63/0407 ,  H04L63/0421 ,  H04L63/0428 ,  H04L63/0435 ,  H04L63/0478 ,  H04L63/08 ,  H04L63/0876 ,  H04L63/105 ,  H04L63/1408 ,  H04L63/1416 ,  H04L63/1458 ,  H04L63/1466 ,  H04L63/164 ,  H04L63/168 ,  H04L67/14 ,  H04L67/141

摘要： A system for connecting a first network device and a second network device includes one or more servers. The servers are configured to: (a) receive, from the first network device, a request to look up a network address of the second network device based on an identifier associated with the second network device; (b) determine, in response to the request, whether the second network device is available for a secure communications service; and (c) initiate a virtual private network communication link between the first network device and the second network device based on a determination that the second network device is available for the secure communications service, wherein the secure communications service uses the virtual private network communication link.

摘要翻译： 用于连接第一网络设备和第二网络设备的系统包括一个或多个服务器。 服务器被配置为：（a）从第一网络设备接收基于与第二网络设备相关联的标识符来查找第二网络设备的网络地址的请求; （b）响应于所述请求，确定所述第二网络设备是否可用于安全通信服务; 以及（c）基于所述第二网络设备可用于所述安全通信服务的确定来启动所述第一网络设备和所述第二网络设备之间的虚拟专用网络通信链路，其中所述安全通信服务使用所述虚拟专用网络通信链路 。