Unlock instant, AI-driven research and patent intelligence for your innovation.

Systems and methods for providing secure access to services

A server and client terminal technology, applied in the transmission system, wireless communication, electrical components, etc., can solve problems such as the inability to establish a VPN connection, the limitation of the ability of users to install proprietary software, the exposure of communication networks and users, etc.

Active Publication Date: 2017-04-05
BLACKBERRY LTD
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0019] In settings, such as when the client is running from a restricted platform (such as the iPhone TM ) while establishing a VPN connection, the user's ability to install proprietary software is also limited
Therefore, depending on this setup, users may not be able to establish a VPN connection to a network that utilizes a proprietary implementation of the IPsec protocol
[0020] In addition, restricted platforms (such as iPhone TM ) may also restrict the user's ability to use certain features of the IPsec protocol suite, for example, a restricted platform may only allow VPN connections in transport mode
Therefore, according to this setup, the communication network and the user's identity are exposed

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Systems and methods for providing secure access to services
  • Systems and methods for providing secure access to services
  • Systems and methods for providing secure access to services

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0052] Embodiments described herein relate to the establishment of a virtual private network (VPN) between an originating terminal and a private network based on authentication and communication key agreement performed by an entity located outside the private network. More specifically, embodiments relate to mediating the establishment of a VPN session between a client and a server such that the originating terminal or client is authenticated at the mediating global server entity for secure access provided by the terminating terminal, private network or server. Serve. The processing involved in VPN session establishment is described in detail below, but first refer to figure 1 Describe the overview of the network environment, figure 1 A block diagram is shown illustrating a conventional communication network 101 over which a secure VPN connection is established between an originating terminal 102 or remote access client and a private network 105 . Additionally, a description...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The present invention discloses a system and method for certification access provided to the initiative (102) provided by the terminal (105) provided by the terminal (105) through the communication network.In one aspect, the global server (201) includes a communication module, and its reception and processing of key exchange from initiating terminals to initiate a message (501) to establish an encrypted communication channel with the termination of the terminal.The communication module responds to the key exchange of the receiving key exchange, and the encrypted communication is initiated for the receiving key exchange.The establishment of the encrypted communication includes the certification initiation terminal (503); and when the terminal is successfully certified (504), the key generation data corresponding to the receiving key is sent to the termination terminal (505)To.The key generation data is identified based on the data associated with the initiated terminal.The invention can be used in IKE / IPSEC VPN connection.

Description

technical field [0001] The invention discloses a system and method for providing authorized user access to services on a server. Background technique [0002] A Virtual Private Network (VPN) is a communications environment that controls access to allow clients to connect. A VPN creates a private area of ​​computer communication and / or provides a secure extension of a private network via an insecure communication network, such as the Internet. [0003] Internet Protocol Security (IPsec), Layer 2 Tunneling Protocol (L2TP) and Secure Sockets Layer (SSL) are encryption protocols used to establish a VPN over a communication network such as the Internet to ensure secure access to authorized users in the VPN instances of data and services. [0004] SSL is an application layer protocol, and uses a combination of public key and symmetric key encryption to make data packets secure. SSL protects data sent between communicating hosts, but does not protect the identities of communicat...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
CPCH04L63/0272H04L63/0428H04L63/06H04L63/08H04L63/164H04L63/0485H04L63/061H04L63/0884H04L63/0892H04L63/205H04W92/02
Inventor 尼克·翁尼蒂什·约翰朱利安·孙
Owner BLACKBERRY LTD