Method and Apparatus for Using Software Defined Networking and Network Function Virtualization to Secure Residential Networks
US-2017180382-A1 · Jun 22, 2017 · US
System and method for intercepting encrypted traffic and indicating network status
US10348764B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-10348764-B2 |
| Application number | US-201715636279-A |
| Country | US |
| Kind code | B2 |
| Filing date | Jun 28, 2017 |
| Priority date | Jun 28, 2017 |
| Publication date | Jul 9, 2019 |
| Grant date | Jul 9, 2019 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A computer-implemented method for notifying a client application of an event by preventing the setup of a TLS (Transport Layer Security) secure connection between the client application and a destination server is provided. The method comprises receiving a client Hello message from a client application directed to the destination server, preventing the client Hello message from reaching the destination server, constructing a server Hello message such that the message appears to originate from the destination server, constructing a dummy certificate containing the event, constructing a Certificate message that includes the dummy certificate and appears to originate from the destination server, and transmitting the server Hello message and the Certificate message to the client application.
First claim
Opening claim text (preview).
What is claimed is: 1. A computer-implemented method for notifying a client application of an event by preventing the setup of a TLS (Transport Layer Security) secure connection between the client application and a destination server, the method comprising: receiving a client Hello message from a client application directed to the destination server; preventing the client Hello message from reaching the destination server; constructing a server Hello message such that the message appears to originate from the destination server; constructing a dummy certificate containing the event; constructing a Certificate message that includes the dummy certificate and appears to originate from the destination server; and transmitting the server Hello message and the Certificate message to the client application, wherein the transmitting comprises transmitting the dummy certificate to a client application that is configured to interpret the included event in the dummy certificate. 2. The method of claim 1 , wherein the client application communicates over a wireless carrier network and the method is implemented in a P-GW (packet data network gateway) or GGSN (gateway GPRS support node). 3. The method of claim 1 , wherein the client application communicates over a wireless carrier network and the method is implemented in a network node responsible for traffic detection. 4. The method of claim 1 , wherein the client application communicates over the Internet and the method is implemented in an internet service provider network node responsible for traffic detection. 5. The method of claim 1 , wherein the included event is a notification that a client has exceeded its data credit. 6. The method of claim 1 , wherein the included event is a notification that a client is out of its network and roaming. 7. The method of claim 1 , wherein the included event is a notification that a contract service term has expired. 8. The method of claim 1 , wherein the included event is a notification that a network has insufficient resources. 9. The method of claim 1 , wherein the included event is a notification to a client to perform a specific action. 10. A network system for notifying a client application of an event by preventing the setup of a TLS (transport layer security) secure connection between the client application and a destination server, the system comprising: one or more processors; non-transient computer readable media encoded with programming instructions configurable to cause the one or more processors to implement a method comprising: receiving a client Hello message from a client application directed to the destination server; preventing the client Hello message from reaching the destination server; constructing a server Hello message such that the message appears to originate from the destination server; constructing a dummy certificate containing the event; constructing a Certificate message that includes the dummy certificate and appears to originate from the destination server; and transmitting the server Hello message and the Certificate message to the client application, wherein the transmitting comprises transmitting the dummy certificate to a client application that is configured to interpret the included event in the dummy certificate. 11. The network system of claim 10 , wherein the client application communicates over a wireless carrier network and the method is implemented in a P-GW (packet data network gateway), a GGSN (gateway GPRS support node), or a network node responsible for traffic detection. 12. The network system of claim 10 , wherein the client application communicates over the Internet and the method is implemented in an internet service provider network node responsible for traffic detection. 13. The network system of claim 10 , wherein the included event is a notification that a client has exceeded its data credit, a notification that a client is out of its network and roaming, a notification that a contract service term has expired, or a notification that a network has insufficient resources. 14. The network system of claim 10 , wherein the client application communicates over a wireless carrier network and the method is implemented in a network node responsible for traffic detection. 15. The network system of claim 10 , wherein the included event is a notification to a client to perform a specific action. 16. A method in a client application for receiving notification of an event, the method comprising: transmitting a client Hello message to a destination server; receiving a server Hello message and Certificate message from a network device that has: prevented the client Hello message from reaching the destination server; constructed the server Hello message such that the message appears to originate from the destination server; constructed a dummy certificate containing the event; constructed a Certificate message which includes the dummy certificate and appears to originate from the destination server; and transmitted the server Hello message and the Certificate message to the client application; validating the dummy certificate received in the Certificate message; failing server authentication due to unknown Certificate; and interpreting the included event in the dummy certificate. 17. The method of claim 16 , wherein the client application communicates over a wireless carrier network and the network device comprises a P-GW (packet data network gateway), a GGSN (gateway GPRS support node), or a network node responsible for traffic detection. 18. The method of claim 16 , wherein the client application communicates over the Internet and the method is implemented in an internet service provider network node responsible for traffic detection. 19. The method of claim 16 , wherein the included event is a notification that a client has exceeded its data credit, a notification that a contract service term has expired, a notification that a client is out of its network and roaming, or a notification that a network has insufficient resources. 20. The method of claim 16 , wherein the included event is a notification to a client to perform a specific action.
Assignees
Inventors
Classifications
Electricity · mapped topic
Electricity · mapped topic
received data contents, e.g. message integrity · CPC title
in the transport layer [OSI layer 4] (H04L69/16 takes precedence) · CPC title
Proxies · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US10348764B2 cover?
- A computer-implemented method for notifying a client application of an event by preventing the setup of a TLS (Transport Layer Security) secure connection between the client application and a destination server is provided. The method comprises receiving a client Hello message from a client application directed to the destination server, preventing the client Hello message from reaching the des…
- Who is the assignee on this patent?
- Gm Global Tech Operations Llc
- What technology area does this patent fall under?
- Primary CPC classification H04L63/0823. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Jul 09 2019 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 3 related publications on this page (citations in our corpus or others sharing the same primary CPC).