Systems and methods for secured web application data traffic
US-2019229900-A1 · Jul 25, 2019 · US
Embedded virtual private network
US11190490B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-11190490-B2 |
| Application number | US-201816149686-A |
| Country | US |
| Kind code | B2 |
| Filing date | Oct 2, 2018 |
| Priority date | Oct 2, 2018 |
| Publication date | Nov 30, 2021 |
| Grant date | Nov 30, 2021 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Connecting to an unsecured wired or wireless network poses severe security and privacy risks. An individual application such as a mobile online banking application address this by using point to point private network connections. Browsers, however, generally do not use point to point private network connections and depend on the target website to establish a secure connection. Providing a secure connection that is the default for all network access and that encrypts all over the air or over the wire traffic mitigates these risks. However, virtual client networks (VPNs) client applications can be difficult to set up and need to be always on to ensure that all network activity is secure. By embedding a VPN capability and automating the connection process, a safe and secure network connection can be made available to users of computing devices. An embedded private connect VPN system may use Domain Name Server (DNS) functionality to determine which data or content streams are to be transmitted through a generated private connect VPN tunnel.
First claim
Opening claim text (preview).
What is claimed is: 1. A virtual private network device comprising: a processor; a memory unit storing computer-executable instructions, which when executed by the processor, cause the virtual private network device to: generate a DNS request; encrypt the DNS request; transmit the encrypted DNS request through a virtual private network tunnel to a data center; receive an encrypted data packet from the data center through the virtual private network tunnel; decrypt the received encrypted data packet, the decrypted data packet including an IP address associated with the DNS request and an indication as to whether traffic associated with the IP address should be sent through the virtual private network tunnel; and using the IP address, transmit a request for content through the virtual private network tunnel or transmit the request for content outside of the virtual private network tunnel, depending on the indication. 2. The virtual private network device of claim 1 , wherein the traffic associated with the IP address includes streaming content. 3. The virtual private network device of claim 2 , wherein the streaming content is not routed through the virtual private network tunnel. 4. The virtual private network device of claim 1 , wherein the traffic associated with the IP address includes user data. 5. The virtual private network device of claim 4 , wherein the user data is transmitted through the virtual private network tunnel. 6. A method comprising: generating a DNS request; encrypting the DNS request; transmitting the encrypted DNS request through a virtual private network tunnel to a data center; receiving an encrypted data packet from the data center through the virtual private network tunnel; decrypting the received encrypted data packet, the decrypted data packet including an IP address associated with the DNS request and an indication as to whether traffic associated with the IP address should be sent through the virtual private network tunnel; and using the IP address, transmitting a request for content through the virtual private network tunnel or transmitting the request for content outside of the virtual private network tunnel, depending on the indication. 7. The method of claim 6 , wherein the traffic associated with the IP address includes streaming content. 8. The method of claim 7 , wherein the streaming content is not routed through the virtual private network tunnel. 9. The method of claim 6 , wherein the traffic associated with the IP address includes user data. 10. The method of claim 9 , wherein the user data is transmitted through the virtual private network tunnel. 11. A method comprising: receiving an encrypted DNS request through a virtual private network tunnel; decrypting the received encrypted DNS request; resolving the decrypted DNS request to an IP address of a serving service; generating a data packet comprising the IP address and an indication as to whether traffic associated with the IP address should be sent through the virtual private network tunnel; encrypting the data packet; and transmitting the encrypted data packet through the virtual private network tunnel. 12. The method of claim 11 , further comprising determining a point of presence located at first data center based on the IP address. 13. The method of claim 12 , further comprising monitoring traffic associated with the point of presence. 14. The method of claim 13 , further comprising: determining that the monitored traffic received at the point of presence is above a threshold; and based upon the determination that the monitored traffic is above the threshold, routing traffic to a second point of presence through a backhaul channel. 15. The method of claim 14 , wherein the second point of presence is located at a second data center. 16. The method of claim 11 , further comprising analyzing DNS requests for IP addresses that pose security risks. 17. The method of claim 16 , further comprising blocking IP addresses that pose the security risks. 18. The method of claim 11 , further comprising generating a white list including IP addresses of services known to be streaming content delivery sites. 19. The method of claim 18 , further comprising determining the indication as to whether traffic associated with the IP address should be sent through the virtual private network tunnel based in part on contents of the white list. 20. The method of claim 19 , further comprising: monitoring activity through the virtual private network tunnel for potential security breaches; and displaying the monitored activity.
Assignees
Inventors
Classifications
using domain name system [DNS] · CPC title
wherein the data content is protected, e.g. by encrypting or encapsulating the payload · CPC title
- H04L63/0272Primary
Virtual private networks · CPC title
Firewall traversal, e.g. tunnelling or, creating pinholes · CPC title
Event detection, e.g. attack signature detection · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11190490B2 cover?
- Connecting to an unsecured wired or wireless network poses severe security and privacy risks. An individual application such as a mobile online banking application address this by using point to point private network connections. Browsers, however, generally do not use point to point private network connections and depend on the target website to establish a secure connection. Providing a secur…
- Who is the assignee on this patent?
- Allstate Insurance Co
- What technology area does this patent fall under?
- Primary CPC classification H04L63/0272. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Nov 30 2021 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 4 related publications on this page (citations in our corpus or others sharing the same primary CPC).