Systems and methods for multi-protocol translation
US-2015067188-A1 · Mar 5, 2015 · US
Dynamically hardening communications having insecure protocols
US12301623B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-12301623-B2 |
| Application number | US-202017096675-A |
| Country | US |
| Kind code | B2 |
| Filing date | Nov 12, 2020 |
| Priority date | Jul 1, 2020 |
| Publication date | May 13, 2025 |
| Grant date | May 13, 2025 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
In various examples, communications having insecure protocols are dynamically hardened. For example, communications that are formatted in an outdated or otherwise insecure version of a protocol (e.g., sent by a device aged out of a service window) may be isolated within a network, converted to an updated protocol format, or any combination thereof. These systems and methods may be implemented on a general purpose network device (e.g., a hub of a Local Area Network (LAN)).
First claim
Opening claim text (preview).
What is claimed is: 1. A computer-implemented method comprising: receiving one or more first network communications sent from a source device to a destination device using a first network communication protocol format; transmitting, to the destination device, one or more second network communications converted to a second network communication protocol format, the transmitting being based at least on a predefined order for iteratively selecting different formats from a plurality of formats and for iteratively sending the one or more second network communications to the destination device using the different formats until, responsive to the transmitting, a first indication is received that the destination device has received the one or more second network communications converted to the second network communication protocol format; based at least on the receiving of the first indication, recording in one or more log entries, a second indication that the second network communication protocol format is supported by the destination device; based at least on the receiving of the one or more first network communications in the first network communication protocol format, selecting the second network communication protocol format based at least on verifying, using the second indication in the one or more log entries, that the second network communication protocol format is supported by the destination device; and transmitting, to the destination device, the one or more first network communications converted to the second network communication protocol format based at least on the verifying indicating the second network communication protocol format is supported by the destination device. 2. The computer-implemented method of claim 1 , wherein the transmitting of the one or more second network communications converted to the second network communication protocol format is based at least on receiving a bounce back responsive to transmitting, to the destination device, the one or more second network communications converted to a third network communication protocol format. 3. The computer-implemented method of claim 1 , wherein the first indication includes a response, from the destination device, to the transmitting of the one or more second network communications converted to the second network communication protocol format. 4. The computer-implemented method of claim 1 , comprising encapsulating the one or more first network communications having the first network communication protocol format with a wrapper using the second network communication protocol format to convert the one or more first network communications to the second network communication protocol format. 5. The computer-implemented method of claim 1 , wherein the different formats correspond to different protocol versions of a same protocol. 6. The computer-implemented method of claim 1 , wherein the one or more second network communications are sent from the source device to the destination device. 7. The computer-implemented method of claim 1 , wherein the second network communication protocol format corresponds to a newer version of the first network communication protocol format based at least on determining that a third format corresponding to a different network communication protocol than the first network communication protocol format is not supported by the destination device. 8. The computer-implemented method of claim 1 , further comprising responsive to the receiving of the one or more first network communications and based at least on determining the one or more first network communications are in the first network communication protocol format, assigning at least one communication channel of the source device to one or more of a: a Virtual Private Network (VPN), a Virtual Local Area Network (VLAN), a subnetwork of an internal network, or a micro-VPN. 9. The computer-implemented method of claim 1 , wherein the predefined order corresponds to relative ages of protocols corresponding to the different formats. 10. The computer-implemented method of claim 1 , further comprising, based at least on the recording, configuring security rules that specify subsequent communications sent by the source device to the destination device are to be converted to the second network communication protocol format. 11. The computer-implemented method of claim 5 , the predefined order corresponds to successively older protocol versions. 12. The computer-implemented method of claim 8 , wherein the source device is on a Local Area Network (LAN) with at least one other device, and the assigning of the at least one communication channel isolates the source device from the at least one other device on the LAN. 13. A system comprising: one or more processing units to perform a method comprising: receiving one or more first network communications sent from a source device to a destination device using a first network communication protocol format; transmitting, to the destination device, one or more second network communications converted to a second network communication protocol format, the transmitting being based at least on a predefined order for iteratively selecting different formats from a plurality of formats and for iteratively sending the one or more second network communications to the destination device using the different formats until, responsive to the transmitting, a first indication is received that the destination device has received the one or more second network communications converted to the second network communication protocol format; based at least on the receiving of the first indication, recording in one or more log entries, a second indication that the second network communication protocol format is supported by the destination device; based at least on the receiving of the one or more first network communications in the first network communication protocol format, selecting the second network communication protocol format based at least on verifying, using the second indication in the one or more log entries, that the second network communication protocol format is supported by the destination device; and transmitting, to the destination device, the one or more first network communications converted to the second network communication protocol format based at least on the verifying indicating the second network communication protocol format is supported by the destination device. 14. The system of claim 13 , wherein the one or more processing units are of a hub, a repeater, a bridge, a switch, a router, a gateway, or a bridge router. 15. The system of claim 13 , wherein the one or more processing units and the source device are on a local area network (LAN). 16. The system of claim 13 , wherein the verifying is based at least on determining, using one or more test communications transmitted to the destination device in the second network communication protocol format, that a third format is not supported by the destination device. 17. The system of claim 13 , further comprising, based at least on the recording, configuring security rules that specify subsequent communications sent by the source device to the destination device are to be converted to the second network communication protocol format. 18. A processor comprising: one or more circuits to: receive one or more first network communications sent from a source device to a destination device using a first network communication protocol format; transmit, to the destination device, one or more second network communications converted
Assignees
Inventors
Classifications
Protocols for interworking; Protocol conversion · CPC title
based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint · CPC title
Multiprotocol handlers, e.g. single devices capable of handling multiple protocols · CPC title
for managing network security; network security policies in general (filtering policies H04L63/0227) · CPC title
- H04L63/166Primary
at the transport layer · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US12301623B2 cover?
- In various examples, communications having insecure protocols are dynamically hardened. For example, communications that are formatted in an outdated or otherwise insecure version of a protocol (e.g., sent by a device aged out of a service window) may be isolated within a network, converted to an updated protocol format, or any combination thereof. These systems and methods may be implemented o…
- Who is the assignee on this patent?
- Nvidia Corp
- What technology area does this patent fall under?
- Primary CPC classification H04L63/166. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue May 13 2025 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).