PatentsDB

Secure connection for a remote device through a mobile application

US9817968B2 · US · B2

Patent metadata
FieldValue
Publication numberUS-9817968-B2
Application numberUS-201213664507-A
CountryUS
Kind codeB2
Filing dateOct 31, 2012
Priority dateOct 31, 2012
Publication dateNov 14, 2017
Grant dateNov 14, 2017

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

  1. Title

    What the patent document calls the invention.

  2. Abstract

    A short plain-language summary of the technical disclosure.

  3. Assignees and inventors

    Who owns or filed the patent and who is credited as inventor.

  4. Key dates

    Filing, priority, publication, and grant dates set the timeline.

  5. First independent claim

    The legal scope of protection — read this for what is actually claimed.

  6. CPC / IPC classifications

    Technology tags used to group this patent with similar filings.

  7. Citations and related patents

    Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

Virtual machines in a network may be isolated by encrypting transmissions between the virtual machines with keys possessed only by an intended recipient. Within a network, the virtual machines may be logically organized into a number of community-of-interest (COI) groups. Each COI may use an encryption key to secure communications within the COI, such that only other virtual machines in the COI may decrypt the message. Remote devices may gain access to virtual machines in a network through a virtual device relay. The virtual device relay receives data from the remote device, such as a tablet or cellular phone, and forwards the data to one of the virtual machines, when the virtual device relay shares a COI with the destination virtual machine.

First claim

Opening claim text (preview).

What is claimed is: 1. A method, comprising: initiating, by a remote device, a secure connection to a router executing in a virtual machine of a server; transmitting, through the secure connection, data to the router designated for a host and/or appliance on a shared network with the router; routing the transmitted data from the router to a virtual device relay on the shared network; and forwarding the routed data from the virtual device relay to the designated host and/or appliance only when the designated host and/or appliance has the same administrator-assigned community-of-interest as the virtual device relay. 2. The method of claim 1 , in which the step of initiating the secure connection comprises initiating a virtual private network (VPN) connection. 3. The method of claim 2 , in which the step of transmitting the data comprises transmitting data over an IPsec connection. 4. The method of claim 1 , further comprising initiating, by the remote device, a connection to a broker before initiating the connection to the router. 5. The method of claim 4 , further comprises transmitting user credentials to the broker. 6. The method of claim 5 , in which the user credentials are associated with the community-of-interest. 7. The method of claim 4 , in which initiating the connection to the broker comprises initiating a secure hypertext transfer protocol (HTTPS). 8. A computer program product comprising: a non-transitory computer-readable medium comprising: code to initiate, by a remote device, a secure connection to a router executing in a virtual machine of a server; code to transmit, through the secure connection, data to the router designated for a host and/or appliance on a shared network with the router; code to route the transmitted data from the router to a virtual device relay on the shared network; and code to forward the routed data from the virtual device relay to the designated host and/or appliance only when the designated host and/or appliance has the same administrator-assigned community-of-interest as the virtual device relay. 9. The computer program product of claim 8 , in which the medium further comprises code to initiate a virtual private network (VPN) connection. 10. The computer program product of claim 9 , in which the medium further comprises code to transmit data over an IPsec connection. 11. The computer program product of claim 9 , in which the medium further comprises code to initiate, by the remote device, a connection to a broker before initiating the connection to the router. 12. The computer program product of claim 11 , in which the medium further comprises code to transmit user credentials to the broker. 13. The computer program product of claim 12 , in which the user credentials are associated with the community-of-interest. 14. The computer program product of claim 11 , in which the medium further comprises code to initiate a secure hypertext transfer protocol (HTTPS). 15. An apparatus, comprising: a memory; a processor coupled to the memory, in which the processor is configured: to initiate a secure connection to a router executing in a virtual machine of a server; to transmit, through the secure connection, data to the router designated for a host and/or appliance on a shared network with the router; to route the transmitted data from the router to a virtual device relay on the shared network; and to forward the routed data from the virtual device relay to the designated host and/or appliance only when the designated host and/or appliance has the same administrator-assigned community-of-interest as the virtual device relay. 16. The apparatus of claim 15 , in which the processor is further configured to initiate a virtual private network (VPN) connection. 17. The apparatus of claim 16 , in which the processor is further configured to transmit data over an IPsec connection. 18. The apparatus of claim 15 , in which the processor is further configured to initiate a connection to a broker before initiating the connection to the router. 19. The apparatus of claim 15 , in which the processor is further configured to transmit user credentials to the broker, in which the user credentials are associated with the community-of-interest. 20. The apparatus of claim 15 , in which the processor is further configured to initiate a secure hypertext transfer protocol (HTTPS).

Assignees

Inventors

Classifications

  • H04L63/104

    Grouping of entities · CPC title

  • G06F21/53Primary

    by executing in a restricted environment, e.g. sandbox or secure virtual machine · CPC title

  • H04L63/0272

    Virtual private networks · CPC title

  • H04L63/168

    above the transport layer · CPC title

  • H04L63/164

    at the network layer · CPC title

Patent family

Related publications grouped by family.

View patent family 49578570

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US9817968B2 cover?
Virtual machines in a network may be isolated by encrypting transmissions between the virtual machines with keys possessed only by an intended recipient. Within a network, the virtual machines may be logically organized into a number of community-of-interest (COI) groups. Each COI may use an encryption key to secure communications within the COI, such that only other virtual machines in the COI…
Who is the assignee on this patent?
Unisys Corp
What technology area does this patent fall under?
Primary CPC classification G06F21/53. Mapped technology areas include Physics.
When was this patent published?
Publication date Tue Nov 14 2017 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?
We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).