US2013290704A1PendingUtilityA1

Automated operation and security system for virtual private networks

53
Assignee: RPX CORPPriority: Jul 24, 1998Filed: Jun 28, 2013Published: Oct 31, 2013
Est. expiryJul 24, 2018(expired)· nominal 20-yr term from priority
H04L 63/0823H04L 63/0272
53
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

A node device provides secure communication services over a data network, to multiple computers that are coupled through the node device and multiple other node devices. The node device includes a network communication interface for coupling the node device to the data network, a data storage containing cryptographic information including information that is unique to the node device, a tunneling communication service coupled to the network interface configured to maintaining an encrypted communication tunnel with each of multiple other node devices using the cryptographic information, a routing database for holding routing data and a router coupled to the tunneling communication service and to the routing database. The router can pass communication from one communication tunnel to another. A centralized server can be used to control the node devices in a centralized manner, thereby reducing or eliminating on-site administration of node devices.

Claims

exact text as granted — not AI-modified
What is claimed is: 
     
         1 . A method of configuring and authenticating a node device, the method comprising:
 at a manufacturing facility, generating a public key and a private key in the node device;   storing the private key by the node device in a protected non-volatile storage;   providing the public key to the manufacturing facility, by the node device;   generating a public key certificate that includes the node device's public key and is signed with a private key associated with the manufacturing facility, by the manufacturing facility;   providing the public key certificate to the node device, by the manufacturing facility;   storing the certificate in nonvolatile storage, by the node device;   providing an authentication chain to the node device for authenticating the certificates of other node devices, by the manufacturing facility;   storing the authentication chain in nonvolatile storage, by the node device;   deploying the node device;   the node device authenticating itself to other node devices and servers by using said private key to sign messages and sending the signed messages and the public key certificate to the other node devices or servers, said other node device or server then authenticating the public key certificate using a second authentication chain of the other node devices or servers and confirming the messages were signed using the private key corresponding to the public key in the public key certificate; and   additional node devices and servers authenticating to the node device by using private keys of the additional node devices and servers to sign messages and sending signed messages and the public key certificates to the node device, the node device then authenticating the public key certificates using the authentication chain of the node device and confirming that, for each additional node device or server, the messages were signed using the private key corresponding to the public key in the public key certificate.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.