IDiyas

For the Inventor, By the Inventor

The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.

The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.

Patent No.:

US 7661131 B1

PDFFull Text
Date of Patent:
Feb. 09, 2010

Filed:

Feb. 03, 2005

Authentication of tunneled connections

Applicants:

Andrew Shaw, Liversedge, GB;

Michael Thomas Mcewen, Leeds, GB;

Karl Richard Burgess, Harrogate, GB;

Inventors:

Andrew Shaw, Liversedge, GB;

Michael Thomas McEwen, Leeds, GB;

Karl Richard Burgess, Harrogate, GB;

Assignee:

Sun Microsystems, Inc., Santa Clara, CA (US);

Attorney:

Osha • Liang LLP

Primary Examiner:

Kambiz Zand

Assistant Examiner:

Benjamin A Kaplan

Int. Cl.
CPC ...
G06F 9/00 (2006.01); G06F 15/16 (2006.01); G06F 17/00 (2006.01); G06F 15/177 (2006.01); G06F 15/17 (2006.01);
U.S. Cl.
CPC ...
Abstract

Systems and methods are described for authentication of tunneled connections. A method includes establishing a first connection (C) from an inner agent to an outer agent including making a first TCP connection from the inner agent to the outer agent, negotiating a first SSL/TLS session (SSLSession) between the inner agent and the outer agent over the first TCP connection and applying the second SSL/TLS session (SSLSession) between the inner agent and the outer agent over the first TCP connection; establishing a second connection (C) from a client and the outer agent including making a second TCP connection from the client to the outer agent, negotiating a second SSL/TLS session (SSLSession) between the client and the outer agent over the second TCP connection and applying the second SSL/TLS session (SSLSession) between the client and the outer agent over the second TCP connection; and then negotiating a third SSL/TLS session (SSLSession) between the client and the inner agent via both the first SSL/TLS session (SSLSession) and the second SSL/TLS session (SSLSession) and applying the third SSL/TLS session (SSLSession) between the client and the inner agent layered over both the first SSL/TLS session (SSLSession) and the second SSL/TLS session (SSLSession), wherein negotiating the second SSL/TLS session (SSLSession) includes verifying at the outer agent that the client possesses a certificate signed with a certificate associated with the inner agent.

Find Patent Forward Citations

Loading…