CA2467988C - System and method for initiating secure network connection from a client to a network host - Google Patents

System and method for initiating secure network connection from a client to a network host

Info

Publication number
CA2467988C
CA2467988C CA 2467988 CA2467988A CA2467988C CA 2467988 C CA2467988 C CA 2467988C CA 2467988 CA2467988 CA 2467988 CA 2467988 A CA2467988 A CA 2467988A CA 2467988 C CA2467988 C CA 2467988C
Authority
CA
Grant status
Grant
Patent type
Prior art keywords
client
proxy
data
network
server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CA 2467988
Other languages
French (fr)
Other versions
CA2467988A1 (en )
Inventor
Steven J. Mccarthy
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
TeamOn Systems Inc
Original Assignee
TeamOn Systems Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Grant date

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0471Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload applying encryption by an intermediary, e.g. receiving clear information at the intermediary and encrypting the received information at the intermediary before forwarding
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/166Implementing security features at a particular protocol layer at the transport layer

Abstract

A secure network connection is initiated from a client that transmits only unencrypted data, such as plaintext. A proxy is connected to the client and operable for receiving unencrypted data from the client and encrypting the data using secure sockets layer (SSL) protocol. It forwards the encrypted data to the network server, which can receive and transmit encrypted data.

Description

SYSTEM AND METHOD FOR INITIATING SECURE
NETWORK CONNECTION FROM A CLIENT TO A NETWORK HOST
Field of the Invention This invention relates to electronic mail systems, and more particularly, this invention relates to providing a secure network connection from a client to a network host.
Background of the Invention When dealing with sensitive data, it is a real-world requirement that all transmission of sensitive data over a public network, such as the internet, be conducted over a secured communications channel. The defacto standard for a secured communications channel over the internet is an encrypted transmission control protocol (TCP) connection known as Secure Sockets Layer (SSL), or alternatively, as the Transport Layer Security (TLS) protocol. The SSL protocol operates above the Transport Control Protocol/Internet Protocol (TCP/IP) layer, but below the Hypertext Transfer Protocol (HTTP). SSL establishes a secure session between a web client and server and encrypts all data passed between the client and server at the IP socket level.
In secure communications using SSL protocol, browsers and servers authenticate each other and encrypt any data transmitted during a session. A client can verify that a web server is authentic before it submits confidential information, and a web server can verify a user is authentic before granting a user access to sensitive information. Digital certificates could be required. Usually, a one-way authentication is only required for the client or server to obtain a key to encrypt data. For example, a client could contact the server, which forwards a certificate signed by a certificate of authority. The client could use the web server's public key to open the certificate.
SSL uses a handshake protocol and record protocol. The record protocol defines the format for transmitting data. The handshake protocol establishes the SSL
connection and determines the parameters used during the communication, including what is required to authenticate a server to a client. It also could allow a client and a server to select a cryptographic algorithm or cipher to support or authenticate a client to a server and use public key encryption techniques to generate shared secrets and establish a secured connection.

Adding SSL support to existing and new applications can be difficult or impossible depending on various factors. For example, on certain computing platforms, it is not possible to use advanced, high performance features, such as multiplexed asynchronous input/output and SSL in the same application. Some prior art proposals "wrap"
an SSL
layer around inbound connections to a well-known network location. There are, however, no corresponding solutions to secure outbound connections to arbitrary network locations.
One proposal set forth in published U.S. patent application no. 2002/0199098 receives encrypted network traffic and forwards the decrypted results to a server. An SSL
proxy server is positioned close to the server, for example, as part of the same computing cluster, to handle inbound connections. The SSL proxy server decrypts traffic and forwards the decrypted package to a predetermined location. The system is limited to preconfigured destinations. Published U.S. patent application nos.
2003/0014623 and 2003/0014628 propose similar solutions. A client sends encrypted packets to a proxy, which decrypts them, forwards the package to the server, and reverses the process for unencrypted packets from the server back to the client.
These proposals are not acceptable if a client can only transmit unencrypted packets.

Summary of the Invention It is therefore an object of the present invention to provide a system and method that allows a client unable to encrypt data to establish a secure connection with a server that is able to communicate over a secured network connection.
The present invention allows a client computer that is not operable to initiate an SSL session on its own to establish a secure connection with a host, such as a POP, IMAP
or web server, even though there are no preconfigured limitations on the destination of the connection. As part of the initiation sequence of an outbound connection, a client first privately communicates the destination host name and internet protocol (IP) port number to an SSL proxy. As a result, there is no requirement to preconfigure any destination for forwarded packets. The SSL proxy is not initially transparent and requires the client to communicate a desired destination to the SSL proxy. The client sends unencrypted packets. The SSL proxy encrypts the packets and forwards these encrypted packets to the arbitrary server specified at the time the unencrypted connection is established.

In accordance with one aspect of the present invention, a system of the present invention is operable for initiating a secure network connection when a client is operable for transmitting only unencrypted data. A network server is operable to receive data from the client and operable to communicate with clients in a secure manner. A
proxy is connected to the client and operable for receiving unencrypted data from the client and encrypting the data using the Secure Sockets Layer (SSL) protocol and forwarding the encrypted data to the network server. The client is typically operable for transmitting only unencrypted data to the designated network host through a designated internet protocol (IP) port number of the network host. The proxy is connected to the client and close to the client such as part of a data center and receives from the client the unencrypted data, a destination host name for the network host to be communicated, and the internet protocol (IP) port number.
In another aspect of the present invention, the SSL protocol comprises a transport layer security (TLS) protocol. The data transmitted from the client is typically unencrypted text data. The proxy is typically a proxy server and closely associated with the client. The proxy is operative for establishing a Transport Control Protocol (TCP), end-to-end connection between the client and the host, such as a network server. The host as a network server typically could be a POP, IMAP or web server, but could be other server types. The proxy is typically operative for closing its connection with one of the server or client after one of the server or client closes its connection. The client could be formed as a mobile device.
In yet another aspect of the invention, there is provided a system for initiating a secure network connection comprising a client operable for transmitting only unencrypted data; a network server operable to receive data from the client and operable to communicate in a secure manner; and a proxy connected to the client and operable for receiving unencrypted data from the client and encrypting the data using secure sockets layer (SSL) protocol and forwarding the encrypted data to the network server on a designated port number based on a destination host name and port number provided by the client to the proxy.
In yet another aspect, there is provided a system for initiating a secure network connection between a client and network host comprising a client operable for transmitting only unencrypted data to a designated network host through a designated internet protocol (IP) port number of the network host; and a proxy connected to the client and operable for receiving from the client the unencrypted data, a destination host name for the network host, and internet protocol (IP) port number, and encrypting the data using secure sockets layer (SSL) protocol and forwarding the encrypted data to the network host on a designated port number based on a destination host name and port number provided by the client to the proxy.
In yet another aspect, there is provided a system for initiating a secure network connection between a client and network host comprising a client operable for transmitting only unencrypted data to a designated network host through a designated internet protocol (IP) port number of the network host; and a proxy connected to the client and operable for receiving from the client the unencrypted data, a destination host name for the network host, and internet protocol (IP) port number and encrypting the data using secure sockets layer (SSL) protocol, and forwarding the encrypted data to the network host on a designated port number based on a destination host name and port number provided by the client to the proxy, said proxy also operative for receiving encrypted data from the network host and decrypting the data for transmission to the client.
In yet another aspect, there is provided a method for initiating a secure network connection comprising the steps of receiving at a proxy connected to a client unsecured data from the client wherein the client is operable for transmitting only unencrypted data;
and initiating a secure connection from the proxy to a designed network host using secure sockets layer (SSL) protocol and forwarding the encrypted data to the network host on a designated port number based on a destination host name and port number provided by the client to the proxy.

In yet another aspect of the invention, there is provided a method for initiating a secure network connection comprising the steps of receiving at a proxy from a client that can transmit only unencrypted data as unsecured data, a destination host name location for a desired network host server, and a designated internet protocol (IP) port number for communication therewith; and initiating a secure connection from the proxy to the desired network host using secure sockets layer (SSL) protocol via the designated port number and forwarding encrypted data to a network server on a designated port number based on a destination host name and port number provided by the client to the proxy.
In yet another aspect, there is provided a method for initiating a secure network connection comprising the steps of receiving at a proxy unsecured data from a client that is operable for transmitting only unencrypted data; initiating a secure connection from the 3a proxy to a network host using secure sockets layer (SSL) protocol on a designated port number based on a destination host name and port number provided by the client to the proxy; receiving at the proxy secure data in a SSL protocol from the network host;
decrypting the secure data at the proxy; and transmitting the decrypted data from the proxy to the client based on a destination host name and port number provided by the client to the proxy.
A method aspect of the invention is also set forth in detail.
Brief Description of the Drawings Other objects, features and advantages of the present invention will become apparent from the detailed description of the invention which follows, when considered in light of the accompanying drawings in which:

FIG. 1 is a block diagram showing prior art client-server encrypted communications, for example, by using Secure Sockets Layer (SSL) protocol.
FIG. 2 is a block diagram showing use of a prior art, SSL proxy for port 993 and IMAP4 over SSL in a 443 port connection using the internet mail access protocol (IMAP).
3b FIG. 3 is a block diagram showing the SSL proxy in the system of the present invention, which allows a plaintext client to initiate a secure connection with an arbitrary host.
FIG. 4 is a high level flow chart illustrating an example of the method of the present invention.
FIG. 5 is a more detailed flow chart illustrating an example of the sequence and steps for initiating a secure connection with a host from a client that is operable for transmitting only unencrypted data.
FIG. 6 is a schematic block diagram illustrating an exemplary mobile wireless communications device for use in the present invention.

Detailed Description of the Preferred Embodiments The present invention will now be described more fully hereinafter with reference to the accompanying drawings, in which preferred embodiments of the invention are shown. This invention may, however, be embodied in many different forms and should not be construed as limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the invention to those skilled in the art. Like numbers refer to like elements throughout, and prime notation is used to indicate similar elements in alternative embodiments.
The present invention provides a system and method that initiates secure network connections to arbitrary hosts, in which the client that initiates the connection typically does not have the capability to perform encryption and related functions. The present invention solves the prior art problem of securing outbound connections to an arbitrary network location, such as a network host on a web server, by introducing an intermediate, Secure Socket Layer (SSL) enabled proxy server. Rather than attempting to connect directly to an SSL network service as in many prior art proposals, in the present invention, the client connects to the SSL proxy server that is typically associated close to the client, such as part of a data center as a non-limiting example. The client provides the network host name and TCP port number to the SSL proxy, which then initiates a secure connection to the specified network host on the specified TCP port number.
From that time onward, the SSL proxy is transparent to communications between the client and the SSL site, for example, the network server or web server. The SSL proxy can provide on-the-fly encryption of outbound packets and decryption of inbound packets. The client application typically only requires a minimal change to its software and can be maintained in a more simple manner than other more complicated systems, since it can continue to do network communications in plaintext.
The present invention solves the problem associated with many prior art solutions and proposals that "wrap" SSL security around a fixed network location. These prior art solutions typically work only for network connections to known, fixed network locations, and must have fixed network locations pre-programmed into a configuration before the solutions are run. When the solutions are running, there is no way to add, remove, or change a network destination without stopping the service, reprogramming a configuration, and restarting the service. There is also no dynamic capability to initiate a connection to a run time determined network location. The present invention can have the network destination specified at run time because it has no limitation as to which network hosts it can communicate with.
FIG. 1 illustrates a prior art secure communications system 10, which initiates a secure connection between a client 12 and host, such as a web server or other service provider via the internet 16. The client 12 is SSL enabled and establishes an encrypted connection to the service provider 14 using a TCP connection via the internet 16. In some prior art proposals as described above, an SSL proxy is used for buffering or other purposes. FIG. 2 shows a prior art SSL proxy 20 and IMAP service 22 that can communicate via port 993 and port 443 for S-IMAP and IMAP4 over SSL. This type of arrangement has been proposed and in use by some providers.
It should be understood that the SSL protocol includes two sub-protocols, i.e., an SSL record protocol and SSL handshake protocol. The record protocol defines the format to transmit data, and the handshake protocol establishes the connection and determines the parameters used during the SSL communication session. The SSL communication protocol and the SSL handshake protocol can authenticate a server to a client, allow a client and server to select a cryptographic algorithm or cipher to support, authenticate a client to the server, and use public key encryption techniques to generate shared secrets and establish a secured connection.
Some prior art proposals have used an SSL protocol and SSL proxy to receive encrypted data from a client and provide buffering, such as in published U.S.
patent application no. 2002/0199098. The SSL proxy, however, still receives encrypted network traffic from a client and forwards the encrypted results to a server. The SSL
proxy in these types of proposals are transparent proxies. Clients have no knowledge of the proxy's presence.
In the present invention, on the other hand, the SSL proxy is not altogether transparent and requires the client to communicate a desired destination to the SSL proxy.
In the present invention, an SSL proxy is designed to be deployed close to the client, such as part of a data center for initiating outbound connections, as compared to the published publication and other prior art proposals that have SSL proxies deployed close to the server, for example, as part of the same computing cluster to handle inbound connections.
There is also no requirement in the present invention to preconfigure any destination for forwarded packets. Also, in most prior art proposals, a client computer is operable to initiate an SSL session and send packets with encrypted payloads. In the present claimed invention, however, the SSL proxy is specifically designed for client computers that are not operable to initiate an SSL session on their own. The present invention allows a client to send unencrypted packets, while the SSL proxy encrypts and forwards the packet to an arbitrary server specified at the time the encrypted connection is established.
FIG. 3 is an overall high level block diagram of an example of the system 30 of the present invention. The internet 32 is the vehicle for encrypted network connections between a client 34 and various service providers 36, 38, 40, such as different network servers or web servers listed as servicel.com, service2.com and service3.com.
Although the internet is shown, it should be understood that the present invention is not limited only to internet communications, but can be used with different intranets and other types of networks. The client 34 in this example has an application that is able to transmit only plaintext. The client could be part of a data center 42, which includes the SSL proxy 44 of the present invention. Although the SSL proxy 44 is shown as part of the data center, which includes the client 34, it should be understood that the SSL proxy 44 does not have to be part of any client associated data center, but could be part of any system that is associated with the client. The present invention would also permit use of asynchronous input/output in JAVA programming environment. The client could also be a wireless, mobile communications device, such as a hand-held Blackberry unit.
FIG. 4 illustrates a high level block diagram of one example of the method of the present invention that can be used with the system shown in FIG. 3. As illustrated, the client application opens a socket for communication from the client to the SSL
proxy (block 100). The client transmits the destination host name and port number to the SSL
proxy (block 102), which then opens the SSL connection to the host via the port (block 104). The SSL proxy shuttles bytes to the host using the SSL connection (block 106).
FIG. 5 illustrates another flow chart and greater details of a representative example of the method of the present invention that can be used with the system shown in FIG. 3.
The client first opens a TCP connection to the SSL proxy (block 110). The client informs the SSL proxy which network host and port number is used to initiate a secure connection (block 112). The SSL proxy opens a secure connection to the destination host (block 114).
The SSL proxy is at this point transparent either client or server may send data to each other, in any order. There is no requirement that the initial data be sent from client to server, although the description will proceed with the client sending data to the server.
The SSL proxy receives plaintext data from the client during the communication session (block 116). It should be understood that plaintext data refers to "not encrypted." The SSL proxy encrypts the plaintext data and forwards the encrypted plaintext data to the host, for example, a service provider or other web server (block 118). The SSL
proxy receives encrypted traffic from the service provider, for example, the web server (block 120). The SSL proxy decrypts the received data from the server (block 122).
The decrypted data is forwarded to the client (block 124). When the client or server closes its respective connection (block 126), the SSL proxy forwards this event by closing its corresponding connection (block 128).
It should be understood that the software and programming used for the present invention can vary, and different applications can be used to accomplish the purpose and functions of the present invention. Many types of web service technology can be used, including different application services used by those skilled in the art. Web services could include a combination of programming and data, which are available from a web server for web users, or the use of other web-connected programs as provided by an application service provider. Web services could use an extensible mark-up language (XML) as a standard for formatting data to be communicated.
Different communication arrangements could be used, including peer-to-peer, use of a central server, or other architecture and communication systems, including middleware. Data formats could be standardized and data exchanged using an extensive mark-up language (XML), which is the foundation for the web services description language (WSDL). Different web servers could also be used, including the open source Apache or Microsoft's Internet Information Server (IIS). Other web services could include Novell's web server for users of its netware operating system or the IBM family of Lotus Domino service, for example, for IBM's OS/390 and AS/400 customers.
Any web server could download requests for File Transfer Protocol (FTP) files.
Different servers could include a Messaging Application Programming Interface (MAPI) and provide an Application Programming Interface (API). Configuration data objects and format data objects could be generated using an extensible mark-up language (XML) for submission to various XML-compliant web services. Any server and web service could be a Simple Object Access Protocol (SOAP) compliant service. SOAP would allow one program running in one kind of operating system to communicate with a program in the same or another type of operating system by using HTTP and XML for information exchange.
ActiveX controls could be used as Component Object Models (COM) and provide a framework for building software components that communicate with each other.
ActiveX controls could be automatically downloaded and executed by a web browser.
Distributed object applications could be built in active web pages and ActiveX
controls could be downloaded to different browsers and client. ActiveX controls could be held in a web browser as a container and distributed over an internet or corporate intranet. ActiveX
controls could also manage and update web content and client systems and work closely with a user interface of a targeted operating system. JAVA objects or similar component objects could be used instead of ActiveX controls. An object model control could also be any type of Dynamic Link Library (DLL) module that runs in a container.
An exemplary hand-held mobile wireless communications device 1000 that can be used in the present invention is further described in the example below with reference to FIG. 6. The device 1000 includes a housing 1200, a keyboard 1400 and an output device 1600. The output device shown is a display 1600, which is preferably a full graphic LCD.
Other types of output devices may alternatively be utilized. A processing device 1800 is contained within the housing 1200 and is coupled between the keyboard 1400 and the display 1600. The processing device 1800 controls the operation of the display 1600, as well as the overall operation of the mobile device 1000, in response to actuation of keys on the keyboard 1400 by the user.
The housing 1200 may be elongated vertically, or may take on other sizes and shapes (including clamshell housing structures). The keyboard may include a mode selection key, or other hardware or software for switching between text entry and telephony entry.
In addition to the processing device 1800, other parts of the mobile device 1000 are shown schematically in FIG. 6. These include a communications subsystem 1001;
a short-range communications subsystem 1020; the keyboard 1400 and the display 1600, along with other input/output devices 1060, 1080, 1100 and 1120; as well as memory devices 1160, 1180 and various other device subsystems 1201. The mobile device 1000 is preferably a two-way RF communications device having voice and data communications capabilities. In addition, the mobile device 1000 preferably has the capability to communicate with other computer systems via the Internet.
Operating system software executed by the processing device 1800 is preferably stored in a persistent store, such as the flash memory 1160, but may be stored in other types of memory devices, such as a read only memory (ROM) or similar storage element.
In addition, system software, specific device applications, or parts thereof, may be temporarily loaded into a volatile store, such as the random access memory (RAM) 1180.
Communications signals received by the mobile device may also be stored in the RAM
1180.
The processing device 1800, in addition to its operating system functions, enables execution of software applications 1300A-1300N on the device 1000. A
predetermined set of applications that control basic device operations, such as data and voice communications 1300A and 1300B, may be installed on the device 1000 during manufacture. In addition, a personal information manager (PIM) application may be installed during manufacture. The PIM is preferably capable of organizing and managing data items, such as e-mail, calendar events, voice mails, appointments, and task items.
The PIM application is also preferably capable of sending and receiving data items via a wireless network 1401. Preferably, the PIM data items are seamlessly integrated, synchronized and updated via the wireless network 1401 with the device user's corresponding data items stored or associated with a host computer system.
Communication functions, including data and voice communications, are performed through the communications subsystem 1001, and possibly through the short-range communications subsystem. The communications subsystem 1001 includes a receiver 1500, a transmitter 1520, and one or more antennas 1540 and 1560. In addition, the communications subsystem 1001 also includes a processing module, such as a digital signal processor (DSP) 1580, and local oscillators (LOs) 1601. The specific design and implementation of the communications subsystem 1001 is dependent upon the communications network in which the mobile device 1000 is intended to operate.
For example, a mobile device 1000 may include a communications subsystem 1001 designed to operate with the MobitexTM, Data TACTM or General Packet Radio Service (GPRS) mobile data communications networks, and also designed to operate with any of a variety of voice communications networks, such as AMPS, TDMA, CDMA, PCS, GSM, etc.
Other types of data and voice networks, both separate and integrated, may also be utilized with the mobile device 1000.
Network access requirements vary depending upon the type of communication system. For example, in the Mobitex and DataTAC networks, mobile devices are registered on the network using a unique personal identification number or PIN
associated with each device. In GPRS networks, however, network access is associated with a subscriber or user of a device. A GPRS device therefore requires a subscriber identity module, commonly referred to as a SIM card, in order to operate on a GPRS
network.
When required network registration or activation procedures have been completed, the mobile device 1000 may send and receive communications signals over the communication network 1401. Signals received from the communications network by the antenna 1540 are routed to the receiver 1500, which provides for signal amplification, frequency down conversion, filtering, channel selection, etc., and may also provide analog to digital conversion. Analog-to-digital conversion of the received signal allows the DSP 1580 to perform more complex communications functions, such as demodulation and decoding. In a similar manner, signals to be transmitted to the network 1401 are processed (e.g. modulated and encoded) by the DSP 1580 and are then provided to the transmitter 1520 for digital to analog conversion, frequency up conversion, filtering, amplification and transmission to the communication network 1401 (or networks) via the antenna 1560.
In addition to processing communications signals, the DSP 1580 provides for control of the receiver 1500 and the transmitter 1520. For example, gains applied to communications signals in the receiver 1500 and transmitter 1520 may be adaptively controlled through automatic gain control algorithms implemented in the DSP
1580.
In a data communications mode, a received signal, such as a text message or web page download, is processed by the communications subsystem 1001 and is input to the processing device 1800. The received signal is then further processed by the processing device 1800 for an output to the display 1600, or alternatively to some other auxiliary I/O
device 1060. A device user may also compose data items, such as e-mail messages, using the keyboard 1400 and/or some other auxiliary I/O device 1060, such as a touchpad, a rocker switch, a thumb-wheel, or some other type of input device. The composed data items may then be transmitted over the communications network 1401 via the communications subsystem 1001.
In a voice communications mode, overall operation of the device is substantially similar to the data communications mode, except that received signals are output to a speaker 1100, and signals for transmission are generated by a microphone 1120.
Alternative voice or audio I/O subsystems, such as a voice message recording subsystem, may also be implemented on the device 1000. In addition, the display 1600 may also be utilized in voice communications mode, for example to display the identity of a calling party, the duration of a voice call, or other voice call related information.
The short-range communications subsystem enables communication between the mobile device 1000 and other proximate systems or devices, which need not necessarily be similar devices. For example, the short-range communications subsystem may include an infrared device and associated circuits and components, or a BluetoothTM
communications module to provide for communication with similarly-enabled systems and devices.
It is evident that the present claimed invention is advantageous and overcomes the prior art proposals that are designed to wrap SSL security around a fixed network location.
The present invention is specifically able to have the network destination specified at run time because it has no limitation as to which network hosts it can communicate. The present invention is suitable when the client is operable only to transmit unencrypted data, and cannot use SSL protocol. A secure network connection can now be established for SSL protocol communication.
Many modifications and other embodiments of the invention will come to the mind of one skilled in the art having the benefit of the teachings presented in the foregoing descriptions and the associated drawings. Therefore, it is understood that the invention is not to be limited to the specific embodiments disclosed, and that modifications and embodiments are intended to be included within the scope of the appended claims.

Claims (46)

1. A system for initiating a secure network connection comprising:
a client operable for transmitting only unencrypted data;
a network server operable to receive data from the client and operable to communicate in a secure manner; and a proxy connected to the client and operable for receiving unencrypted data from the client and encrypting the data using secure sockets layer (SSL) protocol and forwarding the encrypted data to the network server on a designated port number based on a destination host name and port number provided by the client to the proxy.
2. A system according to Claim 1, wherein said SSL protocol comprises a transport layer security (TLS) protocol.
3. A system according to Claim 1, wherein said data transmitted from said client comprises unencrypted text data.
4. A system according to Claim 1, wherein said proxy comprises a proxy server.
5. A system according to Claim 1, wherein said proxy is operative for establishing a transport control protocol (TCP) end-to-end connection between said client and said network server.
6. A system according to Claim 1, wherein said network server comprises one of a POP, IMAP or web server.
7. A system according to Claim 1, wherein said proxy is operative for closing its connection with one of the server or client after one of the server or client closes its connection.
8. A system according to Claim 1, wherein said client comprises a mobile device.
9. A system for initiating a secure network connection between a client and network host comprising:
a client operable for transmitting only unencrypted data to a designated network host through a designated internet protocol (IP) port number of the network host; and a proxy connected to the client and operable for receiving from the client the unencrypted data, a destination host name for the network host, and internet protocol (IP) port number, and encrypting the data using secure sockets layer (SSL) protocol and forwarding the encrypted data to the network host on a designated port number based on a destination host name and port number provided by the client to the proxy.
10. A system according to Claim 9, and further comprising a network server operative as the network host.
11. A system according to Claim 10, wherein said network server comprises one of a POP, IMAP or web server.
12. A system according to Claim 9, wherein said SSL protocol comprises a transport layer security (TLS) protocol.
13. A system according to Claim 9, wherein said data transmitted from said client comprises unencrypted text data.
14. A system according to Claim 9, wherein said proxy comprises a proxy server.
15. A system according to Claim 9, wherein said proxy is operative for establishing a transport control protocol (TCP) end-to-end connection between said client and a network host.
16. A system according to Claim 9, wherein said proxy is operative for decrypting encrypted data received from a network.
17. A system according to Claim 9, wherein said proxy is operative for closing its connection with one of the server or client after one of the server or client closes its connection.
18. A system according to Claim 9, wherein said client comprises a mobile device.
19. A system for initiating a secure network connection between a client and network host comprising:
a client operable for transmitting only unencrypted data to a designated network host through a designated internet protocol (IP) port number of the network host; and a proxy connected to the client and operable for receiving from the client the unencrypted data, a destination host name for the network host, and internet protocol (EP) port number and encrypting the data using secure sockets layer (SSL) protocol, and forwarding the encrypted data to the network host on a designated port number based on a destination host name and port number provided by the client to the proxy, said proxy also operative for receiving encrypted data from the network host and decrypting the data for transmission to the client.
20. A system according to Claim 19, and further comprising a network server operative as the network host.
21. A system according to Claim 20, wherein said network server comprises one of a POP, IMAP or web server.
22. A system according to Claim 19, wherein said SSL protocol comprises a transport layer security (TLS) protocol.
23. A system according to Claim 19, wherein said data transmitted from said client comprises unencrypted text data.
24. A system according to Claim 19, wherein said proxy comprises a proxy server.
25. A system according to Claim 19, wherein said proxy is operative for establishing a transport control protocol (TCP) end-to-end connection between said client and said network host.
26. A system according to Claim 19, wherein said proxy is operative for closing its connection with one of the server or client after one of the server or client closes its connection.
27. A system according to Claim 19, wherein said client comprises a mobile device.
28. A method for initiating a secure network connection comprising the steps of:
receiving at a proxy connected to a client unsecured data from the client wherein the client is operable for transmitting only unencrypted data; and initiating a secure connection from the proxy to a designed network host using secure sockets layer (SSL) protocol and forwarding the encrypted data to the network host on a designated port number based on a destination host name and port number provided by the client to the proxy.
29. A method according to Claim 28, wherein said client comprises a mobile device.
30. A method according to Claim 28, and further comprising the step of initiating a secure connection from the proxy to a network server as the network host.
31. A method according to Claim 28, and further comprising the step of opening a transmit control protocol (TCP) connection from the client to the proxy.
32. A method according to Claim 28, and further comprising the step of transmitting unencrypted text data to the proxy and encrypting the text data using SSL
protocol.
33. A method according to Claim 28, wherein said predetermined network location comprises one of a POP, IMAP or web server.
34. A method according to Claim 28, wherein said unsecured data received at the proxy comprises plaintext data.
35. A method for initiating a secure network connection comprising the steps of:
receiving at a proxy from a client that can transmit only unencrypted data as unsecured data, a destination host name location for a desired network host server, and a designated internet protocol (IP) port number for communication therewith; and initiating a secure connection from the proxy to the desired network host using secure sockets layer (SSL) protocol via the designated port number and forwarding encrypted data to a network server on a designated port number based on a destination host name and port number provided by the client to the proxy.
36. A method according to Claim 35, wherein said client comprises a mobile device.
37. A method according to Claim 36, and further comprising the step of opening a transmit control protocol (TCP) connection from the client to the proxy.
38. A method according to Claim 36, and further comprising the step of transmitting unencrypted text data to the proxy and encrypting the text data using SSL
protocol.
39. A method according to Claim 36, wherein said predetermined network host comprises one of a POP, IMAP or web server.
40. A method according to Claim 36, wherein said unsecured data received at the proxy comprises plaintext data.
41. A method for initiating a secure network connection comprising the steps of:
receiving at a proxy unsecured data from a client that is operable for transmitting only unencrypted data;
initiating a secure connection from the proxy to a network host using secure sockets layer (SSL) protocol on a designated port number based on a destination host name and port number provided by the client to the proxy;
receiving at the proxy secure data in a SSL protocol from the network host;
decrypting the secure data at the proxy; and transmitting the decrypted data from the proxy to the client based on a destination host name and port number provided by the client to the proxy.
42. A method according to Claim 41, wherein said client comprises a mobile device.
43. A method according to Claim 41, and further comprising the step of opening a transmit control protocol (TCP) connection from the client to the proxy.
44. A method according to Claim 41, and further comprising the step of transmitting unencrypted text data to the proxy and encrypting the text data using SSL
protocol.
45. A method according to Claim 41, wherein said network host comprises one of a POP, IMAP or web server.
46. A method according to Claim 41, wherein said unsecured data received at the proxy comprises plaintext data.
CA 2467988 2004-05-21 2004-05-21 System and method for initiating secure network connection from a client to a network host Active CA2467988C (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CA 2467988 CA2467988C (en) 2004-05-21 2004-05-21 System and method for initiating secure network connection from a client to a network host

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CA 2467988 CA2467988C (en) 2004-05-21 2004-05-21 System and method for initiating secure network connection from a client to a network host

Publications (2)

Publication Number Publication Date
CA2467988A1 true CA2467988A1 (en) 2005-11-21
CA2467988C true CA2467988C (en) 2010-11-30

Family

ID=35453726

Family Applications (1)

Application Number Title Priority Date Filing Date
CA 2467988 Active CA2467988C (en) 2004-05-21 2004-05-21 System and method for initiating secure network connection from a client to a network host

Country Status (1)

Country Link
CA (1) CA2467988C (en)

Cited By (98)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9312919B1 (en) 2014-10-21 2016-04-12 At&T Intellectual Property I, Lp Transmission device with impairment compensation and methods for use therewith
US9461706B1 (en) 2015-07-31 2016-10-04 At&T Intellectual Property I, Lp Method and apparatus for exchanging communication signals
US9467870B2 (en) 2013-11-06 2016-10-11 At&T Intellectual Property I, L.P. Surface-wave communications and methods thereof
US9479266B2 (en) 2013-12-10 2016-10-25 At&T Intellectual Property I, L.P. Quasi-optical coupler
US9490869B1 (en) 2015-05-14 2016-11-08 At&T Intellectual Property I, L.P. Transmission medium having multiple cores and methods for use therewith
US9503189B2 (en) 2014-10-10 2016-11-22 At&T Intellectual Property I, L.P. Method and apparatus for arranging communication sessions in a communication system
US9509415B1 (en) 2015-06-25 2016-11-29 At&T Intellectual Property I, L.P. Methods and apparatus for inducing a fundamental wave mode on a transmission medium
US9520945B2 (en) 2014-10-21 2016-12-13 At&T Intellectual Property I, L.P. Apparatus for providing communication services and methods thereof
US9525210B2 (en) 2014-10-21 2016-12-20 At&T Intellectual Property I, L.P. Guided-wave transmission device with non-fundamental mode propagation and methods for use therewith
US9525524B2 (en) 2013-05-31 2016-12-20 At&T Intellectual Property I, L.P. Remote distributed antenna system
US9531427B2 (en) 2014-11-20 2016-12-27 At&T Intellectual Property I, L.P. Transmission device with mode division multiplexing and methods for use therewith
US9564947B2 (en) 2014-10-21 2017-02-07 At&T Intellectual Property I, L.P. Guided-wave transmission device with diversity and methods for use therewith
US9577307B2 (en) 2014-10-21 2017-02-21 At&T Intellectual Property I, L.P. Guided-wave transmission device and methods for use therewith
US9608740B2 (en) 2015-07-15 2017-03-28 At&T Intellectual Property I, L.P. Method and apparatus for launching a wave mode that mitigates interference
US9608692B2 (en) 2015-06-11 2017-03-28 At&T Intellectual Property I, L.P. Repeater and methods for use therewith
US9615269B2 (en) 2014-10-02 2017-04-04 At&T Intellectual Property I, L.P. Method and apparatus that provides fault tolerance in a communication network
US9628116B2 (en) 2015-07-14 2017-04-18 At&T Intellectual Property I, L.P. Apparatus and methods for transmitting wireless signals
US9628854B2 (en) 2014-09-29 2017-04-18 At&T Intellectual Property I, L.P. Method and apparatus for distributing content in a communication network
US9640850B2 (en) 2015-06-25 2017-05-02 At&T Intellectual Property I, L.P. Methods and apparatus for inducing a non-fundamental wave mode on a transmission medium
US9653770B2 (en) 2014-10-21 2017-05-16 At&T Intellectual Property I, L.P. Guided wave coupler, coupling module and methods for use therewith
US9654173B2 (en) 2014-11-20 2017-05-16 At&T Intellectual Property I, L.P. Apparatus for powering a communication device and methods thereof
US9667317B2 (en) 2015-06-15 2017-05-30 At&T Intellectual Property I, L.P. Method and apparatus for providing security using network traffic adjustments
US9680670B2 (en) 2014-11-20 2017-06-13 At&T Intellectual Property I, L.P. Transmission device with channel equalization and control and methods for use therewith
US9685992B2 (en) 2014-10-03 2017-06-20 At&T Intellectual Property I, L.P. Circuit panel network and methods thereof
US9692101B2 (en) 2014-08-26 2017-06-27 At&T Intellectual Property I, L.P. Guided wave couplers for coupling electromagnetic waves between a waveguide surface and a surface of a wire
US9699785B2 (en) 2012-12-05 2017-07-04 At&T Intellectual Property I, L.P. Backhaul link for distributed antenna system
US9705571B2 (en) 2015-09-16 2017-07-11 At&T Intellectual Property I, L.P. Method and apparatus for use with a radio distributed antenna system
US9705561B2 (en) 2015-04-24 2017-07-11 At&T Intellectual Property I, L.P. Directional coupling device and methods for use therewith
US9722318B2 (en) 2015-07-14 2017-08-01 At&T Intellectual Property I, L.P. Method and apparatus for coupling an antenna to a device
US9729197B2 (en) 2015-10-01 2017-08-08 At&T Intellectual Property I, L.P. Method and apparatus for communicating network management traffic over a network
US9735833B2 (en) 2015-07-31 2017-08-15 At&T Intellectual Property I, L.P. Method and apparatus for communications management in a neighborhood network
US9742462B2 (en) 2014-12-04 2017-08-22 At&T Intellectual Property I, L.P. Transmission medium and communication interfaces and methods for use therewith
US9749013B2 (en) 2015-03-17 2017-08-29 At&T Intellectual Property I, L.P. Method and apparatus for reducing attenuation of electromagnetic waves guided by a transmission medium
US9748626B2 (en) 2015-05-14 2017-08-29 At&T Intellectual Property I, L.P. Plurality of cables having different cross-sectional shapes which are bundled together to form a transmission medium
US9749053B2 (en) 2015-07-23 2017-08-29 At&T Intellectual Property I, L.P. Node device, repeater and methods for use therewith
US9755697B2 (en) 2014-09-15 2017-09-05 At&T Intellectual Property I, L.P. Method and apparatus for sensing a condition in a transmission medium of electromagnetic waves
US9762289B2 (en) 2014-10-14 2017-09-12 At&T Intellectual Property I, L.P. Method and apparatus for transmitting or receiving signals in a transportation system
US9769020B2 (en) 2014-10-21 2017-09-19 At&T Intellectual Property I, L.P. Method and apparatus for responding to events affecting communications in a communication network
US9769128B2 (en) 2015-09-28 2017-09-19 At&T Intellectual Property I, L.P. Method and apparatus for encryption of communications over a network
US9780834B2 (en) 2014-10-21 2017-10-03 At&T Intellectual Property I, L.P. Method and apparatus for transmitting electromagnetic waves
US9793954B2 (en) 2015-04-28 2017-10-17 At&T Intellectual Property I, L.P. Magnetic coupling device and methods for use therewith
US9793955B2 (en) 2015-04-24 2017-10-17 At&T Intellectual Property I, Lp Passive electrical coupling device and methods for use therewith
US9793951B2 (en) 2015-07-15 2017-10-17 At&T Intellectual Property I, L.P. Method and apparatus for launching a wave mode that mitigates interference
US9800327B2 (en) 2014-11-20 2017-10-24 At&T Intellectual Property I, L.P. Apparatus for controlling operations of a communication device and methods thereof
US9820146B2 (en) 2015-06-12 2017-11-14 At&T Intellectual Property I, L.P. Method and apparatus for authentication and identity management of communicating devices
US9838896B1 (en) 2016-12-09 2017-12-05 At&T Intellectual Property I, L.P. Method and apparatus for assessing network coverage
US9836957B2 (en) 2015-07-14 2017-12-05 At&T Intellectual Property I, L.P. Method and apparatus for communicating with premises equipment
US9847566B2 (en) 2015-07-14 2017-12-19 At&T Intellectual Property I, L.P. Method and apparatus for adjusting a field of a signal to mitigate interference
US9847850B2 (en) 2014-10-14 2017-12-19 At&T Intellectual Property I, L.P. Method and apparatus for adjusting a mode of communication in a communication network
US9853342B2 (en) 2015-07-14 2017-12-26 At&T Intellectual Property I, L.P. Dielectric transmission medium connector and methods for use therewith
US9860075B1 (en) 2016-08-26 2018-01-02 At&T Intellectual Property I, L.P. Method and communication node for broadband distribution
US9865911B2 (en) 2015-06-25 2018-01-09 At&T Intellectual Property I, L.P. Waveguide system for slot radiating first electromagnetic waves that are combined into a non-fundamental wave mode second electromagnetic wave on a transmission medium
US9866309B2 (en) 2015-06-03 2018-01-09 At&T Intellectual Property I, Lp Host node device and methods for use therewith
US9871283B2 (en) 2015-07-23 2018-01-16 At&T Intellectual Property I, Lp Transmission medium having a dielectric core comprised of plural members connected by a ball and socket configuration
US9871282B2 (en) 2015-05-14 2018-01-16 At&T Intellectual Property I, L.P. At least one transmission medium having a dielectric surface that is covered at least in part by a second dielectric
US9876264B2 (en) 2015-10-02 2018-01-23 At&T Intellectual Property I, Lp Communication system, guided wave switch and methods for use therewith
US9876570B2 (en) 2015-02-20 2018-01-23 At&T Intellectual Property I, Lp Guided-wave transmission device with non-fundamental mode propagation and methods for use therewith
US9876605B1 (en) 2016-10-21 2018-01-23 At&T Intellectual Property I, L.P. Launcher and coupling system to support desired guided wave mode
US9882277B2 (en) 2015-10-02 2018-01-30 At&T Intellectual Property I, Lp Communication device and antenna assembly with actuated gimbal mount
US9882257B2 (en) 2015-07-14 2018-01-30 At&T Intellectual Property I, L.P. Method and apparatus for launching a wave mode that mitigates interference
US9893795B1 (en) 2016-12-07 2018-02-13 At&T Intellectual Property I, Lp Method and repeater for broadband distribution
US9904535B2 (en) 2015-09-14 2018-02-27 At&T Intellectual Property I, L.P. Method and apparatus for distributing software
US9906269B2 (en) 2014-09-17 2018-02-27 At&T Intellectual Property I, L.P. Monitoring and mitigating conditions in a communication network
US9912027B2 (en) 2015-07-23 2018-03-06 At&T Intellectual Property I, L.P. Method and apparatus for exchanging communication signals
US9912381B2 (en) 2015-06-03 2018-03-06 At&T Intellectual Property I, Lp Network termination and methods for use therewith
US9913139B2 (en) 2015-06-09 2018-03-06 At&T Intellectual Property I, L.P. Signal fingerprinting for authentication of communicating devices
US9912419B1 (en) 2016-08-24 2018-03-06 At&T Intellectual Property I, L.P. Method and apparatus for managing a fault in a distributed antenna system
US9911020B1 (en) 2016-12-08 2018-03-06 At&T Intellectual Property I, L.P. Method and apparatus for tracking via a radio frequency identification device
US9917341B2 (en) 2015-05-27 2018-03-13 At&T Intellectual Property I, L.P. Apparatus and method for launching electromagnetic waves and for modifying radial dimensions of the propagating electromagnetic waves
US9927517B1 (en) 2016-12-06 2018-03-27 At&T Intellectual Property I, L.P. Apparatus and methods for sensing rainfall
US9948354B2 (en) 2015-04-28 2018-04-17 At&T Intellectual Property I, L.P. Magnetic coupling device with reflective plate and methods for use therewith
US9948333B2 (en) 2015-07-23 2018-04-17 At&T Intellectual Property I, L.P. Method and apparatus for wireless communications to mitigate interference
US9954287B2 (en) 2014-11-20 2018-04-24 At&T Intellectual Property I, L.P. Apparatus for converting wireless signals and electromagnetic waves and methods thereof
US9967173B2 (en) 2015-07-31 2018-05-08 At&T Intellectual Property I, L.P. Method and apparatus for authentication and identity management of communicating devices
US9973940B1 (en) 2017-02-27 2018-05-15 At&T Intellectual Property I, L.P. Apparatus and methods for dynamic impedance matching of a guided wave launcher
US9991580B2 (en) 2016-10-21 2018-06-05 At&T Intellectual Property I, L.P. Launcher and coupling system for guided wave mode cancellation
US9999038B2 (en) 2013-05-31 2018-06-12 At&T Intellectual Property I, L.P. Remote distributed antenna system
US9997819B2 (en) 2015-06-09 2018-06-12 At&T Intellectual Property I, L.P. Transmission medium and method for facilitating propagation of electromagnetic waves via a core
US9998870B1 (en) 2016-12-08 2018-06-12 At&T Intellectual Property I, L.P. Method and apparatus for proximity sensing
US10009065B2 (en) 2012-12-05 2018-06-26 At&T Intellectual Property I, L.P. Backhaul link for distributed antenna system
US10009063B2 (en) 2015-09-16 2018-06-26 At&T Intellectual Property I, L.P. Method and apparatus for use with a radio distributed antenna system having an out-of-band reference signal
US10009901B2 (en) 2015-09-16 2018-06-26 At&T Intellectual Property I, L.P. Method, apparatus, and computer-readable storage medium for managing utilization of wireless resources between base stations
US10009067B2 (en) 2014-12-04 2018-06-26 At&T Intellectual Property I, L.P. Method and apparatus for configuring a communication interface
US10020844B2 (en) 2016-12-06 2018-07-10 T&T Intellectual Property I, L.P. Method and apparatus for broadcast communication via guided waves
US10020587B2 (en) 2015-07-31 2018-07-10 At&T Intellectual Property I, L.P. Radial antenna and methods for use therewith
US10027397B2 (en) 2016-12-07 2018-07-17 At&T Intellectual Property I, L.P. Distributed antenna system and methods for use therewith
US10033108B2 (en) 2015-07-14 2018-07-24 At&T Intellectual Property I, L.P. Apparatus and methods for generating an electromagnetic wave having a wave mode that mitigates interference
US10033107B2 (en) 2015-07-14 2018-07-24 At&T Intellectual Property I, L.P. Method and apparatus for coupling an antenna to a device
US10044409B2 (en) 2015-07-14 2018-08-07 At&T Intellectual Property I, L.P. Transmission medium and methods for use therewith
US10051483B2 (en) 2015-10-16 2018-08-14 At&T Intellectual Property I, L.P. Method and apparatus for directing wireless signals
US10051629B2 (en) 2015-09-16 2018-08-14 At&T Intellectual Property I, L.P. Method and apparatus for use with a radio distributed antenna system having an in-band reference signal
US10069535B2 (en) 2016-12-08 2018-09-04 At&T Intellectual Property I, L.P. Apparatus and methods for launching electromagnetic waves having a certain electric field structure
US10074890B2 (en) 2015-10-02 2018-09-11 At&T Intellectual Property I, L.P. Communication device and antenna with integrated light assembly
US10079661B2 (en) 2015-09-16 2018-09-18 At&T Intellectual Property I, L.P. Method and apparatus for use with a radio distributed antenna system having a clock reference
US10090606B2 (en) 2015-07-15 2018-10-02 At&T Intellectual Property I, L.P. Antenna system with dielectric array and methods for use therewith
US10090594B2 (en) 2016-11-23 2018-10-02 At&T Intellectual Property I, L.P. Antenna system having structural configurations for assembly
US10103422B2 (en) 2016-12-08 2018-10-16 At&T Intellectual Property I, L.P. Method and apparatus for mounting network devices
US10103801B2 (en) 2015-06-03 2018-10-16 At&T Intellectual Property I, L.P. Host node device and methods for use therewith

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2497940B (en) * 2011-12-21 2016-02-17 Eckoh Uk Ltd Method and apparatus for mediating communications

Cited By (145)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9788326B2 (en) 2012-12-05 2017-10-10 At&T Intellectual Property I, L.P. Backhaul link for distributed antenna system
US9699785B2 (en) 2012-12-05 2017-07-04 At&T Intellectual Property I, L.P. Backhaul link for distributed antenna system
US10009065B2 (en) 2012-12-05 2018-06-26 At&T Intellectual Property I, L.P. Backhaul link for distributed antenna system
US9999038B2 (en) 2013-05-31 2018-06-12 At&T Intellectual Property I, L.P. Remote distributed antenna system
US10051630B2 (en) 2013-05-31 2018-08-14 At&T Intellectual Property I, L.P. Remote distributed antenna system
US9930668B2 (en) 2013-05-31 2018-03-27 At&T Intellectual Property I, L.P. Remote distributed antenna system
US10091787B2 (en) 2013-05-31 2018-10-02 At&T Intellectual Property I, L.P. Remote distributed antenna system
US9525524B2 (en) 2013-05-31 2016-12-20 At&T Intellectual Property I, L.P. Remote distributed antenna system
US9674711B2 (en) 2013-11-06 2017-06-06 At&T Intellectual Property I, L.P. Surface-wave communications and methods thereof
US9467870B2 (en) 2013-11-06 2016-10-11 At&T Intellectual Property I, L.P. Surface-wave communications and methods thereof
US9661505B2 (en) 2013-11-06 2017-05-23 At&T Intellectual Property I, L.P. Surface-wave communications and methods thereof
US9794003B2 (en) 2013-12-10 2017-10-17 At&T Intellectual Property I, L.P. Quasi-optical coupler
US9479266B2 (en) 2013-12-10 2016-10-25 At&T Intellectual Property I, L.P. Quasi-optical coupler
US9876584B2 (en) 2013-12-10 2018-01-23 At&T Intellectual Property I, L.P. Quasi-optical coupler
US10096881B2 (en) 2014-08-26 2018-10-09 At&T Intellectual Property I, L.P. Guided wave couplers for coupling electromagnetic waves to an outer surface of a transmission medium
US9692101B2 (en) 2014-08-26 2017-06-27 At&T Intellectual Property I, L.P. Guided wave couplers for coupling electromagnetic waves between a waveguide surface and a surface of a wire
US9768833B2 (en) 2014-09-15 2017-09-19 At&T Intellectual Property I, L.P. Method and apparatus for sensing a condition in a transmission medium of electromagnetic waves
US9755697B2 (en) 2014-09-15 2017-09-05 At&T Intellectual Property I, L.P. Method and apparatus for sensing a condition in a transmission medium of electromagnetic waves
US10063280B2 (en) 2014-09-17 2018-08-28 At&T Intellectual Property I, L.P. Monitoring and mitigating conditions in a communication network
US9906269B2 (en) 2014-09-17 2018-02-27 At&T Intellectual Property I, L.P. Monitoring and mitigating conditions in a communication network
US9628854B2 (en) 2014-09-29 2017-04-18 At&T Intellectual Property I, L.P. Method and apparatus for distributing content in a communication network
US9615269B2 (en) 2014-10-02 2017-04-04 At&T Intellectual Property I, L.P. Method and apparatus that provides fault tolerance in a communication network
US9998932B2 (en) 2014-10-02 2018-06-12 At&T Intellectual Property I, L.P. Method and apparatus that provides fault tolerance in a communication network
US9973416B2 (en) 2014-10-02 2018-05-15 At&T Intellectual Property I, L.P. Method and apparatus that provides fault tolerance in a communication network
US9685992B2 (en) 2014-10-03 2017-06-20 At&T Intellectual Property I, L.P. Circuit panel network and methods thereof
US9866276B2 (en) 2014-10-10 2018-01-09 At&T Intellectual Property I, L.P. Method and apparatus for arranging communication sessions in a communication system
US9503189B2 (en) 2014-10-10 2016-11-22 At&T Intellectual Property I, L.P. Method and apparatus for arranging communication sessions in a communication system
US9762289B2 (en) 2014-10-14 2017-09-12 At&T Intellectual Property I, L.P. Method and apparatus for transmitting or receiving signals in a transportation system
US9973299B2 (en) 2014-10-14 2018-05-15 At&T Intellectual Property I, L.P. Method and apparatus for adjusting a mode of communication in a communication network
US9847850B2 (en) 2014-10-14 2017-12-19 At&T Intellectual Property I, L.P. Method and apparatus for adjusting a mode of communication in a communication network
US9564947B2 (en) 2014-10-21 2017-02-07 At&T Intellectual Property I, L.P. Guided-wave transmission device with diversity and methods for use therewith
US9577307B2 (en) 2014-10-21 2017-02-21 At&T Intellectual Property I, L.P. Guided-wave transmission device and methods for use therewith
US9571209B2 (en) 2014-10-21 2017-02-14 At&T Intellectual Property I, L.P. Transmission device with impairment compensation and methods for use therewith
US9705610B2 (en) 2014-10-21 2017-07-11 At&T Intellectual Property I, L.P. Transmission device with impairment compensation and methods for use therewith
US9876587B2 (en) 2014-10-21 2018-01-23 At&T Intellectual Property I, L.P. Transmission device with impairment compensation and methods for use therewith
US9912033B2 (en) 2014-10-21 2018-03-06 At&T Intellectual Property I, Lp Guided wave coupler, coupling module and methods for use therewith
US9577306B2 (en) 2014-10-21 2017-02-21 At&T Intellectual Property I, L.P. Guided-wave transmission device and methods for use therewith
US9871558B2 (en) 2014-10-21 2018-01-16 At&T Intellectual Property I, L.P. Guided-wave transmission device and methods for use therewith
US9596001B2 (en) 2014-10-21 2017-03-14 At&T Intellectual Property I, L.P. Apparatus for providing communication services and methods thereof
US9520945B2 (en) 2014-10-21 2016-12-13 At&T Intellectual Property I, L.P. Apparatus for providing communication services and methods thereof
US9312919B1 (en) 2014-10-21 2016-04-12 At&T Intellectual Property I, Lp Transmission device with impairment compensation and methods for use therewith
US9780834B2 (en) 2014-10-21 2017-10-03 At&T Intellectual Property I, L.P. Method and apparatus for transmitting electromagnetic waves
US9653770B2 (en) 2014-10-21 2017-05-16 At&T Intellectual Property I, L.P. Guided wave coupler, coupling module and methods for use therewith
US9954286B2 (en) 2014-10-21 2018-04-24 At&T Intellectual Property I, L.P. Guided-wave transmission device with non-fundamental mode propagation and methods for use therewith
US9627768B2 (en) 2014-10-21 2017-04-18 At&T Intellectual Property I, L.P. Guided-wave transmission device with non-fundamental mode propagation and methods for use therewith
US9525210B2 (en) 2014-10-21 2016-12-20 At&T Intellectual Property I, L.P. Guided-wave transmission device with non-fundamental mode propagation and methods for use therewith
US9960808B2 (en) 2014-10-21 2018-05-01 At&T Intellectual Property I, L.P. Guided-wave transmission device and methods for use therewith
US9769020B2 (en) 2014-10-21 2017-09-19 At&T Intellectual Property I, L.P. Method and apparatus for responding to events affecting communications in a communication network
US9948355B2 (en) 2014-10-21 2018-04-17 At&T Intellectual Property I, L.P. Apparatus for providing communication services and methods thereof
US9749083B2 (en) 2014-11-20 2017-08-29 At&T Intellectual Property I, L.P. Transmission device with mode division multiplexing and methods for use therewith
US9680670B2 (en) 2014-11-20 2017-06-13 At&T Intellectual Property I, L.P. Transmission device with channel equalization and control and methods for use therewith
US9742521B2 (en) 2014-11-20 2017-08-22 At&T Intellectual Property I, L.P. Transmission device with mode division multiplexing and methods for use therewith
US9531427B2 (en) 2014-11-20 2016-12-27 At&T Intellectual Property I, L.P. Transmission device with mode division multiplexing and methods for use therewith
US9544006B2 (en) 2014-11-20 2017-01-10 At&T Intellectual Property I, L.P. Transmission device with mode division multiplexing and methods for use therewith
US9712350B2 (en) 2014-11-20 2017-07-18 At&T Intellectual Property I, L.P. Transmission device with channel equalization and control and methods for use therewith
US9654173B2 (en) 2014-11-20 2017-05-16 At&T Intellectual Property I, L.P. Apparatus for powering a communication device and methods thereof
US9800327B2 (en) 2014-11-20 2017-10-24 At&T Intellectual Property I, L.P. Apparatus for controlling operations of a communication device and methods thereof
US9954287B2 (en) 2014-11-20 2018-04-24 At&T Intellectual Property I, L.P. Apparatus for converting wireless signals and electromagnetic waves and methods thereof
US10009067B2 (en) 2014-12-04 2018-06-26 At&T Intellectual Property I, L.P. Method and apparatus for configuring a communication interface
US9742462B2 (en) 2014-12-04 2017-08-22 At&T Intellectual Property I, L.P. Transmission medium and communication interfaces and methods for use therewith
US9876570B2 (en) 2015-02-20 2018-01-23 At&T Intellectual Property I, Lp Guided-wave transmission device with non-fundamental mode propagation and methods for use therewith
US9876571B2 (en) 2015-02-20 2018-01-23 At&T Intellectual Property I, Lp Guided-wave transmission device with non-fundamental mode propagation and methods for use therewith
US9749013B2 (en) 2015-03-17 2017-08-29 At&T Intellectual Property I, L.P. Method and apparatus for reducing attenuation of electromagnetic waves guided by a transmission medium
US9705561B2 (en) 2015-04-24 2017-07-11 At&T Intellectual Property I, L.P. Directional coupling device and methods for use therewith
US9793955B2 (en) 2015-04-24 2017-10-17 At&T Intellectual Property I, Lp Passive electrical coupling device and methods for use therewith
US9831912B2 (en) 2015-04-24 2017-11-28 At&T Intellectual Property I, Lp Directional coupling device and methods for use therewith
US9948354B2 (en) 2015-04-28 2018-04-17 At&T Intellectual Property I, L.P. Magnetic coupling device with reflective plate and methods for use therewith
US9793954B2 (en) 2015-04-28 2017-10-17 At&T Intellectual Property I, L.P. Magnetic coupling device and methods for use therewith
US9490869B1 (en) 2015-05-14 2016-11-08 At&T Intellectual Property I, L.P. Transmission medium having multiple cores and methods for use therewith
US9871282B2 (en) 2015-05-14 2018-01-16 At&T Intellectual Property I, L.P. At least one transmission medium having a dielectric surface that is covered at least in part by a second dielectric
US9748626B2 (en) 2015-05-14 2017-08-29 At&T Intellectual Property I, L.P. Plurality of cables having different cross-sectional shapes which are bundled together to form a transmission medium
US9887447B2 (en) 2015-05-14 2018-02-06 At&T Intellectual Property I, L.P. Transmission medium having multiple cores and methods for use therewith
US9917341B2 (en) 2015-05-27 2018-03-13 At&T Intellectual Property I, L.P. Apparatus and method for launching electromagnetic waves and for modifying radial dimensions of the propagating electromagnetic waves
US9967002B2 (en) 2015-06-03 2018-05-08 At&T Intellectual I, Lp Network termination and methods for use therewith
US9935703B2 (en) 2015-06-03 2018-04-03 At&T Intellectual Property I, L.P. Host node device and methods for use therewith
US9912381B2 (en) 2015-06-03 2018-03-06 At&T Intellectual Property I, Lp Network termination and methods for use therewith
US9912382B2 (en) 2015-06-03 2018-03-06 At&T Intellectual Property I, Lp Network termination and methods for use therewith
US10103801B2 (en) 2015-06-03 2018-10-16 At&T Intellectual Property I, L.P. Host node device and methods for use therewith
US10050697B2 (en) 2015-06-03 2018-08-14 At&T Intellectual Property I, L.P. Host node device and methods for use therewith
US9866309B2 (en) 2015-06-03 2018-01-09 At&T Intellectual Property I, Lp Host node device and methods for use therewith
US9997819B2 (en) 2015-06-09 2018-06-12 At&T Intellectual Property I, L.P. Transmission medium and method for facilitating propagation of electromagnetic waves via a core
US9913139B2 (en) 2015-06-09 2018-03-06 At&T Intellectual Property I, L.P. Signal fingerprinting for authentication of communicating devices
US9608692B2 (en) 2015-06-11 2017-03-28 At&T Intellectual Property I, L.P. Repeater and methods for use therewith
US10027398B2 (en) 2015-06-11 2018-07-17 At&T Intellectual Property I, Lp Repeater and methods for use therewith
US9820146B2 (en) 2015-06-12 2017-11-14 At&T Intellectual Property I, L.P. Method and apparatus for authentication and identity management of communicating devices
US9667317B2 (en) 2015-06-15 2017-05-30 At&T Intellectual Property I, L.P. Method and apparatus for providing security using network traffic adjustments
US9882657B2 (en) 2015-06-25 2018-01-30 At&T Intellectual Property I, L.P. Methods and apparatus for inducing a fundamental wave mode on a transmission medium
US9509415B1 (en) 2015-06-25 2016-11-29 At&T Intellectual Property I, L.P. Methods and apparatus for inducing a fundamental wave mode on a transmission medium
US10090601B2 (en) 2015-06-25 2018-10-02 At&T Intellectual Property I, L.P. Waveguide system and methods for inducing a non-fundamental wave mode on a transmission medium
US10069185B2 (en) 2015-06-25 2018-09-04 At&T Intellectual Property I, L.P. Methods and apparatus for inducing a non-fundamental wave mode on a transmission medium
US9787412B2 (en) 2015-06-25 2017-10-10 At&T Intellectual Property I, L.P. Methods and apparatus for inducing a fundamental wave mode on a transmission medium
US9640850B2 (en) 2015-06-25 2017-05-02 At&T Intellectual Property I, L.P. Methods and apparatus for inducing a non-fundamental wave mode on a transmission medium
US9865911B2 (en) 2015-06-25 2018-01-09 At&T Intellectual Property I, L.P. Waveguide system for slot radiating first electromagnetic waves that are combined into a non-fundamental wave mode second electromagnetic wave on a transmission medium
US10033108B2 (en) 2015-07-14 2018-07-24 At&T Intellectual Property I, L.P. Apparatus and methods for generating an electromagnetic wave having a wave mode that mitigates interference
US9882257B2 (en) 2015-07-14 2018-01-30 At&T Intellectual Property I, L.P. Method and apparatus for launching a wave mode that mitigates interference
US9853342B2 (en) 2015-07-14 2017-12-26 At&T Intellectual Property I, L.P. Dielectric transmission medium connector and methods for use therewith
US10044409B2 (en) 2015-07-14 2018-08-07 At&T Intellectual Property I, L.P. Transmission medium and methods for use therewith
US9929755B2 (en) 2015-07-14 2018-03-27 At&T Intellectual Property I, L.P. Method and apparatus for coupling an antenna to a device
US9847566B2 (en) 2015-07-14 2017-12-19 At&T Intellectual Property I, L.P. Method and apparatus for adjusting a field of a signal to mitigate interference
US10033107B2 (en) 2015-07-14 2018-07-24 At&T Intellectual Property I, L.P. Method and apparatus for coupling an antenna to a device
US9628116B2 (en) 2015-07-14 2017-04-18 At&T Intellectual Property I, L.P. Apparatus and methods for transmitting wireless signals
US9722318B2 (en) 2015-07-14 2017-08-01 At&T Intellectual Property I, L.P. Method and apparatus for coupling an antenna to a device
US9947982B2 (en) 2015-07-14 2018-04-17 At&T Intellectual Property I, Lp Dielectric transmission medium connector and methods for use therewith
US9836957B2 (en) 2015-07-14 2017-12-05 At&T Intellectual Property I, L.P. Method and apparatus for communicating with premises equipment
US10090606B2 (en) 2015-07-15 2018-10-02 At&T Intellectual Property I, L.P. Antenna system with dielectric array and methods for use therewith
US9608740B2 (en) 2015-07-15 2017-03-28 At&T Intellectual Property I, L.P. Method and apparatus for launching a wave mode that mitigates interference
US9793951B2 (en) 2015-07-15 2017-10-17 At&T Intellectual Property I, L.P. Method and apparatus for launching a wave mode that mitigates interference
US9948333B2 (en) 2015-07-23 2018-04-17 At&T Intellectual Property I, L.P. Method and apparatus for wireless communications to mitigate interference
US9912027B2 (en) 2015-07-23 2018-03-06 At&T Intellectual Property I, L.P. Method and apparatus for exchanging communication signals
US9806818B2 (en) 2015-07-23 2017-10-31 At&T Intellectual Property I, Lp Node device, repeater and methods for use therewith
US9749053B2 (en) 2015-07-23 2017-08-29 At&T Intellectual Property I, L.P. Node device, repeater and methods for use therewith
US10074886B2 (en) 2015-07-23 2018-09-11 At&T Intellectual Property I, L.P. Dielectric transmission medium comprising a plurality of rigid dielectric members coupled together in a ball and socket configuration
US9871283B2 (en) 2015-07-23 2018-01-16 At&T Intellectual Property I, Lp Transmission medium having a dielectric core comprised of plural members connected by a ball and socket configuration
US9967173B2 (en) 2015-07-31 2018-05-08 At&T Intellectual Property I, L.P. Method and apparatus for authentication and identity management of communicating devices
US9838078B2 (en) 2015-07-31 2017-12-05 At&T Intellectual Property I, L.P. Method and apparatus for exchanging communication signals
US9461706B1 (en) 2015-07-31 2016-10-04 At&T Intellectual Property I, Lp Method and apparatus for exchanging communication signals
US10020587B2 (en) 2015-07-31 2018-07-10 At&T Intellectual Property I, L.P. Radial antenna and methods for use therewith
US9735833B2 (en) 2015-07-31 2017-08-15 At&T Intellectual Property I, L.P. Method and apparatus for communications management in a neighborhood network
US9904535B2 (en) 2015-09-14 2018-02-27 At&T Intellectual Property I, L.P. Method and apparatus for distributing software
US10051629B2 (en) 2015-09-16 2018-08-14 At&T Intellectual Property I, L.P. Method and apparatus for use with a radio distributed antenna system having an in-band reference signal
US10009901B2 (en) 2015-09-16 2018-06-26 At&T Intellectual Property I, L.P. Method, apparatus, and computer-readable storage medium for managing utilization of wireless resources between base stations
US9705571B2 (en) 2015-09-16 2017-07-11 At&T Intellectual Property I, L.P. Method and apparatus for use with a radio distributed antenna system
US10009063B2 (en) 2015-09-16 2018-06-26 At&T Intellectual Property I, L.P. Method and apparatus for use with a radio distributed antenna system having an out-of-band reference signal
US10079661B2 (en) 2015-09-16 2018-09-18 At&T Intellectual Property I, L.P. Method and apparatus for use with a radio distributed antenna system having a clock reference
US9769128B2 (en) 2015-09-28 2017-09-19 At&T Intellectual Property I, L.P. Method and apparatus for encryption of communications over a network
US9729197B2 (en) 2015-10-01 2017-08-08 At&T Intellectual Property I, L.P. Method and apparatus for communicating network management traffic over a network
US10074890B2 (en) 2015-10-02 2018-09-11 At&T Intellectual Property I, L.P. Communication device and antenna with integrated light assembly
US9882277B2 (en) 2015-10-02 2018-01-30 At&T Intellectual Property I, Lp Communication device and antenna assembly with actuated gimbal mount
US9876264B2 (en) 2015-10-02 2018-01-23 At&T Intellectual Property I, Lp Communication system, guided wave switch and methods for use therewith
US10051483B2 (en) 2015-10-16 2018-08-14 At&T Intellectual Property I, L.P. Method and apparatus for directing wireless signals
US9912419B1 (en) 2016-08-24 2018-03-06 At&T Intellectual Property I, L.P. Method and apparatus for managing a fault in a distributed antenna system
US9860075B1 (en) 2016-08-26 2018-01-02 At&T Intellectual Property I, L.P. Method and communication node for broadband distribution
US9876605B1 (en) 2016-10-21 2018-01-23 At&T Intellectual Property I, L.P. Launcher and coupling system to support desired guided wave mode
US9991580B2 (en) 2016-10-21 2018-06-05 At&T Intellectual Property I, L.P. Launcher and coupling system for guided wave mode cancellation
US10090594B2 (en) 2016-11-23 2018-10-02 At&T Intellectual Property I, L.P. Antenna system having structural configurations for assembly
US10020844B2 (en) 2016-12-06 2018-07-10 T&T Intellectual Property I, L.P. Method and apparatus for broadcast communication via guided waves
US9927517B1 (en) 2016-12-06 2018-03-27 At&T Intellectual Property I, L.P. Apparatus and methods for sensing rainfall
US9893795B1 (en) 2016-12-07 2018-02-13 At&T Intellectual Property I, Lp Method and repeater for broadband distribution
US10027397B2 (en) 2016-12-07 2018-07-17 At&T Intellectual Property I, L.P. Distributed antenna system and methods for use therewith
US10103422B2 (en) 2016-12-08 2018-10-16 At&T Intellectual Property I, L.P. Method and apparatus for mounting network devices
US9998870B1 (en) 2016-12-08 2018-06-12 At&T Intellectual Property I, L.P. Method and apparatus for proximity sensing
US9911020B1 (en) 2016-12-08 2018-03-06 At&T Intellectual Property I, L.P. Method and apparatus for tracking via a radio frequency identification device
US10069535B2 (en) 2016-12-08 2018-09-04 At&T Intellectual Property I, L.P. Apparatus and methods for launching electromagnetic waves having a certain electric field structure
US9838896B1 (en) 2016-12-09 2017-12-05 At&T Intellectual Property I, L.P. Method and apparatus for assessing network coverage
US9973940B1 (en) 2017-02-27 2018-05-15 At&T Intellectual Property I, L.P. Apparatus and methods for dynamic impedance matching of a guided wave launcher

Also Published As

Publication number Publication date Type
CA2467988A1 (en) 2005-11-21 application

Similar Documents

Publication Publication Date Title
US8095786B1 (en) Application-specific network-layer virtual private network connections
US6442686B1 (en) System and methodology for messaging server-based management and enforcement of crypto policies
US5812671A (en) Cryptographic communication system
US7111162B1 (en) Load balancing approach for scaling secure sockets layer performance
US7917505B2 (en) Methods for publishing content
US20110296186A1 (en) System and method for providing secured access to services
US7809953B2 (en) System and method of secure authentication information distribution
US6711678B2 (en) Pre-authenticated communication within a secure computer network
US6826627B2 (en) Data transformation architecture
US8522337B2 (en) Selecting a security format conversion for wired and wireless devices
US6292895B1 (en) Public key cryptosystem with roaming user capability
US20020178353A1 (en) Secure messaging using self-decrypting documents
US20020049818A1 (en) System and method for pushing encrypted information between a host system and a mobile data communication device
US20050081066A1 (en) Providing credentials
US20030023845A1 (en) Method and apparatus for providing secure streaming data transmission facilites using unreliable protocols
US6799197B1 (en) Secure method and system for using a public network or email to administer to software on a plurality of client computers
US20080263224A1 (en) System and Method for Pushing Encrypted Information Between a Host System and a Mobile Data Communication Device
US20090319781A1 (en) Secure message delivery using a trust broker
US8447970B2 (en) Securing out-of-band messages
US20060085503A1 (en) Data communications system using e-mail tunnelling
US20030054810A1 (en) Enterprise mobile server platform
US20020199119A1 (en) Security services system and method
US20080046717A1 (en) Systems and methods for optimizing ssl handshake processing
US20080046727A1 (en) Systems and methods for optimizing ssl handshake processing
US20080235508A1 (en) Reducing processing load in proxies for secure communications

Legal Events

Date Code Title Description
EEER Examination request