CA2467988C - System and method for initiating secure network connection from a client to a network host - Google Patents
System and method for initiating secure network connection from a client to a network host Download PDFInfo
- Publication number
- CA2467988C CA2467988C CA2467988A CA2467988A CA2467988C CA 2467988 C CA2467988 C CA 2467988C CA 2467988 A CA2467988 A CA 2467988A CA 2467988 A CA2467988 A CA 2467988A CA 2467988 C CA2467988 C CA 2467988C
- Authority
- CA
- Canada
- Prior art keywords
- client
- proxy
- data
- network
- server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0471—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload applying encryption by an intermediary, e.g. receiving clear information at the intermediary and encrypting the received information at the intermediary before forwarding
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
- H04L63/166—Implementing security features at a particular protocol layer at the transport layer
Abstract
A secure network connection is initiated from a client that transmits only unencrypted data, such as plaintext. A proxy is connected to the client and operable for receiving unencrypted data from the client and encrypting the data using secure sockets layer (SSL) protocol. It forwards the encrypted data to the network server, which can receive and transmit encrypted data.
Description
SYSTEM AND METHOD FOR INITIATING SECURE
NETWORK CONNECTION FROM A CLIENT TO A NETWORK HOST
Field of the Invention This invention relates to electronic mail systems, and more particularly, this invention relates to providing a secure network connection from a client to a network host.
Background of the Invention When dealing with sensitive data, it is a real-world requirement that all transmission of sensitive data over a public network, such as the internet, be conducted over a secured communications channel. The defacto standard for a secured communications channel over the internet is an encrypted transmission control protocol (TCP) connection known as Secure Sockets Layer (SSL), or alternatively, as the Transport Layer Security (TLS) protocol. The SSL protocol operates above the Transport Control Protocol/Internet Protocol (TCP/IP) layer, but below the Hypertext Transfer Protocol (HTTP). SSL establishes a secure session between a web client and server and encrypts all data passed between the client and server at the IP socket level.
In secure communications using SSL protocol, browsers and servers authenticate each other and encrypt any data transmitted during a session. A client can verify that a web server is authentic before it submits confidential information, and a web server can verify a user is authentic before granting a user access to sensitive information. Digital certificates could be required. Usually, a one-way authentication is only required for the client or server to obtain a key to encrypt data. For example, a client could contact the server, which forwards a certificate signed by a certificate of authority. The client could use the web server's public key to open the certificate.
SSL uses a handshake protocol and record protocol. The record protocol defines the format for transmitting data. The handshake protocol establishes the SSL
connection and determines the parameters used during the communication, including what is required to authenticate a server to a client. It also could allow a client and a server to select a cryptographic algorithm or cipher to support or authenticate a client to a server and use public key encryption techniques to generate shared secrets and establish a secured connection.
Adding SSL support to existing and new applications can be difficult or impossible depending on various factors. For example, on certain computing platforms, it is not possible to use advanced, high performance features, such as multiplexed asynchronous input/output and SSL in the same application. Some prior art proposals "wrap"
an SSL
layer around inbound connections to a well-known network location. There are, however, no corresponding solutions to secure outbound connections to arbitrary network locations.
One proposal set forth in published U.S. patent application no. 2002/0199098 receives encrypted network traffic and forwards the decrypted results to a server. An SSL
proxy server is positioned close to the server, for example, as part of the same computing cluster, to handle inbound connections. The SSL proxy server decrypts traffic and forwards the decrypted package to a predetermined location. The system is limited to preconfigured destinations. Published U.S. patent application nos.
2003/0014623 and 2003/0014628 propose similar solutions. A client sends encrypted packets to a proxy, which decrypts them, forwards the package to the server, and reverses the process for unencrypted packets from the server back to the client.
These proposals are not acceptable if a client can only transmit unencrypted packets.
Summary of the Invention It is therefore an object of the present invention to provide a system and method that allows a client unable to encrypt data to establish a secure connection with a server that is able to communicate over a secured network connection.
The present invention allows a client computer that is not operable to initiate an SSL session on its own to establish a secure connection with a host, such as a POP, IMAP
or web server, even though there are no preconfigured limitations on the destination of the connection. As part of the initiation sequence of an outbound connection, a client first privately communicates the destination host name and internet protocol (IP) port number to an SSL proxy. As a result, there is no requirement to preconfigure any destination for forwarded packets. The SSL proxy is not initially transparent and requires the client to communicate a desired destination to the SSL proxy. The client sends unencrypted packets. The SSL proxy encrypts the packets and forwards these encrypted packets to the arbitrary server specified at the time the unencrypted connection is established.
NETWORK CONNECTION FROM A CLIENT TO A NETWORK HOST
Field of the Invention This invention relates to electronic mail systems, and more particularly, this invention relates to providing a secure network connection from a client to a network host.
Background of the Invention When dealing with sensitive data, it is a real-world requirement that all transmission of sensitive data over a public network, such as the internet, be conducted over a secured communications channel. The defacto standard for a secured communications channel over the internet is an encrypted transmission control protocol (TCP) connection known as Secure Sockets Layer (SSL), or alternatively, as the Transport Layer Security (TLS) protocol. The SSL protocol operates above the Transport Control Protocol/Internet Protocol (TCP/IP) layer, but below the Hypertext Transfer Protocol (HTTP). SSL establishes a secure session between a web client and server and encrypts all data passed between the client and server at the IP socket level.
In secure communications using SSL protocol, browsers and servers authenticate each other and encrypt any data transmitted during a session. A client can verify that a web server is authentic before it submits confidential information, and a web server can verify a user is authentic before granting a user access to sensitive information. Digital certificates could be required. Usually, a one-way authentication is only required for the client or server to obtain a key to encrypt data. For example, a client could contact the server, which forwards a certificate signed by a certificate of authority. The client could use the web server's public key to open the certificate.
SSL uses a handshake protocol and record protocol. The record protocol defines the format for transmitting data. The handshake protocol establishes the SSL
connection and determines the parameters used during the communication, including what is required to authenticate a server to a client. It also could allow a client and a server to select a cryptographic algorithm or cipher to support or authenticate a client to a server and use public key encryption techniques to generate shared secrets and establish a secured connection.
Adding SSL support to existing and new applications can be difficult or impossible depending on various factors. For example, on certain computing platforms, it is not possible to use advanced, high performance features, such as multiplexed asynchronous input/output and SSL in the same application. Some prior art proposals "wrap"
an SSL
layer around inbound connections to a well-known network location. There are, however, no corresponding solutions to secure outbound connections to arbitrary network locations.
One proposal set forth in published U.S. patent application no. 2002/0199098 receives encrypted network traffic and forwards the decrypted results to a server. An SSL
proxy server is positioned close to the server, for example, as part of the same computing cluster, to handle inbound connections. The SSL proxy server decrypts traffic and forwards the decrypted package to a predetermined location. The system is limited to preconfigured destinations. Published U.S. patent application nos.
2003/0014623 and 2003/0014628 propose similar solutions. A client sends encrypted packets to a proxy, which decrypts them, forwards the package to the server, and reverses the process for unencrypted packets from the server back to the client.
These proposals are not acceptable if a client can only transmit unencrypted packets.
Summary of the Invention It is therefore an object of the present invention to provide a system and method that allows a client unable to encrypt data to establish a secure connection with a server that is able to communicate over a secured network connection.
The present invention allows a client computer that is not operable to initiate an SSL session on its own to establish a secure connection with a host, such as a POP, IMAP
or web server, even though there are no preconfigured limitations on the destination of the connection. As part of the initiation sequence of an outbound connection, a client first privately communicates the destination host name and internet protocol (IP) port number to an SSL proxy. As a result, there is no requirement to preconfigure any destination for forwarded packets. The SSL proxy is not initially transparent and requires the client to communicate a desired destination to the SSL proxy. The client sends unencrypted packets. The SSL proxy encrypts the packets and forwards these encrypted packets to the arbitrary server specified at the time the unencrypted connection is established.
In accordance with one aspect of the present invention, a system of the present invention is operable for initiating a secure network connection when a client is operable for transmitting only unencrypted data. A network server is operable to receive data from the client and operable to communicate with clients in a secure manner. A
proxy is connected to the client and operable for receiving unencrypted data from the client and encrypting the data using the Secure Sockets Layer (SSL) protocol and forwarding the encrypted data to the network server. The client is typically operable for transmitting only unencrypted data to the designated network host through a designated internet protocol (IP) port number of the network host. The proxy is connected to the client and close to the client such as part of a data center and receives from the client the unencrypted data, a destination host name for the network host to be communicated, and the internet protocol (IP) port number.
In another aspect of the present invention, the SSL protocol comprises a transport layer security (TLS) protocol. The data transmitted from the client is typically unencrypted text data. The proxy is typically a proxy server and closely associated with the client. The proxy is operative for establishing a Transport Control Protocol (TCP), end-to-end connection between the client and the host, such as a network server. The host as a network server typically could be a POP, IMAP or web server, but could be other server types. The proxy is typically operative for closing its connection with one of the server or client after one of the server or client closes its connection. The client could be formed as a mobile device.
In yet another aspect of the invention, there is provided a system for initiating a secure network connection comprising a client operable for transmitting only unencrypted data; a network server operable to receive data from the client and operable to communicate in a secure manner; and a proxy connected to the client and operable for receiving unencrypted data from the client and encrypting the data using secure sockets layer (SSL) protocol and forwarding the encrypted data to the network server on a designated port number based on a destination host name and port number provided by the client to the proxy.
In yet another aspect, there is provided a system for initiating a secure network connection between a client and network host comprising a client operable for transmitting only unencrypted data to a designated network host through a designated internet protocol (IP) port number of the network host; and a proxy connected to the client and operable for receiving from the client the unencrypted data, a destination host name for the network host, and internet protocol (IP) port number, and encrypting the data using secure sockets layer (SSL) protocol and forwarding the encrypted data to the network host on a designated port number based on a destination host name and port number provided by the client to the proxy.
In yet another aspect, there is provided a system for initiating a secure network connection between a client and network host comprising a client operable for transmitting only unencrypted data to a designated network host through a designated internet protocol (IP) port number of the network host; and a proxy connected to the client and operable for receiving from the client the unencrypted data, a destination host name for the network host, and internet protocol (IP) port number and encrypting the data using secure sockets layer (SSL) protocol, and forwarding the encrypted data to the network host on a designated port number based on a destination host name and port number provided by the client to the proxy, said proxy also operative for receiving encrypted data from the network host and decrypting the data for transmission to the client.
In yet another aspect, there is provided a method for initiating a secure network connection comprising the steps of receiving at a proxy connected to a client unsecured data from the client wherein the client is operable for transmitting only unencrypted data;
and initiating a secure connection from the proxy to a designed network host using secure sockets layer (SSL) protocol and forwarding the encrypted data to the network host on a designated port number based on a destination host name and port number provided by the client to the proxy.
In yet another aspect of the invention, there is provided a method for initiating a secure network connection comprising the steps of receiving at a proxy from a client that can transmit only unencrypted data as unsecured data, a destination host name location for a desired network host server, and a designated internet protocol (IP) port number for communication therewith; and initiating a secure connection from the proxy to the desired network host using secure sockets layer (SSL) protocol via the designated port number and forwarding encrypted data to a network server on a designated port number based on a destination host name and port number provided by the client to the proxy.
In yet another aspect, there is provided a method for initiating a secure network connection comprising the steps of receiving at a proxy unsecured data from a client that is operable for transmitting only unencrypted data; initiating a secure connection from the 3a proxy to a network host using secure sockets layer (SSL) protocol on a designated port number based on a destination host name and port number provided by the client to the proxy; receiving at the proxy secure data in a SSL protocol from the network host;
decrypting the secure data at the proxy; and transmitting the decrypted data from the proxy to the client based on a destination host name and port number provided by the client to the proxy.
A method aspect of the invention is also set forth in detail.
Brief Description of the Drawings Other objects, features and advantages of the present invention will become apparent from the detailed description of the invention which follows, when considered in light of the accompanying drawings in which:
FIG. 1 is a block diagram showing prior art client-server encrypted communications, for example, by using Secure Sockets Layer (SSL) protocol.
FIG. 2 is a block diagram showing use of a prior art, SSL proxy for port 993 and IMAP4 over SSL in a 443 port connection using the internet mail access protocol (IMAP).
3b FIG. 3 is a block diagram showing the SSL proxy in the system of the present invention, which allows a plaintext client to initiate a secure connection with an arbitrary host.
FIG. 4 is a high level flow chart illustrating an example of the method of the present invention.
FIG. 5 is a more detailed flow chart illustrating an example of the sequence and steps for initiating a secure connection with a host from a client that is operable for transmitting only unencrypted data.
FIG. 6 is a schematic block diagram illustrating an exemplary mobile wireless communications device for use in the present invention.
Detailed Description of the Preferred Embodiments The present invention will now be described more fully hereinafter with reference to the accompanying drawings, in which preferred embodiments of the invention are shown. This invention may, however, be embodied in many different forms and should not be construed as limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the invention to those skilled in the art. Like numbers refer to like elements throughout, and prime notation is used to indicate similar elements in alternative embodiments.
The present invention provides a system and method that initiates secure network connections to arbitrary hosts, in which the client that initiates the connection typically does not have the capability to perform encryption and related functions. The present invention solves the prior art problem of securing outbound connections to an arbitrary network location, such as a network host on a web server, by introducing an intermediate, Secure Socket Layer (SSL) enabled proxy server. Rather than attempting to connect directly to an SSL network service as in many prior art proposals, in the present invention, the client connects to the SSL proxy server that is typically associated close to the client, such as part of a data center as a non-limiting example. The client provides the network host name and TCP port number to the SSL proxy, which then initiates a secure connection to the specified network host on the specified TCP port number.
From that time onward, the SSL proxy is transparent to communications between the client and the SSL site, for example, the network server or web server. The SSL proxy can provide on-the-fly encryption of outbound packets and decryption of inbound packets. The client application typically only requires a minimal change to its software and can be maintained in a more simple manner than other more complicated systems, since it can continue to do network communications in plaintext.
The present invention solves the problem associated with many prior art solutions and proposals that "wrap" SSL security around a fixed network location. These prior art solutions typically work only for network connections to known, fixed network locations, and must have fixed network locations pre-programmed into a configuration before the solutions are run. When the solutions are running, there is no way to add, remove, or change a network destination without stopping the service, reprogramming a configuration, and restarting the service. There is also no dynamic capability to initiate a connection to a run time determined network location. The present invention can have the network destination specified at run time because it has no limitation as to which network hosts it can communicate with.
FIG. 1 illustrates a prior art secure communications system 10, which initiates a secure connection between a client 12 and host, such as a web server or other service provider via the internet 16. The client 12 is SSL enabled and establishes an encrypted connection to the service provider 14 using a TCP connection via the internet 16. In some prior art proposals as described above, an SSL proxy is used for buffering or other purposes. FIG. 2 shows a prior art SSL proxy 20 and IMAP service 22 that can communicate via port 993 and port 443 for S-IMAP and IMAP4 over SSL. This type of arrangement has been proposed and in use by some providers.
It should be understood that the SSL protocol includes two sub-protocols, i.e., an SSL record protocol and SSL handshake protocol. The record protocol defines the format to transmit data, and the handshake protocol establishes the connection and determines the parameters used during the SSL communication session. The SSL communication protocol and the SSL handshake protocol can authenticate a server to a client, allow a client and server to select a cryptographic algorithm or cipher to support, authenticate a client to the server, and use public key encryption techniques to generate shared secrets and establish a secured connection.
Some prior art proposals have used an SSL protocol and SSL proxy to receive encrypted data from a client and provide buffering, such as in published U.S.
patent application no. 2002/0199098. The SSL proxy, however, still receives encrypted network traffic from a client and forwards the encrypted results to a server. The SSL
proxy in these types of proposals are transparent proxies. Clients have no knowledge of the proxy's presence.
In the present invention, on the other hand, the SSL proxy is not altogether transparent and requires the client to communicate a desired destination to the SSL proxy.
In the present invention, an SSL proxy is designed to be deployed close to the client, such as part of a data center for initiating outbound connections, as compared to the published publication and other prior art proposals that have SSL proxies deployed close to the server, for example, as part of the same computing cluster to handle inbound connections.
There is also no requirement in the present invention to preconfigure any destination for forwarded packets. Also, in most prior art proposals, a client computer is operable to initiate an SSL session and send packets with encrypted payloads. In the present claimed invention, however, the SSL proxy is specifically designed for client computers that are not operable to initiate an SSL session on their own. The present invention allows a client to send unencrypted packets, while the SSL proxy encrypts and forwards the packet to an arbitrary server specified at the time the encrypted connection is established.
FIG. 3 is an overall high level block diagram of an example of the system 30 of the present invention. The internet 32 is the vehicle for encrypted network connections between a client 34 and various service providers 36, 38, 40, such as different network servers or web servers listed as servicel.com, service2.com and service3.com.
Although the internet is shown, it should be understood that the present invention is not limited only to internet communications, but can be used with different intranets and other types of networks. The client 34 in this example has an application that is able to transmit only plaintext. The client could be part of a data center 42, which includes the SSL proxy 44 of the present invention. Although the SSL proxy 44 is shown as part of the data center, which includes the client 34, it should be understood that the SSL proxy 44 does not have to be part of any client associated data center, but could be part of any system that is associated with the client. The present invention would also permit use of asynchronous input/output in JAVA programming environment. The client could also be a wireless, mobile communications device, such as a hand-held Blackberry unit.
FIG. 4 illustrates a high level block diagram of one example of the method of the present invention that can be used with the system shown in FIG. 3. As illustrated, the client application opens a socket for communication from the client to the SSL
proxy (block 100). The client transmits the destination host name and port number to the SSL
proxy (block 102), which then opens the SSL connection to the host via the port (block 104). The SSL proxy shuttles bytes to the host using the SSL connection (block 106).
FIG. 5 illustrates another flow chart and greater details of a representative example of the method of the present invention that can be used with the system shown in FIG. 3.
The client first opens a TCP connection to the SSL proxy (block 110). The client informs the SSL proxy which network host and port number is used to initiate a secure connection (block 112). The SSL proxy opens a secure connection to the destination host (block 114).
The SSL proxy is at this point transparent either client or server may send data to each other, in any order. There is no requirement that the initial data be sent from client to server, although the description will proceed with the client sending data to the server.
The SSL proxy receives plaintext data from the client during the communication session (block 116). It should be understood that plaintext data refers to "not encrypted." The SSL proxy encrypts the plaintext data and forwards the encrypted plaintext data to the host, for example, a service provider or other web server (block 118). The SSL
proxy receives encrypted traffic from the service provider, for example, the web server (block 120). The SSL proxy decrypts the received data from the server (block 122).
The decrypted data is forwarded to the client (block 124). When the client or server closes its respective connection (block 126), the SSL proxy forwards this event by closing its corresponding connection (block 128).
It should be understood that the software and programming used for the present invention can vary, and different applications can be used to accomplish the purpose and functions of the present invention. Many types of web service technology can be used, including different application services used by those skilled in the art. Web services could include a combination of programming and data, which are available from a web server for web users, or the use of other web-connected programs as provided by an application service provider. Web services could use an extensible mark-up language (XML) as a standard for formatting data to be communicated.
Different communication arrangements could be used, including peer-to-peer, use of a central server, or other architecture and communication systems, including middleware. Data formats could be standardized and data exchanged using an extensive mark-up language (XML), which is the foundation for the web services description language (WSDL). Different web servers could also be used, including the open source Apache or Microsoft's Internet Information Server (IIS). Other web services could include Novell's web server for users of its netware operating system or the IBM family of Lotus Domino service, for example, for IBM's OS/390 and AS/400 customers.
Any web server could download requests for File Transfer Protocol (FTP) files.
Different servers could include a Messaging Application Programming Interface (MAPI) and provide an Application Programming Interface (API). Configuration data objects and format data objects could be generated using an extensible mark-up language (XML) for submission to various XML-compliant web services. Any server and web service could be a Simple Object Access Protocol (SOAP) compliant service. SOAP would allow one program running in one kind of operating system to communicate with a program in the same or another type of operating system by using HTTP and XML for information exchange.
ActiveX controls could be used as Component Object Models (COM) and provide a framework for building software components that communicate with each other.
ActiveX controls could be automatically downloaded and executed by a web browser.
Distributed object applications could be built in active web pages and ActiveX
controls could be downloaded to different browsers and client. ActiveX controls could be held in a web browser as a container and distributed over an internet or corporate intranet. ActiveX
controls could also manage and update web content and client systems and work closely with a user interface of a targeted operating system. JAVA objects or similar component objects could be used instead of ActiveX controls. An object model control could also be any type of Dynamic Link Library (DLL) module that runs in a container.
An exemplary hand-held mobile wireless communications device 1000 that can be used in the present invention is further described in the example below with reference to FIG. 6. The device 1000 includes a housing 1200, a keyboard 1400 and an output device 1600. The output device shown is a display 1600, which is preferably a full graphic LCD.
Other types of output devices may alternatively be utilized. A processing device 1800 is contained within the housing 1200 and is coupled between the keyboard 1400 and the display 1600. The processing device 1800 controls the operation of the display 1600, as well as the overall operation of the mobile device 1000, in response to actuation of keys on the keyboard 1400 by the user.
The housing 1200 may be elongated vertically, or may take on other sizes and shapes (including clamshell housing structures). The keyboard may include a mode selection key, or other hardware or software for switching between text entry and telephony entry.
In addition to the processing device 1800, other parts of the mobile device 1000 are shown schematically in FIG. 6. These include a communications subsystem 1001;
a short-range communications subsystem 1020; the keyboard 1400 and the display 1600, along with other input/output devices 1060, 1080, 1100 and 1120; as well as memory devices 1160, 1180 and various other device subsystems 1201. The mobile device 1000 is preferably a two-way RF communications device having voice and data communications capabilities. In addition, the mobile device 1000 preferably has the capability to communicate with other computer systems via the Internet.
Operating system software executed by the processing device 1800 is preferably stored in a persistent store, such as the flash memory 1160, but may be stored in other types of memory devices, such as a read only memory (ROM) or similar storage element.
In addition, system software, specific device applications, or parts thereof, may be temporarily loaded into a volatile store, such as the random access memory (RAM) 1180.
Communications signals received by the mobile device may also be stored in the RAM
1180.
The processing device 1800, in addition to its operating system functions, enables execution of software applications 1300A-1300N on the device 1000. A
predetermined set of applications that control basic device operations, such as data and voice communications 1300A and 1300B, may be installed on the device 1000 during manufacture. In addition, a personal information manager (PIM) application may be installed during manufacture. The PIM is preferably capable of organizing and managing data items, such as e-mail, calendar events, voice mails, appointments, and task items.
The PIM application is also preferably capable of sending and receiving data items via a wireless network 1401. Preferably, the PIM data items are seamlessly integrated, synchronized and updated via the wireless network 1401 with the device user's corresponding data items stored or associated with a host computer system.
Communication functions, including data and voice communications, are performed through the communications subsystem 1001, and possibly through the short-range communications subsystem. The communications subsystem 1001 includes a receiver 1500, a transmitter 1520, and one or more antennas 1540 and 1560. In addition, the communications subsystem 1001 also includes a processing module, such as a digital signal processor (DSP) 1580, and local oscillators (LOs) 1601. The specific design and implementation of the communications subsystem 1001 is dependent upon the communications network in which the mobile device 1000 is intended to operate.
For example, a mobile device 1000 may include a communications subsystem 1001 designed to operate with the MobitexTM, Data TACTM or General Packet Radio Service (GPRS) mobile data communications networks, and also designed to operate with any of a variety of voice communications networks, such as AMPS, TDMA, CDMA, PCS, GSM, etc.
Other types of data and voice networks, both separate and integrated, may also be utilized with the mobile device 1000.
Network access requirements vary depending upon the type of communication system. For example, in the Mobitex and DataTAC networks, mobile devices are registered on the network using a unique personal identification number or PIN
associated with each device. In GPRS networks, however, network access is associated with a subscriber or user of a device. A GPRS device therefore requires a subscriber identity module, commonly referred to as a SIM card, in order to operate on a GPRS
network.
When required network registration or activation procedures have been completed, the mobile device 1000 may send and receive communications signals over the communication network 1401. Signals received from the communications network by the antenna 1540 are routed to the receiver 1500, which provides for signal amplification, frequency down conversion, filtering, channel selection, etc., and may also provide analog to digital conversion. Analog-to-digital conversion of the received signal allows the DSP 1580 to perform more complex communications functions, such as demodulation and decoding. In a similar manner, signals to be transmitted to the network 1401 are processed (e.g. modulated and encoded) by the DSP 1580 and are then provided to the transmitter 1520 for digital to analog conversion, frequency up conversion, filtering, amplification and transmission to the communication network 1401 (or networks) via the antenna 1560.
In addition to processing communications signals, the DSP 1580 provides for control of the receiver 1500 and the transmitter 1520. For example, gains applied to communications signals in the receiver 1500 and transmitter 1520 may be adaptively controlled through automatic gain control algorithms implemented in the DSP
1580.
In a data communications mode, a received signal, such as a text message or web page download, is processed by the communications subsystem 1001 and is input to the processing device 1800. The received signal is then further processed by the processing device 1800 for an output to the display 1600, or alternatively to some other auxiliary I/O
device 1060. A device user may also compose data items, such as e-mail messages, using the keyboard 1400 and/or some other auxiliary I/O device 1060, such as a touchpad, a rocker switch, a thumb-wheel, or some other type of input device. The composed data items may then be transmitted over the communications network 1401 via the communications subsystem 1001.
In a voice communications mode, overall operation of the device is substantially similar to the data communications mode, except that received signals are output to a speaker 1100, and signals for transmission are generated by a microphone 1120.
Alternative voice or audio I/O subsystems, such as a voice message recording subsystem, may also be implemented on the device 1000. In addition, the display 1600 may also be utilized in voice communications mode, for example to display the identity of a calling party, the duration of a voice call, or other voice call related information.
The short-range communications subsystem enables communication between the mobile device 1000 and other proximate systems or devices, which need not necessarily be similar devices. For example, the short-range communications subsystem may include an infrared device and associated circuits and components, or a BluetoothTM
communications module to provide for communication with similarly-enabled systems and devices.
It is evident that the present claimed invention is advantageous and overcomes the prior art proposals that are designed to wrap SSL security around a fixed network location.
The present invention is specifically able to have the network destination specified at run time because it has no limitation as to which network hosts it can communicate. The present invention is suitable when the client is operable only to transmit unencrypted data, and cannot use SSL protocol. A secure network connection can now be established for SSL protocol communication.
Many modifications and other embodiments of the invention will come to the mind of one skilled in the art having the benefit of the teachings presented in the foregoing descriptions and the associated drawings. Therefore, it is understood that the invention is not to be limited to the specific embodiments disclosed, and that modifications and embodiments are intended to be included within the scope of the appended claims.
proxy is connected to the client and operable for receiving unencrypted data from the client and encrypting the data using the Secure Sockets Layer (SSL) protocol and forwarding the encrypted data to the network server. The client is typically operable for transmitting only unencrypted data to the designated network host through a designated internet protocol (IP) port number of the network host. The proxy is connected to the client and close to the client such as part of a data center and receives from the client the unencrypted data, a destination host name for the network host to be communicated, and the internet protocol (IP) port number.
In another aspect of the present invention, the SSL protocol comprises a transport layer security (TLS) protocol. The data transmitted from the client is typically unencrypted text data. The proxy is typically a proxy server and closely associated with the client. The proxy is operative for establishing a Transport Control Protocol (TCP), end-to-end connection between the client and the host, such as a network server. The host as a network server typically could be a POP, IMAP or web server, but could be other server types. The proxy is typically operative for closing its connection with one of the server or client after one of the server or client closes its connection. The client could be formed as a mobile device.
In yet another aspect of the invention, there is provided a system for initiating a secure network connection comprising a client operable for transmitting only unencrypted data; a network server operable to receive data from the client and operable to communicate in a secure manner; and a proxy connected to the client and operable for receiving unencrypted data from the client and encrypting the data using secure sockets layer (SSL) protocol and forwarding the encrypted data to the network server on a designated port number based on a destination host name and port number provided by the client to the proxy.
In yet another aspect, there is provided a system for initiating a secure network connection between a client and network host comprising a client operable for transmitting only unencrypted data to a designated network host through a designated internet protocol (IP) port number of the network host; and a proxy connected to the client and operable for receiving from the client the unencrypted data, a destination host name for the network host, and internet protocol (IP) port number, and encrypting the data using secure sockets layer (SSL) protocol and forwarding the encrypted data to the network host on a designated port number based on a destination host name and port number provided by the client to the proxy.
In yet another aspect, there is provided a system for initiating a secure network connection between a client and network host comprising a client operable for transmitting only unencrypted data to a designated network host through a designated internet protocol (IP) port number of the network host; and a proxy connected to the client and operable for receiving from the client the unencrypted data, a destination host name for the network host, and internet protocol (IP) port number and encrypting the data using secure sockets layer (SSL) protocol, and forwarding the encrypted data to the network host on a designated port number based on a destination host name and port number provided by the client to the proxy, said proxy also operative for receiving encrypted data from the network host and decrypting the data for transmission to the client.
In yet another aspect, there is provided a method for initiating a secure network connection comprising the steps of receiving at a proxy connected to a client unsecured data from the client wherein the client is operable for transmitting only unencrypted data;
and initiating a secure connection from the proxy to a designed network host using secure sockets layer (SSL) protocol and forwarding the encrypted data to the network host on a designated port number based on a destination host name and port number provided by the client to the proxy.
In yet another aspect of the invention, there is provided a method for initiating a secure network connection comprising the steps of receiving at a proxy from a client that can transmit only unencrypted data as unsecured data, a destination host name location for a desired network host server, and a designated internet protocol (IP) port number for communication therewith; and initiating a secure connection from the proxy to the desired network host using secure sockets layer (SSL) protocol via the designated port number and forwarding encrypted data to a network server on a designated port number based on a destination host name and port number provided by the client to the proxy.
In yet another aspect, there is provided a method for initiating a secure network connection comprising the steps of receiving at a proxy unsecured data from a client that is operable for transmitting only unencrypted data; initiating a secure connection from the 3a proxy to a network host using secure sockets layer (SSL) protocol on a designated port number based on a destination host name and port number provided by the client to the proxy; receiving at the proxy secure data in a SSL protocol from the network host;
decrypting the secure data at the proxy; and transmitting the decrypted data from the proxy to the client based on a destination host name and port number provided by the client to the proxy.
A method aspect of the invention is also set forth in detail.
Brief Description of the Drawings Other objects, features and advantages of the present invention will become apparent from the detailed description of the invention which follows, when considered in light of the accompanying drawings in which:
FIG. 1 is a block diagram showing prior art client-server encrypted communications, for example, by using Secure Sockets Layer (SSL) protocol.
FIG. 2 is a block diagram showing use of a prior art, SSL proxy for port 993 and IMAP4 over SSL in a 443 port connection using the internet mail access protocol (IMAP).
3b FIG. 3 is a block diagram showing the SSL proxy in the system of the present invention, which allows a plaintext client to initiate a secure connection with an arbitrary host.
FIG. 4 is a high level flow chart illustrating an example of the method of the present invention.
FIG. 5 is a more detailed flow chart illustrating an example of the sequence and steps for initiating a secure connection with a host from a client that is operable for transmitting only unencrypted data.
FIG. 6 is a schematic block diagram illustrating an exemplary mobile wireless communications device for use in the present invention.
Detailed Description of the Preferred Embodiments The present invention will now be described more fully hereinafter with reference to the accompanying drawings, in which preferred embodiments of the invention are shown. This invention may, however, be embodied in many different forms and should not be construed as limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the invention to those skilled in the art. Like numbers refer to like elements throughout, and prime notation is used to indicate similar elements in alternative embodiments.
The present invention provides a system and method that initiates secure network connections to arbitrary hosts, in which the client that initiates the connection typically does not have the capability to perform encryption and related functions. The present invention solves the prior art problem of securing outbound connections to an arbitrary network location, such as a network host on a web server, by introducing an intermediate, Secure Socket Layer (SSL) enabled proxy server. Rather than attempting to connect directly to an SSL network service as in many prior art proposals, in the present invention, the client connects to the SSL proxy server that is typically associated close to the client, such as part of a data center as a non-limiting example. The client provides the network host name and TCP port number to the SSL proxy, which then initiates a secure connection to the specified network host on the specified TCP port number.
From that time onward, the SSL proxy is transparent to communications between the client and the SSL site, for example, the network server or web server. The SSL proxy can provide on-the-fly encryption of outbound packets and decryption of inbound packets. The client application typically only requires a minimal change to its software and can be maintained in a more simple manner than other more complicated systems, since it can continue to do network communications in plaintext.
The present invention solves the problem associated with many prior art solutions and proposals that "wrap" SSL security around a fixed network location. These prior art solutions typically work only for network connections to known, fixed network locations, and must have fixed network locations pre-programmed into a configuration before the solutions are run. When the solutions are running, there is no way to add, remove, or change a network destination without stopping the service, reprogramming a configuration, and restarting the service. There is also no dynamic capability to initiate a connection to a run time determined network location. The present invention can have the network destination specified at run time because it has no limitation as to which network hosts it can communicate with.
FIG. 1 illustrates a prior art secure communications system 10, which initiates a secure connection between a client 12 and host, such as a web server or other service provider via the internet 16. The client 12 is SSL enabled and establishes an encrypted connection to the service provider 14 using a TCP connection via the internet 16. In some prior art proposals as described above, an SSL proxy is used for buffering or other purposes. FIG. 2 shows a prior art SSL proxy 20 and IMAP service 22 that can communicate via port 993 and port 443 for S-IMAP and IMAP4 over SSL. This type of arrangement has been proposed and in use by some providers.
It should be understood that the SSL protocol includes two sub-protocols, i.e., an SSL record protocol and SSL handshake protocol. The record protocol defines the format to transmit data, and the handshake protocol establishes the connection and determines the parameters used during the SSL communication session. The SSL communication protocol and the SSL handshake protocol can authenticate a server to a client, allow a client and server to select a cryptographic algorithm or cipher to support, authenticate a client to the server, and use public key encryption techniques to generate shared secrets and establish a secured connection.
Some prior art proposals have used an SSL protocol and SSL proxy to receive encrypted data from a client and provide buffering, such as in published U.S.
patent application no. 2002/0199098. The SSL proxy, however, still receives encrypted network traffic from a client and forwards the encrypted results to a server. The SSL
proxy in these types of proposals are transparent proxies. Clients have no knowledge of the proxy's presence.
In the present invention, on the other hand, the SSL proxy is not altogether transparent and requires the client to communicate a desired destination to the SSL proxy.
In the present invention, an SSL proxy is designed to be deployed close to the client, such as part of a data center for initiating outbound connections, as compared to the published publication and other prior art proposals that have SSL proxies deployed close to the server, for example, as part of the same computing cluster to handle inbound connections.
There is also no requirement in the present invention to preconfigure any destination for forwarded packets. Also, in most prior art proposals, a client computer is operable to initiate an SSL session and send packets with encrypted payloads. In the present claimed invention, however, the SSL proxy is specifically designed for client computers that are not operable to initiate an SSL session on their own. The present invention allows a client to send unencrypted packets, while the SSL proxy encrypts and forwards the packet to an arbitrary server specified at the time the encrypted connection is established.
FIG. 3 is an overall high level block diagram of an example of the system 30 of the present invention. The internet 32 is the vehicle for encrypted network connections between a client 34 and various service providers 36, 38, 40, such as different network servers or web servers listed as servicel.com, service2.com and service3.com.
Although the internet is shown, it should be understood that the present invention is not limited only to internet communications, but can be used with different intranets and other types of networks. The client 34 in this example has an application that is able to transmit only plaintext. The client could be part of a data center 42, which includes the SSL proxy 44 of the present invention. Although the SSL proxy 44 is shown as part of the data center, which includes the client 34, it should be understood that the SSL proxy 44 does not have to be part of any client associated data center, but could be part of any system that is associated with the client. The present invention would also permit use of asynchronous input/output in JAVA programming environment. The client could also be a wireless, mobile communications device, such as a hand-held Blackberry unit.
FIG. 4 illustrates a high level block diagram of one example of the method of the present invention that can be used with the system shown in FIG. 3. As illustrated, the client application opens a socket for communication from the client to the SSL
proxy (block 100). The client transmits the destination host name and port number to the SSL
proxy (block 102), which then opens the SSL connection to the host via the port (block 104). The SSL proxy shuttles bytes to the host using the SSL connection (block 106).
FIG. 5 illustrates another flow chart and greater details of a representative example of the method of the present invention that can be used with the system shown in FIG. 3.
The client first opens a TCP connection to the SSL proxy (block 110). The client informs the SSL proxy which network host and port number is used to initiate a secure connection (block 112). The SSL proxy opens a secure connection to the destination host (block 114).
The SSL proxy is at this point transparent either client or server may send data to each other, in any order. There is no requirement that the initial data be sent from client to server, although the description will proceed with the client sending data to the server.
The SSL proxy receives plaintext data from the client during the communication session (block 116). It should be understood that plaintext data refers to "not encrypted." The SSL proxy encrypts the plaintext data and forwards the encrypted plaintext data to the host, for example, a service provider or other web server (block 118). The SSL
proxy receives encrypted traffic from the service provider, for example, the web server (block 120). The SSL proxy decrypts the received data from the server (block 122).
The decrypted data is forwarded to the client (block 124). When the client or server closes its respective connection (block 126), the SSL proxy forwards this event by closing its corresponding connection (block 128).
It should be understood that the software and programming used for the present invention can vary, and different applications can be used to accomplish the purpose and functions of the present invention. Many types of web service technology can be used, including different application services used by those skilled in the art. Web services could include a combination of programming and data, which are available from a web server for web users, or the use of other web-connected programs as provided by an application service provider. Web services could use an extensible mark-up language (XML) as a standard for formatting data to be communicated.
Different communication arrangements could be used, including peer-to-peer, use of a central server, or other architecture and communication systems, including middleware. Data formats could be standardized and data exchanged using an extensive mark-up language (XML), which is the foundation for the web services description language (WSDL). Different web servers could also be used, including the open source Apache or Microsoft's Internet Information Server (IIS). Other web services could include Novell's web server for users of its netware operating system or the IBM family of Lotus Domino service, for example, for IBM's OS/390 and AS/400 customers.
Any web server could download requests for File Transfer Protocol (FTP) files.
Different servers could include a Messaging Application Programming Interface (MAPI) and provide an Application Programming Interface (API). Configuration data objects and format data objects could be generated using an extensible mark-up language (XML) for submission to various XML-compliant web services. Any server and web service could be a Simple Object Access Protocol (SOAP) compliant service. SOAP would allow one program running in one kind of operating system to communicate with a program in the same or another type of operating system by using HTTP and XML for information exchange.
ActiveX controls could be used as Component Object Models (COM) and provide a framework for building software components that communicate with each other.
ActiveX controls could be automatically downloaded and executed by a web browser.
Distributed object applications could be built in active web pages and ActiveX
controls could be downloaded to different browsers and client. ActiveX controls could be held in a web browser as a container and distributed over an internet or corporate intranet. ActiveX
controls could also manage and update web content and client systems and work closely with a user interface of a targeted operating system. JAVA objects or similar component objects could be used instead of ActiveX controls. An object model control could also be any type of Dynamic Link Library (DLL) module that runs in a container.
An exemplary hand-held mobile wireless communications device 1000 that can be used in the present invention is further described in the example below with reference to FIG. 6. The device 1000 includes a housing 1200, a keyboard 1400 and an output device 1600. The output device shown is a display 1600, which is preferably a full graphic LCD.
Other types of output devices may alternatively be utilized. A processing device 1800 is contained within the housing 1200 and is coupled between the keyboard 1400 and the display 1600. The processing device 1800 controls the operation of the display 1600, as well as the overall operation of the mobile device 1000, in response to actuation of keys on the keyboard 1400 by the user.
The housing 1200 may be elongated vertically, or may take on other sizes and shapes (including clamshell housing structures). The keyboard may include a mode selection key, or other hardware or software for switching between text entry and telephony entry.
In addition to the processing device 1800, other parts of the mobile device 1000 are shown schematically in FIG. 6. These include a communications subsystem 1001;
a short-range communications subsystem 1020; the keyboard 1400 and the display 1600, along with other input/output devices 1060, 1080, 1100 and 1120; as well as memory devices 1160, 1180 and various other device subsystems 1201. The mobile device 1000 is preferably a two-way RF communications device having voice and data communications capabilities. In addition, the mobile device 1000 preferably has the capability to communicate with other computer systems via the Internet.
Operating system software executed by the processing device 1800 is preferably stored in a persistent store, such as the flash memory 1160, but may be stored in other types of memory devices, such as a read only memory (ROM) or similar storage element.
In addition, system software, specific device applications, or parts thereof, may be temporarily loaded into a volatile store, such as the random access memory (RAM) 1180.
Communications signals received by the mobile device may also be stored in the RAM
1180.
The processing device 1800, in addition to its operating system functions, enables execution of software applications 1300A-1300N on the device 1000. A
predetermined set of applications that control basic device operations, such as data and voice communications 1300A and 1300B, may be installed on the device 1000 during manufacture. In addition, a personal information manager (PIM) application may be installed during manufacture. The PIM is preferably capable of organizing and managing data items, such as e-mail, calendar events, voice mails, appointments, and task items.
The PIM application is also preferably capable of sending and receiving data items via a wireless network 1401. Preferably, the PIM data items are seamlessly integrated, synchronized and updated via the wireless network 1401 with the device user's corresponding data items stored or associated with a host computer system.
Communication functions, including data and voice communications, are performed through the communications subsystem 1001, and possibly through the short-range communications subsystem. The communications subsystem 1001 includes a receiver 1500, a transmitter 1520, and one or more antennas 1540 and 1560. In addition, the communications subsystem 1001 also includes a processing module, such as a digital signal processor (DSP) 1580, and local oscillators (LOs) 1601. The specific design and implementation of the communications subsystem 1001 is dependent upon the communications network in which the mobile device 1000 is intended to operate.
For example, a mobile device 1000 may include a communications subsystem 1001 designed to operate with the MobitexTM, Data TACTM or General Packet Radio Service (GPRS) mobile data communications networks, and also designed to operate with any of a variety of voice communications networks, such as AMPS, TDMA, CDMA, PCS, GSM, etc.
Other types of data and voice networks, both separate and integrated, may also be utilized with the mobile device 1000.
Network access requirements vary depending upon the type of communication system. For example, in the Mobitex and DataTAC networks, mobile devices are registered on the network using a unique personal identification number or PIN
associated with each device. In GPRS networks, however, network access is associated with a subscriber or user of a device. A GPRS device therefore requires a subscriber identity module, commonly referred to as a SIM card, in order to operate on a GPRS
network.
When required network registration or activation procedures have been completed, the mobile device 1000 may send and receive communications signals over the communication network 1401. Signals received from the communications network by the antenna 1540 are routed to the receiver 1500, which provides for signal amplification, frequency down conversion, filtering, channel selection, etc., and may also provide analog to digital conversion. Analog-to-digital conversion of the received signal allows the DSP 1580 to perform more complex communications functions, such as demodulation and decoding. In a similar manner, signals to be transmitted to the network 1401 are processed (e.g. modulated and encoded) by the DSP 1580 and are then provided to the transmitter 1520 for digital to analog conversion, frequency up conversion, filtering, amplification and transmission to the communication network 1401 (or networks) via the antenna 1560.
In addition to processing communications signals, the DSP 1580 provides for control of the receiver 1500 and the transmitter 1520. For example, gains applied to communications signals in the receiver 1500 and transmitter 1520 may be adaptively controlled through automatic gain control algorithms implemented in the DSP
1580.
In a data communications mode, a received signal, such as a text message or web page download, is processed by the communications subsystem 1001 and is input to the processing device 1800. The received signal is then further processed by the processing device 1800 for an output to the display 1600, or alternatively to some other auxiliary I/O
device 1060. A device user may also compose data items, such as e-mail messages, using the keyboard 1400 and/or some other auxiliary I/O device 1060, such as a touchpad, a rocker switch, a thumb-wheel, or some other type of input device. The composed data items may then be transmitted over the communications network 1401 via the communications subsystem 1001.
In a voice communications mode, overall operation of the device is substantially similar to the data communications mode, except that received signals are output to a speaker 1100, and signals for transmission are generated by a microphone 1120.
Alternative voice or audio I/O subsystems, such as a voice message recording subsystem, may also be implemented on the device 1000. In addition, the display 1600 may also be utilized in voice communications mode, for example to display the identity of a calling party, the duration of a voice call, or other voice call related information.
The short-range communications subsystem enables communication between the mobile device 1000 and other proximate systems or devices, which need not necessarily be similar devices. For example, the short-range communications subsystem may include an infrared device and associated circuits and components, or a BluetoothTM
communications module to provide for communication with similarly-enabled systems and devices.
It is evident that the present claimed invention is advantageous and overcomes the prior art proposals that are designed to wrap SSL security around a fixed network location.
The present invention is specifically able to have the network destination specified at run time because it has no limitation as to which network hosts it can communicate. The present invention is suitable when the client is operable only to transmit unencrypted data, and cannot use SSL protocol. A secure network connection can now be established for SSL protocol communication.
Many modifications and other embodiments of the invention will come to the mind of one skilled in the art having the benefit of the teachings presented in the foregoing descriptions and the associated drawings. Therefore, it is understood that the invention is not to be limited to the specific embodiments disclosed, and that modifications and embodiments are intended to be included within the scope of the appended claims.
Claims (46)
1. A system for initiating a secure network connection comprising:
a client operable for transmitting only unencrypted data;
a network server operable to receive data from the client and operable to communicate in a secure manner; and a proxy connected to the client and operable for receiving unencrypted data from the client and encrypting the data using secure sockets layer (SSL) protocol and forwarding the encrypted data to the network server on a designated port number based on a destination host name and port number provided by the client to the proxy.
a client operable for transmitting only unencrypted data;
a network server operable to receive data from the client and operable to communicate in a secure manner; and a proxy connected to the client and operable for receiving unencrypted data from the client and encrypting the data using secure sockets layer (SSL) protocol and forwarding the encrypted data to the network server on a designated port number based on a destination host name and port number provided by the client to the proxy.
2. A system according to Claim 1, wherein said SSL protocol comprises a transport layer security (TLS) protocol.
3. A system according to Claim 1, wherein said data transmitted from said client comprises unencrypted text data.
4. A system according to Claim 1, wherein said proxy comprises a proxy server.
5. A system according to Claim 1, wherein said proxy is operative for establishing a transport control protocol (TCP) end-to-end connection between said client and said network server.
6. A system according to Claim 1, wherein said network server comprises one of a POP, IMAP or web server.
7. A system according to Claim 1, wherein said proxy is operative for closing its connection with one of the server or client after one of the server or client closes its connection.
8. A system according to Claim 1, wherein said client comprises a mobile device.
9. A system for initiating a secure network connection between a client and network host comprising:
a client operable for transmitting only unencrypted data to a designated network host through a designated internet protocol (IP) port number of the network host; and a proxy connected to the client and operable for receiving from the client the unencrypted data, a destination host name for the network host, and internet protocol (IP) port number, and encrypting the data using secure sockets layer (SSL) protocol and forwarding the encrypted data to the network host on a designated port number based on a destination host name and port number provided by the client to the proxy.
a client operable for transmitting only unencrypted data to a designated network host through a designated internet protocol (IP) port number of the network host; and a proxy connected to the client and operable for receiving from the client the unencrypted data, a destination host name for the network host, and internet protocol (IP) port number, and encrypting the data using secure sockets layer (SSL) protocol and forwarding the encrypted data to the network host on a designated port number based on a destination host name and port number provided by the client to the proxy.
10. A system according to Claim 9, and further comprising a network server operative as the network host.
11. A system according to Claim 10, wherein said network server comprises one of a POP, IMAP or web server.
12. A system according to Claim 9, wherein said SSL protocol comprises a transport layer security (TLS) protocol.
13. A system according to Claim 9, wherein said data transmitted from said client comprises unencrypted text data.
14. A system according to Claim 9, wherein said proxy comprises a proxy server.
15. A system according to Claim 9, wherein said proxy is operative for establishing a transport control protocol (TCP) end-to-end connection between said client and a network host.
16. A system according to Claim 9, wherein said proxy is operative for decrypting encrypted data received from a network.
17. A system according to Claim 9, wherein said proxy is operative for closing its connection with one of the server or client after one of the server or client closes its connection.
18. A system according to Claim 9, wherein said client comprises a mobile device.
19. A system for initiating a secure network connection between a client and network host comprising:
a client operable for transmitting only unencrypted data to a designated network host through a designated internet protocol (IP) port number of the network host; and a proxy connected to the client and operable for receiving from the client the unencrypted data, a destination host name for the network host, and internet protocol (EP) port number and encrypting the data using secure sockets layer (SSL) protocol, and forwarding the encrypted data to the network host on a designated port number based on a destination host name and port number provided by the client to the proxy, said proxy also operative for receiving encrypted data from the network host and decrypting the data for transmission to the client.
a client operable for transmitting only unencrypted data to a designated network host through a designated internet protocol (IP) port number of the network host; and a proxy connected to the client and operable for receiving from the client the unencrypted data, a destination host name for the network host, and internet protocol (EP) port number and encrypting the data using secure sockets layer (SSL) protocol, and forwarding the encrypted data to the network host on a designated port number based on a destination host name and port number provided by the client to the proxy, said proxy also operative for receiving encrypted data from the network host and decrypting the data for transmission to the client.
20. A system according to Claim 19, and further comprising a network server operative as the network host.
21. A system according to Claim 20, wherein said network server comprises one of a POP, IMAP or web server.
22. A system according to Claim 19, wherein said SSL protocol comprises a transport layer security (TLS) protocol.
23. A system according to Claim 19, wherein said data transmitted from said client comprises unencrypted text data.
24. A system according to Claim 19, wherein said proxy comprises a proxy server.
25. A system according to Claim 19, wherein said proxy is operative for establishing a transport control protocol (TCP) end-to-end connection between said client and said network host.
26. A system according to Claim 19, wherein said proxy is operative for closing its connection with one of the server or client after one of the server or client closes its connection.
27. A system according to Claim 19, wherein said client comprises a mobile device.
28. A method for initiating a secure network connection comprising the steps of:
receiving at a proxy connected to a client unsecured data from the client wherein the client is operable for transmitting only unencrypted data; and initiating a secure connection from the proxy to a designed network host using secure sockets layer (SSL) protocol and forwarding the encrypted data to the network host on a designated port number based on a destination host name and port number provided by the client to the proxy.
receiving at a proxy connected to a client unsecured data from the client wherein the client is operable for transmitting only unencrypted data; and initiating a secure connection from the proxy to a designed network host using secure sockets layer (SSL) protocol and forwarding the encrypted data to the network host on a designated port number based on a destination host name and port number provided by the client to the proxy.
29. A method according to Claim 28, wherein said client comprises a mobile device.
30. A method according to Claim 28, and further comprising the step of initiating a secure connection from the proxy to a network server as the network host.
31. A method according to Claim 28, and further comprising the step of opening a transmit control protocol (TCP) connection from the client to the proxy.
32. A method according to Claim 28, and further comprising the step of transmitting unencrypted text data to the proxy and encrypting the text data using SSL
protocol.
protocol.
33. A method according to Claim 28, wherein said predetermined network location comprises one of a POP, IMAP or web server.
34. A method according to Claim 28, wherein said unsecured data received at the proxy comprises plaintext data.
35. A method for initiating a secure network connection comprising the steps of:
receiving at a proxy from a client that can transmit only unencrypted data as unsecured data, a destination host name location for a desired network host server, and a designated internet protocol (IP) port number for communication therewith; and initiating a secure connection from the proxy to the desired network host using secure sockets layer (SSL) protocol via the designated port number and forwarding encrypted data to a network server on a designated port number based on a destination host name and port number provided by the client to the proxy.
receiving at a proxy from a client that can transmit only unencrypted data as unsecured data, a destination host name location for a desired network host server, and a designated internet protocol (IP) port number for communication therewith; and initiating a secure connection from the proxy to the desired network host using secure sockets layer (SSL) protocol via the designated port number and forwarding encrypted data to a network server on a designated port number based on a destination host name and port number provided by the client to the proxy.
36. A method according to Claim 35, wherein said client comprises a mobile device.
37. A method according to Claim 36, and further comprising the step of opening a transmit control protocol (TCP) connection from the client to the proxy.
38. A method according to Claim 36, and further comprising the step of transmitting unencrypted text data to the proxy and encrypting the text data using SSL
protocol.
protocol.
39. A method according to Claim 36, wherein said predetermined network host comprises one of a POP, IMAP or web server.
40. A method according to Claim 36, wherein said unsecured data received at the proxy comprises plaintext data.
41. A method for initiating a secure network connection comprising the steps of:
receiving at a proxy unsecured data from a client that is operable for transmitting only unencrypted data;
initiating a secure connection from the proxy to a network host using secure sockets layer (SSL) protocol on a designated port number based on a destination host name and port number provided by the client to the proxy;
receiving at the proxy secure data in a SSL protocol from the network host;
decrypting the secure data at the proxy; and transmitting the decrypted data from the proxy to the client based on a destination host name and port number provided by the client to the proxy.
receiving at a proxy unsecured data from a client that is operable for transmitting only unencrypted data;
initiating a secure connection from the proxy to a network host using secure sockets layer (SSL) protocol on a designated port number based on a destination host name and port number provided by the client to the proxy;
receiving at the proxy secure data in a SSL protocol from the network host;
decrypting the secure data at the proxy; and transmitting the decrypted data from the proxy to the client based on a destination host name and port number provided by the client to the proxy.
42. A method according to Claim 41, wherein said client comprises a mobile device.
43. A method according to Claim 41, and further comprising the step of opening a transmit control protocol (TCP) connection from the client to the proxy.
44. A method according to Claim 41, and further comprising the step of transmitting unencrypted text data to the proxy and encrypting the text data using SSL
protocol.
protocol.
45. A method according to Claim 41, wherein said network host comprises one of a POP, IMAP or web server.
46. A method according to Claim 41, wherein said unsecured data received at the proxy comprises plaintext data.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CA2467988A CA2467988C (en) | 2004-05-21 | 2004-05-21 | System and method for initiating secure network connection from a client to a network host |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CA2467988A CA2467988C (en) | 2004-05-21 | 2004-05-21 | System and method for initiating secure network connection from a client to a network host |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CA2467988A1 CA2467988A1 (en) | 2005-11-21 |
| CA2467988C true CA2467988C (en) | 2010-11-30 |
Family
ID=35453726
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CA2467988A Active CA2467988C (en) | 2004-05-21 | 2004-05-21 | System and method for initiating secure network connection from a client to a network host |
Country Status (1)
| Country | Link |
|---|---|
| CA (1) | CA2467988C (en) |
Cited By (160)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9312919B1 (en) | 2014-10-21 | 2016-04-12 | At&T Intellectual Property I, Lp | Transmission device with impairment compensation and methods for use therewith |
| US9461706B1 (en) | 2015-07-31 | 2016-10-04 | At&T Intellectual Property I, Lp | Method and apparatus for exchanging communication signals |
| US9467870B2 (en) | 2013-11-06 | 2016-10-11 | At&T Intellectual Property I, L.P. | Surface-wave communications and methods thereof |
| US9479266B2 (en) | 2013-12-10 | 2016-10-25 | At&T Intellectual Property I, L.P. | Quasi-optical coupler |
| US9490869B1 (en) | 2015-05-14 | 2016-11-08 | At&T Intellectual Property I, L.P. | Transmission medium having multiple cores and methods for use therewith |
| US9503189B2 (en) | 2014-10-10 | 2016-11-22 | At&T Intellectual Property I, L.P. | Method and apparatus for arranging communication sessions in a communication system |
| US9509415B1 (en) | 2015-06-25 | 2016-11-29 | At&T Intellectual Property I, L.P. | Methods and apparatus for inducing a fundamental wave mode on a transmission medium |
| US9520945B2 (en) | 2014-10-21 | 2016-12-13 | At&T Intellectual Property I, L.P. | Apparatus for providing communication services and methods thereof |
| US9525524B2 (en) | 2013-05-31 | 2016-12-20 | At&T Intellectual Property I, L.P. | Remote distributed antenna system |
| US9525210B2 (en) | 2014-10-21 | 2016-12-20 | At&T Intellectual Property I, L.P. | Guided-wave transmission device with non-fundamental mode propagation and methods for use therewith |
| US9531427B2 (en) | 2014-11-20 | 2016-12-27 | At&T Intellectual Property I, L.P. | Transmission device with mode division multiplexing and methods for use therewith |
| US9564947B2 (en) | 2014-10-21 | 2017-02-07 | At&T Intellectual Property I, L.P. | Guided-wave transmission device with diversity and methods for use therewith |
| US9577307B2 (en) | 2014-10-21 | 2017-02-21 | At&T Intellectual Property I, L.P. | Guided-wave transmission device and methods for use therewith |
| US9608692B2 (en) | 2015-06-11 | 2017-03-28 | At&T Intellectual Property I, L.P. | Repeater and methods for use therewith |
| US9608740B2 (en) | 2015-07-15 | 2017-03-28 | At&T Intellectual Property I, L.P. | Method and apparatus for launching a wave mode that mitigates interference |
| US9615269B2 (en) | 2014-10-02 | 2017-04-04 | At&T Intellectual Property I, L.P. | Method and apparatus that provides fault tolerance in a communication network |
| US9628116B2 (en) | 2015-07-14 | 2017-04-18 | At&T Intellectual Property I, L.P. | Apparatus and methods for transmitting wireless signals |
| US9628854B2 (en) | 2014-09-29 | 2017-04-18 | At&T Intellectual Property I, L.P. | Method and apparatus for distributing content in a communication network |
| US9640850B2 (en) | 2015-06-25 | 2017-05-02 | At&T Intellectual Property I, L.P. | Methods and apparatus for inducing a non-fundamental wave mode on a transmission medium |
| US9653770B2 (en) | 2014-10-21 | 2017-05-16 | At&T Intellectual Property I, L.P. | Guided wave coupler, coupling module and methods for use therewith |
| US9654173B2 (en) | 2014-11-20 | 2017-05-16 | At&T Intellectual Property I, L.P. | Apparatus for powering a communication device and methods thereof |
| US9667317B2 (en) | 2015-06-15 | 2017-05-30 | At&T Intellectual Property I, L.P. | Method and apparatus for providing security using network traffic adjustments |
| US9680670B2 (en) | 2014-11-20 | 2017-06-13 | At&T Intellectual Property I, L.P. | Transmission device with channel equalization and control and methods for use therewith |
| US9685992B2 (en) | 2014-10-03 | 2017-06-20 | At&T Intellectual Property I, L.P. | Circuit panel network and methods thereof |
| US9692101B2 (en) | 2014-08-26 | 2017-06-27 | At&T Intellectual Property I, L.P. | Guided wave couplers for coupling electromagnetic waves between a waveguide surface and a surface of a wire |
| US9699785B2 (en) | 2012-12-05 | 2017-07-04 | At&T Intellectual Property I, L.P. | Backhaul link for distributed antenna system |
| US9705561B2 (en) | 2015-04-24 | 2017-07-11 | At&T Intellectual Property I, L.P. | Directional coupling device and methods for use therewith |
| US9705571B2 (en) | 2015-09-16 | 2017-07-11 | At&T Intellectual Property I, L.P. | Method and apparatus for use with a radio distributed antenna system |
| US9722318B2 (en) | 2015-07-14 | 2017-08-01 | At&T Intellectual Property I, L.P. | Method and apparatus for coupling an antenna to a device |
| US9729197B2 (en) | 2015-10-01 | 2017-08-08 | At&T Intellectual Property I, L.P. | Method and apparatus for communicating network management traffic over a network |
| US9735833B2 (en) | 2015-07-31 | 2017-08-15 | At&T Intellectual Property I, L.P. | Method and apparatus for communications management in a neighborhood network |
| US9742462B2 (en) | 2014-12-04 | 2017-08-22 | At&T Intellectual Property I, L.P. | Transmission medium and communication interfaces and methods for use therewith |
| US9748626B2 (en) | 2015-05-14 | 2017-08-29 | At&T Intellectual Property I, L.P. | Plurality of cables having different cross-sectional shapes which are bundled together to form a transmission medium |
| US9749013B2 (en) | 2015-03-17 | 2017-08-29 | At&T Intellectual Property I, L.P. | Method and apparatus for reducing attenuation of electromagnetic waves guided by a transmission medium |
| US9749053B2 (en) | 2015-07-23 | 2017-08-29 | At&T Intellectual Property I, L.P. | Node device, repeater and methods for use therewith |
| US9755697B2 (en) | 2014-09-15 | 2017-09-05 | At&T Intellectual Property I, L.P. | Method and apparatus for sensing a condition in a transmission medium of electromagnetic waves |
| US9762289B2 (en) | 2014-10-14 | 2017-09-12 | At&T Intellectual Property I, L.P. | Method and apparatus for transmitting or receiving signals in a transportation system |
| US9769020B2 (en) | 2014-10-21 | 2017-09-19 | At&T Intellectual Property I, L.P. | Method and apparatus for responding to events affecting communications in a communication network |
| US9769128B2 (en) | 2015-09-28 | 2017-09-19 | At&T Intellectual Property I, L.P. | Method and apparatus for encryption of communications over a network |
| US9780834B2 (en) | 2014-10-21 | 2017-10-03 | At&T Intellectual Property I, L.P. | Method and apparatus for transmitting electromagnetic waves |
| US9793951B2 (en) | 2015-07-15 | 2017-10-17 | At&T Intellectual Property I, L.P. | Method and apparatus for launching a wave mode that mitigates interference |
| US9793955B2 (en) | 2015-04-24 | 2017-10-17 | At&T Intellectual Property I, Lp | Passive electrical coupling device and methods for use therewith |
| US9793954B2 (en) | 2015-04-28 | 2017-10-17 | At&T Intellectual Property I, L.P. | Magnetic coupling device and methods for use therewith |
| US9800327B2 (en) | 2014-11-20 | 2017-10-24 | At&T Intellectual Property I, L.P. | Apparatus for controlling operations of a communication device and methods thereof |
| US9820146B2 (en) | 2015-06-12 | 2017-11-14 | At&T Intellectual Property I, L.P. | Method and apparatus for authentication and identity management of communicating devices |
| US9836957B2 (en) | 2015-07-14 | 2017-12-05 | At&T Intellectual Property I, L.P. | Method and apparatus for communicating with premises equipment |
| US9838896B1 (en) | 2016-12-09 | 2017-12-05 | At&T Intellectual Property I, L.P. | Method and apparatus for assessing network coverage |
| US9847566B2 (en) | 2015-07-14 | 2017-12-19 | At&T Intellectual Property I, L.P. | Method and apparatus for adjusting a field of a signal to mitigate interference |
| US9847850B2 (en) | 2014-10-14 | 2017-12-19 | At&T Intellectual Property I, L.P. | Method and apparatus for adjusting a mode of communication in a communication network |
| US9853342B2 (en) | 2015-07-14 | 2017-12-26 | At&T Intellectual Property I, L.P. | Dielectric transmission medium connector and methods for use therewith |
| US9860075B1 (en) | 2016-08-26 | 2018-01-02 | At&T Intellectual Property I, L.P. | Method and communication node for broadband distribution |
| US9866309B2 (en) | 2015-06-03 | 2018-01-09 | At&T Intellectual Property I, Lp | Host node device and methods for use therewith |
| US9865911B2 (en) | 2015-06-25 | 2018-01-09 | At&T Intellectual Property I, L.P. | Waveguide system for slot radiating first electromagnetic waves that are combined into a non-fundamental wave mode second electromagnetic wave on a transmission medium |
| US9871283B2 (en) | 2015-07-23 | 2018-01-16 | At&T Intellectual Property I, Lp | Transmission medium having a dielectric core comprised of plural members connected by a ball and socket configuration |
| US9871282B2 (en) | 2015-05-14 | 2018-01-16 | At&T Intellectual Property I, L.P. | At least one transmission medium having a dielectric surface that is covered at least in part by a second dielectric |
| US9876264B2 (en) | 2015-10-02 | 2018-01-23 | At&T Intellectual Property I, Lp | Communication system, guided wave switch and methods for use therewith |
| US9876605B1 (en) | 2016-10-21 | 2018-01-23 | At&T Intellectual Property I, L.P. | Launcher and coupling system to support desired guided wave mode |
| US9876570B2 (en) | 2015-02-20 | 2018-01-23 | At&T Intellectual Property I, Lp | Guided-wave transmission device with non-fundamental mode propagation and methods for use therewith |
| US9882257B2 (en) | 2015-07-14 | 2018-01-30 | At&T Intellectual Property I, L.P. | Method and apparatus for launching a wave mode that mitigates interference |
| US9882277B2 (en) | 2015-10-02 | 2018-01-30 | At&T Intellectual Property I, Lp | Communication device and antenna assembly with actuated gimbal mount |
| US9893795B1 (en) | 2016-12-07 | 2018-02-13 | At&T Intellectual Property I, Lp | Method and repeater for broadband distribution |
| US9904535B2 (en) | 2015-09-14 | 2018-02-27 | At&T Intellectual Property I, L.P. | Method and apparatus for distributing software |
| US9906269B2 (en) | 2014-09-17 | 2018-02-27 | At&T Intellectual Property I, L.P. | Monitoring and mitigating conditions in a communication network |
| US9912381B2 (en) | 2015-06-03 | 2018-03-06 | At&T Intellectual Property I, Lp | Network termination and methods for use therewith |
| US9912027B2 (en) | 2015-07-23 | 2018-03-06 | At&T Intellectual Property I, L.P. | Method and apparatus for exchanging communication signals |
| US9913139B2 (en) | 2015-06-09 | 2018-03-06 | At&T Intellectual Property I, L.P. | Signal fingerprinting for authentication of communicating devices |
| US9911020B1 (en) | 2016-12-08 | 2018-03-06 | At&T Intellectual Property I, L.P. | Method and apparatus for tracking via a radio frequency identification device |
| US9912419B1 (en) | 2016-08-24 | 2018-03-06 | At&T Intellectual Property I, L.P. | Method and apparatus for managing a fault in a distributed antenna system |
| US9917341B2 (en) | 2015-05-27 | 2018-03-13 | At&T Intellectual Property I, L.P. | Apparatus and method for launching electromagnetic waves and for modifying radial dimensions of the propagating electromagnetic waves |
| US9927517B1 (en) | 2016-12-06 | 2018-03-27 | At&T Intellectual Property I, L.P. | Apparatus and methods for sensing rainfall |
| US9948354B2 (en) | 2015-04-28 | 2018-04-17 | At&T Intellectual Property I, L.P. | Magnetic coupling device with reflective plate and methods for use therewith |
| US9948333B2 (en) | 2015-07-23 | 2018-04-17 | At&T Intellectual Property I, L.P. | Method and apparatus for wireless communications to mitigate interference |
| US9954287B2 (en) | 2014-11-20 | 2018-04-24 | At&T Intellectual Property I, L.P. | Apparatus for converting wireless signals and electromagnetic waves and methods thereof |
| US9967173B2 (en) | 2015-07-31 | 2018-05-08 | At&T Intellectual Property I, L.P. | Method and apparatus for authentication and identity management of communicating devices |
| US9973940B1 (en) | 2017-02-27 | 2018-05-15 | At&T Intellectual Property I, L.P. | Apparatus and methods for dynamic impedance matching of a guided wave launcher |
| US9991580B2 (en) | 2016-10-21 | 2018-06-05 | At&T Intellectual Property I, L.P. | Launcher and coupling system for guided wave mode cancellation |
| US9997819B2 (en) | 2015-06-09 | 2018-06-12 | At&T Intellectual Property I, L.P. | Transmission medium and method for facilitating propagation of electromagnetic waves via a core |
| US9998870B1 (en) | 2016-12-08 | 2018-06-12 | At&T Intellectual Property I, L.P. | Method and apparatus for proximity sensing |
| US9999038B2 (en) | 2013-05-31 | 2018-06-12 | At&T Intellectual Property I, L.P. | Remote distributed antenna system |
| US10009063B2 (en) | 2015-09-16 | 2018-06-26 | At&T Intellectual Property I, L.P. | Method and apparatus for use with a radio distributed antenna system having an out-of-band reference signal |
| US10009901B2 (en) | 2015-09-16 | 2018-06-26 | At&T Intellectual Property I, L.P. | Method, apparatus, and computer-readable storage medium for managing utilization of wireless resources between base stations |
| US10009065B2 (en) | 2012-12-05 | 2018-06-26 | At&T Intellectual Property I, L.P. | Backhaul link for distributed antenna system |
| US10009067B2 (en) | 2014-12-04 | 2018-06-26 | At&T Intellectual Property I, L.P. | Method and apparatus for configuring a communication interface |
| US10020844B2 (en) | 2016-12-06 | 2018-07-10 | T&T Intellectual Property I, L.P. | Method and apparatus for broadcast communication via guided waves |
| US10020587B2 (en) | 2015-07-31 | 2018-07-10 | At&T Intellectual Property I, L.P. | Radial antenna and methods for use therewith |
| US10027397B2 (en) | 2016-12-07 | 2018-07-17 | At&T Intellectual Property I, L.P. | Distributed antenna system and methods for use therewith |
| US10033108B2 (en) | 2015-07-14 | 2018-07-24 | At&T Intellectual Property I, L.P. | Apparatus and methods for generating an electromagnetic wave having a wave mode that mitigates interference |
| US10033107B2 (en) | 2015-07-14 | 2018-07-24 | At&T Intellectual Property I, L.P. | Method and apparatus for coupling an antenna to a device |
| US10044409B2 (en) | 2015-07-14 | 2018-08-07 | At&T Intellectual Property I, L.P. | Transmission medium and methods for use therewith |
| US10051483B2 (en) | 2015-10-16 | 2018-08-14 | At&T Intellectual Property I, L.P. | Method and apparatus for directing wireless signals |
| US10051629B2 (en) | 2015-09-16 | 2018-08-14 | At&T Intellectual Property I, L.P. | Method and apparatus for use with a radio distributed antenna system having an in-band reference signal |
| US10069535B2 (en) | 2016-12-08 | 2018-09-04 | At&T Intellectual Property I, L.P. | Apparatus and methods for launching electromagnetic waves having a certain electric field structure |
| US10074890B2 (en) | 2015-10-02 | 2018-09-11 | At&T Intellectual Property I, L.P. | Communication device and antenna with integrated light assembly |
| US10079661B2 (en) | 2015-09-16 | 2018-09-18 | At&T Intellectual Property I, L.P. | Method and apparatus for use with a radio distributed antenna system having a clock reference |
| US10090606B2 (en) | 2015-07-15 | 2018-10-02 | At&T Intellectual Property I, L.P. | Antenna system with dielectric array and methods for use therewith |
| US10090594B2 (en) | 2016-11-23 | 2018-10-02 | At&T Intellectual Property I, L.P. | Antenna system having structural configurations for assembly |
| US10103422B2 (en) | 2016-12-08 | 2018-10-16 | At&T Intellectual Property I, L.P. | Method and apparatus for mounting network devices |
| US10103801B2 (en) | 2015-06-03 | 2018-10-16 | At&T Intellectual Property I, L.P. | Host node device and methods for use therewith |
| US10136434B2 (en) | 2015-09-16 | 2018-11-20 | At&T Intellectual Property I, L.P. | Method and apparatus for use with a radio distributed antenna system having an ultra-wideband control channel |
| US10135147B2 (en) | 2016-10-18 | 2018-11-20 | At&T Intellectual Property I, L.P. | Apparatus and methods for launching guided waves via an antenna |
| US10135146B2 (en) | 2016-10-18 | 2018-11-20 | At&T Intellectual Property I, L.P. | Apparatus and methods for launching guided waves via circuits |
| US10135145B2 (en) | 2016-12-06 | 2018-11-20 | At&T Intellectual Property I, L.P. | Apparatus and methods for generating an electromagnetic wave along a transmission medium |
| US10142086B2 (en) | 2015-06-11 | 2018-11-27 | At&T Intellectual Property I, L.P. | Repeater and methods for use therewith |
| US10139820B2 (en) | 2016-12-07 | 2018-11-27 | At&T Intellectual Property I, L.P. | Method and apparatus for deploying equipment of a communication system |
| US10144036B2 (en) | 2015-01-30 | 2018-12-04 | At&T Intellectual Property I, L.P. | Method and apparatus for mitigating interference affecting a propagation of electromagnetic waves guided by a transmission medium |
| US10148016B2 (en) | 2015-07-14 | 2018-12-04 | At&T Intellectual Property I, L.P. | Apparatus and methods for communicating utilizing an antenna array |
| US10154493B2 (en) | 2015-06-03 | 2018-12-11 | At&T Intellectual Property I, L.P. | Network termination and methods for use therewith |
| US10170840B2 (en) | 2015-07-14 | 2019-01-01 | At&T Intellectual Property I, L.P. | Apparatus and methods for sending or receiving electromagnetic signals |
| US10168695B2 (en) | 2016-12-07 | 2019-01-01 | At&T Intellectual Property I, L.P. | Method and apparatus for controlling an unmanned aircraft |
| US10178445B2 (en) | 2016-11-23 | 2019-01-08 | At&T Intellectual Property I, L.P. | Methods, devices, and systems for load balancing between a plurality of waveguides |
| US10205655B2 (en) | 2015-07-14 | 2019-02-12 | At&T Intellectual Property I, L.P. | Apparatus and methods for communicating utilizing an antenna array and multiple communication paths |
| US10224634B2 (en) | 2016-11-03 | 2019-03-05 | At&T Intellectual Property I, L.P. | Methods and apparatus for adjusting an operational characteristic of an antenna |
| US10225025B2 (en) | 2016-11-03 | 2019-03-05 | At&T Intellectual Property I, L.P. | Method and apparatus for detecting a fault in a communication system |
| US10243270B2 (en) | 2016-12-07 | 2019-03-26 | At&T Intellectual Property I, L.P. | Beam adaptive multi-feed dielectric antenna system and methods for use therewith |
| US10243784B2 (en) | 2014-11-20 | 2019-03-26 | At&T Intellectual Property I, L.P. | System for generating topology information and methods thereof |
| US10264586B2 (en) | 2016-12-09 | 2019-04-16 | At&T Mobility Ii Llc | Cloud-based packet controller and methods for use therewith |
| US10291311B2 (en) | 2016-09-09 | 2019-05-14 | At&T Intellectual Property I, L.P. | Method and apparatus for mitigating a fault in a distributed antenna system |
| US10291334B2 (en) | 2016-11-03 | 2019-05-14 | At&T Intellectual Property I, L.P. | System for detecting a fault in a communication system |
| US10298293B2 (en) | 2017-03-13 | 2019-05-21 | At&T Intellectual Property I, L.P. | Apparatus of communication utilizing wireless network devices |
| US10312567B2 (en) | 2016-10-26 | 2019-06-04 | At&T Intellectual Property I, L.P. | Launcher with planar strip antenna and methods for use therewith |
| US10320586B2 (en) | 2015-07-14 | 2019-06-11 | At&T Intellectual Property I, L.P. | Apparatus and methods for generating non-interfering electromagnetic waves on an insulated transmission medium |
| US10326494B2 (en) | 2016-12-06 | 2019-06-18 | At&T Intellectual Property I, L.P. | Apparatus for measurement de-embedding and methods for use therewith |
| US10326689B2 (en) | 2016-12-08 | 2019-06-18 | At&T Intellectual Property I, L.P. | Method and system for providing alternative communication paths |
| US10340603B2 (en) | 2016-11-23 | 2019-07-02 | At&T Intellectual Property I, L.P. | Antenna system having shielded structural configurations for assembly |
| US10340573B2 (en) | 2016-10-26 | 2019-07-02 | At&T Intellectual Property I, L.P. | Launcher with cylindrical coupling device and methods for use therewith |
| US10340600B2 (en) | 2016-10-18 | 2019-07-02 | At&T Intellectual Property I, L.P. | Apparatus and methods for launching guided waves via plural waveguide systems |
| US10341142B2 (en) | 2015-07-14 | 2019-07-02 | At&T Intellectual Property I, L.P. | Apparatus and methods for generating non-interfering electromagnetic waves on an uninsulated conductor |
| US10340983B2 (en) | 2016-12-09 | 2019-07-02 | At&T Intellectual Property I, L.P. | Method and apparatus for surveying remote sites via guided wave communications |
| US10340601B2 (en) | 2016-11-23 | 2019-07-02 | At&T Intellectual Property I, L.P. | Multi-antenna system and methods for use therewith |
| US10348391B2 (en) | 2015-06-03 | 2019-07-09 | At&T Intellectual Property I, L.P. | Client node device with frequency conversion and methods for use therewith |
| US10355367B2 (en) | 2015-10-16 | 2019-07-16 | At&T Intellectual Property I, L.P. | Antenna structure for exchanging wireless signals |
| US10359749B2 (en) | 2016-12-07 | 2019-07-23 | At&T Intellectual Property I, L.P. | Method and apparatus for utilities management via guided wave communication |
| US10361489B2 (en) | 2016-12-01 | 2019-07-23 | At&T Intellectual Property I, L.P. | Dielectric dish antenna system and methods for use therewith |
| US10374316B2 (en) | 2016-10-21 | 2019-08-06 | At&T Intellectual Property I, L.P. | System and dielectric antenna with non-uniform dielectric |
| US10382976B2 (en) | 2016-12-06 | 2019-08-13 | At&T Intellectual Property I, L.P. | Method and apparatus for managing wireless communications based on communication paths and network device positions |
| US10389029B2 (en) | 2016-12-07 | 2019-08-20 | At&T Intellectual Property I, L.P. | Multi-feed dielectric antenna system with core selection and methods for use therewith |
| US10389037B2 (en) | 2016-12-08 | 2019-08-20 | At&T Intellectual Property I, L.P. | Apparatus and methods for selecting sections of an antenna array and use therewith |
| US10396887B2 (en) | 2015-06-03 | 2019-08-27 | At&T Intellectual Property I, L.P. | Client node device and methods for use therewith |
| US10411356B2 (en) | 2016-12-08 | 2019-09-10 | At&T Intellectual Property I, L.P. | Apparatus and methods for selectively targeting communication devices with an antenna array |
| US10439675B2 (en) | 2016-12-06 | 2019-10-08 | At&T Intellectual Property I, L.P. | Method and apparatus for repeating guided wave communication signals |
| US10446936B2 (en) | 2016-12-07 | 2019-10-15 | At&T Intellectual Property I, L.P. | Multi-feed dielectric antenna system and methods for use therewith |
| US10498044B2 (en) | 2016-11-03 | 2019-12-03 | At&T Intellectual Property I, L.P. | Apparatus for configuring a surface of an antenna |
| US10530505B2 (en) | 2016-12-08 | 2020-01-07 | At&T Intellectual Property I, L.P. | Apparatus and methods for launching electromagnetic waves along a transmission medium |
| US10535928B2 (en) | 2016-11-23 | 2020-01-14 | At&T Intellectual Property I, L.P. | Antenna system and methods for use therewith |
| US10547348B2 (en) | 2016-12-07 | 2020-01-28 | At&T Intellectual Property I, L.P. | Method and apparatus for switching transmission mediums in a communication system |
| US10601494B2 (en) | 2016-12-08 | 2020-03-24 | At&T Intellectual Property I, L.P. | Dual-band communication device and method for use therewith |
| US10637149B2 (en) | 2016-12-06 | 2020-04-28 | At&T Intellectual Property I, L.P. | Injection molded dielectric antenna and methods for use therewith |
| US10650940B2 (en) | 2015-05-15 | 2020-05-12 | At&T Intellectual Property I, L.P. | Transmission medium having a conductive material and methods for use therewith |
| US10665942B2 (en) | 2015-10-16 | 2020-05-26 | At&T Intellectual Property I, L.P. | Method and apparatus for adjusting wireless communications |
| US10679767B2 (en) | 2015-05-15 | 2020-06-09 | At&T Intellectual Property I, L.P. | Transmission medium having a conductive material and methods for use therewith |
| US10694379B2 (en) | 2016-12-06 | 2020-06-23 | At&T Intellectual Property I, L.P. | Waveguide system with device-based authentication and methods for use therewith |
| US10727599B2 (en) | 2016-12-06 | 2020-07-28 | At&T Intellectual Property I, L.P. | Launcher with slot antenna and methods for use therewith |
| US10755542B2 (en) | 2016-12-06 | 2020-08-25 | At&T Intellectual Property I, L.P. | Method and apparatus for surveillance via guided wave communication |
| US10777873B2 (en) | 2016-12-08 | 2020-09-15 | At&T Intellectual Property I, L.P. | Method and apparatus for mounting network devices |
| US10784670B2 (en) | 2015-07-23 | 2020-09-22 | At&T Intellectual Property I, L.P. | Antenna support for aligning an antenna |
| US10811767B2 (en) | 2016-10-21 | 2020-10-20 | At&T Intellectual Property I, L.P. | System and dielectric antenna with convex dielectric radome |
| US10819035B2 (en) | 2016-12-06 | 2020-10-27 | At&T Intellectual Property I, L.P. | Launcher with helical antenna and methods for use therewith |
| US10916969B2 (en) | 2016-12-08 | 2021-02-09 | At&T Intellectual Property I, L.P. | Method and apparatus for providing power using an inductive coupling |
| US10938108B2 (en) | 2016-12-08 | 2021-03-02 | At&T Intellectual Property I, L.P. | Frequency selective multi-feed dielectric antenna system and methods for use therewith |
| US11032819B2 (en) | 2016-09-15 | 2021-06-08 | At&T Intellectual Property I, L.P. | Method and apparatus for use with a radio distributed antenna system having a control channel reference signal |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| GB2497940B (en) | 2011-12-21 | 2016-02-17 | Eckoh Uk Ltd | Method and apparatus for mediating communications |
| CN110545405B (en) * | 2019-08-28 | 2021-05-28 | 视联动力信息技术股份有限公司 | Video transmission method and system based on video network |
-
2004
- 2004-05-21 CA CA2467988A patent/CA2467988C/en active Active
Cited By (215)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10194437B2 (en) | 2012-12-05 | 2019-01-29 | At&T Intellectual Property I, L.P. | Backhaul link for distributed antenna system |
| US10009065B2 (en) | 2012-12-05 | 2018-06-26 | At&T Intellectual Property I, L.P. | Backhaul link for distributed antenna system |
| US9788326B2 (en) | 2012-12-05 | 2017-10-10 | At&T Intellectual Property I, L.P. | Backhaul link for distributed antenna system |
| US9699785B2 (en) | 2012-12-05 | 2017-07-04 | At&T Intellectual Property I, L.P. | Backhaul link for distributed antenna system |
| US9999038B2 (en) | 2013-05-31 | 2018-06-12 | At&T Intellectual Property I, L.P. | Remote distributed antenna system |
| US10051630B2 (en) | 2013-05-31 | 2018-08-14 | At&T Intellectual Property I, L.P. | Remote distributed antenna system |
| US9930668B2 (en) | 2013-05-31 | 2018-03-27 | At&T Intellectual Property I, L.P. | Remote distributed antenna system |
| US9525524B2 (en) | 2013-05-31 | 2016-12-20 | At&T Intellectual Property I, L.P. | Remote distributed antenna system |
| US10091787B2 (en) | 2013-05-31 | 2018-10-02 | At&T Intellectual Property I, L.P. | Remote distributed antenna system |
| US9661505B2 (en) | 2013-11-06 | 2017-05-23 | At&T Intellectual Property I, L.P. | Surface-wave communications and methods thereof |
| US9674711B2 (en) | 2013-11-06 | 2017-06-06 | At&T Intellectual Property I, L.P. | Surface-wave communications and methods thereof |
| US9467870B2 (en) | 2013-11-06 | 2016-10-11 | At&T Intellectual Property I, L.P. | Surface-wave communications and methods thereof |
| US9794003B2 (en) | 2013-12-10 | 2017-10-17 | At&T Intellectual Property I, L.P. | Quasi-optical coupler |
| US9479266B2 (en) | 2013-12-10 | 2016-10-25 | At&T Intellectual Property I, L.P. | Quasi-optical coupler |
| US9876584B2 (en) | 2013-12-10 | 2018-01-23 | At&T Intellectual Property I, L.P. | Quasi-optical coupler |
| US10096881B2 (en) | 2014-08-26 | 2018-10-09 | At&T Intellectual Property I, L.P. | Guided wave couplers for coupling electromagnetic waves to an outer surface of a transmission medium |
| US9692101B2 (en) | 2014-08-26 | 2017-06-27 | At&T Intellectual Property I, L.P. | Guided wave couplers for coupling electromagnetic waves between a waveguide surface and a surface of a wire |
| US9755697B2 (en) | 2014-09-15 | 2017-09-05 | At&T Intellectual Property I, L.P. | Method and apparatus for sensing a condition in a transmission medium of electromagnetic waves |
| US9768833B2 (en) | 2014-09-15 | 2017-09-19 | At&T Intellectual Property I, L.P. | Method and apparatus for sensing a condition in a transmission medium of electromagnetic waves |
| US9906269B2 (en) | 2014-09-17 | 2018-02-27 | At&T Intellectual Property I, L.P. | Monitoring and mitigating conditions in a communication network |
| US10063280B2 (en) | 2014-09-17 | 2018-08-28 | At&T Intellectual Property I, L.P. | Monitoring and mitigating conditions in a communication network |
| US9628854B2 (en) | 2014-09-29 | 2017-04-18 | At&T Intellectual Property I, L.P. | Method and apparatus for distributing content in a communication network |
| US9998932B2 (en) | 2014-10-02 | 2018-06-12 | At&T Intellectual Property I, L.P. | Method and apparatus that provides fault tolerance in a communication network |
| US9615269B2 (en) | 2014-10-02 | 2017-04-04 | At&T Intellectual Property I, L.P. | Method and apparatus that provides fault tolerance in a communication network |
| US9973416B2 (en) | 2014-10-02 | 2018-05-15 | At&T Intellectual Property I, L.P. | Method and apparatus that provides fault tolerance in a communication network |
| US9685992B2 (en) | 2014-10-03 | 2017-06-20 | At&T Intellectual Property I, L.P. | Circuit panel network and methods thereof |
| US9866276B2 (en) | 2014-10-10 | 2018-01-09 | At&T Intellectual Property I, L.P. | Method and apparatus for arranging communication sessions in a communication system |
| US9503189B2 (en) | 2014-10-10 | 2016-11-22 | At&T Intellectual Property I, L.P. | Method and apparatus for arranging communication sessions in a communication system |
| US9847850B2 (en) | 2014-10-14 | 2017-12-19 | At&T Intellectual Property I, L.P. | Method and apparatus for adjusting a mode of communication in a communication network |
| US9973299B2 (en) | 2014-10-14 | 2018-05-15 | At&T Intellectual Property I, L.P. | Method and apparatus for adjusting a mode of communication in a communication network |
| US9762289B2 (en) | 2014-10-14 | 2017-09-12 | At&T Intellectual Property I, L.P. | Method and apparatus for transmitting or receiving signals in a transportation system |
| US9571209B2 (en) | 2014-10-21 | 2017-02-14 | At&T Intellectual Property I, L.P. | Transmission device with impairment compensation and methods for use therewith |
| US9912033B2 (en) | 2014-10-21 | 2018-03-06 | At&T Intellectual Property I, Lp | Guided wave coupler, coupling module and methods for use therewith |
| US9577307B2 (en) | 2014-10-21 | 2017-02-21 | At&T Intellectual Property I, L.P. | Guided-wave transmission device and methods for use therewith |
| US9705610B2 (en) | 2014-10-21 | 2017-07-11 | At&T Intellectual Property I, L.P. | Transmission device with impairment compensation and methods for use therewith |
| US9871558B2 (en) | 2014-10-21 | 2018-01-16 | At&T Intellectual Property I, L.P. | Guided-wave transmission device and methods for use therewith |
| US9780834B2 (en) | 2014-10-21 | 2017-10-03 | At&T Intellectual Property I, L.P. | Method and apparatus for transmitting electromagnetic waves |
| US9653770B2 (en) | 2014-10-21 | 2017-05-16 | At&T Intellectual Property I, L.P. | Guided wave coupler, coupling module and methods for use therewith |
| US9596001B2 (en) | 2014-10-21 | 2017-03-14 | At&T Intellectual Property I, L.P. | Apparatus for providing communication services and methods thereof |
| US9564947B2 (en) | 2014-10-21 | 2017-02-07 | At&T Intellectual Property I, L.P. | Guided-wave transmission device with diversity and methods for use therewith |
| US9577306B2 (en) | 2014-10-21 | 2017-02-21 | At&T Intellectual Property I, L.P. | Guided-wave transmission device and methods for use therewith |
| US9960808B2 (en) | 2014-10-21 | 2018-05-01 | At&T Intellectual Property I, L.P. | Guided-wave transmission device and methods for use therewith |
| US9525210B2 (en) | 2014-10-21 | 2016-12-20 | At&T Intellectual Property I, L.P. | Guided-wave transmission device with non-fundamental mode propagation and methods for use therewith |
| US9520945B2 (en) | 2014-10-21 | 2016-12-13 | At&T Intellectual Property I, L.P. | Apparatus for providing communication services and methods thereof |
| US9954286B2 (en) | 2014-10-21 | 2018-04-24 | At&T Intellectual Property I, L.P. | Guided-wave transmission device with non-fundamental mode propagation and methods for use therewith |
| US9312919B1 (en) | 2014-10-21 | 2016-04-12 | At&T Intellectual Property I, Lp | Transmission device with impairment compensation and methods for use therewith |
| US9627768B2 (en) | 2014-10-21 | 2017-04-18 | At&T Intellectual Property I, L.P. | Guided-wave transmission device with non-fundamental mode propagation and methods for use therewith |
| US9876587B2 (en) | 2014-10-21 | 2018-01-23 | At&T Intellectual Property I, L.P. | Transmission device with impairment compensation and methods for use therewith |
| US9948355B2 (en) | 2014-10-21 | 2018-04-17 | At&T Intellectual Property I, L.P. | Apparatus for providing communication services and methods thereof |
| US9769020B2 (en) | 2014-10-21 | 2017-09-19 | At&T Intellectual Property I, L.P. | Method and apparatus for responding to events affecting communications in a communication network |
| US9654173B2 (en) | 2014-11-20 | 2017-05-16 | At&T Intellectual Property I, L.P. | Apparatus for powering a communication device and methods thereof |
| US9544006B2 (en) | 2014-11-20 | 2017-01-10 | At&T Intellectual Property I, L.P. | Transmission device with mode division multiplexing and methods for use therewith |
| US9680670B2 (en) | 2014-11-20 | 2017-06-13 | At&T Intellectual Property I, L.P. | Transmission device with channel equalization and control and methods for use therewith |
| US9742521B2 (en) | 2014-11-20 | 2017-08-22 | At&T Intellectual Property I, L.P. | Transmission device with mode division multiplexing and methods for use therewith |
| US9954287B2 (en) | 2014-11-20 | 2018-04-24 | At&T Intellectual Property I, L.P. | Apparatus for converting wireless signals and electromagnetic waves and methods thereof |
| US9749083B2 (en) | 2014-11-20 | 2017-08-29 | At&T Intellectual Property I, L.P. | Transmission device with mode division multiplexing and methods for use therewith |
| US9712350B2 (en) | 2014-11-20 | 2017-07-18 | At&T Intellectual Property I, L.P. | Transmission device with channel equalization and control and methods for use therewith |
| US10243784B2 (en) | 2014-11-20 | 2019-03-26 | At&T Intellectual Property I, L.P. | System for generating topology information and methods thereof |
| US9800327B2 (en) | 2014-11-20 | 2017-10-24 | At&T Intellectual Property I, L.P. | Apparatus for controlling operations of a communication device and methods thereof |
| US9531427B2 (en) | 2014-11-20 | 2016-12-27 | At&T Intellectual Property I, L.P. | Transmission device with mode division multiplexing and methods for use therewith |
| US10009067B2 (en) | 2014-12-04 | 2018-06-26 | At&T Intellectual Property I, L.P. | Method and apparatus for configuring a communication interface |
| US9742462B2 (en) | 2014-12-04 | 2017-08-22 | At&T Intellectual Property I, L.P. | Transmission medium and communication interfaces and methods for use therewith |
| US10144036B2 (en) | 2015-01-30 | 2018-12-04 | At&T Intellectual Property I, L.P. | Method and apparatus for mitigating interference affecting a propagation of electromagnetic waves guided by a transmission medium |
| US9876570B2 (en) | 2015-02-20 | 2018-01-23 | At&T Intellectual Property I, Lp | Guided-wave transmission device with non-fundamental mode propagation and methods for use therewith |
| US9876571B2 (en) | 2015-02-20 | 2018-01-23 | At&T Intellectual Property I, Lp | Guided-wave transmission device with non-fundamental mode propagation and methods for use therewith |
| US9749013B2 (en) | 2015-03-17 | 2017-08-29 | At&T Intellectual Property I, L.P. | Method and apparatus for reducing attenuation of electromagnetic waves guided by a transmission medium |
| US9831912B2 (en) | 2015-04-24 | 2017-11-28 | At&T Intellectual Property I, Lp | Directional coupling device and methods for use therewith |
| US10224981B2 (en) | 2015-04-24 | 2019-03-05 | At&T Intellectual Property I, Lp | Passive electrical coupling device and methods for use therewith |
| US9793955B2 (en) | 2015-04-24 | 2017-10-17 | At&T Intellectual Property I, Lp | Passive electrical coupling device and methods for use therewith |
| US9705561B2 (en) | 2015-04-24 | 2017-07-11 | At&T Intellectual Property I, L.P. | Directional coupling device and methods for use therewith |
| US9793954B2 (en) | 2015-04-28 | 2017-10-17 | At&T Intellectual Property I, L.P. | Magnetic coupling device and methods for use therewith |
| US9948354B2 (en) | 2015-04-28 | 2018-04-17 | At&T Intellectual Property I, L.P. | Magnetic coupling device with reflective plate and methods for use therewith |
| US9748626B2 (en) | 2015-05-14 | 2017-08-29 | At&T Intellectual Property I, L.P. | Plurality of cables having different cross-sectional shapes which are bundled together to form a transmission medium |
| US9871282B2 (en) | 2015-05-14 | 2018-01-16 | At&T Intellectual Property I, L.P. | At least one transmission medium having a dielectric surface that is covered at least in part by a second dielectric |
| US9490869B1 (en) | 2015-05-14 | 2016-11-08 | At&T Intellectual Property I, L.P. | Transmission medium having multiple cores and methods for use therewith |
| US9887447B2 (en) | 2015-05-14 | 2018-02-06 | At&T Intellectual Property I, L.P. | Transmission medium having multiple cores and methods for use therewith |
| US10679767B2 (en) | 2015-05-15 | 2020-06-09 | At&T Intellectual Property I, L.P. | Transmission medium having a conductive material and methods for use therewith |
| US10650940B2 (en) | 2015-05-15 | 2020-05-12 | At&T Intellectual Property I, L.P. | Transmission medium having a conductive material and methods for use therewith |
| US9917341B2 (en) | 2015-05-27 | 2018-03-13 | At&T Intellectual Property I, L.P. | Apparatus and method for launching electromagnetic waves and for modifying radial dimensions of the propagating electromagnetic waves |
| US10050697B2 (en) | 2015-06-03 | 2018-08-14 | At&T Intellectual Property I, L.P. | Host node device and methods for use therewith |
| US9967002B2 (en) | 2015-06-03 | 2018-05-08 | At&T Intellectual I, Lp | Network termination and methods for use therewith |
| US10396887B2 (en) | 2015-06-03 | 2019-08-27 | At&T Intellectual Property I, L.P. | Client node device and methods for use therewith |
| US10103801B2 (en) | 2015-06-03 | 2018-10-16 | At&T Intellectual Property I, L.P. | Host node device and methods for use therewith |
| US9935703B2 (en) | 2015-06-03 | 2018-04-03 | At&T Intellectual Property I, L.P. | Host node device and methods for use therewith |
| US10154493B2 (en) | 2015-06-03 | 2018-12-11 | At&T Intellectual Property I, L.P. | Network termination and methods for use therewith |
| US9866309B2 (en) | 2015-06-03 | 2018-01-09 | At&T Intellectual Property I, Lp | Host node device and methods for use therewith |
| US9912382B2 (en) | 2015-06-03 | 2018-03-06 | At&T Intellectual Property I, Lp | Network termination and methods for use therewith |
| US10812174B2 (en) | 2015-06-03 | 2020-10-20 | At&T Intellectual Property I, L.P. | Client node device and methods for use therewith |
| US9912381B2 (en) | 2015-06-03 | 2018-03-06 | At&T Intellectual Property I, Lp | Network termination and methods for use therewith |
| US10348391B2 (en) | 2015-06-03 | 2019-07-09 | At&T Intellectual Property I, L.P. | Client node device with frequency conversion and methods for use therewith |
| US10797781B2 (en) | 2015-06-03 | 2020-10-06 | At&T Intellectual Property I, L.P. | Client node device and methods for use therewith |
| US9913139B2 (en) | 2015-06-09 | 2018-03-06 | At&T Intellectual Property I, L.P. | Signal fingerprinting for authentication of communicating devices |
| US9997819B2 (en) | 2015-06-09 | 2018-06-12 | At&T Intellectual Property I, L.P. | Transmission medium and method for facilitating propagation of electromagnetic waves via a core |
| US10142010B2 (en) | 2015-06-11 | 2018-11-27 | At&T Intellectual Property I, L.P. | Repeater and methods for use therewith |
| US10142086B2 (en) | 2015-06-11 | 2018-11-27 | At&T Intellectual Property I, L.P. | Repeater and methods for use therewith |
| US10027398B2 (en) | 2015-06-11 | 2018-07-17 | At&T Intellectual Property I, Lp | Repeater and methods for use therewith |
| US9608692B2 (en) | 2015-06-11 | 2017-03-28 | At&T Intellectual Property I, L.P. | Repeater and methods for use therewith |
| US9820146B2 (en) | 2015-06-12 | 2017-11-14 | At&T Intellectual Property I, L.P. | Method and apparatus for authentication and identity management of communicating devices |
| US9667317B2 (en) | 2015-06-15 | 2017-05-30 | At&T Intellectual Property I, L.P. | Method and apparatus for providing security using network traffic adjustments |
| US9787412B2 (en) | 2015-06-25 | 2017-10-10 | At&T Intellectual Property I, L.P. | Methods and apparatus for inducing a fundamental wave mode on a transmission medium |
| US9509415B1 (en) | 2015-06-25 | 2016-11-29 | At&T Intellectual Property I, L.P. | Methods and apparatus for inducing a fundamental wave mode on a transmission medium |
| US10090601B2 (en) | 2015-06-25 | 2018-10-02 | At&T Intellectual Property I, L.P. | Waveguide system and methods for inducing a non-fundamental wave mode on a transmission medium |
| US10069185B2 (en) | 2015-06-25 | 2018-09-04 | At&T Intellectual Property I, L.P. | Methods and apparatus for inducing a non-fundamental wave mode on a transmission medium |
| US9640850B2 (en) | 2015-06-25 | 2017-05-02 | At&T Intellectual Property I, L.P. | Methods and apparatus for inducing a non-fundamental wave mode on a transmission medium |
| US9865911B2 (en) | 2015-06-25 | 2018-01-09 | At&T Intellectual Property I, L.P. | Waveguide system for slot radiating first electromagnetic waves that are combined into a non-fundamental wave mode second electromagnetic wave on a transmission medium |
| US9882657B2 (en) | 2015-06-25 | 2018-01-30 | At&T Intellectual Property I, L.P. | Methods and apparatus for inducing a fundamental wave mode on a transmission medium |
| US10044409B2 (en) | 2015-07-14 | 2018-08-07 | At&T Intellectual Property I, L.P. | Transmission medium and methods for use therewith |
| US9882257B2 (en) | 2015-07-14 | 2018-01-30 | At&T Intellectual Property I, L.P. | Method and apparatus for launching a wave mode that mitigates interference |
| US9628116B2 (en) | 2015-07-14 | 2017-04-18 | At&T Intellectual Property I, L.P. | Apparatus and methods for transmitting wireless signals |
| US9722318B2 (en) | 2015-07-14 | 2017-08-01 | At&T Intellectual Property I, L.P. | Method and apparatus for coupling an antenna to a device |
| US9929755B2 (en) | 2015-07-14 | 2018-03-27 | At&T Intellectual Property I, L.P. | Method and apparatus for coupling an antenna to a device |
| US10205655B2 (en) | 2015-07-14 | 2019-02-12 | At&T Intellectual Property I, L.P. | Apparatus and methods for communicating utilizing an antenna array and multiple communication paths |
| US9836957B2 (en) | 2015-07-14 | 2017-12-05 | At&T Intellectual Property I, L.P. | Method and apparatus for communicating with premises equipment |
| US10320586B2 (en) | 2015-07-14 | 2019-06-11 | At&T Intellectual Property I, L.P. | Apparatus and methods for generating non-interfering electromagnetic waves on an insulated transmission medium |
| US9847566B2 (en) | 2015-07-14 | 2017-12-19 | At&T Intellectual Property I, L.P. | Method and apparatus for adjusting a field of a signal to mitigate interference |
| US10033108B2 (en) | 2015-07-14 | 2018-07-24 | At&T Intellectual Property I, L.P. | Apparatus and methods for generating an electromagnetic wave having a wave mode that mitigates interference |
| US9947982B2 (en) | 2015-07-14 | 2018-04-17 | At&T Intellectual Property I, Lp | Dielectric transmission medium connector and methods for use therewith |
| US10170840B2 (en) | 2015-07-14 | 2019-01-01 | At&T Intellectual Property I, L.P. | Apparatus and methods for sending or receiving electromagnetic signals |
| US9853342B2 (en) | 2015-07-14 | 2017-12-26 | At&T Intellectual Property I, L.P. | Dielectric transmission medium connector and methods for use therewith |
| US10148016B2 (en) | 2015-07-14 | 2018-12-04 | At&T Intellectual Property I, L.P. | Apparatus and methods for communicating utilizing an antenna array |
| US10341142B2 (en) | 2015-07-14 | 2019-07-02 | At&T Intellectual Property I, L.P. | Apparatus and methods for generating non-interfering electromagnetic waves on an uninsulated conductor |
| US10033107B2 (en) | 2015-07-14 | 2018-07-24 | At&T Intellectual Property I, L.P. | Method and apparatus for coupling an antenna to a device |
| US9793951B2 (en) | 2015-07-15 | 2017-10-17 | At&T Intellectual Property I, L.P. | Method and apparatus for launching a wave mode that mitigates interference |
| US9608740B2 (en) | 2015-07-15 | 2017-03-28 | At&T Intellectual Property I, L.P. | Method and apparatus for launching a wave mode that mitigates interference |
| US10090606B2 (en) | 2015-07-15 | 2018-10-02 | At&T Intellectual Property I, L.P. | Antenna system with dielectric array and methods for use therewith |
| US10784670B2 (en) | 2015-07-23 | 2020-09-22 | At&T Intellectual Property I, L.P. | Antenna support for aligning an antenna |
| US9871283B2 (en) | 2015-07-23 | 2018-01-16 | At&T Intellectual Property I, Lp | Transmission medium having a dielectric core comprised of plural members connected by a ball and socket configuration |
| US9806818B2 (en) | 2015-07-23 | 2017-10-31 | At&T Intellectual Property I, Lp | Node device, repeater and methods for use therewith |
| US9749053B2 (en) | 2015-07-23 | 2017-08-29 | At&T Intellectual Property I, L.P. | Node device, repeater and methods for use therewith |
| US9948333B2 (en) | 2015-07-23 | 2018-04-17 | At&T Intellectual Property I, L.P. | Method and apparatus for wireless communications to mitigate interference |
| US10074886B2 (en) | 2015-07-23 | 2018-09-11 | At&T Intellectual Property I, L.P. | Dielectric transmission medium comprising a plurality of rigid dielectric members coupled together in a ball and socket configuration |
| US9912027B2 (en) | 2015-07-23 | 2018-03-06 | At&T Intellectual Property I, L.P. | Method and apparatus for exchanging communication signals |
| US10020587B2 (en) | 2015-07-31 | 2018-07-10 | At&T Intellectual Property I, L.P. | Radial antenna and methods for use therewith |
| US9838078B2 (en) | 2015-07-31 | 2017-12-05 | At&T Intellectual Property I, L.P. | Method and apparatus for exchanging communication signals |
| US9461706B1 (en) | 2015-07-31 | 2016-10-04 | At&T Intellectual Property I, Lp | Method and apparatus for exchanging communication signals |
| US9735833B2 (en) | 2015-07-31 | 2017-08-15 | At&T Intellectual Property I, L.P. | Method and apparatus for communications management in a neighborhood network |
| US9967173B2 (en) | 2015-07-31 | 2018-05-08 | At&T Intellectual Property I, L.P. | Method and apparatus for authentication and identity management of communicating devices |
| US9904535B2 (en) | 2015-09-14 | 2018-02-27 | At&T Intellectual Property I, L.P. | Method and apparatus for distributing software |
| US10009901B2 (en) | 2015-09-16 | 2018-06-26 | At&T Intellectual Property I, L.P. | Method, apparatus, and computer-readable storage medium for managing utilization of wireless resources between base stations |
| US10009063B2 (en) | 2015-09-16 | 2018-06-26 | At&T Intellectual Property I, L.P. | Method and apparatus for use with a radio distributed antenna system having an out-of-band reference signal |
| US10225842B2 (en) | 2015-09-16 | 2019-03-05 | At&T Intellectual Property I, L.P. | Method, device and storage medium for communications using a modulated signal and a reference signal |
| US10349418B2 (en) | 2015-09-16 | 2019-07-09 | At&T Intellectual Property I, L.P. | Method and apparatus for managing utilization of wireless resources via use of a reference signal to reduce distortion |
| US10079661B2 (en) | 2015-09-16 | 2018-09-18 | At&T Intellectual Property I, L.P. | Method and apparatus for use with a radio distributed antenna system having a clock reference |
| US10051629B2 (en) | 2015-09-16 | 2018-08-14 | At&T Intellectual Property I, L.P. | Method and apparatus for use with a radio distributed antenna system having an in-band reference signal |
| US9705571B2 (en) | 2015-09-16 | 2017-07-11 | At&T Intellectual Property I, L.P. | Method and apparatus for use with a radio distributed antenna system |
| US10136434B2 (en) | 2015-09-16 | 2018-11-20 | At&T Intellectual Property I, L.P. | Method and apparatus for use with a radio distributed antenna system having an ultra-wideband control channel |
| US9769128B2 (en) | 2015-09-28 | 2017-09-19 | At&T Intellectual Property I, L.P. | Method and apparatus for encryption of communications over a network |
| US10742614B2 (en) | 2015-09-28 | 2020-08-11 | At&T Intellectual Property I, L.P. | Method and apparatus for encryption of communications over a network |
| US9729197B2 (en) | 2015-10-01 | 2017-08-08 | At&T Intellectual Property I, L.P. | Method and apparatus for communicating network management traffic over a network |
| US9882277B2 (en) | 2015-10-02 | 2018-01-30 | At&T Intellectual Property I, Lp | Communication device and antenna assembly with actuated gimbal mount |
| US10074890B2 (en) | 2015-10-02 | 2018-09-11 | At&T Intellectual Property I, L.P. | Communication device and antenna with integrated light assembly |
| US9876264B2 (en) | 2015-10-02 | 2018-01-23 | At&T Intellectual Property I, Lp | Communication system, guided wave switch and methods for use therewith |
| US10051483B2 (en) | 2015-10-16 | 2018-08-14 | At&T Intellectual Property I, L.P. | Method and apparatus for directing wireless signals |
| US10355367B2 (en) | 2015-10-16 | 2019-07-16 | At&T Intellectual Property I, L.P. | Antenna structure for exchanging wireless signals |
| US10665942B2 (en) | 2015-10-16 | 2020-05-26 | At&T Intellectual Property I, L.P. | Method and apparatus for adjusting wireless communications |
| US9912419B1 (en) | 2016-08-24 | 2018-03-06 | At&T Intellectual Property I, L.P. | Method and apparatus for managing a fault in a distributed antenna system |
| US9860075B1 (en) | 2016-08-26 | 2018-01-02 | At&T Intellectual Property I, L.P. | Method and communication node for broadband distribution |
| US10291311B2 (en) | 2016-09-09 | 2019-05-14 | At&T Intellectual Property I, L.P. | Method and apparatus for mitigating a fault in a distributed antenna system |
| US11032819B2 (en) | 2016-09-15 | 2021-06-08 | At&T Intellectual Property I, L.P. | Method and apparatus for use with a radio distributed antenna system having a control channel reference signal |
| US10135146B2 (en) | 2016-10-18 | 2018-11-20 | At&T Intellectual Property I, L.P. | Apparatus and methods for launching guided waves via circuits |
| US10135147B2 (en) | 2016-10-18 | 2018-11-20 | At&T Intellectual Property I, L.P. | Apparatus and methods for launching guided waves via an antenna |
| US10340600B2 (en) | 2016-10-18 | 2019-07-02 | At&T Intellectual Property I, L.P. | Apparatus and methods for launching guided waves via plural waveguide systems |
| US9991580B2 (en) | 2016-10-21 | 2018-06-05 | At&T Intellectual Property I, L.P. | Launcher and coupling system for guided wave mode cancellation |
| US9876605B1 (en) | 2016-10-21 | 2018-01-23 | At&T Intellectual Property I, L.P. | Launcher and coupling system to support desired guided wave mode |
| US10811767B2 (en) | 2016-10-21 | 2020-10-20 | At&T Intellectual Property I, L.P. | System and dielectric antenna with convex dielectric radome |
| US10374316B2 (en) | 2016-10-21 | 2019-08-06 | At&T Intellectual Property I, L.P. | System and dielectric antenna with non-uniform dielectric |
| US10340573B2 (en) | 2016-10-26 | 2019-07-02 | At&T Intellectual Property I, L.P. | Launcher with cylindrical coupling device and methods for use therewith |
| US10312567B2 (en) | 2016-10-26 | 2019-06-04 | At&T Intellectual Property I, L.P. | Launcher with planar strip antenna and methods for use therewith |
| US10224634B2 (en) | 2016-11-03 | 2019-03-05 | At&T Intellectual Property I, L.P. | Methods and apparatus for adjusting an operational characteristic of an antenna |
| US10225025B2 (en) | 2016-11-03 | 2019-03-05 | At&T Intellectual Property I, L.P. | Method and apparatus for detecting a fault in a communication system |
| US10291334B2 (en) | 2016-11-03 | 2019-05-14 | At&T Intellectual Property I, L.P. | System for detecting a fault in a communication system |
| US10498044B2 (en) | 2016-11-03 | 2019-12-03 | At&T Intellectual Property I, L.P. | Apparatus for configuring a surface of an antenna |
| US10178445B2 (en) | 2016-11-23 | 2019-01-08 | At&T Intellectual Property I, L.P. | Methods, devices, and systems for load balancing between a plurality of waveguides |
| US10340601B2 (en) | 2016-11-23 | 2019-07-02 | At&T Intellectual Property I, L.P. | Multi-antenna system and methods for use therewith |
| US10340603B2 (en) | 2016-11-23 | 2019-07-02 | At&T Intellectual Property I, L.P. | Antenna system having shielded structural configurations for assembly |
| US10535928B2 (en) | 2016-11-23 | 2020-01-14 | At&T Intellectual Property I, L.P. | Antenna system and methods for use therewith |
| US10090594B2 (en) | 2016-11-23 | 2018-10-02 | At&T Intellectual Property I, L.P. | Antenna system having structural configurations for assembly |
| US10361489B2 (en) | 2016-12-01 | 2019-07-23 | At&T Intellectual Property I, L.P. | Dielectric dish antenna system and methods for use therewith |
| US10727599B2 (en) | 2016-12-06 | 2020-07-28 | At&T Intellectual Property I, L.P. | Launcher with slot antenna and methods for use therewith |
| US10755542B2 (en) | 2016-12-06 | 2020-08-25 | At&T Intellectual Property I, L.P. | Method and apparatus for surveillance via guided wave communication |
| US10326494B2 (en) | 2016-12-06 | 2019-06-18 | At&T Intellectual Property I, L.P. | Apparatus for measurement de-embedding and methods for use therewith |
| US10694379B2 (en) | 2016-12-06 | 2020-06-23 | At&T Intellectual Property I, L.P. | Waveguide system with device-based authentication and methods for use therewith |
| US10020844B2 (en) | 2016-12-06 | 2018-07-10 | T&T Intellectual Property I, L.P. | Method and apparatus for broadcast communication via guided waves |
| US10637149B2 (en) | 2016-12-06 | 2020-04-28 | At&T Intellectual Property I, L.P. | Injection molded dielectric antenna and methods for use therewith |
| US9927517B1 (en) | 2016-12-06 | 2018-03-27 | At&T Intellectual Property I, L.P. | Apparatus and methods for sensing rainfall |
| US10135145B2 (en) | 2016-12-06 | 2018-11-20 | At&T Intellectual Property I, L.P. | Apparatus and methods for generating an electromagnetic wave along a transmission medium |
| US10382976B2 (en) | 2016-12-06 | 2019-08-13 | At&T Intellectual Property I, L.P. | Method and apparatus for managing wireless communications based on communication paths and network device positions |
| US10439675B2 (en) | 2016-12-06 | 2019-10-08 | At&T Intellectual Property I, L.P. | Method and apparatus for repeating guided wave communication signals |
| US10819035B2 (en) | 2016-12-06 | 2020-10-27 | At&T Intellectual Property I, L.P. | Launcher with helical antenna and methods for use therewith |
| US10359749B2 (en) | 2016-12-07 | 2019-07-23 | At&T Intellectual Property I, L.P. | Method and apparatus for utilities management via guided wave communication |
| US9893795B1 (en) | 2016-12-07 | 2018-02-13 | At&T Intellectual Property I, Lp | Method and repeater for broadband distribution |
| US10389029B2 (en) | 2016-12-07 | 2019-08-20 | At&T Intellectual Property I, L.P. | Multi-feed dielectric antenna system with core selection and methods for use therewith |
| US10446936B2 (en) | 2016-12-07 | 2019-10-15 | At&T Intellectual Property I, L.P. | Multi-feed dielectric antenna system and methods for use therewith |
| US10139820B2 (en) | 2016-12-07 | 2018-11-27 | At&T Intellectual Property I, L.P. | Method and apparatus for deploying equipment of a communication system |
| US10168695B2 (en) | 2016-12-07 | 2019-01-01 | At&T Intellectual Property I, L.P. | Method and apparatus for controlling an unmanned aircraft |
| US10243270B2 (en) | 2016-12-07 | 2019-03-26 | At&T Intellectual Property I, L.P. | Beam adaptive multi-feed dielectric antenna system and methods for use therewith |
| US10547348B2 (en) | 2016-12-07 | 2020-01-28 | At&T Intellectual Property I, L.P. | Method and apparatus for switching transmission mediums in a communication system |
| US10027397B2 (en) | 2016-12-07 | 2018-07-17 | At&T Intellectual Property I, L.P. | Distributed antenna system and methods for use therewith |
| US10601494B2 (en) | 2016-12-08 | 2020-03-24 | At&T Intellectual Property I, L.P. | Dual-band communication device and method for use therewith |
| US9998870B1 (en) | 2016-12-08 | 2018-06-12 | At&T Intellectual Property I, L.P. | Method and apparatus for proximity sensing |
| US10069535B2 (en) | 2016-12-08 | 2018-09-04 | At&T Intellectual Property I, L.P. | Apparatus and methods for launching electromagnetic waves having a certain electric field structure |
| US10938108B2 (en) | 2016-12-08 | 2021-03-02 | At&T Intellectual Property I, L.P. | Frequency selective multi-feed dielectric antenna system and methods for use therewith |
| US10530505B2 (en) | 2016-12-08 | 2020-01-07 | At&T Intellectual Property I, L.P. | Apparatus and methods for launching electromagnetic waves along a transmission medium |
| US10326689B2 (en) | 2016-12-08 | 2019-06-18 | At&T Intellectual Property I, L.P. | Method and system for providing alternative communication paths |
| US10916969B2 (en) | 2016-12-08 | 2021-02-09 | At&T Intellectual Property I, L.P. | Method and apparatus for providing power using an inductive coupling |
| US10411356B2 (en) | 2016-12-08 | 2019-09-10 | At&T Intellectual Property I, L.P. | Apparatus and methods for selectively targeting communication devices with an antenna array |
| US10777873B2 (en) | 2016-12-08 | 2020-09-15 | At&T Intellectual Property I, L.P. | Method and apparatus for mounting network devices |
| US10389037B2 (en) | 2016-12-08 | 2019-08-20 | At&T Intellectual Property I, L.P. | Apparatus and methods for selecting sections of an antenna array and use therewith |
| US9911020B1 (en) | 2016-12-08 | 2018-03-06 | At&T Intellectual Property I, L.P. | Method and apparatus for tracking via a radio frequency identification device |
| US10103422B2 (en) | 2016-12-08 | 2018-10-16 | At&T Intellectual Property I, L.P. | Method and apparatus for mounting network devices |
| US9838896B1 (en) | 2016-12-09 | 2017-12-05 | At&T Intellectual Property I, L.P. | Method and apparatus for assessing network coverage |
| US10340983B2 (en) | 2016-12-09 | 2019-07-02 | At&T Intellectual Property I, L.P. | Method and apparatus for surveying remote sites via guided wave communications |
| US10264586B2 (en) | 2016-12-09 | 2019-04-16 | At&T Mobility Ii Llc | Cloud-based packet controller and methods for use therewith |
| US9973940B1 (en) | 2017-02-27 | 2018-05-15 | At&T Intellectual Property I, L.P. | Apparatus and methods for dynamic impedance matching of a guided wave launcher |
| US10298293B2 (en) | 2017-03-13 | 2019-05-21 | At&T Intellectual Property I, L.P. | Apparatus of communication utilizing wireless network devices |
Also Published As
| Publication number | Publication date |
|---|---|
| CA2467988A1 (en) | 2005-11-21 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CA2467988C (en) | System and method for initiating secure network connection from a client to a network host | |
| US10313135B2 (en) | Secure instant messaging system | |
| KR100565916B1 (en) | System and method for compressing secure e-mail for exchange with a mobile data communication device | |
| JP4460283B2 (en) | Method for processing an encrypted message for exchange with a mobile data communication device | |
| US7673004B1 (en) | Method and apparatus for secure IM communications using an IM module | |
| JP4711933B2 (en) | Multi-stage system and method for processing encoded messages | |
| KR100898092B1 (en) | System and method for processing encoded messages |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| EEER | Examination request |