Patent Grant
9985799
Employees often utilize virtual private network (VPN) connections when working off-site. Conventionally, each individual employee uses a separate VPN client to establish a separate VPN connection that terminates at an enterprise location, such as a VPN server on an enterprise network at a company's home location. In this case, all traffic, including traffic sent between the employees' devices, must travel through the enterprise network even when the two or more employees are located at the same location and attached to the same wireless network. Data travels from one employee's client device to the connection endpoint at the enterprise network, is routed through the enterprise network, and then to the second employee's client device. This may result in significant latency in communication between these client devices as well as the utilization of enterprise and local backhaul resources for what essentially amounts to local traffic.
Example embodiments enable multiple users to collaborate at a remote, off-site location as if their devices were located securely within an enterprise network firewall, but with latency and bandwidth consistent with being located within the same local area network (LAN) or wireless LAN (WLAN). For example, employees of company X are able to connect their computers (or other client devices) to a locally provided wireless access point providing a WiFi connection to the Internet. Through an authentication process the wireless access point creates a private WLAN slice, and the private WLAN slice is connected to the enterprise through a VPN connection (e.g., through a VPN tunnel). Any data transmitted between the users at the remote location may be performed more efficiently and/or securely within this private WLAN slice, while not being exposed to any other devices connected to the wireless access point.
Any data transmitted to the enterprise network utilizes the VPN connection between the wireless access point and the enterprise network, but traffic transmitted between the co-located users need not be transmitted from the users' location to the enterprise network and then back to the users' location as is the case in the conventional art.
At least one example embodiment provides a method for communicating via a collaborative software-defined networking (SDN) based virtual private network (VPN), the method including: establishing, at a wireless access point, a private wireless local area network (WLAN) slice within a first wireless network in response to a request from a first user, wireless resources for the first wireless network being provided by the wireless access point; creating a VPN connection between the private WLAN slice and a second network; granting users access to the private WLAN slice and the VPN connection between the private WLAN slice and the second network; and routing traffic between the users granted access to the private WLAN slice and the VPN connection without transmission of the traffic to the second network through the VPN connection.
At least one other example embodiment provides a wireless access point to establish and provide communication between users via a collaborative software-defined networking (SDN) based virtual private network (VPN). The wireless access point includes a wireless communication interface and a SDN processor. The wireless communication interface is configured to provide wireless resources for a first wireless network. The SDN processor is configured to: establish a private wireless local area network (WLAN) slice within the first wireless network in response to a request from a first user; grant users access to the private WLAN slice and a VPN connection between the private WLAN slice and a second network, the VPN connection being associated with the private WLAN slice; and route traffic between the users granted access to the private WLAN slice and the VPN connection without transmission of the traffic to the second network through the VPN connection.
At least one other example embodiment provides a tangible and/or non-transitory computer-readable storage medium including computer executable instructions that, when executed by a processor or computer device, cause the processor or computer device to perform a method for communicating via a collaborative software-defined networking (SDN) based virtual private network (VPN). According to at least this example embodiment, the method includes: establishing, at a wireless access point, a private wireless local area network (WLAN) slice within a first wireless network in response to a request from a first user, wireless resources for the first wireless network being provided by the wireless access point; creating a VPN connection between the private WLAN slice and a second network; granting users access to the private WLAN slice and the VPN connection between the private WLAN slice and the second network; and routing traffic between the users granted access to the private WLAN slice and the VPN connection without transmission of the traffic to the second network through the VPN connection.
The present invention will become more fully understood from the detailed description given herein below and the accompanying drawings, wherein like elements are represented by like reference numerals, which are given by way of illustration only and thus are not limiting of the present invention.
It should be noted that these figures are intended to illustrate the general characteristics of methods, structure and/or materials utilized in certain example embodiments and to supplement the written description provided below. These drawings are not, however, to scale and may not precisely reflect the precise structural or performance characteristics of any given embodiment, and should not be interpreted as defining or limiting the range of values or properties encompassed by example embodiments. The use of similar or identical reference numbers in the various drawings is intended to indicate the presence of a similar or identical element or feature.
Various example embodiments will now be described more fully with reference to the accompanying drawings in which some example embodiments are shown.
Detailed illustrative embodiments are disclosed herein. However, specific structural and functional details disclosed herein are merely representative for purposes of describing example embodiments. This invention may, however, be embodied in many alternate forms and should not be construed as limited to only the embodiments set forth herein.
Accordingly, while example embodiments are capable of various modifications and alternative forms, the embodiments are shown by way of example in the drawings and will be described herein in detail. It should be understood, however, that there is no intent to limit example embodiments to the particular forms disclosed. On the contrary, example embodiments are to cover all modifications, equivalents, and alternatives falling within the scope of this disclosure. Like numbers refer to like elements throughout the description of the figures.
Although the terms first, second, etc. may be used herein to describe various elements, these elements should not be limited by these terms. These terms are only used to distinguish one element from another. For example, a first element could be termed a second element, and similarly, a second element could be termed a first element, without departing from the scope of this disclosure. As used herein, the term “and/or,” includes any and all combinations of one or more of the associated listed items.
When an element is referred to as being “connected,” or “coupled,” to another element, it can be directly connected or coupled to the other element or intervening elements may be present. By contrast, when an element is referred to as being “directly connected,” or “directly coupled,” to another element, there are no intervening elements present. Other words used to describe the relationship between elements should be interpreted in a like fashion (e.g., “between,” versus “directly between,” “adjacent,” versus “directly adjacent,” etc.).
The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting. As used herein, the singular forms “a,” “an,” and “the,” are intended to include the plural forms as well, unless the context clearly indicates otherwise. It will be further understood that the terms “comprises,” “comprising,” “includes,” and/or “including,” when used herein, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof.
It should also be noted that in some alternative implementations, the functions/acts noted may occur out of the order noted in the figures. For example, two figures shown in succession may in fact be executed substantially concurrently or may sometimes be executed in the reverse order, depending upon the functionality/acts involved.
Specific details are provided in the following description to provide a thorough understanding of example embodiments. However, it will be understood by one of ordinary skill in the art that example embodiments may be practiced without these specific details. For example, systems may be shown in block diagrams so as not to obscure the example embodiments in unnecessary detail. In other instances, well-known processes, structures and techniques may be shown without unnecessary detail in order to avoid obscuring example embodiments.
In the following description, illustrative embodiments will be described with reference to acts and symbolic representations of operations (e.g., in the form of flow charts, flow diagrams, data flow diagrams, structure diagrams, block diagrams, etc.) that may be implemented as program modules or functional processes include routines, programs, objects, components, data structures, etc., that perform particular tasks or implement particular abstract data types and may be implemented using existing hardware at, for example, existing wireless access points, wireless routers, wireless gateways, client devices, etc. Such existing hardware may include one or more Central Processing Units (CPUs), system-on-chip (SOC) devices, digital signal processors (DSPs), application-specific-integrated-circuits, field programmable gate arrays (FPGAs) computers or the like.
Although a flow chart may describe the operations as a sequential process, many of the operations may be performed in parallel, concurrently or simultaneously. In addition, the order of the operations may be re-arranged. A process may be terminated when its operations are completed, but may also have additional steps not included in the figure. A process may correspond to a method, function, procedure, subroutine, subprogram, etc. When a process corresponds to a function, its termination may correspond to a return of the function to the calling function or the main function.
As disclosed herein, the term “storage medium”, “computer readable storage medium” or “non-transitory computer readable storage medium” may represent one or more devices for storing data, including read only memory (ROM), random access memory (RAM), magnetic RAM, core memory, magnetic disk storage mediums, optical storage mediums, flash memory devices and/or other tangible machine readable mediums for storing information. The term “computer-readable medium” may include, but is not limited to, portable or fixed storage devices, optical storage devices, and various other mediums capable of storing, containing or carrying instruction(s) and/or data.
Furthermore, example embodiments may be implemented by hardware, software, firmware, middleware, microcode, hardware description languages, or any combination thereof. When implemented in software, firmware, middleware or microcode, the program code or code segments to perform the necessary tasks may be stored in a machine or computer readable medium such as a computer readable storage medium. When implemented in software, a processor or processors will perform the necessary tasks.
A code segment may represent a procedure, function, subprogram, program, routine, subroutine, module, software package, class, or any combination of instructions, data structures or program statements. A code segment may be coupled to another code segment or a hardware circuit by passing and/or receiving information, data, arguments, parameters or memory contents. Information, arguments, parameters, data, etc. may be passed, forwarded, or transmitted via any suitable means including memory sharing, message passing, token passing, network transmission, etc.
According to example embodiments, wireless access points, wireless routers, servers, client devices, etc. may be (or include) hardware, firmware, hardware executing software or any combination thereof. Such hardware may include one or more Central Processing Units (CPUs), system-on-chip (SOC) devices, digital signal processors (DSPs), application-specific-integrated-circuits (ASICs), field programmable gate arrays (FPGAs) computers or the like configured as special purpose machines to perform the functions described herein as well as any other well-known functions of these elements. In at least some cases, CPUs, SOCs, DSPs, ASICs and FPGAs may generally be referred to as processing circuits, processors and/or microprocessors.
Referring to
As is known, an enterprise network is a private computer network or intranet interconnecting various computer devices to share computer resources. In some cases, an enterprise network interconnects computers at one or more company sites to share computer resources.
A VPN server, such as VPN server 162, provides access to the enterprise network 160 through a VPN connection, such as a VPN tunnel or the like.
A VPN connection is created by establishing a virtual point-to-point connection between a remote client device (e.g., a VPN client at a wireless access point, a VPN client at a client device, etc.) and the VPN server 162. In one example, the virtual point-to-point connection may be established using a tunneling protocol to create a VPN tunnel. Because tunneling protocols and VPN tunnels, as well as VPN connections in general, are well-known, a more detailed discussion is omitted.
In some cases, a VPN connection is used to extend a private enterprise network across a public network, such as the Internet. A VPN connection enables computers to send/receive data, and function as if directly connected to the private enterprise network, even when located geographically remote from to the actual location of the private enterprise network. A VPN also allows computers to benefit from the functionality, security and management policies of the private enterprise network while not actual present at the location of the private enterprise network.
Referring back to
As discussed herein, the term client device may be considered synonymous to, and may hereafter be occasionally referred to, as user device, client, access terminal, etc., and describes a remote user of wireless resources provided by the wireless access point. In one example, a client device may be a smartphone, a laptop computer, a tablet computer, or any other device having WiFi capabilities such that the device is capable of at least connecting to the wireless access point and accessing the Internet or other network.
Generally, as discussed herein, the wireless access point 120 may be any well-known wireless access point, router, or other physical computer hardware system, including one or more processors, various communication interfaces (e.g., both wireless and wired), a computer readable medium, etc. The one or more interfaces may be configured to transmit/receive data signals via a wireless connection over WiFi to/from one or more other devices, and also communicate with the Internet, for example over a wired connection.
In addition to the operations and functionality discussed herein, the wireless access point 120 may also have all conventional functionality known in the art. For example, the wireless access point 120 may have all conventional functionality found in wireless routers used by Internet Service Provider (ISP) customers to establish wireless LANs at customer premises.
Referring to
In accordance with at least this example embodiment, the wireless communication interfaces 460 may include a WiFi transceiver configured to communicate with wireless devices using 2.4 GHz UHF and 5 GHz SHF radio waves. The wireless communication interfaces 460 may transmit and receive wireless signals according to one or more Institute of Electrical and Electronics Engineers' (IEEE) 802.11 standards. The wireless communication interfaces 460 may also provide the wireless resources for the users in range of the wireless access point 120. However, example embodiments should not be limited to these examples.
Example operation of the wireless access point 120 and the network 100 shown in
Referring to
A private WLAN slice is a private (secured) virtual network (or virtual network slice) within a larger WLAN, such as the WLAN provided by the wireless access point 120. This virtual network allows devices belonging to the private WLAN slice to have full layer 2 (L2) communication among themselves, but be isolated from other client devices on the WLAN. Conceptually, a private WLAN slice may be considered a VLAN within the WLAN that provides an isolated broadcast domain for devices belonging to the private WLAN slice.
In more detail with regard to step S304 in
Through the web portal at the client device 141, the first user requests that (or, alternatively, instructs) the wireless access point 120 establish a private WLAN slice for a VPN connection between the wireless access point 120 and the enterprise network 160. In response to the request to establish the private WLAN slice, the wireless access point 120 prompts the first user for VPN information and/or access credentials required to establish the VPN connection between the wireless access point 120 (and private WLAN slice) and the enterprise network 160. In one example, the VPN information and/or access credentials may include address information (e.g., Internet Protocol (IP) or web address) for the VPN server 162 as well as user access credentials (e.g., username, password, one-time personal identification number (PIN), etc.) for accessing the enterprise network 160 through the VPN server 162.
The first user enters the requested information into the web portal provided at the client device 141, and the client device 141 sends the requested information to the wireless access point 140 over the WiFi connection between the client device 141 and the wireless access point 120. In response to the information from the client device 141, the wireless access point 120 establishes the private WLAN slice at step S304.
The wireless access point 120 may establish and manage private WLAN slices in various ways. In one example, the wireless access point 120 establishes the private WLAN slice using an access control list (ACL). In this example, if the wireless access point 120 uses internal virtual LANs (VLANs) to isolate traffic, the wireless access point 120 establishes the private WLAN slice by creating an ACL identifying members of the VLAN (or private WLAN slice). The wireless access point 120 then sets up rules to identify client devices as members of the private WLAN slice based on media access control (MAC) or IP address used to request access to the private WLAN slice. Once authorized, the wireless access point 120 sets up a filter to mark all traffic to/from that client device as belonging to the private WLAN slice. When referring to network traffic, ACLs are used to filter traffic based on full or partial matches of data fields of the packets transmitted over the wireless network. Data fields used in ACLs may include: source MAC address, destination MAC address, source IP address, destination IP address, Transport Control Protocol/User Datagram Protocol (TCP/UDP) port (source and/or destination), as well as other higher layer protocol information. This matching determines whether packets are accepted or dropped by the network function.
In another example, the wireless access point 120 may establish private WLAN slices using a separate service set identifier (SSID) to identify members of the private WLAN slice. In this example, client devices seeking access to the private WLAN slice connect to the slice using the SSID created for the private WLAN slice. Once authenticated (e.g., using a password), any client device connected to that SSID becomes a member of the private WLAN slice. The SSID for the private WLAN slice is different from the SSID associated with the larger WLAN provided by the wireless access point 120.
Returning to
Although example embodiments are, in most cases, discussed with regard to a VPN connection between the wireless access point 120 and the enterprise network 160, it should be understood that this also refers to a VPN connection between the private WLAN slice and the enterprise network 160. In other words, the VPN connection between the wireless access point 120 and the enterprise network 160 may also be characterized as a VPN connection between the private WLAN slice and the enterprise network 160.
Still referring to
After granting the client device 141 access to the private WLAN slice and the VPN connection, the wireless access point 120 begins routing traffic between the client device 141 and the enterprise network 160 over the secure and private connection between the client device 141 and the enterprise network 160.
Still referring to
After the wireless access point 120 establishes the private WLAN slice and VPN connection, other users and client devices, such as a user at client device 142, may access the private WLAN slice and VPN connection using the access credentials provided at step S310. In this regard, once granted access to the private WLAN slice, the users and client devices are also able to access the established VPN connection between the wireless access point 120 and the enterprise network 160 in the same manner as the client device 141. Controlling access of additional users and client devices to the established private WLAN slice will be discussed in more detail below with regard to the client device 142 shown in
Returning to
For example, when the client device 142 is within range of the wireless access point 120, the client device 142 connects to the wireless access point 120 by establishing a WiFi connection with the wireless access point 120 in any well-known manner. After connecting to the wireless access point 120, the client device 142 may present the user of the device (hereinafter sometimes referred to as the second user) with a web portal. In one example, the second user opens a web browser on the client device 142 and navigates to the web address of the web portal to access the web portal. In another example, if an SSID is used to identify the private WLAN slice, then the act of attaching to the SSID for the private WLAN slice informs the wireless access point 120 that the second user desires access to the slice. In this example, the second user may be automatically directed to the web portal after connecting to the wireless access point 120.
Through the web portal at the client device 142, the second user requests access to the established private WLAN slice by entering the access credentials provided to the first user at step S310. In one example, the second user at the client device 142 may request access to the private WLAN slice by entering, into the web portal, the name and associated password for the established private WLAN slice.
If an SSID is used to establish the private WLAN slice, then the second user need not input the SSID to identify the private WLAN slice since the use of the SSID indicates the private WLAN slice to which the second desires access. In this case, the second user may only need to provide a password to access the private WLAN slice.
The wireless access point 120 may also request VPN credentials from the second user at the client device 142.
The second user enters the requested information into the web portal provided at the client device 142, and the client device 142 sends the requested information to the wireless access point 140 over the WiFi connection between the client device 142 and the wireless access point 120.
At step S314, the wireless access point 120 compares the access credentials from the client device 142 with the access credentials for the private WLAN slice stored in the memory 440, and provided to the client device 141 at step S310.
If the credentials from the client device 142 match the access credentials for the established private WLAN slice, then the wireless access point 120 grants the client device 142 access to the private WLAN slice and VPN connection at step S316.
Once having granted the client device 142 access to the private WLAN slice and the VPN connection, the wireless access point 120 establishes a secure and private connection between the client devices 141 and 142, as well as between each of the client devices 141 and 142 and the enterprise network 160. As a result, the wireless access point 120 is able to route traffic between (e.g., directly between) the client device 141 and the client device 142 without transmitting the traffic to the enterprise network through the VPN connection. The wireless access point 120 is also able to route traffic between the client devices 141 and 142, as well as between each of the client devices 141 and 142 and the enterprise network 160 through the VPN connection.
Returning to step S314 in
The example embodiment discussed above with regard to
Referring to
Referring to
The wireless communication interfaces 560 may include a WiFi transceiver configured to communicate with wireless devices using 2.4 GHz UHF and 5 GHz SHF radio waves. The wireless communication interfaces 560 may transmit and receive wireless signals according to one or more Institute of Electrical and Electronics Engineers' (IEEE) 802.11 standards. However, example embodiments should not be limited to these examples.
In addition to the operations and functionality discussed herein, the client device 241, as well as the other client devices discussed herein, may also have all conventional functionality known in the art. The client device 241 may be, for example, a portable or other electronic device (e.g., a personal computer, laptop computer, tablet computer, MP3 player, smartphone, etc.
Returning to
The wireless access point 220 controls access to the private WLAN slice in the same manner as discussed above with regard to
One or more example embodiments discussed herein enable multiple users to collaborate at a remote, off-site location as if their devices were located securely within the enterprise firewall, but with latency and bandwidth consistent with being located within the same LAN or WLAN.
The foregoing description of example embodiments has been provided for purposes of illustration and description. It is not intended to be exhaustive or to limit the disclosure. Individual elements or features of a particular example embodiment are generally not limited to that particular embodiment, but, where applicable, are interchangeable and can be used in a selected embodiment, even if not specifically shown or described. The same may also be varied in many ways. Such variations are not to be regarded as a departure from the disclosure, and all such modifications are intended to be included within the scope of the disclosure.
| Number | Name | Date | Kind |
|---|---|---|---|
| 6738910 | Genty et al. | May 2004 | B1 |
| 7277547 | Delker | Oct 2007 | B1 |
| 7310524 | Kurokawa | Dec 2007 | B2 |
| 7339915 | Jakkahalli | Mar 2008 | B2 |
| 7389534 | He | Jun 2008 | B1 |
| 7493084 | Meier | Feb 2009 | B2 |
| 7535880 | Hinman | May 2009 | B1 |
| 7542476 | Almog et al. | Jun 2009 | B2 |
| 7633909 | Jones | Dec 2009 | B1 |
| 7924793 | Savoor | Apr 2011 | B2 |
| 7974249 | Lo | Jul 2011 | B2 |
| 8032174 | Kezys | Oct 2011 | B2 |
| 8036195 | Thompson | Oct 2011 | B2 |
| 8077689 | Jones | Dec 2011 | B1 |
| 8131303 | Cook | Mar 2012 | B2 |
| 8184530 | Swan | May 2012 | B1 |
| 8428263 | Inada | Apr 2013 | B2 |
| 8553662 | Chen | Oct 2013 | B2 |
| 8631471 | Dattagupta | Jan 2014 | B2 |
| 8929341 | Han | Jan 2015 | B2 |
| 9026121 | Cook | May 2015 | B2 |
| 9125058 | Jones | Sep 2015 | B2 |
| 9148781 | Le Sage | Sep 2015 | B2 |
| 9197671 | Bartoszewski | Nov 2015 | B1 |
| 9240898 | Melman | Jan 2016 | B1 |
| 9241367 | Chen | Jan 2016 | B2 |
| 9258702 | Murphy | Feb 2016 | B2 |
| 9288842 | Yeoh | Mar 2016 | B2 |
| 9344161 | Kish | May 2016 | B2 |
| 9473458 | Bartoszewski | Oct 2016 | B2 |
| 9591676 | Lopes | Mar 2017 | B1 |
| 9608859 | Gupta | Mar 2017 | B2 |
| 9730269 | Iyer | Aug 2017 | B2 |
| 9838369 | Ram | Dec 2017 | B2 |
| 9838942 | Murphy | Dec 2017 | B2 |
| 20020004902 | Toh | Jan 2002 | A1 |
| 20040103278 | Abhishek | May 2004 | A1 |
| 20040266427 | Kurokawa | Dec 2004 | A1 |
| 20050063400 | Lum | Mar 2005 | A1 |
| 20050198306 | Palojarvi | Sep 2005 | A1 |
| 20050220048 | Lee | Oct 2005 | A1 |
| 20060039356 | Rao | Feb 2006 | A1 |
| 20060089121 | Elgebaly | Apr 2006 | A1 |
| 20060230446 | Vu | Oct 2006 | A1 |
| 20060236378 | Burshan | Oct 2006 | A1 |
| 20060245362 | Choyi | Nov 2006 | A1 |
| 20070081477 | Jakkahalli | Apr 2007 | A1 |
| 20070206527 | Lo | Sep 2007 | A1 |
| 20080117836 | Savoor | May 2008 | A1 |
| 20080155678 | Ohkubo | Jun 2008 | A1 |
| 20090310535 | Anumala | Dec 2009 | A1 |
| 20100154050 | Mukkara | Jun 2010 | A1 |
| 20100182959 | Cook | Jul 2010 | A1 |
| 20100202428 | Thompson | Aug 2010 | A1 |
| 20110264730 | Dattagupta | Oct 2011 | A1 |
| 20120002813 | Wei | Jan 2012 | A1 |
| 20120027002 | Jones | Feb 2012 | A1 |
| 20120044914 | Chen | Feb 2012 | A1 |
| 20120113977 | Shimoosawa | May 2012 | A1 |
| 20120127942 | Cook | May 2012 | A1 |
| 20120317619 | Dattagupta | Dec 2012 | A1 |
| 20130163515 | Yeoh | Jun 2013 | A1 |
| 20130201978 | Iyer | Aug 2013 | A1 |
| 20130301627 | Chen | Nov 2013 | A1 |
| 20130312074 | Sarawat | Nov 2013 | A1 |
| 20140233734 | Ram | Aug 2014 | A1 |
| 20140254555 | Reznik | Sep 2014 | A1 |
| 20150117180 | Gupta | Apr 2015 | A1 |
| 20150133099 | Xu | May 2015 | A1 |
| 20150188940 | Lapidous | Jul 2015 | A1 |
| 20150326610 | Bartoszewski | Nov 2015 | A1 |
| 20150350989 | Himayat | Dec 2015 | A1 |
| 20150382196 | Hillier | Dec 2015 | A1 |
| 20160006694 | Bartoszewski | Jan 2016 | A1 |
| 20160135108 | Murphy | May 2016 | A1 |
| 20160173448 | Olshansky | Jun 2016 | A1 |
| 20160277375 | Ram | Sep 2016 | A1 |
| 20160374078 | Ghosh | Dec 2016 | A1 |
| 20170086229 | Lopes | Mar 2017 | A1 |
| 20170086241 | Lopes | Mar 2017 | A1 |
| 20170142540 | Shirakata | May 2017 | A1 |
| 20170150362 | Clemenson | May 2017 | A1 |
| 20170187688 | Hodroj | Jun 2017 | A1 |
| 20170272819 | Zerr | Sep 2017 | A1 |
| 20170290074 | Lee | Oct 2017 | A1 |
| 20170353988 | Lopes | Dec 2017 | A1 |
| 20170367127 | Lopes | Dec 2017 | A1 |
| Number | Date | Country |
|---|---|---|
| 2015014907 | Jan 2015 | JP |
| WO-2014026050 | Feb 2014 | WO |
| Entry |
|---|
| Aoyagi et al., ELA: A Fully Distributed VPN System over Peer-to-Peer Network, Feb. 4, 2005, The 2005 Symposium on Applications and the Internet (SAINT'05), IEEE. |
| Deri et al., N2N: A Layer Two Peer-to-Peer VPN, Jul. 3, 2008, 2008 Proceedings on Second International Conference on Autonomous Infrastructure, Management and Security, Springer Berlin Heidelberg, pp. 53-64. |
| W. Ginolas. Aufbau eines virtuellen privaten Netzes mit Peer-to-Peer Technologie. Master's thesis, Aug. 14, 2009, Fachhochschule Wendel, Accessed from http://p2pvpn.org/thesis.pdf on Sep. 22, 2016. |
| Wolinsky et al. , On the Design of Autonomic Decentralized VPNs, Oct. 12, 2010, 2010 6th International Conference on Collaborative Computing: Networking, Applications and Worksharing. |
| Toshihiko et al., Machine Translation of JP2015014907A, Jan. 24, 2017, Patent Translate by EPO and Google. |
| Jobongo, How to setup SSID for VPN and SSID for Regular ISP using OpenVPN, Feb. 28, 2013, Github Wiki, https://github.com/RMerl/asuswrt-merlin/wiki/How-to-setup-SSID-for-VPN-and-SSID-for-Regular-ISP-using-OpenVPN (accessed on Oct. 2, 2017). |
| Number | Date | Country | |
|---|---|---|---|
| 20160073327 A1 | Mar 2016 | US |
