Patent Issued for Embedded virtual private network (USPTO 11190490): Allstate Insurance Company
2021 DEC 21 (NewsRx) -- By a
The assignee for this patent, patent number 11190490, is
Reporters obtained the following quote from the background information supplied by the inventors: “Protecting confidential information in today’s online environment is difficult due to the increased connectivity and the increased amount of user information accessible via web enabled computing devices. Most network connections are made over the air (OTA) via cellular or Wi-Fi connections. OTA networks are inherently insecure because it is difficult to prevent interception and copying of the signal, so applications that run on mobile devices must handle the security of the network connection and any data transmitted over it.
“Browsers, however, generally do not do this, creating a security vulnerability, even if the site being targeted is adequately secured. Additionally, Internet Service Providers (ISPs) and Wi-Fi connectivity or access point providers can inspect and store traffic to monitor browsing and connection habits, opening up privacy concerns. Finally, malicious attackers, equipped with relatively simple hardware and software combinations, can stage “Man in the middle” (MITM) or “drive by” attacks that capture OTA data packets and redirect them to malicious sites.
“VPNs create secure, private connections that ensure that traffic cannot be intercepted and that the user can operate anonymously. A VPN application works by establishing a secure connection (generally using IPSec or similar protocol tunnels) to a network point of presence (POP) and then connecting from that POP to the target web site over a secure connection. To the target, traffic appears to be coming from the POP, not the actual user, who is not visible to any intermediary ISP or configuration service provider (CSP).
“However, VPN client applications can be difficult to set up and the applications need to be activated to ensure that transmitted network activity is secure. Most users find these applications complicated to set up and difficult to use.
“Further, as consumers continue to gain an ever-increasing presence in online environments, there will be an ever-present need to better protect consumers from personal or information being breached (e.g., made available publicly) in order to protect consumers from fraud and/or other harms. Consumers need a system and method which provides a secure connection to their intended online destination over the Internet without the fear that their confidential information may be intercepted and copied by unauthorized entities.”
In addition to obtaining background information on this patent, NewsRx editors also obtained the inventors’ summary information for this patent: “In light of the foregoing background, the following presents a simplified summary of the present disclosure in order to provide a basic understanding of some aspects of the invention. This summary is not an extensive overview of the invention. It is not intended to identify key or critical elements of the invention or to delineate the scope of the invention. The following summary merely presents some concepts of the invention in a simplified form as a prelude to the more detailed description provided below.
“By embedding a VPN capability inside an application layer and automating the connection process, a safe and secure network connection may be made available to users of computing devices. The embedded private connect VPN system may use Domain Name Server (DNS) functionality to determine which data or content streams are to be transmitted through a generated private connect VPN tunnel.
“Aspects of the disclosure address one or more of the issues mentioned above by disclosing methods, computer readable storage media, software, systems, and apparatuses for use by a consumer in order to keep track of a consumer’s accounts and to prevent unauthorized access or use of the consumers identified subscriptions and financial accounts. The discovered subscriptions and financial accounts may be listed and displayed to the consumer along with recommendations and assistance for closing any discovered unused or unwanted financial accounts and subscriptions. The described cyber-security system may prevent unauthorized access, use, and security breaches by unauthorized users and devices of the consumer’s accounts.
“In an aspect of the disclosure, a cyber-security system may be configured to, in operation, analyze the privacy policy or privacy statement for each financial institution or other businesses associated with the consumer determined from an email scan, browser history, and/or browser cache search. The cyber-security system may also analyze the on-line privacy policies or statements of financial institutions and other businesses for which the consumer has an account based on information provided by analysis of the consumer’s profile. The determined information may be displayed to the consumer along with recommendations regarding digital safety.
“Of course, the methods and systems of the above-referenced embodiments may also include other additional elements, steps, computer-executable instructions, or computer-readable data structures. In this regard, other embodiments are disclosed and claimed herein as well. The details of these and other embodiments of the present invention are set forth in the accompanying drawings and the description below. Other features and advantages of the invention will be apparent from the description, drawings, and claims.”
The claims supplied by the inventors are:
“1. A virtual private network device comprising: a processor; a memory unit storing computer-executable instructions, which when executed by the processor, cause the virtual private network device to: generate a DNS request; encrypt the DNS request; transmit the encrypted DNS request through a virtual private network tunnel to a data center; receive an encrypted data packet from the data center through the virtual private network tunnel; decrypt the received encrypted data packet, the decrypted data packet including an IP address associated with the DNS request and an indication as to whether traffic associated with the IP address should be sent through the virtual private network tunnel; and using the IP address, transmit a request for content through the virtual private network tunnel or transmit the request for content outside of the virtual private network tunnel, depending on the indication.
“2. The virtual private network device of claim 1, wherein the traffic associated with the IP address includes streaming content.
“3. The virtual private network device of claim 2, wherein the streaming content is not routed through the virtual private network tunnel.
“4. The virtual private network device of claim 1, wherein the traffic associated with the IP address includes user data.
“5. The virtual private network device of claim 4, wherein the user data is transmitted through the virtual private network tunnel.
“6. A method comprising: generating a DNS request; encrypting the DNS request; transmitting the encrypted DNS request through a virtual private network tunnel to a data center; receiving an encrypted data packet from the data center through the virtual private network tunnel; decrypting the received encrypted data packet, the decrypted data packet including an IP address associated with the DNS request and an indication as to whether traffic associated with the IP address should be sent through the virtual private network tunnel; and using the IP address, transmitting a request for content through the virtual private network tunnel or transmitting the request for content outside of the virtual private network tunnel, depending on the indication.
“7. The method of claim 6, wherein the traffic associated with the IP address includes streaming content.
“8. The method of claim 7, wherein the streaming content is not routed through the virtual private network tunnel.
“9. The method of claim 6, wherein the traffic associated with the IP address includes user data.
“10. The method of claim 9, wherein the user data is transmitted through the virtual private network tunnel.
“11. A method comprising: receiving an encrypted DNS request through a virtual private network tunnel; decrypting the received encrypted DNS request; resolving the decrypted DNS request to an IP address of a serving service; generating a data packet comprising the IP address and an indication as to whether traffic associated with the IP address should be sent through the virtual private network tunnel; encrypting the data packet; and transmitting the encrypted data packet through the virtual private network tunnel.
“12. The method of claim 11, further comprising determining a point of presence located at first data center based on the IP address.
“13. The method of claim 12, further comprising monitoring traffic associated with the point of presence.
“14. The method of claim 13, further comprising: determining that the monitored traffic received at the point of presence is above a threshold; and based upon the determination that the monitored traffic is above the threshold, routing traffic to a second point of presence through a backhaul channel.
“15. The method of claim 14, wherein the second point of presence is located at a second data center.
“16. The method of claim 11, further comprising analyzing DNS requests for IP addresses that pose security risks.
“17. The method of claim 16, further comprising blocking IP addresses that pose the security risks.
“18. The method of claim 11, further comprising generating a white list including IP addresses of services known to be streaming content delivery sites.
“19. The method of claim 18, further comprising determining the indication as to whether traffic associated with the IP address should be sent through the virtual private network tunnel based in part on contents of the white list.
“20. The method of claim 19, further comprising: monitoring activity through the virtual private network tunnel for potential security breaches; and displaying the monitored activity.”
For more information, see this patent: De Guia, Nicolette. Embedded virtual private network.
(Our reports deliver fact-based news of research and discoveries from around the world.)
Researchers from Amhara Public Health Institute Publish Research in Health Services Research (Client satisfaction on community based health insurance scheme and associated factors at Boru Meda Hospital, Northeast, Ethiopia: institutional based …): Health and Medicine – Health Services Research
Patent Issued for Entity prioritization and analysis systems (USPTO 11188985): Aon Risk Services Inc. of Maryland
Advisor News
- LTC: A critical component of retirement planning
- Middle-class households face worsening cost pressures
- Metlife study finds less than half of US workforce holistically healthy
- Invigorating client relationships with AI coaching
- SEC: Get-rich-quick influencer Tai Lopez was running a Ponzi scam
More Advisor NewsAnnuity News
- Trademark Application for “EMPOWER MY WEALTH” Filed by Great-West Life & Annuity Insurance Company: Great-West Life & Annuity Insurance Company
- Conning says insurers’ success in 2026 will depend on ‘strategic adaptation’
- The structural rise of structured products
- How next-gen pricing tech can help insurers offer better annuity products
- Continental General Acquires Block of Life Insurance, Annuity and Health Policies from State Guaranty Associations
More Annuity NewsHealth/Employee Benefits News
- Delaware weighs cutting GLP-1 coverage on state plan
- Lawsuit accuses Cigna PBM of ‘demanding kickbacks’ from drug maker
- ACTING SUPERINTENDENT KAITLIN ASROW ANNOUNCES JERICHO SHARE TO CEASE OPERATIONS IN NEW YORK FOR SELLING UNLICENSED HEALTH INSURANCE PLANS
- OnMed and Triple-S Expand Healthcare Access Across Puerto Rico
- CVS Health Makes Health Insurance Simpler and More Affordable for Americans
More Health/Employee Benefits NewsLife Insurance News