发明名称 |
Systems and methods for application-specific access to virtual private networks |
摘要 |
Described herein are systems and methods utilizing application-specific access to a virtual private network (“VPN”). A method may comprise receiving, from an application executing on a device, a request for a network data flow to a private network, comparing identification information associated with the application against a set of rules stored on a memory of the device, wherein the set of rules identifies conditions for the application to be authorized to access the private network, and establishing a connection for the network data flow upon the identification information satisfying the conditions for the application to access the private network. |
申请公布号 |
US9143481(B2) |
申请公布日期 |
2015.09.22 |
申请号 |
US201313911789 |
申请日期 |
2013.06.06 |
申请人 |
APPLE INC. |
发明人 |
Wood James P. |
分类号 |
H04L29/06;H04L12/46 |
主分类号 |
H04L29/06 |
代理机构 |
Fay Kaplun & Marcin, LLP |
代理人 |
Fay Kaplun & Marcin, LLP |
主权项 |
1. A method, comprising:
generating, by an application executing on a device, a request for a network data flow to a private network; comparing identification information associated with the application against a set of rules stored on the memory, wherein the set of rules identifies conditions for the application to be authorized to access the private network; diverting the network data flow to a virtual private network (VPN) tunnel as opposed to entering a Transport Connection Protocol (TCP)/Internet Protocol (IP) stack; determining if the application specifies a destination by hostname; resolving the hostname for the destination at VPN plugin in response to the application specified hostname; opening a flow divert socket for application data to flow between the application and a data transportation component of the device in response to the application not specifying the destination by hostname or after successfully resolving the hostname for the destination host; establishing a connection for the network data flow upon the identification information satisfying the identified conditions for the application to access the private network; and directing, by the data transportation component, the network data flow directly to the private network. |
地址 |
Cupertino CA US |