Patents by Inventor James Yonan
James Yonan has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11818035Abstract: Disclosed herein are systems and methods for creating an ultra-lightweight multi-tenant network virtualization model by augmenting an OSI layer 4 tuple (protocol, source IP address, destination IP address, source port, destination port) with additional private gateway-specific source and destination augmented addresses. A unique OpenVPN Augmented Address (OAA) may be created and assigned to each device on a network such as a mesh-linked system. This OAA may form part of a packet shim created with routing path information for both the source and the destination resources. Once created, the shim may be inserted into a packet header for transmission. Once the initial packet is transmitted, each hop creates its own resources for managing transmission of subsequent packets in this session. The packet shim operates to establish a communications session on layer 4 (Transport) between the requestor and the target resource which is intermediate-device agnostic.Type: GrantFiled: December 28, 2022Date of Patent: November 14, 2023Assignee: OpenVPN, Inc.Inventors: Francis Dinha, James Yonan
-
Patent number: 11588726Abstract: Disclosed herein are systems and methods for creating an ultra-lightweight multi-tenant network virtualization model by augmenting an OSI layer 4 tuple (protocol, source IP address, destination IP address, source port, destination port) with additional private gateway-specific source and destination augmented addresses. A unique OpenVPN Augmented Address (OAA) may be created and assigned to each device on a network such as a mesh-linked system. This OAA may form part of a packet shim created with routing path information for both the source and the destination resources. Once created, the shim may be inserted into a packet header for transmission. Once the initial packet is transmitted, each hop creates its own resources for managing transmission of subsequent packets in this session. The packet shim operates to establish a communications session on layer 4 (Transport) between the requestor and the target resource which is intermediate-device agnostic.Type: GrantFiled: June 28, 2021Date of Patent: February 21, 2023Assignee: OpenVPN, IncInventors: Francis Dinha, James Yonan
-
Publication number: 20220337547Abstract: Methods for creating an ultra-lightweight multi-tenant network virtualization model by augmenting an OSI layer 4 tuple (protocol, source IP address, destination IP address, source port, destination port) with additional private gateway-specific source and destination augmented addresses. A unique OpenVPN Augmented Address (OAA) may be created and assigned to each device on a network such as a mesh-linked system. This OAA may form part of a packet shim created with routing path information for both the source and the destination resources. Once created, the shim may be inserted into a packet header for transmission. The packet shim operates to establish a communications session on layer 4 (Transport) between the requestor and the target resource which is intermediate-device agnostic. Further disclosed are methods for intelligently routing domain-level traffic to VPNs including augmenting a DNS with VPN information associated with human-memorable domain names.Type: ApplicationFiled: April 6, 2022Publication date: October 20, 2022Inventors: Francis Dinha, James Yonan
-
Publication number: 20220014463Abstract: Disclosed herein are systems and methods for creating an ultra-lightweight multi-tenant network virtualization model by augmenting an OSI layer 4 tuple (protocol, source IP address, destination IP address, source port, destination port) with additional private gateway-specific source and destination augmented addresses. A unique OpenVPN Augmented Address (OAA) may be created and assigned to each device on a network such as a mesh-linked system. This OAA may form part of a packet shim created with routing path information for both the source and the destination resources. Once created, the shim may be inserted into a packet header for transmission. Once the initial packet is transmitted, each hop creates its own resources for managing transmission of subsequent packets in this session. The packet shim operates to establish a communications session on layer 4 (Transport) between the requestor and the target resource which is intermediate-device agnostic.Type: ApplicationFiled: June 28, 2021Publication date: January 13, 2022Inventors: Francis Dinha, James Yonan
-
Patent number: 10530587Abstract: A system and method for efficient certificate authentication management and distribution of large, web scale authentication information. The method includes receiving at a server, security certificate information, said security certificate including a unique certificate identifier. A structured data source, such as an XML file or database is encoded with a unique record for each possible security certificate using the record ID as the security certificate ID. Each unique record includes a record of four bits or less. Owing to the small size of the data source, large amounts of security certificates may be managed and distributed efficiently over a network to one of more private gateways allowing for large scale certificate authentication.Type: GrantFiled: June 30, 2016Date of Patent: January 7, 2020Assignee: OpenVPN Technologies, Inc.Inventors: Francis Dinha, James Yonan
-
Patent number: 10225105Abstract: A method including receiving, at a virtual private network (VPN) server, an encapsulated packet on one of the ingress addresses wherein the ingress address is associated with the packet information. After processing the packet at the VPN server, the packet source address is transformed to the address of the ingress port before transmitting the packet over a network. The process may be effectuated in the operating system's kernel. The association step may include tracking the ingress port in a data store, or tagging the packet with the ingress address so it can be later used to modify the source address. Transforming may include swapping TCP source and destination port information, changing an IP or TCP header checksum, changing a TCP sequence and acknowledgment number, or changing an IP addresses contained in the data payload.Type: GrantFiled: July 7, 2016Date of Patent: March 5, 2019Assignee: OpenVPN Technologies, Inc.Inventors: Francis Dinha, James Yonan
-
Patent number: 10185599Abstract: A system and method for disposing, in kernel space, a data plane having instructions operable to encrypt and transfer data over a network. The data plane is coupled to a control plane which resides in user space. The control plane has instructions operable to control the transfer of the encrypted data in kernel space. Certain embodiments include an application programming interface (API), which operates to expose a programming interface for encrypted communications which results in a more efficient data transfer because most of the data processing is done in kernel space.Type: GrantFiled: June 9, 2016Date of Patent: January 22, 2019Assignee: OpenVPN Technologies, Inc.Inventors: Francis Dinha, James Yonan
-
Publication number: 20170013015Abstract: A system and method for disposing, in kernel space, a data plane having instructions operable to encrypt and transfer data over a network. The data plane is coupled to a control plane which resides in user space. The control plane has instructions operable to control the transfer of the encrypted data in kernel space. Certain embodiments include an application programming interface (API), which operates to expose a programming interface for encrypted communications which results in a more efficient data transfer because most of the data processing is done in kernel space.Type: ApplicationFiled: June 9, 2016Publication date: January 12, 2017Inventors: Francis DINHA, James Yonan
-
Publication number: 20170012782Abstract: A system and method for efficient certificate authentication management and distribution of large, web scale authentication information. The method includes receiving at a server, security certificate information, said security certificate including a unique certificate identifier. A structured data source, such as an XML file or database is encoded with a unique record for each possible security certificate using the record ID as the security certificate ID. Each unique record includes a record of four bits or less. Owing to the small size of the data source, large amounts of security certificates may be managed and distributed efficiently over a network to one of more private gateways allowing for large scale certificate authentication.Type: ApplicationFiled: June 30, 2016Publication date: January 12, 2017Inventors: Francis DINHA, James YONAN
-
Publication number: 20170012937Abstract: A method including receiving, at a virtual private network (VPN) server, an encapsulated packet on one of the ingress addresses wherein the ingress address is associated with the packet information. After processing the packet at the VPN server, the packet source address is transformed to the address of the ingress port before transmitting the packet over a network. The process may be effectuated in the operating system's kernel. The association step may include tracking the ingress port in a data store, or tagging the packet with the ingress address so it can be later used to modify the source address. Transforming may include swapping TCP source and destination port information, changing an IP or TCP header checksum, changing a TCP sequence and acknowledgment number, or changing an IP addresses contained in the data payload.Type: ApplicationFiled: July 7, 2016Publication date: January 12, 2017Inventors: Francis DINHA, James Yonan
-
Patent number: 9143333Abstract: A system and method for multicast transmission are disclosed. In one embodiment, a virtual exchange network including interconnected nodes is embedded within a network. A sender is disposed in communication with a root node and receivers are disposed in communication with a set of edge nodes. The sender publishes a packetized data stream to which the receivers subscribe. The packetized data stream is promulgated by implicit signaling through optimum virtual exchange network connections from the sender through the virtual exchange network to the receivers. The interconnected nodes, responsive to receiving the published packetized data stream, are adapted to multicast N instances of the published packetized data stream to N recipients selected from the group consisting of receivers and other of the interconnected nodes.Type: GrantFiled: July 22, 2014Date of Patent: September 22, 2015Assignee: Upload Technologies S.A.Inventors: Robert E. Nimon, David E. Espenlaub, Francis Dinha, James Yonan
-
Publication number: 20140334339Abstract: A system and method for multicast transmission are disclosed. In one embodiment, a virtual exchange network including interconnected nodes is embedded within a network. A sender is disposed in communication with a root node and receivers are disposed in communication with a set of edge nodes. The sender publishes a packetized data stream to which the receivers subscribe. The packetized data stream is promulgated by implicit signaling through optimum virtual exchange network connections from the sender through the virtual exchange network to the receivers. The interconnected nodes, responsive to receiving the published packetized data stream, are adapted to multicast N instances of the published packetized data stream to N recipients selected from the group consisting of receivers and other of the interconnected nodes.Type: ApplicationFiled: July 22, 2014Publication date: November 13, 2014Inventors: Robert E. Nimon, David E. Espenlaub, Francis Dinha, James Yonan
-
Patent number: 8787205Abstract: A system and method for multicast transmission are disclosed. In one embodiment, a virtual exchange network including interconnected nodes is embedded within a network. A sender is disposed in communication with a root node and receivers are disposed in communication with a set of edge nodes. The sender publishes a packetized data stream to which the receivers subscribe. The packetized data stream is promulgated by implicit signaling through optimum virtual exchange network connections from the sender through the virtual exchange network to the receivers. The interconnected nodes, responsive to receiving the published packetized data stream, are adapted to multicast N instances of the published packetized data stream to N recipients selected from the group consisting of receivers and other of the interconnected nodes.Type: GrantFiled: October 26, 2012Date of Patent: July 22, 2014Assignee: Upload Technologies S.A.Inventors: Robert E. Nimon, David E. Espenlaub, Francis Dinha, James Yonan
-
Publication number: 20130142081Abstract: A system and method for multicast transmission are disclosed. In one embodiment, a virtual exchange network including interconnected nodes is embedded within a network. A sender is disposed in communication with a root node and receivers are disposed in communication with a set of edge nodes. The sender publishes a packetized data stream to which the receivers subscribe. The packetized data stream is promulgated by implicit signaling through optimum virtual exchange network connections from the sender through the virtual exchange network to the receivers. The interconnected nodes, responsive to receiving the published packetized data stream, are adapted to multicast N instances of the published packetized data stream to N recipients selected from the group consisting of receivers and other of the interconnected nodes.Type: ApplicationFiled: October 26, 2012Publication date: June 6, 2013Inventors: Robert E. Nimon, David E. Espeniaub, Francis Dinha, James Yonan
-
Patent number: 8300553Abstract: A system and method for multicast transmission are disclosed. In one embodiment, a virtual exchange network including interconnected nodes is embedded within a network. A sender is disposed in communication with a root node and receivers are disposed in communication with a set of edge nodes. The sender publishes a packetized data stream to which the receivers subscribe. The packetized data stream is promulgated by implicit signaling through optimum virtual exchange network connections from the sender through the virtual exchange network to the receivers. The interconnected nodes, responsive to receiving the published packetized data stream, are adapted to multicast N instances of the published packetized data stream to N recipients selected from the group consisting of receivers and other of the interconnected nodes.Type: GrantFiled: August 3, 2010Date of Patent: October 30, 2012Assignee: Upload Technologies S.A.Inventors: Robert E. Nimon, David E. Espenlaub, Francis Dinha, James Yonan
-
Publication number: 20100296413Abstract: A system and method for multicast transmission are disclosed. In one embodiment, a virtual exchange network including interconnected nodes is embedded within a network. A sender is disposed in communication with a root node and receivers are disposed in communication with a set of edge nodes. The sender publishes a packetized data stream to which the receivers subscribe. The packetized data stream is promulgated by implicit signaling through optimum virtual exchange network connections from the sender through the virtual exchange network to the receivers. The interconnected nodes, responsive to receiving the published packetized data stream, are adapted to multicast N instances of the published packetized data stream to N recipients selected from the group consisting of receivers and other of the interconnected nodes.Type: ApplicationFiled: August 3, 2010Publication date: November 25, 2010Inventors: Robert E. Nimon, David E. Espenlaub, Francis Dinha, James Yonan