Patents by Inventor John D. Kari
John D. Kari has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 8630218Abstract: Provided is a method for maintaining a Virtual Private Network (VPN) connection between a mobile device and a server over a wireless network in a manner that conserves the power supply of the mobile device and is suitable for connections that employ server-initiated traffic. After a successful login to a VPN server, a VPN client establishes a Transport Control Protocol (TCP) connection and a UDP connection with the server. After a power timeout, the server calculates the elapsed time between the current transmission and the last tunnel traffic. If the elapsed time exceeds a power timeout value, the VPN server transmits a simple control message to the client via the TCP channel. The client then reestablishes the UDP connection to the client and the server resumes transmission on the reestablished UDP channel.Type: GrantFiled: July 23, 2012Date of Patent: January 14, 2014Assignee: International Business Machines CorporationInventors: Stephen W. Babin, John D. Kari, Michael L. Masterson
-
Publication number: 20120287833Abstract: Provided is a method for maintaining a Virtual Private Network (VPN) connection between a mobile device and a server over a wireless network in a manner that conserves the power supply of the mobile device and is suitable for connections that employ server-initiated traffic. After a successful login to a VPN server, a VPN client establishes a Transport Control Protocol (TCP) connection and a UDP connection with the server. After a power timeout, the server calculates the elapsed time between the current transmission and the last tunnel traffic. If the elapsed time exceeds a power timeout value, the VPN server transmits a simple control message to the client via the TCP channel. The client then reestablishes the UDP connection to the client and the server resumes transmission on the reestablished UDP channel.Type: ApplicationFiled: July 23, 2012Publication date: November 15, 2012Applicant: International Business Machines CorporationInventors: Stephen W. Babin, John D. Kari, Michael L. Masterson
-
Patent number: 8261339Abstract: Dynamically selecting an endpoint for a tunnel into an enterprise computing infrastructure. A client dynamically selects a gateway (which may alternatively be referred to as a boundary device or server) as a tunnel endpoint for connecting over a public network (or, more generally, an untrusted network) into an enterprise computing infrastructure. The selection is made, in preferred embodiments, according to least-cost routing metrics pertaining to paths through the enterprise network from the selected gateway to a destination host. The least-cost routing metrics may be computed using factors such as the proximity of selectable tunnel endpoints to the destination host; stability or redundancy of network resources for this gateway; monetary costs of transmitting data over a path between the selectable tunnel endpoints and destination host; congestion on that path; hop count for that path; and/or latency or transmit time for data on that path.Type: GrantFiled: December 14, 2010Date of Patent: September 4, 2012Assignee: International Business Machines CorporationInventors: M. Lynn Aldridge, Peter C. Dill, Ivan M. Heninger, John D. Kari, Clifford D. Marano, David M. Urgo
-
Patent number: 8228830Abstract: Provided is a method for maintaining a Virtual Private Network (VPN) connection between a mobile device and a server over a wireless network in a manner that conserves the power supply of the mobile device and is suitable for connections that employ server-initiated traffic. After a successful login to a VPN server, a VPN client establishes a Transport Control Protocol (TCP) connection and a UDP connection with the server. After a power timeout, the server calculates the elapsed time between the current transmission and the last tunnel traffic. If the elapsed time exceeds a power timeout value, the VPN server transmits a simple control message to the client via the TCP channel. The client then reestablishes the UDP connection to the client and the server resumes transmission on the reestablished UDP channel.Type: GrantFiled: January 4, 2008Date of Patent: July 24, 2012Assignee: International Business Machines CorporationInventors: Stephen W. Babin, John D. Kari, Michael L. Masterson
-
Patent number: 7992201Abstract: Dynamically selecting an endpoint for a tunnel into an enterprise computing infrastructure. A client dynamically selects a gateway (which may alternatively be referred to as a boundary device or server) as a tunnel endpoint for connecting over a public network (or, more generally, an untrusted network) into an enterprise computing infrastructure. The selection is made, in preferred embodiments, according to least-cost routing metrics pertaining to paths through the enterprise network from the selected gateway to a destination host. The least-cost routing metrics may be computed using factors such as the proximity of selectable tunnel endpoints to the destination host; stability or redundancy of network resources for this gateway; monetary costs of transmitting data over a path between the selectable tunnel endpoints and destination host; congestion on that path; hop count for that path; and/or latency or transmit time for data on that path.Type: GrantFiled: July 26, 2007Date of Patent: August 2, 2011Assignee: International Business Machines CorporationInventors: M. Lynn Aldridge, Peter C. Dill, Ivan M. Heninger, John D. Kari, Clifford D. Marano, David M. Urgo
-
Patent number: 7975294Abstract: A client attempts to transmit a presence state to a presence server that is behind a firewall of a secure network. If the client is inside the firewall, the presence server instructs resources within the secure network to directly communicate with the client. However, if the client is outside the firewall, then the client must tunnel into the secure network via a Virtual Private Network (VPN) before accessing the resources in the secure network.Type: GrantFiled: November 19, 2007Date of Patent: July 5, 2011Assignee: International Business Machines CorporationInventors: Ivan M. Heninger, John D. Kari, William J. Rippon, Galina Rubinshtein
-
Publication number: 20110083174Abstract: Dynamically selecting an endpoint for a tunnel into an enterprise computing infrastructure. A client dynamically selects a gateway (which may alternatively be referred to as a boundary device or server) as a tunnel endpoint for connecting over a public network (or, more generally, an untrusted network) into an enterprise computing infrastructure. The selection is made, in preferred embodiments, according to least-cost routing metrics pertaining to paths through the enterprise network from the selected gateway to a destination host. The least-cost routing metrics may be computed using factors such as the proximity of selectable tunnel endpoints to the destination host; stability or redundancy of network resources for this gateway; monetary costs of transmitting data over a path between the selectable tunnel endpoints and destination host; congestion on that path; hop count for that path; and/or latency or transmit time for data on that path.Type: ApplicationFiled: December 14, 2010Publication date: April 7, 2011Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: M. Lynn Aldridge, Peter C. Dill, Ivan M. Heninger, John D. Kari, Clifford D. Marano, David M. Urgo
-
Publication number: 20090175282Abstract: Provided is a method for maintaining a Virtual Private Network (VPN) connection between a mobile device and a server over a wireless network in a manner that conserves the power supply of the mobile device and is suitable for connections that employ server-initiated traffic. After a successful login to a VPN server, a VPN client establishes a Transport Control Protocol (TCP) connection and a UDP connection with the server. After a power timeout, the server calculates the elapsed time between the current transmission and the last tunnel traffic. If the elapsed time exceeds a power timeout value, the VPN server transmits a simple control message to the client via the TCP channel. The client then reestablishes the UDP connection to the client and the server resumes transmission on the reestablished UDP channel.Type: ApplicationFiled: January 4, 2008Publication date: July 9, 2009Inventors: Stephen W. Babin, John D. Kari, Michael L. Masterson
-
Publication number: 20090133115Abstract: A client attempts to transmit a presence state to a presence server that is behind a firewall of a secure network. If the client is inside the firewall, the presence server instructs resources within the secure network to directly communicate with the client. However, if the client is outside the firewall, then the client must tunnel into the secure network via a Virtual Private Network (VPN) before accessing the resources in the secure network.Type: ApplicationFiled: November 19, 2007Publication date: May 21, 2009Inventors: Ivan M. Heninger, John D. Kari, William J. Rippon, Galina Rubinshtein
-
Publication number: 20090031415Abstract: Dynamically selecting an endpoint for a tunnel into an enterprise computing infrastructure. A client dynamically selects a gateway (which may alternatively be referred to as a boundary device or server) as a tunnel endpoint for connecting over a public network (or, more generally, an untrusted network) into an enterprise computing infrastructure. The selection is made, in preferred embodiments, according to least-cost routing metrics pertaining to paths through the enterprise network from the selected gateway to a destination host. The least-cost routing metrics may be computed using factors such as the proximity of selectable tunnel endpoints to the destination host; stability or redundancy of network resources for this gateway; monetary costs of transmitting data over a path between the selectable tunnel endpoints and destination host; congestion on that path; hop count for that path; and/or latency or transmit time for data on that path.Type: ApplicationFiled: July 26, 2007Publication date: January 29, 2009Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: M. Lynn Aldridge, Peter C. Dill, Ivan M. Heninger, John D. Kari, Clifford D. Marano, David M. Urgo
-
Patent number: 6308281Abstract: A method, system, and computer program by which a logical network connection can be maintained in the presence of disruption or failure of the underlying physical network connection. The technique defines a virtual connection between the client and gateway, which is not dependent upon continuous connectivity in the underlying physical connection, and can resume operation transparently even though the physical connection may be established on a different media type. Additionally, the technique of the present invention enables the physical medium to be changed even though the physical connection was not disrupted. This change in medium may be based on a number of factors, such as quality of service or transmission speed, which can be monitored. A graphical user interface (“GUI”) is defined whereby the human user may observe a depiction of the available physical connections and their status, information regarding the physical connection currently in use, etc.Type: GrantFiled: September 2, 1998Date of Patent: October 23, 2001Assignee: International Business Machines CorporationInventors: George E. Hall, Jr., John D. Kari