In this way, Gabriel is designed to allow applications to communicate in VPNs just as seamlessly as applications create non-secure communications. To achieve this, Gabriel handles secure key exchange and end-point authentication associated with VPNs. Moreover, Gabriel uses strong industry standard cryptography, including digital certificates signed and issued by the VirnetX Certificate Authority. Each Gabriel enabled device is issued a unique Secure Domain Name with a corresponding digital certificate signed by the VirnetX CA. The private key for that certificate is generated and secured on the owner’s device. Mutual Authentication of the device/user to its peers and to the Gabriel servers that facilitate the VPN negotiation process, is performed by using this private key, together with the signed certificate.
GABRIEL INSTANT SECURE CONNECT
MUTUAL AUTHENTICATION requires devices/users to authenticate with the peers before secure communications can be occur.
SAFE NEIGHBORHOODS are virtual private enclaves within the Internet/intranet of authenticated devices able to connect on demand no-click and enable real time secure communications.
The Gabriel’s Instant Secure Connect technology includes cryptographic authentication of peering devices. A user is able to define which devices can connect and what information is shared, based upon a device/user identity. In this way, users can dynamically define and modify virtual private enclaves or Safe Neighborhoods within the Internet/intranet. This enclave, as illustrated in Figure 4, can include any collection of devices and users regardless of their location on the Internet/intranet. If a device is connected to the Internet/intranet, it can be in the enclave. Additionally, a device can be included in ANY NUMBER of enclaves at a given time, if the defined security policy permits. As described in the next section, Gabriel’s Instant Secure Connect technology has been used to create a cross-platform security infrastructure referred to as the Gabriel Security Platform. This makes dynamic, on-demand secure enclaves possible.