Wireless IP network variable area communicating method based on IPSec protocol

A technology of IP network and regional communication, applied in the application field of wireless IP network communication based on IPSec protocol, can solve the problems of incompatibility of network layer security protocols of performance enhancement technology, achieve TCP performance enhancement, HTTP transmission acceleration, performance Enhanced effect

Inactive Publication Date: 2008-07-30
HARBIN INST OF TECH
View PDF0 Cites 10 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] The purpose of the present invention is to solve the problem of contradiction and incompatibility between the performance enhancement technology and the network

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Wireless IP network variable area communicating method based on IPSec protocol
  • Wireless IP network variable area communicating method based on IPSec protocol
  • Wireless IP network variable area communicating method based on IPSec protocol

Examples

Experimental program
Comparison scheme
Effect test

specific Embodiment approach 1

[0016] Specific embodiment one: the wireless IP network variable area communication method based on IPSec protocol described in this embodiment is:

[0017] The IP packet to be sent is divided into a plurality of areas according to the rules of the IPSec protocol to generate an IPSec packet. The area mappings of the plurality of areas are all encapsulated in the ESP header, and the areas of different levels are respectively set in the plurality of areas. Security association information; the area mapping information of each encrypted area includes the area number of IP data packets, the area number and the length of the mapped area;

[0018] The sending and receiving endpoints of the data contain the security association information of all areas in each IPSec data packet, and can interpret all the data information in the IPSec data packet;

[0019] Ordinary intermediate nodes in the transmission data path do not contain any security-related information in the IPSec data packet...

specific Embodiment approach 2

[0021] Embodiment 2: The difference between this embodiment and the wireless IP network variable area communication method based on IPSec protocol described in Embodiment 1 is that the IP data packet to be sent is divided into two areas according to the rules of the IPSec protocol.

[0022] Setting application layer is HTTP agreement, comprises the Web page information described in HTML (Hypertext Markup Language), then the transmission model diagram described in the present embodiment is referring to Fig. 1, and this model is sent terminal 1 by IP packet, and two are not Trusted intermediate nodes 2 and 4, performance enhancing gateway 3 authorized by authentication and receiving terminal 5. In this transmission mode model, the IP data packet to be sent is divided into two areas, area 1 contains the TCP header and HTML object links with variable length, and area 1 security-related information is sent by the sending terminal 1, the performance of the authentication and authoriz...

specific Embodiment approach 3

[0037] Embodiment 3: The difference between this embodiment and the IPSec-based wireless IP network variable area communication method described in Embodiment 1 or Embodiment 2 is that the security-associated information is area composite security-associated information CSA, and the area Composite security-associated information CSA is to put together the same information in the original multiple regional security-related information as a common parameter of regional composite security-related information, and use different information in multiple regional security-related information as regional security-related information private parameters, wherein the public parameters may include serial number counter, serial number overflow counter, protocol mode, anti-replay attack window and other information.

[0038] This implementation mode adopts the area compound security association information CSA, and the number of areas of each IP data packet may be inconsistent with the numbe...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

An IPsec-protocol-based communication method for wireless IP network variable area relates to a communication method of wireless IP network, which solves the contradiction and incompatibility between the performance enhancement technology and network layer security protocol in prior art. The IP packet to be sent is divided into a plurality of regions according to the IPsec protocol to generate an IPsec packet and the mapping of the regions are packaged in ESP header and the regions are provided with security related information at different levels; sending and receiving terminals include all the security related information of all the regions and the certified performance enhancing intermediate nodes in the data transmission path only comprise the security related information of some regions. The method of the invention can guarantee the end-to-end security of the network layer and support TCP enhancing gateway of transport layers and the security protocol for HTTP acceleration agent of application layers. The invention can be applied in the IP satellite network communication and similar terrestrial wireless channel environment.

Description

Technical field: [0001] The invention relates to a communication method of a wireless IP network, in particular to an application method based on IPSec protocol in wireless IP network communication. Background technique: [0002] Wireless network links have the characteristics of long propagation delay, large bandwidth-delay product, high link bit error rate, and asymmetric uplink and downlink bandwidth, which are particularly prominent in the connection of geostationary satellites to the Internet. [0003] These characteristics lead to serious performance degradation of the TCP protocol, which is widely used on the ground Internet and can guarantee end-to-end reliable transmission, when it is applied to a wireless network. It is specifically reflected in: the function of the TCP error control mechanism is weak, and the TCP protocol cannot distinguish the difference between the packet loss caused by network congestion and the packet loss caused by bit errors, so it can only ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/08H04L1/00H04L12/56H04L29/06
Inventor 黄展郭庆顾学迈
Owner HARBIN INST OF TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap