Unlock instant, AI-driven research and patent intelligence for your innovation.

Method for negotiating security capability between PCC and PCE and network system thereof

A network system and security capability technology, which is applied in the field of negotiating the security capability between the path calculation client and the path calculation unit, can solve the problems of cumbersome and complicated configuration, non-trusted nodes counterfeiting PCC, etc., and achieves the effect of simplifying the complexity

Active Publication Date: 2008-12-31
HUAWEI TECH CO LTD
View PDF0 Cites 25 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0011] 1. Untrusted nodes illegally intercept calculation request and response messages transmitted between PCE and PCE;
[0012] 2. Untrusted nodes counterfeit PCC or PCE;
[0018] In the process of realizing the present invention, the inventors found that the disadvantage of adopting static configuration of the security mechanism between the path computation client PCC and the path computation unit PCE is that the configuration is cumbersome and complicated

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for negotiating security capability between PCC and PCE and network system thereof
  • Method for negotiating security capability between PCC and PCE and network system thereof
  • Method for negotiating security capability between PCC and PCE and network system thereof

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0040] Taking the security policy capability information carried by PCED and the security policy capability information carried by PCEP as examples, the method for negotiating security capabilities in the embodiment of the present invention will be described in detail below.

[0041] Such as image 3 As shown, when the security policy capability information is carried by the PCED, the method for negotiating the security capability between the PCC and the PCE through the security policy capability information carried by the PCED during the automatic discovery phase of the PCE includes steps:

[0042] Step 301, the path computation element PCE is flooding security policy capability information.

[0043] In this embodiment, when the path computation unit PCE floods its own relevant information, it decides whether to flood the security policy capability information through the PCED protocol according to its own relevant configuration and policy.

[0044] For example, if the path ...

Embodiment 2

[0059] The method for negotiating the security capability in the embodiment of the present invention will be described in detail below by taking the security policy capability information carried by the PCEP as an example.

[0060] When the PCEP carries the security policy capability information, in this embodiment, when the PCC and the PCE establish a PCEP connection, the security capability between the PCC and the PCE is negotiated through the PCEP Open message (Open) carrying the security policy capability information.

[0061] Among them, the Open message is the first message sent between the PCC and the PCE when establishing a PCEP connection. The Open message is used for exchanging various capability parameters between the PCC and the PCE, and then each according to its own capability parameters and received from the other party. Negotiate the obtained capability parameters to determine the capabilities supported by both parties.

[0062] When the Open message is used to...

Embodiment 3

[0091] The embodiment of the present invention also provides a network system for negotiating security capabilities between PCC and PCE, such as figure 2 As shown, the system includes at least one path computation unit and a path computation client; wherein,

[0092] A path computation unit, configured to send a packet carrying security policy capability information to a path computation client; after receiving the packet, the path computation client obtains the security policy capability supported or required by the path computation unit, or obtains the path The security policy capability jointly supported by the computing unit and the path computation client enables the connection or communication between the path computation client and the path computation unit according to the obtained security policy capability.

[0093] In this embodiment, the message carrying the security policy capability information is a path computation unit automatic discovery message or a path com...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a method for coordinating the security capacity between a PCC and a PCE and a network system thereof. The method comprises the steps that: a path computation element sends a message carrying security policy capacity information to a path computation client; after receiving the message, the path computation client obtains security policy capacity supported or required by thepath computation element or obtains security policy capacity supported by the path computation element and the path computation client; the path computation client is connected or communicated with the path computation element according to the obtained security policy capacity. In the method, the coordination between the PCC and the PCE and between the PCC and the PCC is carried out by sending the message carrying the security policy capacity information, thereby greatly simplifying security policy configuration between the PCC and the PCE and between the PCC and the PCC, and the deployment complexity of the path computation element (PCE).

Description

technical field [0001] The present invention relates to a communication system, in particular to the method of negotiating security capabilities between a Path Computation Client (PCC: Path ComputationClient) and a Path Computation Element (PCE: Path Computation Element) in traffic engineering (TE: Traffic Engineering) path calculation of a communication system method and its network system. Background technique [0002] The process of mapping communication traffic on the physical topology of the network and locating resources for these communication traffic is called traffic engineering (TE: Traffic Engineering). [0003] Currently, Path Computation Element (PCE: Path Computation Element) is a new model for TE path computation in traffic engineering. Compared with the traditional way of completing traffic engineering TE path calculation by each router, the traffic engineering TE path calculation model based on the path calculation unit PCE separates the path calculation fu...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/56H04L29/06
CPCH04L45/42H04L63/102H04L63/20H04L63/205H04L45/645H04L45/00
Inventor 陈国义
Owner HUAWEI TECH CO LTD
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com