Check patentability & draft patents in minutes with Patsnap Eureka AI!

Method for negotiating security capability between PCC and PCE and network system thereof

A network system and security capability technology, which is applied in the field of negotiating the security capabilities between the path calculation client and the path calculation unit, can solve the problems of cumbersome configuration, illegal interception of PCE calculation requests, response messages, and complexity, and achieve simplification of complexity Effect

Active Publication Date: 2013-03-13
HUAWEI TECH CO LTD
View PDF0 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0011] 1. Untrusted nodes illegally intercept calculation request and response messages transmitted between PCE and PCE;
[0012] 2. Untrusted nodes counterfeit PCC or PCE;
[0018] In the process of realizing the present invention, the inventors found that the disadvantage of adopting static configuration of the security mechanism between the path computation client PCC and the path computation unit PCE is that the configuration is cumbersome and complicated

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for negotiating security capability between PCC and PCE and network system thereof
  • Method for negotiating security capability between PCC and PCE and network system thereof
  • Method for negotiating security capability between PCC and PCE and network system thereof

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0040] Taking the security policy capability information carried by PCED and the security policy capability information carried by PCEP as examples, the method for negotiating security capabilities in the embodiment of the present invention will be described in detail below.

[0041] Such as image 3 As shown, when the security policy capability information is carried by the PCED, the method for negotiating the security capability between the PCC and the PCE through the security policy capability information carried by the PCED during the automatic discovery phase of the PCE includes steps:

[0042] Step 301, the path computation element PCE is flooding security policy capability information.

[0043] In this embodiment, when the path computation unit PCE floods its own relevant information, it decides whether to flood the security policy capability information through the PCED protocol according to its own relevant configuration and policy.

[0044] For example, if the path ...

Embodiment 2

[0059] The method for negotiating the security capability in the embodiment of the present invention will be described in detail below by taking the security policy capability information carried by the PCEP as an example.

[0060] When the PCEP carries the security policy capability information, in this embodiment, when the PCC and the PCE establish a PCEP connection, the security capability between the PCC and the PCE is negotiated through the PCEP Open message (Open) carrying the security policy capability information.

[0061] Among them, the Open message is the first message sent between the PCC and the PCE when establishing a PCEP connection. The Open message is used for exchanging various capability parameters between the PCC and the PCE, and then each according to its own capability parameters and received from the other party. Negotiate the obtained capability parameters to determine the capabilities supported by both parties.

[0062] When the Open message is used to...

Embodiment 3

[0091] The embodiment of the present invention also provides a network system for negotiating security capabilities between PCC and PCE, such as figure 2 As shown, the system includes at least one path computation unit and a path computation client; wherein,

[0092] A path computation unit, configured to send a packet carrying security policy capability information to a path computation client; after receiving the packet, the path computation client obtains the security policy capability supported or required by the path computation unit, or obtains the path The security policy capability jointly supported by the computing unit and the path computation client enables the connection or communication between the path computation client and the path computation unit according to the obtained security policy capability.

[0093] In this embodiment, the message carrying the security policy capability information is a path computation unit automatic discovery message or a path com...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

A method and a network system for negotiating a security capability between a path computation client (PCC) and a path computation element (PCE) are described. The method includes the steps as follows. The PCE sends a packet carrying security policy capability information to the PCC. After receiving the packet, the PCC acquires a security policy capability supported or required by the PCE or a security policy capability supported by both of the PCE and the PCC. In various embodiments of the present invention, negotiation of PCC-PCE and PCC-PCC may be performed by sending the packet carrying the security policy capability information, thereby greatly simplifying the security policy configuration between PCC-PCE and PCE-PCE, and simplifying the complexity in PCE deployment.

Description

technical field [0001] The present invention relates to a communication system, in particular to the method of negotiating security capabilities between a Path Computation Client (PCC: Path ComputationClient) and a Path Computation Element (PCE: Path Computation Element) in traffic engineering (TE: Traffic Engineering) path calculation of a communication system method and its network system. Background technique [0002] The process of mapping communication traffic on the physical topology of the network and locating resources for these communication traffic is called traffic engineering (TE: Traffic Engineering). [0003] Currently, Path Computation Element (PCE: Path Computation Element) is a new model for TE path computation in traffic engineering. Compared with the traditional way of completing traffic engineering TE path calculation by each router, the traffic engineering TE path calculation model based on the path calculation unit PCE separates the path calculation fu...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L12/70
CPCH04L63/20H04L45/42H04L45/00H04L63/205H04L63/102H04L45/645
Inventor 陈国义
Owner HUAWEI TECH CO LTD
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com