Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method, apparatus and system for implementing new member register of group key management

A group key and group member technology, applied in the field of group key management, can solve the problems of large deployment cost, difficult centralized protection of KS, and no password support, and achieve the effect of automatic registration

Inactive Publication Date: 2009-01-28
HUAWEI TECH CO LTD
View PDF0 Cites 13 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] There are the following problems in using MSEC's GKM protocol to implement group key management: MSEC's GKM protocol is based on the client / server model, which requires that the client and the server must be reachable, that is, there must be a link between the client and the server when the protocol is running. routing
Since a GCKS is deployed on each multicast network, all routers in the multicast network can achieve local reachability to the GCKS in its own network, but the disadvantage of this deployment scenario is that it is difficult to Centralized management of group policy, group member authorization, etc., is expensive; if a physical GCKS is deployed, it will lead to a large deployment cost; decentralized control of GCKS is difficult to protect centrally, and the risk of a single GCKS being compromised increases
Similar to the second scenario, since the KS is responsible for completing the registration process with the router, and a KS is deployed on each multicast network, all routers in the multicast network can achieve local reachability to the KS in its own network. However, the disadvantages of this deployment scenario are: decentralized deployment of KS is difficult to protect centrally, and the risk of a single KS being compromised increases; when registering between team members and KS, only public key authentication technologies such as digital certificates can be used, and passwords, etc. are not supported. authentication method, which reduces the usability of this deployment scenario
[0016] In group key management, in addition to the above-mentioned OSPFv3 IPsec application scenarios where there are problems when new group members join, in other application scenarios, if new group members cannot recognize GCKS or do not know the location of member registration also cannot be done automatically

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method, apparatus and system for implementing new member register of group key management
  • Method, apparatus and system for implementing new member register of group key management
  • Method, apparatus and system for implementing new member register of group key management

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0044] In order to make the purpose and advantages of the embodiments of the present invention more clear, the embodiments of the present invention will be further described in detail below in conjunction with the accompanying drawings.

[0045] First, the method for implementing new group member registration in the group key management provided by the embodiment of the present invention is introduced in detail, Figure 4 The flow of the method is shown.

[0046] Pre-deploy agents on local networks that require automatic group key management services. Figure 4 The process shown includes:

[0047] Step 401: The agent receives the original registration request message sent by the new member of the local network, encapsulates the original registration request message and the new member identification information in the request message, and sends it to GCKS.

[0048] Step 402: The agent receives the response message returned by GCKS, extracts the new team member identification ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method for realizing the registration of new members in group encryption key management, wherein an agent is deployed on a local network needing automatic group encryption key management service; the method also comprises the following steps: the agent receives an original registration request message sent by a new member of the local network; the original registration request message and the marker information of the new member are encapsulated in the request message and sent to a group controller and an encryption key management server GCKS; and the agent receives a response message returned by the GCKS, extracts the marker information of the new member and the original response message carried with a request processing result from the response message, and sends the original response message to the new member according to the marker information of the new member. The invention also discloses a device and a system for realizing the registration of the new members in the group encryption key management. The method, the device and the system are applied to realize automatic registration of the new members in the group encryption key management.

Description

technical field [0001] The invention relates to group key management technology, in particular to a method, device and system for realizing new group member registration in group key management. Background technique [0002] Internet Protocol Security (IPsec, IP Security) is a general term for a set of security protocols, including key management and data security, working at the IP layer in a point-to-point manner, and can provide authorization, authentication, key agreement, key update, data security and other services. Open Shortest Path First version 3 (OSPFv3, Open Shortest Path First version 3) is an intra-domain routing protocol. RFC4552 proposes how to use IPsec to solve the security problem of OSPFv3. For the situation that OSPFv3 runs on a multicast network, it proposes to use Group Security Association (GSA, Group Security Association) to solve the security problem, so that the routers on the network share the same Group security algorithm and key, that is, the ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/32H04L12/56H04L29/06
CPCH04L63/10H04L63/065H04L9/0833
Inventor 刘亚
Owner HUAWEI TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com