Creation method of end-to-end secure link and system

A technology of secure connection and establishment method, which is applied in the field of establishment method and system of end-to-end secure connection, can solve problems such as complex distribution and update process, unsuitable establishment of end-to-end secure connection of local area network, complex topology of wired local area network, etc. Achieving flexibility in the build and update process

Active Publication Date: 2010-09-22
CHINA IWNCOMM
View PDF4 Cites 13 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

This security measure brings a huge computational burden to the switching devices in the LAN, which is easy to cause attackers to attack the switching devices; and the delay of data packets from the sending node to the destination node will also increase, reducing network transmission. efficiency
[0004] The topology of wired LAN is relatively complex, and the number of nodes involved (here, terminals and switching devices are collectively referred to as nodes) is also relatively large, so the data communication in the network is relatively complicated.
If a static key pair is allocated between LAN nodes to establish an end-to-end secure connection, the allocation and update process is extremely complicated
Therefore, the static key pair method is not suitable for establishing an end-to-end secure LAN connection

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Creation method of end-to-end secure link and system
  • Creation method of end-to-end secure link and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0041] The node N (Node) in the present invention refers to a user terminal STA (STation) and a switching device SW (SWitch) in a wired LAN. Physical layer devices such as hubs in the LAN are not treated as nodes.

[0042] In the network, all switching devices and user terminals have established secure connections with the core switching devices in the network through pre-distribution or other security mechanisms, that is, they already have shared keys. The establishment mechanism of the assumed key is not limited or defined in the present invention. The core switching device in the present invention is generally the switching device closest to the gateway in the local area network, which can be specified or configured by the network administrator, and is not limited or defined in the present invention.

[0043] to send source node N Source with destination node N Destination As an example to illustrate the establishment of a secure connection between SW Center It is the c...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a creation method of end-to-end secure link and a system. The creation method comprises the following steps that: 1) a transmission source node NSource transmits akey request packet to a core switch device SWCenter; 2) after receiving the key request packet, the core switch device SWCenter creates a key announce packet to a destination node NDestination; 3) after receiving the key announce packet, the destination node NDestination creates a key announce response packet to be transmitted to the core switch device SWCenter; 4) after receiving the key announce response packet, the core switch device SWCenter creates a key response packet to be transmitted to the transmission source node NSource; 5) and the transmission source node NSource receives the key response packet and creates the end-to-end secure link. The creation method and the system have higher network security.

Description

technical field [0001] The invention relates to the application field of communication network security, in particular to a method and system for establishing an end-to-end secure connection. Background technique [0002] The wired LAN is generally a broadcast network, and the data sent by one node can be received by other nodes. All nodes on the network share the channel, which brings great security risks to the network. As long as the attacker accesses the network to monitor, he can capture all the data packets on the network. [0003] The local area network LAN defined by the existing national standard GB / T 15629.3 (corresponding to IEEE 802.3 or ISO / IEC 8802-3) does not provide data security methods, which makes it easy for attackers to steal key information. In the field of international research, the IEEE 802.1AE standard developed by IEEE provides a data encryption protocol for protecting Ethernet, and adopts hop-by-hop encryption security measures to realize the sa...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/08H04L9/14H04L9/18H04L29/08
CPCH04L63/06
Inventor 铁满霞曹军李琴黄振海
Owner CHINA IWNCOMM
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap