Method and equipment for updating anti-replay parameter during master and slave switching

A main-standby switching and anti-replay technology, applied in the field of communications, can solve the problem of low data transmission security, save network resources and ensure security.

Active Publication Date: 2010-12-15
NEW H3C TECH CO LTD
View PDF3 Cites 16 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0010] The present invention provides a method and device for updating anti-replay parameters during active-standby switchin

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and equipment for updating anti-replay parameter during master and slave switching
  • Method and equipment for updating anti-replay parameter during master and slave switching
  • Method and equipment for updating anti-replay parameter during master and slave switching

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0040] Aiming at the security problems that may be caused by synchronizing the anti-replay window and serial number during IPSec dual-system hot standby in the prior art, the embodiment of the present invention provides a scheme for updating anti-replay parameters during active-standby switchover. In this solution, the anti-replay window and serial number of the IPSec SA are not synchronized in real time, but are acquired by the new active device from the peer device of the IPSec tunnel during the active-standby switchover, so that the new active Reliable anti-replay window and anti-replay sequence number ensure the security of data transmission.

[0041] Embodiments of the present invention provide a method for updating anti-replay parameters during active-standby switchover. The following uses the method applied to an IPSec dual-machine hot backup system as an example to introduce, as shown in figure 2 As shown, the IPSec dual-system hot backup system includes the main devi...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method and equipment for updating an anti-replay parameter during master and slave switching. During master and slave switching, new master equipment sets IPSec SA to be invalid, acquires an anti-replay window and an anti-replay sequence number from opposite-end equipment of an IPSec tunnel to update the anti-replay window and the anti-replay sequence number of the IPSec SA per se, and sets the corresponding IPSec SA to be valid after the update is finished to process data so that the new master equipment can acquire the real and reliable anti-replay window and anti-replay sequence number and the security of data transmission is ensured.

Description

technical field [0001] The invention relates to the communication field, in particular to a method and device for updating anti-replay parameters during master-standby switchover. Background technique [0002] IPSec (IP Security, Internet Protocol Security) protocol is an open IP layer security framework protocol formulated by IETF (Internet Engineering Task Force, Internet Engineering Task Force). The IPSec protocol is a three-layer tunnel protocol that protects and authenticates IP data packets transmitted between devices participating in IPSec, and can provide security protection for sensitive data transmission. [0003] IPSec protocol protects data through SA (Security Association, Security Association). IPSec SA determines how to protect communication data, what kind of communication data to protect, and who implements the protection. IPSec SA is the basis and essence of IPSec protocol. IPSecSA defines the agreement of the communication parties on certain elements, su...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L12/24H04L29/06
Inventor 毛昱
Owner NEW H3C TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap