Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

IPSec gateway automatic discovery method in identifier separation mapping network

A technology of identification separation and automatic discovery, applied in the network field, can solve problems such as serious security risks, registration server becoming a bottleneck, registration server lack of protection measures, etc., to achieve the effect of ensuring stability, simplifying the configuration process, and good technical effects

Inactive Publication Date: 2011-02-09
BEIJING JIAOTONG UNIV
View PDF2 Cites 33 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0032] That is, due to the IPSec gateway discovery scheme based on the C / S mode, the IPSec gateway information in the network is stored in a registration server, so when the network scale expands, the registration server will become a bottleneck
Moreover, because the registration server lacks corresponding protection measures, it is easy to receive network attacks such as DoS, and the security risks are very serious.
[0033] From the above analysis, it can be seen that the existing two solutions and methods will bring certain problems to the system, therefore, there are inevitably corresponding shortcomings

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • IPSec gateway automatic discovery method in identifier separation mapping network
  • IPSec gateway automatic discovery method in identifier separation mapping network
  • IPSec gateway automatic discovery method in identifier separation mapping network

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0082] The present invention will be described in detail below in conjunction with the accompanying drawings.

[0083] The definitions of various English abbreviations described in the present invention are as follows:

[0084] IPSec: IP Security, IP layer security protocol system; VPN: Virtual Private Network, virtual private network; IPSec GW: IPSec Gateway, IPSec gateway; AR: Access Router; access router; CR: Core Router, core router; AC: Authentication Center, authentication center; IDS: Identifier Server, mapping server; SA: Security Association, security association; AH: Authentication Header, authentication header protocol; ESP: Encapsulating Security Payload, encapsulating security payload; Internet key exchange (IKE): Internet key Exchange protocol (IKE); DoS: Denial of Service, denial of service.

[0085] Figure 5 It is a schematic diagram of gateway automatic discovery and communication flow according to the present invention; Figure 6 It is a schematic diagram...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an IPSec gateway automatic discovery method in an identifier separation mapping network, belonging to the network technical field. The method comprises the following steps: I) automatic negotiation step: a source IPSec gateway and a destination IPSec gateway automatically exchange information to acquire the configuration information needed in IPSec negotiation, and the security association establishment is finished; II) confidential communication step: the confidential communication is carried out between the source IPSec gateway and the destination IPSec gateway, and the data transmission is finished between a source terminal and a destination terminal; III) automatic clearing step: the security association between the source IPSec gateway and the destination IPSec gateway can be automatically cleared after the above security association is out of data. The method of the invention can ensure that the IPSec gateway in the identifier separation mapping network automatically configures and negotiates the security association, and replaces manually configured manner, thus simplifying the configuration process; and the method of the invention can automatically clear the overdue security association, ensure the stability of the strategic database, and is especially suitable for large-sized network environment.

Description

technical field [0001] The invention relates to a method for automatic discovery of an IPSec gateway (IP Security: IP layer security protocol system) in an identification separation and mapping network, and belongs to the field of network technology. Background technique [0002] The identification separation mapping network is a new type of network, which separates the location information of the terminal from the identity information, and establishes a separation and mapping mechanism for access identification and routing identification. In the identification separation and mapping network, the management department assigns a globally unique access identification to each terminal, representing the identity information of the terminal; the mapping server assigns a routing identification to the access terminal, representing the location information of the terminal, and establishes the access identification and The mapping relationship of routing identifiers. At the same tim...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L12/66H04L29/06H04L12/56
Inventor 刘颖张宏科万明姜巍唐建强
Owner BEIJING JIAOTONG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com