Unlock instant, AI-driven research and patent intelligence for your innovation.

Method for constructing IP (Internet Protocol) layer SSL VPN (Secure Socket Layer Virtual Private Network) tunnel

A technology in tunnels and tunnels, applied in the field of network security, can solve the problems of consuming system performance, not bringing security advantages, wasting bandwidth, etc., and achieving the effect of reducing consumption

Inactive Publication Date: 2013-12-11
OPZOON TECH
View PDF3 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Although this solves the problem of wasting the bandwidth of the SSL VPN tunnel, it introduces another problem: the SSL protocol needs to be negotiated once when establishing a control connection; in this way, DTLS also needs to be negotiated once when establishing a data connection.
The algorithm for obtaining the encryption suite and encryption parameters through each negotiation consumes the most system performance, and the second negotiation does not bring any security advantages

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for constructing IP (Internet Protocol) layer SSL VPN (Secure Socket Layer Virtual Private Network) tunnel
  • Method for constructing IP (Internet Protocol) layer SSL VPN (Secure Socket Layer Virtual Private Network) tunnel

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0025] The specific implementation manners of the present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments. The following examples are used to illustrate the present invention, but are not intended to limit the scope of the present invention.

[0026] figure 1 It is a flowchart of a method for constructing an IP layer SSL VPN tunnel described in an embodiment of the present invention, see figure 1 , the method includes the following steps:

[0027] S1: negotiate a control connection through the SSL protocol, obtain an encryption suite and encryption parameters, and use the encryption suite and encryption parameters to establish a control connection through the SSL protocol;

[0028] The negotiation control connection further includes: the step of completing certificate authentication.

[0029] S2: Establish a data connection by using the cipher suite and encryption parameters through the DTLS protocol.

[003...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method for constructing an IP (Internet Protocol) layer SSL VPN (Secure Socket Layer Virtual Private Network) tunnel, comprising the following steps of: negotiating control connection by an SSL protocol to obtain encryption suite and encryption parameters, and constructing the control connection by using the encryption suite and the encryption parameters by the SSL protocol; and constructing data connection by using the encryption suite and the encryption parameters by the DTLS (Datagram Transport Layer Security) protocol. In the invention, the IP layer SSL VPN tunnel is constructed by utilizing an SSL+DTLS manner, and the encryption suite and the encryption parameters obtained by the SSL protocol negotiation are directly used when the data connection is constructed by utilizing the DTLS protocol, thus the consumption of system performance is reduced.

Description

technical field [0001] The invention relates to the field of network security, in particular to a method for constructing an IP layer SSL VPN tunnel. Background technique [0002] Sometimes important or sensitive data needs to be transmitted on the network. Netscape Corporation (Netscape Corporation) proposed the SSL protocol (Secure Socket Layer, Secure Socket Layer Protocol), which can ensure the confidentiality and reliability of network communication. The IETF (Internet Engineering Task Force, Internet Engineering Task Force) standardized the SSL protocol, and called it the TLS (Transport Layer Security, Transport Layer Security protocol) protocol. [0003] Applications on TCP (Transmission Control Protocol, Transmission Control Protocol) can use the TLS protocol to ensure security, but the TLS protocol cannot be used to ensure the security of UDP (User Datagram Protocol, User Datagram Protocol). The Datagram (datagram) TLS protocol, referred to as the DTLS protocol, pr...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L12/46
Inventor 接伟殷建儒张永培
Owner OPZOON TECH