Administration mechanism for standard way access control list (ACL) rule under internet protocol security (IPsec) protocol

A technology of management mechanism and rules, applied in the fields of electrical digital data processing, special data processing applications, instruments, etc., can solve the problems of difficult to determine priority, low efficiency, complicated add/delete operations, etc., to achieve wide application and simple structure. Effect

Inactive Publication Date: 2012-12-05
CHONGQING UNIV
View PDF0 Cites 25 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The advantage of this method is that the performance is stable, and the half search method is generally used to locate the range; it can satisfy any address range search and supports multi-level search, but the memory usage of the HIPACK method is high; when multi-level search is performed, the priority is difficult to determine; adding / deleting operations are complicated , inefficient, and may even require refactoring the entire range table

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Administration mechanism for standard way access control list (ACL) rule under internet protocol security (IPsec) protocol
  • Administration mechanism for standard way access control list (ACL) rule under internet protocol security (IPsec) protocol
  • Administration mechanism for standard way access control list (ACL) rule under internet protocol security (IPsec) protocol

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0049] All features disclosed in this specification, or steps in all methods or processes disclosed, may be combined in any manner, except for mutually exclusive features and / or steps.

[0050] Any feature disclosed in this specification (including any appended claims, abstract and drawings), unless expressly stated otherwise, may be replaced by alternative features which are equivalent or serve a similar purpose. That is, unless expressly stated otherwise, each feature is one example only of a series of equivalent or similar features.

[0051] A kind of management mechanism of standard mode ACL rule under IPsec agreement, it is characterized in that for a standard mode ACL rule, first adopt the following steps to process:

[0052] Step 1. Determine the paragraph code and intra-segment code of the address range in the rule: set an address range from W to V, define the part before the first bit with different values ​​in W and V as the paragraph code of the address range, and t...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an administration mechanism for a standard way access control list (ACL) under an IPsec (internet protocol security) protocol, which belongs to the data communication field. The method is characterized in that address information in the standard way ACL rule is divided into a paragraph code and a segment code, a rule index of the standard way ACL rule is defined, administration of the standard way ACL rule is divided into two independent parts, i.e., source address range rule index and destination address range rule index, and the administration of the standard way ACL rule is performed in the same binary tree data structure. A data structure involved by the method comprises three parts including a binary tree, a segment code link table and a rule index digit group. The administration mechanism has the remarkable characteristics that for the standard way ACL rule with any address range, overlapped address range and multilevel address range, convenience and rapidness in operations of addition, searching and deletion can be realized, and the system expenditure is small.

Description

technical field [0001] The invention relates to a processing mechanism of ACL rules in a standard mode under the IPsec protocol, a data structure based on a binary tree and a two-way linked list, and supports addition, deletion and search operations of ACL rules in arbitrary address ranges, overlapping address ranges, and multi-level address ranges. Background technique [0002] With the rapid development of modern information technology, the network has spread to all aspects of society, but while the network provides open and shared resources, there are inevitably security risks. How to ensure the security of information systems and effectively guarantee the safe transmission of confidential information in the network has become the focus of people's increasing attention. The IPsec (IP Security) protocol involved in the present invention provides an authentication and encryption mechanism based on cryptographic technology, and is a widely used three-layer security protocol....

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06G06F17/30
Inventor 肖波冯文江杨智慧王品何昊宸刘国岭
Owner CHONGQING UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap