Check patentability & draft patents in minutes with Patsnap Eureka AI!

Secure connection initiation hosts behind firewalls

A firewall and host system technology, applied in the direction of data acquisition prevention, electrical components, data exchange details, etc., can solve the problems that TURN and ICE are not widely accepted

Inactive Publication Date: 2012-12-05
ALCATEL LUCENT SAS
View PDF5 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

It appears that TURN and ICE are not widely accepted in the market due to this vulnerability

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Secure connection initiation hosts behind firewalls
  • Secure connection initiation hosts behind firewalls
  • Secure connection initiation hosts behind firewalls

Examples

Experimental program
Comparison scheme
Effect test

example

[0100] Example: N=3:

[0101] When a new KOF REQ arrives at internal host Hi, internal host Hi already has N=3 2-tuple entries:

[0102]

[0103] Since 2-tuple entries 1 and 3 have the largest common prefix, combining 2-tuple entries 1 and 3 results in the following:

[0104] state

Hi's IP address

Ho's IP address

state

message counter

expiration time

1

100.1.1.0

200.1.X.X

pass

3

Now +3120msec

2

100.1.1.0

223.1.1.4

pass

5

Now +897msec

[0105] 3

100.1.1.0

114.2.45.4

pass

1

Now +9000msec

[0106] The combined KOF state, now shown as state 1, has an external host Ho IP address of 200.1.X.X, which is in a so-called prefix-based form since "X.X" is used for at least two distinct octets of the IP address. "X.X" matches all values ​​of the response octet for the IP address of the external host. In addition, the passing state count...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention is directed to an inter-host signaling protocol, referred to herein as Knock-On Protocol, KOP, for establishing in a secure manner a connection with a host behind a firewall. Some embodiments of the invention are directed to a Knock-On Feature, KOF, used in intermediate firewalls, FWS, or network address translators, NATS, to enable connection establishment through the FW or NAT to hosts behind the FW or NAT. Advantageously the KOF may include a prefix-based protection feature to protect against address spoofing used in a message flood attack.

Description

technical field [0001] The present invention relates to packet data networks, and in particular to initiating a secure connection between two host systems, one of which is connected to the packet data network via a firewall. Hereafter, this connectivity of the host system to the packet data network is referred to as the host system behind a firewall. Background technique [0002] Firewalls (FWs) and Network Address Translators (NATs) apply the following security features: FWs accept inbound packets as soon as they arrive, only in response to outbound packets that were previously passed through the FW. The FW requires the inbound packet to match the previous outbound packet with respect to the 5-tuple {protocol type, source IP address, source port, destination IP address, destination port}. [0003] This FW security feature allows an internal host (ie, a host system behind a firewall) to open a connection to any external host (ie, a host system not behind the same firewall),...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/029H04L63/1458H04L12/22
Inventor K·G·哈姆佩尔D·凯鲁比尼R·拉扎维
Owner ALCATEL LUCENT SAS
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com