Solution for potential safety hazards in VPN (virtual private network)

A technology of virtual private network and security risks, which is applied in the direction of network interconnection, data exchange through path configuration, electrical components, etc., and can solve problems such as constraints, security passivity, and leakage

Active Publication Date: 2012-12-19
GUILIN UNIV OF ELECTRONIC TECH
View PDF4 Cites 9 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Method (2) fixes this security hole and improves efficiency, but method (2) has to introduce a trusted third party to prevent privacy leakage during the calculation process
On the one hand, the trusted third party introduced in method (2) strengthens the security in the calculation process, but on the other hand, it also makes the security of the VPN passive and restricted by the third party.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Solution for potential safety hazards in VPN (virtual private network)
  • Solution for potential safety hazards in VPN (virtual private network)
  • Solution for potential safety hazards in VPN (virtual private network)

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0071] Embodiments of solutions to potential safety hazards in this virtual private network will be described in detail below in conjunction with the accompanying drawings.

[0072] figure 1 Shown is the connection and communication situation of setting up the virtual private network on the basis of the public network of the solution method embodiment of the potential safety hazard in the virtual private network, figure 1 In network I and network II are two partial networks; there is a firewall server in network I, and a computer in network I has an IP address of 1.1.0.10, and its IP address as a roaming user of network II is 2.2.0.25. Through the firewall server in network I, it communicates with the computer in network II. There is a VPN server (IP address 2.2.0.1) in the II network, and the VPN server is connected to a confidential private database (IP address 2.2.0.2). When the private database in the II network communicates with the computer in the I network through the...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a solution for potential safety hazards in a VPN (virtual private network), which comprises the following steps that: A, a firewall server detects that whether a ciphertext of packet header information of an encryption part of a data packet in a VPN tunnel is in a black and white list corresponding to a destination IP address in plaintext packet header information thereof; B, if the obtained result in the step A is that the ciphertext is not in the black and white list, the firewall server inquires firewalls according to the destination IP (internet protocol) address so as to obtain eligible FDD (firewall decision diagram) branches; C, the firewall server converts the inquiring results obtained in the step B into an OBDD (ordered binary decision diagram), and saves the OBDD and corresponding inquiring conditions; D, the firewall server encrypts and confuses each node of the OBDD obtained in the step C, and sending the OBDD to a VPN server; E, the VPN server decrypts the received OBDD so as to obtain destination node information, and the ciphertext of an exclusive-or data packet of the information is sent to the firewall server; and F, the firewall server executes a firewall strategy, and adds the ciphertext in the step A into the black and white list corresponding to the destination IP address. The firewall securely executes the firewall strategy for a data stream in the VPN tunnel, and the encrypted data is not leaked.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a solution to potential safety hazards in a virtual private network (VPN, Virtual Private Network). Background technique [0002] Virtual private network VPN (hereinafter referred to as VPN) is a remote access technology, that is, using public network links to set up a private network. Security and privacy are the two main technical goals in a VPN. In the current VPN technical solutions, VPN terminals mainly rely on tunneling technology, that is, encryption is used to ensure the security and privacy of communication. However, because of the encryption method, the firewall of the external network where the roaming user in the VPN is located cannot effectively check and manage the communication data in the tunnel. As a result, these tunnels that cannot be inspected and managed by the firewall become the entrance of malicious attacks. This vulnerability also brings great ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L12/46
Inventor 古天龙何仲春常亮徐周波徐彬彬
Owner GUILIN UNIV OF ELECTRONIC TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap