Solution for potential safety hazards in VPN (virtual private network)

A technology of virtual private network and security risks, which is applied in the direction of network interconnection, data exchange through path configuration, electrical components, etc., and can solve problems such as constraints, security passivity, and leakage

Active Publication Date: 2014-11-26
GUILIN UNIV OF ELECTRONIC TECH
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Method (2) fixes this security hole and improves efficiency, but method (2) has to introduce a trusted third party to prevent privacy leakage during the calculation process
On the one hand, the trusted third party introduced in method (2) strengthens the security in the calculation process, but on the other hand, it also makes the security of the VPN passive and restricted by the third party.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Solution for potential safety hazards in VPN (virtual private network)
  • Solution for potential safety hazards in VPN (virtual private network)
  • Solution for potential safety hazards in VPN (virtual private network)

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0071] The following describes in detail the embodiments of the solution to the hidden security risks in the virtual private network in conjunction with the accompanying drawings.

[0072] figure 1 Shown is the connection and communication situation of the virtual private network established on the basis of the public network in the embodiment of the solution to the hidden danger in the virtual private network, figure 1 The Ⅰ network and the Ⅱ network are two local networks; there is a firewall server in the Ⅰ network, the IP address of a computer in the Ⅰ network is 1.1.0.10, and the IP address of a roaming user on the Ⅱ network is 2.2.0.25. The computer can The firewall server in the I network is connected to the computer in the II network for communication. There is a VPN server (IP address 2.2.0.1) in the Ⅱ network, and a confidential private database (IP address 2.2.0.2) is connected to the VPN server. When the private database in the II network communicates with the compu...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a solution for potential safety hazards in a VPN (virtual private network), which comprises the following steps that: A, a firewall server detects that whether a ciphertext of packet header information of an encryption part of a data packet in a VPN tunnel is in a black and white list corresponding to a destination IP address in plaintext packet header information thereof; B, if the obtained result in the step A is that the ciphertext is not in the black and white list, the firewall server inquires firewalls according to the destination IP (internet protocol) address so as to obtain eligible FDD (firewall decision diagram) branches; C, the firewall server converts the inquiring results obtained in the step B into an OBDD (ordered binary decision diagram), and saves the OBDD and corresponding inquiring conditions; D, the firewall server encrypts and confuses each node of the OBDD obtained in the step C, and sending the OBDD to a VPN server; E, the VPN server decrypts the received OBDD so as to obtain destination node information, and the ciphertext of an exclusive-or data packet of the information is sent to the firewall server; and F, the firewall server executes a firewall strategy, and adds the ciphertext in the step A into the black and white list corresponding to the destination IP address. The firewall securely executes the firewall strategy for a data stream in the VPN tunnel, and the encrypted data is not leaked.

Description

Technical field [0001] The present invention relates to the technical field of network security, and in particular to a solution to hidden dangers in a virtual private network (VPN, Virtual Private Network). Background technique [0002] Virtual private network VPN (hereinafter referred to as VPN) is a remote access technology, that is, a private network is set up using public network links. Security and privacy are the two main technical goals in VPNs. In the current VPN technical solution, the VPN terminal mainly relies on the tunnel technology, that is, the encryption method is used to ensure the security and privacy of communication. However, because the encryption method is used, the firewall of the external network where the roaming user in the VPN is located cannot effectively inspect and manage the communication data in the tunnel. In this way, these tunnels that cannot be inspected and managed by the firewall become the entrance of malicious attacks. This vulnerability...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L12/46
Inventor 古天龙何仲春常亮徐周波徐彬彬
Owner GUILIN UNIV OF ELECTRONIC TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap