VPN (virtual private network) connection method based on IPSec (internet protocol security)

A connection method and IP address technology, applied in the field of communication, can solve problems such as easy to be cracked, low security, difficult to adapt, etc., to achieve the effect of avoiding low security performance, taking into account security and ease of use

Inactive Publication Date: 2014-12-31
BEIJING SAPLING TECH
View PDF6 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] With the development of the network, especially the network economy, the enterprises are expanding day by day, the distribution of customers is becoming wider and wider, and the number of partners is increasing day by day. This situation promotes the increasing benefits of enterprises, and on the other hand, it also highlights the functional defects of traditional enterprise networks. : The private line connection method of the traditional enterprise network based on a fixed physical location has been difficult to meet the needs of modern enterprises. Therefore, enterprises have put forward higher requirements for their own network construction, mainly in the flexibility, security, economy, and scalability of the network. aspect
[0006] It can be seen that in the prior art, when performing IKE negotiation, the common key negotiation method is used, which is easy to be cracked and the security is not high.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • VPN (virtual private network) connection method based on IPSec (internet protocol security)

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0020] Embodiment 1 of the present invention provides a VPN connection method based on IPSec, which is characterized in that the network includes an initiator A connected to a USB Key, an initiator B not connected to a USB Key, and a responder, and the USB Key stores Obtain the digital certificate required for IPSec connection, and electrically connect with the initiator device as a third-party device, including the following steps:

[0021] Step 202, the initiator A initiates an IPSec-based connection request to the responder;

[0022] Step 204, the initiator A uses the digital certificate stored in the USB Key to perform IKE negotiation with the responder to establish an IPSec connection;

[0023] Step 206, the initiator B initiates an IPSec connection request to the responder to perform IKE negotiation, and when the negotiation proceeds to the transfer of relevant information related to the digital certificate, the initiator B suspends the IKE negotiation;

[0024] Step 20...

Embodiment 2

[0029] In step 208 of the first embodiment, the specific method for the initiator B to obtain the IP address of the initiator A connected to the USB Key is as follows:

[0030] The initiator B sends a query request to the responder, and the request responder sends the initiator B the IP address information of the initiator connected to the USB Key containing the digital certificate;

[0031] After receiving the query request, the responder finds the initiator A that has connected with itself through IPSec and connected the USB Key containing the digital certificate, and sends the IP address of the initiator A to the initiator B.

[0032] Those of ordinary skill in the art can understand that all or part of the processes in the methods of the above embodiments can be realized by instructing related hardware through a host program, and the program can be stored in a host-readable storage medium, the program During execution, it may include the processes of the embodiments of the...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

Disclosed is a VPN (virtual private network) connection method based on IPSec (internet protocol security). In the VPN connection method, IKE (internet key exchange) negotiation is performed by reading a digital certificate stored in a USBKey during VPN connection based on the IPSec, so that the problem of low safety performance of common key negotiation modes is avoided. For users without the USBKey but having temporary access requests, the digital certificate is acquired by sending requests to other users with the USBKey, so that connection establishment in particular cases is guaranteed, and safety and usability are also taken into consideration.

Description

technical field [0001] The invention relates to the field of communication technology, in particular to a VPN connection method. Background technique [0002] The development of information technology and the widespread use of the Internet, while bringing great convenience to people's life and work, have also made people very worried about the security of communication data and the operation of computer systems on the Internet based on the open protocol platform TCP / IP. safety. At present, a variety of secure communication technologies have been applied to data transmission in the Internet. Among them, the Internet Protocol Security (IPSec) communication protocol implemented at the network layer is completely transparent to the application layer, so it is very suitable for the existing TCP / IP network. By adding IPSec security modules without modifying the settings of application systems and software, a common secure network communication environment is constructed for vario...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/32H04L12/46
Inventor 苏长君郑曙光
Owner BEIJING SAPLING TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap