Method and device for establishing Internet safety protocol safety alliance

A technology of security protocol and establishment method, which is applied in the field of establishment of Internet Security Protocol Security Alliance, and can solve the problem of inability to distinguish the traffic of different companies.

Active Publication Date: 2016-07-27
HUAWEI DIGITAL TECH SUZHOU
View PDF6 Cites 12 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] Embodiments of the present invention provide a method and device for establishing an Internet security protocol security association to solve the problem of inability to distinguish the traffic of different companies caused by the establishment of IPSecSA using the existing technology

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for establishing Internet safety protocol safety alliance
  • Method and device for establishing Internet safety protocol safety alliance
  • Method and device for establishing Internet safety protocol safety alliance

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0092] In order to make the purpose, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below in conjunction with the drawings in the embodiments of the present invention. Obviously, the described embodiments It is a part of embodiments of the present invention, but not all embodiments. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.

[0093]As a layer-3 tunneling protocol, IPSec is a series of protocols developed by the Internet Engineering Task Force (English: Internet Engineering Task Force, referred to as: IETF), which provides high-quality, reliable data packets for Internet Protocol (English: Internet Protocol, referred to as: IP) Interoperable, cryptography-based sec...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a method and device for establishing an Internet safety protocol safety alliance. In the embodiment of the invention, a VRF identifier is carried in a negotiation message as a part of the characteristics of the flow needed to be protected for exchange in an IKE negotiation process, for example, a first negotiation message carries a VRF identifier of a first logic device, a second negotiation message carries a VRF identifier of a second logic device, an IPSec SA is established through IKE negotiation according to various VRF identifiers, and various IPSec SAs are chosen to be encrypted for the flow of various VRF identifiers according to a safety strategy. The method and device can realize that the operator provides the IP spaces which can be independently programmed to various logic devices on the basis of the VRF identifier, provides a fully isolate IPSec protection function and realizes the flow distinguishing between various companies. Besides, one IP address is adopted to protect the flows of multiple companies in order to save the IP address source of the public network.

Description

technical field [0001] The embodiment of the present invention relates to communication technology, and in particular to a method and device for establishing a security alliance of an Internet security protocol. Background technique [0002] With the development of communication technology, people pay more and more attention to information security. For example, when transmitting information on a public network, an Internet Security Protocol (English: Internet Protocol Security, IPSec for short) is used to improve the security of an enterprise using the public network. [0003] In the prior art, when a data message is forwarded inside the device, a security policy database (English: SecurityPolicyDatabase, referred to as: SPD) is first searched; if it is found that the data message needs to be protected by IPSec, then according to the found security policy, Find the corresponding security association (English: SecurityAssociation, referred to as: SA); if the SA has not been...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L12/813H04L47/20
Inventor 张日华高国鲁
Owner HUAWEI DIGITAL TECH SUZHOU
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap