Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Label based cross-domain data transmission protection method

A data transmission and labeling technology, applied in the field of label-based cross-domain data transmission protection, can solve the problem of inability to detect in-depth packet content, and achieve good scalability.

Inactive Publication Date: 2018-06-29
NO 30 INST OF CHINA ELECTRONIC TECH GRP CORP
View PDF5 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0002] At present, most of the integrity protection and anti-replay attack of IP packets transmitted in the network are realized based on IPSec technology. The protocol of the document is re-encapsulated, and the content of the message is encrypted, so that other security facilities (such as IDS) in the network cannot conduct in-depth inspection of the content of the message

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Label based cross-domain data transmission protection method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0008] The invention designs a security label format for IP data packets transmitted between different network domains, and proposes a processing flow for the label format.

[0009] The security label defines fields such as security label value, security parameter, algorithm identifier, serial number, label length, and version number. The meanings of each field are as follows:

[0010] 1. Security label value: the data obtained by operating the protected data with specified parameters and algorithms, used to create labels and verify labels.

[0011] 2. Security parameter: It is used to identify the parameter used to calculate the value of the security label in the current security label. This parameter is dynamically generated, and this field is designed to increase the difficulty of cracking.

[0012] 3. Algorithm identification: identify the algorithm used to calculate the security label value in the current security label, which is scalable. This field is designed to meet t...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a label based cross-domain data transmission protection method. Safety protection devices are deployed at a network border and are connected in series in a communication link;a safety protection device at a transmitting terminal builds a safety label and adds the safety label to the tail of an original IP packet for transmission; and a safety protection device at a receiving terminal verifies the original IP packet by utilizing the safety label and sends out the original IP packet which passes verification. As the safety label is attached at the tail of the data message for transmission, so that identification and processing of a network device on a transmission path for data is not affected, and the label based cross-domain data transmission protection method hasa transparent transmission characteristic. Algorithm identifiers, label length and version number in the label have good expansibility. Safety label values designed in labels can be used for realizingcompleteness verification of data packets; serial number designed in the label can be used for realizing anti-replay attack of messages. The label based cross-domain data transmission protection method can be applied to a network safety product, and has the advantages of being safe, reliable and practical.

Description

technical field [0001] The invention relates to a label-based cross-domain data transmission protection method. Background technique [0002] At present, most of the integrity protection and anti-replay attack of IP packets transmitted in the network are realized based on IPSec technology. The protocol of the message is re-encapsulated, and the content of the message is encrypted, so that other security facilities (such as IDS) in the network cannot conduct in-depth inspection of the content of the message. Contents of the invention [0003] In order to overcome the above-mentioned shortcomings of the prior art, the present invention provides a label-based cross-domain data transmission protection method. The designed security label and data processing flow do not change the original information content of the IP message, and do not affect other information on the transmission path. The identification and processing of data by network security devices can also realize the...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06
CPCH04L63/123H04L63/205
Inventor 詹茂豪唐晋林武廖游廖竣锴
Owner NO 30 INST OF CHINA ELECTRONIC TECH GRP CORP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products