A method for embedding IPSEC in IP protocol stack

A technology of IP protocol and IP message, which is applied in the field of information security in the field of information technology, and can solve the problems that the complete function of IPSEC cannot be realized, and it is difficult to realize it.

Inactive Publication Date: 2004-11-10
ZTE CORP
View PDF0 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0045] The present invention overcomes the problem that the complete function of IPSEC cannot be realized and is difficult to realize due to the embedding method in the existing IPSEC realization technology, and proposes an easy-to-implement IPSEC embedding method, which can realize the complete function of IPSEC

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A method for embedding IPSEC in IP protocol stack
  • A method for embedding IPSEC in IP protocol stack
  • A method for embedding IPSEC in IP protocol stack

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0086] From attached figure 1 It can be seen that the IP packet is still an IP packet after IPSEC encapsulation, and is still processed by the IP processing flow on the network as an IP packet. Therefore, IPSEC processing is part of IP processing. To complete the IPSEC processing, the IPSEC output processing flow must be embedded in the IP output processing flow, and the IPSEC input processing flow must be embedded in the IP input processing flow. After embedding, the IP output processing flow will call the IPSEC output processing flow, and the IP input processing flow will call the IPSEC input processing flow. Therefore, an IPSEC embedding method includes four aspects:

[0087] √Embedding point for IPSEC input;

[0088] √The processing flow of IPSEC input;

[0089] √Embedding point of IPSEC output;

[0090] √The processing flow of IPSEC output;

[0091] Introduce the IPSEC embedding method of the present invention below:

[0092] 1. Embedding point of IPSEC input

[0...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method to insert IPSEC in IP protocol stack, including the following steps: 1, during the IP input processing course of IP protocol stack, after IP processing is basically completed, inserting IPSec input processing flow; 2, during the IP output processing course, after IP processing is basically completed, inserting IPSec output processing flow. By this method, compared with existing techniques, it overcomes the disadvantage of inserting modes of Free SWAN and KAME and can implement complete IPSec funciotns such as safety policy inspection for transmitted IP packages, safety policy inspection for non-IPSec package in local computer, supporting inserted safety policy, supporting high safety particle size, etc.

Description

technical field [0001] The invention belongs to information security technology in the field of information technology, and relates to an IPSEC realization method, in particular to a method for embedding IPSEC into an IP protocol stack. Background technique [0002] Hereinafter, IP refers to Internet Protocol, a communication protocol of the Internet, and IPSEC refers to IP Security, a protocol that provides security protection for IP. [0003] 1. Basic functions of IPSEC [0004] The IP protocol itself is insecure, and IP packets may be attacked by eavesdropping, tampering, and retransmission during transmission. In order to overcome these weaknesses, IETF (Internet Standards Organization) designed the IPSEC protocol suite to provide security protection for IPv4 and IPv6 messages, including data source authentication, connectionless data integrity, anti-replay, data confidentiality and limited traffic flow confidentiality sex and so on. [0005] IPSec provides security s...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L29/06095H04L29/06102H04L63/164H04L69/16H04L69/161
Inventor 陈开渠李卓明赵洁陈海彬李亚晖丁勇彭志威
Owner ZTE CORP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap