31 results about "Host Identity Protocol" patented technology

Present invention relates to Conversation initialisation protocol SIP which is most widely used appliance session management protocol. It contains operating SIP protocol in peer network and overcomes the shortage of high development cost in traditional client server mode. Based mainframe identify protocol, said invention can provides safety transmission for SIP user data. It can provide more complete network layer movability support. Due to SIP is the most basic protocol composition in instant communication software, IP multimedia subsystem IMS etc network service and application, said invention has wide application.

The invention relates to a method of configuring a plurality of rendezvous servers to provide a Host Identity Protocol, HIP, based mobility service to HIP nodes, where the servers are arranged in a hierarchical branching structure. For each HIP node, a Host Identity Tag, HIT,- and contact address mapping is registered with a rendezvous server (101). That server then identifies itself and the HIT to each higher level server within the same branch, without explicitly identifying the contact address to those higher level servers (103) wherein, in use, when a first rendezvous server receives a HIPcontact message addressed to a given HIT (201), if that first server is unaware of the destination HIT, it forwards the message to a higher level server within the same branch (204), and if the firstserver is not the server at which the HIT is registered but is aware of the HIT, it forwards the contact message to the neighbouring rendezvous server corresponding to the HIT (203).

The invention relates to a HIP (Host Identity Protocol) based method for realizing user mobility, comprising the following steps of: a registration step: the host equipment initiates a registration process to a set server, and the set server stores the mapping relation between user identification of a host equipment user and the host identification and the location identification of the host equipment; and a connection establishment step: the host equipment queries the set server according to the user identification of an opposite end user and establishes connection with the host equipment of the opposite end user by adopting the HIP according to a query result. The HIP based method and system for realizing the user mobility can realize the mobility taking the user as a centre.

The invention provides a registration and authentication method and system based on HIP (host identity protocol). User equipment is accessed into a distributed telecommunication service platform based on HIP by an HIP node, and an authentication method in a telecommunication network is adopted to authenticate the user equipment; and after the user equipment passes authentication, association information between a user identification of the user equipment and the HIP node and association information between the user identification of the user equipment and the current IP (internet protocol) address of the user equipment are stored in the HIP node. The invention provides a service platform with unified user management, transparent support mobility and multi-cavity performance, and new service income is acquired; and in addition, due to use of the original authentication system of the communication network, the resources of the network and the terminal are saved, the investment is reduced, and the reasonable overhead of mobile equipment and the network is guaranteed. Simultaneously, an application provider does not need to carry out investment construction of user management, support mobility and multi-cavity performance so as to save the capital expenditure, therefore, the win-win situation of the application provider and a network operator is achieved.

The embodiment of the invention relates to the field of safe channel multiplexing, and discloses a host identification protocol (HIP) safe channel multiplexing method and a device thereof, and is used for reducing the number of HIP safe channels and the maintenance cost. The method comprises the following steps: receiving a data transmission message request transmitted to HIP hosts by at least one traditional host; detecting whether the HIP safe channels are set up among the HIP hosts or not; if so, transmitting control signaling to the HIP hosts, wherein the control signaling is used for requesting to multiplex data transmitted to the traditional host by the HIP safe channels; and if response messages returned by the HIP hosts are received, transmitting the data of the traditional host to the HIP hosts through the HIP safe channels. The embodiment of the invention can reduce the number of the HIP safe channels set up among the HIP hosts and the cost for maintaining the safe channels, and improves the utilization rate of the HIP safe channels.

The invention relates to a secure multi-party network communication platform and a construction method and a communication method thereof, and belongs to the fields of distributed systems and computer networks. The multi-party communication platform consists of a management node and a group of host nodes needing intercommunication; by Internet connection, the multi-party communication platform can realize secure and efficient multi-party communication and provide a secure channel for network application software deployed on the communication nodes; the security of the communication layer is realized by using a host identification protocol, and authentication security is realized by using a public key/secret key system on management; the protocol is realized by an open source and supports multiple common operating systems, so the cost of the scheme is very low; centralized member management adopted by the method is flexible and convenient; different from multi-hop forwarding and layer-upon-layer encryption of an onion router protocol, the data of a host marking protocol are finished in one hop between double communication parties and encrypted at one time, so the efficiency is greatly improved, and the data are totally transparent for upper application.

The invention relates to an IP network multimedia communication technique, in particular to a naming service proposal applied to a network communication system and a communication method realized by utilizing the proposal, which aim at solving the name binding problem of SIP, URI, HI/HIT and transmission address when a system integrates Host Identity Protocol (HIP), and realize such naming services as registration, updating and search of a user in a complete peer-to-peer manner on a Distributed Hash Table (DHT) overlay network; by using the proposal, the user uses an SIP URI for binding one or more HIs; each HI is used for binding one or more transmission addresses; the user can use the SIP URI and a private key for logging the system and conducting SIP call according to the HI/HIT, thereby finishing HIP base exchange continually and establishing a safe media data transmission channel; the distributed safety mechanism can effectively ensure the uniqueness of the verification of the user, prevent such attacks as service refusal and protect the storage and updating of name binding; and the invention utilizes the DHT overlay network to realize naming service and the transmission of standard SIP signaling information, is easy to realize and arrange and causes the user to enjoy simple and safe network communication services.

The invention relates to a communication method, system and equipment based on a host identity protocol (HIP). The method is realized on the basis of HIP equipment and a HIP equipment access point (HAP) and comprises the following steps: source-end HIP equipment and source-end HAP build HIP connection; the source-end HIP equipment sends a data packet to the source-end HAP by the HIP connection; and the source-end HAP receives the data packet and forwards according to the HIP connection relationship or the internet protocol (IP) address of destination-end equipment. According to the communication method, system and equipment based on the HIP, cost for building the HIP connection can be reduced.

The embodiment of the invention provides a security assurance method of a host identity tag (HIT). The method comprises the following steps of: recording a valid period and/or a security state of the HIT in a security management server; when communication is needed, inquiring the valid period and/or the security state of the HIT of a peer end host needing the communication from the security management server; and determining whether to communicate with a host according to the valid period and/or the security state of the HIT of the host. The invention also provides the security management server, which comprises a record unit used for recording the valid period and/or the security state of the HIT and an inquiry unit used for providing inquiry into the valid period and/or the security state of the HIT for the peer end host needing the communication. The security assurance method and the security management server can avoid that the HIT is stilled used when the safety is reduced and provide a security assurance for the HIT of a host identity protocol.

The invention discloses a method and system for host access point (HAP) switching of a host identification protocol. The method comprises the following steps that: when an IP (Internet Protocol) address of host identification protocol (HIP) equipment is changed, the HIP equipment determines whether to switch HAP based on acquired smaller HAP information of RTT (round trip time) or the original HAP of the HIP equipment determines whether to switch the HAP according to acquired HAP information with smaller RTT between the HAP and the HIP equipment; when the HAP switching is determined to be executed, an HIP association is established between the HIP equipment and the HAP and the association between the HIP equipment with the original HAP is closed; and the original HAP transmits data of the HIP equipment to the new HAP. With the adoption of the method and the system provided by the invention, the problem that a time delay of the interaction between UE (User Equipment) and the HIP equipment is longer is solved, wherein the problem is caused by that the RTT between the UE and the HAP is increased after the UE is moved.

The embodiment of the invention discloses a method and a device for generating a host identity protocol package. The method of the embodiment of the invention comprises the following steps: acquiring management domain information and generating an HIP package including the management domain information, wherein the HIP package head of the HIP package loads the management domain information. The communication device of the embodiment of the invention comprises an acquiring module for acquiring the management domain information and a generating module for generating the HIP package including the management domain information, wherein the HIP package head of the HIP package loads the management domain information. In the method and the device of the embodiment of the invention, the HIP package head loads the management domain information, so that the global uniqueness of a host identify mark can be realized and allocation management and search of the host identify mark are facilitated, and the management domain information and the host identify mark are separately indicated, so the protection of the privacy of the host identify mark can be enhanced.

The invention discloses a data transmission method based on HIP (Host Identity Protocol) devices, when a source HIP device needs to send data to a target HIP device, a HAP (HIP device Access Point) associated with the source HIP device is selected for data sending. The invention further discloses a data transmission system based on the HIP devices, correspondingly. With the method and the system, when a certain HAP is failed, the HIP device associated with the failed HAP can choose other associated HAP for sending data, and the data sent to the HIP device also can be forwarded by other HAP associated with the HIP device, so that time delay of data sending of the HIP device caused by failure of a certain HAP is reduced, and data loss is avoided.

A method for establishing a connection includes: after establishing a first host identity protocol(HIP) association between a first address of a second terminal and a second address of a first terminal, the second terminal saves a first mapping relation among the first address, the second address and the first HIP association; a first transmission control protocol(TCP) connection between the first address and the second address is established, and a first TCP SYN message includes connection identity(CID) information; the second terminal establishes a second HIP association between a third address and a forth address of the second terminal, and saves a second mapping relation among the third address, the forth address and the second HIP association; a second TCP connection between the third address and the forth address is established, and a second TCP SYN message includes CID information which is the same with that of the first TCP SYN message. An apparatus for establishing a connection and a communication system corresponding to the method for establishing a connection are also provided. The multi-access of the terminal in the HIP network can be realized.