JP2012034169A5 - - Google Patents
Download PDFInfo
- Publication number
- JP2012034169A5 JP2012034169A5 JP2010171596A JP2010171596A JP2012034169A5 JP 2012034169 A5 JP2012034169 A5 JP 2012034169A5 JP 2010171596 A JP2010171596 A JP 2010171596A JP 2010171596 A JP2010171596 A JP 2010171596A JP 2012034169 A5 JP2012034169 A5 JP 2012034169A5
- Authority
- JP
- Japan
- Prior art keywords
- authentication
- data
- authentication data
- data packet
- packet
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Claims (23)
前記第1の装置は、
データパケットに認証用データを埋め込む認証用データ埋め込み部と、
前記認証用データが埋め込まれたデータパケットを前記第2の装置へ送信するパケット送信部と、を備え、
前記第2の装置は、
前記第1の装置から前記データパケットを受信するパケット受信部と、
前記受信したデータパケットから、認証用データを抽出する認証用データ抽出部と、
前記抽出した認証用データに基づいて、前記データパケットの送信者または受信者の正当性を判断する正当性判断部と、を備えることを特徴とする認証システム。 An authentication system comprising a first device and a second device connected to the first device via a first network,
The first device includes:
An authentication data embedding unit for embedding authentication data in the data packet;
A packet transmission unit that transmits the data packet in which the authentication data is embedded to the second device,
The second device includes:
A packet receiver that receives the data packet from the first device;
An authentication data extraction unit for extracting authentication data from the received data packet;
An authentication system comprising: a validity determination unit that determines the validity of the sender or receiver of the data packet based on the extracted authentication data.
前記認証用データ埋め込み部は、前記IPv6アドレスのインターフェースID部に、前記認証用データを埋め込むことを特徴とする、請求項4に記載の認証システム。 The outer header is an IPv6 address,
The authentication system according to claim 4, wherein the authentication data embedding unit embeds the authentication data in an interface ID portion of the IPv6 address.
前記認証用データ埋め込み部は、前記IPv4アドレスのホスト部に、前記認証用データを埋め込むことを特徴とする、請求項4に記載の認証システム。 The outer header is an IPv4 address,
The authentication system according to claim 4, wherein the authentication data embedding unit embeds the authentication data in a host unit of the IPv4 address.
前記正当性判断部は、前記データパケットの送信元アドレスに埋め込まれた認証用データに基づいて、前記データパケットの送信者の正当性を判断することを特徴とする、請求項1から6のいずれか一項に記載の認証システム。 The authentication data embedding unit embeds the authentication data in a transmission source address of the data packet,
The said validity judgment part judges the sender's legitimacy of the said data packet based on the data for authentication embedded in the transmission source address of the said data packet, Any one of Claim 1 to 6 characterized by the above-mentioned. The authentication system according to claim 1.
前記正当性判断は、前記データパケットの宛先アドレスに埋め込まれた認証用データに基づいて、前記データパケットの受信者の正当性を判断することを特徴とする、請求項1から7のいずれか一項に記載の認証システム。 The authentication data embedding unit embeds the authentication data in a destination address of the data packet,
8. The validity determination according to claim 1, wherein the validity is determined based on authentication data embedded in a destination address of the data packet. The authentication system described in the section.
前記正当性判断部は、前記抽出した認証用データと、前記算出した認証用データとが一致する場合には、前記データパケットの送信者または受信者は正当であると判断して、該データパケットを前記パケット転送部へ送信することを特徴とする、請求項2から8のいずれか一項に記載の認証システム。 The second device connects the first network and the second network, and further includes a packet transfer unit that transfers the data packet to the second network,
The validity judgment unit judges that the sender or receiver of the data packet is valid when the extracted authentication data matches the calculated authentication data, and the data packet The authentication system according to any one of claims 2 to 8, wherein the authentication system is transmitted to the packet transfer unit.
前記第1の装置および前記第2の装置はそれぞれ、前記所定のアルゴリズムを予め記憶していることを特徴とする、請求項1から10のいずれか一項に記載の認証システム。The authentication system according to any one of claims 1 to 10, wherein each of the first device and the second device stores the predetermined algorithm in advance.
データパケットに、認証用データを埋め込む認証用データ埋め込み部と、
前記認証用データが埋め込まれたデータパケットを前記第2の装置へ送信するパケット送信部と、を備えることを特徴とする装置。 A first device connected to a second device via a network,
An authentication data embedding unit for embedding authentication data in the data packet;
A packet transmission unit configured to transmit the data packet in which the authentication data is embedded to the second device;
前記第1の装置からデータパケットを受信するパケット受信部と、
前記受信したデータパケットから、認証用データを抽出する認証用データ抽出部と、
前記抽出した認証用データに基づいて、該データパケットの送信者または受信者の正当性を判断する正当性判断部と、を備えることを特徴とする装置。 A second device connected to the first device via a network,
A packet receiver for receiving data packets from the first device;
An authentication data extraction unit for extracting authentication data from the received data packet;
An apparatus comprising: a legitimacy judging unit that judges legitimacy of a sender or a receiver of the data packet based on the extracted authentication data.
前記第1の装置における、
データパケットに認証用データを埋め込む認証用データ埋め込みステップと、
前記認証用データが埋め込まれたデータパケットを前記第2の装置へ送信するパケット送信ステップと、
前記第2の装置における、
前記第1の装置から前記データパケットを受信するパケット受信ステップと、
前記受信したデータパケットから、認証用データを抽出する認証用データ抽出ステップと、
前記抽出した認証用データに基づいて、該データパケットの送信者または受信者の正当性を判断する正当性判断ステップと、を含むことを特徴とする認証方法。 An authentication method in a network system comprising a first device and a second device connected to the first device via a first network,
In the first device,
An authentication data embedding step for embedding the authentication data in the data packet;
A packet transmission step of transmitting the data packet in which the authentication data is embedded to the second device;
In the second device,
A packet receiving step for receiving the data packet from the first device;
An authentication data extraction step for extracting authentication data from the received data packet;
And a legitimacy judging step of judging legitimacy of a sender or a receiver of the data packet based on the extracted authentication data.
データパケットに、認証用データを埋め込む認証用データ埋め込みステップと、
前記認証用データが埋め込まれたデータパケットを前記第2の装置へ送信するパケット送信ステップと、を含むことを特徴とする認証方法。 An authentication method in a first device connected to a second device via a network,
An authentication data embedding step for embedding authentication data in the data packet;
A packet transmission step of transmitting the data packet in which the authentication data is embedded to the second device.
前記第1の装置からデータパケットを受信するパケット受信ステップと、
前記受信したデータパケットから、認証用データを抽出する認証用データ抽出ステップと、
前記抽出した認証用データに基づいて、該データパケットの送信者または受信者の正当性を判断する正当性判断ステップと、を含むことを特徴とする認証方法。 An authentication method in a second device connected to the first device via a network,
Receiving a data packet from the first device; and
An authentication data extraction step for extracting authentication data from the received data packet;
And a legitimacy judging step of judging legitimacy of a sender or a receiver of the data packet based on the extracted authentication data.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2010171596A JP2012034169A (en) | 2010-07-30 | 2010-07-30 | Packet authentication system, authentication method, and program |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2010171596A JP2012034169A (en) | 2010-07-30 | 2010-07-30 | Packet authentication system, authentication method, and program |
Publications (2)
Publication Number | Publication Date |
---|---|
JP2012034169A JP2012034169A (en) | 2012-02-16 |
JP2012034169A5 true JP2012034169A5 (en) | 2013-09-12 |
Family
ID=45847053
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
JP2010171596A Pending JP2012034169A (en) | 2010-07-30 | 2010-07-30 | Packet authentication system, authentication method, and program |
Country Status (1)
Country | Link |
---|---|
JP (1) | JP2012034169A (en) |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
DE102017204184A1 (en) * | 2017-03-14 | 2018-09-20 | Fraunhofer-Gesellschaft zur Förderung der angewandten Forschung e.V. | Authenticated confirmation and activation message |
JP6885305B2 (en) * | 2017-11-14 | 2021-06-09 | 株式会社デンソー | Network system |
Family Cites Families (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
GB2348569B (en) * | 1999-03-31 | 2003-11-05 | Ericsson Telefon Ab L M | IP Address allocation for mobile terminals |
US6947400B2 (en) * | 2001-01-31 | 2005-09-20 | Ipr Licensing, Inc. | Achieving PPP mobility via the mobile IP infrastructure |
JP2006086618A (en) * | 2004-09-14 | 2006-03-30 | Furukawa Electric Co Ltd:The | Communication control method, communication control unit, control program, and recording medium |
JP2007135035A (en) * | 2005-11-11 | 2007-05-31 | Nippon Telegr & Teleph Corp <Ntt> | Communication device and packet processing method |
JP5328250B2 (en) * | 2008-07-22 | 2013-10-30 | 株式会社メガチップス | Communication device and electronic device |
JP5214402B2 (en) * | 2008-10-22 | 2013-06-19 | 沖電気工業株式会社 | Packet transfer apparatus, packet transfer method, packet transfer program, and communication apparatus |
-
2010
- 2010-07-30 JP JP2010171596A patent/JP2012034169A/en active Pending
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP2012522458A5 (en) | ||
JP2017518687A5 (en) | ||
WO2011021840A3 (en) | A network entity, a wireless communication unit and methods for access to a remote private ip network and supporting thereof | |
JP2014517560A5 (en) | ||
WO2010123227A3 (en) | Method to facilitate user equipment handoff within a packet data communication system | |
GB2486126B (en) | Caching in mobile networks | |
US20110119534A1 (en) | Method and apparatus for processing packets | |
JP5095631B2 (en) | System for improving the reliability of multi-broadcast data transmission | |
JP2020528696A5 (en) | ||
JP2014530545A5 (en) | ||
JP2015520593A5 (en) | ||
EP2579509A4 (en) | Method, device and system for service configuration | |
EP2040401A3 (en) | Broadcast receiver and method for processing channel information | |
KR20110006611A (en) | Method and system for encoding and decoding length of medium access control protocol data unit | |
CN102148845B (en) | File transfer protocol (FTP) data transmission method and system | |
WO2010043254A8 (en) | Secure access in a communication network | |
JP2013511885A5 (en) | ||
CN102231725B (en) | Method, equipment and system for authenticating dynamic host configuration protocol message | |
WO2011103840A3 (en) | Virtual private cloud connection method and tunnel proxy server | |
WO2009143721A1 (en) | Method, apparatus and system for processing dynamic host configuration protocol message | |
HK1146168A1 (en) | Method of preventing tcp-based denial-of-service attacks on mobile devices | |
GB2466196B8 (en) | Communications system and method | |
KR101180199B1 (en) | Downloadable conditional access system, channel setting method and message structure for 2-way communication between terminal and authentication server in the downloadable conditional access system | |
CN110474922B (en) | Communication method, PC system and access control router | |
WO2008063481A3 (en) | Network audio directory server and method |