BRPI0607515B1 - método para impedir fontes duplicadas em um protocolo de rede - Google Patents
método para impedir fontes duplicadas em um protocolo de rede Download PDFInfo
- Publication number
- BRPI0607515B1 BRPI0607515B1 BRPI0607515A BRPI0607515A BRPI0607515B1 BR PI0607515 B1 BRPI0607515 B1 BR PI0607515B1 BR PI0607515 A BRPI0607515 A BR PI0607515A BR PI0607515 A BRPI0607515 A BR PI0607515A BR PI0607515 B1 BRPI0607515 B1 BR PI0607515B1
- Authority
- BR
- Brazil
- Prior art keywords
- port
- napt
- packet
- src
- dest
- Prior art date
Links
- 238000000034 method Methods 0.000 title claims description 20
- 238000013507 mapping Methods 0.000 claims abstract description 7
- 238000012545 processing Methods 0.000 claims description 32
- 230000005540 biological transmission Effects 0.000 claims description 9
- 230000004044 response Effects 0.000 claims description 2
- 238000005538 encapsulation Methods 0.000 description 11
- 238000013519 translation Methods 0.000 description 10
- 230000014616 translation Effects 0.000 description 10
- 238000004891 communication Methods 0.000 description 8
- 230000008569 process Effects 0.000 description 5
- 230000003068 static effect Effects 0.000 description 4
- 238000011330 nucleic acid test Methods 0.000 description 3
- 230000003287 optical effect Effects 0.000 description 2
- 230000009466 transformation Effects 0.000 description 2
- 238000000844 transformation Methods 0.000 description 2
- GKSPIZSKQWTXQG-UHFFFAOYSA-N (2,5-dioxopyrrolidin-1-yl) 4-[1-(pyridin-2-yldisulfanyl)ethyl]benzoate Chemical compound C=1C=C(C(=O)ON2C(CCC2=O)=O)C=CC=1C(C)SSC1=CC=CC=N1 GKSPIZSKQWTXQG-UHFFFAOYSA-N 0.000 description 1
- 230000004888 barrier function Effects 0.000 description 1
- 230000008901 benefit Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000006243 chemical reaction Methods 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 238000001914 filtration Methods 0.000 description 1
- 239000000463 material Substances 0.000 description 1
- 239000013307 optical fiber Substances 0.000 description 1
- 235000020004 porter Nutrition 0.000 description 1
- 230000002265 prevention Effects 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/09—Mapping addresses
- H04L61/25—Mapping addresses of the same type
- H04L61/2503—Translation of Internet protocol [IP] addresses
- H04L61/2517—Translation of Internet protocol [IP] addresses using port numbers
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
- H04L63/164—Implementing security features at a particular protocol layer at the network layer
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0272—Virtual private networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Small-Scale Networks (AREA)
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US10/907,661 US7656795B2 (en) | 2005-04-11 | 2005-04-11 | Preventing duplicate sources from clients served by a network address port translator |
| PCT/EP2006/061433 WO2006108805A1 (en) | 2005-04-11 | 2006-04-07 | Preventing duplicate sources from clients served by a network address port translator |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| BRPI0607515A2 BRPI0607515A2 (pt) | 2016-10-25 |
| BRPI0607515B1 true BRPI0607515B1 (pt) | 2020-04-22 |
Family
ID=36636455
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| BRPI0607515A BRPI0607515B1 (pt) | 2005-04-11 | 2006-04-07 | método para impedir fontes duplicadas em um protocolo de rede |
Country Status (8)
| Country | Link |
|---|---|
| US (1) | US7656795B2 (enExample) |
| EP (1) | EP1872561B1 (enExample) |
| JP (1) | JP4766574B2 (enExample) |
| CN (1) | CN101156420B (enExample) |
| BR (1) | BRPI0607515B1 (enExample) |
| CA (1) | CA2602778C (enExample) |
| TW (1) | TWI365651B (enExample) |
| WO (1) | WO2006108805A1 (enExample) |
Families Citing this family (24)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20030158959A1 (en) * | 2002-02-15 | 2003-08-21 | Jay Jayapalan | Establishment of communications using point to point protocols such that duplicate negotiations are avoided |
| US8787393B2 (en) * | 2005-04-11 | 2014-07-22 | International Business Machines Corporation | Preventing duplicate sources from clients served by a network address port translator |
| JP4709583B2 (ja) * | 2005-05-31 | 2011-06-22 | 株式会社東芝 | データ送信装置およびデータ送信方法 |
| CN1937531B (zh) * | 2006-08-28 | 2010-05-12 | 华为技术有限公司 | 检测维护组完整性的方法及装置和增加端点的方法及装置 |
| JP2009111437A (ja) * | 2007-10-26 | 2009-05-21 | Hitachi Ltd | ネットワークシステム |
| CN101631113B (zh) * | 2009-08-19 | 2011-04-06 | 西安西电捷通无线网络通信股份有限公司 | 一种有线局域网的安全访问控制方法及其系统 |
| CN101635710B (zh) * | 2009-08-25 | 2011-08-17 | 西安西电捷通无线网络通信股份有限公司 | 一种基于预共享密钥的网络安全访问控制方法及其系统 |
| JP5565476B2 (ja) * | 2011-02-17 | 2014-08-06 | 日本電気株式会社 | ネットワークシステム、及びネットワークフロー追跡方法 |
| CN102984068B (zh) * | 2012-11-23 | 2016-08-03 | 汉柏科技有限公司 | 实现报文穿越网络地址转换设备的方法 |
| US9525627B2 (en) | 2014-05-27 | 2016-12-20 | Google Inc. | Network packet encapsulation and routing |
| CN106210095B (zh) * | 2016-07-18 | 2020-01-24 | 新华三技术有限公司 | 一种端口处理方法和装置 |
| US11095617B2 (en) | 2017-12-04 | 2021-08-17 | Nicira, Inc. | Scaling gateway to gateway traffic using flow hash |
| US11245697B2 (en) * | 2019-11-29 | 2022-02-08 | Juniper Networks, Inc. | Application-based network security |
| US11757837B2 (en) * | 2020-04-23 | 2023-09-12 | International Business Machines Corporation | Sensitive data identification in real time for data streaming |
| US11902264B2 (en) * | 2020-06-22 | 2024-02-13 | Vmware, Inc. | Path selection for data packets encrypted based on an IPSEC protocol |
| CN112242943B (zh) * | 2020-11-26 | 2022-08-16 | 迈普通信技术股份有限公司 | IPSec隧道建立方法及装置、分支设备、中心端设备 |
| CN114760033A (zh) * | 2020-12-26 | 2022-07-15 | 西安西电捷通无线网络通信股份有限公司 | 一种身份鉴别方法和装置 |
| US12113773B2 (en) | 2021-06-07 | 2024-10-08 | VMware LLC | Dynamic path selection of VPN endpoint |
| US12107834B2 (en) | 2021-06-07 | 2024-10-01 | VMware LLC | Multi-uplink path quality aware IPsec |
| TWI793904B (zh) * | 2021-12-08 | 2023-02-21 | 中華電信股份有限公司 | 為本地服務進行訊務轉址的行動邊緣運算裝置和方法 |
| CN114465755B (zh) * | 2021-12-15 | 2024-02-23 | 广西电网有限责任公司电力科学研究院 | 基于IPSec传输异常的检测方法、装置及存储介质 |
| US11863514B2 (en) | 2022-01-14 | 2024-01-02 | Vmware, Inc. | Performance improvement of IPsec traffic using SA-groups and mixed-mode SAs |
| US11956213B2 (en) | 2022-05-18 | 2024-04-09 | VMware LLC | Using firewall policies to map data messages to secure tunnels |
| CN118660057B (zh) * | 2024-06-07 | 2025-06-06 | 通明智云(北京)科技有限公司 | 一种基于负载均衡设备的源端口快速搜索的方法和系统 |
Family Cites Families (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6615357B1 (en) | 1999-01-29 | 2003-09-02 | International Business Machines Corporation | System and method for network address translation integration with IP security |
| US7684317B2 (en) * | 2001-06-14 | 2010-03-23 | Nortel Networks Limited | Protecting a network from unauthorized access |
| US7747758B2 (en) * | 2001-10-29 | 2010-06-29 | International Business Machines Corporation | Dynamic port assignment |
| US20030154306A1 (en) * | 2002-02-11 | 2003-08-14 | Perry Stephen Hastings | System and method to proxy inbound connections to privately addressed hosts |
| US7143137B2 (en) * | 2002-06-13 | 2006-11-28 | Nvidia Corporation | Method and apparatus for security protocol and address translation integration |
| KR100479261B1 (ko) | 2002-10-12 | 2005-03-31 | 한국전자통신연구원 | 네트워크 주소 변환 상에서의 데이터 전송 방법 및 장치 |
| US7346770B2 (en) | 2002-10-31 | 2008-03-18 | Microsoft Corporation | Method and apparatus for traversing a translation device with a security protocol |
| US7386881B2 (en) * | 2003-01-21 | 2008-06-10 | Swander Brian D | Method for mapping security associations to clients operating behind a network address translation device |
| CN100505634C (zh) * | 2003-06-23 | 2009-06-24 | 腾讯科技(深圳)有限公司 | 数字信息穿透nat/fw的方法和系统 |
| US20050166206A1 (en) * | 2004-01-26 | 2005-07-28 | Parson Dale E. | Resource management in a processor-based system using hardware queues |
| JP4489008B2 (ja) * | 2005-11-16 | 2010-06-23 | 株式会社東芝 | 通信装置、通信方法および通信プログラム |
-
2005
- 2005-04-11 US US10/907,661 patent/US7656795B2/en not_active Expired - Fee Related
-
2006
- 2006-04-07 WO PCT/EP2006/061433 patent/WO2006108805A1/en not_active Ceased
- 2006-04-07 CA CA2602778A patent/CA2602778C/en active Active
- 2006-04-07 JP JP2008505871A patent/JP4766574B2/ja not_active Expired - Fee Related
- 2006-04-07 EP EP06743263A patent/EP1872561B1/en active Active
- 2006-04-07 CN CN200680011629XA patent/CN101156420B/zh not_active Expired - Fee Related
- 2006-04-07 BR BRPI0607515A patent/BRPI0607515B1/pt active IP Right Grant
- 2006-04-07 TW TW095112554A patent/TWI365651B/zh not_active IP Right Cessation
Also Published As
| Publication number | Publication date |
|---|---|
| CN101156420B (zh) | 2011-07-20 |
| BRPI0607515A2 (pt) | 2016-10-25 |
| TW200708009A (en) | 2007-02-16 |
| EP1872561A1 (en) | 2008-01-02 |
| US7656795B2 (en) | 2010-02-02 |
| US20060227807A1 (en) | 2006-10-12 |
| WO2006108805A1 (en) | 2006-10-19 |
| EP1872561B1 (en) | 2012-11-07 |
| CN101156420A (zh) | 2008-04-02 |
| JP4766574B2 (ja) | 2011-09-07 |
| CA2602778A1 (en) | 2006-10-19 |
| JP2009532919A (ja) | 2009-09-10 |
| CA2602778C (en) | 2014-04-01 |
| TWI365651B (en) | 2012-06-01 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| BRPI0607515B1 (pt) | método para impedir fontes duplicadas em um protocolo de rede | |
| US9253146B2 (en) | Preventing duplicate sources from clients served by a network address port translator | |
| US20150304427A1 (en) | Efficient internet protocol security and network address translation | |
| Srisuresh et al. | IP network address translator (NAT) terminology and considerations | |
| JP3793083B2 (ja) | トンネリングおよび補償を使用するネットワーク・アドレス翻訳によりセキュリティを与えるための方法および装置 | |
| US6832322B1 (en) | System and method for network address translation integration with IP security | |
| US7386881B2 (en) | Method for mapping security associations to clients operating behind a network address translation device | |
| Srisuresh et al. | RFC2663: IP Network Address Translator (NAT) Terminology and Considerations | |
| KR100479261B1 (ko) | 네트워크 주소 변환 상에서의 데이터 전송 방법 및 장치 | |
| Tüxen et al. | UDP encapsulation of Stream Control Transmission Protocol (SCTP) packets for end-host to end-host communication | |
| Ahmad et al. | IPSec over heterogeneous IPv4 and IPv6 networks: issues and implementation | |
| US8019889B1 (en) | Method and apparatus for making end-host network address translation (NAT) global address and port ranges aware | |
| CN111903105A (zh) | 多路复用安全隧道 | |
| JP4769877B2 (ja) | Ipsecセキュリティ・アソシエーションを折衝するときのネットワーク・トポロジの検出 | |
| Penno et al. | RFC 7857: Updates to Network Address Translation (NAT) Behavioral Requirements | |
| Ollikainen | NAT traversal for IPsec | |
| Demerjian et al. | Network Security using E-DHCP over NAT/IPSEC. |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| B06G | Technical and formal requirements: other requirements [chapter 6.7 patent gazette] |
Free format text: APRESENTE O DEPOSITANTE DESENHO DO PEDIDO ADAPTADO AO AN NO127/98, JA QUE CONSTA NA PUBLICACAO WO 2006/108805 A1 DE 19/102006. |
|
| B06G | Technical and formal requirements: other requirements [chapter 6.7 patent gazette] |
Free format text: APRESENTE O DEPOSITANTE DESENHO DO PEDIDO ADAPTADO AO AN NO127/98, JA QUE CONSTA NA PUBLICACAO WO 2006/108805 A1 DE 19/102006. |
|
| B06H | Technical and formal requirements: requirement cancelled [chapter 6.8 patent gazette] |
Free format text: O DESPACHO 6.7 DA RPI 2023 DE 13/10/2009 ESTA SENDO ANULADO TENDO POR BASE A DETERMINACAO DO DIRETOR DE PATENTES, A QUAL E CALCADA NO PARECER NO 0003-2014 AGU/PGF/PFE/INPI/COOPHI-LBC-1.0. |
|
| B11A | Dismissal acc. art.33 of ipl - examination not requested within 36 months of filing | ||
| B04C | Request for examination: application reinstated [chapter 4.3 patent gazette] | ||
| B06T | Formal requirements before examination [chapter 6.20 patent gazette] | ||
| B06F | Objections, documents and/or translations needed after an examination request according [chapter 6.6 patent gazette] | ||
| B06J | Correction of requirement [chapter 6.10 patent gazette] |
Free format text: REPUBLICADO O DESPACHO 6.8 DA RPI 2389 DE 18/10/2016 POR TER TIDO SUA MOTIVACAO EQUIVOCADA. A ANULACAO DO DESPACHO 6.7 SE DEU POR ELE TER SIDO INDEVIDO, TENDO EM VISTA OS PARAMETROS FORMAIS DO EXAME DE ADMISSIBILIDADE DO PEDIDO. |
|
| B07A | Application suspended after technical examination (opinion) [chapter 7.1 patent gazette] | ||
| B09A | Decision: intention to grant [chapter 9.1 patent gazette] | ||
| B16A | Patent or certificate of addition of invention granted [chapter 16.1 patent gazette] |
Free format text: PRAZO DE VALIDADE: 10 (DEZ) ANOS CONTADOS A PARTIR DE 22/04/2020, OBSERVADAS AS CONDICOES LEGAIS. |