CA3077203A1 - Procedes de securite de communication internet - Google Patents

Procedes de securite de communication internet Download PDF

Info

Publication number
CA3077203A1
CA3077203A1 CA3077203A CA3077203A CA3077203A1 CA 3077203 A1 CA3077203 A1 CA 3077203A1 CA 3077203 A CA3077203 A CA 3077203A CA 3077203 A CA3077203 A CA 3077203A CA 3077203 A1 CA3077203 A1 CA 3077203A1
Authority
CA
Canada
Prior art keywords
certain embodiments
network
management operations
identification code
product
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CA3077203A
Other languages
English (en)
Inventor
Mike Clark
Andrew Gordon
Matt Clark
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
StealthPath Inc
Original Assignee
StealthPath Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US15/949,749 external-priority patent/US10367811B2/en
Application filed by StealthPath Inc filed Critical StealthPath Inc
Publication of CA3077203A1 publication Critical patent/CA3077203A1/fr
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4604LAN interconnection over a backbone network, e.g. Internet, Frame Relay
    • H04L12/462LAN interconnection over a bridge based backbone
    • H04L12/4625Single bridge functionality, e.g. connection of two networks over a single bridge
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/54Store-and-forward switching systems 
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0245Filtering by information in the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3239Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/06Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Development Economics (AREA)
  • Marketing (AREA)
  • General Health & Medical Sciences (AREA)
  • Accounting & Taxation (AREA)
  • Health & Medical Sciences (AREA)
  • Economics (AREA)
  • Finance (AREA)
  • Medical Informatics (AREA)
  • Strategic Management (AREA)
  • Technology Law (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Computer And Data Communications (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

La présente invention concerne un logiciel de sécurité de réseau configuré en coopération sur plusieurs nuds pour authentifier et autoriser des dispositifs, des applications, des utilisateurs et un protocole de données dans des communications de réseau par échange de codes d'identification non publics, des identifiants d'application, et des identifiants de type de données par l'intermédiaire de chemins de communication préétablis et comparaison des valeurs préétablies afin de fournir une communication autorisée et empêcher des nuds compromis de propager des logiciels malveillants vers d'autres nuds.
CA3077203A 2017-10-06 2018-10-05 Procedes de securite de communication internet Pending CA3077203A1 (fr)

Applications Claiming Priority (13)

Application Number Priority Date Filing Date Title
US201762569300P 2017-10-06 2017-10-06
US62/569,300 2017-10-06
US201762609252P 2017-12-21 2017-12-21
US201762609152P 2017-12-21 2017-12-21
US62/609,252 2017-12-21
US62/609,152 2017-12-21
US201862655633P 2018-04-10 2018-04-10
US62/655,633 2018-04-10
US15/949,749 2018-04-10
US15/949,749 US10367811B2 (en) 2017-10-06 2018-04-10 Methods for internet communication security
US201862731529P 2018-09-14 2018-09-14
US62/731,529 2018-09-14
PCT/US2018/054609 WO2019071126A1 (fr) 2017-10-06 2018-10-05 Procédés de sécurité de communication internet

Publications (1)

Publication Number Publication Date
CA3077203A1 true CA3077203A1 (fr) 2019-04-11

Family

ID=65994852

Family Applications (1)

Application Number Title Priority Date Filing Date
CA3077203A Pending CA3077203A1 (fr) 2017-10-06 2018-10-05 Procedes de securite de communication internet

Country Status (6)

Country Link
EP (1) EP3692687A4 (fr)
AU (1) AU2018346691A1 (fr)
CA (1) CA3077203A1 (fr)
IL (1) IL273632A (fr)
SG (1) SG11202002863SA (fr)
WO (5) WO2019071134A1 (fr)

Families Citing this family (23)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2020106882A1 (fr) * 2018-11-20 2020-05-28 Ownum, LLC Gestion d'actifs numériques
US11240022B1 (en) * 2019-04-11 2022-02-01 Wells Fargo Bank, N.A. Passive encryption rotation keys
CN110147410B (zh) * 2019-04-18 2020-08-04 阿里巴巴集团控股有限公司 一种块链式账本中的数据验证方法、系统、装置及设备
CN110300109B (zh) * 2019-06-28 2022-08-09 合肥高维数据技术有限公司 一种服务端对客户端的管理方法
WO2021025989A1 (fr) * 2019-08-02 2021-02-11 Mastercard International Incorporated Système et procédé pour prendre en charge la capacité d'acceptation de paiement pour des commerçants
CN110674106B (zh) * 2019-08-30 2022-03-15 中国人民财产保险股份有限公司 保单数据的存储方法、装置、设备及计算机可读存储介质
CN111047300B (zh) * 2019-12-19 2023-04-18 深圳天玑数据有限公司 基于区块链的在线审批方法、终端及可读存储介质
US11200040B2 (en) * 2020-01-08 2021-12-14 The Boeing Company Distributed ledger for software distribution in a wireless ad hoc network for ad-hoc data processing on a source node
CN111314474B (zh) * 2020-02-21 2021-02-26 北京紫光展锐通信技术有限公司 会话创建方法及相关设备
CN111815322B (zh) * 2020-06-08 2023-11-07 北京邮电大学 一种基于以太坊的具备可选隐私服务的分布式支付方法
CN112039792B (zh) * 2020-06-30 2024-05-28 浙江远望信息股份有限公司 一种避免拥塞的网络扫描调度方法
CN111988328A (zh) * 2020-08-26 2020-11-24 中国电力科学研究院有限公司 一种新能源厂站发电单元采集终端数据安全保障方法及系统
CN113285999A (zh) * 2021-05-18 2021-08-20 中云汇(成都)物联科技有限公司 边缘计算系统及控制方法
CN113672933B (zh) * 2021-08-06 2023-06-20 中国科学院软件研究所 一种鸿蒙安全漏洞检测方法和系统
CN113761539B (zh) * 2021-08-06 2023-10-17 中国科学院软件研究所 一种鸿蒙安全漏洞防御方法和系统
CN115708339B (zh) * 2021-08-20 2024-03-12 清华大学 数据处理方法、装置和存储介质
WO2023102117A1 (fr) * 2021-12-01 2023-06-08 Threatoptix Inc. Systèmes et procédés de sécurité pour ordinateur utilisant des modèles d'apprentissage automatique
CN114285890B (zh) * 2021-12-10 2024-03-15 西安广和通无线通信有限公司 云平台连接方法、装置、设备及存储介质
CN114915506B (zh) * 2022-07-18 2022-10-11 深圳益实科技有限公司 一种基于云存储的智能拉手传媒控制方法和系统
CN115412472B (zh) * 2022-08-30 2024-04-30 中国联合网络通信集团有限公司 网络故障的排查方法、装置及设备
CN116483328B (zh) * 2023-06-19 2023-09-12 广州信位通讯科技有限公司 在ThreadX嵌入式软件平台上运行鸿蒙APP的系统及方法
CN116502186B (zh) * 2023-06-26 2023-09-15 明阳时创(北京)科技有限公司 一种系统应用tpm许可生成方法、系统、介质及设备
CN117499161B (zh) * 2023-12-29 2024-04-12 北京华云安信息技术有限公司 网络安全测试方法、装置、电子设备和存储介质

Family Cites Families (22)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6823453B1 (en) * 2000-10-06 2004-11-23 Hewlett-Packard Development Company, L.P. Apparatus and method for implementing spoofing-and replay-attack-resistant virtual zones on storage area networks
US7006632B2 (en) * 2001-05-18 2006-02-28 Payformance Corporation Check authorization system and method
US7945511B2 (en) * 2004-02-26 2011-05-17 Payment Pathways, Inc. Methods and systems for identity authentication
US7792267B2 (en) * 2004-05-25 2010-09-07 International Business Machines Corporation Automatic call completion in a directory assistance system
US7490204B2 (en) * 2005-04-07 2009-02-10 International Business Machines Corporation Using constraints to simplify a memory controller
US20070198837A1 (en) * 2005-04-29 2007-08-23 Nokia Corporation Establishment of a secure communication
US20070186115A1 (en) * 2005-10-20 2007-08-09 Beijing Watch Data System Co., Ltd. Dynamic Password Authentication System and Method thereof
US20070174429A1 (en) * 2006-01-24 2007-07-26 Citrix Systems, Inc. Methods and servers for establishing a connection between a client system and a virtual machine hosting a requested computing environment
US8291495B1 (en) * 2007-08-08 2012-10-16 Juniper Networks, Inc. Identifying applications for intrusion detection systems
US8209701B1 (en) * 2007-09-27 2012-06-26 Emc Corporation Task management using multiple processing threads
CA2661398C (fr) * 2008-04-05 2016-05-17 Third Brigade Inc. Systeme et methode de coordination intelligente de prevention d'intrusion au niveau de l'hote dans un environnement virtuel
CA2694500C (fr) * 2010-02-24 2015-07-07 Diversinet Corp. Procede et systeme de communication securisee
TWI427972B (zh) * 2010-10-26 2014-02-21 Accton Technology Corp 建立路徑資訊之網路裝置及其方法
US8943561B2 (en) * 2011-08-17 2015-01-27 Textpower, Inc. Text message authentication system
US9008085B2 (en) * 2012-08-15 2015-04-14 International Business Machines Corporation Network interface card having overlay gateway functionality
US9866382B2 (en) * 2012-12-21 2018-01-09 Mobile Iron, Inc. Secure app-to-app communication
US9215228B1 (en) * 2014-06-17 2015-12-15 Cisco Technology, Inc. Authentication of devices having unequal capabilities
US20160164884A1 (en) * 2014-12-05 2016-06-09 Skuchain, Inc. Cryptographic verification of provenance in a supply chain
US20170076106A1 (en) * 2015-09-16 2017-03-16 Qualcomm Incorporated Apparatus and method to securely control a remote operation
EP3148157B1 (fr) * 2015-09-22 2017-12-06 Comptel OYJ Procédé et système d'identification d'une demande d'accès d'une application sur un dispositif mobile dans un réseau de télécommunication
US9998371B2 (en) * 2015-12-16 2018-06-12 Nicira, Inc. Packet communication between container data compute nodes and a managed forwarding element
US10075416B2 (en) * 2015-12-30 2018-09-11 Juniper Networks, Inc. Network session data sharing

Also Published As

Publication number Publication date
SG11202002863SA (en) 2020-04-29
WO2019071126A1 (fr) 2019-04-11
EP3692687A4 (fr) 2021-05-05
AU2018346691A1 (en) 2020-04-16
WO2019071120A3 (fr) 2020-03-19
IL273632A (en) 2020-05-31
EP3692687A1 (fr) 2020-08-12
WO2019071120A2 (fr) 2019-04-11
WO2019071113A1 (fr) 2019-04-11
WO2019071131A1 (fr) 2019-04-11
WO2019071134A1 (fr) 2019-04-11

Similar Documents

Publication Publication Date Title
CA3077203A1 (fr) Procedes de securite de communication internet
US11190494B2 (en) Application whitelist using a controlled node flow
US11381557B2 (en) Secure data transmission using a controlled node flow
US11729143B2 (en) Methods for internet communication security
US10630642B2 (en) Methods for internet communication security
US10367811B2 (en) Methods for internet communication security
US11245529B2 (en) Methods for internet communication security
US10397186B2 (en) Methods for internet communication security
EP3162017B1 (fr) Sécurité dans un réseau défini par logiciel
EP1917780B8 (fr) Systeme et procede pour traiter des transmissions securisees
O'Neill et al. {TrustBase}: An architecture to repair and strengthen certificate-based authentication
US20230006988A1 (en) Method for selectively executing a container, and network arrangement
Tippenhauer et al. Vbump: Securing ethernet-based industrial control system networks with vlan-based traffic aggregation
US11640468B2 (en) Method for operating an industrial PC device and industrial PC device
Rengers DDS in a Zero Trust Cloud Native Environment in the Naval Domain
WO2024165547A1 (fr) Systèmes et procédé de sécurisation de dispositif réseau
Scott et al. TrustBase: An Architecture to Repair and Strengthen Certificate-based Authentication

Legal Events

Date Code Title Description
EEER Examination request

Effective date: 20231005