CN101843075B - 通过代理连接的主机之间的安全邻居发现 - Google Patents

通过代理连接的主机之间的安全邻居发现 Download PDF

Info

Publication number
CN101843075B
CN101843075B CN200880114865.3A CN200880114865A CN101843075B CN 101843075 B CN101843075 B CN 101843075B CN 200880114865 A CN200880114865 A CN 200880114865A CN 101843075 B CN101843075 B CN 101843075B
Authority
CN
China
Prior art keywords
main frame
host
message
signature
address
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN200880114865.3A
Other languages
English (en)
Chinese (zh)
Other versions
CN101843075A (zh
Inventor
S·克里什南
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Telefonaktiebolaget LM Ericsson AB
Original Assignee
Telefonaktiebolaget LM Ericsson AB
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Telefonaktiebolaget LM Ericsson AB filed Critical Telefonaktiebolaget LM Ericsson AB
Publication of CN101843075A publication Critical patent/CN101843075A/zh
Application granted granted Critical
Publication of CN101843075B publication Critical patent/CN101843075B/zh
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0281Proxies
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/126Applying verification of the received information the source of the received data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity
    • H04W12/106Packet or message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/162Implementing security features at a particular protocol layer at the data link layer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/26Network addressing or numbering for mobility support
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W80/00Wireless network protocols or protocol adaptations to wireless operation
    • H04W80/04Network layer protocols, e.g. mobile IP [Internet Protocol]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W88/00Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
    • H04W88/18Service support devices; Network management devices
    • H04W88/182Network node acting on behalf of an other network entity, e.g. proxy

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer And Data Communications (AREA)
  • Small-Scale Networks (AREA)
CN200880114865.3A 2007-11-01 2008-10-08 通过代理连接的主机之间的安全邻居发现 Expired - Fee Related CN101843075B (zh)

Applications Claiming Priority (5)

Application Number Priority Date Filing Date Title
US98452707P 2007-11-01 2007-11-01
US60/984527 2007-11-01
US12/036757 2008-02-25
US12/036,757 US7779136B2 (en) 2007-11-01 2008-02-25 Secure neighbor discovery between hosts connected through a proxy
PCT/IB2008/054132 WO2009057004A1 (en) 2007-11-01 2008-10-08 Secure neighbor discovery between hosts connected through a proxy

Publications (2)

Publication Number Publication Date
CN101843075A CN101843075A (zh) 2010-09-22
CN101843075B true CN101843075B (zh) 2014-11-26

Family

ID=40589303

Family Applications (1)

Application Number Title Priority Date Filing Date
CN200880114865.3A Expired - Fee Related CN101843075B (zh) 2007-11-01 2008-10-08 通过代理连接的主机之间的安全邻居发现

Country Status (5)

Country Link
US (1) US7779136B2 (https=)
EP (1) EP2220843B1 (https=)
JP (1) JP5255065B2 (https=)
CN (1) CN101843075B (https=)
WO (1) WO2009057004A1 (https=)

Families Citing this family (39)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101508794B1 (ko) * 2008-07-09 2015-04-06 삼성전자주식회사 Ndef 메시지에서 선택적으로 레코드들을 보안하기 위한 방법
CN101404579B (zh) * 2008-10-31 2011-02-09 成都市华为赛门铁克科技有限公司 一种防止网络攻击的方法及装置
EP2400838B1 (en) 2009-02-26 2016-05-11 Teikoku Pharma USA, Inc. Narcotic emulsion formulations for treatment of cancer pain
US8357233B2 (en) 2009-03-20 2013-01-22 Sik Leung Chan Collector modules for devices for removing particles from a gas
JP5382789B2 (ja) * 2009-07-13 2014-01-08 Necアクセステクニカ株式会社 パケット転送方法およびパケット転送システム
JP5631395B2 (ja) * 2009-07-13 2014-11-26 シーメンス アクチエンゲゼルシヤフトSiemens Aktiengesellschaft 対応付け更新メッセージ及びメッシュネットワークにおける対応付け更新のための方法
US9066195B2 (en) * 2011-09-28 2015-06-23 Alcatel Lucent Method and apparatus for neighbor discovery
US9107193B2 (en) * 2012-01-13 2015-08-11 Siemens Aktiengesellschaft Association update message and method for updating associations in a mesh network
US9681261B2 (en) * 2012-11-01 2017-06-13 Lg Electronics Inc. Method and apparatus of providing integrity protection for proximity-based service discovery with extended discovery range
US20140181984A1 (en) 2012-12-21 2014-06-26 International Business Machines Corporation Method and apparatus for authentication of solution topology
KR101538762B1 (ko) 2013-06-12 2015-07-24 서정환 캡슐화 프로토콜을 이용하여 클라이언트의 ip 주소를 서버로 전송하는 중계 시스템 및 방법
US9544376B1 (en) * 2013-07-11 2017-01-10 Marvell International Ltd Method and apparatus for securely discovering services in a wireless network
EP2830274A1 (en) * 2013-07-23 2015-01-28 Knightsbridge Portable Communications SP Method for electronic transmission of a message and proxy device therefore
US9438555B2 (en) * 2013-10-31 2016-09-06 Aruba Networks, Inc. Communicating with a distribution system via an uplink access point
KR102083467B1 (ko) * 2014-04-03 2020-03-02 에스케이텔레콤 주식회사 피투피 통신 시스템, 그의 피투피 통신 제어를 위한 피어 리스트 관리 방법 및 장치
US9237129B2 (en) 2014-05-13 2016-01-12 Dell Software Inc. Method to enable deep packet inspection (DPI) in openflow-based software defined network (SDN)
US9716716B2 (en) 2014-09-17 2017-07-25 Microsoft Technology Licensing, Llc Establishing trust between two devices
US9641400B2 (en) 2014-11-21 2017-05-02 Afero, Inc. Internet of things device for registering user selections
US20160180100A1 (en) 2014-12-18 2016-06-23 Joe Britt System and method for securely connecting network devices using optical labels
US9832173B2 (en) * 2014-12-18 2017-11-28 Afero, Inc. System and method for securely connecting network devices
US10291595B2 (en) 2014-12-18 2019-05-14 Afero, Inc. System and method for securely connecting network devices
US9537872B2 (en) 2014-12-31 2017-01-03 Dell Software Inc. Secure neighbor discovery (SEND) using pre-shared key
US9998425B2 (en) 2015-01-27 2018-06-12 Sonicwall Inc. Dynamic bypass of TLS connections matching exclusion list in DPI-SSL in a NAT deployment
US10045150B2 (en) 2015-03-30 2018-08-07 Afero, Inc. System and method for accurately sensing user location in an IoT system
US9704318B2 (en) 2015-03-30 2017-07-11 Afero, Inc. System and method for accurately sensing user location in an IoT system
US9717012B2 (en) 2015-06-01 2017-07-25 Afero, Inc. Internet of things (IOT) automotive device, system, and method
US9699814B2 (en) 2015-07-03 2017-07-04 Afero, Inc. Apparatus and method for establishing secure communication channels in an internet of things (IoT) system
US9729528B2 (en) 2015-07-03 2017-08-08 Afero, Inc. Apparatus and method for establishing secure communication channels in an internet of things (IOT) system
US10015766B2 (en) 2015-07-14 2018-07-03 Afero, Inc. Apparatus and method for securely tracking event attendees using IOT devices
US11526877B2 (en) * 2015-10-22 2022-12-13 Coinbase, Inc. Electronic devices having embedded circuitry for accessing remote digital services
US9793937B2 (en) 2015-10-30 2017-10-17 Afero, Inc. Apparatus and method for filtering wireless signals
US10178530B2 (en) 2015-12-14 2019-01-08 Afero, Inc. System and method for performing asset and crowd tracking in an IoT system
US10027576B2 (en) * 2016-05-23 2018-07-17 Juniper Networks, Inc. Method, system, and apparatus for proxying intra-subnet traffic across multiple interfaces within networks
US10313108B2 (en) 2016-06-29 2019-06-04 Intel Corporation Energy-efficient bitcoin mining hardware accelerators
US10142098B2 (en) * 2016-06-29 2018-11-27 Intel Corporation Optimized SHA-256 datapath for energy-efficient high-performance Bitcoin mining
US10491402B2 (en) * 2016-07-29 2019-11-26 Magic Leap, Inc. Secure exchange of cryptographically signed records
AU2019224247B2 (en) * 2018-02-21 2021-10-21 Ntt Docomo, Inc. Radio communication system, security proxy device, and relay device
US11283754B2 (en) * 2018-09-19 2022-03-22 Cisco Technology, Inc. Unique identities of endpoints across layer 3 networks
US11722577B2 (en) * 2021-09-07 2023-08-08 Webshare Software Company Proxying TCP fingerprints

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070113075A1 (en) * 2005-11-10 2007-05-17 Ntt Docomo, Inc. Secure route optimization for mobile network using multi-key crytographically generated addresses
CN101006707A (zh) * 2004-08-19 2007-07-25 西门子公司 通过接入网络在客户网络与ip供应商网络之间交换ip分组的方法
CN101022418A (zh) * 2007-03-14 2007-08-22 华为技术有限公司 Hmip认证方法、设备及系统

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040240669A1 (en) * 2002-02-19 2004-12-02 James Kempf Securing neighbor discovery using address based keys
US6930988B2 (en) * 2002-10-28 2005-08-16 Nokia Corporation Method and system for fast IP connectivity in a mobile network
US7463605B2 (en) * 2002-12-06 2008-12-09 Alcatel Lucent Apparatus, and associated method, for facilitating local mobility management in a heterogeneous radio communication network
US7925027B2 (en) * 2005-05-02 2011-04-12 Ntt Docomo, Inc. Secure address proxying using multi-key cryptographically generated addresses
US8098823B2 (en) * 2005-05-03 2012-01-17 Ntt Docomo, Inc. Multi-key cryptographically generated address
EP1739893A1 (en) * 2005-06-30 2007-01-03 Matsushita Electric Industrial Co., Ltd. Optimized reverse tunnelling for packet switched mobile communication systems
US8098642B2 (en) * 2006-07-04 2012-01-17 Panasonic Corporation Communication system and mobile home agent
US8219800B2 (en) * 2007-06-06 2012-07-10 Cisco Technology, Inc. Secure neighbor discovery router for defending host nodes from rogue routers

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101006707A (zh) * 2004-08-19 2007-07-25 西门子公司 通过接入网络在客户网络与ip供应商网络之间交换ip分组的方法
US20070113075A1 (en) * 2005-11-10 2007-05-17 Ntt Docomo, Inc. Secure route optimization for mobile network using multi-key crytographically generated addresses
CN101022418A (zh) * 2007-03-14 2007-08-22 华为技术有限公司 Hmip认证方法、设备及系统

Also Published As

Publication number Publication date
WO2009057004A1 (en) 2009-05-07
JP5255065B2 (ja) 2013-08-07
US20090119407A1 (en) 2009-05-07
US7779136B2 (en) 2010-08-17
EP2220843A1 (en) 2010-08-25
EP2220843B1 (en) 2018-02-28
CN101843075A (zh) 2010-09-22
JP2011509539A (ja) 2011-03-24

Similar Documents

Publication Publication Date Title
CN101843075B (zh) 通过代理连接的主机之间的安全邻居发现
JP5144685B2 (ja) 移動ネットワークにおけるシグナリング委任
CN111585890B (zh) 基于SRv6的网络路径验证方法及系统
EP2127249B1 (en) Route optimization between a mobile router and a correspondent node using reverse routability network prefix option
US8098823B2 (en) Multi-key cryptographically generated address
US7370197B2 (en) Method and system for authenticating messages
US8266427B2 (en) Secure mobile IPv6 registration
CN1969526B (zh) 使用ha-mn密钥来保护本地代理与移动节点的通信
US8656158B2 (en) System and method for access network multi-homing
US20070113075A1 (en) Secure route optimization for mobile network using multi-key crytographically generated addresses
US20110004766A1 (en) Ip address delegation
CN101965722A (zh) 安全性关联的重新建立
EP1880525A1 (en) Host identity protocol method and apparatus
CN114389835B (zh) 一种IPv6选项显式源地址加密安全验证网关及验证方法
CN101176328B (zh) 用于保护前缀范围绑定更新的安全的系统、关联方法和设备
WO2004045133A1 (en) Key distribution across networks
Bagnulo et al. Efficient security for IPv6 multihoming
US8364949B1 (en) Authentication for TCP-based routing and management protocols
CN101567886A (zh) 表项安全管理方法及设备
WO2010003326A1 (zh) 保护代理邻居发现的方法、系统和相关装置
Jokela et al. Host identity protocol
Kukec Authentication mechanisms in Next-generation Internet Layer mobile and distributed environments
Roe et al. Status of this Memo
Kanwer Asymmetric Prevention based Techniques in Ad-hoc Networks
García Martínez et al. Efficient security for IPv6 multihoming

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20141126

Termination date: 20211008