JP4819328B2 - セキュリティプロトコルの自動ネゴシエーションのためのシステムおよび方法 - Google Patents

セキュリティプロトコルの自動ネゴシエーションのためのシステムおよび方法 Download PDF

Info

Publication number
JP4819328B2
JP4819328B2 JP2004187041A JP2004187041A JP4819328B2 JP 4819328 B2 JP4819328 B2 JP 4819328B2 JP 2004187041 A JP2004187041 A JP 2004187041A JP 2004187041 A JP2004187041 A JP 2004187041A JP 4819328 B2 JP4819328 B2 JP 4819328B2
Authority
JP
Japan
Prior art keywords
node
protocol
internal
external
security
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
JP2004187041A
Other languages
English (en)
Japanese (ja)
Other versions
JP2005025739A (ja
JP2005025739A5 (https=
Inventor
バザン ベジャラノ ダリオ
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Microsoft Corp
Original Assignee
Microsoft Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Microsoft Corp filed Critical Microsoft Corp
Publication of JP2005025739A publication Critical patent/JP2005025739A/ja
Publication of JP2005025739A5 publication Critical patent/JP2005025739A5/ja
Application granted granted Critical
Publication of JP4819328B2 publication Critical patent/JP4819328B2/ja
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0869Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • H04L63/205Network architectures or network communication protocols for network security for managing network security; network security policies in general involving negotiation or determination of the one or more network security mechanisms to be used, e.g. by negotiation between the client and the server or between peers or by selection according to the capabilities of the entities involved
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer And Data Communications (AREA)
  • Multi Processors (AREA)
  • Small-Scale Networks (AREA)
JP2004187041A 2003-06-30 2004-06-24 セキュリティプロトコルの自動ネゴシエーションのためのシステムおよび方法 Expired - Fee Related JP4819328B2 (ja)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US10/608,334 US7526640B2 (en) 2003-06-30 2003-06-30 System and method for automatic negotiation of a security protocol
US10/608,334 2003-06-30

Publications (3)

Publication Number Publication Date
JP2005025739A JP2005025739A (ja) 2005-01-27
JP2005025739A5 JP2005025739A5 (https=) 2007-08-09
JP4819328B2 true JP4819328B2 (ja) 2011-11-24

Family

ID=33490832

Family Applications (1)

Application Number Title Priority Date Filing Date
JP2004187041A Expired - Fee Related JP4819328B2 (ja) 2003-06-30 2004-06-24 セキュリティプロトコルの自動ネゴシエーションのためのシステムおよび方法

Country Status (5)

Country Link
US (1) US7526640B2 (https=)
EP (1) EP1501256B1 (https=)
JP (1) JP4819328B2 (https=)
KR (1) KR101086576B1 (https=)
CN (1) CN1578215B (https=)

Families Citing this family (53)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8244875B2 (en) * 2002-12-13 2012-08-14 ANXeBusiness Corporation Secure network computing
US8332464B2 (en) * 2002-12-13 2012-12-11 Anxebusiness Corp. System and method for remote network access
IN2014DN00130A (https=) * 2003-08-08 2015-05-22 Ogawa Keiko
CN100389584C (zh) * 2004-12-31 2008-05-21 北京邮电大学 一种用于应用服务器的安全能力的协商方法
US8332526B2 (en) 2005-05-25 2012-12-11 Microsoft Corporation Data communication protocol including negotiation and command compounding
US8220042B2 (en) * 2005-09-12 2012-07-10 Microsoft Corporation Creating secure interactive connections with remote resources
CN1980125B (zh) * 2005-12-07 2010-08-11 华为技术有限公司 一种身份认证方法
JP5123209B2 (ja) * 2006-01-24 2013-01-23 ▲ホア▼▲ウェイ▼技術有限公司 モバイルネットワークに基づくエンドツーエンド通信での認証の方法、システム、および認証センタ
JP2007207067A (ja) * 2006-02-03 2007-08-16 Nippon Telegr & Teleph Corp <Ntt> サーバクライアントシステムおよび該システムにおけるアクセス制御方法、ならびにそのためのプログラム
US8990153B2 (en) * 2006-02-07 2015-03-24 Dot Hill Systems Corporation Pull data replication model
US9419955B2 (en) * 2006-03-28 2016-08-16 Inventergy Inc. System and method for carrying trusted network provided access network information in session initiation protocol
US7783850B2 (en) * 2006-03-28 2010-08-24 Dot Hill Systems Corporation Method and apparatus for master volume access during volume copy
US20070255958A1 (en) * 2006-05-01 2007-11-01 Microsoft Corporation Claim transformations for trust relationships
DE102006038592B4 (de) * 2006-08-17 2008-07-03 Siemens Ag Verfahren und Anordnung zum Bereitstellen eines drahtlosen Mesh-Netzwerks
US8369212B2 (en) * 2006-08-29 2013-02-05 Hewlett-Packard Development Company, L.P. Network path validation based on user-specified criteria
US20080095178A1 (en) * 2006-10-12 2008-04-24 Raydon Corporation Metaprotocol for Network Communications
GB0623101D0 (en) * 2006-11-20 2006-12-27 British Telecomm Secure network architecture
US8751467B2 (en) * 2007-01-18 2014-06-10 Dot Hill Systems Corporation Method and apparatus for quickly accessing backing store metadata
US7831565B2 (en) * 2007-01-18 2010-11-09 Dot Hill Systems Corporation Deletion of rollback snapshot partition
US7827405B2 (en) * 2007-01-19 2010-11-02 Microsoft Corporation Mechanism for utilizing kerberos features by an NTLM compliant entity
US7975115B2 (en) * 2007-04-11 2011-07-05 Dot Hill Systems Corporation Method and apparatus for separating snapshot preserved and write data
US7716183B2 (en) * 2007-04-11 2010-05-11 Dot Hill Systems Corporation Snapshot preserved data cloning
EP1990969A1 (en) * 2007-05-09 2008-11-12 Nokia Siemens Networks Oy Method for data communication and device as well as communication system comprising such device
US7783603B2 (en) * 2007-05-10 2010-08-24 Dot Hill Systems Corporation Backing store re-initialization method and apparatus
US8001345B2 (en) * 2007-05-10 2011-08-16 Dot Hill Systems Corporation Automatic triggering of backing store re-initialization
US8204858B2 (en) 2007-06-25 2012-06-19 Dot Hill Systems Corporation Snapshot reset method and apparatus
GB0813298D0 (en) * 2008-07-19 2008-08-27 Univ St Andrews Multipad encryption
US10015286B1 (en) * 2010-06-23 2018-07-03 F5 Networks, Inc. System and method for proxying HTTP single sign on across network domains
US8631277B2 (en) 2010-12-10 2014-01-14 Microsoft Corporation Providing transparent failover in a file system
US8516158B1 (en) * 2011-06-07 2013-08-20 Riverbed Technology, Inc. Integrating WAN optimization devices with content delivery networks
US9331955B2 (en) 2011-06-29 2016-05-03 Microsoft Technology Licensing, Llc Transporting operations of arbitrary size over remote direct memory access
US8856582B2 (en) 2011-06-30 2014-10-07 Microsoft Corporation Transparent failover
DE102011079399A1 (de) * 2011-07-19 2013-01-24 Bayerische Motoren Werke Aktiengesellschaft Steuervorrichtung für ein Kraftfahrzeug, Programmiervorrichtung und Programmiersystem
US20130067095A1 (en) 2011-09-09 2013-03-14 Microsoft Corporation Smb2 scaleout
US8788579B2 (en) 2011-09-09 2014-07-22 Microsoft Corporation Clustered client failover
US8782395B1 (en) 2011-09-29 2014-07-15 Riverbed Technology, Inc. Monitoring usage of WAN optimization devices integrated with content delivery networks
US9538561B2 (en) * 2013-05-22 2017-01-03 Intel IP Corporation Systems and methods for enabling service interoperability functionality for WiFi Direct devices connected to a network via a wireless access point
US9961125B2 (en) 2013-07-31 2018-05-01 Microsoft Technology Licensing, Llc Messaging API over HTTP protocol to establish context for data exchange
US9396338B2 (en) 2013-10-15 2016-07-19 Intuit Inc. Method and system for providing a secure secrets proxy
US9444818B2 (en) 2013-11-01 2016-09-13 Intuit Inc. Method and system for automatically managing secure communications in multiple communications jurisdiction zones
US9467477B2 (en) 2013-11-06 2016-10-11 Intuit Inc. Method and system for automatically managing secrets in multiple data security jurisdiction zones
US9894069B2 (en) 2013-11-01 2018-02-13 Intuit Inc. Method and system for automatically managing secret application and maintenance
US10440066B2 (en) * 2013-11-15 2019-10-08 Microsoft Technology Licensing, Llc Switching of connection protocol
CN103826225B (zh) * 2014-02-19 2017-10-10 西安电子科技大学 一种无线网络中身份认证协议选择方法
US10121015B2 (en) * 2014-02-21 2018-11-06 Lens Ventures, Llc Management of data privacy and security in a pervasive computing environment
KR20160046114A (ko) * 2014-10-20 2016-04-28 삼성전자주식회사 데이터 통신 방법 및 이를 구현하는 전자 장치
CN106161224B (zh) 2015-04-02 2019-09-17 阿里巴巴集团控股有限公司 数据交换方法、装置及设备
US10936711B2 (en) 2017-04-18 2021-03-02 Intuit Inc. Systems and mechanism to control the lifetime of an access token dynamically based on access token use
EP3442193B1 (de) * 2017-08-09 2020-05-06 Siemens Mobility GmbH Verfahren zum aufbau eines sicheren kommunikationskanals zwischen einer ersten und einer zweiten netzwerkeinrichtung
US10587611B2 (en) 2017-08-29 2020-03-10 Microsoft Technology Licensing, Llc. Detection of the network logon protocol used in pass-through authentication
US10635829B1 (en) 2017-11-28 2020-04-28 Intuit Inc. Method and system for granting permissions to parties within an organization
CN112672363B (zh) * 2019-10-15 2023-04-18 华为技术有限公司 随流信息遥测能力的确认方法和设备
CN115426191A (zh) * 2022-09-06 2022-12-02 重庆智网科技有限公司信息通信分公司 内外网信息服务集成系统

Family Cites Families (22)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5008879B1 (en) * 1988-11-14 2000-05-30 Datapoint Corp Lan with interoperative multiple operational capabilities
US5010572A (en) * 1990-04-27 1991-04-23 Hughes Aircraft Company Distributed information system having automatic invocation of key management negotiations protocol and method
US5204961A (en) * 1990-06-25 1993-04-20 Digital Equipment Corporation Computer network operating with multilevel hierarchical security with selectable common trust realms and corresponding security protocols
US5828893A (en) * 1992-12-24 1998-10-27 Motorola, Inc. System and method of communicating between trusted and untrusted computer systems
US5471461A (en) * 1993-04-28 1995-11-28 Allen-Bradley Company, Inc. Digital communication network with a moderator station election process
US5530758A (en) * 1994-06-03 1996-06-25 Motorola, Inc. Operational methods for a secure node in a computer network
US5530703A (en) * 1994-09-23 1996-06-25 3Com Corporation Remote communication server with automatic filtering
US5913024A (en) * 1996-02-09 1999-06-15 Secure Computing Corporation Secure server utilizing separate protocol stacks
US6216231B1 (en) * 1996-04-30 2001-04-10 At & T Corp. Specifying security protocols and policy constraints in distributed systems
US6205148B1 (en) * 1996-11-26 2001-03-20 Fujitsu Limited Apparatus and a method for selecting an access router's protocol of a plurality of the protocols for transferring a packet in a communication system
US6125122A (en) 1997-01-21 2000-09-26 At&T Wireless Svcs. Inc. Dynamic protocol negotiation system
US6055575A (en) 1997-01-28 2000-04-25 Ascend Communications, Inc. Virtual private network system and method
US6304973B1 (en) * 1998-08-06 2001-10-16 Cryptek Secure Communications, Llc Multi-level security network system
JP2000315997A (ja) * 1999-04-30 2000-11-14 Toshiba Corp 暗号通信方法及びノード装置
US6871284B2 (en) * 2000-01-07 2005-03-22 Securify, Inc. Credential/condition assertion verification optimization
DE10028715B4 (de) * 2000-06-08 2005-08-11 Siemens Ag Verfahren zur Kommunikation zwischen Kommunikationsnetzen
US20020078371A1 (en) * 2000-08-17 2002-06-20 Sun Microsystems, Inc. User Access system using proxies for accessing a network
US6996841B2 (en) * 2001-04-19 2006-02-07 Microsoft Corporation Negotiating secure connections through a proxy server
US6934702B2 (en) * 2001-05-04 2005-08-23 Sun Microsystems, Inc. Method and system of routing messages in a distributed search network
CN1268088C (zh) * 2001-11-29 2006-08-02 东南大学 基于pki的vpn密钥交换的实现方法
US6845452B1 (en) * 2002-03-12 2005-01-18 Reactivity, Inc. Providing security for external access to a protected computer network
CN1173529C (zh) * 2002-06-05 2004-10-27 华为技术有限公司 基于边界网关协议报文的控制报文安全保护方法

Also Published As

Publication number Publication date
EP1501256A3 (en) 2007-02-21
KR101086576B1 (ko) 2011-11-23
KR20050002628A (ko) 2005-01-07
US20040268118A1 (en) 2004-12-30
EP1501256A2 (en) 2005-01-26
CN1578215B (zh) 2010-05-12
CN1578215A (zh) 2005-02-09
US7526640B2 (en) 2009-04-28
EP1501256B1 (en) 2013-07-24
JP2005025739A (ja) 2005-01-27

Similar Documents

Publication Publication Date Title
JP4819328B2 (ja) セキュリティプロトコルの自動ネゴシエーションのためのシステムおよび方法
US7356601B1 (en) Method and apparatus for authorizing network device operations that are requested by applications
JP4304055B2 (ja) クライアントセッションフェイルオーバーを提供する方法および構造
US8621567B2 (en) Network security and applications to the fabric environment
US7873984B2 (en) Network security through configuration servers in the fabric environment
JP5139423B2 (ja) ネットワーク資源に対するシングルサインオン及び安全なアクセスのためのポリシ駆動の証明情報委譲
JP6656157B2 (ja) ネットワーク接続自動化
AU2005204576B2 (en) Enabling stateless server-based pre-shared secrets
US7036013B2 (en) Secure distributed time service in the fabric environment
US8201233B2 (en) Secure extended authentication bypass
US7802099B2 (en) Method and apparatus for establishing a secure connection
WO2003062992A1 (en) Automatic configuration of devices for secure network communication
US20030120915A1 (en) Node and port authentication in a fibre channel network
CN111628960B (zh) 用于连接至专用网络上的网络服务的方法和装置
CN114666341A (zh) 一种去中心化sdp控制器实现方法及计算机存储介质
US7243367B2 (en) Method and apparatus for starting up a network or fabric
US20090271852A1 (en) System and Method for Distributing Enduring Credentials in an Untrusted Network Environment
EP1530343A1 (en) Method and system for creating authentication stacks in communication networks
CN100474825C (zh) 域认证和用户网络权限控制统一处理的方法及系统
WO2023024540A1 (zh) 处理报文、获取sa信息的方法、装置、系统及介质
Hsu Development of an intranet security infrastructure and its application
CN115941228A (zh) 处理报文、获取sa信息的方法、装置、系统及介质

Legal Events

Date Code Title Description
A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20070621

A621 Written request for application examination

Free format text: JAPANESE INTERMEDIATE CODE: A621

Effective date: 20070621

A131 Notification of reasons for refusal

Free format text: JAPANESE INTERMEDIATE CODE: A131

Effective date: 20100302

A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20100531

A131 Notification of reasons for refusal

Free format text: JAPANESE INTERMEDIATE CODE: A131

Effective date: 20100622

A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20100922

A02 Decision of refusal

Free format text: JAPANESE INTERMEDIATE CODE: A02

Effective date: 20101207

A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20110407

RD13 Notification of appointment of power of sub attorney

Free format text: JAPANESE INTERMEDIATE CODE: A7433

Effective date: 20110408

A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A821

Effective date: 20110408

A911 Transfer to examiner for re-examination before appeal (zenchi)

Free format text: JAPANESE INTERMEDIATE CODE: A911

Effective date: 20110616

TRDD Decision of grant or rejection written
A01 Written decision to grant a patent or to grant a registration (utility model)

Free format text: JAPANESE INTERMEDIATE CODE: A01

Effective date: 20110812

A01 Written decision to grant a patent or to grant a registration (utility model)

Free format text: JAPANESE INTERMEDIATE CODE: A01

A61 First payment of annual fees (during grant procedure)

Free format text: JAPANESE INTERMEDIATE CODE: A61

Effective date: 20110901

FPAY Renewal fee payment (event date is renewal date of database)

Free format text: PAYMENT UNTIL: 20140909

Year of fee payment: 3

R150 Certificate of patent or registration of utility model

Free format text: JAPANESE INTERMEDIATE CODE: R150

LAPS Cancellation because of no payment of annual fees