KR20010066996A - ASIC of VPN using IP-Sec(internet protocol-security) - Google Patents
ASIC of VPN using IP-Sec(internet protocol-security) Download PDFInfo
- Publication number
- KR20010066996A KR20010066996A KR1020000065993A KR20000065993A KR20010066996A KR 20010066996 A KR20010066996 A KR 20010066996A KR 1020000065993 A KR1020000065993 A KR 1020000065993A KR 20000065993 A KR20000065993 A KR 20000065993A KR 20010066996 A KR20010066996 A KR 20010066996A
- Authority
- KR
- South Korea
- Prior art keywords
- asic
- vpn
- security
- sec
- internet protocol
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4641—Virtual LANs, VLANs, e.g. virtual private networks [VPN]
-
- H—ELECTRICITY
- H01—ELECTRIC ELEMENTS
- H01L—SEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
- H01L21/00—Processes or apparatus adapted for the manufacture or treatment of semiconductor or solid state devices or of parts thereof
- H01L21/02—Manufacture or treatment of semiconductor devices or of parts thereof
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/54—Store-and-forward switching systems
- H04L12/56—Packet switching systems
- H04L12/5601—Transfer mode dependent, e.g. ATM
- H04L2012/5619—Network Node Interface, e.g. tandem connections, transit switching
- H04L2012/5621—Virtual private network [VPN]; Private-network - network-interface (P-NNI)
Abstract
Description
본발명은 VPN(가상사설망)을 구성하는 핵심요소인 IP-Sec을 ASIC화 하여 공중망 network 상에서의 통신 /음성의 보안유지를 보편화시킴으로써 누구나 아주 쉽게 사용하기 위함이다.The present invention is to make it easy for anyone to use, by universalizing the security of communication / voice on public network network by converting IP-Sec, which is a key component of VPN (Virtual Private Network), to ASIC.
현재에는 이러한 VPN(가상사설망) 기능을 하기 위해서는 S/W를 computer system에 설치하거나 VPN 전용장비를 사용하여야만 하게 되어있다.Currently, in order to function as a virtual private network (VPN), S / W must be installed in a computer system or a dedicated VPN device must be used.
이러한 현재의 방법은 사용상의 제약과 비용 및 운영상의 어려움을 상당히 초래하고 있다.This current method introduces significant limitations in use, cost and operational difficulties.
본 발명은 VPN(가상사설망)기능중에서 가장 주가 되는 기능인 IP-Sec을 ASIC화함으로써 VPN 기능을 보다 다양하게 사용할수 있도록 하고저 한다.According to the present invention, the IP-Sec, which is the main function of the virtual private network (VPN) function, is made to ASIC so that the VPN function can be used in various ways.
세계 표준화된 RFC(Request for comments)에서 정의한 IP-Sec(internet protocol-security)방식에 따라,According to the IP-Sec (internet protocol-security) method defined in the world standardized Request for comments (RFC),
만들고자 하는 ASIC의 micro code를 사용 할수 있는 program을 개발하여 ASIC반도체 내에 직접 내장하고,Develop a program that can use ASIC micro code to make and embed directly in ASIC semiconductor,
IP-Sec의 암호화 및 복호화 하는 부분은 ASIC 반도체 외부에 위치하여 I/F 할 수 있도록 하며,The part of IP-Sec encryption and decryption is located outside the ASIC semiconductor to enable I / F.
internet의 입출력 부분은 ASIC 반도체내에 내장함으로써 ASIC 반 도체를 하나의 Gateway 형태의 반도체로 만든다.The input / output part of the internet is embedded in the ASIC semiconductor to make the ASIC semiconductor into a gateway type semiconductor.
이렇게 함으로써 암/복호화에 유연성(다양한 종류으 암호알고리즘)을 가질수 있고 또한 입출력의 설계를 Gateway 형태로 만듦으로써 쉽게 전자회로에 삽입하여 사용할 수 있도록 한다.By doing so, it is possible to have flexibility (various kinds of encryption algorithms) in encryption / decryption, and to make the design of input / output into gateway type so that it can be easily inserted into electronic circuits.
본 발명은 VPN(가상사설망)을 ASIC화함으로써 인터넷상의 음성 및 Data를 암호화하여 보안을 유지하기위함이다.The present invention is to maintain the security by encrypting voice and data on the Internet by ASIC VPN (Virtual Private Network).
좀더 상세한 설명을 하면 다음 과 같다.More detailed explanation is as follows.
(도표1)에서 RFC가 정의하는 IP-Sec은 ASIC에 내장할 수 있는 Program을 별도로 만들어 ASIC설계에 반영하며, IP-Sec의 암호화/복호화하는 암호알고리즘③은 ASIC의 외부에 두어 현재 사용하는 다양한 암호알고리즘에 유연하게 대처하여 사용할 수 있도록 하며, 이 ASIC반도체의 입출력을 TCP-IP구조④로 만듦으로써 인터넷에 연결을 용이하게 한다. 또한 본 ASIC 반도체의 이용방법(도표2)은 기존의 computer system 내부회로에 직접 삽입 ⓑ하여 인터넷ⓒ과 직접 연결하여 사용할 수도 있고, 또한 별도의 PCB(회로)를 구성하여 computer system과 interface를 시킬 수도 있다.In Figure 1, the IP-Sec defined by the RFC creates a separate program that can be embedded in the ASIC and reflects it in the ASIC design, and the encryption algorithm ③ that encrypts / decrypts the IP-Sec is placed outside the ASIC. It is possible to flexibly cope with the encryption algorithm and to make the connection to the Internet by making the input / output of this ASIC semiconductor into the TCP-IP structure④. In addition, the method of using this ASIC semiconductor (Figure 2) can be used by directly inserting into the existing computer system internal circuit ⓑ and directly connected to the Internetⓒ, or by configuring a separate PCB (circuit) to interface with the computer system. have.
본 발명은 VPN(가상사설망)기능의 핵심요소인 IP-Sec을 하나의 반도체로 만듦으로써 다양한 용도를 가질 뿐 아니라 소형화, 경량화에도 획기적으로 사용이 가능하다. 또한 공중망에서 통신하는 음성/Data에 보안을 유지시킴으로 인하여 향후 공중망에 사용되는 모든 기기들에 적용이 가능하다.The present invention can be used not only for various purposes but also for miniaturization and light weight by making IP-Sec, a key element of the virtual private network (VPN) function, into a single semiconductor. In addition, it can be applied to all devices used in the public network in the future by maintaining the security of voice / data communicating in the public network.
Claims (3)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020000065993A KR20010066996A (en) | 2000-11-07 | 2000-11-07 | ASIC of VPN using IP-Sec(internet protocol-security) |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020000065993A KR20010066996A (en) | 2000-11-07 | 2000-11-07 | ASIC of VPN using IP-Sec(internet protocol-security) |
Publications (1)
Publication Number | Publication Date |
---|---|
KR20010066996A true KR20010066996A (en) | 2001-07-12 |
Family
ID=19697771
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
KR1020000065993A KR20010066996A (en) | 2000-11-07 | 2000-11-07 | ASIC of VPN using IP-Sec(internet protocol-security) |
Country Status (1)
Country | Link |
---|---|
KR (1) | KR20010066996A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR100834270B1 (en) * | 2005-10-06 | 2008-05-30 | 주식회사 케이티프리텔 | Method and system for providing virtual private network services based on mobile communication and mobile terminal for the same |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6055575A (en) * | 1997-01-28 | 2000-04-25 | Ascend Communications, Inc. | Virtual private network system and method |
US6298060B1 (en) * | 1998-04-30 | 2001-10-02 | Nippon Telegraph And Telephone Corporation | Layer 2 integrated access scheme |
US6304100B1 (en) * | 1999-04-27 | 2001-10-16 | Mitsubishi Denki Kabushiki Kaisha | Programmable semiconductor device providing security of circuit information |
US6449272B1 (en) * | 1998-05-08 | 2002-09-10 | Lucent Technologies Inc. | Multi-hop point-to-point protocol |
US9999999B2 (en) * | 2014-12-10 | 2018-06-19 | Inglass S.P.A. | Injector for plastic material injection molding apparatus |
-
2000
- 2000-11-07 KR KR1020000065993A patent/KR20010066996A/en not_active Application Discontinuation
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6055575A (en) * | 1997-01-28 | 2000-04-25 | Ascend Communications, Inc. | Virtual private network system and method |
US6298060B1 (en) * | 1998-04-30 | 2001-10-02 | Nippon Telegraph And Telephone Corporation | Layer 2 integrated access scheme |
US6449272B1 (en) * | 1998-05-08 | 2002-09-10 | Lucent Technologies Inc. | Multi-hop point-to-point protocol |
US6304100B1 (en) * | 1999-04-27 | 2001-10-16 | Mitsubishi Denki Kabushiki Kaisha | Programmable semiconductor device providing security of circuit information |
US9999999B2 (en) * | 2014-12-10 | 2018-06-19 | Inglass S.P.A. | Injector for plastic material injection molding apparatus |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR100834270B1 (en) * | 2005-10-06 | 2008-05-30 | 주식회사 케이티프리텔 | Method and system for providing virtual private network services based on mobile communication and mobile terminal for the same |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US9210172B2 (en) | Method and system for establishing a communications pipe between a personal security device and a remote computer system | |
US20040158716A1 (en) | Authentication and authorisation based secure ip connections for terminals | |
CA2359673A1 (en) | Self-generation of certificates using a secure microprocessor in a device for transferring digital information | |
SE0002446D0 (en) | Method and arrangement in a communications network | |
HUP0400771A2 (en) | Method for enabling pki functions in a smart card | |
NO20026003D0 (en) | terminal communication system | |
GB2392343B (en) | Communications protocols operable through network address translation (nat) type devices | |
WO2002095543A3 (en) | Apparatus and method for providing secure network communication | |
TW200731736A (en) | Semiconductor chip and configuring method thereof | |
GB2374497B (en) | Facilitating legal interception of IP connections | |
JP2006524925A5 (en) | ||
DE60231629D1 (en) | DATA-TRANSMISSION PROCEDURE BETWEEN A LOCAL SERVER AND LOCAL CLIENTS | |
JP2007506202A (en) | Remote IPSEC security relevance management | |
EP3671520A1 (en) | Data retention device | |
KR20010066996A (en) | ASIC of VPN using IP-Sec(internet protocol-security) | |
Okabe et al. | Security architecture for control networks using IPsec and KINK | |
HK1058867A1 (en) | Electronic security system and scheme for a communications network | |
MY128452A (en) | Network authentication | |
CN111541681A (en) | Language downloading method based on Internet of things | |
Kim et al. | Kernel migration of transport layer security | |
EP1557978A4 (en) | A security management method for an integrated access device of network | |
GB2403627B (en) | Communication protocols operable through network address translation (nat) type devices | |
FR2834851A1 (en) | Communications network/detectors/drivers interface module having layer between internet protocol/virtual network and mechanism authenticating detectors/drivers |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
A201 | Request for examination | ||
E902 | Notification of reason for refusal | ||
E601 | Decision to refuse application |