MY164093A - A system and method foe establishing mutual remote attestation in internet protocol security (ipsec) based virtual private network (vpn) - Google Patents
A system and method foe establishing mutual remote attestation in internet protocol security (ipsec) based virtual private network (vpn)Info
- Publication number
- MY164093A MY164093A MYPI2011005855A MYPI2011005855A MY164093A MY 164093 A MY164093 A MY 164093A MY PI2011005855 A MYPI2011005855 A MY PI2011005855A MY PI2011005855 A MYPI2011005855 A MY PI2011005855A MY 164093 A MY164093 A MY 164093A
- Authority
- MY
- Malaysia
- Prior art keywords
- ipsec
- attestation
- vpn
- present
- keyms
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
- H04L63/164—Implementing security features at a particular protocol layer at the network layer
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
THE SYSTEM AND METHOD OF THE PRESENT INVENTION PROPOSES AN EXTENSION TO THE IPSEC KEY EXCHANGE PROTOCOL BY ESTABLISHING PROPERTIES-BASED ATTESTATION USING KEY MANAGEMENT SERVICE. THE PRESENT INVENTION PROTECTS INTEGRITY BETWEEN NETWORK ENCRYPTOR OF SENDER-RECEIVER/GATEWAY TO GATEWAY PLATFORM MACHINE BY MEASURING PROPERTIES WHICH BUNDLES WITH IPSEC BASED VPN NETWORK. THE SYSTEM OF THE PRESENT INVENTION COMPRISING AT LEAST ONE SENDER AND RECEIVER PLATFORM; IPSEC COMPONENTS EXTENSION; A PLURALITY OF PROPERTIES OF REMOTE ATTESTATION MODULES (600); AT LEAST ONE SIGNER MECHANISM (602); AND AT LEAST ONE TPM (604). THE METHODOLOGY OF THE PRESENT INVENTION ESTABLISHES MUTUAL REMOTE ATTESTATION IN IPSEC BASED VPN BY OBTAINING AT LEAST ONE KEY MANAGEMENT SERVICE (KEYMS) MEASUREMENT VALUE TO CONFIGURE EACH KEYMS IN VPN (102); ESTABLISHING ATTESTATION IN KEYMS SESSION (104); SIGNING ENCAPSULATION SECURITY PROTOCOL (ESP) AUTHENTICATION HEADER (AH) PACKET WITH TPM CERTIFICATE (106); APPENDING SIGNATURE TO ESP AND AH PAYLOAD (108) AND VALIDATING ATTESTATION DATA BETWEEN GATEWAYS THROUGH TRUSTED THIRD PARTY (110). THE MOST ILLUSTRATIVE DRAWING IS
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
MYPI2011005855A MY164093A (en) | 2011-12-02 | 2011-12-02 | A system and method foe establishing mutual remote attestation in internet protocol security (ipsec) based virtual private network (vpn) |
PCT/MY2012/000160 WO2013081441A1 (en) | 2011-12-02 | 2012-06-28 | A system and method for establishing mutual remote attestation in internet protocol security (ipsec) based virtual private network (vpn) |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
MYPI2011005855A MY164093A (en) | 2011-12-02 | 2011-12-02 | A system and method foe establishing mutual remote attestation in internet protocol security (ipsec) based virtual private network (vpn) |
Publications (1)
Publication Number | Publication Date |
---|---|
MY164093A true MY164093A (en) | 2017-11-30 |
Family
ID=46704988
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
MYPI2011005855A MY164093A (en) | 2011-12-02 | 2011-12-02 | A system and method foe establishing mutual remote attestation in internet protocol security (ipsec) based virtual private network (vpn) |
Country Status (2)
Country | Link |
---|---|
MY (1) | MY164093A (en) |
WO (1) | WO2013081441A1 (en) |
Families Citing this family (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2016118523A1 (en) * | 2015-01-19 | 2016-07-28 | InAuth, Inc. | Systems and methods for trusted path secure communication |
CN104954222A (en) * | 2015-05-22 | 2015-09-30 | 东南大学 | Tunnel-mode ESP (electronic stability program) hardware encapsulating device on basis of IPSEC (internet protocol security) protocols |
US10193858B2 (en) * | 2015-12-22 | 2019-01-29 | Mcafee, Llc | Attestation device custody transfer protocol |
CA3051411C (en) * | 2017-01-25 | 2023-03-28 | Cable Television Laboratories, Inc. | Systems and methods for authenticating platform trust in a network function virtualization environment |
US11138132B2 (en) * | 2018-06-20 | 2021-10-05 | Intel Corporation | Technologies for secure I/O with accelerator devices |
US11909882B2 (en) * | 2020-01-30 | 2024-02-20 | Dell Products L.P. | Systems and methods to cryptographically verify an identity of an information handling system |
US11604880B2 (en) | 2020-02-25 | 2023-03-14 | Dell Products L.P. | Systems and methods to cryptographically verify information handling system configuration |
CN117204024A (en) * | 2020-12-31 | 2023-12-08 | 瑞典爱立信有限公司 | Terminal device, network node and method therein for deriving QoS rules |
CN113783868B (en) * | 2021-09-08 | 2023-09-01 | 广西东信数建信息科技有限公司 | Method and system for protecting Internet of things safety of gate based on commercial password |
CN115361275A (en) * | 2022-08-16 | 2022-11-18 | 深圳市网安信科技有限公司 | Plane network automation deployment system |
CN116055254B (en) * | 2023-01-10 | 2024-06-18 | 华中科技大学 | Safe and trusted gateway system, control method, medium, equipment and terminal |
-
2011
- 2011-12-02 MY MYPI2011005855A patent/MY164093A/en unknown
-
2012
- 2012-06-28 WO PCT/MY2012/000160 patent/WO2013081441A1/en active Application Filing
Also Published As
Publication number | Publication date |
---|---|
WO2013081441A1 (en) | 2013-06-06 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
MY164093A (en) | A system and method foe establishing mutual remote attestation in internet protocol security (ipsec) based virtual private network (vpn) | |
CN102088465B (en) | Hyper text transport protocol (HTTP) Cookie protection method based on preposed gateway | |
CN100488168C (en) | Method for safety packaging network message | |
US10129031B2 (en) | End-to-end service layer authentication | |
US20170201382A1 (en) | Secure Endpoint Devices | |
CN103929299B (en) | Self-securing lightweight network message transmitting method with address as public key | |
CN104067595A (en) | System and method for innovative management of transport layer security session tickets in a network environment | |
CN102594569B (en) | Certificateless key agreement method adopted during Tor anonymous channel building | |
Shafagh et al. | Security comes first, a public-key cryptography framework for the internet of things | |
MY171259A (en) | System and method for identity-based entity authentication for client-server communications | |
WO2015131609A1 (en) | Method for implementing l2tp over ipsec access | |
JP2013156330A (en) | Commission parameter information generation apparatus, common key synthesizer, signature information synthesizer, communication device, key sharing calculated commission apparatus, signature information generation calculated commission apparatus, calculated commission apparatus, key sharing system, signature information verification system, and communication system | |
CN101729871B (en) | Method for safe cross-domain access to SIP video monitoring system | |
Raza et al. | Tinyike: Lightweight ikev2 for internet of things | |
Cho et al. | Securing ethernet-based optical fronthaul for 5g network | |
FR3043870B1 (en) | METHOD FOR SECURING AND AUTHENTICATING TELECOMMUNICATION | |
CN106789524A (en) | The high speed parsing of VPN encrypted tunnels and restoring method | |
Budiyanto et al. | Comparative Analysis of VPN Protocols at Layer 2 Focusing on Voice Over Internet Protocol | |
CN109257388A (en) | Pseudo-wire encryption method in a kind of MPLS-TP | |
JP5333613B2 (en) | Proxy parameter information generation device, proxy device, proxy parameter information generation program, proxy program, and communication system | |
Shah et al. | Impact of ipsec on real time applications in IPv6 and 6to4 tunneled migration network | |
WO2011023010A1 (en) | Method, device and system for data security transmission and reception in a pseudo-wire network | |
CN109561099A (en) | A kind of equipment telecommunication encryption method | |
Abosata et al. | Secure smart-home application based on iotcoap protocol | |
CN111866865B (en) | Data transmission method, 5G private network establishment method and system |