MY164093A - A system and method foe establishing mutual remote attestation in internet protocol security (ipsec) based virtual private network (vpn) - Google Patents

A system and method foe establishing mutual remote attestation in internet protocol security (ipsec) based virtual private network (vpn)

Info

Publication number
MY164093A
MY164093A MYPI2011005855A MYPI2011005855A MY164093A MY 164093 A MY164093 A MY 164093A MY PI2011005855 A MYPI2011005855 A MY PI2011005855A MY PI2011005855 A MYPI2011005855 A MY PI2011005855A MY 164093 A MY164093 A MY 164093A
Authority
MY
Malaysia
Prior art keywords
ipsec
attestation
vpn
present
keyms
Prior art date
Application number
MYPI2011005855A
Inventor
Binti Abd Aziz Norazah
Setapa Sharipah
Aminudin Mohd Khalid Mohd
Abdullah Kilausuria
Original Assignee
Mimos Berhad
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Mimos Berhad filed Critical Mimos Berhad
Priority to MYPI2011005855A priority Critical patent/MY164093A/en
Priority to PCT/MY2012/000160 priority patent/WO2013081441A1/en
Publication of MY164093A publication Critical patent/MY164093A/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/164Implementing security features at a particular protocol layer at the network layer

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

THE SYSTEM AND METHOD OF THE PRESENT INVENTION PROPOSES AN EXTENSION TO THE IPSEC KEY EXCHANGE PROTOCOL BY ESTABLISHING PROPERTIES-BASED ATTESTATION USING KEY MANAGEMENT SERVICE. THE PRESENT INVENTION PROTECTS INTEGRITY BETWEEN NETWORK ENCRYPTOR OF SENDER-RECEIVER/GATEWAY TO GATEWAY PLATFORM MACHINE BY MEASURING PROPERTIES WHICH BUNDLES WITH IPSEC BASED VPN NETWORK. THE SYSTEM OF THE PRESENT INVENTION COMPRISING AT LEAST ONE SENDER AND RECEIVER PLATFORM; IPSEC COMPONENTS EXTENSION; A PLURALITY OF PROPERTIES OF REMOTE ATTESTATION MODULES (600); AT LEAST ONE SIGNER MECHANISM (602); AND AT LEAST ONE TPM (604). THE METHODOLOGY OF THE PRESENT INVENTION ESTABLISHES MUTUAL REMOTE ATTESTATION IN IPSEC BASED VPN BY OBTAINING AT LEAST ONE KEY MANAGEMENT SERVICE (KEYMS) MEASUREMENT VALUE TO CONFIGURE EACH KEYMS IN VPN (102); ESTABLISHING ATTESTATION IN KEYMS SESSION (104); SIGNING ENCAPSULATION SECURITY PROTOCOL (ESP) AUTHENTICATION HEADER (AH) PACKET WITH TPM CERTIFICATE (106); APPENDING SIGNATURE TO ESP AND AH PAYLOAD (108) AND VALIDATING ATTESTATION DATA BETWEEN GATEWAYS THROUGH TRUSTED THIRD PARTY (110). THE MOST ILLUSTRATIVE DRAWING IS
MYPI2011005855A 2011-12-02 2011-12-02 A system and method foe establishing mutual remote attestation in internet protocol security (ipsec) based virtual private network (vpn) MY164093A (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
MYPI2011005855A MY164093A (en) 2011-12-02 2011-12-02 A system and method foe establishing mutual remote attestation in internet protocol security (ipsec) based virtual private network (vpn)
PCT/MY2012/000160 WO2013081441A1 (en) 2011-12-02 2012-06-28 A system and method for establishing mutual remote attestation in internet protocol security (ipsec) based virtual private network (vpn)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
MYPI2011005855A MY164093A (en) 2011-12-02 2011-12-02 A system and method foe establishing mutual remote attestation in internet protocol security (ipsec) based virtual private network (vpn)

Publications (1)

Publication Number Publication Date
MY164093A true MY164093A (en) 2017-11-30

Family

ID=46704988

Family Applications (1)

Application Number Title Priority Date Filing Date
MYPI2011005855A MY164093A (en) 2011-12-02 2011-12-02 A system and method foe establishing mutual remote attestation in internet protocol security (ipsec) based virtual private network (vpn)

Country Status (2)

Country Link
MY (1) MY164093A (en)
WO (1) WO2013081441A1 (en)

Families Citing this family (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016118523A1 (en) * 2015-01-19 2016-07-28 InAuth, Inc. Systems and methods for trusted path secure communication
CN104954222A (en) * 2015-05-22 2015-09-30 东南大学 Tunnel-mode ESP (electronic stability program) hardware encapsulating device on basis of IPSEC (internet protocol security) protocols
US10193858B2 (en) * 2015-12-22 2019-01-29 Mcafee, Llc Attestation device custody transfer protocol
CA3051411C (en) * 2017-01-25 2023-03-28 Cable Television Laboratories, Inc. Systems and methods for authenticating platform trust in a network function virtualization environment
US11138132B2 (en) * 2018-06-20 2021-10-05 Intel Corporation Technologies for secure I/O with accelerator devices
US11909882B2 (en) * 2020-01-30 2024-02-20 Dell Products L.P. Systems and methods to cryptographically verify an identity of an information handling system
US11604880B2 (en) 2020-02-25 2023-03-14 Dell Products L.P. Systems and methods to cryptographically verify information handling system configuration
CN117204024A (en) * 2020-12-31 2023-12-08 瑞典爱立信有限公司 Terminal device, network node and method therein for deriving QoS rules
CN113783868B (en) * 2021-09-08 2023-09-01 广西东信数建信息科技有限公司 Method and system for protecting Internet of things safety of gate based on commercial password
CN115361275A (en) * 2022-08-16 2022-11-18 深圳市网安信科技有限公司 Plane network automation deployment system
CN116055254B (en) * 2023-01-10 2024-06-18 华中科技大学 Safe and trusted gateway system, control method, medium, equipment and terminal

Also Published As

Publication number Publication date
WO2013081441A1 (en) 2013-06-06

Similar Documents

Publication Publication Date Title
MY164093A (en) A system and method foe establishing mutual remote attestation in internet protocol security (ipsec) based virtual private network (vpn)
CN102088465B (en) Hyper text transport protocol (HTTP) Cookie protection method based on preposed gateway
CN100488168C (en) Method for safety packaging network message
US10129031B2 (en) End-to-end service layer authentication
US20170201382A1 (en) Secure Endpoint Devices
CN103929299B (en) Self-securing lightweight network message transmitting method with address as public key
CN104067595A (en) System and method for innovative management of transport layer security session tickets in a network environment
CN102594569B (en) Certificateless key agreement method adopted during Tor anonymous channel building
Shafagh et al. Security comes first, a public-key cryptography framework for the internet of things
MY171259A (en) System and method for identity-based entity authentication for client-server communications
WO2015131609A1 (en) Method for implementing l2tp over ipsec access
JP2013156330A (en) Commission parameter information generation apparatus, common key synthesizer, signature information synthesizer, communication device, key sharing calculated commission apparatus, signature information generation calculated commission apparatus, calculated commission apparatus, key sharing system, signature information verification system, and communication system
CN101729871B (en) Method for safe cross-domain access to SIP video monitoring system
Raza et al. Tinyike: Lightweight ikev2 for internet of things
Cho et al. Securing ethernet-based optical fronthaul for 5g network
FR3043870B1 (en) METHOD FOR SECURING AND AUTHENTICATING TELECOMMUNICATION
CN106789524A (en) The high speed parsing of VPN encrypted tunnels and restoring method
Budiyanto et al. Comparative Analysis of VPN Protocols at Layer 2 Focusing on Voice Over Internet Protocol
CN109257388A (en) Pseudo-wire encryption method in a kind of MPLS-TP
JP5333613B2 (en) Proxy parameter information generation device, proxy device, proxy parameter information generation program, proxy program, and communication system
Shah et al. Impact of ipsec on real time applications in IPv6 and 6to4 tunneled migration network
WO2011023010A1 (en) Method, device and system for data security transmission and reception in a pseudo-wire network
CN109561099A (en) A kind of equipment telecommunication encryption method
Abosata et al. Secure smart-home application based on iotcoap protocol
CN111866865B (en) Data transmission method, 5G private network establishment method and system