WO2012070912A3 - Method for dynamically traversing multiple firewalls by means of the simultaneous authentication of a user and network behavior, and apparatus therefor - Google Patents

Method for dynamically traversing multiple firewalls by means of the simultaneous authentication of a user and network behavior, and apparatus therefor Download PDF

Info

Publication number
WO2012070912A3
WO2012070912A3 PCT/KR2011/009078 KR2011009078W WO2012070912A3 WO 2012070912 A3 WO2012070912 A3 WO 2012070912A3 KR 2011009078 W KR2011009078 W KR 2011009078W WO 2012070912 A3 WO2012070912 A3 WO 2012070912A3
Authority
WO
WIPO (PCT)
Prior art keywords
user
authentication
multiple firewalls
dynamically
traversing multiple
Prior art date
Application number
PCT/KR2011/009078
Other languages
French (fr)
Korean (ko)
Other versions
WO2012070912A2 (en
Inventor
박형우
윤희준
유진승
장행진
Original Assignee
한국과학기술정보연구원
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 한국과학기술정보연구원 filed Critical 한국과학기술정보연구원
Publication of WO2012070912A2 publication Critical patent/WO2012070912A2/en
Publication of WO2012070912A3 publication Critical patent/WO2012070912A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/029Firewall traversal, e.g. tunnelling or, creating pinholes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer And Data Communications (AREA)

Abstract

Disclosed is a method for dynamically traversing multiple firewalls, in which user authentication and traffic authentication are replaced by the simultaneous authentication of a user and networking behavior conducted at a specific time to simultaneously and dynamically traverse multiple firewalls through one trial. The method for dynamically traversing multiple firewalls enables a user server and an application server to simulate first and second processes from among three-way handshaking processes of TCP/IP in accordance with an agreed procedure, and perform a third process of the three-way handshaking process at a predetermined time. The agreed procedure is generated on the basis of an authentication certificate issued by an authentication server.
PCT/KR2011/009078 2010-11-26 2011-11-25 Method for dynamically traversing multiple firewalls by means of the simultaneous authentication of a user and network behavior, and apparatus therefor WO2012070912A2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
KR1020100118873A KR101150299B1 (en) 2010-11-26 2010-11-26 Method for dynamic traversing of multiple firewalls based on simultaneous notarization of user and networking instance and apparatus thereof
KR10-2010-0118873 2010-11-26

Publications (2)

Publication Number Publication Date
WO2012070912A2 WO2012070912A2 (en) 2012-05-31
WO2012070912A3 true WO2012070912A3 (en) 2012-09-27

Family

ID=46146337

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2011/009078 WO2012070912A2 (en) 2010-11-26 2011-11-25 Method for dynamically traversing multiple firewalls by means of the simultaneous authentication of a user and network behavior, and apparatus therefor

Country Status (2)

Country Link
KR (1) KR101150299B1 (en)
WO (1) WO2012070912A2 (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20050066052A (en) * 2003-12-26 2005-06-30 한국전자통신연구원 Selective identification system based identification policies and identification method therefor
KR20060044493A (en) * 2004-03-24 2006-05-16 엑서스테크놀러지 주식회사 Authentication system being capable of controlling authority based of user and authenticator
KR100694792B1 (en) * 2006-08-18 2007-03-14 주식회사 스타뱅크 System for circulation notary in online and method for managing notary electric p.o. box for customer unification

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7254133B2 (en) 2002-07-15 2007-08-07 Intel Corporation Prevention of denial of service attacks
JP3445986B1 (en) 2002-09-27 2003-09-16 松下電器産業株式会社 Servers, devices and communication systems connected to the Internet
KR20050026624A (en) * 2003-09-09 2005-03-15 이상준 Integration security system and method of pc using secure policy network

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20050066052A (en) * 2003-12-26 2005-06-30 한국전자통신연구원 Selective identification system based identification policies and identification method therefor
KR20060044493A (en) * 2004-03-24 2006-05-16 엑서스테크놀러지 주식회사 Authentication system being capable of controlling authority based of user and authenticator
KR100694792B1 (en) * 2006-08-18 2007-03-14 주식회사 스타뱅크 System for circulation notary in online and method for managing notary electric p.o. box for customer unification

Also Published As

Publication number Publication date
WO2012070912A2 (en) 2012-05-31
KR101150299B1 (en) 2012-06-12
KR20120057225A (en) 2012-06-05

Similar Documents

Publication Publication Date Title
EP3025533A4 (en) Apparatus, system and method of selectively providing internet protocol (ip) session continuity
EP2515478A4 (en) Method, apparatus and system for joint optimizations
EP2918032A4 (en) Method & apparatus for improving the performance of tcp and other network protocols in a communications network using proxy servers
EP3764593A4 (en) Network access method for hybrid network, proxy coordination device, site device
WO2014153462A3 (en) Advanced authentication techniques and applications
EP2737655A4 (en) System, device, and method for authentication of a user accessing an on-line resource
IN2014CN03764A (en)
HK1205383A1 (en) Method, device and system for packet transmission over ip networks ip
EP2667538A4 (en) Encryption system, encryption processing method for encryption system, encryption device, encryption program, decryption device, decryption program, setup device, setup program, key generation device, key generation program, key assignment device and key assignment program
EP2553909A4 (en) Method and apparatus for processing packets in ipv6 network
BR112013032879A2 (en) method for managing login credentials and communication sessions, and session manager
EP2908480A4 (en) Method, forwarding-plane apparatus, and network device for processing packet
WO2012003586A8 (en) System and method for performing device authentication using key agreement
MX2013015129A (en) Methods and apparatus for multiple packet data connections.
EP3171542A4 (en) Session management method, application function entity, policy server and protocol converter
EP2759114A4 (en) Method and apparatus for provisioning resource credentials based on social networking data
WO2011140235A3 (en) Apparatus and method for establishing a peer-to-peer communication session with a host device
EP3300331A4 (en) Response method, apparatus and system in virtual network computing authentication, and proxy server
EP2916499A4 (en) Ip packet processing method, apparatus and network system
EP2852107A4 (en) Packet processing method, apparatus, host and network system
WO2013093186A3 (en) Method and apparatus for sharing media upon request via social networks
EP2606615A4 (en) Method and system for layer-2 pseudo-wire rapid-deployment service over unknown internet protocol networks
EP3149893A4 (en) System, method, and data packets for messaging for electric power grid elements over a secure internet protocol network
EP3017562A4 (en) A method and apparatus for anonymous authentication on trust in social networking
EP3051787A4 (en) Ip multimedia subsystem, proxy session control apparatus, and communication control method

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 11843540

Country of ref document: EP

Kind code of ref document: A2

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 11843540

Country of ref document: EP

Kind code of ref document: A2