WO2012070912A3 - Method for dynamically traversing multiple firewalls by means of the simultaneous authentication of a user and network behavior, and apparatus therefor - Google Patents
Method for dynamically traversing multiple firewalls by means of the simultaneous authentication of a user and network behavior, and apparatus therefor Download PDFInfo
- Publication number
- WO2012070912A3 WO2012070912A3 PCT/KR2011/009078 KR2011009078W WO2012070912A3 WO 2012070912 A3 WO2012070912 A3 WO 2012070912A3 KR 2011009078 W KR2011009078 W KR 2011009078W WO 2012070912 A3 WO2012070912 A3 WO 2012070912A3
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- user
- authentication
- multiple firewalls
- dynamically
- traversing multiple
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/029—Firewall traversal, e.g. tunnelling or, creating pinholes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Computer And Data Communications (AREA)
Abstract
Disclosed is a method for dynamically traversing multiple firewalls, in which user authentication and traffic authentication are replaced by the simultaneous authentication of a user and networking behavior conducted at a specific time to simultaneously and dynamically traverse multiple firewalls through one trial. The method for dynamically traversing multiple firewalls enables a user server and an application server to simulate first and second processes from among three-way handshaking processes of TCP/IP in accordance with an agreed procedure, and perform a third process of the three-way handshaking process at a predetermined time. The agreed procedure is generated on the basis of an authentication certificate issued by an authentication server.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020100118873A KR101150299B1 (en) | 2010-11-26 | 2010-11-26 | Method for dynamic traversing of multiple firewalls based on simultaneous notarization of user and networking instance and apparatus thereof |
KR10-2010-0118873 | 2010-11-26 |
Publications (2)
Publication Number | Publication Date |
---|---|
WO2012070912A2 WO2012070912A2 (en) | 2012-05-31 |
WO2012070912A3 true WO2012070912A3 (en) | 2012-09-27 |
Family
ID=46146337
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/KR2011/009078 WO2012070912A2 (en) | 2010-11-26 | 2011-11-25 | Method for dynamically traversing multiple firewalls by means of the simultaneous authentication of a user and network behavior, and apparatus therefor |
Country Status (2)
Country | Link |
---|---|
KR (1) | KR101150299B1 (en) |
WO (1) | WO2012070912A2 (en) |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR20050066052A (en) * | 2003-12-26 | 2005-06-30 | 한국전자통신연구원 | Selective identification system based identification policies and identification method therefor |
KR20060044493A (en) * | 2004-03-24 | 2006-05-16 | 엑서스테크놀러지 주식회사 | Authentication system being capable of controlling authority based of user and authenticator |
KR100694792B1 (en) * | 2006-08-18 | 2007-03-14 | 주식회사 스타뱅크 | System for circulation notary in online and method for managing notary electric p.o. box for customer unification |
Family Cites Families (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7254133B2 (en) | 2002-07-15 | 2007-08-07 | Intel Corporation | Prevention of denial of service attacks |
JP3445986B1 (en) | 2002-09-27 | 2003-09-16 | 松下電器産業株式会社 | Servers, devices and communication systems connected to the Internet |
KR20050026624A (en) * | 2003-09-09 | 2005-03-15 | 이상준 | Integration security system and method of pc using secure policy network |
-
2010
- 2010-11-26 KR KR1020100118873A patent/KR101150299B1/en active IP Right Grant
-
2011
- 2011-11-25 WO PCT/KR2011/009078 patent/WO2012070912A2/en active Application Filing
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR20050066052A (en) * | 2003-12-26 | 2005-06-30 | 한국전자통신연구원 | Selective identification system based identification policies and identification method therefor |
KR20060044493A (en) * | 2004-03-24 | 2006-05-16 | 엑서스테크놀러지 주식회사 | Authentication system being capable of controlling authority based of user and authenticator |
KR100694792B1 (en) * | 2006-08-18 | 2007-03-14 | 주식회사 스타뱅크 | System for circulation notary in online and method for managing notary electric p.o. box for customer unification |
Also Published As
Publication number | Publication date |
---|---|
WO2012070912A2 (en) | 2012-05-31 |
KR101150299B1 (en) | 2012-06-12 |
KR20120057225A (en) | 2012-06-05 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP3025533A4 (en) | Apparatus, system and method of selectively providing internet protocol (ip) session continuity | |
EP2515478A4 (en) | Method, apparatus and system for joint optimizations | |
EP2918032A4 (en) | Method & apparatus for improving the performance of tcp and other network protocols in a communications network using proxy servers | |
EP3764593A4 (en) | Network access method for hybrid network, proxy coordination device, site device | |
WO2014153462A3 (en) | Advanced authentication techniques and applications | |
EP2737655A4 (en) | System, device, and method for authentication of a user accessing an on-line resource | |
IN2014CN03764A (en) | ||
HK1205383A1 (en) | Method, device and system for packet transmission over ip networks ip | |
EP2667538A4 (en) | Encryption system, encryption processing method for encryption system, encryption device, encryption program, decryption device, decryption program, setup device, setup program, key generation device, key generation program, key assignment device and key assignment program | |
EP2553909A4 (en) | Method and apparatus for processing packets in ipv6 network | |
BR112013032879A2 (en) | method for managing login credentials and communication sessions, and session manager | |
EP2908480A4 (en) | Method, forwarding-plane apparatus, and network device for processing packet | |
WO2012003586A8 (en) | System and method for performing device authentication using key agreement | |
MX2013015129A (en) | Methods and apparatus for multiple packet data connections. | |
EP3171542A4 (en) | Session management method, application function entity, policy server and protocol converter | |
EP2759114A4 (en) | Method and apparatus for provisioning resource credentials based on social networking data | |
WO2011140235A3 (en) | Apparatus and method for establishing a peer-to-peer communication session with a host device | |
EP3300331A4 (en) | Response method, apparatus and system in virtual network computing authentication, and proxy server | |
EP2916499A4 (en) | Ip packet processing method, apparatus and network system | |
EP2852107A4 (en) | Packet processing method, apparatus, host and network system | |
WO2013093186A3 (en) | Method and apparatus for sharing media upon request via social networks | |
EP2606615A4 (en) | Method and system for layer-2 pseudo-wire rapid-deployment service over unknown internet protocol networks | |
EP3149893A4 (en) | System, method, and data packets for messaging for electric power grid elements over a secure internet protocol network | |
EP3017562A4 (en) | A method and apparatus for anonymous authentication on trust in social networking | |
EP3051787A4 (en) | Ip multimedia subsystem, proxy session control apparatus, and communication control method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 11843540 Country of ref document: EP Kind code of ref document: A2 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 11843540 Country of ref document: EP Kind code of ref document: A2 |