Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Internet safety protocol high-speed processing IP burst method

A security protocol, IP fragmentation technology, applied in secure communication devices, digital transmission systems, electrical components, etc., can solve problems such as reducing network throughput performance, occupying large memory, unable to process IP fragmentation at high speed, etc., to improve business support The effect of range, high forwarding performance

Inactive Publication Date: 2006-05-24
ZTE CORP
View PDF0 Cites 18 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The technical problem to be solved by the present invention is to overcome the high-performance network equipment (such as high-performance reasoner and high-performance routing switch) that enables IPsec technology that exists in the prior art when supporting port-level security granularity, it is necessary to reorganize the IP fragmentation before Obtaining the port information of the upper layer protocol can implement IPsec processing for all IP fragments, which will take up a large amount of memory, increase the processing burden of IPsec gateways, reduce network throughput performance, and cannot process IP fragments at high speed. A method for high-speed processing of IP fragments by an Internet security protocol capable of processing IP fragments at high speed, effectively reducing the processing burden of IPsec gateways, and improving network throughput performance

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Internet safety protocol high-speed processing IP burst method
  • Internet safety protocol high-speed processing IP burst method
  • Internet safety protocol high-speed processing IP burst method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0025] The method of the present invention will be further described below in combination with specific embodiments.

[0026] The invention mainly proposes a method for IPsec to process IP fragmentation at high speed through mapping.

[0027] In the typical IPsec VPN network environment shown in Figure 3, the VPN gateway is a high-speed network device enabling IPsec, and the communication between the left subnet and the right subnet passes through the IPsec tunnel between the VPN gateways. Communication between host A and server B uses UDP port x, and communication between host A and server C uses UDP port y. The VPN gateway provides different levels of IPsec security protection for different services. Assume that the security policy configuration on the IPsec VPN gateway requires AH tunnel protection for communication on UDP port x, and ESP tunnel protection for communication on UDP port y. The security policy on the left IPsec VPN gateway is as follows:

[0028] s...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The method includes procedures: when processing first IP banding, network device of starting use of Internet secure protocol picks up information for unique identifying the IP message from the IP banding; then, building mapping from the information to relevant security policy; when processing other bandings of the IP message, Internet secure protocol maps to relevant security policy through the said unique information so as to implement process in high speed for the IP banding by the Internet secure protocol. Comparing with prior art, the invention overcomes disadvantages of using lots of memory, weighting process burden of gateway, lowering network throughput. The invention raises service range supported by network device, and guarantees high forwarding performance of network device.

Description

technical field [0001] The present invention relates to the computer field, in particular to information security technology in the Internet field. Background technique [0002] As the Internet penetrates into every aspect of social life day by day, Internet security issues are receiving more and more widespread attention. In general, IPsec (IP Security, Internet Security Protocol) is often used on the Internet to provide encryption and authentication protection for communication between network entities. The most typical application is to deploy a VPN (Virtual Private Network, Virtual Private Network), using the IPsec protocol Provide encryption and authentication protection for IP tunnels between VPN gateways that traverse the public network. The IPsec protocol provides security protection for IP (Internet Protocol, Internet Protocol) packets through AH (Authentication Head, IP Authentication Head Protocol) and ESP (Encapsulating Security Payload, IP Encapsulating Securit...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L9/00
Inventor 李卓明陈海彬赵真富
Owner ZTE CORP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com