WO2005082040A3 - Method and system for providing end-to-end security solutions and protocol acceleration over networks using selective layer encryption - Google Patents

Method and system for providing end-to-end security solutions and protocol acceleration over networks using selective layer encryption Download PDF

Info

Publication number
WO2005082040A3
WO2005082040A3 PCT/US2005/006064 US2005006064W WO2005082040A3 WO 2005082040 A3 WO2005082040 A3 WO 2005082040A3 US 2005006064 W US2005006064 W US 2005006064W WO 2005082040 A3 WO2005082040 A3 WO 2005082040A3
Authority
WO
WIPO (PCT)
Prior art keywords
selective layer
over networks
layer encryption
security solutions
acceleration over
Prior art date
Application number
PCT/US2005/006064
Other languages
French (fr)
Other versions
WO2005082040A2 (en
Inventor
Krishna Ragireddy
Colin Roper
William Uhlig
Original Assignee
Encore Networks Inc
Krishna Ragireddy
Colin Roper
William Uhlig
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Encore Networks Inc, Krishna Ragireddy, Colin Roper, William Uhlig filed Critical Encore Networks Inc
Publication of WO2005082040A2 publication Critical patent/WO2005082040A2/en
Publication of WO2005082040A3 publication Critical patent/WO2005082040A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/16Implementation or adaptation of Internet protocol [IP], of transmission control protocol [TCP] or of user datagram protocol [UDP]
    • H04L69/161Implementation details of TCP/IP or UDP/IP stack architecture; Specification of modified or new header fields
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0485Networking architectures for enhanced packet encryption processing, e.g. offloading of IPsec packet processing or efficient security association look-up
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/164Implementing security features at a particular protocol layer at the network layer

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Communication Control (AREA)

Abstract

The present invention is a method, system, and computer program that provides secure network commtmication over a network between a first and a second entity [Fig 2] wherein data packets are encrypted and transmitted according to previously exchanged encryption command information and wherein TCP accelerators may be used to effectively accelerate the transmission of the data packets. A method, system, and computer program are also shown that provide secure network communication through encrypting a plurality of payloads and embedding encryption command information for each encrypted payload into an options field of a corresponding protocol header while still allowing TCP accelerators to read the protocol headers and effectively accelerate the transmission of the payloads [Fig 7].
PCT/US2005/006064 2004-02-26 2005-02-28 Method and system for providing end-to-end security solutions and protocol acceleration over networks using selective layer encryption WO2005082040A2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US54758704P 2004-02-26 2004-02-26
US60/547,587 2004-02-26

Publications (2)

Publication Number Publication Date
WO2005082040A2 WO2005082040A2 (en) 2005-09-09
WO2005082040A3 true WO2005082040A3 (en) 2007-06-07

Family

ID=34910918

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2005/006064 WO2005082040A2 (en) 2004-02-26 2005-02-28 Method and system for providing end-to-end security solutions and protocol acceleration over networks using selective layer encryption

Country Status (1)

Country Link
WO (1) WO2005082040A2 (en)

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7305092B2 (en) 2000-12-19 2007-12-04 Qualcomm Incorporated Method and system to accelerate cryptographic functions for secure e-commerce applications
US9276663B2 (en) 2009-04-17 2016-03-01 Viasat, Inc. Layer-2 connectivity from switch to access node/gateway
WO2010121216A1 (en) 2009-04-17 2010-10-21 Viasat, Inc. System, method and apparatus for providing end-to-end layer 2 connectivity
US8457035B2 (en) 2009-04-17 2013-06-04 Viasat, Inc. Mobility across satellite beams using L2 connectivity
WO2010121219A2 (en) 2009-04-17 2010-10-21 Viasat, Inc. Core-based satellite network architecture
WO2010121221A1 (en) 2009-04-17 2010-10-21 Viasat, Inc. Multi-satellite architecture
US8379613B2 (en) 2009-04-17 2013-02-19 Viasat, Inc. Layer-2 connectivity from switch to access node/gateway
US8804730B2 (en) 2009-04-17 2014-08-12 Viasat, Inc. Layer-2 extension services
US8274981B2 (en) 2009-04-17 2012-09-25 Viasat, Inc. Acceleration through a network tunnel

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6438612B1 (en) * 1998-09-11 2002-08-20 Ssh Communications Security, Ltd. Method and arrangement for secure tunneling of data between virtual routers

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6438612B1 (en) * 1998-09-11 2002-08-20 Ssh Communications Security, Ltd. Method and arrangement for secure tunneling of data between virtual routers

Also Published As

Publication number Publication date
WO2005082040A2 (en) 2005-09-09

Similar Documents

Publication Publication Date Title
WO2005082040A3 (en) Method and system for providing end-to-end security solutions and protocol acceleration over networks using selective layer encryption
EP2213036B1 (en) System and method for providing secure network communications
KR100480225B1 (en) Data-securing communication apparatus and method therefor
US7353380B2 (en) Method and apparatus for providing secure streaming data transmission facilities using unreliable protocols
TW200518516A (en) Communication system, communication device, communication method, and communication program for realizing the same
JP2008538266A (en) Incompatible transport security protocol
CA2467988A1 (en) System and method for initiating secure network connection from a client to a network host
WO2002082767A3 (en) System and method for distributing security processing functions for network applications
CN104219217A (en) SA (security association) negotiation method, device and system
CN101572644B (en) Data encapsulation method and equipment thereof
WO1997008838A3 (en) Method and apparatus for modifying a standard internetwork protocol layer header
EP1384370B1 (en) Method and system for authenticating a personal security device vis-a-vis at least one remote computer system
JPH11191793A (en) Layer independent security for communication channel
CN101502041A (en) Encryption device, decryption device, encryption method, and decryption method
CN109344639A (en) A kind of distribution automation double protection safety chip, data transmission method and equipment
CN101764825A (en) Data transmission method of virtual private network, system thereof, terminal thereof and gateway equipment thereof
KR101611944B1 (en) Method for selectively applying data encryption
CN102223353A (en) Host identification protocol (HIP) safe channel multiplexing method and device thereof
CN108924157B (en) Message forwarding method and device based on IPSec VPN
WO2004107651A8 (en) Method, system and computer program for the secured management of network devices
CN106161386A (en) A kind of method and apparatus realizing that IPsec shunts
CN112104601A (en) Data transmission method, device, terminal equipment and storage medium
CN113242250B (en) Multiplexing protocol and transmission method
Sing et al. A critical analysis of multilayer IP security protocol
CN114826748A (en) Audio and video stream data encryption method and device based on RTP, UDP and IP protocols

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NA NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SM SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GM KE LS MW MZ NA SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LT LU MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
122 Ep: pct application non-entry in european phase