专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US08713666B2 Methods and devices for enforcing network access control utilizing secure packet tagging 有权
标题翻译：使用安全数据包标签强制执行网络访问控制的方法和设备
公开(公告)号：US08713666B2
公开(公告)日：2014-04-29
申请号：US12056462
申请日：2008-03-27
申请人： Kirill Motil , Almog Cohen , Yaron Sheffer
发明人： Kirill Motil , Almog Cohen , Yaron Sheffer
IPC分类号： H04L29/06
CPC分类号： H04L63/0245 , H04L63/1441 , H04L63/164
摘要： Disclosed are methods, devices, and media for enforcing network access control, the method including the steps of: extracting a packet signature from a packet (or packet fragment) received from a network; storing the packet signature and the packet in a buffer; computing a buffer signature using a per-endpoint secret key; determining whether the packet signature and the buffer signature are identical; and upon determining the packet signature and the buffer signature are identical, transmitting the packet to a protocol stack. Preferably, the step of extracting includes extracting the packet signature from a field (e.g. identification field) of a header of the packet. Preferably, the method further includes the step of: upon determining the packet signature and the buffer signature are not identical, discarding the packet. Methods for receiving a packet from a protocol stack, and transmitting the packet to a network are disclosed as well.
摘要翻译：公开了用于执行网络访问控制的方法，设备和媒体，该方法包括以下步骤：从从网络接收的分组（或分组片段）中提取分组签名; 将分组签名和分组存储在缓冲器中; 使用每端点秘密密钥计算缓冲区签名; 确定分组签名和缓冲器签名是否相同; 并且在确定分组签名和缓冲器签名是相同的时，将分组发送到协议栈。优选地，提取步骤包括从分组报头的字段（例如标识字段）中提取分组签名。优选地，该方法还包括以下步骤：在确定分组签名并且缓冲器签名不相同时，丢弃分组。还公开了从协议栈接收分组并将分组发送到网络的方法。

2. 发明申请

US20090249466A1 METHODS AND DEVICES FOR ENFORCING NETWORK ACCESS CONTROL UTILIZING SECURE PACKET TAGGING 有权
标题翻译：使用安全分组标签执行网络访问控制的方法和设备
公开(公告)号：US20090249466A1
公开(公告)日：2009-10-01
申请号：US12056462
申请日：2008-03-27
申请人： Kirill MOTIL , Almog Cohen , Yaron Sheffer
发明人： Kirill MOTIL , Almog Cohen , Yaron Sheffer
IPC分类号： G06F17/00 , G06F15/16 , H04L9/32
CPC分类号： H04L63/0245 , H04L63/1441 , H04L63/164
摘要： Disclosed are methods, devices, and media for enforcing network access control, the method including the steps of: extracting a packet signature from a packet (or packet fragment) received from a network; storing the packet signature and the packet in a buffer; computing a buffer signature using a per-endpoint secret key; determining whether the packet signature and the buffer signature are identical; and upon determining the packet signature and the buffer signature are identical, transmitting the packet to a protocol stack. Preferably, the step of extracting includes extracting the packet signature from a field (e.g. identification field) of a header of the packet. Preferably, the method further includes the step of: upon determining the packet signature and the buffer signature are not identical, discarding the packet. Methods for receiving a packet from a protocol stack, and transmitting the packet to a network are disclosed as well.
摘要翻译：公开了用于执行网络访问控制的方法，设备和媒体，该方法包括以下步骤：从从网络接收的分组（或分组片段）中提取分组签名; 将分组签名和分组存储在缓冲器中; 使用每端点秘密密钥计算缓冲区签名; 确定分组签名和缓冲器签名是否相同; 并且在确定分组签名和缓冲器签名是相同的时，将分组发送到协议栈。优选地，提取步骤包括从分组报头的字段（例如标识字段）中提取分组签名。优选地，该方法还包括以下步骤：在确定分组签名并且缓冲器签名不相同时，丢弃分组。还公开了从协议栈接收分组并将分组发送到网络的方法。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式