[go: up one dir, main page]

GB2405300B - Method and apparatus for enhanced security for communication over a network - Google Patents

Method and apparatus for enhanced security for communication over a network

Info

Publication number
GB2405300B
GB2405300B GB0427337A GB0427337A GB2405300B GB 2405300 B GB2405300 B GB 2405300B GB 0427337 A GB0427337 A GB 0427337A GB 0427337 A GB0427337 A GB 0427337A GB 2405300 B GB2405300 B GB 2405300B
Authority
GB
United Kingdom
Prior art keywords
security
network
nat
communication over
integration
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
GB0427337A
Other versions
GB0427337D0 (en
GB2405300A (en
Inventor
Thomas Albert Maufer
Sameer Nanda
Paul J Sidenblad
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nvidia Corp
Original Assignee
Nvidia Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US10/172,352 external-priority patent/US7143137B2/en
Priority claimed from US10/172,345 external-priority patent/US7191331B2/en
Priority claimed from US10/172,683 external-priority patent/US7120930B2/en
Priority claimed from US10/172,046 external-priority patent/US7143188B2/en
Priority to GB0509902A priority Critical patent/GB2413248B/en
Application filed by Nvidia Corp filed Critical Nvidia Corp
Priority to GB0525188A priority patent/GB2418821B/en
Publication of GB0427337D0 publication Critical patent/GB0427337D0/en
Publication of GB2405300A publication Critical patent/GB2405300A/en
Publication of GB2405300B publication Critical patent/GB2405300B/en
Application granted granted Critical
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L29/12009
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/2517Translation of Internet protocol [IP] addresses using port numbers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/255Maintenance or indexing of mapping tables
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/50Address allocation
    • H04L61/5007Internet protocol [IP] addresses
    • H04L61/5014Internet protocol [IP] addresses using dynamic host configuration protocol [DHCP] or bootstrap protocol [BOOTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/164Implementing security features at a particular protocol layer at the network layer
    • H04L29/06537
    • H04L29/12018
    • H04L29/12207
    • H04L29/1233
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/10Mapping addresses of different types
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/50Address allocation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/24Negotiation of communication capabilities

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Small-Scale Networks (AREA)

Abstract

Method and apparatus for Internet Protocol Security (IPSec) and Network Address Translation (NAT) integration is described. Additionally, method and apparatus for enhanced security for communication over a network, and more particularly to control of security protocol negotiation to enable multiple clients to establish a virtual private network connection with a same remote address, is described. Furthermore, method and apparatus for enhanced security for communication over a network, and more particularly to NAT integration IPSec, is described. Moreover, method and apparatus for integration of NAT and source address security, including, but not limited to, determining whether a gateway computer is integrated for NAT and source address security, is described.
GB0427337A 2002-06-13 2003-06-03 Method and apparatus for enhanced security for communication over a network Expired - Fee Related GB2405300B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
GB0525188A GB2418821B (en) 2002-06-13 2003-06-03 Method and apparatus for enhanced security for communication over a network
GB0509902A GB2413248B (en) 2002-06-13 2003-06-03 Method and apparatus for enhanced security for communication over a network

Applications Claiming Priority (5)

Application Number Priority Date Filing Date Title
US10/172,352 US7143137B2 (en) 2002-06-13 2002-06-13 Method and apparatus for security protocol and address translation integration
US10/172,046 US7143188B2 (en) 2002-06-13 2002-06-13 Method and apparatus for network address translation integration with internet protocol security
US10/172,683 US7120930B2 (en) 2002-06-13 2002-06-13 Method and apparatus for control of security protocol negotiation
US10/172,345 US7191331B2 (en) 2002-06-13 2002-06-13 Detection of support for security protocol and address translation integration
PCT/US2003/017502 WO2003107624A1 (en) 2002-06-13 2003-06-03 Method and apparatus for enhanced security for communication over a network

Publications (3)

Publication Number Publication Date
GB0427337D0 GB0427337D0 (en) 2005-01-19
GB2405300A GB2405300A (en) 2005-02-23
GB2405300B true GB2405300B (en) 2006-07-12

Family

ID=34109062

Family Applications (2)

Application Number Title Priority Date Filing Date
GB0509902A Expired - Fee Related GB2413248B (en) 2002-06-13 2003-06-03 Method and apparatus for enhanced security for communication over a network
GB0427337A Expired - Fee Related GB2405300B (en) 2002-06-13 2003-06-03 Method and apparatus for enhanced security for communication over a network

Family Applications Before (1)

Application Number Title Priority Date Filing Date
GB0509902A Expired - Fee Related GB2413248B (en) 2002-06-13 2003-06-03 Method and apparatus for enhanced security for communication over a network

Country Status (4)

Country Link
JP (1) JP4426443B2 (en)
AU (1) AU2003240506A1 (en)
DE (1) DE10392807B9 (en)
GB (2) GB2413248B (en)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8042170B2 (en) * 2004-07-15 2011-10-18 Qualcomm Incorporated Bearer control of encrypted data flows in packet data communications
JPWO2007069327A1 (en) * 2005-12-15 2009-05-21 富士通株式会社 RELAY DEVICE, RELAY METHOD, RELAY PROGRAM, COMPUTER-READABLE RECORDING MEDIUM CONTAINING RELAY PROGRAM, AND INFORMATION PROCESSING DEVICE
JP2008079059A (en) * 2006-09-22 2008-04-03 Fujitsu Access Ltd COMMUNICATION EQUIPMENT WHICH PROCESSES MULTIPLE SESSIONS OF IPsec, AND PROCESSING METHOD THEREOF
JP4708297B2 (en) * 2006-09-29 2011-06-22 富士通テレコムネットワークス株式会社 Communication device for processing a plurality of IPsec sessions
JP2008259099A (en) * 2007-04-09 2008-10-23 Atsumi Electric Co Ltd Security system
CN104980405A (en) * 2014-04-10 2015-10-14 中兴通讯股份有限公司 Method and device for performing authentication header (AH) authentication on NAT (Network Address Translation)-traversal IPSEC (Internet Protocol Security) message
JP6109990B1 (en) * 2016-03-31 2017-04-05 西日本電信電話株式会社 Web authentication compatible repeater
EP3871361B1 (en) 2018-11-15 2023-11-01 Huawei Technologies Co., Ltd. Rekeying a security association sa

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1999035799A2 (en) * 1997-12-31 1999-07-15 Ssh Communications Security Oy A method for packet authentication in the presence of network address translations and protocol conversions
WO2000056034A1 (en) * 1999-03-17 2000-09-21 3Com Corporation Method and system for distributed network address translation with network security features
EP1130846A2 (en) * 2000-03-03 2001-09-05 Nexland, Inc. Network address translation gateway

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7155740B2 (en) * 2000-07-13 2006-12-26 Lucent Technologies Inc. Method and apparatus for robust NAT interoperation with IPSEC'S IKE and ESP tunnel mode

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1999035799A2 (en) * 1997-12-31 1999-07-15 Ssh Communications Security Oy A method for packet authentication in the presence of network address translations and protocol conversions
WO2000056034A1 (en) * 1999-03-17 2000-09-21 3Com Corporation Method and system for distributed network address translation with network security features
EP1130846A2 (en) * 2000-03-03 2001-09-05 Nexland, Inc. Network address translation gateway

Also Published As

Publication number Publication date
GB0427337D0 (en) 2005-01-19
GB2413248A (en) 2005-10-19
AU2003240506A1 (en) 2003-12-31
DE10392807B4 (en) 2011-03-10
DE10392807B9 (en) 2011-06-16
JP4426443B2 (en) 2010-03-03
JP2005530404A (en) 2005-10-06
GB0509902D0 (en) 2005-06-22
GB2413248B (en) 2006-06-21
DE10392807T5 (en) 2005-07-28
GB2405300A (en) 2005-02-23

Similar Documents

Publication Publication Date Title
EP1130846A3 (en) Network address translation gateway
US8631139B2 (en) System and method for automatically initiating and dynamically establishing secure internet connections between a fire-walled server and a fire-walled client
GB2392343B (en) Communications protocols operable through network address translation (nat) type devices
EP1434406A3 (en) Establishing a bi-directional IP-tunnel in a mobile IP communication system in case of private address conflicts
US20020114333A1 (en) Real time streaming media communication system
DE60229042D1 (en) ADDRESS TRANSLATION AND ADDRESS TRANSLATION METHOD
TW200637263A (en) Method and system in an IP network for using a network address translation (NAT) with any type of application
GB2413248B (en) Method and apparatus for enhanced security for communication over a network
WO2001097485A3 (en) Method for providing transparent public addressed networks within private networks
JP2019050628A5 (en)
WO2006117284A3 (en) Method and device for converting an internet protocol address inside a communications network
UA88621C2 (en) Method for establishing a vpn-connection
KR100418246B1 (en) An internet voice communication method in NAT/Firewall environment using WebCallAgent and WebCallProxy
Constantinescu et al. NAT/Firewall traversal for SIP: issues and solutions
JP4648436B2 (en) Packet distribution device, communication system, packet processing method, and program
AU2003251342A1 (en) Served initiated authorised communication in the presence of network address translator (nat) or firewalls
JP2006340261A (en) Method for executing internet voice communication by web-to-phone system
Cook Design of a Voice-Aware Firewall Architecture
TW200513077A (en) Bilateral IP sharing device
GB2403627B (en) Communication protocols operable through network address translation (nat) type devices
TWI256214B (en) Method for transforming Internet protocol (IP) address and port of packet under asynchronous path
WO2006042607A3 (en) A method for enabling communication between two network nodes and apparatus

Legal Events

Date Code Title Description
PCNP Patent ceased through non-payment of renewal fee

Effective date: 20160603