公开(公告)号：US20090089872A1

公开(公告)日：2009-04-02

申请号：US12219457

申请日：2008-07-22

申请人： Jari Arkko ,  Jan Melen ,  Teemu Rinta-Aho

发明人： Jari Arkko ,  Jan Melen ,  Teemu Rinta-Aho

IPC分类号： G06F21/00

CPC分类号： H04L63/0272 ,  H04L12/2856

摘要： A method of routing traffic between external users and a communication network via a private access network. The method comprises establishing a secure outer tunnel between the private network and a gateway of a public access network to which the private network is coupled, based upon authentication of the private network to the public access network, said gateway being coupled to said communication network. For each external user wishing to connect to the communication network via the private network, a secure inner tunnel is established between the user and the gateway based upon authentication of the user to the gateway, the inner tunnel being within said outer tunnel. Traffic is caused to flow between external users and the gateway through the respective inner tunnels.

摘要翻译： 一种通过私有接入网络在外部用户和通信网络之间路由业务的方法。 所述方法包括：基于所述专用网络对所述公共接入网络的认证，在所述专用网络与所述专用网络所耦合的公共接入网络的网关之间建立安全外部隧道，所述网关耦合到所述通信网络。 对于希望通过专用网络连接到通信网络的每个外部用户，基于用户对网关的认证，内部隧道在所述外部隧道内，在用户和网关之间建立安全的内部隧道。 流量通过相应的内部隧道导致外部用户和网关之间流动。

公开(公告)号：US20080271132A1

公开(公告)日：2008-10-30

申请号：US11816459

申请日：2005-11-17

申请人： Petri Jokela ,  Jan Melen

发明人： Petri Jokela ,  Jan Melen

IPC分类号： H04L9/00

CPC分类号： H04L63/0442 ,  H04L63/0823 ,  H04W80/04

摘要： A method is provided of at least partially securing communications between first and second hosts using the Host Identity Protocol, HIP, where the first host is not HIP enabled and the second host is HIP enabled. A persistent HIP identity is associated with the first host and maintained at a remote server. A public part of the persistent HIP identity is obtained from the remote server together with a certificate authorising a gateway node between the first and second hosts to use a temporary HIP identity associated with the first host in a subsequent negotiating step. A secure HIP connection is then negotiated between the gateway node and the second host using at least part of each of the persistent HIP identity, the temporary HIP identity and the certificate. A Host Identity Protocol, HIP, method is provided for use in a network in which a non-HIP-enabled host is communicating with a HIP-enabled host via a plurality of gateway nodes in turn, comprising using a persistent HIP identity for the first host, maintained at a remote server, for each such gateway node used.

摘要翻译： 提供一种使用主机标识协议HIP至少部分地保护第一和第二主机之间的通信的方法，其中第一主机不启用HIP并且第二主机是启用HIP的。 持久的HIP身份与第一个主机相关联，并在远程服务器上进行维护。 永久HIP身份的公共部分从远程服务器以及授权第一和第二主机之间的网关节点的证书获得，以在随后的协商步骤中使用与第一主机相关联的临时HIP身份。 然后在网关节点和第二主机之间使用至少一部分持续的HIP标识，临时HIP标识和证书来协商一个安全的HIP连接。 主机身份协议HIP方法被提供用于网络中，其中非HIP使能的主机依次通过多个网关节点与启用HIP的主机进行通信，包括使用第一 主机，维护在远程服务器上，为每个这样的网关节点使用。