-
1.发明授权公开(公告)号:US08347073B2
公开(公告)日:2013-01-01
申请号:US12231813
申请日:2008-09-05
申请人: David A. McGrew , Mark Baugher , Saul Adler , William C. Melohn
发明人: David A. McGrew , Mark Baugher , Saul Adler , William C. Melohn
CPC分类号: H04L63/0464 , H04L9/0833 , H04L9/3242 , H04L63/065
摘要: Systems, methods, and other embodiments associated with processing secure network traffic are described. One example method includes determining whether a device is a preconfigured member of a group key system. If the device is not a preconfigured member then the method selectively establishes membership in the group key system by requesting membership from a group controller. The example method may also include receiving a set of keys from the group controller and being assigned a role by the group controller. The method may further include processing secure network traffic as an inspection point, a rewriting point, and/or a validation point based on the received set of keys and the assigned role(s).
摘要翻译: 描述了与处理安全网络业务相关联的系统,方法和其他实施例。 一个示例性方法包括确定设备是组密钥系统的预配置成员。 如果设备不是预配置的成员,则该方法通过从组控制器请求成员资格来选择性地建立组密钥系统中的成员关系。 示例性方法还可以包括从组控制器接收一组密钥并由组控制器分配角色。 该方法还可以包括基于所接收的密钥集合和所分配的角色来将安全网络业务作为检查点,重写点和/或验证点进行处理。
-
2.发明申请公开(公告)号:US20100064137A1
公开(公告)日:2010-03-11
申请号:US12231813
申请日:2008-09-05
申请人: David A. McGrew , Mark Baugher , Saul Adler , William C. Melohn
发明人: David A. McGrew , Mark Baugher , Saul Adler , William C. Melohn
IPC分类号: H04L9/00
CPC分类号: H04L63/0464 , H04L9/0833 , H04L9/3242 , H04L63/065
摘要: Systems, methods, and other embodiments associated with processing secure network traffic are described. One example method includes determining whether a device is a preconfigured member of a group key system. If the device is not a preconfigured member then the method selectively establishes membership in the group key system by requesting membership from a group controller. The example method may also include receiving a set of keys from the group controller and being assigned a role by the group controller. The method may further include processing secure network traffic as an inspection point, a rewriting point, and/or a validation point based on the received set of keys and the assigned role(s).
摘要翻译: 描述了与处理安全网络业务相关联的系统,方法和其他实施例。 一个示例性方法包括确定设备是组密钥系统的预配置成员。 如果设备不是预配置的成员,则该方法通过从组控制器请求成员资格来选择性地建立组密钥系统中的成员关系。 示例性方法还可以包括从组控制器接收一组密钥并由组控制器分配角色。 该方法还可以包括基于所接收的密钥集合和所分配的角色来将安全网络业务作为检查点,重写点和/或验证点进行处理。
-
3.发明授权公开(公告)号:US07367046B1
公开(公告)日:2008-04-29
申请号:US10310372
申请日:2002-12-04
IPC分类号: G06F21/00
CPC分类号: H04L63/06 , G06F2221/2129 , H04L29/12216 , H04L61/2007 , H04L63/08
摘要: According to an approach for assigning network addresses to network devices, an authentication request that requests authentication of identification data that uniquely identifies a network device is generated and sent to an authentication mechanism. An authentication response is received from the authentication mechanism that indicates whether the network device is authorized to access a first network. If the authentication response indicates that the network device is authorized to access the first network, then a first network address on a first network is assigned to the network device. If the authentication response indicates that the network device is not authorized to access the first network, then a second network address on a second network to the network device is assigned. If no authentication response is received from the authentication mechanism, then the second network address on the second network is assigned to the network device.
摘要翻译: 根据用于向网络设备分配网络地址的方法,生成请求对唯一地标识网络设备的标识数据的认证的认证请求,并将其发送到认证机制。 从认证机制接收到指示网络设备是否被授权访问第一网络的认证响应。 如果认证响应指示网络设备被授权访问第一网络,则将第一网络上的第一网络地址分配给网络设备。 如果认证响应指示网络设备未被授权访问第一网络,则分配到网络设备的第二网络上的第二网络地址。 如果从认证机制没有接收到认证响应,则将第二网络上的第二网络地址分配给网络设备。
-
-
搜索结果
3 条记录 (耗时 0.015 秒)
