公开(公告)号：US20090158417A1

公开(公告)日：2009-06-18

申请号：US12002729

申请日：2007-12-17

申请人： Bakul Khanna ,  William A. Miller, III ,  Jozef Babiarz

发明人： Bakul Khanna ,  William A. Miller, III ,  Jozef Babiarz

IPC分类号： G06F17/00 ,  G06F11/30 ,  G06F15/16

CPC分类号： H04L63/1466

摘要： An embodiment of the present invention includes a technique to provide anti-replay protection with QoS queues. A single global anti-replay window is maintained to have global lowest and highest sequence numbers for an Internet protocol security (IPSec) security association (SA). The single global anti-replay window is associated with individual differentiated services code point (DSCP) or DSCP group, the individual DSCP or DSCP group corresponding to individual per-DSCP anti-replay windows. A received packet having a sequence number is pre-processed before packet processing using the single global anti-replay window. The received packet is post-processed after packet processing using the individual per-DSCP anti-replay windows.

摘要翻译： 本发明的实施例包括提供具有QoS队列的反重放保护的技术。 维护单个全局反重放窗口以具有用于因特网协议安全（IPSec）安全关联（SA））的全局最低和最高序列号。 单个全局反重播窗口与个体差异化服务代码点（DSCP）或DSCP组相关联，每个DSCP或DSCP组对应于每个DSCP反重播窗口。 具有序列号的接收分组在使用单个全局反重放窗口的分组处理之前被预处理。 接收到的数据包在使用单个DSCP反重放窗口的数据包处理后进行后处理。

公开(公告)号：US08191133B2

公开(公告)日：2012-05-29

申请号：US12002729

申请日：2007-12-17

申请人： Bakul Khanna ,  William A. Miller, III ,  Jozef Babiarz

发明人： Bakul Khanna ,  William A. Miller, III ,  Jozef Babiarz

IPC分类号： H04L29/06

CPC分类号： H04L63/1466

摘要： An embodiment of the present invention includes a technique to provide anti-replay protection with QoS queues. A single global anti-replay window is maintained to have global lowest and highest sequence numbers for an Internet protocol security (IPSec) security association (SA). The single global anti-replay window is associated with individual differentiated services code point (DSCP) or DSCP group, the individual DSCP or DSCP group corresponding to individual per-DSCP anti-replay windows. A received packet having a sequence number is pre-processed before packet processing using the single global anti-replay window. The received packet is post-processed after packet processing using the individual per-DSCP anti-replay windows.

摘要翻译： 本发明的实施例包括提供具有QoS队列的反重放保护的技术。 维护单个全局反重放窗口以具有用于因特网协议安全（IPSec）安全关联（SA））的全局最低和最高序列号。 单个全局反重播窗口与个体差异化服务代码点（DSCP）或DSCP组相关联，每个DSCP或DSCP组对应于每个DSCP反重播窗口。 具有序列号的接收分组在使用单个全局反重放窗口的分组处理之前被预处理。 接收到的数据包在使用单个DSCP反重放窗口的数据包处理后进行后处理。