-
1.发明申请公开(公告)号:US20100054252A1
公开(公告)日:2010-03-04
申请号:US12461739
申请日:2009-08-21
申请人: Norihito Fujita , Atsushi Iwata , Akira Arutaki , Yuichi Ishikawa
发明人: Norihito Fujita , Atsushi Iwata , Akira Arutaki , Yuichi Ishikawa
CPC分类号: H04L29/12066 , H04L29/06 , H04L29/12018 , H04L61/10 , H04L61/1511 , H04L69/16 , H04L69/161
摘要: When a packet transfer equipment receives a packet, it extracts several types of information contained in the received packet such as the destination IP address and the destination port number and, using the extracted information as the key, inquires of a packet transfer method resolution server about the information related to the packet transfer method. The server keeps the correspondences between several types of information contained in the packet and one or more type of information related to the packet transfer method in the database and, in response to the inquiry from the packet transfer equipment, replies one or more type of information related to the packet transfer method. The packet transfer equipment rewrites several types of information such as the destination IP address and the destination port number according to one or more type of information obtained and transfers the received packet.
摘要翻译: 当分组传送设备接收到分组时,它提取接收分组中包含的几种类型的信息,例如目的地IP地址和目的地端口号,并且使用提取的信息作为密钥,查询分组传送方法分辨率服务器 与数据包传输方式相关的信息。 服务器保持数据包中包含的几种类型的信息与数据库中与数据包传送方法有关的一种或多种类型的信息之间的对应关系,并且响应于来自分组传送设备的询问,回复一种或多种类型的信息 与数据包传输方法有关。 分组传送设备根据获得的一种或多种类型的信息重写诸如目的地IP地址和目的地端口号的几种类型的信息,并传送接收到的分组。
-
2.发明授权公开(公告)号:US07594029B2
公开(公告)日:2009-09-22
申请号:US10642750
申请日:2003-08-19
申请人: Norihito Fujita , Atsushi Iwata , Akira Arutaki , Yuichi Ishikawa
发明人: Norihito Fujita , Atsushi Iwata , Akira Arutaki , Yuichi Ishikawa
IPC分类号: G06F15/173
CPC分类号: H04L29/12066 , H04L29/06 , H04L29/12018 , H04L61/10 , H04L61/1511 , H04L69/16 , H04L69/161
摘要: When a packet transfer equipment receives a packet, it extracts several types of information contained in the received packet such as the destination IP address and the destination port number and, using the extracted information as the key, inquires of a packet transfer method resolution server about the information related to the packet transfer method. The server keeps the correspondences between several types of information contained in the packet and one or more type of information related to the packet transfer method in the database and, in response to the inquiry from the packet transfer equipment, replies one or more type of information related to the packet transfer method. The packet transfer equipment rewrites several types of information such as the destination IP address and the destination port number according to one or more type of information obtained and transfers the received packet.
摘要翻译: 当分组传送设备接收到分组时,它提取接收分组中包含的几种类型的信息,例如目的地IP地址和目的地端口号,并且使用提取的信息作为密钥,查询分组传送方法分辨率服务器 与数据包传输方式相关的信息。 服务器保持数据包中包含的几种类型的信息与数据库中与数据包传送方法有关的一种或多种类型的信息之间的对应关系,并且响应于来自分组传送设备的询问,回复一种或多种类型的信息 与数据包传输方法有关。 分组传送设备根据获得的一种或多种类型的信息重写诸如目的地IP地址和目的地端口号的几种类型的信息,并传送接收到的分组。
-
公开(公告)号:US20080235507A1
公开(公告)日:2008-09-25
申请号:US10585850
申请日:2004-12-28
申请人: Yuichi Ishikawa , Norihito Fujita , Akio Iijima , Atsushi Iwata
发明人: Yuichi Ishikawa , Norihito Fujita , Akio Iijima , Atsushi Iwata
IPC分类号: H04L9/00
CPC分类号: H04L63/0428
摘要: A DNS Proxy unit (A12a) holds the domain name of an encrypted communication target node in a CUG setting table (A125a), intercepts a name resolution request for a communication partner node output from an application (A11x) to a DNS server (B1a), determines by looking up the CUG setting table (A125a) whether the communication partner is an encrypted communication target node, and if the communication partner is an encrypted communication target node, registers the IP address of the name-resolved communication partner in an encrypted communication path setting table (A142a). A data packet sent from the application (A11x) to the IP address is intercepted by a data transmission/reception unit (A14a). A data packet to an IP address registered in the encrypted communication path setting table (A142a) is encrypted by a communication encryption unit (A141a) and transmitted to the communication partner. In this way, in executing encrypted communication with a plurality of communication partners by using a communication encryption function provided by an OS, setting of the encrypted communication target node can be done by using a domain name.
摘要翻译: DNS代理单元(A12a)将加密的通信目标节点的域名保存在CUG设置表(A125a)中,截取从应用(A 11 x)输出的通信伙伴节点的名称解析请求到 DNS服务器(B1a)通过查找CUG设置表(A 125a)来确定通信伙伴是否是加密的通信目标节点,并且如果通信伙伴是加密的通信目标节点,则注册该IP地址 在加密通信路径设置表(A 142a)中的名称解析通信伙伴。 从应用程序(A 11 x)发送到IP地址的数据分组被数据发送/接收单元(A14a)截取。 登记在加密通信路径设定表(A 142a)中的IP地址的数据分组由通信加密单元(A 141a)进行加密,并发送给通信伙伴。 以这种方式,通过使用由OS提供的通信加密功能来执行与多个通信伙伴的加密通信,可以通过使用域名来设置加密的通信目标节点。
-
4.发明授权Encryption communication system, apparatus and method for allowing direct encryption communication with a plurality of nodes 有权加密通信系统,用于允许与多个节点进行直接加密通信的装置和方法公开(公告)号:US08356169B2
公开(公告)日:2013-01-15
申请号:US10585997
申请日:2005-01-12
申请人: Yuichi Ishikawa , Norihito Fujita , Akio Iijima , Atsushi Iwata
发明人: Yuichi Ishikawa , Norihito Fujita , Akio Iijima , Atsushi Iwata
IPC分类号: H04L29/06
CPC分类号: H04L63/0428 , H04L61/1511 , H04L61/6013 , H04L63/164
摘要: If the communication partner of a client node (A1a) is an encryption communication target node (C1), a DNS Proxy unit (A12a) in the client node rewrites a response to a name resolution request for the communication partner node of an application from the actual IP address of the communication partner node to a loopback address that changes depending on the communication partner. On the basis of the destination loopback address of a data packet transmitted from the application, a communication encryption module (A13a) in the client node identifies the communication partner and the encryption communication path to be used for communication with the communication partner. Hence, encryption communication can simultaneously be executed directly with a plurality of communication partner nodes by using the communication encryption module that operates as an independent process.
摘要翻译: 如果客户端节点(A1a)的通信伙伴是加密通信目标节点(C1),则客户机节点中的DNS代理单元(A12a)从应用程序的通信伙伴节点重写对于应用的通信伙伴节点的名称解析请求的响应, 通信伙伴节点的实际IP地址到根据通信伙伴而改变的环回地址。 基于从应用发送的数据分组的目的地环回地址,客户端节点中的通信加密模块(A13a)识别通信对方和用于与通信对方通信的加密通信路径。 因此,通过使用作为独立进程操作的通信加密模块,可以与多个通信伙伴节点直接同时执行加密通信。
-
公开(公告)号:US07840699B2
公开(公告)日:2010-11-23
申请号:US10785191
申请日:2004-02-25
申请人: Norihito Fujita , Yuichi Ishikawa , Atsushi Iwata
发明人: Norihito Fujita , Yuichi Ishikawa , Atsushi Iwata
IPC分类号: G06F15/173
CPC分类号: H04L29/12066 , H04L29/06 , H04L61/1511 , H04L63/0281 , H04L63/08 , H04L67/306 , H04L69/329
摘要: The DNS server according to the present invention includes a user information identification unit which identifies an attribute of a user who has transmitted a DNS query message through a user information obtaining unit and handing over an identification result to a response generation unit, a user information obtaining unit for referring to a user information database to obtain user attribute information of a user who has transmitted a DNS query message, and a response generation unit for searching a response database for a name resolution method relevant to user attribute information handed over from the user information identification unit to conduct name resolution according to the found name resolution method, thereby enabling name resolution to be minutely customized for each attribute of a user.
摘要翻译: 根据本发明的DNS服务器包括用户信息识别单元,其通过用户信息获取单元识别已经发送了DNS查询消息的用户的属性,并且将识别结果交给响应生成单元,获得用户信息 用于参考用户信息数据库以获得已经发送DNS查询消息的用户的用户属性信息的单元,以及响应生成单元,用于搜索响应数据库中的与用户信息所交换的用户属性信息相关的名称解析方法 识别单元根据找到的名称解析方法进行名称解析,从而使得能够针对用户的每个属性精细地定制名称解析。
-
公开(公告)号:US20070160200A1
公开(公告)日:2007-07-12
申请号:US10585997
申请日:2005-01-12
申请人: Yuichi Ishikawa , Norihito Fujita , Akio Iijima , Atsushi Iwata
发明人: Yuichi Ishikawa , Norihito Fujita , Akio Iijima , Atsushi Iwata
IPC分类号: H04L9/30
CPC分类号: H04L63/0428 , H04L61/1511 , H04L61/6013 , H04L63/164
摘要: If the communication partner of a client node (A1a) is an encryption communication target node (C1), a DNS Proxy unit (A12a) in the client node rewrites a response to a name resolution request for the communication partner node of an application from the actual IP address of the communication partner node to a loopback address that changes depending on the communication partner. On the basis of the destination loopback address of a data packet transmitted from the application, a communication encryption module (A13a) in the client node identifies the communication partner and the encryption communication path to be used for communication with the communication partner. Hence, encryption communication can simultaneously be executed directly with a plurality of communication partner nodes by using the communication encryption module that operates as an independent process.
摘要翻译: 如果客户端节点(A1a)的通信伙伴是加密通信目标节点(C1),则客户机节点中的DNS代理单元(A12a)重写对通信伙伴节点的名称解析请求的响应 从通信伙伴节点的实际IP地址到根据通信伙伴而改变的环回地址的应用。 基于从应用发送的数据分组的目的地环回地址,客户端节点中的通信加密模块(A13a)识别通信伙伴和用于与通信伙伴进行通信的加密通信路径。 因此,通过使用作为独立进程操作的通信加密模块,可以与多个通信伙伴节点直接同时执行加密通信。
-
公开(公告)号:US07774592B2
公开(公告)日:2010-08-10
申请号:US10585850
申请日:2004-12-28
申请人: Yuichi Ishikawa , Norihito Fujita , Akio Iijima , Atsushi Iwata
发明人: Yuichi Ishikawa , Norihito Fujita , Akio Iijima , Atsushi Iwata
IPC分类号: H04L29/06 , G06F7/04 , G06F15/16 , G06F17/30 , G06F15/173
CPC分类号: H04L63/0428
摘要: A DNS Proxy unit (A12a) holds the domain name of an encrypted communication target node in a CUG setting table (A125a), intercepts a name resolution request for a communication partner node output from an application (A11x) to a DNS server (B1a), determines by looking up the CUG setting table (A125a) whether the communication partner is an encrypted communication target node, and if the communication partner is an encrypted communication target node, registers the IP address of the name-resolved communication partner in an encrypted communication path setting table (A142a). A data packet sent from the application (A11x) to the IP address is intercepted by a data transmission/reception unit (A14a). A data packet to an IP address registered in the encrypted communication path setting table (A142a) is encrypted by a communication encryption unit (A141a) and transmitted to the communication partner. In this way, in executing encrypted communication with a plurality of communication partners by using a communication encryption function provided by an OS, setting of the encrypted communication target node can be done by using a domain name.
摘要翻译: DNS代理单元(A12a)将加密的通信目标节点的域名保存在CUG设置表(A125a)中,截取从应用(A11x)向DNS服务器(B1a)输出的通信伙伴节点的名称解析请求, 通过查找CUG设置表(A125a)来确定通信伙伴是否是加密的通信目标节点,并且如果通信伙伴是加密的通信目标节点,则将加密通信中的名称解析的通信伙伴的IP地址注册 路径设置表(A142a)。 从应用(A11x)发送到IP地址的数据分组被数据发送/接收单元(A14a)截取。 登记在加密通信路径设定表(A142a)中的IP地址的数据分组由通信加密单元(A141a)进行加密,并发送给通信伙伴。 以这种方式,通过使用由OS提供的通信加密功能来执行与多个通信伙伴的加密通信,可以通过使用域名来设置加密的通信目标节点。
-
公开(公告)号:US08812754B2
公开(公告)日:2014-08-19
申请号:US12813891
申请日:2010-06-11
CPC分类号: H04L49/10
摘要: A network relay device includes a packet buffer for temporarily storing a received packet, and a packet buffer control section for changing an effective buffer number depending on the received amount of packet. When a traffic amount is small, the packet buffer control section reduces the power consumption by stopping the feeding of power or the supply of clock to a part of the packet buffers. The network relay device further includes plural table memories storing a table for deciding the transfer destination of packet, and a table memory control section for changing an effective table number according to a required number of table entries. When the required table entry number is small, the table memory control section reduces the power consumption by stopping the feeding of power or the supply of clock to a part of the table memories.
摘要翻译: 网络中继装置包括用于临时存储接收到的分组的分组缓冲器,以及用于根据接收到的分组数量改变有效缓冲器数目的分组缓冲器控制部分。 当业务量小时,分组缓冲器控制部分通过停止向一部分分组缓冲器供电或提供时钟来降低功耗。 网络中继装置还包括多个表存储器,其存储用于决定分组的传送目的地的表,以及表存储器控制部,用于根据所需的表条目数来更改有效的表号。 当所需的表格入口号小时,表存储器控制部分通过停止向台式存储器的一部分供电或提供时钟来降低功耗。
-
公开(公告)号:USD694194S1
公开(公告)日:2013-11-26
申请号:US29408233
申请日:2011-12-08
-
10.发明授权Communication system of client terminals and relay server and communication method 有权客户终端通信系统和中继服务器及通信方式公开(公告)号:US08583912B2
公开(公告)日:2013-11-12
申请号:US11850899
申请日:2007-09-06
申请人: Yuichi Ishikawa , Toshio Koide
发明人: Yuichi Ishikawa , Toshio Koide
IPC分类号: H04L29/06
CPC分类号: H04L9/0833 , H04L9/0838 , H04L2209/601
摘要: In a client terminal of a communication system, a cipher session establishing section establishes a cipher session use connection between the client terminal as a source client terminal and a relay server by transmitting/receiving a cipher session establishment message between the source client terminal and the relay server, and notifies header information contained in a cipher session header to the relay server. A shared key managing section holds a client shared key with a destination client terminal, A data enciphering section performs encipherment of a data and/or MAC (Message Authentication Code) calculation of the data by using the client shared key and to output the performing result as a client cipher data. A message producing section produces a data communication message including a cipher data field in which the client cipher data is inserted and a non-cipher data field in which the cipher session header containing the header information is inserted. A transmitting section transmits the data communication messages destined to the destination client terminal to the relay server by using the cipher session use connection.
摘要翻译: 在通信系统的客户终端中,密码会话建立单元通过在源客户终端和中继站之间发送/接收加密会话建立消息来建立作为源客户终端的客户终端与中继服务器之间的加密会话使用连接 服务器,并将包含在密码会话报头中的报头信息通知给中继服务器。 共享密钥管理部分与目的客户终端保持客户端共享密钥,数据加密部分通过使用客户端共享密钥对数据进行数据和/或MAC(消息认证码)的计算,并输出执行结果 作为客户端密码数据。 消息产生部分产生包括其中插入客户端密码数据的密码数据字段的数据通信消息和其中插入包含标题信息的密码会话报头的非加密数据字段。 发送部通过使用密码会话使用连接将发往目的地客户终端的数据通信消息发送给中继服务器。
-
-
-
-
-
-
-
-
-
搜索结果
103 条记录 (耗时 0.026 秒)