-
1.发明公开公开(公告)号:US20240323173A1
公开(公告)日:2024-09-26
申请号:US18612609
申请日:2024-03-21
发明人: Young Rang KIM
IPC分类号: H04L9/40 , H04L43/026 , H04L69/22
CPC分类号: H04L63/08 , H04L43/026 , H04L63/101 , H04L69/22
摘要: Disclosed is a gateway which includes a communication circuit, a memory, and a processor operatively connected with the communication circuit and the memory. The processor receives a data packet of a node through a network processing layer, identifies whether there is data flow corresponding to the data packet of the node and authorized from an external server, inspects authentication information of the data packet, when there is a need to inspect the authentication information of the data packet based on authentication information included in the data flow, and inserts and forwards data flow identification information capable of being identified by an application processing layer into the data packet to the application processing layer.
-
2.发明公开公开(公告)号:US20240259349A1
公开(公告)日:2024-08-01
申请号:US18592995
申请日:2024-03-01
发明人: Young Rang KIM
CPC分类号: H04L63/029 , H04L12/4633
摘要: A node includes a communication circuit, a processor, and a memory storing an access control application. The memory stores instructions, when executed by the processor, causing the node to detect a network access event for a destination network, by means of the access control application, identify whether there are data flow and a tunnel corresponding to the destination network and authorized from an external server, by means of the access control application, and transmit a data packet through the tunnel, when there are the authorized data flow and the authorized tunnel. The tunnel is generated between the node and a gateway based on tunneling information received from the external server. The tunneling information includes information about tunnels and gateways in which the node is able to perform tunneling among the tunnels and gateways listed by the external server based on a node environment of the node and a network environment.
-
公开(公告)号:US20240244044A1
公开(公告)日:2024-07-18
申请号:US18559519
申请日:2022-04-27
发明人: Young Rang KIM
IPC分类号: H04L9/40
CPC分类号: H04L63/08 , H04L63/029
摘要: A node includes a communication circuit, a processor operatively connected to the communication circuit, and a memory operatively connected to the processor and storing a reception application and an access control application, and the memory stores instructions that, when executed by the processor, cause the node to detect an event of a network reception from a source network of the reception application through the access control application, to determine whether a data flow, which corresponds to identification information of the reception application, a service port, and the source network and is authorized from an external server exists, through the access control application, to receive a data packet using the communication circuit, when the authorized data flow exists and the reception application is attempting to receive, and to drop the data packet when the authorized data flow information does not exist or the reception application is not attempting to receive.
-
4.发明公开公开(公告)号:US20240348540A1
公开(公告)日:2024-10-17
申请号:US18630509
申请日:2024-04-09
发明人: Young Rang KIM
IPC分类号: H04L45/00 , H04L9/40 , H04L43/026 , H04L47/2483 , H04L69/22
CPC分类号: H04L45/38 , H04L43/026 , H04L47/2483 , H04L63/0227 , H04L63/08 , H04L69/22
摘要: Disclosed is a gateway which includes a communication circuit, a memory, and a processor operatively connected with the communication circuit and the memory. The processor receives a data packet of a node through a network processing layer, identifies whether there is data flow corresponding to the data packet of the node and authorized from an external server, inspects authentication information of the data packet, when there is a need to inspect the authentication information of the data packet based on authentication information included in the data flow, generates data flow identification information capable of being identified by an application processing layer based on the data packet and forward the data packet to the application processing layer, and processes the forwarded data packet based on the data flow identification information by means of the application processing layer.
-
公开(公告)号:US20240340274A1
公开(公告)日:2024-10-10
申请号:US18628405
申请日:2024-04-05
发明人: Young Rang KIM
IPC分类号: H04L9/40
CPC分类号: H04L63/08
摘要: Disclosed is a gateway which a communication circuit, a memory, and a processor operatively connected with the communication circuit and the memory. The processor receives a service request from a node, identifies whether the service request is received through at least any one of a tunnel authorized by an external server, a security session, or a logical connection, identifies whether there is data flow corresponding to the service request and authorized by the external server, generates authentication information to be inserted into the service request, based on authentication information included in the data flow, and inserts and forwards the authentication information to be inserted into the service request and information associated with the node into the service request to a service server.
-
公开(公告)号:US20240223545A1
公开(公告)日:2024-07-04
申请号:US18558038
申请日:2022-04-27
发明人: Young Rang KIM
IPC分类号: H04L9/40
CPC分类号: H04L63/0485 , H04L9/40 , H04L63/306
摘要: A node according to an embodiment disclosed in the present specification includes a communication circuit, a processor operatively connected to the communication circuit, and a memory operatively connected to the processor and that stores a target application and a access control application, and the memory stores instructions that when executed by the processor, cause the node to detect an event of a network access with respect to a destination network of the target application through the access control application, to determine whether a data flow and a tunnel, which correspond to identification information of the target application and the destination network and are authorized from an external server exist through the access control application, to determine whether an inspection of a data packet of the target application is necessary based on data packet inspection information included in the authorized data flow when the authorized data flow and the authorized tunnel exist, to inspect the data packet based on a rule database included in the data packet inspection information when the inspection of the data packet is necessary, and to forward the data packet based on the authorized data flow and the authorized tunnel when the inspection of the data packet is not necessary or when a result of the inspection of the data packet is successful.
-
公开(公告)号:US20240080299A1
公开(公告)日:2024-03-07
申请号:US18503786
申请日:2023-11-07
发明人: Young Rang KIM
IPC分类号: H04L9/40
CPC分类号: H04L63/0236 , H04L63/0876 , H04L63/102
摘要: A node according to an embodiment of the present disclosure includes a communication circuit, a processor operatively connected to the communication circuit, and a memory operatively connected to the processor and that stores a target application and an access control application, and the memory stores instructions that, when executed by the processor, cause the node to receive tunnel generation information necessary to generate a gateway and a tunnel from an external server, through the access control application, to request the gateway to generate the tunnel based on the tunnel generation information, through the access control application, to receive static IP information assigned to the node or each user of the node from the gateway, through the access control application, and to transmit the static IP information to the external server, through the access control application.
-
-
-
-
-
-
搜索结果
7 条记录 (耗时 0.016 秒)
