-
1.发明申请METHODS, SYSTEMS, AND COMPUTER READABLE MEDIA FOR OFFLOADING INTERNET PROTOCOL SECURITY (IPSEC) PROCESSING USING AN IPSEC PROXY MECHANISM 审中-公开使用IPSEC代理机制卸载互联网协议安全(IPSEC)处理的方法,系统和计算机可读介质公开(公告)号:US20110113236A1
公开(公告)日:2011-05-12
申请号:US12938077
申请日:2010-11-02
申请人: Sylvain Chenard , Allain Legacy , Donald Penney , Matthew Peters
发明人: Sylvain Chenard , Allain Legacy , Donald Penney , Matthew Peters
IPC分类号: H04L9/00
CPC分类号: H04L63/164 , H04L63/0471 , H04L63/0485
摘要: Methods, systems, and computer readable media for offloading IPsec processing from application hosts using an IPsec proxy mechanism are disclosed. According to one method, at least one of unencrypted, IPsec, and Internet key exchange (IKE) packets transmitted between a first application host and a second application host are intercepted by a network gateway. The network gateway performs all IKE and IPsec-related processing for the at least one unencrypted, IPsec, and IKE packets on behalf of the first application host such that the second application host is unaware that IPsec processing is being performed by the network gateway.
摘要翻译: 公开了使用IPsec代理机制从应用主机卸载IPsec处理的方法,系统和计算机可读介质。 根据一种方法,在第一应用主机和第二应用主机之间传输的未加密,IPsec和因特网密钥交换(IKE)分组中的至少一个被网关拦截。 网络网关代表第一应用主机对至少一个未加密IPsec和IKE分组执行所有IKE和IPsec相关处理,使得第二应用主机不知道网络网关正在执行IPsec处理。
-
公开(公告)号:US08490172B2
公开(公告)日:2013-07-16
申请号:US13115948
申请日:2011-05-25
申请人: Allain Legacy , Matthew Peters
发明人: Allain Legacy , Matthew Peters
IPC分类号: H04L29/06
CPC分类号: H04L63/0209 , H04L63/0428 , H04L63/164 , H04L67/1027
摘要: According to one aspect, the subject matter described herein includes a method for communicating an encrypted data packet. The method includes steps occurring at a first gateway node. The method also includes receiving a data packet from a first host. The method further includes determining that a first security association (SA) instance associated with the data packet is in an inactive state. The method further includes identifying a second SA instance that is both associated with the data packet and in an active state. The method further includes forwarding the data packet to the second SA instance.
-
3.发明申请METHODS, SYSTEMS, AND COMPUTER READABLE MEDIA FOR ADAPTIVE ASSIGNMENT OF AN ACTIVE SECURITY ASSOCIATION INSTANCE IN A REDUNDANT GATEWAY CONFIGURATION 有权方法,系统和计算机可读介质,用于自动分配冗余网关配置中的活动安全关联实例公开(公告)号:US20120304276A1
公开(公告)日:2012-11-29
申请号:US13115948
申请日:2011-05-25
申请人: Allain Legacy , Matthew Peters
发明人: Allain Legacy , Matthew Peters
IPC分类号: G06F21/00
CPC分类号: H04L63/0209 , H04L63/0428 , H04L63/164 , H04L67/1027
摘要: According to one aspect, the subject matter described herein includes a method for communicating an encrypted data packet. The method includes steps occurring at a first gateway node. The method also includes receiving a data packet from a first host. The method further includes determining that a first security association (SA) instance associated with the data packet is in an inactive state. The method further includes identifying a second SA instance that is both associated with the data packet and in an active state. The method further includes forwarding the data packet to the second SA instance.
摘要翻译: 根据一个方面,本文描述的主题包括用于传送加密数据分组的方法。 该方法包括在第一网关节点处发生的步骤。 该方法还包括从第一主机接收数据分组。 该方法还包括确定与数据分组相关联的第一安全关联(SA)实例处于非活动状态。 该方法还包括识别与数据分组相关联并处于活动状态的第二SA实例。 该方法还包括将数据分组转发到第二SA实例。
-
4.发明授权Methods, systems, and computer readable media for adaptive assignment of an active security association instance in a redundant gateway configuration 有权用于在冗余网关配置中自动分配活动安全关联实例的方法,系统和计算机可读介质公开(公告)号:US08984619B2
公开(公告)日:2015-03-17
申请号:US13941079
申请日:2013-07-12
CPC分类号: H04L63/0209 , H04L63/0428 , H04L63/164 , H04L67/1027
摘要: According to one aspect, the subject matter described herein includes a method for communicating an encrypted data packet. The method includes steps occurring at a first gateway node. The method also includes receiving a data packet from a first host. The method further includes determining that a first security association (SA) instance associated with the data packet is in an inactive state. The method further includes identifying a second SA instance that is both associated with the data packet and in an active state. The method further includes forwarding the data packet to the second SA instance.
摘要翻译: 根据一个方面,本文描述的主题包括用于传送加密数据分组的方法。 该方法包括在第一网关节点处发生的步骤。 该方法还包括从第一主机接收数据分组。 该方法还包括确定与数据分组相关联的第一安全关联(SA)实例处于非活动状态。 该方法还包括识别与数据分组相关联并处于活动状态的第二SA实例。 该方法还包括将数据分组转发到第二SA实例。
-
5.发明申请SYSTEMS, METHODS, AND COMPUTER PROGRAM PRODUCTS FOR RECORDING SERVICE STATUS OF APPLICATIONS 有权用于记录服务状态的系统,方法和计算机程序产品公开(公告)号:US20140281524A1
公开(公告)日:2014-09-18
申请号:US13803695
申请日:2013-03-14
申请人: Allain Legacy
发明人: Allain Legacy
IPC分类号: H04L29/08
CPC分类号: H04L63/20 , G06F9/45516 , G06F11/1482 , G06F11/2023 , G06F11/2025 , G06F11/2035 , G06F11/2041 , G06F11/2097 , G06F11/30 , G06F21/602 , H04L63/164 , H04L67/10
摘要: A method for use in a system with multiple processor-based devices, the method including: running a first application on a first processor-based device; maintaining a second application in a standby mode on the first processor-based device; and providing a service to each of the first and second applications on the first processor-based device by a service-providing application on the first processor-based device, wherein providing the service includes maintaining a record regarding service statuses of the first application and the second application in which the record stores a respective entry for each of the first and second applications to reflect an active service status for the first application and a standby service status of the second application.
摘要翻译: 一种在具有多个基于处理器的设备的系统中使用的方法,所述方法包括:在第一基于处理器的设备上运行第一应用; 在第一基于处理器的设备上保持待机模式下的第二应用; 以及通过所述第一基于处理器的设备上的服务提供应用程序向所述第一基于处理器的设备上的所述第一应用和第二应用中的每一个提供服务,其中,提供所述服务包括维护关于所述第一应用的服务状态的记录, 第二应用,其中记录存储用于第一和第二应用中的每一个的相应条目以反映第一应用的活动服务状态和第二应用的待机服务状态。
-
6.发明申请Methods, Systems, and Computer Readable Media for Adaptive Assignment of an Active Security Association Instance in a Redundant Gateway Configuration 有权方法,系统和计算机可读介质,用于自适应分配冗余网关配置中的活动安全关联实例公开(公告)号:US20130305347A1
公开(公告)日:2013-11-14
申请号:US13941079
申请日:2013-07-12
IPC分类号: H04L29/06
CPC分类号: H04L63/0209 , H04L63/0428 , H04L63/164 , H04L67/1027
摘要: According to one aspect, the subject matter described herein includes a method for communicating an encrypted data packet. The method includes steps occurring at a first gateway node. The method also includes receiving a data packet from a first host. The method further includes determining that a first security association (SA) instance associated with the data packet is in an inactive state. The method further includes identifying a second SA instance that is both associated with the data packet and in an active state. The method further includes forwarding the data packet to the second SA instance.
摘要翻译: 根据一个方面,本文描述的主题包括用于传送加密数据分组的方法。 该方法包括在第一网关节点处发生的步骤。 该方法还包括从第一主机接收数据分组。 该方法还包括确定与数据分组相关联的第一安全关联(SA)实例处于非活动状态。 该方法还包括识别与数据分组相关联并处于活动状态的第二SA实例。 该方法还包括将数据分组转发到第二SA实例。
-
-
-
-
-
搜索结果
6 条记录 (耗时 0.021 秒)
