公开(公告)号：US20070136601A1

公开(公告)日：2007-06-14

申请号：US11598139

申请日：2006-11-13

申请人： Take-Jung Kwon ,  Young-Han Kim ,  Sou-Hwan Jung ,  Jae-Duck Choi ,  Sun-Gi Kim

发明人： Take-Jung Kwon ,  Young-Han Kim ,  Sou-Hwan Jung ,  Jae-Duck Choi ,  Sun-Gi Kim

IPC分类号： H04L9/00

CPC分类号： H04L63/08 ,  H04L63/1441

摘要： Provided are a system and method for allocating an Internet protocol version 4 (IPv4) address through authentication of a dual stack transition mechanism (DSTM) node in a DSTM communication network, DSTM being an IPv4/IPv6 address translation mechanism. The system and method perform authentication when an IPv4 address is allocated between a DSTM node and the DSTM server in the DSTM communication network. According to the system and method, when the DSTM node requests IPv4 address allocation, the DSTM server authenticates the DSTM node, and then allocates an IPv4 address. Therefore, it is possible to solve a problem of exhaustion of an IPv4 address pool of the DSTM server by a denial of service (DoS) attack, as well as potentially solve a security problem of an IPv4/IPv6 translation process.

摘要翻译： 提供了一种通过DSTM通信网络中的双栈转换机制（DSTM）节点的认证来分配因特网协议版本4（IPv4）地址的系统和方法，DSTM是IPv4 / IPv6地址转换机制。 当在DSTM通信网络中的DSTM节点和DSTM服务器之间分配IPv4地址时，系统和方法执行认证。 根据系统和方法，当DSTM节点请求IPv4地址分配时，DSTM服务器对DSTM节点进行认证，然后分配IPv4地址。 因此，可以通过拒绝服务（DoS）攻击来解决DSTM服务器的IPv4地址池耗尽的问题，并且可能解决IPv4 / IPv6转换过程的安全问题。

公开(公告)号：US20060253701A1

公开(公告)日：2006-11-09

申请号：US11119727

申请日：2005-05-03

申请人： Sun-Gi Kim ,  Young-Han Kim ,  Sou-Hwan Jung ,  In-Seok Choi ,  Byung-Chang Kang ,  Yong-Seok Park ,  Du-Young Oh

发明人： Sun-Gi Kim ,  Young-Han Kim ,  Sou-Hwan Jung ,  In-Seok Choi ,  Byung-Chang Kang ,  Yong-Seok Park ,  Du-Young Oh

IPC分类号： H04L9/00

CPC分类号： H04L63/08 ,  H04L29/12358 ,  H04L29/125 ,  H04L61/251 ,  H04L61/2564 ,  H04L63/164

摘要： A method for providing end-to-end security service in a communication network having an NAT-PT function comprises: performing security negotiation between a first node included in a first communication network having the network address translation-protocol translation function and a second node included in a second communication network operating with a protocol different from the first communication network; storing protocol translation information generated when the security negotiation is performed in the first node; and performing security transmission between the first and second nodes using the stored protocol translation information. The method transmits the address translation information to the ends in advance, thereby being capable of applying the security service using the address information on transmitting the data between hosts in the communication network using the address translation method.

摘要翻译： 一种用于在具有NAT-PT功能的通信网络中提供端到端安全服务的方法包括：在包括在具有网络地址转换协议转换功能的第一通信网络中的第一节点和包括第二节点之间执行安全协商 在与第一通信网络不同的协议操作的第二通信网络中; 存储在所述第一节点中执行所述安全协商时生成的协议转换信息; 以及使用所存储的协议翻译信息在所述第一和第二节点之间执行安全传输。 该方法提前发送地址转换信息，从而能够使用地址信息来应用安全服务，该地址信息用于使用地址转换方法在通信网络中的主机之间传送数据。

公开(公告)号：US08315218B2

公开(公告)日：2012-11-20

申请号：US12702751

申请日：2010-02-09

申请人： Jin-Hyoung Kim ,  Sun-Gi Kim ,  Dae-Hyung Kwon ,  Choong-Seon Hong ,  Jin-Ho Kim ,  Byung-Goo Choi

发明人： Jin-Hyoung Kim ,  Sun-Gi Kim ,  Dae-Hyung Kwon ,  Choong-Seon Hong ,  Jin-Ho Kim ,  Byung-Goo Choi

IPC分类号： H04W4/00

CPC分类号： H04W36/385 ,  Y02D70/144 ,  Y02D70/22

摘要： A method is provided for registering a mobile router in an Internet Protocol version 6 over Low power Wireless Personal Area Network (6LoWPAN) network. The mobile router detects movement into a wireless network through the reception of a beacon message, and sends a Router Solicitation (RS) message requesting registration in the wireless network to a gateway. The gateway acquires an address of the mobile router from the RS message, stores the acquired address, assigns a new address to be used in the wireless network to the mobile router, and sends a Router Advertisement (RA) message with assigned address information and gateway address information, to the mobile router. The mobile router acquires the assigned address information and the gateway address information from the RA message.

摘要翻译： 提供了一种用于通过低功率无线个人区域网（6LoWPAN）网络在互联网协议版本6中注册移动路由器的方法。 移动路由器通过接收信标消息来检测到无线网络的移动，并且向无线网络发送请求在无线网络中注册的路由器请求（RS）消息。 网关从RS消息中获取移动路由器的地址，存储获取的地址，将无线网络中要使用的新地址分配给移动路由器，并发送具有分配的地址信息和网关的路由器通告（RA）消息 地址信息，到移动路由器。 移动路由器从RA消息获取分配的地址信息和网关地址信息。

公开(公告)号：US20060251071A1

公开(公告)日：2006-11-09

申请号：US11385825

申请日：2006-03-22

申请人： Jong-Sang Oh ,  Sun-Shin An ,  Woo-Jin Park ,  Dae-Hee Kim ,  Sun-Gi Kim

发明人： Jong-Sang Oh ,  Sun-Shin An ,  Woo-Jin Park ,  Dae-Hee Kim ,  Sun-Gi Kim

IPC分类号： H04L12/56

CPC分类号： H04L47/10 ,  H04L47/2441 ,  H04L47/29 ,  H04L69/12 ,  H04L69/22

摘要： An apparatus and method for processing Internet protocol (IP) packets using a network processor, wherein functions of the network processor are dynamically allocated to threads according to an amount of received packets by a type thereof. As a result, the use efficiency of the network processor is improved, and the speed of processing of the packets is increased accordingly.

摘要翻译： 一种用于使用网络处理器处理因特网协议（IP）分组的装置和方法，其中，根据接收到的分组的数量，网络处理器的功能被动态地分配给线程。 结果，提高了网络处理器的使用效率，并且相应地增加了分组的处理速度。

公开(公告)号：US08315219B2

公开(公告)日：2012-11-20

申请号：US12702793

申请日：2010-02-09

申请人： Jin-Hyoung Kim ,  Sun-Gi Kim ,  Dae-Hyung Kwon ,  Choong-Seon Hong ,  Jin-Ho Kim ,  Byung-Goo Choi ,  Jihyuk Hgo

发明人： Jin-Hyoung Kim ,  Sun-Gi Kim ,  Dae-Hyung Kwon ,  Choong-Seon Hong ,  Jin-Ho Kim ,  Byung-Goo Choi ,  Jihyuk Hgo

IPC分类号： H04W4/00

CPC分类号： H04W8/06 ,  H04L63/0892 ,  H04W80/04 ,  H04W88/182 ,  Y02D70/144

摘要： A method is provided for supporting mobility of a Mobile Node (MN) in a multi-hop Internet Protocol (IP) network, in which an MN that has moved from a source Personal Area Network (PAN) to a target PAN, sends a Router Solicitation (RS) message with an option for requesting its profile to a gateway of the target PAN, and receives a Router Advertisement (RA) message from the gateway in response to the RS message. The RA message includes a home prefix of the MN as the requested profile. The method supports mobility of MNs, enables unicast communication, and facilitates efficient use of the network.

摘要翻译： 提供了一种用于支持移动节点（MN）在多跳互联网协议（IP）网络中的移动性的方法，其中已经从源个人局域网（PAN）移动到目标PAN的MN发送路由器 索引（RS）消息具有用于向目标PAN的网关请求其简档的选项，并且响应于RS消息从网关接收路由器通告（RA）消息。 RA消息包括MN的归属前缀作为请求的简档。 该方法支持MN的移动性，实现单播通信，并有助于网络的有效利用。

公开(公告)号：US20070198735A1

公开(公告)日：2007-08-23

申请号：US11649158

申请日：2007-01-04

申请人： Bong-Chan Kim ,  Sun-Gi Kim ,  Jae-Hwoon Lee ,  Kang-Young Moon

发明人： Bong-Chan Kim ,  Sun-Gi Kim ,  Jae-Hwoon Lee ,  Kang-Young Moon

IPC分类号： G06F15/16

CPC分类号： H04L61/251 ,  H04L29/12358 ,  H04L47/70 ,  H04L47/724 ,  H04L47/783 ,  H04L69/16 ,  H04L69/167

摘要： In a method and system for supporting resource reservation protocol (RSVP) in an Internet protocol version 4 (IPv4)/Internet protocol version 6 (IPv6) hybrid network, the method includes the steps of: transmitting, from a dual stack host in an IPv6 network, an end-to-end quality of service (QoS) session establishment request message to an IPv4 server through a dual stack transition mechanism tunnel end point (DSTM TEP); transmitting, from the IPv4 server, an end-to-end path message to the dual stack host through the DSTM TEP; transmitting, from the DSTM TEP to the dual stack host, a path message for reserving resources in the IPv6 network; transmitting, from the dual stack host, an end-to-end resource reservation request message to the IPv4 server through the DSTM TEP, and making a resource reservation in an IPv4 network; and transmitting, from the dual stack host to the DSTM TEP, a resource reservation request message, and making a resource reservation in the IPv6 network.

摘要翻译： 在用于在互联网协议版本4（IPv4）/互联网协议版本6（IPv6）混合网络中支持资源预留协议（RSVP）的方法和系统中，该方法包括以下步骤：从IPv6中的双栈主机 网络，通过双栈转换机制隧道终点（DSTM TEP）向IPv4服务器提供端到端服务质量（QoS）会话建立请求消息; 从IPv4服务器通过DSTM TEP向双栈主机发送端到端路径消息; 从DSTM TEP向双栈主机发送用于在IPv6网络中预留资源的路径消息; 从双栈主机通过DSTM TEP向IPv4服务器发送端到端资源预留请求消息，并在IPv4网络中进行资源预留; 并从双栈主机向DSTM TEP发送资源预约请求消息，并在IPv6网络中进行资源预留。

公开(公告)号：US20070171929A1

公开(公告)日：2007-07-26

申请号：US11642855

申请日：2006-12-21

申请人： Bong-Cheol Kim ,  Sun-Gi Kim ,  Yong-Seok Park

发明人： Bong-Cheol Kim ,  Sun-Gi Kim ,  Yong-Seok Park

IPC分类号： H04L12/56

CPC分类号： H04L47/527 ,  H04L47/50

摘要： In a queue management method and apparatus in a network processor, enqueue completed and de-queue completed messages are transmitted to a scheduler when a queue manager performs enqueuing and de-queuing operations in the network processor, so that the queue processing time is synchronized between the queue manager and the scheduler. The queue manager in the network processor performs the de-queuing operation, includes the packet size information extracted from de-queued packet identification information in the de-queue completed message, and transmits it to the scheduler, so that the scheduler calculates the correct quantum of the port and queue.

摘要翻译： 在队列管理器在网络处理器中进行排队和排队操作时，在网络处理器中的队列管理方法和装置中，将已完成队列和完成队列的排队队列发送到调度器，以使队列处理时间在 队列管理器和调度程序。 网络处理器中的队列管理器执行去排队操作，包括从去队列完成消息中的去排队分组识别信息中提取的分组大小信息，并将其发送给调度器，从而调度器计算出正确的量子 的端口和队列。

公开(公告)号：US20050163127A1

公开(公告)日：2005-07-28

申请号：US11023622

申请日：2004-12-29

申请人： Yeong Choi ,  Byung-Gu Choe ,  Sun-Gi Kim

发明人： Yeong Choi ,  Byung-Gu Choe ,  Sun-Gi Kim

IPC分类号： H04L12/02 ,  H04L12/28 ,  H04L12/54 ,  H04L12/56 ,  H04Q11/04

CPC分类号： H04L49/3045 ,  H04L49/101 ,  H04L49/252 ,  H04L49/254

摘要： In a buffer switch and scheduling method thereof, conflict sensing and random selection logic configuration are not required. The buffer switch comprises: input buffer units for converting serial data inputted from respective input ports to parallel data; shift and comparison units for comparing currently stored data to parallel data aligned by the input buffer units, for determining paths to output the data depending on data validity, and for calculating a gating time needed to forward the data; output buffer units for outputting the data received via the input ports at the same speed as the speed at reception; a switching unit for gating paths between the shift and comparison units and the output buffer units; and a control unit for establishing the paths by enabling the input buffer units and the output buffer units for the gating time of relevant buffers depending on the establishment paths and the gating time from the shift and comparison unit.

摘要翻译： 在其缓冲交换机及其调度方法中，不需要冲突检测和随机选择逻辑配置。 缓冲器开关包括：用于将从各个输入端口输入的串行数据转换为并行数据的输入缓冲单元; 移位和比较单元，用于将当前存储的数据与由输入缓冲器单元对准的并行数据进行比较，用于根据数据有效性确定输出数据的路径，以及用于计算转发数据所需的门控时间; 输出缓冲器单元，用于以与接收速度相同的速度输出经由输入端口接收的数据; 切换单元，用于选通位移和比较单元与输出缓冲单元之间的路径; 以及控制单元，用于根据来自移动和比较单元的建立路径和选通时间，通过使输入缓冲器单元和输出缓冲器单元用于相关缓冲器的选通时间来建立路径。

公开(公告)号：US08335918B2

公开(公告)日：2012-12-18

申请号：US12238578

申请日：2008-09-26

申请人： Tae-Shik Shon ,  Sun-Gi Kim ,  Hyo-Hyun Choi

发明人： Tae-Shik Shon ,  Sun-Gi Kim ,  Hyo-Hyun Choi

IPC分类号： H04L9/00

CPC分类号： H04L63/0428 ,  H04L63/12 ,  H04L63/1466 ,  H04L63/162

摘要： A medium access control (MAC) frame provision method establishes security in an IEEE 802.15.4 network. A MAC frame is generated, which includes a MAC header, a payload field, and a frame check sequence (FCS) field, the payload field including relevant main data according to a frame type defined in the MAC header. A disguised decoy data sequence number (DSN) is generated and inserted into the MAC header. A real DSN, which is a corresponding transmission sequence number of the MAC frame, is generated and inserted into the payload field. The MAC frame is transmitted, including the encrypted payload field, to a counterpart node. A MAC ACK frame acknowledges reception of the transmitted MAC frame; and a DSN is compared in the received MAC ACK frame with the real DSN. An authentication of the counterpart node is performed when the received MAC ACK frame is equal to the real DSN.

摘要翻译： 介质访问控制（MAC）帧提供方法在IEEE 802.15.4网络中建立安全性。 生成MAC帧，其包括MAC头，有效载荷字段和帧校验序列（FCS）字段，所述有效负载字段根据在MAC报头中定义的帧类型包括相关主数据。 生成伪装的诱饵数据序列号（DSN）并将其插入到MAC头中。 产生作为MAC帧的相应传输序列号的真实DSN并将其插入到有效载荷字段中。 将MAC帧发送到对方节点，包括加密的有效载荷字段。 MAC ACK帧确认所发送的MAC帧的接收; 并且在接收到的MAC ACK帧中与DSN进行比较。 当接收的MAC ACK帧等于实际DSN时，执行对方节点的认证。

公开(公告)号：US20090089577A1

公开(公告)日：2009-04-02

申请号：US12238578

申请日：2008-09-26

申请人： Tae-Shik SHON ,  Sun-Gi Kim ,  Hyo-Hyun Choi

发明人： Tae-Shik SHON ,  Sun-Gi Kim ,  Hyo-Hyun Choi

IPC分类号： H04L9/00

CPC分类号： H04L63/0428 ,  H04L63/12 ,  H04L63/1466 ,  H04L63/162

摘要： A medium access control (MAC) frame provision method establishes security in an IEEE 802.15.4 network. A MAC frame is generated, which includes a MAC header, a payload field, and a frame check sequence (FCS) field, the payload field including relevant main data according to a frame type defined in the MAC header. A disguised decoy data sequence number (DSN) is generated and inserted into the MAC header. A real DSN, which is a corresponding transmission sequence number of the MAC frame, is generated and inserted into the payload field. The MAC frame is transmitted, including the encrypted payload field, to a counterpart node. A MAC ACK frame acknowledges reception of the transmitted MAC frame; and a DSN is compared in the received MAC ACK frame with the real DSN. An authentication of the counterpart node is performed when the received MAC ACK frame is equal to the real DSN.

摘要翻译： 介质访问控制（MAC）帧提供方法在IEEE 802.15.4网络中建立安全性。 生成MAC帧，其包括MAC头，有效载荷字段和帧校验序列（FCS）字段，所述有效负载字段根据在MAC报头中定义的帧类型包括相关主数据。 生成伪装的诱饵数据序列号（DSN）并将其插入到MAC头中。 产生作为MAC帧的相应传输序列号的真实DSN并将其插入到有效载荷字段中。 将MAC帧发送到对方节点，包括加密的有效载荷字段。 MAC ACK帧确认所发送的MAC帧的接收; 并且在接收到的MAC ACK帧中与DSN进行比较。 当接收的MAC ACK帧等于实际DSN时，执行对方节点的认证。