-
公开(公告)号:US07774592B2
公开(公告)日:2010-08-10
申请号:US10585850
申请日:2004-12-28
申请人: Yuichi Ishikawa , Norihito Fujita , Akio Iijima , Atsushi Iwata
发明人: Yuichi Ishikawa , Norihito Fujita , Akio Iijima , Atsushi Iwata
IPC分类号: H04L29/06 , G06F7/04 , G06F15/16 , G06F17/30 , G06F15/173
CPC分类号: H04L63/0428
摘要: A DNS Proxy unit (A12a) holds the domain name of an encrypted communication target node in a CUG setting table (A125a), intercepts a name resolution request for a communication partner node output from an application (A11x) to a DNS server (B1a), determines by looking up the CUG setting table (A125a) whether the communication partner is an encrypted communication target node, and if the communication partner is an encrypted communication target node, registers the IP address of the name-resolved communication partner in an encrypted communication path setting table (A142a). A data packet sent from the application (A11x) to the IP address is intercepted by a data transmission/reception unit (A14a). A data packet to an IP address registered in the encrypted communication path setting table (A142a) is encrypted by a communication encryption unit (A141a) and transmitted to the communication partner. In this way, in executing encrypted communication with a plurality of communication partners by using a communication encryption function provided by an OS, setting of the encrypted communication target node can be done by using a domain name.
摘要翻译: DNS代理单元(A12a)将加密的通信目标节点的域名保存在CUG设置表(A125a)中,截取从应用(A11x)向DNS服务器(B1a)输出的通信伙伴节点的名称解析请求, 通过查找CUG设置表(A125a)来确定通信伙伴是否是加密的通信目标节点,并且如果通信伙伴是加密的通信目标节点,则将加密通信中的名称解析的通信伙伴的IP地址注册 路径设置表(A142a)。 从应用(A11x)发送到IP地址的数据分组被数据发送/接收单元(A14a)截取。 登记在加密通信路径设定表(A142a)中的IP地址的数据分组由通信加密单元(A141a)进行加密,并发送给通信伙伴。 以这种方式,通过使用由OS提供的通信加密功能来执行与多个通信伙伴的加密通信,可以通过使用域名来设置加密的通信目标节点。
-
2.发明授权Encryption communication system, apparatus and method for allowing direct encryption communication with a plurality of nodes 有权加密通信系统,用于允许与多个节点进行直接加密通信的装置和方法公开(公告)号:US08356169B2
公开(公告)日:2013-01-15
申请号:US10585997
申请日:2005-01-12
申请人: Yuichi Ishikawa , Norihito Fujita , Akio Iijima , Atsushi Iwata
发明人: Yuichi Ishikawa , Norihito Fujita , Akio Iijima , Atsushi Iwata
IPC分类号: H04L29/06
CPC分类号: H04L63/0428 , H04L61/1511 , H04L61/6013 , H04L63/164
摘要: If the communication partner of a client node (A1a) is an encryption communication target node (C1), a DNS Proxy unit (A12a) in the client node rewrites a response to a name resolution request for the communication partner node of an application from the actual IP address of the communication partner node to a loopback address that changes depending on the communication partner. On the basis of the destination loopback address of a data packet transmitted from the application, a communication encryption module (A13a) in the client node identifies the communication partner and the encryption communication path to be used for communication with the communication partner. Hence, encryption communication can simultaneously be executed directly with a plurality of communication partner nodes by using the communication encryption module that operates as an independent process.
摘要翻译: 如果客户端节点(A1a)的通信伙伴是加密通信目标节点(C1),则客户机节点中的DNS代理单元(A12a)从应用程序的通信伙伴节点重写对于应用的通信伙伴节点的名称解析请求的响应, 通信伙伴节点的实际IP地址到根据通信伙伴而改变的环回地址。 基于从应用发送的数据分组的目的地环回地址,客户端节点中的通信加密模块(A13a)识别通信对方和用于与通信对方通信的加密通信路径。 因此,通过使用作为独立进程操作的通信加密模块,可以与多个通信伙伴节点直接同时执行加密通信。
-
公开(公告)号:US20070160200A1
公开(公告)日:2007-07-12
申请号:US10585997
申请日:2005-01-12
申请人: Yuichi Ishikawa , Norihito Fujita , Akio Iijima , Atsushi Iwata
发明人: Yuichi Ishikawa , Norihito Fujita , Akio Iijima , Atsushi Iwata
IPC分类号: H04L9/30
CPC分类号: H04L63/0428 , H04L61/1511 , H04L61/6013 , H04L63/164
摘要: If the communication partner of a client node (A1a) is an encryption communication target node (C1), a DNS Proxy unit (A12a) in the client node rewrites a response to a name resolution request for the communication partner node of an application from the actual IP address of the communication partner node to a loopback address that changes depending on the communication partner. On the basis of the destination loopback address of a data packet transmitted from the application, a communication encryption module (A13a) in the client node identifies the communication partner and the encryption communication path to be used for communication with the communication partner. Hence, encryption communication can simultaneously be executed directly with a plurality of communication partner nodes by using the communication encryption module that operates as an independent process.
摘要翻译: 如果客户端节点(A1a)的通信伙伴是加密通信目标节点(C1),则客户机节点中的DNS代理单元(A12a)重写对通信伙伴节点的名称解析请求的响应 从通信伙伴节点的实际IP地址到根据通信伙伴而改变的环回地址的应用。 基于从应用发送的数据分组的目的地环回地址,客户端节点中的通信加密模块(A13a)识别通信伙伴和用于与通信伙伴进行通信的加密通信路径。 因此,通过使用作为独立进程操作的通信加密模块,可以与多个通信伙伴节点直接同时执行加密通信。
-
公开(公告)号:US20080235507A1
公开(公告)日:2008-09-25
申请号:US10585850
申请日:2004-12-28
申请人: Yuichi Ishikawa , Norihito Fujita , Akio Iijima , Atsushi Iwata
发明人: Yuichi Ishikawa , Norihito Fujita , Akio Iijima , Atsushi Iwata
IPC分类号: H04L9/00
CPC分类号: H04L63/0428
摘要: A DNS Proxy unit (A12a) holds the domain name of an encrypted communication target node in a CUG setting table (A125a), intercepts a name resolution request for a communication partner node output from an application (A11x) to a DNS server (B1a), determines by looking up the CUG setting table (A125a) whether the communication partner is an encrypted communication target node, and if the communication partner is an encrypted communication target node, registers the IP address of the name-resolved communication partner in an encrypted communication path setting table (A142a). A data packet sent from the application (A11x) to the IP address is intercepted by a data transmission/reception unit (A14a). A data packet to an IP address registered in the encrypted communication path setting table (A142a) is encrypted by a communication encryption unit (A141a) and transmitted to the communication partner. In this way, in executing encrypted communication with a plurality of communication partners by using a communication encryption function provided by an OS, setting of the encrypted communication target node can be done by using a domain name.
摘要翻译: DNS代理单元(A12a)将加密的通信目标节点的域名保存在CUG设置表(A125a)中,截取从应用(A 11 x)输出的通信伙伴节点的名称解析请求到 DNS服务器(B1a)通过查找CUG设置表(A 125a)来确定通信伙伴是否是加密的通信目标节点,并且如果通信伙伴是加密的通信目标节点,则注册该IP地址 在加密通信路径设置表(A 142a)中的名称解析通信伙伴。 从应用程序(A 11 x)发送到IP地址的数据分组被数据发送/接收单元(A14a)截取。 登记在加密通信路径设定表(A 142a)中的IP地址的数据分组由通信加密单元(A 141a)进行加密,并发送给通信伙伴。 以这种方式,通过使用由OS提供的通信加密功能来执行与多个通信伙伴的加密通信,可以通过使用域名来设置加密的通信目标节点。
-
5.发明申请公开(公告)号:US20100054252A1
公开(公告)日:2010-03-04
申请号:US12461739
申请日:2009-08-21
申请人: Norihito Fujita , Atsushi Iwata , Akira Arutaki , Yuichi Ishikawa
发明人: Norihito Fujita , Atsushi Iwata , Akira Arutaki , Yuichi Ishikawa
CPC分类号: H04L29/12066 , H04L29/06 , H04L29/12018 , H04L61/10 , H04L61/1511 , H04L69/16 , H04L69/161
摘要: When a packet transfer equipment receives a packet, it extracts several types of information contained in the received packet such as the destination IP address and the destination port number and, using the extracted information as the key, inquires of a packet transfer method resolution server about the information related to the packet transfer method. The server keeps the correspondences between several types of information contained in the packet and one or more type of information related to the packet transfer method in the database and, in response to the inquiry from the packet transfer equipment, replies one or more type of information related to the packet transfer method. The packet transfer equipment rewrites several types of information such as the destination IP address and the destination port number according to one or more type of information obtained and transfers the received packet.
摘要翻译: 当分组传送设备接收到分组时,它提取接收分组中包含的几种类型的信息,例如目的地IP地址和目的地端口号,并且使用提取的信息作为密钥,查询分组传送方法分辨率服务器 与数据包传输方式相关的信息。 服务器保持数据包中包含的几种类型的信息与数据库中与数据包传送方法有关的一种或多种类型的信息之间的对应关系,并且响应于来自分组传送设备的询问,回复一种或多种类型的信息 与数据包传输方法有关。 分组传送设备根据获得的一种或多种类型的信息重写诸如目的地IP地址和目的地端口号的几种类型的信息,并传送接收到的分组。
-
公开(公告)号:US07840699B2
公开(公告)日:2010-11-23
申请号:US10785191
申请日:2004-02-25
申请人: Norihito Fujita , Yuichi Ishikawa , Atsushi Iwata
发明人: Norihito Fujita , Yuichi Ishikawa , Atsushi Iwata
IPC分类号: G06F15/173
CPC分类号: H04L29/12066 , H04L29/06 , H04L61/1511 , H04L63/0281 , H04L63/08 , H04L67/306 , H04L69/329
摘要: The DNS server according to the present invention includes a user information identification unit which identifies an attribute of a user who has transmitted a DNS query message through a user information obtaining unit and handing over an identification result to a response generation unit, a user information obtaining unit for referring to a user information database to obtain user attribute information of a user who has transmitted a DNS query message, and a response generation unit for searching a response database for a name resolution method relevant to user attribute information handed over from the user information identification unit to conduct name resolution according to the found name resolution method, thereby enabling name resolution to be minutely customized for each attribute of a user.
摘要翻译: 根据本发明的DNS服务器包括用户信息识别单元,其通过用户信息获取单元识别已经发送了DNS查询消息的用户的属性,并且将识别结果交给响应生成单元,获得用户信息 用于参考用户信息数据库以获得已经发送DNS查询消息的用户的用户属性信息的单元,以及响应生成单元,用于搜索响应数据库中的与用户信息所交换的用户属性信息相关的名称解析方法 识别单元根据找到的名称解析方法进行名称解析,从而使得能够针对用户的每个属性精细地定制名称解析。
-
7.发明授权公开(公告)号:US07594029B2
公开(公告)日:2009-09-22
申请号:US10642750
申请日:2003-08-19
申请人: Norihito Fujita , Atsushi Iwata , Akira Arutaki , Yuichi Ishikawa
发明人: Norihito Fujita , Atsushi Iwata , Akira Arutaki , Yuichi Ishikawa
IPC分类号: G06F15/173
CPC分类号: H04L29/12066 , H04L29/06 , H04L29/12018 , H04L61/10 , H04L61/1511 , H04L69/16 , H04L69/161
摘要: When a packet transfer equipment receives a packet, it extracts several types of information contained in the received packet such as the destination IP address and the destination port number and, using the extracted information as the key, inquires of a packet transfer method resolution server about the information related to the packet transfer method. The server keeps the correspondences between several types of information contained in the packet and one or more type of information related to the packet transfer method in the database and, in response to the inquiry from the packet transfer equipment, replies one or more type of information related to the packet transfer method. The packet transfer equipment rewrites several types of information such as the destination IP address and the destination port number according to one or more type of information obtained and transfers the received packet.
摘要翻译: 当分组传送设备接收到分组时,它提取接收分组中包含的几种类型的信息,例如目的地IP地址和目的地端口号,并且使用提取的信息作为密钥,查询分组传送方法分辨率服务器 与数据包传输方式相关的信息。 服务器保持数据包中包含的几种类型的信息与数据库中与数据包传送方法有关的一种或多种类型的信息之间的对应关系,并且响应于来自分组传送设备的询问,回复一种或多种类型的信息 与数据包传输方法有关。 分组传送设备根据获得的一种或多种类型的信息重写诸如目的地IP地址和目的地端口号的几种类型的信息,并传送接收到的分组。
-
8.发明授权Recording head with high-frequency oscillator and bi-layer main pole height/width arrangement 有权录音头采用高频振荡器和双层主极高/宽布置公开(公告)号:US08705204B2
公开(公告)日:2014-04-22
申请号:US13591012
申请日:2012-08-21
IPC分类号: G11B5/31
CPC分类号: G11B5/3116 , G11B2005/0002
摘要: According to one embodiment, a main pole of a recording head includes a first magnetic pole layer and a second magnetic pole layer laminated on the trailing side of the first magnetic pole layer. The first magnetic pole layer includes a tapered portion and a first tip portion. The second magnetic pole layer includes a tapered portion and a second tip portion. A width in a track direction of the second tip portion is smaller than that of the first tip portion. The high-frequency oscillator is between the second tip portion and the trailing shield and includes a width in the track direction substantially equal to the width in the track direction of the second tip portion, and a height of the first tip portion is taller than that of the second tip portion.
摘要翻译: 根据一个实施例,记录头的主极包括层叠在第一磁极层的后侧上的第一磁极层和第二磁极层。 第一磁极层包括锥形部分和第一末端部分。 第二磁极层包括锥形部分和第二尖端部分。 第二前端部的轨道方向的宽度小于第一前端部的宽度。 所述高频振荡器位于所述第二前端部与所述后屏蔽之间,并且包括所述轨道方向上的宽度大致等于所述第二前端部的轨道方向的宽度,所述第一前端部的高度高于所述第二前端部的高度。 的第二尖端部分。
-
公开(公告)号:US20080037557A1
公开(公告)日:2008-02-14
申请号:US11577001
申请日:2005-10-13
申请人: Norihito Fujita , Yuuichi Ishikawa
发明人: Norihito Fujita , Yuuichi Ishikawa
IPC分类号: H04L12/28
CPC分类号: H04L63/0272 , H04L12/4633 , H04L12/4641 , H04L63/164 , H04L63/166
摘要: A VPN gateway (A11) includes a WAN interface (A111) for exchanging packets with client nodes (C1, C2, D1, D2) via IPsec tunnels (B11-B14) set on the WAN side, a LAN interface (A112) for exchanging packets with server nodes (A131-A136) connected to the LAN side, a session relay unit (A114) for temporarily terminating a first communication session to be set for a sever node from a client node, and setting a second communication session that relays the first communication session to the server node, and an SSL processor (A116) for making the second communication session into an SSL. This arrangement makes it possible to dynamically allocate the servers in a data center (A1) to a VPN, permit only an authenticated server to communicate with another node in the VPN, and prevent wiretapping and tampering of communication performed by the server.
摘要翻译: VPN网关(A11)包括:WAN接口(A 111),用于经由在WAN侧设置的IPsec隧道(B 11〜B 14)与客户机节点(C 1,C 2,D 1,D 2) 用于与连接到LAN侧的服务器节点(A 131 -A 136)交换分组的LAN接口(A 112),用于临时终止要为服务节点设置的第一通信会话的会话中继单元(A 114) 客户端节点,以及设置将第一通信会话中继到服务器节点的第二通信会话;以及用于使第二通信会话进入SSL的SSL处理器(A 116)。 这种安排使得可以将数据中心(A 1)中的服务器动态地分配到VPN,只允许经过身份验证的服务器与VPN中的另一个节点进行通信,并防止对服务器执行的通信进行窃听和篡改。
-
公开(公告)号:US20070195794A1
公开(公告)日:2007-08-23
申请号:US11573623
申请日:2005-08-09
申请人: Norihito Fujita , Toshio Koide
发明人: Norihito Fujita , Toshio Koide
IPC分类号: H04L12/56
CPC分类号: H04L45/02 , H04L12/4633 , H04L12/4641 , H04L12/4675
摘要: A node A21 sets a communication tunnel for encapsulating a data link packet with other nodes joining in a virtual LAN to a peer-to-peer type, and comprises a packet forward table A2141 for forwarding the data link layer packet received from a communication tunnel to another communication tunnel. In addition, the node A21 reconfigures the topology of the virtual LAN using a topology calculation unit A2153 when another node withdrew from the virtual LAN, and opens or removes communication tunnels according to the reconfigured topology using a tunnel control unit A2152.
摘要翻译: 节点A 21设置用于将连接在虚拟LAN中的其他节点的数据链路分组封装为对等类型的通信隧道,并且包括用于转发从通信接收的数据链路层分组的分组转发表A2141 隧道到另一个通信隧道。 另外,当另一节点退出虚拟LAN时,节点A 21使用拓扑计算单元A 2153重新配置虚拟LAN的拓扑,并且使用隧道控制单元A 2152根据重新配置的拓扑来打开或去除通信隧道。
-
-
-
-
-
-
-
-
-
搜索结果
41 条记录 (耗时 0.032 秒)
