Method and apparatus for control of security protocol negotiation
US7120930B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Jun 13, 2002 |
| Grant date | Oct 10, 2006 |
| Priority date | — |
| Expiry date | Nov 4, 2024 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L69/24
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
Method and apparatus for enhanced security for communication over a network, and more particularly to control of security protocol negotiation to enable multiple clients to establish a virtual private network connection with a same remote address, is described. A mapping table accessible by a gateway computer is used to form associations between a local address for the client and a destination address for a peer and a Security Parameters Index associated with IPSec-protected traffic from the peer. When a packet is received at the gateway from a client it is checked to determine if it is an Internet Key Exchange (IKE) packet, whether an IKE session has already been recorded from this client in the mapping table for the destination address in the IKE packet, whether a Security Parameters Index has been observed in the clear from a remote computer associated with the destination address.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.