WO2004092930A3 - Transparent ipsec processing inline between a framer and a network component - Google Patents
Transparent ipsec processing inline between a framer and a network component Download PDFInfo
- Publication number
- WO2004092930A3 WO2004092930A3 PCT/US2004/009738 US2004009738W WO2004092930A3 WO 2004092930 A3 WO2004092930 A3 WO 2004092930A3 US 2004009738 W US2004009738 W US 2004009738W WO 2004092930 A3 WO2004092930 A3 WO 2004092930A3
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- framer
- transparent
- network component
- packet
- ipsec processing
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/045—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply hybrid encryption, i.e. combination of symmetric and asymmetric encryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0485—Networking architectures for enhanced packet encryption processing, e.g. offloading of IPsec packet processing or efficient security association look-up
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
- H04L63/164—Implementing security features at a particular protocol layer at the network layer
Abstract
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2006509485A JP2006524959A (en) | 2003-04-12 | 2004-03-30 | Transparent IPSEC that handles inline between framer and network components |
EP04749529.6A EP1614250B1 (en) | 2003-04-12 | 2004-03-30 | Transparent ipsec processing inline between a framer and a network component |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US10/411,909 US7398386B2 (en) | 2003-04-12 | 2003-04-12 | Transparent IPSec processing inline between a framer and a network component |
US10/411,909 | 2003-04-12 |
Publications (2)
Publication Number | Publication Date |
---|---|
WO2004092930A2 WO2004092930A2 (en) | 2004-10-28 |
WO2004092930A3 true WO2004092930A3 (en) | 2005-05-26 |
Family
ID=33131103
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/US2004/009738 WO2004092930A2 (en) | 2003-04-12 | 2004-03-30 | Transparent ipsec processing inline between a framer and a network component |
Country Status (4)
Country | Link |
---|---|
US (1) | US7398386B2 (en) |
EP (1) | EP1614250B1 (en) |
JP (2) | JP2006524959A (en) |
WO (1) | WO2004092930A2 (en) |
Families Citing this family (45)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7398386B2 (en) | 2003-04-12 | 2008-07-08 | Cavium Networks, Inc. | Transparent IPSec processing inline between a framer and a network component |
US7974284B2 (en) * | 2003-06-27 | 2011-07-05 | Broadcom Corporation | Single and double tagging schemes for packet processing in a network device |
US20050034045A1 (en) * | 2003-08-08 | 2005-02-10 | Lueck Andrew W. | System for optimizing PCI-Express communications |
US7620041B2 (en) * | 2004-04-15 | 2009-11-17 | Alcatel-Lucent Usa Inc. | Authentication mechanisms for call control message integrity and origin verification |
US7422152B2 (en) | 2004-05-13 | 2008-09-09 | Cisco Technology, Inc. | Methods and devices for providing scalable RFID networks |
US7895431B2 (en) * | 2004-09-10 | 2011-02-22 | Cavium Networks, Inc. | Packet queuing, scheduling and ordering |
US8316431B2 (en) * | 2004-10-12 | 2012-11-20 | Canon Kabushiki Kaisha | Concurrent IPsec processing system and method |
US7509431B2 (en) * | 2004-11-17 | 2009-03-24 | Cisco Technology, Inc. | Performing message and transformation adapter functions in a network element on behalf of an application |
US8458467B2 (en) | 2005-06-21 | 2013-06-04 | Cisco Technology, Inc. | Method and apparatus for adaptive application message payload content transformation in a network infrastructure element |
US7664879B2 (en) | 2004-11-23 | 2010-02-16 | Cisco Technology, Inc. | Caching content and state data at a network element |
US7987272B2 (en) | 2004-12-06 | 2011-07-26 | Cisco Technology, Inc. | Performing message payload processing functions in a network element on behalf of an application |
US7496750B2 (en) * | 2004-12-07 | 2009-02-24 | Cisco Technology, Inc. | Performing security functions on a message payload in a network element |
US7725934B2 (en) | 2004-12-07 | 2010-05-25 | Cisco Technology, Inc. | Network and application attack protection based on application layer message inspection |
US7606267B2 (en) | 2004-12-10 | 2009-10-20 | Cisco Technology, Inc. | Reducing the sizes of application layer messages in a network element |
US8082304B2 (en) | 2004-12-10 | 2011-12-20 | Cisco Technology, Inc. | Guaranteed delivery of application layer messages by a network element |
US7551567B2 (en) * | 2005-01-05 | 2009-06-23 | Cisco Technology, Inc. | Interpreting an application message at a network element using sampling and heuristics |
US7698416B2 (en) | 2005-01-25 | 2010-04-13 | Cisco Technology, Inc. | Application layer message-based server failover management by a network element |
GB2422752A (en) * | 2005-02-01 | 2006-08-02 | 3Com Corp | Deciphering encapsulated and enciphered UDP datagrams |
GB2424556A (en) * | 2005-03-23 | 2006-09-27 | 3Com Corp | Packet fragment deciphering with cipher state storage |
US7535907B2 (en) * | 2005-04-08 | 2009-05-19 | Oavium Networks, Inc. | TCP engine |
US8266327B2 (en) | 2005-06-21 | 2012-09-11 | Cisco Technology, Inc. | Identity brokering in a network element |
US7345585B2 (en) | 2005-08-01 | 2008-03-18 | Cisco Technology, Inc. | Network based device for providing RFID middleware functionality |
AU2005218009B2 (en) * | 2005-09-28 | 2011-01-27 | Canon Kabushiki Kaisha | Decoupled header and packet processing in IPsec |
KR100670817B1 (en) * | 2005-12-09 | 2007-01-19 | 한국전자통신연구원 | Method and apparatus for implementation ipsec engine in ixdp2851 |
US7797406B2 (en) * | 2006-07-27 | 2010-09-14 | Cisco Technology, Inc. | Applying quality of service to application messages in network elements based on roles and status |
US20080052531A1 (en) * | 2006-08-11 | 2008-02-28 | Id-Catch Ab | Device and Method for Secure Biometric Applications |
US8379638B2 (en) * | 2006-09-25 | 2013-02-19 | Certes Networks, Inc. | Security encapsulation of ethernet frames |
US8190881B2 (en) | 2007-10-15 | 2012-05-29 | Foundry Networks Llc | Scalable distributed web-based authentication |
US8635440B2 (en) | 2007-12-13 | 2014-01-21 | Microsoft Corporation | Proxy with layer 3 security |
US7817636B2 (en) | 2008-01-30 | 2010-10-19 | Cisco Technology, Inc. | Obtaining information on forwarding decisions for a packet flow |
AT507262B1 (en) * | 2008-08-27 | 2011-04-15 | Sgl Carbon Se | METHOD FOR REPROCESSING SOLID OR MELTING SUBSTANCES |
US9128769B2 (en) | 2011-10-13 | 2015-09-08 | Cavium, Inc. | Processor with dedicated virtual functions and dynamic assignment of functional resources |
US9129060B2 (en) | 2011-10-13 | 2015-09-08 | Cavium, Inc. | QoS based dynamic execution engine selection |
US9083563B2 (en) * | 2012-06-29 | 2015-07-14 | Avaya, Inc. | Method for reducing processing latency in a multi-thread packet processor with at least one re-order queue |
US9231865B2 (en) * | 2012-08-10 | 2016-01-05 | Wisconsin Alumni Research Foundation | Lookup engine with reconfigurable low latency computational tiles |
US9106618B2 (en) * | 2013-01-23 | 2015-08-11 | Alcatel Lucent | Control plane encryption in IP/MPLS networks |
WO2015039710A1 (en) * | 2013-09-19 | 2015-03-26 | Huawei Technologies Co., Ltd. | Method and device for end-to-end cyclic redundancy check over multiple data units |
US9461815B2 (en) * | 2013-10-18 | 2016-10-04 | Advanced Micro Devices, Inc. | Virtualized AES computational engine |
US9438414B2 (en) * | 2013-10-18 | 2016-09-06 | Advanced Micro Devices, Inc. | Virtualized SHA computational engine |
US9729574B2 (en) | 2014-02-14 | 2017-08-08 | Alcatel Lucent | Seamless switchover for anti-replay connections in multiple network processor systems |
WO2018142571A1 (en) * | 2017-02-03 | 2018-08-09 | 三菱電機株式会社 | Transfer apparatus and communication network |
US11108751B2 (en) * | 2017-10-27 | 2021-08-31 | Nicira, Inc. | Segmentation of encrypted segments in networks |
US10721172B2 (en) | 2018-07-06 | 2020-07-21 | Marvell Asia Pte, Ltd. | Limiting backpressure with bad actors |
DE102019116510A1 (en) * | 2019-06-18 | 2020-12-24 | Beckhoff Automation Gmbh | Network participants and automation network |
US11646997B2 (en) * | 2021-03-19 | 2023-05-09 | Charter Communications Operating, Llc | Data transmission method with selective latency reduction |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20020042875A1 (en) * | 2000-10-11 | 2002-04-11 | Jayant Shukla | Method and apparatus for end-to-end secure data communication |
Family Cites Families (16)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7032242B1 (en) * | 1998-03-05 | 2006-04-18 | 3Com Corporation | Method and system for distributed network address translation with network security features |
US6141705A (en) | 1998-06-12 | 2000-10-31 | Microsoft Corporation | System for querying a peripheral device to determine its processing capabilities and then offloading specific processing tasks from a host to the peripheral device when needed |
US6253321B1 (en) * | 1998-06-19 | 2001-06-26 | Ssh Communications Security Ltd. | Method and arrangement for implementing IPSEC policy management using filter code |
US20030037235A1 (en) * | 1998-08-19 | 2003-02-20 | Sun Microsystems, Inc. | System for signatureless transmission and reception of data packets between computer networks |
US7107614B1 (en) * | 1999-01-29 | 2006-09-12 | International Business Machines Corporation | System and method for network address translation integration with IP security |
US7370348B1 (en) | 1999-07-30 | 2008-05-06 | Intel Corporation | Technique and apparatus for processing cryptographic services of data in a network system |
US6678734B1 (en) * | 1999-11-13 | 2004-01-13 | Ssh Communications Security Ltd. | Method for intercepting network packets in a computing device |
US6327625B1 (en) * | 1999-11-30 | 2001-12-04 | 3Com Corporation | FIFO-based network interface supporting out-of-order processing |
US7000120B1 (en) * | 1999-12-23 | 2006-02-14 | Nokia Corporation | Scheme for determining transport level information in the presence of IP security encryption |
US6708218B1 (en) * | 2000-06-05 | 2004-03-16 | International Business Machines Corporation | IpSec performance enhancement using a hardware-based parallel process |
US7028332B1 (en) * | 2000-06-13 | 2006-04-11 | Intel Corporation | Method and apparatus for preventing packet retransmissions during IPsec security association establishment |
US7131137B1 (en) * | 2000-06-29 | 2006-10-31 | Intel Corporation | Communication system including a security system |
US7155740B2 (en) * | 2000-07-13 | 2006-12-26 | Lucent Technologies Inc. | Method and apparatus for robust NAT interoperation with IPSEC'S IKE and ESP tunnel mode |
JP2002271417A (en) * | 2001-03-06 | 2002-09-20 | Hitachi Cable Ltd | Tunneling device |
US8161539B2 (en) * | 2002-04-19 | 2012-04-17 | International Business Machines Corporation | IPSec network adapter verifier |
US7398386B2 (en) | 2003-04-12 | 2008-07-08 | Cavium Networks, Inc. | Transparent IPSec processing inline between a framer and a network component |
-
2003
- 2003-04-12 US US10/411,909 patent/US7398386B2/en active Active
-
2004
- 2004-03-30 JP JP2006509485A patent/JP2006524959A/en active Pending
- 2004-03-30 WO PCT/US2004/009738 patent/WO2004092930A2/en active Application Filing
- 2004-03-30 EP EP04749529.6A patent/EP1614250B1/en not_active Expired - Lifetime
-
2010
- 2010-06-09 JP JP2010131757A patent/JP5074558B2/en not_active Expired - Lifetime
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20020042875A1 (en) * | 2000-10-11 | 2002-04-11 | Jayant Shukla | Method and apparatus for end-to-end secure data communication |
Also Published As
Publication number | Publication date |
---|---|
EP1614250B1 (en) | 2015-08-26 |
JP2006524959A (en) | 2006-11-02 |
US7398386B2 (en) | 2008-07-08 |
US20040205336A1 (en) | 2004-10-14 |
WO2004092930A2 (en) | 2004-10-28 |
JP2010259081A (en) | 2010-11-11 |
EP1614250A2 (en) | 2006-01-11 |
EP1614250A4 (en) | 2011-03-23 |
JP5074558B2 (en) | 2012-11-14 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2004092930A3 (en) | Transparent ipsec processing inline between a framer and a network component | |
AU2001288755A1 (en) | Apparatus and method for selectively encrypting different the payload portion of multimedia data sent over a network | |
DE60126119D1 (en) | CONTENT MANAGEMENT METHOD, CONTENT PROCESS AND APPARATUS | |
BR9910416B1 (en) | method, device and protocol for determining the optimal size of the transmitting and retransmitting data block at varying communication speeds. | |
WO2002079949A3 (en) | Internet security system | |
WO2005046178A3 (en) | Method and apparatus for providing network security using security labeling | |
AU2001269794A1 (en) | Method and apparatus for enhancing network security protection server performance | |
EP2312556B8 (en) | Map data product, map data processing program product, map data processing method, and map data processing device | |
BR0112510A (en) | Secure Packet-Based Data Broadcast Architecture | |
AU2001281147A1 (en) | Methods, apparatus and data structures for providing access to an edge router ofa network | |
WO2002019229A8 (en) | Method and system for financial data aggregation, analysis and reporting | |
MXPA02010189A (en) | Methods and apparatus for heuristic firewall. | |
AU2003236284A1 (en) | Communication system, information processing device, and method | |
AU2002315462A1 (en) | Method and apparatus in data packet processing | |
ATE470311T1 (en) | PROCESSING OF ENCRYPTED DATA PACKET STREAM | |
WO2005001637A3 (en) | Method and apparatus for client-in-charge business transaction processing | |
GB2408368B (en) | Apparatus, system and method for enhancing data security | |
AU2003226243A1 (en) | Method and system for budgeting resources dedicated to processing non-voice data traffic | |
NO20025013L (en) | Device and method for numeric group publishing, encryption device and decryption device | |
FI20030845A0 (en) | Data processing method, receiver and network device | |
EP1681811A4 (en) | Communication system, information processing apparatus, server, and communication method | |
EP1351183A3 (en) | Sequence data combining method, apparatus and program | |
HK1044246A1 (en) | Information providing apparatus, server apparatus and information processing method | |
TW200605547A (en) | Method and apparatus for processing header bits and payload bits | |
WO2004112341A3 (en) | Method and device for processing real-time data |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A2 Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NA NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A2 Designated state(s): BW GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LU MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
WWE | Wipo information: entry into national phase |
Ref document number: 2006509485 Country of ref document: JP |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2004749529 Country of ref document: EP |
|
WWP | Wipo information: published in national office |
Ref document number: 2004749529 Country of ref document: EP |