Method for secure packet-based communication between two units via an intermedia unit

US 20040037284A1
Filed: 09/08/2003
Published: 02/26/2004
Est. Priority Date: 11/08/2000
Status: Abandoned Application

First Claim

Patent Images

1. A method for packet based data communication between a first unit (1) and a second unit (3), wherein said first unit (1) communicate via an intermediate unit (2), each unit being identified by at least one address, comprising the steps of:

retrieving, at said first unit (1), from said intermediate unit (2) an address of said at least one address identifying said intermediate unit;

using said retrieved address as source address when forming a first data packet in said first unit (1);

sending said first data packet from said first unit (1) to said intermediate unit (2); and

forwarding said first data packet from said intermediate unit to said second unit using said retrieved address, wherein the step of sending said first data packet from said first unit (1) to said intermediate unit (2) comprises the sub-steps of;

encapsulating, at said first unit (1), said first data packet into a new data packet having one of said at least one address identifying said first unit as source address;

sending said new data packet from said first unit (1) to said intermediate unit (2); and

decapsulating, at said intermediate unit (2), said new data packet in order to obtain said first data packet in original form.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system for packet based data communication between a first unit (1) and a second unit (3), wherein said first unit (1) communicate via an intermediate unit (2), each unit being identified by at least one address. The method comprises the steps of retrieving, at said first unit (1), from said intermediate unit (2) and address of said at least one address identifying said intermediate unit. The retrieved address is used as source address when forming a first data packet in said first unit (1). The data packet is tunneled from said first unit (1) to said intermediate unit (2) and then sent from said intermediate unit to said second unit.

Citations

12 Claims

1. A method for packet based data communication between a first unit (1) and a second unit (3), wherein said first unit (1) communicate via an intermediate unit (2), each unit being identified by at least one address, comprising the steps of:
- retrieving, at said first unit (1), from said intermediate unit (2) an address of said at least one address identifying said intermediate unit;
  
  using said retrieved address as source address when forming a first data packet in said first unit (1);
  
  sending said first data packet from said first unit (1) to said intermediate unit (2); and
  
  forwarding said first data packet from said intermediate unit to said second unit using said retrieved address, wherein the step of sending said first data packet from said first unit (1) to said intermediate unit (2) comprises the sub-steps of;
  
  encapsulating, at said first unit (1), said first data packet into a new data packet having one of said at least one address identifying said first unit as source address;
  
  sending said new data packet from said first unit (1) to said intermediate unit (2); and
  
  decapsulating, at said intermediate unit (2), said new data packet in order to obtain said first data packet in original form.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. A method according to claim 1, further comprising the step of:
    - reserving said retrieved address at said intermediate unit.
  - 3. A method according to claim 2, wherein said reservation is temporarily and lasts for a specified time period.
  - 4. A method according to any of the preceding claims, comprising the further step of:
    - applying, at said first unit (1), security information based on said retrieved address to said first data packet.
  - 5. A method according to claim 4, comprising the further step of:
    - verifying, at said second unit (3), the data and transport information of said first data packet using said security information.
  - 6. A method according to claim 4 or 5, wherein the added security information is an authentication header.
  - 7. A method according to any of the preceding claims, where in the data packets are transported and formed according to the TCP/IP protocol.
  - 8. A method according to claim 7 as appendant on claim 4, wherein said security information is applied using the IPSec protocol.
  - 9. A method according to any of the preceding claims, further comprising the steps of:
    - sending a second data packet from said second unit to said intermediate unit, said second data packet having an address of said at least one address identifying said intermediate unit as destination address; and
      
      tunneling said second data packet from said intermediate unit to said first unit.

10. A system for transmitting at least one data packet from a first unit (1) to a second unit (3), wherein said first unit (1) communicate via an intermediate unit (2), each unit having at least one address, comprising:
- means at said first unit (1) for retrieving from said intermediate unit (2) an address of said at least one address identifying said intermediate unit (2), means at said first unit (1) for using said retrieved address as source address when forming a first data packet in said first unit (1);
  
  means for sending said first data packet from said first unit (1) to said intermediate unit (2); and
  
  means at said intermediate (2) unit for forwarding said first data packet from said intermediate unit (2) to said second unit (3) using said retrieved address;
  
  wherein said means for sending said first data packet from said first unit (1) to said intermediate unit (2) comprises;
  
  means for encapsulating, at said first unit (1), said first data packet into a new data packet having one of said at least one address identifying said first unit as source address;
  
  means for sending said new data packet from said first unit (1) to said intermediate unit (2); and
  
  and means for decapsulating, at said intermediate unit (2), said new data packet in order to obtain said first data packet in original form.
- View Dependent Claims (11, 12)
- - 11. A system according to claim 10, comprising means, at said first unit (1), for applying security information based on said retrieved address to said first data packet.
  - 12. A system according to claim 10 or 11, wherein said first unit comprises an adapter for handling a physical communication device and a network stack, where the means for retrieving and sending at said first unit operates between said network stack and said adapter.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Icomera AB (ENGIE SA)
Original Assignee
Icomera AB (ENGIE SA)
Inventors
Hojlund, Mats, Bergek, Martin

Application Number

US10/416,201
Publication Number

US 20040037284A1
Time in Patent Office

Days
Field of Search
US Class Current

370/392
CPC Class Codes

H04L 63/0428   wherein the data content is...

H04L 63/0471   applying encryption by an i...

H04L 63/123   received data contents, e.g...

H04L 63/164   at the network layer

H04L 69/08   Protocols for interworking;...

Method for secure packet-based communication between two units via an intermedia unit

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

Method for secure packet-based communication between two units via an intermedia unit

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links