Security for protocol traversal
First Claim
1. A method for protecting packets to be sent from a first network node to a second network node, comprising the steps of:
- generating validity information for a packet, wherein the validity information comprises all necessary information required for performing a validity check of the packet;
generating a header for the packet, comprising the validity information; and
sending the packet including the header from a first network node to a second network node.
9 Assignments
0 Petitions
Accused Products
Abstract
A method for protecting packets to be sent from a first network node to a second network node is provided. According to one embodiment, the method includes the steps of generating validity information for a packet, and generating a header for the packet, including the validity information. The method also includes the step of sending the packet including the header from the first network node to the second network node. The validity information includes all necessary information required for performing a validity check of the packet. Thus, no pre-established security association is needed to verify the validity of a packet.
76 Citations
41 Claims
-
1. A method for protecting packets to be sent from a first network node to a second network node, comprising the steps of:
-
generating validity information for a packet, wherein the validity information comprises all necessary information required for performing a validity check of the packet;
generating a header for the packet, comprising the validity information; and
sending the packet including the header from a first network node to a second network node. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A network node for sending packets to a receiving network node, comprising:
-
first generating means for generating validity information for a packet;
second generating means for generating a header for the packet, comprising the validity information; and
sending means for sending the packet including the header to a receiving network node, wherein the validity information comprises all necessary information required for performing a validity check of the packet. - View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33)
-
-
19. A network node comprising:
-
receiving means for receiving packets from a sending network node; and
performing means for performing a validity check of a packet by referring to validity information contained in a header of the packet, wherein the validity information comprises all necessary information required for performing the validity check of the packet. - View Dependent Claims (36, 38, 40)
-
-
20. A network node comprising:
-
forwarding means for forwarding packets from a sending network node to a receiving network node; and
performing means for performing a validity check of a packet by referring to validity information contained in a header of the packet, wherein the validity information comprises all necessary information required for performing a validity check of the packet. - View Dependent Claims (37, 39, 41)
-
-
34. A network system comprising:
-
a first network node configured to send a packet, wherein the first network node comprises first generating means for generating validity information for a packet, second generating means for generating a header for the packet, comprising the validity information;
sending means for sending the packet including the header to a receiving network node, wherein the validity information comprises all necessary information required for performing a validity check of the packet; and
a second network node configured to receive the packet, wherein the second network node comprises performing means for performing a validity check of a packet by referring to validity information contained in a header of the packet, wherein the validity information comprises all necessary information required for performing the validity check of the packet. - View Dependent Claims (35)
-
Specification