Encryption error monitoring system and method for packet transmission
First Claim
1. An encryption error monitoring system for checking packets transmitted between a private network and an external network, said system comprising:
- a detector module (60) configured to be connected to receive said packet for determining whether or not said packet is successfully encrypted in accordance with a specific security protocol, said detector module being configured to read from said packet a sender'"'"'s address and a destination address, and to provide an error signal when said packet is judged not to be successfully encrypted, a manager module (80) which is configured to be connected to said detector module within said private network, and to create, upon receipt of said error signal, a report including said sender'"'"'s address and said destination address with regard to the packet determined not to be successfully encrypted, said detector module including a judge means (66) configured to read a header (31) included in said packet and checks whether or not said header includes a protocol code that matches with a particular code identifying said specific security protocol, said judge means providing said error signal when said header does not include the protocol code that matches with said particular code.
2 Assignments
0 Petitions
Accused Products
Abstract
An encryption error monitoring system for checking packets transmitted between a private network and an external network. The system includes includes a detector module (60) which is connected to receive the packet for determining whether or not the packet is successfully encrypted in accordance with a specific security protocol such as IPSec (Internet Protocol Security). The detector module reads from the packet a sender'"'"'s address and a destination address, and provides an error signal when the packet is judged not to be successfully encrypted. A manager module (80) is connected to the detector module within the private network to create, upon receipt of the error signal, a report including the sender'"'"'s address and the destination address with regard to the packet judged not to be successfully encrypted. The detector module is configured to have a judge means (66) which reads a header of the packet and checks whether or not the header includes a protocol code that matches with a particular code identifying the specific security protocol. When the header does not include the protocol code in match with the particular code, the judge means provides the error signal to notify the encryption error. Thus, the encryption error can be determined only by referring to the unencrypted header and therefore without necessitating the decryption of the packet.
-
Citations
11 Claims
-
1. An encryption error monitoring system for checking packets transmitted between a private network and an external network, said system comprising:
-
a detector module (60) configured to be connected to receive said packet for determining whether or not said packet is successfully encrypted in accordance with a specific security protocol, said detector module being configured to read from said packet a sender'"'"'s address and a destination address, and to provide an error signal when said packet is judged not to be successfully encrypted, a manager module (80) which is configured to be connected to said detector module within said private network, and to create, upon receipt of said error signal, a report including said sender'"'"'s address and said destination address with regard to the packet determined not to be successfully encrypted, said detector module including a judge means (66) configured to read a header (31) included in said packet and checks whether or not said header includes a protocol code that matches with a particular code identifying said specific security protocol, said judge means providing said error signal when said header does not include the protocol code that matches with said particular code. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. An encryption error monitoring method for checking encrypted packets transmitted between a private network and an external network, said method comprising the steps of:
-
acquiring a security protocol code which identifies a specific security protocol relied upon for encrypting an original packet into said encrypted packet, said security protocol code being different from an original protocol code included in said original packet, reading an unencrypted header (31) of said encrypted packet to take therefrom a protocol code in addition to a sender'"'"'s address and a destination address;
comparing said protocol code with said security protocol code to determine an encryption error when both codes are found identical to each other;
creating a report listing said sender'"'"'s address and said destination address in response to said encryption error. - View Dependent Claims (8, 9, 10, 11)
-
Specification