Communication system, router, method of communication, method of routing, and computer program product
First Claim
1. A communication system, comprising:
- a server connected to a first network; and
a router connected to the first network, wherein the server includes an option setting unit that grants to a response packet that is a response to a packet which is destined for an anycast address and which is sent from a communication apparatus connected to a second network different from the first network, anycast address option information which indicates that an anycast address is allocated to a sender of the response packet;
a field putting unit that puts a signature field for a setting of an electronic signature in the response packet; and
a transmitting unit that transmits to the communication apparatus the response packet in which the anycast address option information has been set and the signature field has been put; and
the router includes a receiving unit that receives the response packet sent from the server to the communication apparatus;
a sender validating unit that validates whether the response packet is sent from a legitimate server based on the anycast address option information if the response packet includes the anycast address option information;
a validation information setting unit that sets an electronic signature based on information related with the response packet in the signature field put in the response packet, when the response packet is validated to be sent from the legitimate server; and
a transferring unit that transmits the response packet in which the electronic signature has been set.
1 Assignment
0 Petitions
Accused Products
Abstract
A communication system includes a server and a router which are both connected to a first network. The server grants to a response packet destined for an anycast address sent from a communication apparatus connected to a second network, anycast address option information indicating that an anycast address of a sender of the response packet, puts a signature field for a setting of an electronic signature in the response packet; and transmits to the communication apparatus the response packet. The router receives the response packet, validates whether the response packet is sent from a legitimate server based on the anycast address option information if the response packet includes the anycast address option information. The router also sets an electronic signature based on information related with the response packet in the signature field if the response packet is sent from the legitimate server, and transmits the response packet.
-
Citations
19 Claims
-
1. A communication system, comprising:
-
a server connected to a first network; and
a router connected to the first network, wherein the server includes an option setting unit that grants to a response packet that is a response to a packet which is destined for an anycast address and which is sent from a communication apparatus connected to a second network different from the first network, anycast address option information which indicates that an anycast address is allocated to a sender of the response packet;
a field putting unit that puts a signature field for a setting of an electronic signature in the response packet; and
a transmitting unit that transmits to the communication apparatus the response packet in which the anycast address option information has been set and the signature field has been put; and
the router includes a receiving unit that receives the response packet sent from the server to the communication apparatus;
a sender validating unit that validates whether the response packet is sent from a legitimate server based on the anycast address option information if the response packet includes the anycast address option information;
a validation information setting unit that sets an electronic signature based on information related with the response packet in the signature field put in the response packet, when the response packet is validated to be sent from the legitimate server; and
a transferring unit that transmits the response packet in which the electronic signature has been set. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A router comprising:
-
a receiving unit that receives a response packet from a server connected to a first network to a communication apparatus connected to a second network different from the first network, the response packet being a response to a packet destined for an anycast address which is sent from the communication apparatus and which is received by the server;
a sender validating unit that validates whether the response packet is sent from a legitimate server based on anycast address option information which indicates that an anycast address is allocated to a sender of the response packet if the response packet includes the anycast address option information;
a validation information setting unit that, when the response packet is validated to be sent from the legitimate server, sets an electronic signature based on information related with the response packet in the signature field put in the response packet; and
a transferring unit that transfers the response packet in which the electronic signature is set to a next node. - View Dependent Claims (7, 8, 9)
-
-
10. A communication method, comprising:
-
in a server connected to a first network, granting to a response packet that is a response to a packet which is destined for an anycast address and which is sent from a communication apparatus connected to a second network different from the first network, anycast address option information which indicates that an anycast address is allocated to a sender of the response packet;
in the server, putting a signature field for a setting of an electronic signature in the response packet;
in the server, transmitting to the communication apparatus the response packet in which the anycast address option information has been set and the signature field has been put;
in a router connected to the first network, receiving the response packet sent from the server to the communication apparatus;
in the router, validating whether the response packet is sent from a legitimate server based on the anycast address option information if the response packet includes the anycast address-option information;
in the router, setting an electronic signature based on information related with the response packet in the signature field put in the response packet, when the response packet is validated to be sent from the legitimate server; and
in the router, transferring the response packet in which the electronic signature has been set.
-
-
11. A routing method comprising:
-
receiving a response packet from a server connected to a first network to a communication apparatus connected to a second network different from the first network, the response packet being a response to a packet destined for an anycast address which is sent from the communication apparatus and which is received by the server;
determining whether the received response packet includes anycast address option information which indicates that an anycast address is allocated to a sender of the response packet;
if the response packet includes the anycast address option information, validating whether the response packet is sent from a legitimate server based on the anycast address option information;
setting an electronic signature based on information related with the response packet in the signature field put in the response packet, when the response packet is validated to be sent from the legitimate server; and
transferring the response packet in which the electronic signature is set to a next node. - View Dependent Claims (12, 13, 14)
-
-
15. A computer program product having a computer readable medium including programmed instructions for transmitting a packet between a server and a router which are connected to a first network, wherein the instructions, when executed by a computer, cause the computer to perform:
-
granting to a response packet that is a response to a packet which is destined for an anycast address and which is sent from a communication apparatus connected to a second network different from the first network, anycast address option information which indicates that an anycast address is allocated to a sender of the response packet;
putting a signature field for a setting of an electronic signature in the response packet; and
transmitting to the communication apparatus the response packet in which the anycast address option information has been set and the signature field has been put.
-
-
16. A computer program product having a computer readable medium including programmed instructions for transferring a packet sent from a server connected to a first network, wherein the instructions, when executed by a computer, cause the computer to perform:
-
receiving a response packet from the server, the response packet being a response to a packet destined for an anycast address which is sent from a communication apparatus connected to a second network different from the first network and which is received by the server;
determining whether the received response packet includes anycast address option information which indicates that an anycast address is allocated to a sender of the response packet;
if the response packet includes the anycast address option information, validating whether the response packet is sent from a legitimate server based on the anycast address option information;
setting an electronic signature based on information related with the response packet in the signature field put in the response packet, when the response packet is validated to be sent from the legitimate server; and
transferring the response packet in which the electronic signature is set to a next node. - View Dependent Claims (17, 18, 19)
-
Specification