Method for providing end-to-end security service in communication network using network address translation-protocol translation
First Claim
1. A method for providing end-to-end security service in a communication network having a network address translation-protocol translation function, the method comprising the steps of:
- performing security negotiation between a first node included in a first communication network having the network address translation-protocol translation function and a second node included in a second communication network operating with a protocol different from the first communication network, storing protocol translation information generated when the security negotiation is performed at the first node; and
performing security transmission between the first node and the second node using the stored protocol translation information.
1 Assignment
0 Petitions
Accused Products
Abstract
A method for providing end-to-end security service in a communication network having an NAT-PT function comprises: performing security negotiation between a first node included in a first communication network having the network address translation-protocol translation function and a second node included in a second communication network operating with a protocol different from the first communication network; storing protocol translation information generated when the security negotiation is performed in the first node; and performing security transmission between the first and second nodes using the stored protocol translation information. The method transmits the address translation information to the ends in advance, thereby being capable of applying the security service using the address information on transmitting the data between hosts in the communication network using the address translation method.
-
Citations
28 Claims
-
1. A method for providing end-to-end security service in a communication network having a network address translation-protocol translation function, the method comprising the steps of:
-
performing security negotiation between a first node included in a first communication network having the network address translation-protocol translation function and a second node included in a second communication network operating with a protocol different from the first communication network, storing protocol translation information generated when the security negotiation is performed at the first node; and
performing security transmission between the first node and the second node using the stored protocol translation information. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A method for providing end-to-end security service in an IPv6 (Internet Protocol version 6) network having a network address translation-protocol translation function, the method comprising the steps of:
-
performing security negotiation between an IPv6 node included in the IPv6 network and an IPv4 (Internet Protocol version
4) node included in an IPv4 network;
storing, in the IPv6 node, IP (Internet Protocol) header translation information, generated when the security negotiation is performed; and
performing security transmission between the IPv6 node and the IPv4 node using the stored IP header translation information. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28)
-
Specification