×

Scalable, distributed method and apparatus for transforming packets to enable secure communication between two stations

  • US 7,526,658 B1
  • Filed: 09/12/2003
  • Issued: 04/28/2009
  • Est. Priority Date: 01/24/2003
  • Status: Expired due to Fees
First Claim
Patent Images

1. A method of securing packet data transferred between a first and second member of a private network coupled to client edge devices over a backbone comprising a plurality of provider devices including provider edge devices, the backbone operating according to a routing protocol, the method comprising the steps of:

  • encapsulating a private address of a packet from the first member with a group header including a public address associated with the first member and a group address to generate a tunneled packet;

    transforming, at a client edge device, the tunneled packet by first applying a same group security association associated with the private network to the tunneled packet of a different non-group point-to-point connection to provide a secure tunneled packet and then adding a header field to the secure tunneled packet, the added header field including a gateway address associated with the first member of the private network and a destination address of the second member of the private network to provide a client transformed packet;

    forwarding the client transformed packet to a provider edge device; and

    replacing, at the provider edge device, a destination field of the packet with a group identifier associated with the private network for routing the packet across the backbone.

View all claims
  • 6 Assignments
Timeline View
Assignment View
    ×
    ×