System and method for providing secure multicasting across virtual private networks
First Claim
1. A method for providing a secure multicast of data across an unsecured network, the method comprising:
- receiving, at an IPSec virtual private network device (IVD), a join message identifying at least one private multicast group;
identifying, by the IVD, a public multicast group of the unsecured network that is mapped to the private multicast group;
generating, by the IVD, a membership report specifying the public multicast group;
inserting a public IVD address of the IVD into a source field of the membership report;
sending the membership report to the unsecured network;
creating an IPSec tunnel through the unsecured network to a network element;
generating an IPSec encrypted control message specifying the private multicast group; and
sending the encrypted control message through the tunnel to allow the network element to decrypt the encrypted control message and send the decrypted control message to another network element.
1 Assignment
0 Petitions
Accused Products
Abstract
A method is provided for securely transmitting multicast data across an unsecured public network. Such a method includes receiving a join message identifying at least one private multicast group; mapping the private multicast group to a public multicast group; generating a membership report specifying the public multicast group; and sending the membership report to the unsecured network. Additionally, the method may further comprise creating a secure tunnel through the unsecured network to a network element coupled; generating an encrypted control message specifying the private multicast group; and sending the encrypted control message through the secure tunnel to the network element.
-
Citations
20 Claims
-
1. A method for providing a secure multicast of data across an unsecured network, the method comprising:
-
receiving, at an IPSec virtual private network device (IVD), a join message identifying at least one private multicast group; identifying, by the IVD, a public multicast group of the unsecured network that is mapped to the private multicast group; generating, by the IVD, a membership report specifying the public multicast group; inserting a public IVD address of the IVD into a source field of the membership report; sending the membership report to the unsecured network; creating an IPSec tunnel through the unsecured network to a network element; generating an IPSec encrypted control message specifying the private multicast group; and sending the encrypted control message through the tunnel to allow the network element to decrypt the encrypted control message and send the decrypted control message to another network element. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system for securely transmitting multicast data across a public network, the system comprising:
a first encryptor network element comprising an IPSec virtual private network device (IVD) and operable to receive a join message from a first network element, the join message identifying at least one private multicast group, identify a public multicast group of the unsecured network that is mapped to the private multicast group, generate a membership report specifying the public multicast group, send the membership report to the public network, generate an IPSec encrypted control message specifying the private multicast group, insert a public IVD address of the IVD into a source field of the membership report, send the encrypted control message through the secure tunnel to the second encryptor network element to allow the second encryptor network element to decrypt the encrypted control message and send the decrypted control message to another network element. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
15. A non-transitory computer readable medium storing software for securely transmitting multicast data across a public network, the software being embodied in the non-transitory computer readable medium and comprising code such that when executed is operable to:
-
receive a join message identifying at least one private multicast group; identify a public multicast group of the unsecured network that is mapped to the private multicast group; generate a membership report specifying the public multicast group; insert a public IVD address of the IVD into a source field of the membership report; send the membership report to the unsecured network; create an IPSec tunnel through the unsecured network to a network element; generate an IPSec encrypted control message specifying the private multicast group; and send the encrypted control message through the tunnel to allow the network element to decrypt the encrypted control message and send the decrypted control message to another network element. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification