Terminal and communication system

US 8,437,345 B2
Filed: 07/07/2004
Issued: 05/07/2013
Est. Priority Date: 07/09/2003
Status: Expired due to Fees

First Claim

Patent Images

1. A terminal connected to a network, the terminal comprising:

a transmission/reception part for receiving a packet that includes a first header for a first security processing and a second header for a second security processing;

a CPU; and

a memory for storing programs to be executed by the CPU, the programs stored in the memory including;

a first operating systema second operating system that executes on the first operating system;

a first program that executes on the second operating system to perform a first process that processes the first header; and

a second program that executes on the first operating system to perform a second process that processes the second header, andwherein the first security processing and the second security processing are executed on a same layer of said packet;

wherein, upon the packet being received by the transmission/reception part, the first program processes the first header by performing the first process and outputs data obtained by the first process that does not include the first header to the second program, andwherein, upon receiving the data output by the first program, the second program processes the second header by performing the second process.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

(Problems) By assigning a fixed home address to an MN, Mobile IPv6 assures the arrival of each content at the MN 1. In order to allow the user to receive a Mobile IPv6 service, it is necessary to provide the MN 1 with a Mobile IPv6 function for making applications conform to IPv6. However, there are only few such MNs 1. In addition, the MN 1 does not have a function for implementing an IPsec process repeatedly on a packet transmitted to and received from another apparatus.

(technical solution) A scenario processing port 23 employed in the MN 1 includes a means, which is used for selecting a process according to a communication method and carrying out the selected process when a response to a Mobile IPv6 location registration message is received. By providing the scenario processing port 23 with a means for selecting a communication method, a function can be added to the MN 1 with ease. In addition, by providing the MN 1 with a means for implementing an IPsec process a plurality of times, it is possible to provide a communication apparatus according to a security management configuration.

38 Citations

View as Search Results

19 Claims

1. A terminal connected to a network, the terminal comprising:
- a transmission/reception part for receiving a packet that includes a first header for a first security processing and a second header for a second security processing;
  
  a CPU; and
  
  a memory for storing programs to be executed by the CPU, the programs stored in the memory including;
  
  a first operating systema second operating system that executes on the first operating system;
  
  a first program that executes on the second operating system to perform a first process that processes the first header; and
  
  a second program that executes on the first operating system to perform a second process that processes the second header, andwherein the first security processing and the second security processing are executed on a same layer of said packet;
  
  wherein, upon the packet being received by the transmission/reception part, the first program processes the first header by performing the first process and outputs data obtained by the first process that does not include the first header to the second program, andwherein, upon receiving the data output by the first program, the second program processes the second header by performing the second process.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. A terminal according to claim 1 wherein the first and second processes are processes for decrypting results of encryption processes executed on the same layer of the received packet.
  - 3. A terminal according to claim 1 wherein the first and second processes are the termination processes of IPsec executed on the same layer of the received packet.
  - 4. A terminal according to claim 1 wherein the first and second processes are the termination processes of TLS performed on the same layer of the received packet.
  - 5. A terminal according to claim 1 wherein the second operating system is executed on a virtual machine configured on the first operating system.
  - 6. A terminal according to claim 1 wherein:
    - the network is also connected to a server for managing information on locations of the terminal; and
      
      the first and second processes handle packets transmitted from the server to the terminal.
  - 7. A terminal according to claim 6 wherein:
    - the terminal is a terminal provided for mobile IP functions;
      
      the server is a server provided for said mobile IP functions;
      
      the terminal is a terminal functioning as a mobile node; and
      
      the server is a server functioning as a home agent of the terminal.

8. A communication system, comprising:
- a terminal and a server that are connected to a network, andwherein the terminal has a transmission/reception part for receiving a packet that includes a first header for a first security processing and a second header for a second security processing, a CPU, and a memory for storing programs to be executed by the CPU, the programs stored in the memory including;
  
  a first operating systema second operating system that executes on the first operating system;
  
  a first program that executes on the second operating system to perform a first process that processes the first header; and
  
  a second program that executes on the first operating system to perform a second process that processes the second header, andwherein the server comprises a transmission/reception part for sending and receiving packets, a CPU and a memory for storing information on locations of the terminal;
  
  wherein the first security processing and the second security processing executed by the terminal are executed on a same layer of said packet, which is received from the server;
  
  wherein, upon the packet being received by the transmission/reception part of the terminal, the first program processes the first header by performing the first process and outputs data obtained by the first process that does not include the first header to the second program, andwherein, upon receiving the data output by the first program, the second program processes the second header by performing the second process.
- View Dependent Claims (9, 10, 11, 12, 13)
- - 9. A communication system according to claim 8 wherein the first and second processes executed by the terminal are processes for decrypting results of encryption processes performed on the same layer of the received packet.
  - 10. A communication system according to claim 8 wherein the first and second processes executed by the terminal are termination processes of IPsec executed on the same layer of the received packet.
  - 11. A communication system according to claim 8 wherein the first and second processes executed by the terminal are termination processes of TLS performed on the same layer of the received packet.
  - 12. A communication system according to claim 8 wherein the second operating system is executed on a virtual machine configured on the first operating system.
  - 13. A communication system according to claim 8 wherein:
    - the terminal is a terminal provided for mobile IP functions;
      
      the server is a server provided for the mobile IP functions;
      
      the terminal is a terminal functioning as a mobile node; and
      
      the server is a server functioning as a home agent of the terminal.

14. A home agent connected to a terminal or a router through a network, the home agent comprising:
- a transmission/reception part for receiving a packet that includes a first header for a first security processing and a second header for a second security processing,a CPU,an address memory for storing an address of the terminal or the router, anda program memory for storing programs to be executed by the CPU, the programs stored in the program memory including;
  
  a first operating systema second operating system that executes on the first operating system;
  
  a first program that executes on the second operating system to perform a first process that processes the first header; and
  
  a second program that executes on the first operating system to perform a second process that processes the second header, andwherein the first security processing and the second security processing are executed on a same layer of the packet;
  
  wherein, upon the packet being received by the transmission/reception part, the first program processes the first header by performing the first process and outputs data obtained by the first process that does not include the first header to the second program, andwherein, upon receiving the data output by the first program, the second program processes the second header by performing the second process.
- View Dependent Claims (15, 16, 17, 18, 19)
- - 15. A home agent according to claim 14, the home agent connected to a mobile terminal or a mobile router wherein:
    - the address memory further stores the address of the mobile terminal or the mobile router; and
      
      the first and second processes are executed on packets received from the mobile terminal or through the mobile router.
  - 16. A home agent according to claim 14 wherein the first and second processes are processes for decrypting results of encryption processes executed on the same layer of the received packet.
  - 17. A home agent according to claim 14 wherein the first and second processes are termination processes of IPsec executed on the same layer of the received packet.
  - 18. A home agent according to claim 14 wherein the first and second processes are termination processes of TLS performed on the same layer of the received packet.
  - 19. A home agent according to claim 14 wherein the second operating system is executed on a virtual machine configured on the first operating system.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Hitachi, Ltd.
Original Assignee
Hitachi, Ltd.
Inventors
Takeda, Yukiko, Morishige, Takehiro, Inouchi, Hidenori, Hara, Yusuke
Primary Examiner(s)
Blanton, John

Application Number

US10/563,219
Publication Number

US 20070081512A1
Time in Patent Office

3,226 Days
Field of Search

None
US Class Current

370/389
CPC Class Codes

H04L 63/164   at the network layer

H04L 69/16   Implementation or adaptatio...

H04L 69/167   Adaptation for transition b...

H04W 80/04   Network layer protocols, e....

Terminal and communication system

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

38 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Terminal and communication system

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

38 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links