Method and apparatus for providing security mechanism guaranteeing transparency at transport layer
First Claim
1. A method of providing a security mechanism guaranteeing transparency at a transport layer, comprising:
- receiving a data packet from an application program, and searching key information corresponding to the data packet in key information database;
determining whether to request a key exchange module of an application layer for a new key negotiation according to a result obtained by searching key information; and
performing encrypting/decrypting based on key information when the key exchange module stores key negotiation information obtained by the new key negotiation in a kernel.
1 Assignment
0 Petitions
Accused Products
Abstract
Provided are a method and apparatus for providing a security mechanism guaranteeing transparency at a transport layer. The method includes: receiving a data packet from an application program, and searching key information corresponding to the data packet in key information database; determining whether to request a key exchange module of an application layer for a new key negotiation according to a result obtained by searching key information; and performing encrypting/decrypting based on key information when the key exchange module stores key negotiation information obtained by the new key negotiation in a kernel. The apparatus encrypts/decrypts the data packet at the transport layer of the kernel, thereby providing the application program with security transparency, effectively controlling and making it easily expansible.
13 Citations
6 Claims
-
1. A method of providing a security mechanism guaranteeing transparency at a transport layer, comprising:
-
receiving a data packet from an application program, and searching key information corresponding to the data packet in key information database;
determining whether to request a key exchange module of an application layer for a new key negotiation according to a result obtained by searching key information; and
performing encrypting/decrypting based on key information when the key exchange module stores key negotiation information obtained by the new key negotiation in a kernel. - View Dependent Claims (2, 3, 4)
-
-
5. An apparatus for providing a security mechanism guaranteeing transparency at a transport layer, comprising:
-
a key information search unit receiving a data packet transmitted from an application program to a TCP/UDP protocol, searching key information corresponding to the data packet in a key database, and determining whether the key database includes key information;
a key request determiner requesting for a new key, and determining that an encrypting/decrypting processor is on standby if the key database does not include key information corresponding to the data packet; and
an encrypting/decrypting unit encrypting/decrypting the data packet based on key information output by the key request determiner, and outputting encrypted/decrypted data packet. - View Dependent Claims (6)
-
Specification