Electrical computers and digital processing systems: multicomput – Computer-to-computer data addressing
Reexamination Certificate
2011-06-14
2011-06-14
Zele, Krista M (Department: 2453)
Electrical computers and digital processing systems: multicomput
Computer-to-computer data addressing
C726S011000, C726S014000, C726S002000, C726S005000, C709S225000, C709S232000, C709S237000
Reexamination Certificate
active
07962652
ABSTRACT:
The invention determines if a security association (SA) extends end-to-end between a source node originating a connection and a destination node. In such a case, there will be no ambiguities in routing due to network address translation, and the SA is allowed. In the preferred embodiment, both end nodes of a security connection test themselves and the remote node for gateway status to determine if any ambiguities might exist in network routing due to the presence of a network address translator.
REFERENCES:
patent: 6957346 (2005-10-01), Kivinen et al.
patent: 7434045 (2008-10-01), Enderwick et al.
patent: 2001/0047487 (2001-11-01), Linnakangas et al.
patent: 2002/0091921 (2002-07-01), Kunzinger
patent: 2003/0018908 (2003-01-01), Mercer et al.
patent: 2004/0071149 (2004-04-01), Kim et al.
patent: 2004/0088537 (2004-05-01), Swander et al.
patent: 2004/0098622 (2004-05-01), O'Neill
patent: 2004/0117653 (2004-06-01), Shapira et al.
patent: 2004/0148504 (2004-07-01), Forsberg
patent: 2004/0249911 (2004-12-01), Alkhatib et al.
patent: 2005/0160273 (2005-07-01), Oishi
patent: 2006/0245362 (2006-11-01), Choyi
http://www.cs.virginia.edu/˜cs458/material/Redbook-ibm-tcpip-Chp21-4.pdf “Network Address Translation”—UVA Technical Overview.
http://vpncasestudy.com/download/troubleshoot/Troubleshooting—IKE—VPN.pdf “Troubleshooting Guide: IKE IPSec VPN Initialization”—VPN Cast Study Feb. 2007.
http://www.ietf.org/rfc/rfc3947.txt “Negotiation of NAT D payloads”—RFC 3947.
Sternberg, M. et al, “IPsec NAT-Traversal draft-stenberg-spec-nat-traversal-02.txt.” IETF Standard-Working-Draft, Internet Engineering Task Force, IETF, CH, No. 2, Feb. 28, 2001.
Pouseele, S., “How to Pass IPSec traffic through ISA Server,” http://www.isaserver.org/pages/article—p.asp?id=1072, last update Mar. 26, 2005.
Huttunen, A, “UDP Encapsulated of IPSec ESP Packets,” Network Working Group, RFC 3948, The Internet Society, Jan. 2005, pp. 1-15.
Kivinen Safenet B Swander Microscoft A Huttunen F-Secure Corporation V Volpe Cisco Systemst: “Negotiation of NAT-Traversal in the IKE” IETF Standard, Internet Engineering Task Force, IETF, CH, Jan. 2005, XP015009719.
Stenberg S Paavolainen T Ylonen T Kivinen SSH Communications Security Corp M: “IPsec NAT-Traversal” Engineering Task Force, IETF, CH, No. 2, (Feb. 8, 2001), XP015035694.
PCT/EP2007/050834 International Search Report, May 18, 2007.
Jong Wuchieh James
Overby, Jr. Linwood Hugh
Porter Joyce Anne
Wierbowski David John
Carey, Rodriguez, Greenberg & Paul
Greenberg, Esq. Steven M.
International Business Machines - Corporation
Scott Randy
Zele Krista M
LandOfFree
Detecting network topology when negotiating IPsec security... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Detecting network topology when negotiating IPsec security..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Detecting network topology when negotiating IPsec security... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2683934