Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Particular node for directing data and applying cryptography
Reexamination Certificate
2007-02-20
2007-02-20
Moazzami, Nasseh (Department: 2136)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Particular node for directing data and applying cryptography
C713S150000, C713S151000, C713S152000, C370S338000, C370S356000, C726S015000, C709S246000, C709S204000
Reexamination Certificate
active
10052279
ABSTRACT:
A method and apparatus for facilitating Internet Security Protocol (IPsec) communications through devices that employ address translation in a telecommunications network is disclosed. A device that employs address translation, such as a router using Network Address Translation (NAT), receives IPsec based messages from originator nodes in a network and generates a result value for each message based on an initial identifier for each message. The messages are sent to a responder node that generates a response message to each originator node with a subsequent identifier that is based on the corresponding initial identifier. The device matches each response messages to the appropriate originator node within the network based on the result values and the subsequent identifiers. For example, the initial identifiers may be originator Security Parameter Indexes (SPI), and the subsequent identifiers may be responder SPI's that are each based on a hash value of the corresponding originator SPI.
REFERENCES:
patent: 6330562 (2001-12-01), Boden et al.
patent: 6687245 (2004-02-01), Fangman et al.
patent: 6707915 (2004-03-01), Jobst et al.
patent: 6886103 (2005-04-01), Brustoloni et al.
patent: 6957346 (2005-10-01), Kivinen et al.
patent: 2002/0046348 (2002-04-01), Brustoloni
patent: 2002/0059516 (2002-05-01), Turtianinen et al.
patent: 2002/0062344 (2002-05-01), Ylonen et al.
patent: 2002/0152325 (2002-10-01), Elgebaly et al.
patent: 2003/0031151 (2003-02-01), Sharma et al.
patent: 2003/0233576 (2003-12-01), Maufer et al.
Network Computing Security Workshop entitled “Why Can't IPsec and NAT Just Get Along?” by Mike Fratto, dated nov. 27, 2000, (9 pgs), www.networkcomputing.com/1123/1123ws2.html.
“Linux VPN Masquerade HOWTO” by John D. Hardin, dated Oct. 22, 2000, (47 pgs), www.linux.org/HOWTO/VPN-Masquerade-HOWTO.html.
Internet RFC/SRD/FYI/BCP Archives RFC3022 entitled “Traditional IP Network Address Translator (Traditional NAT)”, by P. Srisuresh, dated Jan. 2001, (12 pgs), www.faqs.org/rfcs/rfc3022.html.
Internet RFC/STD/FYI/BCP Archives RFC2408 entitled Internet Security Association and Key Management Protocol (ISAKMP), by D. Maughan, et al. dated Nov. 1998, (62 pgs), www.faqs.org/rfcs/rfc2408.html.
Pellacuru Chinna N. R.
Simu Adina F.
Cisco Technology Inc.
Hickman Palermo & Truong & Becker LLP
Moazzami Nasseh
Yalew Fikremariam
LandOfFree
Facilitating IPsec communications through devices that... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Facilitating IPsec communications through devices that..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Facilitating IPsec communications through devices that... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3859240