Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Particular node for directing data and applying cryptography
Reexamination Certificate
2002-09-18
2008-11-04
Vu, Kimyen (Department: 2135)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Particular node for directing data and applying cryptography
C726S015000
Reexamination Certificate
active
07447901
ABSTRACT:
A process is disclosed in which a security policy is associated with a virtual private network (VPN) interface at a first device, for example, a router. Input is received specifying an association of a VPN endpoint address to a corresponding routable network address of a second device. A message is issued to a security module at the first device, the message including the routable network address of the second device and the security policy. Encryption state information is generated for network traffic from the first device to the second device, based on the message. The process is applicable to a hub-and-spoke network architecture that utilizes a point-to-multipoint GRE tunnel and the IPsec protocol for security. The process is dynamic in that the encryption state is generated for traffic over a VPN link, in response to notification of a virtual address-to-real address mapping, i.e., the association. In an embodiment, the association is an NHRP mapping.
REFERENCES:
patent: 5600644 (1997-02-01), Chang et al.
patent: 6069895 (2000-05-01), Ayandeh
patent: 6078957 (2000-06-01), Adelman et al.
patent: 6172981 (2001-01-01), Cox et al.
patent: 6175917 (2001-01-01), Arrow et al.
patent: 6269099 (2001-07-01), Borella et al.
patent: 6353614 (2002-03-01), Borella et al.
patent: 6438612 (2002-08-01), Ylonen et al.
patent: 6567405 (2003-05-01), Borella et al.
patent: 6675225 (2004-01-01), Genty et al.
patent: 6697354 (2004-02-01), Borella et al.
patent: 6731642 (2004-05-01), Borella et al.
patent: 6751729 (2004-06-01), Giniger et al.
patent: 6768743 (2004-07-01), Borella et al.
patent: 6781982 (2004-08-01), Borella et al.
patent: 6822957 (2004-11-01), Schuster et al.
patent: 6931010 (2005-08-01), Gallant et al.
patent: 6996621 (2006-02-01), Borella et al.
patent: 7013338 (2006-03-01), Nag et al.
patent: 7032242 (2006-04-01), Grabelsky et al.
patent: 7130854 (2006-10-01), Beadles et al.
patent: 2001/0036184 (2001-11-01), Kinoshita et al.
patent: 2002/0075844 (2002-06-01), Alexander
patent: 2002/0080752 (2002-06-01), Johansson et al.
patent: 2002/0103898 (2002-08-01), Moyer et al.
patent: 2002/0114274 (2002-08-01), Sturges et al.
patent: 2002/0152325 (2002-10-01), Elgebaly et al.
patent: 2003/0108051 (2003-06-01), Bryden et al.
patent: 2003/0163440 (2003-08-01), Tonack
patent: 2004/0213206 (2004-10-01), McCormack et al.
S. Hanks, et al., Network Working Group, Request for Comments: 1701, “Generic Routing Encapsulation (GRE),” Oct. 1994, pp. 1-8.
J. Luciani, et al., Network Working Group, Requests for Comments: 2332, “NBMA Next Hop Resolution Protocol (NHRP),” Apr. 1998, pp. 1-52.
S. Kent, et al., Network Working Group, Request for Comments: 2401, “Security Architecture for the Internet Protocol,” Nov. 1998, http://www.ietf.org/rfc/rfc2401.txt, pp. 1-62.
D. Piper, Network Working Group, Request for Comments: 2407, “The Internet IP Security Domain of Interpretation for ISAKMP,” Nov. 1998, pp. 1-32.
D. Maughan, et al., Network Working Group, Request for Comments: 2408, “Internet Security Association and Key Mangement Protocol (ISAKMP),” Nov. 1998, pp. 1-86.
D. Harkins, et al., Network Working Group, Request for Comments: 2409, “The Internet Key Exchange (IKE),” Nov. 1998, pp. 1-41.
R. Thayer, et al., Networking Working Group, Request for Comments: 2411, “IP Security, Document Roadmap,” Nov. 1998, pp. 1-11.
B. Fox, et al., Network Working Group, Request for Comments: 2735, “NHRP Support for Virtual Private Networks,” Dec. 1999, pp. 1-12.
Michael L. Sullenberger, Information Disclosure Statement “B”, attached herewith, Jan. 2003, 2 pages.
Henning Schulzrinne et al., “Tutorial: The IETF Internet Telephony Architecture and Protocols,” 1999, http://www.computer.org/internet/telephony/w3schrosen.htm, printed May 21, 2002, 17 pages.
International Engineering Consortium, “Trillium, H.323, 8.H.225 Registration, Admission, and Status,” 2002, 2 pages.
Church of the Swimming Elephant, “Connected: An Internet Encylopedia, Q.931 Protocol Overview,” 2001, http://webmail.cotse.com/CIE/Topics/126.htm, printed May 9, 2002, pp. 1-7.
Cisco Systems, Inc., “Chapter I, Product Overview,” 1989-1998, pp. 1-1-1-10.
Cisco Systems, Inc., “Chapter 3, Connecting to a Host through a Remote Access Server,” 1989-1998, pp. 3-1-3-26.
M. Handley et al., “SIP: Session Initiation Protocol,” Network Working Group, Request for Comments: 2543, Mar. 1999, pp. 1-153.
M. Arango et al., “Media Gateway Control Protocol (MGCP) Version 1.0,” Network Working Group, Request for Comments: 2705, Oct. 1999, pp. 1-134.
Sullenberger Michael L.
Vilhuber Jan
Cisco Technology Inc.
Hickman Palermo & Truong & Becker LLP
Pan Joseph
Vu Kimyen
LandOfFree
Method and apparatus for establishing a dynamic multipoint... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and apparatus for establishing a dynamic multipoint..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and apparatus for establishing a dynamic multipoint... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4031594