Patent application number | Description | Published |
20100008260 | METHOD FOR CONFIGURING CONTROL TUNNEL AND DIRECT TUNNEL IN IPV4 NETWORK-BASED IPV6 SERVICE PROVIDING SYSTEM - Provided is a method for configuring a control tunnel and a direct tunnel in an IPv4 network-based IPv6 service providing system. To provide IPv6 service, when a random request terminal receives a tunnel response message from a control server by using service information downloaded from a portal server at the time of initialization, the request terminal configures a control tunnel with the control server, and is registered to the control server. The request terminal transmits and receives a direct tunnel request message and a direct tunnel response message with a counterpart terminal by using its terminal information learned during the control tunnel configuration, i.e., network position information and status information, thereby configuring a direct tunnel. Thus, IPv6 communication is made through IPv4 based IPv6 tunneling, so that IPv6 application services that are not yet widely used can easily come into wide use. Also, only software change of each terminal and a control server is required without changing existing network equipment, so that a cost burden of a service provider can be minimized. | 01-14-2010 |
20100260203 | TUNNELING IPv6 PACKET THROUGH IPv4 NETWORK USING A TUNNEL ENTRY BASED ON IPv6 PREFIX AND TUNNELING IPv4 PACKET USING A TUNNEL ENTRY BASED ON IPv4 PREFIX - The present invention relates to tunneling an IPv6 packet through an IPv4 network. In using a tunneling method upon transmitting an IPv6 packet in an IP network, when destination nodes desired to be communicated are located within the same IPv6 prefix network, IPv6 prefix information is added for the management of a tunnel entry. Hence, tunneling information on terminals located within the same IPv6 prefix network can be managed as one tunnel entry. Accordingly, the time consumed when retrieving a tunnel entry can be reduced. | 10-14-2010 |
20100262825 | SECURITY METHOD OF MOBILE INTERNET PROTOCOL BASED SERVER - A security method in a server-based mobile IP system is provided. Specifically, in the security method, general data is securely exchanged in addition to a control message that is exchanged between a mobile node and a server or between mobile nodes. Specifically, provided is a method of securely exchanging data by using a mobile node including an mPAK execution module generating necessary keys by exchanging key information with the server while performing a mutual authentication process and negotiating the security policy; and a security module setting a security policy that is negotiated with the corresponding node and applying the security policy to data according to the set security policy when transmitting the data. | 10-14-2010 |
20100272016 | METHOD FOR SUPPORTING TRANSPORT NETWORK INDEPENDENT IP MOBILITY IN MOBILE TERMINAL AND SYSTEM THEREOF - A method and system for supporting Internet protocol (IP) mobility independently of the IP version of a transport network are provided. The method includes providing a mobility control apparatus, which maps the home addresses of a plurality of mobile terminals, including first and second mobile terminals, and the Care-of-Addresses (CoAs) of the mobile terminals, and setting a first control tunnel between the mobility control apparatus and the first mobile terminal, the care-of-addresses varying from one transport network to another transport network; setting a second control tunnel between the mobility control apparatus and the second mobile terminal; and enabling the first and second mobile terminals to exchange a data packet with each other through the first and second control tunnels. | 10-28-2010 |
20110013647 | IPV6 OVER IPV4 TRANSITION METHOD AND APPARATUS FOR IMPROVING PERFORMANCE OF CONTROL SERVER - The present invention relates to a method and apparatus for performing IPv6 over IPv4 transition to improve performance of a control server. When an edge router selected by the control server according to a tunnel creation request of an IPv6 terminal receives a tunnel creation request message from the control server, the edge router transmits a tunnel creation response message for the received tunnel creation request message to the IPv6 terminal through the control server, and the edge router performs IPv6 over IPv4 transition through a tunnel created by the IPv6 terminal that received the tunnel creation response message so as to improve the performance of the control server. Therefore, loads of the control server occurred because all terminals set control tunnels to the control server can be prevented, and service extensibility due to the increase in the number of subscribers can be guaranteed. | 01-20-2011 |
20110023088 | FLOW-BASED DYNAMIC ACCESS CONTROL SYSTEM AND METHOD - A traffic analysis and flow-based dynamic access control system and method. The flow-based dynamic access control system for controlling a user's access to an internal communication network through an external communication network includes an access control unit operating in an access control mode in which traffic received from a user is basically blocked, generating state management information of a flow, which is received from the user, based on a specified packet of the flow, and verifying whether access of the flow to the internal communication network is a normal access. As a proactive defense concept of allowing only normal users to access an internal network, a method of blocking attacks from a system contaminated by a worm virus, detecting a cyber attack on a certain system in advance and automatically avoiding the cyber attack, and guaranteeing the quality of normal traffic even under cyber attacks without performance degradation of the internal network is provided. | 01-27-2011 |
20110044337 | SYSTEM AND METHOD FOR PROVIDING IPTV SERVICE - In a system for providing an IPTV service, if a multicast address of an IPTV channel received from a head-end is a multicast address requested by a mobile node through a tunnel, an end router confirms a care of address (CoA) of the mobile node corresponding to the multicast address of the IPTV channel, sets the multicast address in the first header of broadcasting traffic, sets the CoA of the mobile node in the second header of the broadcasting traffic, and then sends the broadcasting traffic. | 02-24-2011 |
20110072515 | METHOD AND APPARATUS FOR COLLABORATIVELY PROTECTING AGAINST DISTRIBUTED DENIAL OF SERVICE ATTACK - A method and apparatus for collaboratively protecting against a Distributed Denial of Service (DDoS) attack are provided. The method performed by a network apparatus includes detecting data suspected as being used in the DDoS attack by monitoring traffic forwarded to a service server, notifying a security apparatus that the detected data is suspected as being used in the DDoS attack, and performing at least one of a first operation and a second operation, the first operation being receiving an analysis result for the detected data from the security apparatus and controlling the traffic based on the analysis result, and the second operation being controlling, prior to the first operation, the traffic based on a rule set in advance. | 03-24-2011 |
20110080909 | METHOD AND APPARATUS FOR CONTROLLING RECEIVING IP MULTICAST SERVICES BASED ON NETWORK - Provided is a network-based Internet Protocol (IP) multicast service reception controlling apparatus and method. Data corresponding to a multicast channel may be controlled based on a snooping table. The snooping table may be updated based on the service profile. The snooping table may be updated based on a control message, and the control message may be based on whether a user is subscribed to the multicast channel. Whether data corresponding to the multicast channel is to be transmitted may be determined based on whether the data is being transmitted to another user in response to a request from the other user. | 04-07-2011 |
20110085552 | SYSTEM AND METHOD FOR FORMING VIRTUAL PRIVATE NETWORK - Technology for forming a virtual private network (VPN) is provided. A VPN gateway that supports mobility with a connection node having a virtual home address (HoA) and a care of address (CoA) includes a mobility support unit, a data security unit, and a virtual address converter. When a packet is transferred from the connection node, the mobility support unit sustains a binding relationship between a home address (HoA) of the connection node and the changed CoA, and processes a mobility tunnel for the packet, thereby generating a first conversion packet. The data security unit performs a security test of the first conversion packet. The virtual address converter converts the HoA of the connection node, which is a source address of the first conversion packet in which the security test is complete, to a private network internal address that can be used in the VPN, thereby generating a second conversion packet. | 04-14-2011 |
20110200005 | METHOD OF SUPPORTING MOBILITY USING SECURITY TUNNEL - Enclosed is a method of supporting mobility using a security tunnel. For the movement of a terminal in a local network and the movement of a terminal to an external network, an active tunnel and a standby tunnel are set to provide mobility to the terminal. When the local network moves, mobility for the local network is provided. The stability of a network is guaranteed using security connection. | 08-18-2011 |
20110267949 | QUALITY OF SERVICE-PROVIDING SYSTEM AND METHOD FOR PROVIDING QUALITY OF SERVICE IN THE SYSTEM - There are provided a quality of service (QoS)-providing system and a method for providing quality of service for mobile nodes in the QoS-providing system. Under a network environment running a host-based network layer mobility protocol based on tunneling mechanism, the QoS-providing system may be useful to allow effective mobility supports by distributing binding information to the distributed nodes, in order to provide session-based quality of service for tunneled packets between the mobile nodes on the access nodes and distribute traffic load concentrated on the central mobility control platform as well. Also, the QoS-providing system according to one exemplary embodiment of the present invention may be useful to provide the function of hiding locations of mobile nodes since a care-of address of the mobile node is not transferred to a correspondent node and to automatically perform a route optimization procedure even when the mobile node does not directly perform a route optimization procedure. | 11-03-2011 |
20110270996 | METHOD FOR CONFIGURING CLOSED USER NETWORK USING IP TUNNELING MECHANISM AND CLOSED USER NETWORK SYSTEM - A method for configuring a closed user network (CUN) using an IP tunneling mechanism and a CUN system are disclosed. In particular, disclosed is a technique of establishing a tunnel between a tunnel end edge device (TEED) and a control server by using an IP tunneling mechanism to allow terminals connected to the TEED to perform communications by using a closed IP, enabling the TEED to provide a network address translation (NAT) function so that the TEED can perform data forwarding like a general NAT, without performing tunneling on a destination IP outside the closed IP section, to perform communication, and allowing a terminal located in an area where the TEED is not provided to directly establish a tunnel with the control server by using a client software to thereby perform communications with a terminal or a server connected to the TEED by using the closed IP. | 11-03-2011 |
20130128741 | FLOW BASED QOS ROUTER CAPABLE OF REPORTING REAL-TIME STATISTICS - Disclosed is a flow-based QoS router capable of reporting real-time statistics, including: a line card configured to collect flow information by analyzing a flow, classify the collected flow information into flow information not requesting filtering and flow information requesting filtering, and transmit each of the flow information not requesting filtering and the flow information requesting filtering; a system supervisor controller configured to receive the flow information not requesting filtering and the flow information requesting filtering from the line card and store the flow information not requesting filtering and the flow information requesting filtering, and accessed by a manager terminal to monitor the flow information not requesting filtering and the flow information requesting filtering to perform filtering of and QoS application to a predetermined flow; and an application processor configured to command QoS application to the predetermined flow according to a request from the system supervisor controller. | 05-23-2013 |
20130133057 | SYSTEM FOR MANAGING VIRTUAL PRIVATE NETWORK AND METHOD THEREOF - Disclosed are a system for managing virtual private networks (VPNs) includes: terminals configured to transmit user data; a manager configured to transmit information for concealing networks and managing the VPNs; border gateways configured to decrypt the user data and perform a network address translation (NAT) procedure and a filtering procedure on the decrypted user data based on the information; and servers configured to receive the user data subjected to the NAT procedure and the filtering procedure, wherein the filtering procedure is a procedure discarding the user data to be transferred to the servers that are not allowed so as to allow the terminals to access only the allowed servers, the NAT procedure is a procedure changing an Internet protocol (IP) address used in a first network to an IP address used in a second network, and the first network and the second network are different networks. | 05-23-2013 |
20130163601 | USER CENTRIC VIRTUAL NETWORK AND METHOD OF ESTABLISHING THE SAME - Provided is a method of establishing a user centric virtual network. The method includes: performing a first tunneling operation between a first tunnel end and an address translation device, which are connected to a first private network, and a tunnel relay device; performing a second tunneling operation between a second tunnel end and an address translation device, which are connected to a second private network, and the tunnel relay device; and performing a third tunneling operation between the tunnel relay device and an end client, wherein a virtual IP is allocated to each of the first and second tunnel ends, the address translation devices, the end client, and the tunnel relay device; and each of the first to third tunneling operations connects routing information on the virtual IP to a corresponding tunnel. | 06-27-2013 |
20140002584 | METHOD OF SELECTING CONFERENCE PROCESSING DEVICE AND VIDEO CONFERENCE SYSTEM USING THE METHOD | 01-02-2014 |
20140165181 | NETWORK APPARATUS AND OPERATING METHOD THEREOF - Disclosed are a network apparatus and an operating method thereof. The network apparatus includes: a security authentication module that executes security authentication of a distributed denial of service (DDoS) attack when a predetermined packet requests access to a particular service server to which the security authentication is applied, at the time of inputting the predetermined packet; and a communication module that transmits the predetermined packet security-authenticated by the security authentication module through a transmission route of the particular service server, so as to easily defend the DDoS attack by using a pseudo state of a service procedure. | 06-12-2014 |