Patent application number | Description | Published |
20090177887 | METHOD AND APPARATUS FOR BINDING UPDATE BETWEEN MOBILE NODE AND CORRESPONDENT NODE - A method and apparatus for binding update between a mobile node and a correspondent node is disclosed. The method includes: encrypting, by the correspondent node, a parameter for generating a binding management key with a key, and transmitting the encrypted parameter to the mobile node or a home agent which performs binding update on behalf of the mobile node; obtaining, by the mobile node or the home agent, the parameter via decryption, generating a binding management key with the parameter, generating authentication data with the binding management key, and transmitting a binding update message carrying the authentication data to the correspondent node; and verifying, by the correspondent node, the binding update message based on the authentication data, and returning a binding acknowledgement message to the mobile node or the home agent. With the present invention, the security of the binding update process may be improved. | 07-09-2009 |
20090213797 | METHOD FOR BINDING UPDATE IN MOBILE IPV6 AND MOBILE IPV6 COMMUNICATION SYSTEM - A method for binding update in the mobile IPv6 is provided. After a binding management key is obtained in a return routability procedure, a home address (HoA) in a binding update (BU) packet is sent in a form of an encrypted option. In the BU process, an HoA index may also be bound. A corresponding mobile IPv6 communication system and a mobile node (MN), a correspondent node (CN), and a home agent (HA) in the communication system are also provided. Thus, the HoA appears only once in an encrypted form in a packet sent to the CN in the BU process, thereby improving the security of the HoA in the BU process. | 08-27-2009 |
20090213798 | METHOD, SYSTEM, MOBILE NODE, COMMUNICATION NODE AND HOME AGENT FOR COMMUNICATION IN MOBILE IPV6 NETWORKS - A method for communication in IPv6 networks is provided. In this method, first, a destination node in communication is notified about an association relation between a home address (HoA) index and an HoA. Then, in a packet, an HoA option and a Type-2 routing header are substituted by an HoA index option or a binding index extension header carrying the HoA index according to the association relation stored in the destination node. Further, a system corresponding to the above method is also provided. Through the present invention, an overhead of a mobile IPv6 packet is effectively reduced. Besides, the HoA index is simple in content and is not relevant to any privacy parameter in content, thus ensuring the security of communication. | 08-27-2009 |
20090232301 | METHOD AND SYSTEM FOR GENERATING SESSION KEY, AND COMMUNICATION DEVICE - A method for generating a session key, a system, and a communication device are disclosed. The method includes: selecting, by a communication party, a temporary private key, and operating at least the temporary private key according to the parameters of the cryptosystem to generate a first message, and sending the first message to the opposite party; and after receiving the second message, operating, by the communication party, at least the second message and the temporary private key according to the parameters of the cryptosystem to generate a session key. The system includes a key management center and a communication device. The communication device includes: a temporary private key selecting unit, a message generating and sending unit, and a session key generating unit. In the disclosure, the session key generated after the communication party selects a temporary private key is variable, thus avoiding too much dependence on the key management center and improving the practicability and security of the key. | 09-17-2009 |
20100174906 | Method, system and equipment for key distribution - A method, system and equipment for key distribution are disclosed. During the course of computing a shared key Kab between a client node and a third party equipment, a serial number is introduced into keying materials to compute the Kab, instead of just using constant parameter, thus once the Kab is leaked, the Kab can be simply and duly updated by updating the variable parameter, and hence the security of message transmission is improved. Furthermore, in the implementations, methods for security protection and security verification for message are used, so as to effectively prevent threats to message security such as message forgery or replay attack, and hence further improve the security of message transmission. | 07-08-2010 |
20100205437 | Protection method and device for a mobile IPV6 fast handover - A protection method for a mobile IPv6 fast handover is provided, which includes the following steps: generating a fast-handover signaling protection key by using a key which is shared with a network side device; generating an authentication code according to the protection key; adding the authentication code to the fast-handover signaling and transmitting the fast-handover signaling to a router. A protection device for a mobile IPv6 fast handover is also provided. By using the method, the shared key between the mobile node and the network side device is used to derive the fast-handover signaling protection key to protect the fast-handover signaling, which solves the security problem of the fast-handover message during a mobile IPv6 fast handover, decreases overhead during storing and calculating regarding the mobile node, and can be used to protect the downward fast-handover signaling of the SeND protocol that cannot be supported by the mobile node. | 08-12-2010 |
20110083048 | MOBILE ACCESS GATEWAY, MOBILE NODE AND METHOD FOR PROCESSING HANDOVER STATE INFORMATION - A method for processing handover state information, a mobile access gateway (MAG), and a mobile node (MN) are disclosed. The method includes: receiving a handover state notification message, where the handover state notification message includes interface handover indication information; determining a handover indication option value according to the interface handover indication information; and generating and sending a proxy binding update (PBU) message, where the PBU message includes the handover indication option value. With the present invention, a MAG can obtain the handover state information of an MN through the interface handover indication information of the MN. The application scope is wide, and the access success probability is increased; therefore, the access quality of service (QoS) provided for the user is improved. | 04-07-2011 |
20120311188 | Method and Device for Data Segmentation in Data Compression - A method and device for data segmentation in data compression are disclosed. The method includes: acquiring a segmentation rule corresponding to the length of a current unsegmented data stream according to the length of the current unsegmented data stream in a data stream to be compressed, whereas the length of the unsegmented data stream increases, the probability that the corresponding segmentation rule is satisfied increases monotonically, and when the segmentation rule corresponding to a first length is satisfied, the segmentation rule corresponding to a second length is definitely satisfied too; where the first length and the second length are the length of the unsegmented data stream, and the first length is smaller than the second length; and segmenting, by using the segmentation rule, the data stream to be compressed. | 12-06-2012 |
20140330798 | VDI File Transfer Method and Apparatus - The present disclosure provides a virtual desktop infrastructure VDI file transfer method, which relates to the communications field and can improve compressibility in a VDI file transfer process. The method includes receiving VDI messages, where the VDI messages at least include a VDI file transfer message, separating the VDI file transfer message from the VDI messages, parsing the separated VDI file transfer message; obtaining a data portion of the VDI file transfer message, compressing the data portion, and sending a VDI file transfer message that includes compressed data. The present disclosure further provides a corresponding apparatus. | 11-06-2014 |