发明名称 |
SECURED NETWORKS AND ENDPOINTS APPLYING INTERNET PROTOCOL SECURITY |
摘要 |
A method of managing secure communications states in an endpoint within a secure network is disclosed. The method includes, in a disconnected state, transmitting from a first endpoint to a second endpoint a first message including an authorization token. The method further includes, in the pending state, receiving from the second endpoint a second message including a second authorization token at the first endpoint. The method includes, based on the receipt of the second message, entering an open state and initializing a tunnel between the first and second endpoints using an IPsec-based secured connection. The method also includes, upon termination of the tunnel due to a termination or timeout message issued by at least one of the first and second endpoints, entering a closed state. |
申请公布号 |
US2016380984(A1) |
申请公布日期 |
2016.12.29 |
申请号 |
US201514753120 |
申请日期 |
2015.06.29 |
申请人 |
Johnson Robert A.;Inforzato Sarah K. |
发明人 |
Johnson Robert A.;Inforzato Sarah K. |
分类号 |
H04L29/06;H04L12/751;H04L12/46 |
主分类号 |
H04L29/06 |
代理机构 |
|
代理人 |
|
主权项 |
1. A method of managing secure communications states in an endpoint within a secure network, the method comprising:
in a disconnected state, transmitting from a first endpoint to a second endpoint a first message including an authorization token, the authorization token including one or more entries, each entry corresponding to a community of interest associated with a user of the first endpoint and including an encryption key and a validation key associated with the first endpoint and encrypted with a corresponding community of interest key and entering a pending state; in the pending state, receiving from the second endpoint a second message including a second authorization token at the first endpoint, the second authorization token including one or more entries, each entry corresponding to a community of interest associated with the second endpoint and including an encryption key and a validation key associated with the second endpoint and encrypted with the corresponding community of interest key; based on receipt of the second message, entering an open state and initializing a tunnel between the first and second endpoints using an IPsec-based secured connection; and upon termination of the tunnel due to a termination or timeout message issued by at least one of the first and second endpoints, entering a closed state. |
地址 |
Malvern PA US |