| 摘要 |
An example of the present disclosure includes a Group Member (GM) registering on a Key Server (KS) in a Group Encrypted Transport Virtual Private Network (GET VPN). The KS is to manage at least one group, and GMs belonging to the same group have the same group ID. The KS receives a group ID and a Security Association, SA, policy list supported by a GM sent by the GM. The KS, according to the group ID, determines a KS SA policy list corresponding to the group, and matches the SA policy list supported by the GM with the KS SA policy list according to a priority. A group SA policy with the highest priority is sent the GM. |
| 主权项 |
1. A method for a Group Member, GM, to register on a Key Server (KS) in a Group Encrypted Transport Virtual Private Network (GET VPN) in which the KS is to manage at least one group, and GMs belonging to the same group have the same group ID; the method comprising:
receiving, by the KS from the GM, a group ID and a GM Security Association (SA) policy list of SA policies supported by the GM; determining, by the KS, a KS SA policy list of SA policies corresponding to the group ID; determining, by the KS, SA policies which are in both the GM SA policy list and the KS SA policy list; and obtaining, by the KS, a group SA policy which is a SA policy with the highest priority among said SA policies which are in both the GM SA policy list and KS SA policy list; after storing the group SA policy, sending, by the KS, the group SA policy to the GM; after receiving a confirmation message of the GM, sending, by the KS, key information to the GM. |
