| 发明名称 |
SERVICE PLANE ENCRYPTION IN IP/MPLS NETWORKS |
| 摘要 |
A method for providing service plane encryption in IP/MPLS and GRE networks is disclosed. The method for providing service plane encryption in IP/MPLS and GRE networks includes receiving a first Security Parameter Index with associated first encryption key and associated first authentication key at a first network element supporting the first Service Distribution Point; receiving an instruction at the first network element to encrypt data entering the first Service Distribution point with the first encryption key; receiving an instruction at the first network element to associate a data communication service provided at the first network element to the first Service Distribution Point; providing an encryption label; and providing data associated with the first communication service to the first Service Distribution Point for transmission to the second Service Distribution Point. The method for providing service plane encryption in IP/MPLS and GRE networks provides encryption advantages over systems known in the art by providing capability for selectively encrypting services connected via a data tunnel. |
| 申请公布号 |
US2014208099(A1) |
申请公布日期 |
2014.07.24 |
| 申请号 |
US201313746119 |
申请日期 |
2013.01.21 |
| 申请人 |
RAJSIC Carl |
发明人 |
RAJSIC Carl |
| 分类号 |
H04L9/14 |
主分类号 |
H04L9/14 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A method of encrypting data between a first Service Distribution Point located at a first network element and a second Service Distribution Point located at a second network element, said first and second Service Distribution Points connected via a tunneling protocol, the method comprising the steps of:
receiving a first Security Parameter Index with associated first encryption key and associated first authentication key at a first network element supporting said first Service Distribution Point; receiving an instruction at said first network element to encrypt data entering said first Service Distribution point with said first encryption key; receiving an instruction at said first network element to associate a data communication service provided at said first network element to said first Service Distribution Point; providing an encryption label; and providing data associated with said first communication service to said first Service Distribution Point for transmission to said second Service Distribution Point. |
| 地址 |
Ontario CA |
