| 摘要 |
A method for establishing a secure communication channel for information flow between two or more computers communicating via an interconnected computer network, and a system for implementing the method, in response to receiving a security association data structure from one of the computers. The received security association data structure is stored in a memory region having a specific memory address value, and the specific memory address value is assigned as the security parameter index value associated with the received inbound security association data structure. Additionally, a method of processing information received over a previously established secure communication channel, and a system for implementing the method, in response to receiving a data packet that includes an encrypted data portion, and a header portion that includes a security parameter index value. A memory region is located using the security parameter index value as an address pointer. The encrypted data portion of the received data packet is then processed based on a security association data structure stored in the located memory region.
|
