| 发明名称 |
Communication network access method and system |
| 摘要 |
A network management frame contains a clear text (unencrypted) management command field and a security field. The management frame is sent to a data communications network by an authorized managing entity (manager). The management frame is addressed to a managing agent (agent). The security field includes two sub fields. The first sub field is a clear text time stamp. The second sub field includes this same time stamp value concatenated with a checksum that is calculated by the manager for the specific clear text management command contained within the management frame. The concatenated value is then encrypted under a secret cryptographic key that is shared by the manager and the agent. The agent receives the management frame, calculates a checksum of the clear text management command, and appends this checksum to the clear text time stamp as contained in the received management frame. This value is then encrypted using the shared cryptographic code. If the result matches the second sub field of the received management command, integrity of the received management command is assured. Next, the clear text value of time stamp contained within the received management command is checked against a common clock within the agent. If the value of this time stamp falls within an predetermined time window, the authenticity of the received management command has been verified.
|
| 申请公布号 |
US5440633(A) |
申请公布日期 |
1995.08.08 |
| 申请号 |
US19930112007 |
申请日期 |
1993.08.25 |
| 申请人 |
INTERNATIONAL BUSINESS MACHINES CORPORATION |
发明人 |
AUGUSTINE, KURT E.;NEELEY, SR., JAMES EDWARD;STROLE, NORMAN CLARK |
| 分类号 |
G06F13/00;G06F21/20;H04L9/32;H04L9/36;H04L12/24;H04L29/06;(IPC1-7):H04K1/00 |
主分类号 |
G06F13/00 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
|
| 地址 |
|
