Abstract:
The present invention relates to a system for controlling and verifying an open type programmable network. The system receives a request including network operation relevant composition information on one or more network devices in a network in which two kinds of network devices are interlinked with each other. The system verifies whether the request is against to a network setting and network properties which are managed by the system and transmits a verification result including the composition information when an error is not generated.
Abstract:
미래인터넷에서 자원 식별을 위한 패킷 전달 방법에 관한 것으로, 스위치가 목적지 슬리버 식별 정보 및 가상 인터페이스 식별정보를 포함하는 패킷을 수신하면, 상기 수신된 패킷을 상기 목적지 슬리버 식별 정보에 기초하여 선택된 슬리버로 전달하고, 패킷을 전달받은 슬리버가 상기 가상 인터페이스 식별정보에 기초하여 슬리버의 가상 인터페이스 중 하나로 상기 전달받은 패킷을 전달하는 패킷 전달 방법에 의해 네트워크 가상화 지원 프로그래머블 플랫폼 또는 라우터에서 미래 인터넷 네트워크상에서 사용자에게 할당된 자원인 슬리버(sliver)의 아이디(ID)와 각 슬리버에 연결된 가상 인터페이스(VIF)를 식별할 수 있다.
Abstract:
PURPOSE: A service-broker device for managing resources in consideration of a characteristic of a user terminal and a method thereof are provided to efficiently select an optimal user interface and resource management server by considering characteristic of a user terminal in an environment which includes heterogeneous resource management servers. CONSTITUTION: A future internet system comprises a user terminal(100), a service-broker device(200), and a plurality of resource management servers(300). The user terminal includes different kinds of terminals. The service-broker device is connected to the user terminal and the plurality of resource management servers. The service-broker device comprises a user terminal interface unit(201), an analysis unit(203), a resource portal unit(205), and a transformation unit(207). The resource management server assigns resources in an internet environment.
Abstract:
A tunneling method based UDP and a system for performing the method are provided to apply security mechanism using IPsec between nodes supporting different networks in an NAT(Network Address Translator)-PT(Protocol Translator) environment, thereby performing tunneling. A transmitting node(110) makes a security policy database table and produces a packet. The security policy database table comprises IPv6(Internet Protocol version 6) transmitting and receiving addresses, IPv4 transmitting and receiving addresses and an encryption method. The packet includes the IPv6 transmitting and receiving addresses in an external header and includes the IPv4 transmitting and receiving addresses in an inner header. The transmitting node encrypts the packet according to the encryption method and transmits the packet to a gateway(130).
Abstract:
A method and apparatus for allowing transmission delay in a mobile Internet Protocol (IP) network is provided. The method of allowing transmission delay in a home agent of a mobile IP network, the method including: storing data in a mobile router when disconnection with the mobile router is sensed; and transmitting the stored data to the mobile router when reconnection with the mobile router is sensed.
Abstract:
An apparatus and a method for supporting network-based mobility for dual stack terminals are provided to connect data transmitted to a GMAP(Global Mobility Anchor Point) through IPv6(Internet Protocol version 6)-in-IPv4 tunneling or IPv4-in-IPv6 tunneling to an MAP, so that communication with an external terminal can be possible even when the dual stack terminal moves to an another network such as an IPv4-only network or an IPv6-only network. An MAP(Mobility Anchor Point) device(210) for supporting mobility of dual stack terminals comprises a storage(211) and a transmitter(212). The storage stores information about the dual stack terminal after movement and information about an access router to which the dual stack terminal belongs. The information is received from a first MAP(220) as a movement support anchor at another network to which the dual stack terminal has moved. When data to be transmitted to the dual stack terminal is received, the transmitter transmits the data to the first MAP based on the binding information on the dual stack terminal stored in the storage.
Abstract:
A method and an apparatus for allocating MCID(Multicast Connection IDs(Identifications)) for IP(Internet Protocol) multicast packet transmission and transmitting packets using the MCID in a portal Internet network are provided to transmit multicast packets having various scopes and multicast packets of a link local scope in an IEEE 802.16 network by assigning the MCIDs according to a scope of an IP multicast address, thereby removing the necessity of addition MCID assignment even when the number of multicast addresses used on the network is increased, and accordingly providing superior extensibility. A recording medium for recording a data structure of an MCID(Multicast Connection IDs(Identifications))(210) comprises the followings: a CS(Convergence Sublayer) descriptor value which represents a sublayer used for IP(Internet protocol) multicast packet transmission in a portable Internet network; and a scope value which represents a subnet category where the IP multicast packet is transmitted in the portable Internet network. A method for allocating the MCID for IP multicast packet transmission in various categories over the portable Internet network comprises: including the CS descriptor value as one or more bits in the MCID; and including the scope value as one or more bits in the MCID.
Abstract:
A method for preventing attacks in an IPv4/IPv6 interworking network and an apparatus thereof are provided to detect and block the attack using a weak point of security of the IPv4/IPv6 interworking mechanism in a dual stack based network. A method for preventing attacks in an IPv4/IPv6 interworking network comprises the followings steps of: determining whether a received packet is an IPv4 packet or an IPv6 packet(S500,S502,S506); abandoning 6to4 tunneling packets of the IPv4 packets if addresses between internal and external parts of the packet are inconsistent(S510); and abandoning the packet if an IPv6 address of the IPv6 packet does not belong to an allowable address which is previously registered(S514).
Abstract:
1. 청구범위에 기재된 발명이 속한 기술분야 본 발명은, 억세스 라우터 기반의 모바일 IPv6 패스트 핸드오버 방법에 관한 것임. 2. 발명이 해결하려고 하는 기술적 과제 본 발명은, 모바일 IPv6에서 패스트 핸드오버를 위하여 레이어 2 정보를 간단하고 효율적으로 이용하여 이동 탐지(movement detection)를 신속히 하고, 추가적으로 많은 메시들의 동작 과정 없이 이동 단말이 아닌 억세스 라우터에서 CoA를 생성함으로써 억세스 라우터 기반의 모바일 IPv6 패스트 핸드오버 방법을 제공하는데 그 목적이 있음. 3. 발명의 해결방법의 요지 본 발명은, 모바일 IPv6 패스트 핸드오버(Fast Handover for Mobile IPv6) 방법에 있어서, 이동 단말이 레이어 2 영역에서 이동한 경우에 수정된 RS(Router Solicitation) 메시지를 억세스 라우터로 전송하는 단계; 억세스 라우터가 상기 이동 단말이 전송한 수정된 RS 메시지를 이용하여 이동 단말이 레이어 3 영역에서 이동(Movement)되었는지를 판단하는 단계; 상기 판단 결과, 이동 단말이 레이어 3 영역에서 이동되었으면 억세스 라우터가 이동 단말의 새로운 CoA를 생성하는 단계; 억세스 라우터가 상기 생성한 CoA의 유일성(uniqueness)를 검사하기 위하여 DAD(Duplicate Address Detection) 과정을 수행하는 단계; 및 억세스 라우터가 상기 이동 단말이 전송한 수정된 RS 메시지에 상응하는 수정된 RA(Router Advertisement) 메시지를 이동 단말로 전송하는 단계를 포함함. 4. 발명의 중요한 용도 본 발명은 모바일 IP 시스템 등에 이용됨. 모바일 IP, IPv6, 패스트 핸드오버(Fast Handover), IETF, Movement detection, CoA (Care-of Address) configuration, Binding update
Abstract:
본 발명에 따라 IPv6 호스트 장치, IPv4 in IPv6 터널링을 수행하는 동적 터널링 인터페이스(Dynamic Tunneling Interface:DTI) 장치, IPv4 in IPv6 터널링을 수행하는 방법이 개시된다. 본 발명에 따른 IPv6 호스트 장치는 DSTM에 의한 IPv4 주소 요청 시점을 결정하도록 응용에 의한 IPv4 소켓 통신 함수를 가로채는 계층화된 서비스 프로바이더(Layered Service Provider:LSP) 형태의 어드레스 트리거를 포함한다. 이와 같은 본 발명에 의하면, 윈도우 기반 운영환경을 가진 IPv6 호스트에서 윈도우 운영환경이 제공하는 TCP/IP 프로토콜 스택의 수정 없이, DSTM Port Range를 효과적으로 적용할 수 있다.