-
公开(公告)号:MY164093A
公开(公告)日:2017-11-30
申请号:MYPI2011005855
申请日:2011-12-02
Applicant: MIMOS BERHAD
Inventor: NORAZAH BINTI ABD AZIZ , SHARIPAH SETAPA , MOHD AMINUDIN MOHD KHALID , KILAUSURIA ABDULLAH
Abstract: THE SYSTEM AND METHOD OF THE PRESENT INVENTION PROPOSES AN EXTENSION TO THE IPSEC KEY EXCHANGE PROTOCOL BY ESTABLISHING PROPERTIES-BASED ATTESTATION USING KEY MANAGEMENT SERVICE. THE PRESENT INVENTION PROTECTS INTEGRITY BETWEEN NETWORK ENCRYPTOR OF SENDER-RECEIVER/GATEWAY TO GATEWAY PLATFORM MACHINE BY MEASURING PROPERTIES WHICH BUNDLES WITH IPSEC BASED VPN NETWORK. THE SYSTEM OF THE PRESENT INVENTION COMPRISING AT LEAST ONE SENDER AND RECEIVER PLATFORM; IPSEC COMPONENTS EXTENSION; A PLURALITY OF PROPERTIES OF REMOTE ATTESTATION MODULES (600); AT LEAST ONE SIGNER MECHANISM (602); AND AT LEAST ONE TPM (604). THE METHODOLOGY OF THE PRESENT INVENTION ESTABLISHES MUTUAL REMOTE ATTESTATION IN IPSEC BASED VPN BY OBTAINING AT LEAST ONE KEY MANAGEMENT SERVICE (KEYMS) MEASUREMENT VALUE TO CONFIGURE EACH KEYMS IN VPN (102); ESTABLISHING ATTESTATION IN KEYMS SESSION (104); SIGNING ENCAPSULATION SECURITY PROTOCOL (ESP) AUTHENTICATION HEADER (AH) PACKET WITH TPM CERTIFICATE (106); APPENDING SIGNATURE TO ESP AND AH PAYLOAD (108) AND VALIDATING ATTESTATION DATA BETWEEN GATEWAYS THROUGH TRUSTED THIRD PARTY (110). THE MOST ILLUSTRATIVE DRAWING IS
Search Results
1
records
(took 0.019 seconds)
