-
1.发明授权System and method for secure cloud service delivery with prioritized services in a network environment 有权用于在网络环境中优先化服务的安全云服务传送的系统和方法公开(公告)号:US09444789B2
公开(公告)日:2016-09-13
申请号:US14470497
申请日:2014-08-27
Applicant: CISCO TECHNOLOGY, INC.
Inventor: Sunil Cherukuri , Mohamed Khalid , Brian Cinque
CPC classification number: H04L63/0272 , H04L9/0838 , H04L41/0803 , H04L67/1002
Abstract: An example method includes receiving a request for a cloud capability set during an Internet Key Exchange negotiation associated with a virtual private network (VPN) tunnel between a subscriber and a cloud, wherein the cloud capability set comprises one or more cloud capabilities, mapping the request to one or more cryptographic modules that can support the cloud capability set, and offloading the VPN tunnel to the one or more cryptographic modules. The request can be an Internet Security Association and Key Management Protocol (ISAKMP) packet listing the one or more cloud capabilities in a private payload. The method may further include splitting the VPN tunnel between the cryptographic modules if no single cryptographic module can support substantially all the cloud capabilities in the cloud capability set. In some embodiments, the request is compared with a service catalog comprising authorized cloud capabilities.
Abstract translation: 示例性方法包括在与订户和云之间的虚拟专用网(VPN)隧道相关联的因特网密钥交换协商期间接收对云能力集的请求,其中所述云能力集合包括一个或多个云能力,映射请求 到一个或多个可以支持云能力集合的加密模块,以及将VPN隧道卸载到一个或多个加密模块。 该请求可以是列出私有有效载荷中的一个或多个云能力的因特网安全关联和密钥管理协议(ISAKMP)分组。 该方法还可以包括在加密模块之间分割VPN隧道,如果没有单个密码模块可以支持云能力集中的实质上所有的云能力。 在一些实施例中,该请求与包括授权云能力的服务目录进行比较。
-
2.发明申请SYSTEM AND METHOD FOR SECURE CLOUD SERVICE DELIVERY WITH PRIORITIZED SERVICES IN A NETWORK ENVIRONMENT 审中-公开系统和方法,用于在网络环境中安全优先服务提供的云服务公开(公告)号:US20140372761A1
公开(公告)日:2014-12-18
申请号:US14470497
申请日:2014-08-27
Applicant: CISCO TECHNOLOGY, INC.
Inventor: Sunil Cherukuri , Mohamed Khalid , Brian Cinque
CPC classification number: H04L63/0272 , H04L9/0838 , H04L41/0803 , H04L67/1002
Abstract: An example method includes receiving a request for a cloud capability set during an Internet Key Exchange negotiation associated with a virtual private network (VPN) tunnel between a subscriber and a cloud, wherein the cloud capability set comprises one or more cloud capabilities, mapping the request to one or more cryptographic modules that can support the cloud capability set, and offloading the VPN tunnel to the one or more cryptographic modules. The request can be an Internet Security Association and Key Management Protocol (ISAKMP) packet listing the one or more cloud capabilities in a private payload. The method may further include splitting the VPN tunnel between the cryptographic modules if no single cryptographic module can support substantially all the cloud capabilities in the cloud capability set. In some embodiments, the request is compared with a service catalog comprising authorized cloud capabilities.
Abstract translation: 示例性方法包括在与订户和云之间的虚拟专用网(VPN)隧道相关联的因特网密钥交换协商期间接收对云能力集的请求,其中所述云能力集合包括一个或多个云能力,映射请求 到一个或多个可以支持云能力集合的加密模块,以及将VPN隧道卸载到一个或多个加密模块。 该请求可以是列出私有有效载荷中的一个或多个云能力的因特网安全关联和密钥管理协议(ISAKMP)分组。 该方法还可以包括在加密模块之间分割VPN隧道,如果没有单个密码模块可以支持云能力集中的实质上所有的云能力。 在一些实施例中,该请求与包括授权云能力的服务目录进行比较。
-
Search Results
2
records
(took 0.018 seconds)
