Title:
【発明の名称】ネットワークでパケットをフィルタリングするためにデジタル署名を使用する方法および装置
Document Type and Number:
Japanese Patent JP2002512487
Kind Code:
A
Abstract:
A method and apparatus for filtering packets uses digital signatures to filter packets in a network. A filter point, such as a router or firewall to an intranet, receives a packet including a header, detects the existence of a signature in the header, tests the validity of the signature using a public key, and forwards the packet in accordance with the validity of the signature. A sender uses a private key obtained from an owner to generate the signature, which is created by encrypting a fingerprint which corresponds to the data in the packet. Public keys are created by an owner which installs them in a domain name system or a certification server. Private keys are also created by the owner but are disseminated only to authorized senders. A method and apparatus for sending packets stores a private key in a memory of the data processor, generates a signature using the private key, installs the signature into a header of a packet; and sends the packet.
Inventors:
Gapta, Amit
Pearlman, Radia Jay
Pearlman, Radia Jay
Application Number:
JP2000545292A
Publication Date:
April 23, 2002
Filing Date:
March 22, 1999
Export Citation:
Assignee:
Sun Microsystems, Inc.
International Classes:
G06F21/00; G06F13/00; G06F21/64; H04L29/02; H04L29/06; (IPC1-7): H04L12/56; G06F13/00; G06F15/00; H04L12/18; H04L29/02
Attorney, Agent or Firm:
Masaki Yamakawa