首页>
外国专利>
AUTOMATIC NEGOTIATION SYSTEM AND A METHOD OF A SECURITY PROTOCOL, SPECIALLY WITH REGARDS TO NEGOTIATING THE SECURITY PROTOCOL WITH A SERVER OR OTHER NODE WITHIN A DOMAIN
AUTOMATIC NEGOTIATION SYSTEM AND A METHOD OF A SECURITY PROTOCOL, SPECIALLY WITH REGARDS TO NEGOTIATING THE SECURITY PROTOCOL WITH A SERVER OR OTHER NODE WITHIN A DOMAIN
展开▼
机译:自动协商系统和安全协议的方法,特别是与服务器或域内的其他节点协商安全协议
展开▼
页面导航
摘要
著录项
相似文献
摘要
A protocol negotiation platform permits a computer or other node lying outside of a security-enabled domain to negotiate a supported security protocol with a server or other node within that domain. Active Directory™, Kerberos and other secure network technologies permit agents or nodes within a domain to communicate securely with each other, using default, protocols and key, certificate or other authentication techniques. In the past external agents however had no transparent way to enter the domain, requiring the manual selection of protocols for use across the domain boundary. According to the invention either of an external agent or an internal agent may initiate an attempt to establish a secure session across the domain boundary, transmitting a request including a set of supported protocols to the recipient machine. A negotiation engine may then compare the available protocols on both of the agents, nodes or machines at either end of the session, and select a compatible protocol when found. The internal and external agents may likewise authenticate each other using a key, certificate or other mechanism.
展开▼
机译:协议协商平台允许位于启用安全性域之外的计算机或其他节点与该域内的服务器或其他节点协商受支持的安全协议。 Active Directory™,Kerberos和其他安全网络技术允许域中的代理或节点使用默认,协议和密钥,证书或其他身份验证技术彼此安全地通信。但是,在过去,外部代理没有透明的方式进入域,需要手动选择跨域边界使用的协议。根据本发明,外部代理或内部代理中的任何一个都可以发起尝试跨域边界建立安全会话的尝试,并将包括一组支持协议的请求发送给接收方机器。然后,协商引擎可以在会话任一端比较代理,节点或机器上的可用协议,并在找到时选择兼容协议。内部和外部代理同样可以使用密钥,证书或其他机制来相互认证。
展开▼