WO2001047179 PREVENTION OF SPOOFING IN TELECOMMUNICATIONS SYSTEMS

Settings

Stemming

Single Family Member

Include NPL

Feedback

Goto Application

Publication Number WO/2001/047179

Publication Date 28.06.2001

International Application No. PCT/FI2000/001114

International Filing Date 19.12.2000

Chapter 2 Demand Filed 21.05.2001

IPC

View less classifications

CPC

View less classifications

Applicants

NOKIA CORPORATION [FI]/[FI] (AllExceptUS)
USKELA, Sami [FI]/[FI] (UsOnly)
JOKINEN, Hannu, T. [FI]/[FI] (UsOnly)

Inventors

USKELA, Sami
JOKINEN, Hannu, T.

Agents

KOLSTER OY AB

Priority Data

19992767

22.12.1999

Publication Language English (en)

Filing Language English (EN)

Designated States

View all

Title

(EN) PREVENTION OF SPOOFING IN TELECOMMUNICATIONS SYSTEMS

(FR) PREVENTION DE LA MYSTIFICATION DANS DES SYSTEMES DE TELECOMMUNICATION

Abstract

(EN) In a packet radio network a packet data address is activated for a terminal for transmitting data packets between the terminal and an external network. Information on the activated packet data address is stored at least in the edge nodes of the network. To prevent spoofing, i.e. misrepresentation of sender data, the method and network node of the invention comprise checking (206) in the node whether the source address of the packet transmitted from the terminal is the same as the packet data address used in the transmission of the packet or does the source address belong to a set of allowed packet data addresses. The packet is transmitted (207) from the node towards the destination address only if the addresses are identical or the source address belongs to the set of allowed packet data addresses.

(FR) Dan un réseau de radiocommunication à commutation par paquets, on active une adresse de paquets de données pour un terminal en vue de la transmission de paquets de données entre ledit terminal et un réseau extérieur. Sur l'adresse activée de données en paquets, l'information est stockée au moins dans les noeuds périphériques du réseau. Cette invention concerne une méthode et un noeud de réseau permettant d'écarter les risques de mystification, c'est-à-dire d'interprétation fausse des données envoyées. La démarche consiste à vérifier (206) au niveau du noeud que l'adresse source du paquet transmis depuis le terminal est bien la même que celle utilisée pour la transmission du paquet ou bien qu'elle fait partie d'un ensemble agréé d'adresses de données de paquets. La transmission (207) du paquet entre le noeud et l'adresse de destination ne se fait que si les adresses sont identiques ou que l'adresse source fait partie de l'ensemble agréé d'adresses susmentionné.

H	ELECTRICITY
04	ELECTRIC COMMUNICATION TECHNIQUE
L	TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
29	Arrangements, apparatus, circuits or systems, not covered by a single one of groups H04L1/-H04L27/136
02	Communication control; Communication processing
06	characterised by a protocol

H	ELECTRICITY
04	ELECTRIC COMMUNICATION TECHNIQUE
L	TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
29	Arrangements, apparatus, circuits or systems, not covered by a single one of groups H04L1/-H04L27/136
02	Communication control; Communication processing
06	characterised by a protocol
08	Transmission control procedure, e.g. data link level control procedure

H	ELECTRICITY
04	ELECTRIC COMMUNICATION TECHNIQUE
L	TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
29	Arrangements, apparatus, circuits or systems, not covered by a single one of groups H04L1/-H04L27/136
12	characterised by the data terminal

H	ELECTRICITY
04	ELECTRIC COMMUNICATION TECHNIQUE
W	WIRELESS COMMUNICATION NETWORKS
12	Security arrangements, e.g. access security or fraud detection; Authentication, e.g. verifying user identity or authorisation; Protecting privacy or anonymity
08	Access security

H	ELECTRICITY
04	ELECTRIC COMMUNICATION TECHNIQUE
W	WIRELESS COMMUNICATION NETWORKS
12	Security arrangements, e.g. access security or fraud detection; Authentication, e.g. verifying user identity or authorisation; Protecting privacy or anonymity
12	Fraud detection

Processing

National Phase Entries

Authority File

Settings

Feedback

Goto Application

1. WO2001047179 - PREVENTION OF SPOOFING IN TELECOMMUNICATIONS SYSTEMS

H	ELECTRICITY
04	ELECTRIC COMMUNICATION TECHNIQUE
L	TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63	Network architectures or network communication protocols for network security
14	for detecting or protecting against malicious traffic
1441	Countermeasures against malicious traffic
1466	Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks

H	ELECTRICITY
04	ELECTRIC COMMUNICATION TECHNIQUE
W	WIRELESS COMMUNICATION NETWORKS
12	Security arrangements; Authentication; Protecting privacy or anonymity
12	Detection or prevention of fraud
121	Wireless intrusion detection systems [WIDS]; Wireless intrusion prevention systems [WIPS]
122	Counter-measures against attacks; Protection against rogue devices

H	ELECTRICITY
04	ELECTRIC COMMUNICATION TECHNIQUE
L	TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63	Network architectures or network communication protocols for network security
14	for detecting or protecting against malicious traffic
1441	Countermeasures against malicious traffic
1466	Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks

H	ELECTRICITY
04	ELECTRIC COMMUNICATION TECHNIQUE
W	WIRELESS COMMUNICATION NETWORKS
12	Security arrangements; Authentication; Protecting privacy or anonymity
12	Detection or prevention of fraud
121	Wireless intrusion detection systems [WIDS]; Wireless intrusion prevention systems [WIPS]
122	Counter-measures against attacks; Protection against rogue devices