On an intranet, there is a need to form various kinds of closed communication groups that protect significant information in departmental and/or individual bases. To satisfy this need, encryption elements realizing dosed communication groups require exact and complicated process information in which the processes of how to treat the received packets are specified. In general, this information is generated in a management server and downloaded to the encryption elements. However, by this method, the information must be regenerated and redownloaded to the encryption elements, every time the system configuration changes. In this paper, we propose the Dynamic Process Resolution Protocol, by which encryption elements generate the process information automatically from the logical definition of the closed communication groups for themselves, detecting the relationship of the locations among the encryption elements and the communication terminals. This method means that the function of generation of process information is split from the management server. This method imposes no work on the network manager when the system configuration changes if the logical definition does not change. Moreover, closed communication groups with free location are realized, that is, users who have the function of encryption elements can move anywhere in the intranet freely.
ASJC Scopus subject areas