| CPC H04L 63/029 (2013.01) [H04L 47/20 (2013.01); H04L 47/24 (2013.01); H04L 63/0236 (2013.01); H04L 63/0263 (2013.01); H04L 63/0272 (2013.01); H04L 63/0428 (2013.01); H04L 63/08 (2013.01); H04L 63/126 (2013.01)] | 9 Claims |
|
1. A terminal comprising:
a communication circuit;
a processor operatively connected to the communication circuit; and
a memory operatively connected to the processor and configured to store a target application and an access control application, wherein the memory stores instructions that cause, when executed by the processor, the terminal to:
detect a network access event for a destination network of the target application through the access control application;
determine whether data flow information corresponding to identification information of the target application and the destination network is present and generated from an external server, through the access control application;
perform authentication of a data flow based on authentication information included in the data flow information, through the access control application;
request the external server to confirm whether the authentication of the data flow is valid;
receive information from the external server to create a tunnel between the terminal and a gateway, and create a tunnel based on the information;
transmit a data packet using the tunnel, when the authentication of the data flow is confirmed to be valid and the tunnel exists between the terminal and the gateway, or drop the data packet when the data flow information is not present or the authentication of the data flow is not valid.
|