331results about How to "Implement access control" patented technology

The present invention discloses a MME/UPE transfer method, applied to evolution networks, including: judging whether the current status of the source MME/UPE providing services for the UE before the transfer, satisfies the preset transfer conditions or not; selecting an object MME/UPE after the transfer when the transfer conditions are satisfied; establishing connections between the object MME/UPE and the current owned LTE-RAN entities of the transfered UE; executing the migration processes from the source MME/UPE to the object MME/UPE; establishing the connection in the order of the transfered UE, the said LTE-RAN entities, the said object MME/UPE and the IAS anchor points; releasing the connection between the source MME/UPE and the source services LTE-RAN entities of the UE before the transfer. Application of the present invention, can execute the services MME/UPE transfer to the presidial UE, because a MME/UPE load is heavier or the link has failures or other reasons, thus achieving the load balance of every MME/UPE to ensure the uninterrupted communications.

The invention relates to a wireless charging device and a charging method thereof, which are mainly used for charging electric equipment in an electromagnetic induction way by a wireless charging seat. The wireless charging sear is periodically started to judge whether the electric equipment enters an induction range or not; once the electric equipment enters the induction range, a transmission coil of the wireless charging seat transmits electromagnetic waves, a receiving coil of the electric equipment induces the electromagnetic waves to generate current and performs switching-on or switching-off according to a given built-in time sequence to relatively change the consumption current of the transmission coil in the wireless charging seat; and then the wireless charging seat judges the change time sequence of the consumption current is consistent with the built-in time sequence or not, and the transmission coil continuously charges the electric equipment if the change time sequence of the consumption current is consistent with the built-in time sequence, and stops charging the electric equipment if the change time sequence of the consumption current is inconsistent with the built-in time sequence. Therefore, the damages caused by different voltage designing of the wireless charging seat and the electric equipment are prevented, and safety in use is ensured.

The invention belongs to the technical field of medical data management, and relates to a medical record storage, sharing and security claim settlement model and method based on a block chain. Firstly, credible sharing of medical data of patients among medical institutions is achieved through the blockchain technology, and a lifelong medical record is established for the patients; based on a Hashchain type storage structure, the medical data cannot be tampered; secondly, an improved CP-ABE-based cryptographic primitive SHDPCPC-CP-ABE is proposed, security encryption and fine-grained access control on the medical data are realized, and a patient can conveniently and efficiently access and authorize a medical institution to read the medical data; and finally, a Paillier homomorphic encryption technology is utilized to realize safe medical insurance claim settlement, and the privacy of the patient is protected when the patient interacts with a third-party non-medical institution. According to the invention, security, confidentiality, reliability and integrity of medical data can be realized, and confidential sharing of private data is supported.

The invention discloses a user equipment (UE) access restriction method. The method comprises the following steps that: after receiving an access request of the UE, a network side carries position information of the UE when requesting policy and charging control (PCC) from a policy and charging rules function (PCRF); the PCRF determines whether the UE is in an allowable position area scope according to the position information of the UE and notifies the network side when the user equipment is not in an allowable position area scope; then the network side restricts the access of the UE. The invention also discloses a UE access restriction system for realizing the above method. In the invention, through carrying out access restriction management to the UE with a low mobility by a user plane network element, problems of mobility management and charging chaos caused by abnormal moving of the UE with the low mobility can be avoided. Simultaneously, the position information of the UE can be timely reported to a machine type communication (MTC) Server. And the MTC Server can timely process an abnormal mobile event of the UE.

The invention discloses a method for access control for realizing excellent access control. The method comprises the following steps: a core network control node receives session management request messages sent by a terminal; and the core network control node sends session management back-off timer messages to the terminal when the core network control node determines that the node is in an overload state. The invention further discloses a device for realizing the method.

The invention discloses a WLAN access control method and a WLAN access control device. The method comprises the steps that: when WLAN access equipment is in an access judgment state, an indicating terminal reports terminal information; a receiving terminal of the WLAN access equipment receives the terminal information reported according to indication, wherein the terminal information carries the current sending power information of the terminal; the WLAN access equipment determines the wireless link route loss of the terminal according to signal intensity when the terminal information is received and the sending power information in the terminal information; and the WLAN access equipment judges the access of the terminal according to the wireless link route loss and an access judgment threshold, and enters control treatment according to a judgment result. When the method and device are used, the security of WLAN access can be improved and access control operation can be simplified.

The Ethernet confirming access method is a wideband access method for computer network. The present invention adopts unique double web page server technology, and performs the access control and bandwidth limitation via the user access list operation. The unique forced entrance guard technology can re-orient the unauthorized user request imperatively. The present invention realizes the conformation, authorization, charge and bandwidth limitation of users via web page confirming process without needing any client end software, and this simplifies the user's operation, is independent with the user's operation platform and can operate simple and practically.

The invention discloses a trusted network access and access control system. The control system comprises a network access requester, a network access decision-maker and a network access controller. When the network access requester accesses to the network, platform identity authentication is carried out, and secure and trusted states of the requester are detected; the secure and trusted states are sent to the network access decision-maker, and the decision-maker judges the secure and trust level of the requester and gives a network access decision; the network access decision is sent to the network access controller, and the controller limits the requested network access. The invention further discloses a trusted network access and access control method. The control system carries out the platform identity authentication on the basis of TCM and ensures the network access control while avoids identity forging. Network areas are divided on the basis of a digital label technology and dynamically updated, network self-adaption is realized, and the access security of different logical areas is ensured. Secure and trusted strategies are configured, and combined with the TCM cryptographic algorithm, so that the security and credibility of the platform state of the requester are ensured.

The invention provides a Block chain-based method for accessing a power Internet of Things terminal, comprising the steps of: connecting a to-be-accessed power Internet of Things terminal to a masternode, and initiating an authentication request; the master node responding to the authentication request, and randomly selecting nodes that meet the condition of a threshold number from the block chain to form an authentication group; encrypting a public key G and an identity ID of the to-be-accessed power Internet of Things terminal by using a private key to obtain a digital signature ciphertextX, and sending the identity ID, a terminal public value R and the digital signature ciphertext X to the master node; the master node encapsulating and sending the authentication request information toa member node of the authentication group; the authentication group running PBFT consensus algorithm, and obtaining an authentication result by performing distributed authentication through two-two exchanging of the authentication information between the nodes of the authentication group; generating a new block in the block chain, and returning confirmation information to the to-be-accessed powerInternet of Things terminal; and the power Internet of Things terminal returning encrypted confirmation information to an access gateway. The block chain-based power Internet of Things terminal access method can improve the security and efficiency of authentication.

The invention discloses a virtual platform information security protection method. The method includes setting a virtual platform detection system, a virtual platform protection system and a virtual platform management system; acquiring network traffic, and performing host firewall security rule matching on the traffic through the virtual platform detection system; allowing a virtual interpreter to forward the matched traffic on the hypervisor layer of the virtual platform protection system, judging whether a set network access control strategy is met or not through a virtual platform protection layer after forwarding, and refusing to forward if the strategy is met; analyzing traffic information without limitation, when a traffic security strategy is not met, filtering the traffic. Compared with the prior art, the method had the advantages that the access control between virtual machines can be implemented; by means of QoS arrangement, VLAN classification and traffic filtering functions, the probability of malicious traffic communication can be reduced.

The invention discloses a wireless network media access control system and the channel parameter adjusting method of the system. The system comprises a base station and a terminal; the terminal comprises a measuring module used for measuring the downlink channel information and storing the channel information in the channel information table and a feedback module used for calculating the channel information statistical value, constructing the report message of the channel information and sending the feedback report message to the corresponding base station; the base station comprises a request module used for selecting a feedback mode, constructing the request message of the channel information and sending the request message to the terminal when the base station requests the terminal to send the current feedback channel information; the base station comprises a first adjustment module used for controlling the physical layer to adjust the downlink transmission power and a second adjustment module used for determining the power value needed to be adjusted of each terminal, storing the power adjusted value and the identification of the corresponding terminal in the uplink power adjustment table, counting the number of the terminals needed to be adjusted in power and adjusting the uplink transmission power of the corresponding terminal. The wireless network media access control system and the channel parameter adjusting method of the system make the wireless network media access control be well realized.

The invention relates to a method used for digital bus information releasing and group control and a device thereof. The technical measure comprises the following steps: a vehicle terminal system, an electronic station board system and a vehicle technical information management centre are arranged, the electronic station board system is the vehicle technical information management centre are connected into a bi-directional communication network by line link, the vehicle terminal system transmits the vehicle information to the electronic station board system in a wireless communication, the electronic station board system reports the information to the vehicle technical information management centre, the bus coming to station at each station can be found out by inquiring a database, the station arriving time of the bus is calculated according to experimental data including average running speed, average running time between the stations and the like, finally, the arriving time is fed back to the electronic station board system, and the arriving time is displayed to the waiting passengers in a digital way. The method can effectively solve the problems of bus reduction in city and dispatching, information releasing, passenger facilitation, intelligent management control and the like. Therefore, the method realizes intelligent bus dispatching.

A non-cooperation game resource allocating-based 3G (the third generation telecommunication) / WLAN (wireless local area network) heterogeneous network accessing control method belongs to the technology of a wireless heterogeneous network, and solves the problems such as low network effectiveness, unbalanced resource allocation in each area and low resource utilization rate in the existing heterogeneous network resource allocating and accessing control. The method comprises the steps of establishing a 3G/WLAN non-cooperation game model to obtain an effectiveness expression of the WCDMA (wideband code division multiple access), the TD-SCDMA (time division-synchronization code division multiple access) and the CDMA (code division multiple access) 2000, solving the non-cooperation game Nash equilibrium solution of the three networks as the optimal time solution of the total network effectiveness in the whole service area and proving the uniqueness of the Nash equilibrium. The bandwidth in each covering range is obtained according to the allocating result of the CDMA, TD-SCDMA and the CDMA2000 network game sources, the rest bandwidths of the WCDMA, TD-SCDMA, the CDMA2000 and the WLAN network are computed, the accessing of a new user and the switching of the user in the network are judged and the method is suitable for the field of the wireless heterogeneous network.

The invention relates to an access control method and system of a self-adaptation cloud computing environment virtual security domain. The access control method of the self-adaptation cloud computing environment virtual security domain comprises the steps of (1) deploying a virtual security gateway device on a virtual machine management layer, carrying out interaction with a cloud security policy sync center in a cloud computing environment through the virtual security gateway device to obtain security policy information, monitoring a network communication behavior of a virtual machine on the virtual machine management layer according to a security policy, directly carrying out access control on network communication data packets inside the same physical machine, and (2) adding a security control packet to a network communication data packet across the physical machine, and carrying out self-adaptation access control across the physical machine through the security control packet and a security feedback packet which contains access control policy dynamic-adjustment information. The access control method and system of the self-adaptation cloud computing environment virtual security domain can achieve the function of carrying out fine-grained access control on communication among different virtual machines on the same physical machine or different physical machines, an access control policy can be adjusted in a dynamic mode, and access control over the self-adaptation cloud computing environment virtual security domain can be achieved.

The invention relates to a system and method for multilevel cross-domain access control in case of a multilevel administrative domain. The cross-domain access control is realized through a multilevel-role-based mapping mechanism; the method is realized based on all cross-domain access centers deployed in the entire country and provincial levels; the cross-domain access centers provide cross-domain role application and query services; and administrators can administrate all cross-domain access centers. The method comprises two steps of authorizing the cross-domain access control and carrying out access control on cross-domain access behaviors of users according to the authorization, wherein the authorizing of the cross-domain access control comprises the step of establishing corresponding cross-domain roles in related cross-domain access centers, and the control on user access comprises the steps of obtaining the access authority of cross-domain subjects to objects according to the mapping relationship between the cross-domain roles and domains where the subjects and the objects are located, and carrying out control by the domains where the objects are located. The system and the method are used for administrating the cross-domain access of three levels, i.e. a national level, a provincial level and a municipal level, in a security service platform, so that the cross-domain access control has the characteristics of self-government administration, user transparency and convenience in extension.

The embodiment of the invention discloses a system for achieving wireless resource management in a multi-system communication network and a method thereof. The system provided by the embodiment of the invention comprises a wireless resource management unit and a CRRM unit of a plurality of different single systems, wherein, the wireless resource management unit is used for reporting wireless resource information of each single system communication network to the CRRM unit and the CRRM unit is used for centralized management of wireless resources of the multi-system communication network on the basis of the wireless resource information. According to the provided proposal of each embodiment of the invention, the centralized management of wireless resources of the multi-system communication network is achieved by introducing the CRRM unit to the multi-system communication network; loading conditions and system operation state of the multi-system communication network can be completely controlled; real-time control and integrated optimization of the wireless resources of the multi-system communication network can be realized, thus making the best use of the wireless resources of the multi-system communication network and protecting investment of operators.

The invention provides an electronic evidence obtaining device and method based on a block chain in an Internet-of-Vehicles environment. The method comprises the following steps of S10, offline registration, S20, vehicle online identity registration, S30, real-time evidence storage and S40, query and evidence obtaining. According to the electronic evidence obtaining device and method based on theblock chain in the Internet-of-Vehicles environment, the block chain technology is used for traffic accident electronic evidence obtaining, the integrity, non-repudiation and permanence of evidence are guaranteed through the characteristics of block chain distributed data storage and the like, many problems of traditional traffic accident evidence obtaining are solved, and the evidence obtaining efficiency is high.

The invention relates to an access control method for distributed storage under a cloud environment. The method adopts an HDFS distributed file system of a Hadoop cluster to serve as a basic cloud storage system, and a safe access control function is added on the basis of the basic cloud storage system. An access control technology in the cloud storage system is broken through via Ranger, and a fine-grained access control authorization system based on a role is built, so that the cloud storage system can reliably support operations of effective isolation and integrity protection on different levels or types of information of multiple users, and isolation of cloud data can be achieved. Access control to a specific data node in the cloud storage system is achieved via Kerberos, and an access control problem in the Hadoop cluster, and between a client and a management node, between the management node and the data node and between the data nodes is solved.

The invention discloses a method and a system for sharing an anonymous resource, which belong to the technical field of computer information. The method for sharing the resource comprises the following steps that: a resource provider initiates a resource publishing request to a resource management server; the resource management server performs an anonymous authentication on the request; the resource provider generates a resource acquisition strategy, uses the resource acquisition strategy as a cipher key to encrypt the resource, and sends the acquisition strategy and the encrypted resource to the resource management server; the resource management server stores a binary group and releases resource description information; a resource acquirer retrieves the resource description information and initiates a resource acquisition request; the resource management server performs the anonymous authentication on the resource acquirer; and the resource acquirer acquires and decrypts the resource after acquiring a strategy verification. The invention also discloses a system sharing the resource, which corresponds to the method. The method and the system can be used for computer information technical application such as network resource sharing and the like.

The embodiment of the invention provides a secure publishing and subscribing system and method based on a block chain technology. The system comprises a key server, a message subscribing client, a message publishing server and a block chain comprising a plurality of block chain nodes, the method comprises the following steps: receiving a ciphertext and an encryption tag sent by a message publishing server; receiving an attribute value, a trap door value and a pre-decryption key sent by the subscription client; verifying whether the ciphertext is matched with the attribute value or not; if yes,verifying whether the encryption tag is matched with the trap door value or not; if so, pre-decrypting the ciphertext by using the pre-decryption key to obtain a pre-decrypted ciphertext; and sendingthe pre-decrypted ciphertext to the message subscription client, so that the message subscription client decrypts to obtain a subscription message. According to the embodiment of the invention, the security of the stored data in the publishing and subscribing system can be improved.

The invention discloses a deterministic cloud data deleting method based on sampling and fragmenting of a cryptograph. The method mainly solves the problems that the fine granularity of access control is low and the safety is low in the prior art. The method comprises implementation steps that (1) a data owner carries out sampling and fragmenting on the cryptograph to generate a sampling cryptograph and a residual cryptograph, and the sampling cryptograph and the residual cryptograph are sent to a credible third-party mechanism and a could service provider respectively; (2) a file secret key is shared by a plurality of users in a cloud storage environment; (3) when an authorized user accesses the cloud data, the credible third-party mechanism merges the cryptograph of a file, and the authorized user decrypts the cryptograph of the file; (4) the cryptograph sampling and fragmenting technology is adopted to prevent the cloud service provider from acquiring the integrated cryptograph of the file, the credible third-party mechanism destroys the sampling cryptograph, and then deterministic data deleting is achieved. By means of the method, real-time deterministic deleting of data in cloud storage services can be achieved, and the privacy of user data can be improved. The method can be used for guaranteeing safe access of the user data in the cloud storage mode.

The invention provides a smart-phone-based webpage access control method, a smart-phone-based webpage access control system and a smart phone. The method comprises the following steps that: the smart phone receives a network access request comprising a website from a user; the smart phone judges whether the user is permitted to access the website or not according to the website and a locally pre-stored website information list, and transmits the network access request to a corresponding content provider server if the user is permitted to access the website; and the smart phone receives webpage information returned by the content provider server, and displays the webpage information to the user. By the smart-phone-based webpage access control method, the smart-phone-based webpage access control system and the smart phone, the smart phone can control the access of the user, the security of network access is ensured, and the invasion and harassment of spam websites can be avoided.