Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Domainname-based unified identification mark and authentication method

A technology of identity authentication and authentication method, which is applied in the directions of user identity/authority verification, transmission system, digital transmission system, etc. It can solve problems such as interoperability difficulties, host mobile characteristics, protocol encryption characteristics, complex problems, and the inability to quickly determine the person in charge, etc. achieve good scalability

Inactive Publication Date: 2009-09-09
TSINGHUA UNIV
View PDF5 Cites 8 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] 1. Existing application systems independently use their own identification and authentication systems, making interoperability difficult
User identification is combined with specific application services. Various authentication systems can only operate independently. Users must perform multiple different authentications when accessing different network resources. There is a lack of a global and unified user identification and authentication mechanism.
[0006] 2. Existing various identity authentication systems can only verify whether users have access to network resources, but cannot track various behaviors of users
Under the existing security mechanism, when a network security incident occurs, various tracking systems can only locate the source address that caused the incident and cannot quickly determine the corresponding responsible person
[0007] With the vigorous promotion and application of the IPv6 protocol, the mobile characteristics of the host and the encryption characteristics of the protocol will also make the problem more complicated
The IP address of the host can be changed at any time, and the IP address will no longer be the external identification of the host. Through traditional firewalls and IDS (Intrusion Detection System), it is difficult to realize the identity authentication of the host and the control of user behavior. New attacks and Illegal means of access will follow

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Domainname-based unified identification mark and authentication method
  • Domainname-based unified identification mark and authentication method
  • Domainname-based unified identification mark and authentication method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0064] System structure such as figure 1 Shown: Two administrative domains A and B are shown. Each of these domains contains:

[0065] ● Identity authentication server;

[0066] ●Network access control server;

[0067] ●Domain name server.

[0068] ID

[0069] Aiming at the difficulty of memorizing and managing IPv6 addresses in the next generation Internet and various problems existing in the existing identity identification mechanism, the present invention proposes to use personal domain names to identify users.

[0070] Personal domain name PDN refers to a network-wide unique identity assigned to a user, which corresponds to the user's current IPv6 address and is used to address the user. A personal domain name takes the form of Username@Domainname similar to an email address, meaning that the user belongs to an administrative domain. After the user has successfully authenticated, the identity authentication server will register the corresponding relationship between ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention belongs to the field of Internet user identity identification and authentication, and is characterized in that it utilizes the good system structure design proposed by the next-generation Internet protocol IPv6, and expands the functions of the existing identity authentication system by combining with the secure domain name service to realize user identity and authentication. The current binding relationship of real IPv6 addresses provides more reliable security services for upper-layer applications. In the user management domain, there are: network access control server: through the triplet composed of the source MAC address of the user computer, the source IPv6 address and the port <mac,ipv6,port>To identify the registered user; identity authentication server: authenticate the user identity and set the corresponding access rights; the domain name server establishes the positive and negative correspondence between the user's personal domain name and IPv6 address. The present invention can provide multiple effective identity authentication means for the application of the Internet in the future, has good scalability and can adapt to the requirements brought by the application development of the Internet in the future.< / mac,ipv6,port>

Description

technical field [0001] The domain name-based unified identification and authentication method belongs to the field of Internet user identification and authentication, and requires users to confirm their identity and authority before requesting services. Background technique [0002] The identity mark is a symbol for the user to indicate his identity to the network service provider, and identity authentication is used to verify the legitimacy and validity of the user's identity mark. Before users access network resources, they should first be identified by the identity authentication system. The identity authentication server determines whether the user can access a certain network resource according to the user's identity and authorization database. It can be said that the identity authentication system is the first gateway of the entire network security system, and security services such as access control and auditing all rely on the user identity information provided by it...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/32H04L12/56H04L29/06H04L12/28H04L45/74
Inventor 吴建平段海新张洪付强
Owner TSINGHUA UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com