Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Implementing authentication method and system

An authentication system and authentication information technology, applied in the direction of user identity/authority verification, etc., can solve the problems of user legitimacy verification, lack of user-to-network authentication capability, and inability to achieve two-way authentication between network and user.

Inactive Publication Date: 2010-02-17
HUAWEI TECH CO LTD
View PDF5 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0009] 1. Insufficient security: The identification of users in the existing technology relies on the binding relationship between the user and the access location. When the binding relationship is unreliable, the network cannot verify the legitimacy of the user, and the network is also vulnerable to attacks. Sex is not enough
[0010] 2. The two-way authentication between the network and the user cannot be realized: the existing technology can only realize the authentication of the network to the user, but does not have the ability of the user to authenticate the network
[0011] 3. The existing technology cannot support roaming: the existing technology binds the user to the access location port. When the user roams, the user cannot be effectively identified
Even if the DHCP authentication mechanism is added, when the user needs the local DHCP server to provide services in the roaming area, the network in the roaming area lacks the key shared with the user, and the network in the roaming area cannot effectively authenticate the user and assign addresses.
[0012] 4. It is difficult for the existing technology to support the re-authentication of users by the network: the RADIUS protocol does not support re-authentication, even if the protocol that supports re-authentication is replaced, such as the DIAMETER protocol, the user cannot re-enter Figure 4 The process shown, this is because DHCP RELAY has no mechanism to trigger re-allocation of addresses

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Implementing authentication method and system
  • Implementing authentication method and system
  • Implementing authentication method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0063] The present invention utilizes the DHCP authentication mechanism to solve the security problem and realize the authentication of the user to the network; at the same time, in order to solve the roaming problem, the shared key required by the DHCP authentication is used for the authentication of the user accessing the network, and the re-authentication is initiated through the DHCP network device, The DHCP mechanism can be effectively used to support re-authentication. At the same time, a cascading authentication relationship is formed between the authentication server-DHCP network equipment-DHCP CLIENT, and this relationship is used to complete the access authentication of the authentication server to the user. Because the present invention is based on the authentication of each user, the security is fully guaranteed.

[0064] The first embodiment provided by the present invention is the first method for realizing authentication. Its core is: after the DHCP network devi...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The utility model discloses an authentication method and a authentication system. The core thereof is that when the DHCP network equipment receives the DHCP message sent by the user, the authentication information for the user can be obtained through the interaction with the authentication server. Based on the information needed by the authentication client, the DHCP network equipment can conductthe DHCP authentication for the user. Also, the utility model provides another authentication method as well as a certified server, a DHCP network device and a user device. The utility model guarantees not only the user's safety, but also the network equipment's reliability. Meanwhile, based on the DHCP authentication mechanism, the user can conduct the network authentication. As the relay certified server is added, the user can be effectively certified. The authentication server can launch the re-authentication process, so that the network is supported to conduct the re-authentication for theuser.

Description

technical field [0001] The invention relates to the communication field, in particular to authentication technology. Background technique [0002] In order to ensure the access control of legal users, the network side needs to perform access authentication on users, and at the same time, it needs to assign corresponding IP addresses and related parameters to user equipment, so as to enable communication of user equipment. [0003] Before the authentication process, the user and the server share a key, and the process of authenticating the user terminal based on the RADIUS (RFC2865 Remote Authentication Dial In User Service) protocol is as follows: figure 1 As shown, the main idea is: the user initiates authentication, the server sends a challenge word to the user, the user calculates the challenge word based on the shared key, and returns the obtained authentication return value; the server performs the challenge word based on the shared key Perform calculations, and then c...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/32
Inventor 黄勇查敏
Owner HUAWEI TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products