A method and device for secure access control based on user

A security access control and user technology, applied in the field of network information security, can solve problems such as inability to associate intranet users with people, poor usability, and inconvenient security management

Active Publication Date: 2007-12-12
奇安信网神信息技术(北京)股份有限公司
View PDF0 Cites 50 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] This kind of security rule configuration based on packet address, protocol, and port requires security administrators to understand professional network terms, which is not easy to use.
[0004] In this security rule setting and filtering method, the object of access control is information such as the IP address of the network data packet, which cannot be well associated with the intranet users who actually use the network, so that fine-grained authority management and access control cannot be set. After-event tracking of sec

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A method and device for secure access control based on user
  • A method and device for secure access control based on user

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0027] The technical scheme of the present invention will be described in further detail below in conjunction with accompanying drawing and embodiment:

[0028] Referring to Figure 1, this method of user-based security access control is implemented through programming, and the software implemented by programming runs on an industrial control firewall platform with multiple network interfaces. This device is generally installed in series on the enterprise network The location connected to the public Internet, while protecting the outside from illegal intrusion, strictly controls the access rights of internal users' external access.

[0029] The steps of the method are divided into two processes of configuration and packet processing, wherein: the steps of the configuration process are:

[0030] [1] In the security rules, first add a user name and password for each intranet user, then directly configure the destination addresses and services that each user can access, and set th...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method and device for safe access control based on user, and it extends the state list of firewall, adds the list option of user strategy in the firewall system, and the list of user strategy records the information of user. After the firewall receives the data packet, it adds the list of user security strategy according to original IP address, and then auto correlation process is done according to searching result to realize safe access control. The invention solves the problems of auto correlation without mounting the client software on terminal computer, and adds the user name and cipher based on WEB for user accessing external network, improves the easiness, security and convenience, and reaches the aims that the firewall system can manage the authority of fine grain and trace the secure event.

Description

technical field [0001] The invention relates to a user-based security access control method and device, belonging to the technical field of network information security. Background technique [0002] A firewall is a security access control device placed in the middle of the network data path to isolate the corporate intranet and extranet. The firewall receives data packets from the network interface, and searches for security rules based on the source, destination address, protocol type, and protocol port of the data packet. Security rules allow policy data packets to be forwarded, and other disallowed data packets are discarded, thus ensuring network security. With the popularization of informatization and networkization of daily production and management processes in various industries, and the occurrence of security incidents such as network vulnerabilities and attacks, the ease of use of firewall security rule management configuration and the expansion of security functi...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L9/00H04L12/46H04L12/56
Inventor 倪县乐刘建锋王刚肖为剑宋斌
Owner 奇安信网神信息技术(北京)股份有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap