Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

A method and device for secure access control based on user

A security access control and user technology, applied in the field of network information security, can solve problems such as inability to associate intranet users with people, poor usability, and inconvenient security management

Active Publication Date: 2007-12-12
奇安信网神信息技术(北京)股份有限公司
View PDF0 Cites 50 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] This kind of security rule configuration based on packet address, protocol, and port requires security administrators to understand professional network terms, which is not easy to use.
[0004] In this security rule setting and filtering method, the object of access control is information such as the IP address of the network data packet, which cannot be well associated with the intranet users who actually use the network, so that fine-grained authority management and access control cannot be set. After-event tracking of security incidents
[0005] The method of statically binding the IP address to the user or the MAC address of the user's computer hardware is simple. In actual use, since the user can change his IP address without being controlled by the firewall, or the user changes the computer, etc., it brings security management advantages. inconvenience
[0006] The user authentication technology extended by the existing firewall needs to install the security client software on the terminal computer of each intranet user, which is inconvenient to use

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A method and device for secure access control based on user
  • A method and device for secure access control based on user

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0027] The technical scheme of the present invention will be described in further detail below in conjunction with accompanying drawing and embodiment:

[0028] Referring to Figure 1, this method of user-based security access control is implemented through programming, and the software implemented by programming runs on an industrial control firewall platform with multiple network interfaces. This device is generally installed in series on the enterprise network The location connected to the public Internet, while protecting the outside from illegal intrusion, strictly controls the access rights of internal users' external access.

[0029] The steps of the method are divided into two processes of configuration and packet processing, wherein: the steps of the configuration process are:

[0030] [1] In the security rules, first add a user name and password for each intranet user, then directly configure the destination addresses and services that each user can access, and set th...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method and device for safe access control based on user, and it extends the state list of firewall, adds the list option of user strategy in the firewall system, and the list of user strategy records the information of user. After the firewall receives the data packet, it adds the list of user security strategy according to original IP address, and then auto correlation process is done according to searching result to realize safe access control. The invention solves the problems of auto correlation without mounting the client software on terminal computer, and adds the user name and cipher based on WEB for user accessing external network, improves the easiness, security and convenience, and reaches the aims that the firewall system can manage the authority of fine grain and trace the secure event.

Description

technical field [0001] The invention relates to a user-based security access control method and device, belonging to the technical field of network information security. Background technique [0002] A firewall is a security access control device placed in the middle of the network data path to isolate the corporate intranet and extranet. The firewall receives data packets from the network interface, and searches for security rules based on the source, destination address, protocol type, and protocol port of the data packet. Security rules allow policy data packets to be forwarded, and other disallowed data packets are discarded, thus ensuring network security. With the popularization of informatization and networkization of daily production and management processes in various industries, and the occurrence of security incidents such as network vulnerabilities and attacks, the ease of use of firewall security rule management configuration and the expansion of security functi...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L9/00H04L12/46H04L12/56
Inventor 倪县乐刘建锋王刚肖为剑宋斌
Owner 奇安信网神信息技术(北京)股份有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com