A method for user access authentication

An access authentication and user technology, applied in user identity/authority verification, electrical components, transmission systems, etc., can solve problems such as poor user connectivity, different client programs, single-point bottlenecks and failures, and avoid waste, passwords, etc. The effect of delivering security and preventing attacks

What is AI technical title?
AI technical title is built by PatSnap AI team. It summarizes the technical point description of the patent document.
An access authentication and user technology, applied in user identity/authority verification, electrical components, transmission systems, etc., can solve problems such as poor user connectivity, different client programs, single-point bottlenecks and failures, and avoid waste, passwords, etc. The effect of delivering security and preventing attacks

CN101127600AInactive Publication Date: 2008-02-20HUAWEI TECH CO LTD

0 Cites 49 Cited by

Image

Smart Image Click on the blue labels to locate them in the text.

Viewing Examples

Smart Image

Examples

Experimental program

Comparison scheme

Effect test

Embodiment 1

[0117]In order to solve the security problem when transmitting user password (password), specific embodiment 1 of the present invention obtains random number (as challenge word: Challenge ID) from network side when user requests address, and user utilizes random number (Challenge ID) and The user password is encrypted, and the encrypted result is sent to the authentication server on the network side. The authentication server on the network side also uses the above random number and the stored user password to perform the same encryption operation, and compares the user password with the network side. The encrypted result is used to authenticate the user.

[0118] The user password is encrypted by using the random number provided by the network side to the user, and the same random number is also used to encrypt the user password on the network side (such as the authentication server side), and the user can use the network side only after the authentication is successful. The ...

Embodiment 2

[0147] As shown in Figure 4, the process for a user to perform Layer 3 authentication through DHCP includes:

[0148]1) The user equipment (that is, the DHCP client) obtains the user name and password of the user through user input. For example, a pop-up window can be displayed on the user equipment to prompt the user to input the user name and password. Of course, other alternative methods can also be used.

[0149] 2) The user equipment broadcasts and sends a DHCP Discover message, which carries the user ID and the password encrypted by the key (or certificate).

[0150] The key (or certificate) can be obtained through the network (Web, Ftp, etc.) after the user successfully accesses the network, or can be directly configured (or other out-of-band methods) or the Extensible Authentication Protocol (EAP) before the first startup. Obtained from the network side, the network side establishes the binding relationship between the key (or certificate) and the user while distributi...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine

Login to View More

PUM

Login to View More

Abstract

The utility model relates to a method for user access verifying, which comprises: during the access verifying process, the user sends a request to the network, which sends a random number back to the user; the user adopts the random number and the user password to perform the encryption calculating and transmits the encryption result to the network; the network adopts the random number and the stored user password to perform the same encryption calculating to verify the user; if the verification is passed, the user is accessed into the network through the IP address distributed by the DHCP server. The utility model has the advantages that the password transmission is safer, the waste of the IP address is avoided and the attack from the illegal user is also effectively avoided.

Description

technical field [0001] The invention relates to network security authentication technology, in particular to a user access authentication method. Background technique [0002] Dynamic Host Configuration Protocol (DHCP: Dynamic Host Configuration Protocol) is based on the client-server model, which can dynamically assign IP addresses and other configuration information to hosts on the network. Figure 1 details the process of the DHCP server dynamically assigning IP addresses to DHCP clients: [0003] (1) Discovery stage: the stage where the DHCP client (Client) searches for the DHCP server (Server). [0004] When the DHCP client logs into the network for the first time, it will broadcast a DHCP discovery (Discover) message to the network. [0005] (2) Provisioning stage: the stage in which the DHCP server provides an IP address. [0006] Each DHCP server with a free address sends a DHCP Offer (Offer) message in response to the DHCP Discover message. [0007] (3) Selection...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine

Login to View More

Application Information

Patent Timeline

20 Feb 2008

Publication

CN101127600A

IPC: H04L9/32

CPC: H04L61/2015; H04L29/12226; H04L63/083; H04L63/0428; H04L61/5014

Inventors: 管红光