Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

Method and system for user authentication based on DHCP

A technology for user authentication and DHCP messages, applied in the field of user authentication based on DHCP, which can solve the problems of inability to realize security authentication, inability to meet the requirements of operability and management of communication networks, and inability to implement session authentication in IP-Session.

Inactive Publication Date: 2010-05-12
GLOBAL INNOVATION AGGREGATORS LLC
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

For the case where there are multiple subscribers under one physical line, or when the user changes the physical location and uses another physical user line (such as roaming, etc.), the security authentication based on the corresponding user identity cannot be realized, that is, IP-Session cannot be realized User identity-based session authentication
Therefore, it is currently unable to meet the operational and manageable requirements of the communication network

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and system for user authentication based on DHCP
  • Method and system for user authentication based on DHCP
  • Method and system for user authentication based on DHCP

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0068] In this embodiment, specifically, the association relationship between the subscriber identity identifier Subscriber-ID and the DHCP-Key (DHCP key) is statically established and configured in the entity on the network side, and then, the association relationship can be used to implement DHCP-based Authentication for users.

[0069] The specific implementation process of this embodiment is as follows: figure 2 shown, including:

[0070] Step 21: The DHCP client sends a DHCP discovery message to the DHCP Relay / Proxy, and the DHCP discovery message is sent to the DHCP server by the DHCP Relay / Proxy;

[0071] Step 22: After the DHCP server receives the DHCP discovery message, it will return a DHCP offer message to the DHCP Relay / Proxy, and the DHCP Relay / Proxy will continue to forward the message to the DHCP client;

[0072] In the DHCP provisioning message, it is necessary to transmit the DHCP-Key identification number Secret-ID (DHCP-Key identification) information, so...

Embodiment 2

[0079] In this embodiment, the association relationship between the subscriber identity identifier Subscriber-ID and the DHCP-Key is dynamically established and configured, that is, by dynamically establishing the association relationship in the DHCP process, after that, the association relationship established dynamically can be used The relationship realizes the association between the DHCP process and the authentication process for the user identity information of the logical user, that is, realizes the user identity authentication processing operation for the logical user based on DHCP.

[0080] The specific realization scheme of this embodiment is as image 3 As shown, it specifically includes the following steps:

[0081] Step 31: The DHCP client sends a DHCP discovery message to the DHCP Relay / Proxy, and carries the Subscriber-ID information of the user;

[0082] Step 32: After the DHCP Relay / Proxy receives the DHCP discovery message, it obtains the Subscriber-ID infor...

Embodiment 3

[0096]In this embodiment, the DHCP message is specifically extended so that the encrypted user identity authentication information, such as a challenge word and a challenge word response for identity authentication, is transmitted through the DHCP message, so as to implement authentication processing for the user based on DHCP.

[0097] The specific implementation process of this embodiment is as follows: Figure 4 As shown, it specifically includes the following processing procedures:

[0098] Step 41: The DHCP client sends a DHCP discovery message to the DHCP Relay / Proxy, and the message carries the Subscriber-ID information of the user;

[0099] Step 42: The DHCP Relay / Proxy of BNG obtains the Subscriber-ID information of the user from the forwarded DHCP message, and forwards the DHCP message to the DHCP server;

[0100] Step 43: The authentication client in the BNG obtains the Subscriber-ID from the DHCP Relay / Proxy, and sends an access request to the authentication serve...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a method and a system for realizing user authentication based on DHCP. The invention mainly includes that after detecting a DHCP-finding message delivered by a DHCP client, according to the user identity information carried by or correlated with the DHCP massage, a DHCP intermediate entity triggers the identity authentication processing operation for the user, and realizesthe user identity authentication for the user by the authentication processing operation. Because the invention uses the DHCP intermediate entity to trigger the authentication processing operation for the user, the identity authentication based on DHCP for all users using the same physical line is respectively realized by means of the invention, and also the identity authentication for the same user who uses the different physical lines at different physical positions is realized by means of the invention, so that the operation management for users can be realized based on DHCP in network. The invention can, based on DHCP, realize the identity authentication for users so as to meet the operation and management demand of communication network better.

Description

technical field [0001] The invention relates to the technical field of network communication, in particular to a method and system for realizing user authentication based on DHCP. Background technique [0002] In the network communication system, the concept of IP-Session (IP session) is proposed. The IP-Session is a session initiated by a user through a DHCP (Dynamic Host Configuration) protocol and identified by an IP-Address (IP address). [0003] Based on the operable and manageable requirements of the telecommunication network, it is necessary to be able to implement functions such as authentication, authorization, and accounting for business sessions in the network, that is, it is required to be able to perform security authentication, authorization, and accounting for IP-Session based on user identity . [0004] Currently, in the DHCP-based user authentication method, the user's physical line is associated with the user's identity. That is, the operator performs au...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/32H04L29/06
Inventor 宫小玉
Owner GLOBAL INNOVATION AGGREGATORS LLC
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com