Method and system for controlling user access

An access control and access control strategy technology, applied in the field of network communication, can solve problems such as increased failure rate, implementation trouble, double login, etc., to achieve the effect of reducing pressure, simple configuration, and avoiding trouble

Inactive Publication Date: 2009-06-24
NEW H3C TECH CO LTD
View PDF0 Cites 36 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, this method needs to configure user authentication information on the control gateway to manage users, but usually the CPU processing capacity of the network device is weak. The pressure will cause the configuration of the control gateway to be complicated, the failu

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and system for controlling user access
  • Method and system for controlling user access
  • Method and system for controlling user access

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0024] Embodiment one: for such as figure 2 In the networking structure of the Remote Authentication Dial In User Service (RADIUS) shown in FIG. Correspondence with access control policies. The implementation process of this method can be as follows image 3 shown, including the following steps:

[0025] Step 301: the user sends an authentication request to the authentication device through the terminal used.

[0026] The authentication request sent by the terminal in this step may be an 802.1X authentication request or a portal (Portal) authentication request, and the authentication request may include user information and IP address information of the terminal. For example, the user can enter user information such as user name, login ID, or user password through the Portal page pushed by the authentication device.

[0027] Alternatively, the authentication request only includes user information and the MAC address information of the terminal, and the authentication devi...

Embodiment 2

[0042] Embodiment two: for Figure 4 In the domain login authentication network structure shown, a packet analysis device and a policy management device are also set in the network. Wherein, the corresponding relationship between user information and access control policies is pre-configured in the policy management device. The implementation process of this method can be as follows Figure 5 shown, including the following steps:

[0043] Step 501: the user sends a domain login request including user information and terminal IP address information to the domain controller through the terminal used.

[0044] Step 502: After receiving the domain login request, the domain controller uses the user information in the domain login request to perform authentication, and the domain login request is redirected to the packet analysis device by the front-end switch.

[0045] A mirror port can be pre-configured on the front-end switch connected to the domain controller and the message ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a user access control method and a system thereof. A message analyzing device and a strategy management device are accessed in the network in advance, and the corresponding relation of user information and access control strategy is deployed in the strategy management device; the message analyzing device acquires the user information and the IP address information of the terminal used by the user when the user logs on, and sends the user information and the IP address information of the terminal used by the user to the strategy management device; the strategy management device confirms the access control strategy information corresponding to the received user information according to the deployed corresponding relation, and sends the confirmed access control strategy information and the IP address information of the terminal used by the user to a control gateway, so that the control gateway can make use of the access control strategy information to perform access control to the terminal used by the user. The user access control method and the system thereof can realize user access control more easily and exert no pressure to the control gateway.

Description

technical field [0001] The invention relates to network communication technology, in particular to a method and system for controlling user access. Background technique [0002] With the rapid development of Internet technology, various Internet applications emerge in endlessly, which bring great convenience to our work and life, but at the same time also bring some negative effects. For example, the use of peer-to-peer (P2P, Point to Point) applications by employees in the enterprise network will occupy a large amount of network resources, which not only puts pressure on the capacity of the enterprise network, but also seriously affects the legitimate applications of other employees; instant messaging, online stock trading, Although online shopping and other online behaviors do not occupy much network resources, it will reduce the work efficiency of employees; access to illegal websites is prone to infection with viruses and worms, causing damage to the corporate network; u...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06
Inventor 乔肖桉
Owner NEW H3C TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap