Network access control method and system

Abstract

The invention relates to a network access control method and a system, and the method comprises the following steps: 1) an accessor REQ sends a access request message M1 to an access controller (AC); 2) the access controller (AC) constructs an access authentication request message M2 and then sends the M2 to the accessor REQ; 3) the accessor REQ constructs an identity authentication request message M3 and then sends the M3 to an authentication server (AS); 4) the authentication server (AS) constructs an identity authentication response message M4 and then sends the M4 to the accessor REQ; 5) the accessor REQ receives the M4 and then constructs an access authentication response message M5 and then sends the M5 to the access controller (AC); and 6) the access controller (AC) constructs an access response message M6 and then sends the M6 to the accessor REQ. The invention provides the access control method and the system capable of meeting the application requirement of carrying out access control on the accessor.

Description

Technical field [0001] The invention belongs to the network security application field in information security technology, and particularly relates to a network access control method and system. Background technique [0002] In the existing network access control method, usually after the visitor initiates an access request to the destination network, the access controller in the destination network completes the identification and authorization of the visitor, thereby realizing the access control of the visitor. In an access control scenario that requires a third party, such as an authentication server, to participate in identity authentication, the access controller may not be able to directly connect with the authentication server due to the access controller itself or the destination network, and the authentication provided by the authentication server cannot be used directly. service. In this situation, the existing access control method in which the access controller direc...

AI Technical Summary

Problems solved by technology

In an access control scenario that requires a third party, such as an authentication server, to participate in identity authentication, the access controller may not be able to directly connect to the authentication server due to the access controller itself or the destination network, resulting in the inability to directly use the authentication provided by the authentication server. Serve

In this case, the existing access control method, which is directly connected to the access controller and uses the authentication server to provide authentication services, cannot meet the actual application requirements of access control for visitors.

Images