Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method for authenticating digital certificate user in SSL VPN

A user authentication, digital certificate technology, applied in user identity/authority verification, electrical components, transmission systems, etc.

Active Publication Date: 2011-02-02
北京神州数码云科信息技术有限公司
View PDF5 Cites 21 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The present invention proposes a method for authenticating digital certificate users in SSL VPN, which solves the problem of efficiently authorizing digital certificate user groups, especially in an application scenario involving a large number of users, efficiently authorizes digital certificate user groups authorization problem

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for authenticating digital certificate user in SSL VPN
  • Method for authenticating digital certificate user in SSL VPN
  • Method for authenticating digital certificate user in SSL VPN

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0024] The present invention will be further described below in conjunction with the accompanying drawings and embodiments.

[0025] The method of the invention combines users, digital certificates, roles and resources as a whole, and can form different user groups by configuring different digital certificate characteristic values ​​and mutual relations. The administrator does not need to configure users, and after the digital certificate authentication is passed, the user group based on the matching feature value can obtain the permission to access intranet resources. Specific steps are as follows:

[0026] The first step, configure the user group:

[0027] Establish a user group on the SSL VPN, and establish an association with the root certificate of the CA, and configure one or more characteristic values, and configure the relationship between the characteristic values, which are used for the CA with permission authority;

[0028] The configured CA root certificate and ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a method for authenticating a digital certificate user in an SSL VPN (secure socket layer, virtual private network). A user, a digital certificate, a role and a resource are combined to form a whole, and different user groups are formed by configuring different digital certificate characteristic values and correlations. The method comprises the following steps of: establishing a correlation among a user group, a CA (certification authority) certificate and a characteristic value on an SSL VPN gateway, and establishing a correlation between the user group and an internal network resource; receiving an authentication request of the certificate user and extracting certificate characteristic values by the SSL VPN gateway; and matching the configured user groups according to the user certificate characteristic values and authorizing the user with corresponding access authority by the SSL VPN gateway. According to the method, an administrator does not need to configure the users, and the user groups matched with the characteristic values acquire the authority for accessing the internal network resource after the digital certificate passes the authentication; and the method has simple operation and can solve the problem of efficiently authorizing the digital certificate user in an application scene comprising a large amount of users in particular.

Description

technical field [0001] The invention relates to the field of computer network security, in particular to a digital certificate authentication method for obtaining access rights in a virtual private network using a secure socket layer protocol. Background technique [0002] As a secure communication protocol, the "Secure Sockets Layer (SSL)" protocol ensures the confidentiality and integrity of data transmitted on the Internet by encrypting the entire session between computers. It can be automatically applied to each browser, and a digital certificate (CA) needs to be provided to the web server as an authentication method. And "Virtual Private Network (VPN)" is a point-to-point dedicated line established by enterprises or other groups through private tunnel technology in public network resources, which can ensure the confidentiality of data and has certain access control functions. The "SSL VPN" technology formed by combining the two can set up a network with a clear boundar...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L9/32H04L29/06
Inventor 巍元首
Owner 北京神州数码云科信息技术有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com