Method for authorizing user equipment migration and network access server

A technology for user equipment and network access, applied in the field of network security, can solve problems such as unfavorable system operation and potential safety hazards in processing processes, and achieve the effect of preventing forgery attacks and maintaining rights

Active Publication Date: 2014-09-03
NEW H3C TECH CO LTD
View PDF2 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0023] It is not difficult to see from the above analysis that there are serious security risks in the processing flow of the existing technology when the physical connection state of the user equipment changes, which is not conducive to the normal and stable operation of the system.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for authorizing user equipment migration and network access server
  • Method for authorizing user equipment migration and network access server
  • Method for authorizing user equipment migration and network access server

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0040]In this section of the detailed description, there is shown and described the preferred embodiment of the invention by way of illustration only of the best mode contemplated by the inventors for carrying out the invention. As will be realized, the invention may be modified in various obvious respects without departing from the invention. Accordingly, the drawings and description are to be regarded as illustrative in nature and not restrictive.

[0041] In order to prevent the forgery attack initiated by the attacker, in the technical solution of the present invention, when assigning the IPv6 address / prefix, record the correspondence between the assigned IPv6 address / prefix and the MAC address of the NAS accessed by the user equipment; After the physical connection migration of the user equipment occurs, check whether there is a user equipment using the IPv6 address / prefix under the original NAS according to the corresponding relationship. If it exists, refuse to generate...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method for user equipment authorization migration and a network access server, including recording the correspondence between the allocated IPv6 address / prefix and the MAC address of the NAS accessed by the user equipment; Then, according to the corresponding relationship, query whether there is a user equipment using the IPv6 address / prefix under the original NAS. If there is, refuse to generate a port binding entry; if not, generate a port binding entry on the currently accessed NAS. Set entry to allow user equipment to access. The technical solution of the present invention not only guarantees the security of the authorization migration after the physical connection migration of the legitimate user equipment occurs, but also can effectively prevent the forgery attack carried out by the illegal user equipment in this process.

Description

technical field [0001] The invention relates to network security technology, in particular to a method for authorized migration of user equipment and a network access server. Background technique [0002] The Dynamic Host Configuration Protocol for IPv6 (DHCPv6, Dynamic Host Configuration Protocol for IPv6) is a protocol designed for the IPv6 addressing scheme to assign IPv6 addresses and other network configuration parameters to hosts. DHCPv6 adopts the client / server communication mode. The user equipment submits a configuration request to the server, and the server returns corresponding configuration information such as the IPv6 address assigned to the user equipment, so as to realize the dynamic configuration of information such as IP addresses. [0003] see figure 1 , figure 1 It is a basic flow chart of a user equipment requesting an IPv6 address / prefix from a DHCP server through a Network Access Server (NAS, Network Access Server) and accessing a network in the prior...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L29/12H04L45/74
Inventor 林涛
Owner NEW H3C TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap