Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method and system for controlling access right of internet users

A technology of access rights and control methods, which is applied in transmission systems, electrical components, etc., can solve the problems of inability to realize fine control of user rights, coarse access rights, and inability of user terminals to access resources, etc., to achieve safe and convenient access methods, Realize the effect of fine control

Inactive Publication Date: 2012-04-04
北京神州数码云科信息技术有限公司
View PDF4 Cites 14 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The current 802.1x authentication has such a defect that the user terminal cannot access any resources before authentication, and can access all resources after passing the authentication. state, and this kind of access authority is too coarse to realize fine-grained control of user authority

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and system for controlling access right of internet users
  • Method and system for controlling access right of internet users
  • Method and system for controlling access right of internet users

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0029] In order to describe the technical content, achieved objectives and effects of the present invention in detail, the following will be described in detail in conjunction with the implementation methods and accompanying drawings.

[0030]The technical principle of the present invention: the present invention utilizes the DHCPv6 Snooping module to add Option 38 information when monitoring the DHCP v6 request of the user terminal, and when the user terminal obtains the address successfully and passes the authentication, the Radius server sends the Option 38 of the user through a message Authentication information. After the user terminal is successfully authenticated, the 802.1x module re-applies for an address. The DHCPv6 Snooping module adds the authenticated Option 38 information to the DHCPv6 request. The DHCPv6 server assigns another address to the user according to the authenticated Option 38 information. Layer switches are configured with hardware ACL entries, which l...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method and a system for controlling access right of internet users; when a user terminal applies IP (internet protocol) for DHCPv6 (Dynamic Host Configuration Protocol version 6) server, different Option 38 information is additionally added in a DHCPv6 request according to a 802.1x authenticated state of the user, the DHCPv6 server distributes IPv6 address after matching Option 38 information, and the user terminal accesses a network through access right configured by a switchboard on a convergence layer according to different IPv6 addresses obtained before and after authentication. In the invention, by utilizing the convenience of the DHCPv6 and a safety certificate mechanism of the 802.1x, an illegal user terminal is prevented from accessing the network and the right of a legal terminal user can be precisely controlled after the legal terminal user passes through the authentication.

Description

technical field [0001] The invention relates to the field of computer data communication, in particular to a method and system for controlling access rights of Internet users. Background technique [0002] In a broadband network, if a user terminal sends a network access request, the server responsible for IP address allocation in the network will assign an Internet (IP) address to the user terminal that sends the network access request, so that the user terminal can access the network. At present, the servers participating in the user terminal network access in the broadband network are all DHCPv6 servers and DHCPv6 relay servers using the standard DHCP protocol. DHCPv6 (Dynamic Host Configuration Protocol Version 6, Dynamic Host Configuration Protocol Version 6) is a protocol for dynamically assigning IPv6 addresses, which is widely used in various IPv6 networks. When the user terminal accesses the network, the user terminal first sends a DHCP request message to the DHCPv...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06H04L29/12
Inventor 梁小冰
Owner 北京神州数码云科信息技术有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com