User re-authentication method and access controller

Abstract

The invention provides a user re-authentication method and an AC (Access Controller). The user re-authentication method comprises the following steps of determining an off-line reason of UE (User Equipment) at the time by the AC according to an off-line command of the UE, caching a first master key obtained in an authentication process by the UE at the same when the off-line reason is in the first type; obtaining a related request message from the UE by the AC; and carrying out four handshake processes between the AC and the UE by the AC through adopting the first master key to obtain a temporary key. The four handshake negotiations on the temporary key are carried out by the AC by adopting the cached first master key in the authentication process of the UE at the time, thus a negotiation process of the first master key is omitted, the authentication process is simplified, the authentication time is shortened, and the problems of heavy load of a client side, an authenticator and an authentication server, large system overhead and low access efficiency which are caused by frequent re-authentication processes are solved.

Description

technical field [0001] The present invention relates to communication technology, in particular to a user re-authentication method and an access controller (Access Controller, AC for short). Background technique [0002] In a wireless local area network (Wireless Local Area Networks, hereinafter referred to as WLAN), in order to strengthen the security control and operation and maintenance management of network resources, it is necessary to control user access through the user authentication process. In the 802.1X authentication system, the user equipment (UserEquipment, hereinafter referred to as: UE) acts as the supplicant, and the access point (AccessPoint, hereinafter referred to as: AP) or AC acts as the authenticator. The supplicant sends an authentication request message to the authenticator, and the authenticator Encapsulate and send the authentication request message to the authentication server, and the authentication server provides authentication services for the...

AI Technical Summary

Problems solved by technology

[0003] Since WLAN uses public electromagnetic waves as the transmission medium, after the client passes the authentication, the user's wireless link may be disconnected due to radio frequency environmental factors (such as too weak wireless signal, interference from other signal sources, and terminal power-saving strategies). On, so that the user goes offline. When the wireless link at the user's location is restored, the user needs to be re-authenticated to access network resources.

When the radio frequency condition of the wireless client is bad, the user's wireless link will be disconnected and restored frequently, which will cause the user to continuously re-authenticate, resulting in an excessive burden on the client, authenticator, and authentication server equipment, and system overhead. Large, low access efficiency

Images