Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method for controlling network access based on identification in IP (Internet Protocol) protocol

An IP protocol and control network technology, applied in data exchange network, digital transmission system, electrical components, etc., can solve the problems of long identification time, long identification time, inability to identify whether the terminal computer is legal, etc., to achieve fast identification, Judging the effect of short time

Active Publication Date: 2012-12-26
三六零数字安全科技集团有限公司
View PDF4 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, this technique has two obvious disadvantages. One is that the discrimination time is longer.
The method of this technology to judge the legitimacy of the terminal computer is realized by comparing the IP addresses in the legal list. The larger the scale of the LAN, the more content in the legal list and the more times of comparison. Second, when a NAT address translation device (network address translation device) is set between the terminal computer and the network security control server, the network security control server cannot identify whether the terminal computer is legal or not.
After the TCP data packet sent by the terminal computer to the designated network passes through the NAT address translation device, the source IP address of the TCP data packet (that is, the IP address of the terminal computer) is converted into a NATIP address (that is, the IP address specified by the NAT address translation device), The source port of the TCP data packet (that is, the port of the terminal computer) is converted into a NAT port. After the network security control server receives the TCP data packet, it cannot distinguish which terminal computer sent it by identifying the IP address of the terminal computer, so it cannot Identify whether the terminal computer is legitimate

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for controlling network access based on identification in IP (Internet Protocol) protocol
  • Method for controlling network access based on identification in IP (Internet Protocol) protocol

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0036] In this embodiment, the terminal computer 1 is installed with the corresponding terminal software, so it is a legal terminal computer, and the terminal computer 2 is not installed with the corresponding terminal software, so it is an illegal terminal computer;

[0037] The method for controlling network access based on the identification in the IP protocol of the present invention comprises the following steps:

[0038] a. The network security control server randomly generates a new key every set interval:

[0039] In this embodiment, the interval time is set to be one minute;

[0040] The new key 123 and the old key 100 were previously generated and stored in the network security control server. At this time, a new key 456 is randomly generated, and the original new key 123 is saved as the old key, and the newly generated new key 456 is stored as a new key. At this time, the current new key is 456, and the current old key is 123. The new and old keys are used to decry...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method for controlling network access based on identification in an IP protocol. The method comprises the following steps: encrypting the identification in the IP protocol in a legal terminal computer network data packet; and deciphering the identification in the IP protocol in the network data packet received by a network safety control server, so that the network safety controller can accurately and quickly identify the legality of the terminal computer, thereby solving a problem that the network safety control server cannot judge the legality of the terminal computer when an NAT (Network Address Translator) is arranged between the terminal computer and the network safety control server and the source IP address of the TCP (Transmission Control Protocol) data packet sent by the terminal computer is converted. The method can be widely applied to various network structures.

Description

technical field [0001] The invention relates to the technical field of network management, in particular to the technical field of control and management of a network security control server, in particular to a method for controlling network access based on an identifier in the IP protocol. Background technique [0002] With the continuous improvement of social informatization and the continuous expansion of enterprise scale, the number of computers in enterprises is increasing, and the requirements for terminal computer management are also getting higher and higher. In order to effectively manage terminal computers, a network security control server needs to be installed in the local area network, and the network security control server can be used to judge whether the terminal computers entering the network are legal. [0003] In the prior art, the network security control server judges whether the terminal computer is legal by identifying the IP address of the terminal co...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06H04L12/56
Inventor 张博金魁刘丹丹
Owner 三六零数字安全科技集团有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com