VPN (virtual private network) authority control method and device

A technology of authority control and authority control list, which is applied in the direction of data exchange, electrical components, and transmission systems through path configuration, which can solve the problems of inconspicuous performance consumption, cost, and performance waste, and achieve the effect of saving a lot of resource consumption

Inactive Publication Date: 2013-01-30
HANGZHOU DPTECH TECH
View PDF4 Cites 17 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

For the SSL VPN gateway, every packet has to go through such a process, which seriously consumes the performance of the server
The server can use certain algorithms such as the HASH table method to speed up the determination of the validity of the message, but this does not significantly improve the performance consumption, because these algorithms themselves also consume resources, etc.
Moreover, when many users want to access the intranet server without authorization, a large number of illegal packets arrive at the server, and the server needs to spend a lot of performance to decrypt the packets, judge the permissions, and finally discard the packets, which is a serious waste of performance.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • VPN (virtual private network) authority control method and device
  • VPN (virtual private network) authority control method and device
  • VPN (virtual private network) authority control method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0019] The present invention will be further described in detail below in conjunction with the accompanying drawings and by taking computer program implementation as an example.

[0020] Please refer to figure 2 , The VPN authority control device of the present invention includes a network interface, a VPN processing unit, a authority control unit, a routing processing unit, and an IP processing unit. It should be noted that the division here is only a logical division, which is set for the convenience of subsequent description. The popular SSLVPN is used as an example below. The implementation principles of other similar VPN technologies are the same, so we won’t go into details one by one. In one embodiment of the present invention, implementing permission control includes the following processing flow:

[0021] Step 101, the VPN processing unit of the user host establishes an SSL VPN tunnel connection with the VPN server, and receives the Active control from the VPN serv...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a VPN (virtual private network) authority control method which is applied to a subscriber's main station and includes A, establishing tunnel connection with a service terminal; B, acquiring an intranet IP(internet protocol) address from the VPN service terminal through a tunnel; C, acquiring an authority control list from the VPN service terminal through the tunnel; D, judging whether to allow a user message to pass or not according to the authority control list, if so, then allowing the user message to pass, and if not, then discarding the user message; and E, packaging the user message as a tunnel message, sending the tunnel message to the VPN service terminal through the tunnel, or receiving the tunnel message from the VPN service terminal and then restoring the same into the user message. By the VPN authority control method, processing resources of the subscriber's main station are utilized effectively, and excessive consumption of the resources for tunnel processing and authority control is avoided for the service terminal.

Description

technical field [0001] The invention relates to the authority control technology in network communication, especially the authority control method and device in VPN tunnel. Background technique [0002] The biggest advantage of SSL VPN technology based on B / S mode (also called web proxy technology) is that it can avoid client installation, and users can directly access the web resources of the VPN intranet with a browser. As information security shifts from simply focusing on network security to focusing on business-centric application security, the importance of remote secure access becomes increasingly apparent. SSL VPN protects specific applications without installing client software, and fine-grained access control, Features such as detailed auditing are superior in terms of ease of use, security, and management. Compared with other VPNs, SSL VPN has another outstanding function of authority control. SSL VPN can support user-based authority control. By assigning differ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L12/46
Inventor 李志
Owner HANGZHOU DPTECH TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap