Method and device for enabling third generation (3G) user to safely access to network

A security access and network technology, applied in the field of 3G network, can solve problems such as reducing network access security

Active Publication Date: 2013-01-30
NEW H3C TECH CO LTD
View PDF3 Cites 13 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] From the above analysis, it can be seen that when the existing network is connected to the VPDN, the client can only send the user name, password and other information to the LNS for authentication through the PPP protocol, but cannot use it to identify whether the client can access The fixed information of the LNS, such as the device serial number (SN) information of the client and the International Mobile Subscriber Identity (IMSI) of the 3G UIM / SIM card, etc. Information, even if it does not use fixed information such as specified device SN information and 3G IMSI information, can also access the internal network of the enterprise, thereby reducing the security of network access

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for enabling third generation (3G) user to safely access to network
  • Method and device for enabling third generation (3G) user to safely access to network
  • Method and device for enabling third generation (3G) user to safely access to network

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0062] see image 3 , the present embodiment realizes the safe access network of 3G users through the mode of two-time dialing, and the specific working process includes the following steps:

[0063] Step 301: The LNS acquires information such as the LCP attribute, user name and password of the client in the VPDN call initiated by the client.

[0064] In this step, the VPDN call initiated by the client for the first time is actually completed through the LAC, specifically:

[0065] The client initiates a PPP connection establishment request to the LAC for Point-to-Point Protocol (PPP) LCP negotiation and authentication; when the LAC negotiates and authenticates the client, the LAC initiates a VPDN tunnel establishment request to the LNS. After the tunnel is established, the LAC sends the client The LCP attribute and user name of the client are sent to the LNS, and the LNS authenticates the client through the AAA server.

[0066] Step 302: Judging whether the acquired LCP att...

Embodiment 2

[0092] see Figure 5 , the present embodiment realizes the safe access network of 3G users by dialing once and performing PPP IPCP negotiation again, and the specific work flow includes:

[0093] Step 501: The LNS acquires information such as the LCP attribute, user name and password of the client in the VPDN call initiated by the client.

[0094] Same as step 301, in this step, the VPDN call initiated by the client for the first time is also completed through the LAC, specifically:

[0095] The client initiates a PPP connection establishment request to the LAC for PPP LCP negotiation and authentication. After the LAC negotiates and authenticates the client, the LAC initiates a VPDN tunnel establishment request to the LNS. After the tunnel is established, the LAC sends the client's PPP LCP and user name , password and other information to the LNS, and the LNS authenticates the client through the AAA server.

[0096] Step 502: Judging whether the acquired LCP attribute of the...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method and a device for enabling a third generation (3G) user to safely access to network. When a link control protocol (LCP) attribute and a user name of a client, which are acquired by layer 2 tunneling protocol network server (LNS), are acceptable, an temporary internet protocol (IP) address is selected from an established temporary IP address pool and distributed to the client, fixed information which is sent by the client and can verify the client identity is received, when the fixed information is received, the fixed information is correspondingly recorded with the user name and a password, the point-to-point protocol (PPP) connection with the client is disconnected to trigger the client to initiate a second time virtual private dial-up network (VPDN) call, the client is informed of the specified IP address which is distributed by authentication, authorization and accounting (AAA) server to the client according to the recorded fixed information, the user name and the password, or when the fixed information is received, the fixed information, the user name and the password are directly sent to the AAA server to verify the client, and after the client passes the authentication, the client is informed of the specified IP address which is distributed by the AAA server to the client. By means of the method and the device, the client can access to network only when the client is subjected to safety authentication by the LNS, and the safety of network access is improved.

Description

technical field [0001] The present application relates to the technical field of 3G networks, in particular to a method and equipment for realizing safe access of 3G users to the network. Background technique [0002] With the maturity of 3G network, users have more and more demand for 3G wireless applications. 3G network brings great convenience to users, and at the same time it is a good supplement to wired communication methods and improves network reliability. Among them, the more commonly used method of 3G access is virtual private dial-up network (VPDN) access, especially in finance and other industries with high security requirements. Operators assign specific user names and passwords to 3G users, and 3G users use this After the user name and password are connected to the network, the Layer 2 Tunneling Protocol Access Concentrator (LAC) of the operator's access device is responsible for establishing a Layer 2 Tunneling Protocol (L2TP) with the Enterprise Headquarters ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04W12/06H04W12/08H04L29/06H04L29/12
Inventor 刘雄威
Owner NEW H3C TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap