Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Trusted network access and access control system and method

A network access and access control technology, applied in transmission systems, digital transmission systems, secure communication devices, etc., can solve the problems of high resource occupation, inflexibility, and difficult deployment, so as to achieve network self-adaptation and avoid identity forgery , to ensure the effect of safety

Active Publication Date: 2015-05-13
SHANDONG LANGCHAO YUNTOU INFORMATION TECH CO LTD
View PDF3 Cites 35 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

This solution divides the network area from the physical port, which will occupy a large amount of physical resources, and is difficult and inflexible for multi-layer network deployment.
[0004] Another solution belongs to the category of traditional network access control. This solution integrates multiple identity authentication methods (LDAP, AD, etc.) to strengthen network access control. In addition to identity authentication, it is necessary to check the terminal security status. However, this solution does not subdivide the network. As long as the terminal is connected to the network, it can access the resources in the network at will. Once the attacker obtains the user identity, the data in the network can be obtained.
[0005] Although the above solutions solve the problems of network access control and network access control to a certain extent, there are problems such as difficult deployment, high resource occupation, and inability to adapt to different network environments.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Trusted network access and access control system and method
  • Trusted network access and access control system and method
  • Trusted network access and access control system and method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0048] A trusted network access and access control system, such as figure 1As shown, the network access controller device and the network access decision-making device are usually added on the basis of the original network. The two can be the same device. In order to ensure the security and reliability of the network access terminal, the network access decision Trusted domain and secure trusted domain attribute, the secure trusted domain attribute includes digital label characteristics, security level, and the network access decision server sets the security trusted policy, which is used for the terminal to check the security and trusted status.

Embodiment 2

[0050] A trusted network access and access control method. The network access decision maker uses digital label technology to divide the entire network into different security domains. The network access requester initiates a network access request through identity authentication, and then accesses the network from the network. The decision maker receives the network access control policy, and the network access requester performs a security and credibility check according to the network access control policy, and sends the check result to the network decision maker. The decision maker judges the security status of the requester based on the check result, and sends the The digital label feature of the security domain is sent to the requester, and the requester digitally labels the network data packet during the subsequent network access process, and the network access controller judges whether the requester's network access is legal according to the digital label in the network ...

Embodiment 3

[0052] Such as figure 2 As shown, the specific implementation steps of network access requester identity authentication are as follows:

[0053] Step S101: The access terminal initiates a network access request, sends the platform identity AIK certificate to the network access decision server, and the network access decision server authenticates the platform identity, and prohibits network access if the authentication fails;

[0054] Step S102: the authentication is successful, the network access decision server returns the platform identity authentication result to the terminal, the terminal encrypts the user name and password entered by the user through the TCM symmetric encryption algorithm, signs it with the AIK private key, and sends it to the decision server after signing;

[0055] Step S103: After receiving the terminal authentication information, the decision server verifies the authentication information, decrypts the authentication information, performs identity aut...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a trusted network access and access control system. The control system comprises a network access requester, a network access decision-maker and a network access controller. When the network access requester accesses to the network, platform identity authentication is carried out, and secure and trusted states of the requester are detected; the secure and trusted states are sent to the network access decision-maker, and the decision-maker judges the secure and trust level of the requester and gives a network access decision; the network access decision is sent to the network access controller, and the controller limits the requested network access. The invention further discloses a trusted network access and access control method. The control system carries out the platform identity authentication on the basis of TCM and ensures the network access control while avoids identity forging. Network areas are divided on the basis of a digital label technology and dynamically updated, network self-adaption is realized, and the access security of different logical areas is ensured. Secure and trusted strategies are configured, and combined with the TCM cryptographic algorithm, so that the security and credibility of the platform state of the requester are ensured.

Description

technical field [0001] The invention relates to the field of communication control, in particular to a trusted network access and access control system and method. Background technique [0002] With the development of information technology, more and more important information is stored in the internal server of the enterprise. Conventional attacks from the Internet can be protected by firewalls, UTM and other products, and the solutions are relatively mature. However, more and more information leaks Occurring within the network, network management chaos, random access, terminal host virus infection, etc. are all important factors affecting network security. Therefore, strengthening network management, refining network access rights, and controlling network access have become indispensable. security measures. [0003] TNCFHH is an open source implementation of trusted network connection architecture, using 802.1x-based network access control technology, using FreeRedius as ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L9/32
CPCH04L9/3247H04L9/3268H04L63/0807H04L63/0823H04L63/10
Inventor 郭猛善冯磊赵斌
Owner SHANDONG LANGCHAO YUNTOU INFORMATION TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com