Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Authentication method for network security access and authentication system for implementing method

An access authentication and network security technology, applied in the field of network security access, can solve problems such as DSCP value legality check, DSCP value spoofing, network attack, etc., and achieve the effect of easy IPQoS guarantee and simple internal state

Inactive Publication Date: 2017-02-22
CHINA SOUTHERN POWER GRID COMPANY
View PDF3 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

There are mainly following shortcomings and deficiencies in the prior art: 1. Since there is no source MAC address and source IP address legality check for the user IP message that has passed Web authentication, false address spoofing and related network attacks may occur, and this Such network deception and attacks are difficult to track, making it increasingly difficult for network managers to effectively manage the network
2. Since the DSCP value of the IP packet is mainly set by the user terminal when sending the packet, the network access system does not check the legality of the DSCP value of the IP packet, resulting in some DSCP values ​​of the IP packet appearing in the network Irregularities or DSCP value spoofing, etc., it is difficult for network service providers to provide differentiated services for various services based on the DSCP value of IP packets

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Authentication method for network security access and authentication system for implementing method
  • Authentication method for network security access and authentication system for implementing method
  • Authentication method for network security access and authentication system for implementing method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0023] This embodiment is a preferred implementation mode of the present invention, and other principles and basic structures that are the same or similar to this embodiment are within the protection scope of the present invention.

[0024] Please see figure 1 And attached figure 2 , a schematic diagram of a typical system structure of a switch-based network authentication system, including multiple security access control switches, Web access authentication servers, and user terminals, where the Web access authentication server and security access control switches are interconnected through the network , the security access control switch is connected to the user terminal through the access network. A typical implementation of a secure access control switch includes a user terminal information learning unit, a tuple information maintenance unit, a Web authentication unit, a control proxy unit and a message filtering unit, a control proxy unit and a user terminal information...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an authentication method for network security access and an authentication system for implementing the method. Multi-tuple binding of an access user is realized in a Web authentication way on a network access layer, and checking and setting for a DSCP (Differentiated Services Code Point) value of a user IP (Internet Protocol) message is realized. The authentication method is based on Web authentication of multi-tuple binding, more suitable for various network access environments and application safety demands, simple in internal state, and convenient for trouble shooting and system stability improvement. In conjunction with Web authentication of multi-tuple binding of QoS (Quality of Service) level assurance, the problems of irregular DSCP value or DSCP value cheating and the like in the network IP message are solved effectively, and an Internet service provider can provide IP QoS assurance for various services more easily.

Description

technical field [0001] The invention discloses a network security access technology, in particular to an authentication method for network security access and an authentication system for realizing the method. Background technique [0002] With the rapid increase in the number and types of access network devices, network management and security issues are becoming more and more severe, and network users have different needs for accessing the network, and the traditional secure access system is becoming more and more difficult to adapt to the increase in network scale and user needs. The requirement of diversity makes the disadvantages of traditional network access increasingly prominent. Web authentication is a widely used secure access authentication method at present. It relies on a Web browser to perform interactive authentication with a Web authentication server through the HTTP protocol. The current IP Quality of Service (QoS) technology mainly adopts the differential ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04W12/06H04W12/08
CPCH04W12/06H04W12/08
Inventor 胡飞飞徐键刘映尚陈新南洪丹轲杨俊权黄文婷
Owner CHINA SOUTHERN POWER GRID COMPANY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com