Unlock instant, AI-driven research and patent intelligence for your innovation.

Access control method and device for Intranet resources of local area network and gateway equipment

An access control and gateway device technology, applied in the field of network security, can solve the problems of low resource access efficiency, security risks of dynamic resource change permissions, etc., to save internal network resources, reduce processing burden, and improve resource access efficiency.

Inactive Publication Date: 2017-10-03
ZTE CORP
View PDF7 Cites 16 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0009] The purpose of the present invention is to provide an access control method, device, and gateway device for intranet resources in a local area network, which are used to solve the problem of low resource access efficiency and potential safety hazards when users access internal resources in a local area network in the prior art. question

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Access control method and device for Intranet resources of local area network and gateway equipment
  • Access control method and device for Intranet resources of local area network and gateway equipment
  • Access control method and device for Intranet resources of local area network and gateway equipment

Examples

Experimental program
Comparison scheme
Effect test

no. 1 example

[0049] Such as figure 2 As shown, the embodiment of the present invention provides a method for access control of intranet resources in a local area network, including:

[0050] Step 11, acquiring the user authority level and resource authority level of the first client that initiates a resource connection request message to the gateway device;

[0051] It should be noted here that the user authority level is the authority level of the user operating the client, and one user corresponds to one client.

[0052] Step 12: In the preset correspondence table between user authority level and resource authority level, if the resource authority level corresponding to the user authority level of the first client is found, forward the resource connection of the first client to the target server request message.

[0053] According to the access control method of LAN intranet resources in the embodiment of the present invention, the client accessing the internal resources of the LAN is...

no. 2 example

[0093] Such as image 3 As shown, the embodiment of the present invention also provides an access control device for intranet resources in a local area network, including:

[0094] An acquisition module 21, configured to acquire the user authority level and the resource authority level of the first client that initiates a resource connection request message to the gateway device;

[0095] It should be noted here that the user authority level is the authority level of the user operating the client, and one user corresponds to one client.

[0096] The execution processing module 22 is configured to forward the first resource authority level to the target server if the resource authority level corresponding to the first user authority level of the client is found in the preset correspondence table between the user authority level and the resource authority level. The client's resource connection request message.

[0097] Specifically, the acquisition module 21 in the embodiment o...

no. 3 example

[0137] Such as Figure 4 As shown in the figure, it is a schematic flow chart of the access control method of the intranet resources of the local area network according to the embodiment of the present invention. The implementation process of the client accessing the intranet resources of the local area network will be described in detail below with reference to this figure.

[0138] Here, the client is also the client described in the first embodiment and the second embodiment.

[0139] Step 301, the gateway device receives a user's access connection request;

[0140] Here, the user's access connection request message is sent to the gateway device by establishing an encrypted tunnel through the SSL protocol.

[0141] Step 302, the gateway device verifies whether the user identity is legal;

[0142] If yes, execute step 303; if not, end the process and disconnect the access connection.

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides an access control method and device for Intranet resources of a local area network and gateway equipment. The method comprises the following steps: acquiring a user permission level and a resource permission level of a first client which initiates a resource connection request message to the gateway equipment; and if a resource permission level corresponding to the user permission level of the first client is found in a preset corresponding relation table of user permission levels and resource permission levels, forwarding the resource connection request message of the first client to a target server. In the method, resource access permission of a client accessing internal resources of the local area network is judged directly on the gateway equipment according to the resource permission level corresponding to the user permission level, and the resource connection request is forwarded to the target server when the client has the resource access permission, so that the resource access efficiency of a user accessing the internal resources of the local area network is increased; the processing burden of the target server is relieved; and internal network resources are saved.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a method, device and gateway device for access control of intranet resources in a local area network. Background technique [0002] The SSL VPN refers to a VPN (Virtual Private Network, virtual private network) technology for establishing a remote secure access channel based on the SSL (Security Socket Layer, Secure Socket Layer) protocol. The SSL protocol runs at the transport layer and only encrypts the application channel between the two communicating parties, rather than encrypting the entire channel from one host to another. In communication using the SSL protocol, each application is a secure independent body that can work in a transparent mode on a NAT (Network Address Translation, Network Address Translation) proxy device. [0003] In an SSL connection between the server and the client, both parties can perform identity verification and realize digital signature...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/0823H04L63/10H04L9/40
Inventor 陈龙梁会发谢铁民
Owner ZTE CORP