Unlock instant, AI-driven research and patent intelligence for your innovation.

A system and method for entity authentication authority management in a satellite communication network

A technology of rights management and entity, applied in the field of rights management and entity authentication in satellite communication, can solve the problems of different functions and management modes, high time cost, unfavorable management, etc., to ensure safe roaming, large concurrency, guarantee The effect of cross-domain access

Active Publication Date: 2020-07-24
BEIJING INSTITUTE OF TECHNOLOGYGY
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Autonomous access control determines the access method based on the identity and authorization of the visitor, and the access subject has the right to decide on access control, which is likely to cause security holes in the process of information movement
Mandatory access control means that the system classifies the subject and object, and determines the access mode according to the level, which is too emphasis on confidentiality and is not conducive to management
Role-based access control is an improvement on the former two. It stipulates the user's access rights based on the user's role in the system, which solves the problem of difficult management, but cannot solve the problem of cross-domain access of user terminals.
[0004] Moreover, the functions and management modes of each backbone node and user terminal are completely different, and it is very difficult to carry out unified management
And if the traditional user management method is adopted, billions or even tens of billions of data need to be stored at every turn, and the cost of a comparison of user information is huge, which will inevitably bring a long delay to user authentication
[0005] To sum up, the existing authority management schemes cannot meet the authority management requirements in the satellite communication network

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A system and method for entity authentication authority management in a satellite communication network
  • A system and method for entity authentication authority management in a satellite communication network
  • A system and method for entity authentication authority management in a satellite communication network

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0047] This embodiment elaborates in detail the specific implementation scenarios of the entity authentication authority management system and method in a satellite communication network of the present invention when each backbone node performs identity authentication. The overall model is as follows figure 1 shown.

[0048] When backbone nodes such as satellites, gateway stations, and network service centers need to access network resources, the main authentication center should first authenticate their identities. Such as figure 2 As shown in , the main authentication center distributes IDs and keys to each backbone node in advance. When the backbone node needs to access network resources, use image 3 The mutual authentication protocol between the network node and the main authentication center shown in the figure completes the identity authentication. After receiving the ID of the satellite node, the main authentication center needs to retrieve Image 6 The network node...

Embodiment 2

[0050] This embodiment elaborates in detail the specific implementation scenario of the entity authentication authority management system and method in the satellite communication network of the present invention when each user terminal performs identity authentication.

[0051] When a user terminal needs to access network resources, the domain authentication center should first authenticate its identity. Such as Figure 7 As shown in , the domain authentication center distributes IDs and keys to user terminals through the network or presets. When the user terminal needs to access network resources, the domain authentication center uses Figure 8 The flow shown is to authenticate the user terminal. After the user terminal initiates an authentication request, the domain authentication center responds to the connection of the user terminal, and obtains the user ID and key, and then obtains the table name in the database by ID / 20000, and sends it to Figure 10 The shown database...

Embodiment 3

[0053] This embodiment elaborates in detail the specific implementation scenario of the entity authentication authority management system and method in the satellite communication network of the present invention when each entity performs hierarchical cross-domain dynamic authority attribute collaborative mapping.

[0054] Such as image 3 As shown in , an entity can request access to another domain and access its network resources, the specific process is as follows Figure 4 shown.

[0055] ①Indicates that the user sends authentication information to the registration domain authentication center through the terminal; ②Obtains user rights and terminal rights based on user and terminal information; ③Adds time stamp t to the registration domain user rights and terminal rights and sends them through public key encryption; ④Decrypts the information and Obtain the access domain authority according to the registration domain authority; ⑤ send the time stamp t of the registration d...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to an entity authentication authority management system and method in a satellite communication network, belonging to the technical field of authority management and entity authentication in satellite communication. The invention comprises an entity authentication and authority management system and a hierarchical cross-domain dynamic authority attribute collaborative mappingmethod. The entity authentication and authority management system comprises a network node identity authentication module, a user terminal identity authentication module and an authority management module; the network node identity authentication is completed by a main authentication center; the user terminal identity authentication is completed by each domain authentication center; the authoritymanagement module stores the role-authority mapping table of network nodes and user terminals separately in the main authentication center and the domain authentication centers, and obtains the authorities of the nodes or the users through a multi-table jointed querying method. The entity authentication authority management system and method in the satellite communication network can realize large-scale entity identity authentication and authority management; and cross-domain access and secure roaming of user terminals in the satellite communication network are ensured by means of the entityidentity authentication scheme and the hierarchical cross-domain dynamic authority attribute collaborative mapping method.

Description

technical field [0001] The present invention relates to an entity authentication authority management system and method in a satellite communication network, in particular to a new entity authentication authority management system, which adopts a two-level management method to realize the identity authentication of an access entity, and adopts hierarchical cross-domain The method realizes the management of entity rights by means of collaborative mapping of attributes, and belongs to the technical field of rights management and entity authentication in satellite communications. Background technique [0002] With the continuous progress and application of satellite technology and wireless communication technology, as well as the increasingly urgent needs of national security, aerospace, disaster early warning, etc., satellite communication network has developed rapidly as one of the important corresponding technologies. The satellite communication network consists of multiple ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L9/08
CPCH04L9/0891H04L63/062H04L63/068H04L63/083H04L63/0869H04L63/0876H04L63/10
Inventor 祝烈煌李嘉盛王龙张子剑徐畅
Owner BEIJING INSTITUTE OF TECHNOLOGYGY