Method, device, and system for controlling device access authority

A technology of access control and device access, applied in transmission systems, electrical components, etc.

Active Publication Date: 2018-11-16
邱婧
View PDF7 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0013] In view of this, the object of the present invention is to provide a device access authority control method, device and system to solve the technical problem of access authority control of all access equipment on Ethernet ports

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method, device, and system for controlling device access authority
  • Method, device, and system for controlling device access authority
  • Method, device, and system for controlling device access authority

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0239] as attached figure 1 As shown, an embodiment of a device access authority control method, which is used to control the authority of access device 30, specifically includes the following steps:

[0240] S101) Obtain the basic authority control data of the access device 30, the basic authority control data of the access device 30 at least includes access authority requirement data, the identification and type of the port 101 accessed by the access device 30;

[0241] S102) Bind the port 101 and the access device 30 and determine whether the binding is successful;

[0242] S103) If the binding is successful, authorize the access of the access device 30 according to the type of the accessed port 101 and the access authority requirement data;

[0243] S104) continuously detect and maintain the current VLAN state of the port 101, continuously detect the collision statistics of the port 101, continuously detect whether the identity status of the access device 30 is valid, and...

Embodiment 2

[0292] as attached figure 2 As shown, another embodiment of the device access authority control method is used to control the authority of the access device 30, which is characterized in that it specifically includes the following steps:

[0293] S101) Acquiring basic authority control data of the access device 30;

[0294] Obtain the identity authentication information of the access device 30 connected to the controlled port;

[0295] According to the identity authentication information of the access device 30, the identity authentication key and authentication rules of the access device 30 are obtained directly or indirectly locally or remotely, and the identity of the access device 30 is successfully authenticated.

[0296] S102) Bind the port 101 and the access device 30 and determine whether the binding is successful;

[0297] The technical solution for binding the port 101 and the access device 30 includes but is not limited to binding the port 101 and the access devi...

Embodiment 3

[0324] as attached image 3 As shown, another embodiment of a device access authority control method is used to control the authority of the access device 30, which is characterized in that it specifically includes the following steps:

[0325] S201) access authority initialization;

[0326] According to the design data requirements, create all VLANs, and divide all VLANs into controlled VLANs and normal VLANs. The device requesting cross-VLAN communication in a way prohibits the cross-VLAN communication between the controlled VLAN and the normal VLAN; its effect is to cut off the communication channel between the terminal equipment 30 in the controlled VLAN and the terminal equipment 32 in the normal VLAN, preventing unauthorized The access device 30 in the authorized controlled VLAN communicates with the terminal device 32 in the normal VLAN through cross-VLAN technology, cancels the permission of the non-default authorized fixed terminal device to access the normal VLAN, c...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a method, device, and system for controlling device access authority. The method comprises: acquiring basic data of authority control of an accessed device; binding a port withthe accessed device and determining whether binding is carried out successfully; if so, carrying out authorization on the accessed device according to an access port type and access authority requirement data; carrying out detection continuously and keeping a current VLAN state of the port, and detecting port collision statistics data, effectiveness of the identity state of the accessed device, and the online state of the accessed device; determining whether to cancel the access authority of the accessed device and dividing the port to a controlled VLAN based on the port type under the condition of meeting the cancelling condition; and cancelling binding between the port and the accessed device. Therefore, the full process including access authorization of the accessed device, illegal access prevention, and authorization cancellation is controlled and thus the legal accessed device is able to but is only able to obtain the access authority within a permission range, so that the illegalaccessed device is prevented from obtaining the access authority the same as the authorizing device and thus the safety of the Ethernet terminal device is improved substantially.

Description

technical field [0001] The present invention relates to the technical field of network security control, in particular to a device access authority control method, device and system applied to intelligent control of Ethernet network security. Background technique [0002] With the advancement of information network technology, Ethernet network technology and related products and systems have been rapidly and massively applied to various industries, and have become the infrastructure of an information society. However, following that, various hidden dangers of network security have become increasingly prominent, the most prominent of which is the access authority control problem of access devices connected to Ethernet ports. [0003] At present, in the prior art, there are mainly the following technical solutions for solving the problem of access authority control of access devices connected to Ethernet ports: [0004] Solution 1 is to control the access rights of access dev...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/0876H04L63/10
Inventor 邱婧
Owner 邱婧
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap