Supercharge Your Innovation With Domain-Expert AI Agents!

NAT security and access control method and device, equipment and storage medium

A technology of security control and equipment, applied in the field of network communication, can solve problems such as hidden dangers of access equipment and central office equipment, and achieve the effect of saving software and hardware entry resources and ensuring security

Inactive Publication Date: 2021-05-07
ZTE CORP
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] A NAT security and access control method, device, device, and storage medium provided by the embodiments of the present invention solve the problem of directly performing NAT processing on the access message received by the access device in the related art without performing a security check. Access equipment and central office equipment pose security risks

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • NAT security and access control method and device, equipment and storage medium
  • NAT security and access control method and device, equipment and storage medium
  • NAT security and access control method and device, equipment and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0039] In the related technology, the access device directly performs NAT processing on the received protocol access message without performing security verification, which not only causes the resources of the access device to be maliciously occupied, but also gives the access device and the local end device For the problem of potential safety hazards, this embodiment provides a NAT security control method. When the user-side device sends a protocol access message, the protocol access message sent includes information to be authenticated, and the access device receives the information sent by the user-side device. After accessing the protocol access packet, the protocol access packet is authenticated according to the information to be authenticated in the protocol access packet. Only when the authentication is passed, the protocol access packet is NAT-processed. Only the protocol access packets sent by the user-side device of the identity can be processed normally, which not on...

Embodiment 2

[0078] This embodiment provides a NAT security control device, which can be set in various access devices supporting the NAT function. Please refer to Figure 6 As shown, the NAT security control device includes:

[0079] A message receiving module 601, configured to receive a protocol access message carrying information to be authenticated and sent by the user-side device;

[0080] The NAT security control module 602 is configured to perform security authentication on the protocol access message according to the information to be authenticated in the received protocol access message, and perform NAT processing on the protocol access message when the security authentication is passed. For the specific authentication control process, please refer to the above-mentioned embodiments, which will not be repeated here.

[0081] It should be understood that the above-mentioned functions of the message receiving module 601 and the NAT security control module 602 may be implemented by...

Embodiment 3

[0130] This embodiment also provides an access device with NAT function, see Figure 10 As shown, it includes a first processor 1001, a first memory 1002 and a first communication bus 1003;

[0131] The first communication bus 1003 is used to realize the communication connection between the first processor 1001 and the first memory 1002;

[0132] In an example, the first processor 1001 may be configured to execute the first computer program stored in the first memory 1002, so as to implement the steps of the NAT security control method in the above embodiments.

[0133] This embodiment also provides a user side device, see Figure 11 As shown, it includes a second processor 1001, a second memory 1002 and a second communication bus 1003;

[0134] The second communication bus 1003 is used to realize the communication connection between the second processor 1001 and the second memory 1002;

[0135] In an example, the second processor 1001 may be configured to execute the secon...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The embodiment of the invention provides an NAT security and access control method, device, equipment and storage medium, and the method comprises the following steps: enabling user side equipment to send a protocol access message, wherein the sent protocol access message comprises to-be-authenticated information; after the access equipment receives the protocol access message sent by the user side equipment, performing security authentication on the protocol access message according to the to-be-authenticated information in the protocol access message, and performing NAT processing is performed on the protocol access message only when the authentication is passed, so only the protocol access message sent by the user side equipment with legal identity can be normally processed, the software and hardware table item resources of the access equipment are saved, and the security of the access equipment and the local side equipment is also ensured.

Description

technical field [0001] The present invention relates to the field of network communication, in particular to a NAT (Network Address Translation, network address translation) security and access control method, device, equipment and storage medium. Background technique [0002] Telecom operators require the equipment provider's Layer 2 network access equipment to support the MPNAT (Multi Protocol Network Address Translation, Multi-Protocol Network Address Translation) function. In this way, through NAT processing, the central office equipment can remotely manage the user-side equipment in various ways. For example, the central office equipment can remotely log in to Telnet to manage the configuration files of the user-side equipment, and the user-side equipment can also download the latest version or configuration files from the central office equipment. [0003] In related technologies, for the access packets (such as various protocol control packets) sent from the user-sid...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/12H04L12/46
CPCH04L63/08H04L63/0876H04L61/2503H04L12/4641H04L12/46H04L61/00
Inventor 许进林
Owner ZTE CORP
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More