Domainname-based unified identification mark and authentication method

A technology of identity authentication and authentication method, applied in the direction of user identity/authority verification, transmission system, digital transmission system, etc., can solve problems such as difficulty in interoperability, complex encryption characteristics of host mobility characteristics protocol, and inability to track users. The effect of scalability

Inactive Publication Date: 2007-03-28
TSINGHUA UNIV
View PDF0 Cites 46 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] 1. Existing application systems independently use their own identification and authentication systems, making interoperability difficult
User identification is combined with specific application services. Various authentication systems can only operate independently. Users must perform multiple different authentications when accessing different network resources. There is a lack of a global and unified user identification and authentication mechanism.
[0006] 2. Existing various identity authentication systems can only verify whether users have access to network resources, but cannot track various behaviors of users
Under the existing security mechanism, when a network security incident occurs, v

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Domainname-based unified identification mark and authentication method
  • Domainname-based unified identification mark and authentication method
  • Domainname-based unified identification mark and authentication method

Examples

Experimental program
Comparison scheme
Effect test

Example Embodiment

[0066] The system structure is shown in Figure 1: Two management domains A and B are shown. Each of these domains contains:

[0067] ●Identity authentication server;

[0068] ●Network access control server;

[0069] ●Domain name server.

[0070] Identification

[0071] In view of the difficulty of remembering and managing IPv6 addresses in the next-generation Internet, and various problems existing in the existing identity identification mechanism, the present invention proposes to use personal domain names to identify users.

[0072] The personal domain name PDN refers to a unique identification of the entire network assigned to a user, which corresponds to the user's current IPv6 address and is used to address the user. Personal domain names are in the form of Username@Domainname similar to email addresses, which means that the user belongs to a certain administrative domain. When the user has successfully authenticated, the identity authentication server will register the corre...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

This invention utilizes the good architecture design presented by the latest Internet protocol IPv6, combines with safety domain name (DN) service, extends the existed ID verification system functions, realizes the bounding relation between the user ID and recent real IPv6 address to offer a reliable security service for the upper application. In the user management domain, there are a net access control server (NACS), an ID authentication server (IDAS) and a DN server. NACS recognizes the registered user via a 3-element group consisted of user computer source MAC address, the source IPv6 address and the port. IDAS authenticates the user ID recognition and defines related accessing priority. DN server establishes the positive-negative direction relations between user private DN and IPv6 address. This invention provides more effective ID authentication means and possesses a great extendable function to meet the requirement of the future Internet application development.

Description

technical field [0001] The domain name-based unified identification and authentication method belongs to the field of Internet user identification and authentication, and requires users to confirm their identity and authority before requesting services. Background technique [0002] The identity mark is a symbol for the user to indicate his identity to the network service provider, and identity authentication is used to verify the legitimacy and validity of the user's identity mark. Before users access network resources, they should first be identified by the identity authentication system. The identity authentication server determines whether the user can access a certain network resource according to the user's identity and authorization database. It can be said that the identity authentication system is the first gateway of the entire network security system, and security services such as access control and auditing all rely on the user identity information provided by it...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L9/32H04L12/56H04L29/06H04L12/28H04L45/74
Inventor 吴建平段海新张洪付强
Owner TSINGHUA UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products