Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Domainname-based unified identification mark and authentication method

A technology of identity authentication and authentication method, applied in the direction of user identity/authority verification, transmission system, digital transmission system, etc., can solve problems such as difficulty in interoperability, complex encryption characteristics of host mobility characteristics protocol, and inability to track users. The effect of scalability

Inactive Publication Date: 2007-03-28
TSINGHUA UNIV
View PDF0 Cites 46 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] 1. Existing application systems independently use their own identification and authentication systems, making interoperability difficult
User identification is combined with specific application services. Various authentication systems can only operate independently. Users must perform multiple different authentications when accessing different network resources. There is a lack of a global and unified user identification and authentication mechanism.
[0006] 2. Existing various identity authentication systems can only verify whether users have access to network resources, but cannot track various behaviors of users
Under the existing security mechanism, when a network security incident occurs, various tracking systems can only locate the source address that caused the incident and cannot quickly determine the corresponding responsible person
[0007] With the vigorous promotion and application of the IPv6 protocol, the mobile characteristics of the host and the encryption characteristics of the protocol will also make the problem more complicated
The IP address of the host can be changed at any time, and the IP address will no longer be the external identification of the host. Through traditional firewalls and IDS (Intrusion Detection System), it is difficult to realize the identity authentication of the host and the control of user behavior. New attacks and Illegal means of access will follow

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Domainname-based unified identification mark and authentication method
  • Domainname-based unified identification mark and authentication method
  • Domainname-based unified identification mark and authentication method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0066] The system structure is shown in Figure 1: it shows two management domains A and B. Each of these domains contains:

[0067] ● Identity authentication server;

[0068] ●Network access control server;

[0069] ●Domain name server.

[0070] ID

[0071] Aiming at the difficulty of memorizing and managing IPv6 addresses in the next generation Internet and various problems existing in the existing identity identification mechanism, the present invention proposes to use personal domain names to identify users.

[0072] Personal domain name PDN refers to a network-wide unique identity assigned to a user, which corresponds to the user's current IPv6 address and is used to address the user. A personal domain name takes the form of Username@Domainname similar to an email address, meaning that the user belongs to an administrative domain. After the user has successfully authenticated, the identity authentication server will register the corresponding relationship between the ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

This invention utilizes the good architecture design presented by the latest Internet protocol IPv6, combines with safety domain name (DN) service, extends the existed ID verification system functions, realizes the bounding relation between the user ID and recent real IPv6 address to offer a reliable security service for the upper application. In the user management domain, there are a net access control server (NACS), an ID authentication server (IDAS) and a DN server. NACS recognizes the registered user via a 3-element group consisted of user computer source MAC address, the source IPv6 address and the port. IDAS authenticates the user ID recognition and defines related accessing priority. DN server establishes the positive-negative direction relations between user private DN and IPv6 address. This invention provides more effective ID authentication means and possesses a great extendable function to meet the requirement of the future Internet application development.

Description

technical field [0001] The domain name-based unified identification and authentication method belongs to the field of Internet user identification and authentication, and requires users to confirm their identity and authority before requesting services. Background technique [0002] The identity mark is a symbol for the user to indicate his identity to the network service provider, and identity authentication is used to verify the legitimacy and validity of the user's identity mark. Before users access network resources, they should first be identified by the identity authentication system. The identity authentication server determines whether the user can access a certain network resource according to the user's identity and authorization database. It can be said that the identity authentication system is the first gateway of the entire network security system, and security services such as access control and auditing all rely on the user identity information provided by it...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L9/32H04L12/56H04L29/06H04L12/28H04L45/74
Inventor 吴建平段海新张洪付强
Owner TSINGHUA UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com