CN115633354B - Terminal identity authentication method, device, equipment and medium - Google Patents

Terminal identity authentication method, device, equipment and medium Download PDF

Info

Publication number
CN115633354B
CN115633354B CN202211645992.4A CN202211645992A CN115633354B CN 115633354 B CN115633354 B CN 115633354B CN 202211645992 A CN202211645992 A CN 202211645992A CN 115633354 B CN115633354 B CN 115633354B
Authority
CN
China
Prior art keywords
authentication
target
period
time
authentication period
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202211645992.4A
Other languages
Chinese (zh)
Other versions
CN115633354A (en
Inventor
毕敏
石元兵
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Electronics Technology Network Security Technology Co ltd
Original Assignee
China Electronics Technology Network Security Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Electronics Technology Network Security Technology Co ltd filed Critical China Electronics Technology Network Security Technology Co ltd
Priority to CN202211645992.4A priority Critical patent/CN115633354B/en
Publication of CN115633354A publication Critical patent/CN115633354A/en
Application granted granted Critical
Publication of CN115633354B publication Critical patent/CN115633354B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/61Time-dependent

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The application discloses a terminal identity authentication method, a device, equipment and a medium, comprising the following steps: acquiring first access time of the target terminal accessing the home network, and determining a first authentication period of the home network for carrying out identity authentication on the target terminal so as to determine a first time node for triggering authentication operation of the home network on the target terminal based on the first authentication period; acquiring second access time of the target terminal to the edge network, and determining a target time interval based on the first access time and the second access time; and determining a second authentication period which meets the preset multiple relation with the first authentication period based on the first authentication period and the target time interval, so as to determine a second time node for triggering the authentication operation of the edge network to the target terminal based on the second authentication period and the first time node. And controlling the second authentication period and the first authentication period to meet the preset multiple and controlling the corresponding time node, so that the two authentication periods are overlapped at the corresponding time node.

Description

Terminal identity authentication method, device, equipment and medium
Technical Field
The present invention relates to the field of mobile communications technologies, and in particular, to a terminal identity authentication method, device, equipment, and medium.
Background
With the advent of the 5G era, mobile edge computing (MEC, mobile Edge Computing) in the 5G core technology combines IT service environments and cloud computing technologies at network edges, and the computing and storage capabilities of the edge network are greatly improved by adopting a distributed network architecture, so that network operation and service delivery delay are reduced, and user experience is improved. After the mobile edge calculation is introduced, a large amount of services are terminated at the edge of the 5G network, key services and part of core network elements sink to the edge network to form an industry application private network, so that the network is a novel infrastructure designed for industry clients by operators in the 5G era, and is the most typical application scene of the 5G industry at present.
Under the distributed network architecture, after the terminal is accessed to the home network, the terminal initiates periodic identity authentication to ensure that the counterfeit terminal cannot access the network to acquire network resources; and after the terminal is accessed to the edge network, periodic identity authentication is initiated. And when the terminal performs periodic identity authentication, the service needs to be interrupted, i.e. the service cannot be normally performed. At present, the terminal maintains two independent authentication periods, namely, the terminal is authenticated by respective authentication periods in the home network and the edge network, once authentication is started, the terminal cannot normally perform service, and the service is continuously interrupted due to the fact that the two authentication periods are not related to each other, so that the service is discontinuous, the user experience is reduced, and the service throughput and the operation efficiency of the terminal service are reduced.
In summary, how to manage authentication periods of home network and edge network to reduce interruption times of service and improve operation efficiency of terminal service is a problem to be solved at present.
Disclosure of Invention
Accordingly, the present invention is directed to a terminal identity authentication method, apparatus, device, and medium, which can manage authentication periods of home network and edge network, so as to reduce interruption times of service and improve operation efficiency of terminal service. The specific scheme is as follows:
in a first aspect, the present application discloses a terminal identity authentication method, including:
acquiring first access time of a target terminal accessing a home network, and determining a first authentication period of the home network for carrying out identity authentication on the target terminal so as to determine a first time node for triggering authentication operation of the home network on the target terminal based on the first authentication period;
acquiring second access time of the target terminal to the edge network, and determining a target time interval based on the first access time and the second access time;
and determining a second authentication period which meets a preset multiple relation with the first authentication period based on the first authentication period and the target time interval, so as to determine a second time node for triggering the authentication operation of the edge network to the target terminal based on the second authentication period and the first time node.
Optionally, the determining, based on the first authentication period and the target time interval, a second authentication period that meets a preset multiple relationship with the first authentication period includes:
calculating a target difference value between the first authentication period and the target time interval;
and determining a second authentication period which meets the preset multiple relation with the first authentication period based on the target difference value and a preset coefficient.
Optionally, the terminal identity authentication method further includes:
and determining the preset coefficient based on a preset service security level and a preset timeliness rule in the edge network.
Optionally, before determining the second authentication period meeting the preset multiple relationship between the second authentication period and the first authentication period based on the first authentication period and the target time interval, the method further includes:
judging whether the first authentication period is greater than the target time interval;
and if the first authentication period is greater than the target time interval, triggering the step of determining a second authentication period of the edge network for carrying out identity authentication on the target terminal based on the first authentication period and the target time interval.
Optionally, the terminal identity authentication method further includes:
and if the first authentication period is not greater than the target time interval, triggering the authentication operation of the home network on the target terminal when the current time node is consistent with the first time node, updating the first access time to the current time node, and then re-jumping to the step of determining the target time interval based on the first access time and the second access time.
Optionally, the terminal identity authentication method further includes:
triggering a first interrupt instruction under the first time node and sending the first interrupt instruction to a decision circuit;
triggering a second interrupt instruction under the second time node and sending the second interrupt instruction to the decision circuit;
and when the decision circuit acquires the first interrupt instruction and the second interrupt instruction at the same time, merging the first interrupt instruction and the second interrupt instruction to obtain a third interrupt instruction, and controlling service interrupt of the target terminal by using the third interrupt instruction.
In a second aspect, the present application discloses a terminal identity authentication device, including:
a first authentication module, configured to obtain a first access time of a target terminal accessing a home network, and determine a first authentication period of the home network for performing identity authentication on the target terminal, so as to determine a first time node for triggering an authentication operation of the home network on the target terminal based on the first authentication period;
the target time interval determining module is used for acquiring second access time of the target terminal to the edge network and determining a target time interval based on the first access time and the second access time;
and the second authentication module is used for determining a second authentication period which meets a preset multiple relation with the first authentication period based on the first authentication period and the target time interval, so as to determine a second time node for triggering the authentication operation of the edge network on the target terminal based on the second authentication period and the first time node.
In a third aspect, the present application discloses an electronic device comprising:
a memory for storing a computer program;
and a processor for executing the computer program to implement the steps of the terminal identity authentication method disclosed above.
Optionally, the electronic device further includes:
a first clock timer for triggering a first interrupt instruction under the first time node;
a second clock timer for triggering a second interrupt instruction under the second time node;
and the decision circuit is connected with the first clock timer and the second clock timer and is used for merging the first interrupt instruction and the second interrupt instruction to obtain a third interrupt instruction when the first interrupt instruction and the second interrupt instruction are acquired at the same time, and controlling the service interrupt of the target terminal by utilizing the third interrupt instruction.
In a fourth aspect, the present application discloses a computer-readable storage medium for storing a computer program; wherein the computer program when executed by a processor implements the steps of the terminal identity authentication method disclosed previously.
The method comprises the steps that a first access time of a target terminal to a home network is obtained, a first authentication period of the home network for carrying out identity authentication on the target terminal is determined, and therefore a first time node for triggering authentication operation of the home network on the target terminal is determined based on the first authentication period; acquiring second access time of the target terminal to the edge network, and determining a target time interval based on the first access time and the second access time; and determining a second authentication period which meets a preset multiple relation with the first authentication period based on the first authentication period and the target time interval, so as to determine a second time node for triggering the authentication operation of the edge network to the target terminal based on the second authentication period and the first time node. Therefore, after the target terminal is accessed to the home network and the first authentication period of the home network for carrying out identity authentication on the target terminal and the first time node for carrying out authentication operation are determined, the preset multiple relation is met between the second authentication period of the edge network and the first authentication period of the home network by controlling the second authentication period and the first time node, and the corresponding second time node for carrying out authentication operation is controlled based on the second authentication period and the first time node, so that the coincidence of the first authentication period and the second authentication period in the corresponding time node is realized.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings that are required to be used in the embodiments or the description of the prior art will be briefly described below, and it is obvious that the drawings in the following description are only embodiments of the present invention, and that other drawings may be obtained according to the provided drawings without inventive effort to a person skilled in the art.
Fig. 1 is a flowchart of a terminal identity authentication method disclosed in the present application;
fig. 2 is a flowchart of a specific terminal identity authentication method disclosed in the present application;
FIG. 3 is a timing diagram of a specific terminal identity authentication disclosed in the present application;
fig. 4 is a flowchart of a specific terminal identity authentication method disclosed in the present application;
fig. 5 is a schematic structural diagram of a terminal identity authentication device disclosed in the present application;
FIG. 6 is a block diagram of an electronic device disclosed herein;
fig. 7 is a schematic diagram of a specific cycle management circuit disclosed in the present application.
Detailed Description
The following description of the technical solutions in the embodiments of the present application will be made clearly and completely with reference to the drawings in the embodiments of the present application, and it is apparent that the described embodiments are only some embodiments of the present invention, not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
Under the distributed network architecture, after the terminal is accessed to the home network, the terminal initiates periodic identity authentication to ensure that the counterfeit terminal cannot access the network to acquire network resources; and after the terminal is accessed to the edge network, periodic identity authentication is initiated. And when the terminal performs periodic identity authentication, the service needs to be interrupted, i.e. the service cannot be normally performed. At present, the terminal maintains two independent authentication periods, namely, the terminal is authenticated by respective authentication periods in the home network and the edge network, once authentication is started, the terminal cannot normally perform service, and the service is continuously interrupted due to the fact that the two authentication periods are not related to each other, so that the service is discontinuous, the user experience is reduced, and the service throughput and the operation efficiency of the terminal service are reduced. Therefore, the embodiment of the application discloses a terminal identity authentication method, device, equipment and medium, which can manage authentication periods of a home network and an edge network so as to reduce interruption times of service and improve operation efficiency of terminal service.
Referring to fig. 1, an embodiment of the present application discloses a terminal identity authentication method, which includes:
step S11: acquiring first access time of a target terminal accessing a home network, and determining a first authentication period of the home network for carrying out identity authentication on the target terminal so as to determine a first time node for triggering authentication operation of the home network on the target terminal based on the first authentication period.
In this embodiment, when the target terminal accesses the home network, a first access time is obtained, and after the target terminal accesses the home network, a first authentication period for the home network to authenticate the identity of the target terminal is determined, and then a first time node for triggering authentication operation is determined according to the first authentication period. It may be appreciated that the first time node includes a time node that performs each authentication operation, for example, assume that the first access time for the target terminal to access the home network is 8:00, and determining that the first authentication period is 2 minutes, and determining that an initial time node for initially starting authentication operation is 8 according to the current network state: 02, then from 8: starting at 02, the home network periodically authenticates the target terminal every 2 minutes, and the first time node is 8: 02. 8: 04. 8:06, etc.
Step S12: and acquiring a second access time of the target terminal to the edge network, and determining a target time interval based on the first access time and the second access time.
In this embodiment, when the target terminal accesses the edge network, the second access time is acquired, and then the target time interval between the two access times is determined based on the first access time and the second access time.
Step S13: and determining a second authentication period which meets a preset multiple relation with the first authentication period based on the first authentication period and the target time interval, so as to determine a second time node for triggering the authentication operation of the edge network to the target terminal based on the second authentication period and the first time node.
In this embodiment, a second authentication period satisfying a preset multiple relationship with the first authentication period is determined based on the first authentication period and the target time interval, so that a second time node for performing authentication operation on the target terminal by the edge network is determined based on the second authentication period and the first time node, so as to achieve that the second time node and the first time node are aligned as much as possible. When it is noted that the periodic authentication of the edge network may be customized according to the security characteristics of the application system, so that the second authentication period of the edge network may be set to align with the first authentication period of the home network. And, since the service is performed in the edge network and the speed change of the service is faster than the network change, the service security attribute is greater than the network security attribute, so the identity authentication period of the edge network is generally set to be shorter than the identity authentication period of the home network.
In a specific embodiment, the second authentication period may be equal to the first authentication period, and then the multiple relationship is doubled, and accordingly, the second time node may be completely included in the first time node, that is, it is achieved that the first authentication period and the second authentication period overlap. For example, if the first authentication period and the second authentication period are both 2 minutes, the first time node is 8: 02. 8: 04. 8:06, etc., the second access time is 8:01, then let the edge network go from 8:02 starts to perform authentication operation, and the corresponding second time node is 8: 02. 8: 04. 8:06, etc., i.e. the second time node and the first time node are perfectly aligned, the coincidence of the two authentication periods is achieved.
In another embodiment, the first authentication period is greater than the second authentication period and satisfies a predetermined multiple relationship. In this embodiment, taking the first authentication period as twice the second authentication period as an example, that is, if the first authentication period is 2 minutes, the first time node is 8: 02. 8: 04. 8: 06. 8:08, etc., the second authentication period is then 1 minute, assuming that the second access time is also 8:01, the corresponding second time node is 8: 02. 8: 03. 8: 04. 8:05, etc. It can be seen that the first time node coincides with the second time node on even time nodes.
The method comprises the steps that a first access time of a target terminal to a home network is obtained, a first authentication period of the home network for carrying out identity authentication on the target terminal is determined, and therefore a first time node for triggering authentication operation of the home network on the target terminal is determined based on the first authentication period; acquiring second access time of the target terminal to the edge network, and determining a target time interval based on the first access time and the second access time; and determining a second authentication period which meets a preset multiple relation with the first authentication period based on the first authentication period and the target time interval, so as to determine a second time node for triggering the authentication operation of the edge network to the target terminal based on the second authentication period and the first time node. Therefore, after the target terminal is accessed to the home network and the first authentication period of the home network for carrying out identity authentication on the target terminal and the first time node for carrying out authentication operation are determined, the preset multiple relation is met between the second authentication period of the edge network and the first authentication period of the home network by controlling the second authentication period and the first time node, and the corresponding second time node for carrying out authentication operation is controlled based on the second authentication period and the first time node, so that the coincidence of the first authentication period and the second authentication period in the corresponding time node is realized.
Referring to fig. 2, an embodiment of the present application discloses a specific terminal identity authentication method, and in comparison with the previous embodiment, the present embodiment further describes and optimizes a technical solution. The method specifically comprises the following steps:
step S21: acquiring first access time of a target terminal accessing a home network, and determining a first authentication period of the home network for carrying out identity authentication on the target terminal so as to determine a first time node for triggering authentication operation of the home network on the target terminal based on the first authentication period.
Step S22: and acquiring a second access time of the target terminal to the edge network, and determining a target time interval based on the first access time and the second access time.
Step S23: and calculating a target difference value between the first authentication period and the target time interval.
In this embodiment, after the first authentication period and the target time interval are obtained, a target difference between the first authentication period and the target time interval is calculated. The first authentication period is recordedT 1 The target time interval is recorded astThe target difference isT 1 -tAs shown in fig. 3, fig. 3 is a timing diagram of terminal identity authentication disclosed in the present application.
Step S24: and determining a second authentication period which meets a preset multiple relation with the first authentication period based on the target difference value and a preset coefficient, so as to determine a second time node for triggering the authentication operation of the edge network to the target terminal based on the second authentication period and the first time node.
In this embodiment, a second authentication period satisfying a preset multiple relationship with the first authentication period is determined based on the target difference value and the preset coefficient. The second authentication period is recordedT 2 The preset coefficient is recorded asnThenT 2 =n(T 1 -t). Further, the terminal identity authentication method in the embodiment of the application further includes: and determining the preset coefficient based on a preset service security level and a preset timeliness rule in the edge network. It will be appreciated that the value of the preset coefficient needs to be determined according to the service security level preset in the edge network and the time-efficiency rule of the service. For the service with high security level and high timeliness requirement, the value of the preset coefficient is smaller, and the corresponding second authentication period is shorter; for the service with low security level and low timeliness requirement, the value of the preset coefficient is larger, and the corresponding second authentication period is longer. But no matternTake what value, the second authentication period can be classifiedThe first authentication period of the home network terminal is divided, i.e. bynAnd controlling the value to enable a second authentication period of terminal service in the edge network to coincide with a first authentication period of legal network access of the terminal in the home network or to start identity authentication operation of the edge network in the first authentication period, so that the identity authentication flow of the home network occurs in the integral multiple time of the second authentication period.
It should be noted that, the terminal identity authentication method in the embodiment of the present application further includes: triggering a first interrupt instruction under the first time node and sending the first interrupt instruction to a decision circuit; triggering a second interrupt instruction under the second time node and sending the second interrupt instruction to the decision circuit; and when the decision circuit acquires the first interrupt instruction and the second interrupt instruction at the same time, merging the first interrupt instruction and the second interrupt instruction to obtain a third interrupt instruction, and controlling service interrupt of the target terminal by using the third interrupt instruction. That is, after reaching the first time node of the authentication operation of the home network, a first interrupt instruction is triggered and sent to the decision circuit, and after reaching the second time node of the authentication operation of the edge network, a second interrupt instruction is triggered and sent to the decision circuit, if the decision circuit obtains the first interrupt instruction and the second interrupt instruction at the same time, the first interrupt instruction and the second interrupt instruction are combined to obtain a third interrupt instruction, so that the service interrupt of the target terminal is controlled by the third interrupt instruction. For example, if the first time node is 8: 02. 8: 04. 8:06, etc., the second time node is also 8: 02. 8: 04. 8:06, etc., then when 8: 02. 8: 04. 8:06, when the time nodes are overlapped, the decision circuit only sends one interrupt instruction to the processor so as to reduce the interrupt times of the service. Thus, by controlling the two periods to coincide as much as possible, the traffic is affected only once in the security authentication scenario.
Further, if the first time node is 8: 02. 8: 04. 8:06, etc., the second time node is 8: 02. 8: 03. 8: 04. 8:05, and for the odd time nodes 8:03 and 8:05, only sending the corresponding second interrupt instruction to the decision circuit, and sending the second interrupt instruction to the processor by the decision circuit to control the service interrupt. In addition, when the nodes overlap at even times, terminal identity authentication of the home network with a long time period is triggered first.
For more specific processing procedures in the steps S21 and S22, reference may be made to the corresponding contents disclosed in the foregoing embodiments, and no detailed description is given here.
As can be seen, in the embodiment of the present application, when determining, based on the first authentication period and the target time interval, a second authentication period that satisfies a preset multiple relationship with the first authentication period, specifically, calculating a target difference value between the first authentication period and the target time interval; and determining a second authentication period which meets the preset multiple relation with the first authentication period based on the target difference value and a preset coefficient. And when determining the specific value of the preset coefficient, the preset business security level and timeliness rule in the edge network are required. In addition, corresponding first interrupt instructions and second interrupt instructions are triggered under the first time node and the second time node respectively and sent to the decision circuit, so that when the decision circuit receives the first interrupt instructions and the second interrupt instructions at the same time, the two interrupt instructions are combined, and service interrupt is controlled by utilizing the combined third interrupt instructions. In this way, the interruption times of the service are reduced, and the service throughput and the operation efficiency of the terminal service are improved.
Referring to fig. 4, an embodiment of the present application discloses a specific terminal identity authentication method, and in comparison with the previous embodiment, the present embodiment further describes and optimizes a technical solution. The method specifically comprises the following steps:
step S31: acquiring first access time of a target terminal accessing a home network, and determining a first authentication period of the home network for carrying out identity authentication on the target terminal so as to determine a first time node for triggering authentication operation of the home network on the target terminal based on the first authentication period.
Step S32: and acquiring a second access time of the target terminal to the edge network, and determining a target time interval based on the first access time and the second access time.
Step S33: and judging whether the first authentication period is larger than the target time interval.
In this embodiment, after determining the first authentication period and the target time interval, it is necessary to determine whether the first authentication period is greater than the target time interval, that is, determine the relationT 1 -tWhether the value of (c) is greater than zero.
Step S34: and if the first authentication period is greater than the target time interval, determining a second authentication period of the edge network for carrying out identity authentication on the target terminal based on the first authentication period and the target time interval, so as to determine a second time node for triggering the authentication operation of the edge network on the target terminal based on the second authentication period and the first time node.
In this embodiment, if the first authentication period is greater than the target time interval, that isT 1 -t >And 0, triggering the step of determining a second authentication period of the edge network for carrying out identity authentication on the target terminal based on the first authentication period and the target time interval.
In another specific embodiment, the terminal identity authentication method in the embodiment of the application further includes: and if the first authentication period is not greater than the target time interval, triggering the authentication operation of the home network on the target terminal when the current time node is consistent with the first time node, updating the first access time to the current time node, and then re-jumping to the step of determining the target time interval based on the first access time and the second access time. It will be appreciated that if the relationship isT 1 -t >0 is not established, it means that the time interval for the target terminal to further access the edge network after accessing the home network is longer, because the home network is generally far away from the edge network, resulting intIf the time is too long, the identity authentication operation of the edge network is not started, and when the current time node is consistent with the first time node, the authentication operation of the home network to the target terminal is triggered, namely when the first time node triggers the authentication operation, the authentication operation of the home network terminal is performed. At this time, the second authentication period can only wait until the home network end is authenticated, and then reset the target interval time, specifically, update the first access time to the current time node, and then determine the target interval time, at this timetWill be greatly shortened.
For more specific processing procedures in steps S31 and S32, reference may be made to the corresponding contents disclosed in the foregoing embodiments, and no detailed description is given here.
It can be seen that, before determining, based on the first authentication period and the target time interval, a second authentication period that satisfies a preset multiple relationship with the first authentication period, the embodiment of the present application may further include: judging whether the first authentication period is greater than the target time interval; and if the first authentication period is greater than the target time interval, triggering the step of determining a second authentication period of the edge network for carrying out identity authentication on the target terminal based on the first authentication period and the target time interval. Further, if the first authentication period is not greater than the target time interval, triggering an authentication operation of the home network on the target terminal when the current time node is consistent with the first time node, updating the first access time to the current time node, and then re-jumping to the step of determining the target time interval based on the first access time and the second access time. In this way, when the target interval time is too long due to the longer time interval of the target terminal accessing the home network, the identity authentication of the home network is performed according to the specific first time node, that is, the authentication operation of the home network is not affected.
Referring to fig. 5, an embodiment of the present application discloses a terminal identity authentication device, which includes:
a first authentication module 11, configured to obtain a first access time of a target terminal accessing a home network, and determine a first authentication period of the home network for performing identity authentication on the target terminal, so as to determine a first time node for triggering an authentication operation of the home network on the target terminal based on the first authentication period;
a target time interval determining module 12, configured to obtain a second access time of the target terminal to access an edge network, and determine a target time interval based on the first access time and the second access time;
a second authentication module 13, configured to determine, based on the first authentication period and the target time interval, a second authentication period that satisfies a preset multiple relationship with the first authentication period, so as to determine, based on the second authentication period and the first time node, a second time node for triggering an authentication operation of the edge network on the target terminal.
The method comprises the steps that a first access time of a target terminal to a home network is obtained, a first authentication period of the home network for carrying out identity authentication on the target terminal is determined, and therefore a first time node for triggering authentication operation of the home network on the target terminal is determined based on the first authentication period; acquiring second access time of the target terminal to the edge network, and determining a target time interval based on the first access time and the second access time; and determining a second authentication period which meets a preset multiple relation with the first authentication period based on the first authentication period and the target time interval, so as to determine a second time node for triggering the authentication operation of the edge network to the target terminal based on the second authentication period and the first time node. Therefore, after the target terminal is accessed to the home network and the first authentication period of the home network for carrying out identity authentication on the target terminal and the first time node for carrying out authentication operation are determined, the preset multiple relation is met between the second authentication period of the edge network and the first authentication period of the home network by controlling the second authentication period and the first time node, and the corresponding second time node for carrying out authentication operation is controlled based on the second authentication period and the first time node, so that the coincidence of the first authentication period and the second authentication period in the corresponding time node is realized.
Fig. 6 is a block diagram of an electronic device 20, according to an example embodiment. As shown in fig. 6, the electronic device 20 may include: a processor 21, a memory 22. The electronic device 20 may also include one or more of a multimedia component 23, an input/output (I/O) interface 24, and a communication component 25.
The processor 21 is configured to control the overall operation of the electronic device 20 to perform all or part of the steps in the terminal identity authentication method described above. The memory 22 is used to store various types of data to support operation at the electronic device 20, which may include, for example, instructions for any application or method operating on the electronic device 20, as well as application-related data, such as contact data, messages sent and received, pictures, audio, video, and so forth. The Memory 22 may be implemented by any type or combination of volatile or non-volatile Memory devices, such as static random access Memory (Static Random Access Memory, SRAM for short), electrically erasable programmable Read-Only Memory (Electrically Erasable Programmable Read-Only Memory, EEPROM for short), erasable programmable Read-Only Memory (Erasable Programmable Read-Only Memory, EPROM for short), programmable Read-Only Memory (Programmable Read-Only Memory, PROM for short), read-Only Memory (ROM for short), magnetic Memory, flash Memory, magnetic disk, or optical disk. The multimedia component 23 may include a screen and an audio component. Wherein the screen may be, for example, a touch screen, the audio component being for outputting and/or inputting audio signals. For example, the audio component may include a microphone for receiving external audio signals. The received audio signals may be further stored in the memory 22 or transmitted through the communication component 25. The audio assembly further comprises at least one speaker for outputting audio signals. The I/O interface 24 provides an interface between the processor 21 and other interface modules, which may be a keyboard, mouse, buttons, etc. These buttons may be virtual buttons or physical buttons. The communication component 25 is used for wired or wireless communication between the electronic device 20 and other devices. Wireless communication, such as Wi-Fi, bluetooth, near field communication (Near Field Communication, NFC for short), 2G, 3G or 4G, or a combination of one or more thereof, the corresponding communication component 705 may thus comprise: wi-Fi module, bluetooth module, NFC module.
Fig. 7 is a schematic diagram of a specific cycle management circuit disclosed herein, including a first clock timer 31, a second clock timer 32, and a decision circuit 33. Wherein the first clock timer 31 is configured to trigger a first interrupt instruction under the first time node; a second clock timer 32 for triggering a second interrupt instruction under said second time node; and the decision circuit 33 is connected with the first clock timer 31 and the second clock timer 32, and is configured to combine the first interrupt instruction and the second interrupt instruction to obtain a third interrupt instruction when the first interrupt instruction and the second interrupt instruction are acquired at the same time, and control the service interrupt of the target terminal by using the third interrupt instruction. The first clock timer 31 is a clock timer for performing an authentication operation for the home network, the second clock timer 32 is a clock timer for performing an authentication operation for the edge network, and the decision circuit 33 may set the timing lengths of the first clock timer 31 and the second clock timer 32 and calibrate the first clock timer 31 and the second clock timer 32.
In an exemplary embodiment, the electronic device 20 may be implemented by one or more application specific integrated circuits (Application Specific Integrated Circuit, abbreviated ASIC), digital signal processor (Digital Signal Processor, abbreviated DSP), digital signal processing device (Digital Signal Processing Device, abbreviated DSPD), programmable logic device (Programmable Logic Device, abbreviated PLD), field programmable gate array (Field Programmable Gate Array, abbreviated FPGA), controller, microcontroller, microprocessor, or other electronic components for performing the terminal identity authentication method described above.
In another exemplary embodiment, a computer readable storage medium is also provided, comprising program instructions which, when executed by a processor, implement the steps of the terminal identity authentication method described above. For example, the computer readable storage medium may be the memory 22 including program instructions described above, which are executable by the processor 21 of the electronic device 20 to perform the terminal identity authentication method described above.
In this specification, each embodiment is described in a progressive manner, and each embodiment is mainly described in a different point from other embodiments, so that the same or similar parts between the embodiments are referred to each other. For the device disclosed in the embodiment, since it corresponds to the method disclosed in the embodiment, the description is relatively simple, and the relevant points refer to the description of the method section.
Those of skill would further appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, computer software, or combinations of both, and that the various illustrative elements and steps are described above generally in terms of functionality in order to clearly illustrate the interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
The steps of a method or algorithm described in connection with the embodiments disclosed herein may be embodied directly in hardware, in a software module executed by a processor, or in a combination of the two. The software modules may be disposed in Random Access Memory (RAM), memory, read Only Memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art.
Finally, it is further noted that relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
The above detailed description of a terminal identity authentication method, device, equipment and medium provided by the present invention applies specific examples to illustrate the principle and implementation of the present invention, and the above description of the examples is only used to help understand the method and core idea of the present invention; meanwhile, as those skilled in the art will have variations in the specific embodiments and application scope in accordance with the ideas of the present invention, the present description should not be construed as limiting the present invention in view of the above.

Claims (10)

1. A terminal identity authentication method, comprising:
acquiring first access time of a target terminal accessing a home network, and determining a first authentication period of the home network for carrying out identity authentication on the target terminal so as to determine a first time node for triggering authentication operation of the home network on the target terminal based on the first authentication period;
acquiring second access time of the target terminal to the edge network, and determining a target time interval based on the first access time and the second access time;
determining a second authentication period meeting a preset multiple relation with the first authentication period based on the first authentication period and the target time interval, so as to determine a second time node for triggering the authentication operation of the edge network on the target terminal based on the second authentication period and the first time node;
the terminal identity authentication method further comprises the following steps:
and controlling a second time node for performing the authentication operation based on the second authentication period and the first time node so as to enable the first authentication period and the second authentication period to coincide with each other in the corresponding time node.
2. The terminal identity authentication method according to claim 1, wherein the determining, based on the first authentication period and the target time interval, a second authentication period satisfying a preset multiple relationship with the first authentication period includes:
calculating a target difference value between the first authentication period and the target time interval;
and determining a second authentication period which meets the preset multiple relation with the first authentication period based on the target difference value and a preset coefficient.
3. The terminal identity authentication method according to claim 2, further comprising:
and determining the preset coefficient based on a preset service security level and a preset timeliness rule in the edge network.
4. The terminal identity authentication method according to claim 1, wherein before the second authentication period satisfying a preset multiple relation with the first authentication period is determined based on the first authentication period and the target time interval, the method further comprises:
judging whether the first authentication period is greater than the target time interval;
and if the first authentication period is greater than the target time interval, triggering the step of determining a second authentication period of the edge network for carrying out identity authentication on the target terminal based on the first authentication period and the target time interval.
5. The terminal identity authentication method according to claim 4, further comprising:
and if the first authentication period is not greater than the target time interval, triggering the authentication operation of the home network on the target terminal when the current time node is consistent with the first time node, updating the first access time to the current time node, and then re-jumping to the step of determining the target time interval based on the first access time and the second access time.
6. The terminal identity authentication method according to any one of claims 1 to 5, further comprising:
triggering a first interrupt instruction under the first time node and sending the first interrupt instruction to a decision circuit;
triggering a second interrupt instruction under the second time node and sending the second interrupt instruction to the decision circuit;
and when the decision circuit acquires the first interrupt instruction and the second interrupt instruction at the same time, merging the first interrupt instruction and the second interrupt instruction to obtain a third interrupt instruction, and controlling service interrupt of the target terminal by using the third interrupt instruction.
7. A terminal identity authentication device, comprising:
a first authentication module, configured to obtain a first access time of a target terminal accessing a home network, and determine a first authentication period of the home network for performing identity authentication on the target terminal, so as to determine a first time node for triggering an authentication operation of the home network on the target terminal based on the first authentication period;
the target time interval determining module is used for acquiring second access time of the target terminal to the edge network and determining a target time interval based on the first access time and the second access time;
a second authentication module, configured to determine, based on the first authentication period and the target time interval, a second authentication period that satisfies a preset multiple relationship with the first authentication period, so as to determine, based on the second authentication period and the first time node, a second time node for triggering an authentication operation of the edge network on the target terminal;
the terminal identity authentication device is further used for:
and controlling a second time node for performing the authentication operation based on the second authentication period and the first time node so as to enable the first authentication period and the second authentication period to coincide with each other in the corresponding time node.
8. An electronic device, comprising:
a memory for storing a computer program;
a processor for executing the computer program for carrying out the steps of the terminal identity authentication method according to any one of claims 1 to 5.
9. The electronic device of claim 8, further comprising:
a first clock timer for triggering a first interrupt instruction under the first time node;
a second clock timer for triggering a second interrupt instruction under the second time node;
and the decision circuit is connected with the first clock timer and the second clock timer and is used for merging the first interrupt instruction and the second interrupt instruction to obtain a third interrupt instruction when the first interrupt instruction and the second interrupt instruction are acquired at the same time, and controlling the service interrupt of the target terminal by utilizing the third interrupt instruction.
10. A computer-readable storage medium storing a computer program; wherein the computer program when executed by a processor implements the steps of the terminal identity authentication method according to any one of claims 1 to 6.
CN202211645992.4A 2022-12-21 2022-12-21 Terminal identity authentication method, device, equipment and medium Active CN115633354B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211645992.4A CN115633354B (en) 2022-12-21 2022-12-21 Terminal identity authentication method, device, equipment and medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211645992.4A CN115633354B (en) 2022-12-21 2022-12-21 Terminal identity authentication method, device, equipment and medium

Publications (2)

Publication Number Publication Date
CN115633354A CN115633354A (en) 2023-01-20
CN115633354B true CN115633354B (en) 2023-05-26

Family

ID=84910407

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211645992.4A Active CN115633354B (en) 2022-12-21 2022-12-21 Terminal identity authentication method, device, equipment and medium

Country Status (1)

Country Link
CN (1) CN115633354B (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112039886A (en) * 2020-08-31 2020-12-04 成都卫士通信息产业股份有限公司 Edge computing-based terminal device management and control method, electronic device and medium
CN113259359A (en) * 2021-05-21 2021-08-13 重庆紫光华山智安科技有限公司 Edge node capability supplementing method, system, medium and electronic terminal

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101945083B (en) * 2009-07-08 2013-08-07 中兴通讯股份有限公司 Authentication method and counterfeit judgment method for virtual router redundancy protocol
US11277305B2 (en) * 2019-10-09 2022-03-15 Qualcomm Incorporated Edge discovery techniques in wireless communications systems
US11570175B2 (en) * 2020-10-05 2023-01-31 T-Mobile Innovations Llc Communication network edge computing authorization
CN114726490A (en) * 2021-01-05 2022-07-08 上海朗帛通信技术有限公司 Method and equipment used for wireless communication
CN113300854B (en) * 2021-05-21 2023-04-07 重庆紫光华山智安科技有限公司 Edge node capability expansion method, system and expansion box

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112039886A (en) * 2020-08-31 2020-12-04 成都卫士通信息产业股份有限公司 Edge computing-based terminal device management and control method, electronic device and medium
CN113259359A (en) * 2021-05-21 2021-08-13 重庆紫光华山智安科技有限公司 Edge node capability supplementing method, system, medium and electronic terminal

Also Published As

Publication number Publication date
CN115633354A (en) 2023-01-20

Similar Documents

Publication Publication Date Title
JP6929497B2 (en) Cross-blockchain interaction methods, devices, systems, and electronic devices
US10402585B2 (en) Management of privacy policies
RU2637999C1 (en) Method and system for creating user profile and user authentication
CN111095862B (en) Method, system, and medium for modifying firewall based on dynamic IP address
JP2019519174A (en) Method and entity for terminating a subscription
US11627137B2 (en) Virtual profile instantiations via an access privilege control system
US20200336494A1 (en) Authentication/authorization server, client, service providing system, access management method, and medium
US20180124561A1 (en) Location-Based Number Management
CN112131135B (en) Ciphertext operation debugging method and system and device for ciphertext operation debugging
CN115633354B (en) Terminal identity authentication method, device, equipment and medium
JP6289879B2 (en) Communication terminal, communication method and program
US11231920B2 (en) Electronic device management
CN112235378A (en) Data updating method and device, storage medium and electronic equipment
CN116647572A (en) Access endpoint switching method, device, electronic equipment and storage medium
US20230096372A1 (en) Localized authorization for secure communication
JP6712112B2 (en) Programmable device application authentication system and authentication method
WO2015131497A1 (en) Load control method and apparatus for notification messages
JP6969676B2 (en) Exclusive control system and exclusive control method
CN114143019A (en) Enhancements for security updates in communication networks
WO2016197637A1 (en) Method for implementing remote access, alljoyn gateway proxy, cloud server and mobile device
CN112364334A (en) Single sign-on method and device, electronic equipment and storage medium
CN112000493A (en) Data processing system, method, electronic device and storage medium
US8666409B2 (en) Registration or unregistration method for home information machine and home information machine hereof
CN113347222B (en) Data processing method and device and electronic equipment
CN113079505B (en) User authentication method, core network side device and computer readable storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CB02 Change of applicant information

Address after: No. 333, Yunhua Road, high tech Zone, Chengdu, Sichuan 610041

Applicant after: China Electronics Technology Network Security Technology Co.,Ltd.

Address before: No. 333, Yunhua Road, high tech Zone, Chengdu, Sichuan 610041

Applicant before: CHENGDU WESTONE INFORMATION INDUSTRY Inc.

CB02 Change of applicant information
GR01 Patent grant
GR01 Patent grant