CN1338845A - Terminal user identity authentication and link system based on Internet - Google Patents

Terminal user identity authentication and link system based on Internet Download PDF

Info

Publication number
CN1338845A
CN1338845A CN 01127267 CN01127267A CN1338845A CN 1338845 A CN1338845 A CN 1338845A CN 01127267 CN01127267 CN 01127267 CN 01127267 A CN01127267 A CN 01127267A CN 1338845 A CN1338845 A CN 1338845A
Authority
CN
China
Prior art keywords
management
user
internet
ics
operator
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN 01127267
Other languages
Chinese (zh)
Inventor
杨平良
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to CN 01127267 priority Critical patent/CN1338845A/en
Publication of CN1338845A publication Critical patent/CN1338845A/en
Pending legal-status Critical Current

Links

Images

Landscapes

  • Computer And Data Communications (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

A terminal user identity authentication and link system based on Internet is composed of network identity coding unit, identity authentiation system management and link system. Said code include state code, district code, user code and provider marker code. Said identity authentication system management is aimed at managing all Internet users. Said link system consists of register server. Internet channel, router, firewall, bypass server, computer network switch system and Internet user terminals.

Description

Based on internet terminal authenticating user identification and system of connections
Technical field
Network application system based on internet terminal authenticating user identification and connection structure subordination transmission control protocol/interconnection protocol of the present invention.
Background technology
Because the user is connected to the user mode of the Internet (Internet) and the difference that the place subnet is provided with, and can't establish reliable trust relationship between the network user.This insecure relation has influenced based on the business development between the Internet (Internet) user.
Summary of the invention
The object of the present invention is to provide a kind of can the description, and describe the trust of setting up communication two party, realize the internet terminal authenticating user identification and the system of connections of point-to-point communication and other business contacts by identity to the unique identity of Internet user.For realizing purpose of the present invention, must solve two subject matters, the one, authentication, the 2nd, the connection of point-to-point.For this reason, the system of connections two large divisions who the present invention includes network identification card coding and authentication system management and point-to-point forms.Network identification card coding method of the present invention is the hierarchical schema according to management, and its network identity coding is made up of country origin coding, area code, Subscriber Number and operator's mark code.And the authentication system management that is provided with, cover whole Internet users, by operator's block management, the network structure that each operator's compass of competency adopts vertically management and horizontal management to intersect, adopt the management mode of layering, classification in vertically managing, the bottom management is subordinated to its management directly under the higher level; Adopt the information exchange between the management at the same level in horizontal management, between the different operators, connect by authorizing, it can be connection between the most top that this mandate connects, connection also at the same level.
System of connections of the present invention is connected in router (Router) by authentication ids registrar (ICS) by the Internet passage, router, fire compartment wall (Proxy) and bypass server (PB) are connected in the input of computer network switching system separately respectively, its output and internet terminal user's terminal: as the user's computer terminal, or Internet Telephone, or internet video phones etc. links to each other.
The present invention has realized the unique identity of Internet user is described, and by the trust of communication two party has been set up in the description of identity, and has realized point-to-point connecting relation, helps the business development between the Internet user.
Description of drawings
Fig. 1, system of connections block diagram of the present invention.
A kind of embodiment schematic diagram of Fig. 2, system of connections of the present invention.
Label declaration among Fig. 1: 1, authentication ids registrar (ICS), 2, the Internet or enterprise network passage (Internet), 3, router (Router), 4, fire compartment wall (Proxy), 5, bypass server (PB), 6, the computer network switching system, 7, user computer terminal, or Internet Telephone, or internet video phones etc.
The dotted line left side is set at the system of connections of user A among Fig. 2, and the right is set at the system of connections of user B.Its composition system is corresponding one by one with Fig. 1.
Embodiment
Operator's supervising the network structure of authentication system management is the precondition of authentication, one directly under range of management in, the user is unique.User data in same operator's scope can be to dynamically update, and upgrades the interactive user data message at any time according to the renewal of data between the management connected node.The code parsing device is set, for the selection of communication port provides foundation on operator's registrar.On each operator's registrar, the tabulation in operator, country origin, this country area is arranged all.Country origin, area are unified to different operators.At same country origin, can there be the different linchpin users of administrative institute of operator in the area.CC country code: can adopt at present unified in the world country origin coding, and area code, user code and operator's mark code are determined by this state's appropriate authority, but area code, subscriber-coded must not use the country origin keyword to make the coding prefix.Between sign indicating number and the sign indicating number, available ". " or additive method are cut apart, and the length of each yard arrives between the qualification maximum length figure place scope of specified portions variable at 0.When resolver obtains the network identification card number, since first parsing.Isolate according to decollator ". " segmentation.
The network configuration of authentication ids registrar (being called for short ICS) is omitted, but its operation principle and step are summarized as follows: (one), operation principle:
(1) exchange change Subscriber Number between peer, for example, the Nanjing Gulou District can have a plurality of ICS, but belongs to same rank.User profile is shared between these ICS.And unify managed by Nanjing city-level ICS, not managed by other regional ICS.
(2) only consider intercommunication between the top ICS at present for different operators.
(3) between not at the same level, managing user information is not searched user profile, successively decreases by level order.
(4) user that management all can be arranged not at the same level.
(5) adjacent ICS information-change can carry out information exchange.
(6) according to address analysis result search subscriber registration ICS.(2), identification step: (1) user registration
When certain user needs network identity, at first must determine by the operator which rank of ICS this user is registered in certain operator's application of have jurisdiction over, and the distributing user numbering.This ICS managing user information data, and this user profile is published to ICS at the same level.(2) obtain the other side's identity information.
According to the identity that the other side provides, resolve the identification presentation data.Obtain analysis result according to resolver.And the ICS and the request time that keep the other side stab.(3) whether search the other side ICS exists
According to analysis result, learn the other side ICS and user location, operator, opposite direction is searched for assigned I CS location, the operator inquires whether this user exists.(4) authentication is returned
Inform the access time stamp to this user.And ICS own and service identification (ID) number are provided, expression is trusted.
After authentication is trusted, both sides will connect, and realize communication and business contact.Narrate concrete annexation, principle and step according to Fig. 1 and Fig. 2 below.
Connecting relation
As shown in Figure 1, point of the present invention and some annexation are the connections on transmission control protocol/interconnection protocol basis of (being called for short TCP/IP).After authentication ids registrar 1 (being called for short ICS) is confirmed authentication ids, be connected in router three (Router) by the Internet passage 2 (Internet), router three, fire compartment wall 4 (Proxy) and bypass server 5 (PB) are connected in the input of computer network switching system 6 separately respectively, its output is connected in user computer terminal (or Internet Telephone, or Internet user's terminal such as internet video phones).
Catenation principle
Authentication ids according to authentication ids registrar (ICS) is a foundation, establishes trusting relationship mutually, and annexation could be set up.Need walk around the qualification of the original fire compartment wall of user (Proxy) for user ICS agency service, so connecting at native system must (for development from now on, the PB server be by the Proxy replacement with ICS service function by bypass server (PB) concrete management ICS customer service request.Using the PB server at present is interim solution).
PB server admin place user's interconnection protocol IP and identifier (ID) and user code (network personal identification code).Provide agent data to carrying out business activity by the ICS service between the user.User place PB is with being connected with place linchpin ICS.And in ICS registered user's PB.
When user's request connects with user B (as shown in Figure 2), pass through PB 1Send the ICS request to ICS, ICS sends ICS request by identification step to user B place ICS by after the legitimacy of checking user A.User B place ICS asks the PB at user B place by the PB transmission ICS of user B registration 2, user B place PB 2Examine user B number, and the legitimacy of reverse search user A.Behind both sides' identity validation, PB transmits data to user B.
Connection Step
1) user A calls out: promptly ask ICS 1, return the PB of user B 2The address;
2) ICS 1Confirm the PB of user A and user's number of registration, ID number;
3) ICS 1According to the network identification card number of callee user B, parse addresses, the next ICS that selects data to send;
4) data arrive ICS 2After, ICS 2Search subscriber B if this user registers, then sends the PB that ICS asks user B place 2
5) PB 2Consult the state of user B: online still not online;
6) PB 2According to the data message of user A, obtain the ICS of user A 1, oppositely pass through ICS 2Search ICS 1Whether user A is legal;
7) ICS 1According to the affirmation request of user B, timestamp and the call request of returning user A ID number and the authentication ids explanation of contrast user A request;
8) PB 2Send a message to PB 1Inform the current state of user B;
9) connect foundation.

Claims (1)

1, a kind of based on internet terminal authenticating user identification and system of connections, it is characterized in that, comprise the network identification card coding, authentication system management and system of connections, the network identification card coding is encoded by country origin, area code, subscriber-coded, operator's mark code is formed, and the authentication system management that is provided with, cover whole Internet users, by operator's block management, the network structure that each operator's compass of competency adopts vertically management and horizontal management to intersect, vertically adopting layering in the management, the management mode of classification, the bottom management is subordinated to its management directly under the higher level, in horizontal management, adopt the information exchange between the management at the same level, between the different operators, connect by authorizing, it can be connection between the most top that this mandate connects, it also can be connection at the same level, system of connections is connected in router (3) by authentication ids registrar (1) by the Internet passage (2), router (3), fire compartment wall (4) and bypass server (5) are connected in the input of computer network switching system (6) separately respectively, and its output links to each other with Internet user's terminal (7).
CN 01127267 2001-09-27 2001-09-27 Terminal user identity authentication and link system based on Internet Pending CN1338845A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN 01127267 CN1338845A (en) 2001-09-27 2001-09-27 Terminal user identity authentication and link system based on Internet

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN 01127267 CN1338845A (en) 2001-09-27 2001-09-27 Terminal user identity authentication and link system based on Internet

Publications (1)

Publication Number Publication Date
CN1338845A true CN1338845A (en) 2002-03-06

Family

ID=4667243

Family Applications (1)

Application Number Title Priority Date Filing Date
CN 01127267 Pending CN1338845A (en) 2001-09-27 2001-09-27 Terminal user identity authentication and link system based on Internet

Country Status (1)

Country Link
CN (1) CN1338845A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1297104C (en) * 2002-12-04 2007-01-24 华为技术有限公司 Method for realizing port based identification and transmission layer based identification compatibility
WO2008031301A1 (en) * 2006-09-08 2008-03-20 Suzhou Savantlogic Tech Ltd. A method for the point to point online identity authenticaiton
CN100399749C (en) * 2004-08-26 2008-07-02 国际商业机器公司 Methods and systems for user authorization levels in aggregated systems

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1297104C (en) * 2002-12-04 2007-01-24 华为技术有限公司 Method for realizing port based identification and transmission layer based identification compatibility
CN100399749C (en) * 2004-08-26 2008-07-02 国际商业机器公司 Methods and systems for user authorization levels in aggregated systems
WO2008031301A1 (en) * 2006-09-08 2008-03-20 Suzhou Savantlogic Tech Ltd. A method for the point to point online identity authenticaiton

Similar Documents

Publication Publication Date Title
US8375360B2 (en) Provision of services over a common delivery platform such as a mobile telephony network
US6347085B2 (en) Method and apparatus for establishing communications between packet-switched and circuit-switched networks
US6594254B1 (en) Domain name server architecture for translating telephone number domain names into network protocol addresses
CN102047245B (en) Configuring communications between computing nodes
CN1586065A (en) Peer to peer network communication with network address translation
US20100011111A1 (en) Method for offering a call center service in a peer-to-peer network
BRPI0801124B1 (en) METHOD AND SYSTEM FOR UPDATING ROUTING PATTERNS FOR CALLING SESSIONS, AND MEDIA READABLE BY COMPUTER
US9294867B2 (en) Provision of services over a common delivery platform such as a mobile telephony network
CN101584150A (en) Intercepting voice over IP communications and other data communications
CN1552150A (en) Method and apparatus for resolving an entity identifier into an internet address using a domain name system (DNS) server
CN1700680A (en) Efficient message routing when using server pools
CN1259837A (en) Device for supplying radio mobile service, and method and system for same-to-eachother service
GB2422218A (en) A system for providing services
US20060161616A1 (en) Provision of services over a common delivery platform such as a mobile telephony network
CN1338845A (en) Terminal user identity authentication and link system based on Internet
KR100422706B1 (en) Apparatus for offering caller ID and Method thereof
SE524733C2 (en) Procedure and systems for retransmitting mobile IP services in a telecommunications system
EP1681832A1 (en) Provision of services over a common delivery platform such as a mobile telephony network
US8195154B2 (en) Method for implementing terminal roaming and managing in the soft switch-based next generation network
US20060190539A1 (en) Provision of services over a common delivery platform such as a mobile telephony network
CN1666488B (en) Communication network comprising communication components having client and server functionalities and search functions
CN1388678A (en) Method for separating public visit under virtual network environment
US7590849B2 (en) Method and control program for operating a communication terminal for packet-oriented data transmission
CN1669352A (en) Generation of service agreement for the use of network internal functions in telecommunication networks
CN1172504C (en) Method of creating charging identification in internet one number link you

Legal Events

Date Code Title Description
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C06 Publication
PB01 Publication
C02 Deemed withdrawal of patent application after publication (patent law 2001)
WD01 Invention patent application deemed withdrawn after publication