CN101699894A - Method and device for processing authentication request in authentication server cluster - Google Patents
Method and device for processing authentication request in authentication server cluster Download PDFInfo
- Publication number
- CN101699894A CN101699894A CN200910193829.7A CN200910193829A CN101699894A CN 101699894 A CN101699894 A CN 101699894A CN 200910193829 A CN200910193829 A CN 200910193829A CN 101699894 A CN101699894 A CN 101699894A
- Authority
- CN
- China
- Prior art keywords
- certificate server
- cluster
- authentication request
- load
- threshold value
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Computer And Data Communications (AREA)
Abstract
The invention discloses a method and device for processing an authentication request in an authentication server cluster. The method comprises the following steps: when an authentication request is received, selecting an authentication server for processing the authentication request, wherein the selection policy of the authentication server is characterized by ensuring that the authentication server for processing the authentication request has a lowest load in the designated range; and if the selected authentication server does not start the corresponding identification service entity, after the identification service entity is started in the selected authentication server, processing the authentication request. When an authentication server with a load smaller than a threshold value exists in the cluster, the designated range means the authentication server with the load smaller than the threshold value in the cluster, and when the loads of all authentication servers in the cluster exceed the threshold value, the designated range means all authentication servers in the cluster. The invention can realize the purpose of processing many authentication requests with low cost.
Description
Technical field
The present invention relates to the technical field of wireless communication system, particularly in the certificate server cluster, handle the method for authentication request.
Background technology
In recent years, be that the broadband wireless network of representative obtains fast development with wireless lan (wlan) and wireless MAN (WMAN) technology, various Wideband technology are used widely in the world.For wireless network, its security threat that faces than the cable network sternness many.The network monitoring person may pretend to be other users to obtain useful information, also can illegally obtain user's information by the eavesdropping user's communications.China's wide-band wireless IP standard operation group has proposed the ternary equity and has differentiated (Triple-element Peer Authentication, be called for short TePA) trusted infrastructure, be applied to WLAN and formed WLAN authentication and privacy infrastructure (WLAN Authentication and PrivacyInfrastructure, be called for short WAPI) agreement, can effectively solve the safety problem that IEEE 802.11 agreements exist.We can say that WAPI is the application example of TePA, is used to solve WLAN (wireless local area network) access security problem.Application number is that 200810027930.0 patent " a kind of safety access method of wireless MAN " (hereinafter to be referred as WMAN-SA) is the Another application example of TePA, is used to solve wireless MAN access security problem.Above-mentioned WAPI and WMAN-SA secure network all comprise three network element: terminal, access point and certificate server.
In a wireless network based on TePA (as WAPI and WMAN-SA network), terminal and access point are realized the target of mutual authenticating identity by discriminating service entities (ASE) authentication service that is provided in the certificate server.Can see at present, certificate server based on WAPI or WMAN-SA agreement, specific access point and terminal all need specify one to differentiate service entities (ASE), if the certificate of terminal differentiates that by difference service entities (ASE) issues, then the access point request of certificate authentication message that needs to comprise access point and terminal certificate sends to corresponding discriminating service entities and authenticates.
Along with popularizing of network, certificate server need provide the access authentication service for increasing user's (access point and terminal), under this condition, even separate unit certificate server performance is high again, the access authentication service that can provide also is limited, therefore, generally adopts many certificate servers to constitute the certificate server cluster and provides service for numerous users, but wish that cluster inside is provided with user transparent, the authentication authorization and accounting server cluster externally performance as same station server.This mode has been used for reference the relevant technologies in parallel computation and the load balancing research, has formed present server cluster technology.
If adopt the server cluster technology, will have many certificate servers in the cluster.Discriminating service entities in every certificate server cryptographic algorithm that uses public-key carries out the operation of consumption calculations resources such as digital certificate signature and checking, needs the support of the higher computational resources such as cryptography hardware acceleration device of cost.
If every certificate server all enable support all differentiate that service entities provide authentication service, may in every certificate server, increase the cryptography hardware acceleration device, could satisfy the efficient of cryptography calculating; Simultaneously, every certificate server is enabled all discriminating service entities of support, can increase the space of the various information of storing when each differentiates service entities work exponentially, causes unnecessary resource overhead.So need a kind of method, can handle under the prerequisite to a plurality of authentication request guaranteeing to satisfy cluster, save the cryptography computational resource as much as possible and differentiate the storage overhead of service entities, reduce system operation cost.
Summary of the invention
The objective of the invention is on the basis that effectively economizes on resources to realize that the certificate server cluster handles a plurality of authentication request.
For solving the problems of the technologies described above, in the certificate server cluster, handle the method for authentication request, when receiving authentication request, choose certificate server and handle this authentication request, it is characterized in that: with the certificate server of guaranteeing to handle this authentication request is that strategy at the minimum certificate server of specified scope internal burden carries out described choosing
If selected certificate server does not start corresponding discriminating service entities, handle this authentication request again after then in selected certificate server, enabling this discriminating service entities,
A. to there being the situation of load less than the certificate server of threshold value in the cluster, described specified scope is meant the certificate server of cluster internal burden less than threshold value,
B. to the load of all certificate servers in the cluster all above the situation of threshold value, described specified scope is meant all certificate servers in the cluster.
Authentication request can be enabled or be configured to said method neatly in selected certificate server provide the discriminating service entities of authentication service to handle authentication request.
The described method of handling authentication request in the certificate server cluster is characterized in that: when receiving authentication request, judge whether the certificate server of enabling the discriminating service entities corresponding with the reception authentication request is arranged in the cluster,
A. as not having, then choose the certificate server of cluster internal burden minimum;
B. if any, then judge whether exist load less than threshold value in the certificate server enabled this discriminating service entities---
B1. as existing, then choose the certificate server of wherein load minimum,
B2. as do not exist, then judging whether exist load less than threshold value in the certificate server of not enabled this discriminating service entities---B21. then chooses the certificate server of load minimum in the certificate server of having enabled this discriminating service entities as existence; B22. as do not exist, then choose the certificate server of load minimum in the certificate server of this discriminating service entities of not enabled.
The described method of handling authentication request in the certificate server cluster is characterized in that: when receiving authentication request, judge whether there be the certificate server of load less than threshold value in the cluster; When choosing, get rid of the certificate server outside the pairing specified scope of judged result.
In the certificate server cluster, handle the device of authentication request, it is characterized in that: comprise
Be used for when receiving authentication request, be taken at the selecting device that the minimum certificate server of specified scope internal burden is handled this authentication request, it is characterized in that:
Selecting device has and is used for
The certificate server of guaranteeing to handle this authentication request is at the minimum certificate server of specified scope internal burden
Really protection device;
Do not start corresponding discriminating service entities if also comprise the certificate server that is used for being got, then in the certificate server of being got, enable the device of enabling of handling this authentication request behind this discriminating service entities again,
A. to there being the situation of load less than the certificate server of threshold value in the cluster, described specified scope is meant the certificate server of cluster internal burden less than threshold value,
B. to the load of all certificate servers in the cluster all above the situation of threshold value, described specified scope is meant all certificate servers in the cluster.
The described device of in the certificate server cluster, handling authentication request, it is characterized in that, comprise first judgment means, second judgment means, the 3rd judgment means, wherein, first judgment means is when receiving authentication request, judge whether the certificate server of enabling the discriminating service entities corresponding with the reception authentication request is arranged in the cluster
A. as not having, then described selecting device is chosen the certificate server of cluster internal burden minimum;
B. if any, then second judgment means judges whether to exist load less than threshold value in the certificate server enabled this discriminating service entities---
B1. as existing, then selecting device is chosen the certificate server of wherein load minimum,
B2. as not existing, then the 3rd judgment means judges whether exist load less than threshold value in the certificate server of this discriminating service entities of not enabled---B21. is as existing, and then selecting device is chosen the certificate server of load minimum in the certificate server of enabling this discriminating service entities; B22. as do not exist, then selecting device is chosen the certificate server of load minimum in the certificate server of this discriminating service entities of not enabled.
The described device of in the certificate server cluster, handling authentication request, it is characterized in that: comprise judgment means, it is used for when receiving authentication request, judge and whether have the certificate server of load in the cluster less than threshold value, when described selecting device is chosen, get rid of the certificate server outside the pairing specified scope of judged result.
The present invention with respect to the beneficial effect of prior art is:
The present invention is by enabling or be configured to the discriminating service entities that authentication request provides authentication service neatly in the certificate servers different in cluster, cluster can be handled a plurality of authentication request, compare with all discriminating service entities of all enabling support at every certificate server, saved the storage resources of cryptographic calculations resource and storage various information, realization certificate server cluster is handled a plurality of authentication request on the basis that effectively economizes on resources.
Description of drawings
Fig. 1 is that certificate server cluster of the present invention is formed schematic diagram.
Embodiment
The present invention is further detailed explanation by embodiment below in conjunction with accompanying drawing.
Referring to Fig. 1, the certificate server cluster comprises load balance scheduler, many certificate servers and shared storage device etc.Many certificate servers (AS0, AS1......ASn) and load balance scheduler carry out the network interconnection by converging node (as switch etc.).
Load balance scheduler, be used to receive the authenticating user identification request message, resolve this authentication request message, obtain affiliated the discriminating service entities and the numbering thereof of this authentication request message, and, distribute this authentication request message and give certain specific authentication server of having enabled this discriminating service entities in the cluster according to the loading condition of each certificate server.
Support a plurality of discriminating service entities of operation in every certificate server in many certificate servers, each differentiates that service entities handles the user authentication request message of this authenticated domain, and authentication response message is sent to the user.Each certificate server should be periodically with in the state information updating of its operation certificate server information table (AS information table) in the shared storage device.
The information of service entities and certificate server is respectively differentiated in the shared storage device storage, and its memory contents is as follows:
1, each certificate server information table (AS information table), information in the table: certificate server numbering (AS ID, ID=1,2 ..., n), running status (normal/fault), loading condition (packet loss, CPU take situation), the local discriminating service entities information of having created (ASE information) etc.Wherein, ASE information comprises: the ASE numbering (ASE ID, ID=1,2 ..., i), ASE type (supporting WAPI or WMAN-SA or other types authentication protocol), ASE state (un-activation/activate/suspend/withdraw from).
2, ASE management information table comprises the information of all ASE that created in the certificate server cluster in the table.Information in the table: ASE numbering (ASE ID, ID=1,2 ..., m), ASE type (supporting WAPI or WMAN-SA or other types authentication protocol), and corresponding ASE certificate information.
In order to enable or be configured to the discriminating service entities that authentication request provides authentication service neatly, load balance scheduler can be in real time manages and controls the discriminating service entities of each certificate server, and its process is as follows:
1) load balance scheduler differentiates that to target the certificate server at service entities (ASE) place sends ASE configuration change request message.Field contents in the ASE configuration change request message comprises: target authentication server numbering, the ASE state after ASE numbering, ASE type, message freshness sign, the change.
2) after the target authentication server is received this ASE configuration change request message, should preferentially carry out this message.Resolve this message, obtain each field contents of message, and carry out following operation:
2.1) check message freshness sign, be resend message as definite this message, then abandon, and in this sign of the local storage of certificate server.
2.2) if this certificate server has been enabled this discriminating service entities, should determine then whether ASE numbering, the ASE type of ASE numbering, ASE type (WAPI authentication protocol) and certificate server this locality in the message be consistent, as inconsistent, then abandon this message; Whether " the ASE state of change " that reply is described than local ASE state and message field be consistent, as unanimity, then certificate server should send ASE configuration change response message to load balance scheduler, description status unusual (, should be inconsistent under " before the change " and " after the change " ASE state normal condition) as the ASE state information recording exceptional in the certificate server reason information table of differentiating service entities.As inconsistent, adjusting local ASE state is " the ASE state of change " that message field is described.
2.3) if this discriminating service entities of not enabled is gone back in this certificate server this locality, then should from shared storage device, read certificate information and private key, create and differentiate service entities, and be set to " the ASE state after the change " that message field is described.And send ASE configuration change response message to load balance scheduler, target authentication server change adjustment ASE state successfully be described.Wherein, the field contents in the ASE configuration change response message comprises: target authentication server numbering, the ASE state after ASE numbering, ASE type, message freshness sign, the change, change result.
3) after load balance scheduler is received this ASE configuration change response message, resolve this message, obtain each field contents of message, and carry out following operation:
3.1) check that the message freshness identifies.Message freshness sign should be consistent with the message freshness sign in the former ASE configuration change request message.As inconsistent, then abandon; As unanimity, then carry out next step;
3.2) determine the ASE state consistency of ASE state after ASE numbering in the message, ASE type (WAPI authentication protocol), the change and the ASE numbering in the former ASE configuration change request message, ASE type, change as inconsistent, then to abandon this message; As unanimity, check then whether " change result " be successful, as " change result " indication failure, then retransmit ASE configuration change request message or do other alarming processing according to strategy.
Be example with network below, the course of work of certificate server cluster of the present invention be described in detail in detail based on the TePA trusted infrastructure:
1, load balance scheduler is waited for and is received user authentication request message;
2, receive user authentication request message after, load balance scheduler is resolved this message, determines the discriminating service entities under this user.Load balance scheduling is in shared storage device, inquiry ASE management information table, as in the ASE management information table, not finding the ASE information of having created, then should send warning information or carry out log record to load balance scheduler, show that this user authentication request is unusual request.
3 if the normal users authentication request, when receiving authentication request, choosing certificate server and handle this authentication request, is that strategy at the minimum certificate server of specified scope internal burden carries out described choosing with the certificate server of guaranteeing to handle this authentication request
If selected certificate server does not start corresponding discriminating service entities, handle this authentication request again after then in selected certificate server, enabling this discriminating service entities,
3.1. to there being the situation of load less than the certificate server of threshold value in the cluster, described specified scope is meant the certificate server of cluster internal burden less than threshold value,
3.2. all above the situation of threshold value, described specified scope is meant all certificate servers in the cluster to the load of all certificate servers in the cluster.
First kind of implementation procedure is: when receiving authentication request and inquire corresponding ASE information in management information table, load balance scheduler should be inquired about each certificate server information table (AS information table), and the result is as follows:
If each certificate server information table of A (AS information table) does not all have this ASE information, then load balance scheduler should be according to the loading condition of present each AS, according to load-balancing algorithm, select the AS of load minimum, send ASE configuration change request message (" the ASE state after the change " in the message is " activation ") and create and activate the discriminating service entities, send ASE configuration change response message to load balance scheduler, the success of announcement change state, then target AS changes its AS information table.After establishment and activation were finished, load balance scheduler sent to this AS with this user authentication request and handles.As change the ASE state and fail, send ASE configuration change response message to load balance scheduler, the failure of announcement change state, after load balance scheduler is received this message, should select except this certificate server, the certificate server of load minimum sends ASE configuration change request message, and handling process is the same.
This kind situation does not judge whether there be the step of load less than the certificate server of threshold value in the cluster, handles this authentication request but directly select the minimum certificate server of load to enable corresponding ASE.This means if there be the certificate server of load less than threshold value, then the scope of appointment is to be scope with load less than the certificate server of threshold value surely, if there be not the certificate server of load less than threshold value, then the scope of appointment is to be scope with all certificate servers in the cluster surely.
Enabled this ASE if B has one or more certificate server information tables (AS information table) to show, two kinds of situations arranged so:
B1 wherein has in the certain threshold value of loading on of certificate server (threshold value can be defined by the keeper), then this user authentication request can be issued the certificate server of load minimum.
This kind situation belongs to find in the scope of load less than the certificate server of threshold value enables the discriminating service entities (ASE) corresponding with the reception authentication request, thereby is that specified scope selects the minimum certificate server of load to handle this authentication request with load less than the certificate server of threshold value.
The load of B2, each certificate server has all surpassed certain threshold value, at this moment, load balance scheduler is according to the result who just begins authentication query server info table (AS information table), take the AS information table of this ASE of other not enableds, the certificate server of this ASE of these not enableds judged whether not surpass the certificate server of threshold value:
B21, as other certificate server loads all above threshold value, then user authentication request is issued the certificate server of the load minimum of enabling ASE.This kind situation belongs to the load of all certificate servers in the cluster all above threshold value, and all find in the certificate server above threshold value at the cluster internal burden and to enable the discriminating service entities (ASE) corresponding, thereby be that specified scope selects the minimum certificate server of load to handle this authentication request with all certificate servers in the cluster with the reception authentication request.
B22, also do not surpass the certificate server of threshold value as there being load, select not surpass the AS of the load minimum of threshold value, send ASE configuration change request message (" the ASE state of change " in the message is " activation ") and activate its discriminating service entities, send ASE configuration change response message to load balance scheduler, the success of announcement change state, then target AS changes its AS information table, then changes the AS information table of memory device.As change the ASE state and fail, send ASE configuration change response message to load balance scheduler, the failure of announcement change state, after load balance scheduler is received this message, should select except this certificate server, the certificate server that does not surpass the load minimum of threshold value sends ASE configuration change request message, and handling process is the same.
This kind situation belongs to and has the certificate server of load less than threshold value in the cluster, and do not find enabled corresponding A SE in load less than the certificate server of threshold value, thereby be that specified scope is selected the minimum certificate server of load to enable corresponding ASE to handle this authentication request less than the certificate server of threshold value with load.
Second kind of implementation procedure is: before choosing, judge whether there be the certificate server of load less than threshold value in the cluster; When choosing, get rid of the certificate server outside the pairing specified scope of judged result.Choose by two kinds of situations after promptly judging;
(1). when having load in the cluster less than the certificate server of threshold value, be that specified scope is searched and enabled the discriminating service entities (ASE) corresponding with received authentication request and the minimum certificate server of load is handled this authentication request less than the certificate server of threshold value just with these loads, if do not find enabled corresponding A SE, then in this scope, select the minimum certificate server of load to enable corresponding ASE and handle this authentication request;
(2). when the load of all certificate servers in the cluster during all above threshold value, be that specified scope is searched and enabled the discriminating service entities (ASE) corresponding with received authentication request and the minimum certificate server of load is handled this authentication request just with all certificate servers in the cluster, if do not find enabled corresponding A SE, then in this scope, select the minimum certificate server of load to enable corresponding ASE and handle this authentication request.
Above-mentioned two kinds of implementation procedure main distinctions are that first kind of implementation procedure judged whether to enable ASE before this and according to the ASE situation of enabling all or part of certificate server carried out load judgment again, so under the fewer situation of the certificate server of enabling corresponding A SE, can dwindle the scope of certificate server being carried out load judgment, second kind of implementation procedure is to judge that earlier load carries out the ASE situation of enabling according to load state to all or part of certificate server again and judge, can dwindle certificate server is carried out the scope that ASE enables the situation judgement so surpass under the many situations of the certificate server of threshold value (being under the bigger situation of whole certificate server cluster load pressure) in load.
Two kinds of implementation procedures can both guarantee to choose the minimum certificate server of load in specified scope, and enable neatly or be configured to authentication request and provide the discriminating service entities of authentication service to handle authentication request.
4, receive the certificate server of user authentication request, this ID authentication request is verified and authenticating user identification, construct the authentication response message, and this authentication response message is sent to the user.
Claims (6)
1. in the certificate server cluster, handle the method for authentication request, when receiving authentication request, choose certificate server and handle this authentication request, it is characterized in that: to guarantee
The certificate server of handling this authentication request is at the minimum certificate server of specified scope internal burden
Strategy carry out described choosing,
If selected certificate server does not start corresponding discriminating service entities, handle this authentication request again after then in selected certificate server, enabling this discriminating service entities,
A. to there being the situation of load less than the certificate server of threshold value in the cluster, described specified scope is meant the certificate server of cluster internal burden less than threshold value,
B. to the load of all certificate servers in the cluster all above the situation of threshold value, described specified scope is meant all certificate servers in the cluster.
2. the method for handling authentication request in the certificate server cluster according to claim 1 is characterized in that: when receiving authentication request, judge whether the certificate server of enabling the discriminating service entities corresponding with the reception authentication request is arranged in the cluster,
A. as not having, then choose the certificate server of cluster internal burden minimum;
B. if any, then judge whether exist load less than threshold value in the certificate server enabled this discriminating service entities---
B1. as existing, then choose the certificate server of wherein load minimum,
B2. as do not exist, then judging whether exist load less than threshold value in the certificate server of not enabled this discriminating service entities---B21. then chooses the certificate server of load minimum in the certificate server of having enabled this discriminating service entities as existence; B22. as do not exist, then choose the certificate server of load minimum in the certificate server of this discriminating service entities of not enabled.
3. the method for handling authentication request in the certificate server cluster according to claim 1 is characterized in that: when receiving authentication request, judge whether there be the certificate server of load less than threshold value in the cluster; When choosing, get rid of the certificate server outside the pairing specified scope of judged result.
4. in the certificate server cluster, handle the device of authentication request, it is characterized in that comprising
Be used for when receiving authentication request, be taken at the selecting device that the minimum certificate server of specified scope internal burden is handled this authentication request, it is characterized in that:
Selecting device has and is used for
The certificate server of guaranteeing to handle this authentication request is at the minimum certificate server of specified scope internal burden
Really protection device;
Do not start corresponding discriminating service entities if also comprise the certificate server that is used for being got, then in the certificate server of being got, enable the device of enabling of handling this authentication request behind this discriminating service entities again,
A. to there being the situation of load less than the certificate server of threshold value in the cluster, described specified scope is meant the certificate server of cluster internal burden less than threshold value,
B. to the load of all certificate servers in the cluster all above the situation of threshold value, described specified scope is meant all certificate servers in the cluster.
5. the device of in the certificate server cluster, handling authentication request according to claim 4, it is characterized in that, comprise first judgment means, second judgment means, the 3rd judgment means, wherein, first judgment means is when receiving authentication request, judge whether the certificate server of enabling the discriminating service entities corresponding with the reception authentication request is arranged in the cluster
A. as not having, then described selecting device is chosen the certificate server of cluster internal burden minimum;
B. if any, then second judgment means judges whether to exist load less than threshold value in the certificate server enabled this discriminating service entities---
B1. as existing, then selecting device is chosen the certificate server of wherein load minimum,
B2. as not existing, then the 3rd judgment means judges whether exist load less than threshold value in the certificate server of this discriminating service entities of not enabled---B21. is as existing, and then selecting device is chosen the certificate server of load minimum in the certificate server of enabling this discriminating service entities; B22. as do not exist, then selecting device is chosen the certificate server of load minimum in the certificate server of this discriminating service entities of not enabled.
6. the device of in the certificate server cluster, handling authentication request according to claim 4, it is characterized in that: comprise judgment means, it is used for when receiving authentication request, judge and whether have the certificate server of load in the cluster less than threshold value, when described selecting device is chosen, get rid of the certificate server outside the pairing specified scope of judged result.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2009101938297A CN101699894B (en) | 2009-11-10 | 2009-11-10 | Method and device for processing authentication request in authentication server cluster |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2009101938297A CN101699894B (en) | 2009-11-10 | 2009-11-10 | Method and device for processing authentication request in authentication server cluster |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101699894A true CN101699894A (en) | 2010-04-28 |
| CN101699894B CN101699894B (en) | 2012-07-25 |
Family
ID=42148334
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2009101938297A Expired - Fee Related CN101699894B (en) | 2009-11-10 | 2009-11-10 | Method and device for processing authentication request in authentication server cluster |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101699894B (en) |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102710419A (en) * | 2011-12-21 | 2012-10-03 | 大唐软件技术股份有限公司 | User authentication method and device |
| CN103593634A (en) * | 2013-11-08 | 2014-02-19 | 国家电网公司 | Network centralized decoding system and method of identity card identifier |
| CN103795694A (en) * | 2012-10-31 | 2014-05-14 | 中国电信股份有限公司 | License control method and license control system |
| CN104700057A (en) * | 2015-04-02 | 2015-06-10 | 山东信通电子股份有限公司 | Sharable resources type resident identification card reading achievement method and resident identification card reader |
| CN105657067A (en) * | 2016-03-24 | 2016-06-08 | 网易(杭州)网络有限公司 | Game verification method and device, game server and verification server |
| CN107580004A (en) * | 2017-10-31 | 2018-01-12 | 深圳竹云科技有限公司 | A kind of new authentication method and authentication center's framework |
| CN108616762A (en) * | 2016-12-12 | 2018-10-02 | 北京视联动力国际信息技术有限公司 | A kind of sharing method regarding networked server and regard networked server |
| WO2019144505A1 (en) * | 2018-01-29 | 2019-08-01 | 平安科技(深圳)有限公司 | Method, device, electronic equipment for selecting authentication channel and medium |
| CN110719245A (en) * | 2018-07-11 | 2020-01-21 | 中国移动通信集团浙江有限公司 | Internet of things data transmission method and system |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100389555C (en) * | 2005-02-21 | 2008-05-21 | 西安西电捷通无线网络通信有限公司 | An access authentication method suitable for wired and wireless network |
| CN100454876C (en) * | 2007-02-06 | 2009-01-21 | 西安西电捷通无线网络通信有限公司 | Method for applying for certificate in wireless LAN WAPI safety mechanism |
| CN100456726C (en) * | 2007-03-15 | 2009-01-28 | 北京安拓思科技有限责任公司 | Network system and method for realizing the Internet access authentication based on WAPI |
| CN101262454A (en) * | 2008-04-21 | 2008-09-10 | 中国科学院计算技术研究所 | A network digital media content distribution method and system |
| CN101442749B (en) * | 2008-12-15 | 2011-12-28 | 广州杰赛科技股份有限公司 | Authentication method for wireless netted network based on WAPI |
-
2009
- 2009-11-10 CN CN2009101938297A patent/CN101699894B/en not_active Expired - Fee Related
Cited By (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102710419A (en) * | 2011-12-21 | 2012-10-03 | 大唐软件技术股份有限公司 | User authentication method and device |
| CN102710419B (en) * | 2011-12-21 | 2015-02-18 | 大唐软件技术股份有限公司 | User authentication method and device |
| CN103795694A (en) * | 2012-10-31 | 2014-05-14 | 中国电信股份有限公司 | License control method and license control system |
| CN103593634A (en) * | 2013-11-08 | 2014-02-19 | 国家电网公司 | Network centralized decoding system and method of identity card identifier |
| CN104700057A (en) * | 2015-04-02 | 2015-06-10 | 山东信通电子股份有限公司 | Sharable resources type resident identification card reading achievement method and resident identification card reader |
| CN105657067A (en) * | 2016-03-24 | 2016-06-08 | 网易(杭州)网络有限公司 | Game verification method and device, game server and verification server |
| CN108616762A (en) * | 2016-12-12 | 2018-10-02 | 北京视联动力国际信息技术有限公司 | A kind of sharing method regarding networked server and regard networked server |
| CN108616762B (en) * | 2016-12-12 | 2019-11-19 | 视联动力信息技术股份有限公司 | A kind of sharing method and view networked server of view networked server |
| CN107580004A (en) * | 2017-10-31 | 2018-01-12 | 深圳竹云科技有限公司 | A kind of new authentication method and authentication center's framework |
| WO2019144505A1 (en) * | 2018-01-29 | 2019-08-01 | 平安科技(深圳)有限公司 | Method, device, electronic equipment for selecting authentication channel and medium |
| CN110719245A (en) * | 2018-07-11 | 2020-01-21 | 中国移动通信集团浙江有限公司 | Internet of things data transmission method and system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101699894B (en) | 2012-07-25 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101699894B (en) | Method and device for processing authentication request in authentication server cluster | |
| US20130174239A1 (en) | Reinforced authentication system and method using context information at the time of access to mobile cloud service | |
| EP2742711B1 (en) | Detection of suspect wireless access points | |
| US8139521B2 (en) | Wireless nodes with active authentication and associated methods | |
| CN101345743B (en) | Method and system for preventing network attack by utilizing address analysis protocol | |
| CN103313429B (en) | A kind of processing method identifying forgery WIFI hot spot | |
| CN110267270B (en) | Identity authentication method for sensor terminal access edge gateway in transformer substation | |
| US9490986B2 (en) | Authenticating a node in a communication network | |
| GB2424559A (en) | Selecting authentication protocol for a device in an EAP system from preferably the most recently used or most often used by that device | |
| US9602499B2 (en) | Authenticating a node in a communication network | |
| US20060161770A1 (en) | Network apparatus and program | |
| CN110958111A (en) | Electric power mobile terminal identity authentication mechanism based on block chain | |
| GB2430580A (en) | Mutual Authentication of Access Points in a Wireless Network. | |
| WO2007026230A2 (en) | Arbitrary mac address usage in a wlan system | |
| CN101699893B (en) | Method for changing states of authentication service entities of certificate server cluster | |
| CN101527907B (en) | Wireless local area network access authentication method and wireless local area network system | |
| WO2012126286A1 (en) | Aaa server status detection method and system | |
| Sudha et al. | A review on privacy requirements and application layer security in internet of things (IoT) | |
| CN101600200A (en) | Method for switching among heterogeneous networks, mobile node and authenticating access point | |
| US11784993B2 (en) | Cross site request forgery (CSRF) protection for web browsers | |
| CN201252570Y (en) | Security gateway client end device | |
| US11811817B2 (en) | SSL proxy whitelisting | |
| CN100499649C (en) | Method for realizing safety coalition backup and switching | |
| CN107566418B (en) | Security management method and access device | |
| CN110636464A (en) | Communication system for communication between Internet of things equipment and communication system with enterprise intranet |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20120725 Termination date: 20201110 |