CN101778386A - Authentication system capable of supporting multimedia wireless gateway - Google Patents
Authentication system capable of supporting multimedia wireless gateway Download PDFInfo
- Publication number
- CN101778386A CN101778386A CN200910076905A CN200910076905A CN101778386A CN 101778386 A CN101778386 A CN 101778386A CN 200910076905 A CN200910076905 A CN 200910076905A CN 200910076905 A CN200910076905 A CN 200910076905A CN 101778386 A CN101778386 A CN 101778386A
- Authority
- CN
- China
- Prior art keywords
- authentication
- software
- service
- control
- software systems
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses an authentication system capable of supporting a multimedia wireless gateway, and is a software system for authentication, authorization and management between users on local or ex-situ remote wireless hot point networks and terminal equipment. The software system can control the priority of service access, bandwidth and quality of service, and also can support services such as wi-fi/voip mobile phone authentication and position service. The software system is developed on an Linux operating system, and adopts a My SQC or Oracle database; and the main function modules of the software system comprise Radius authentication and authorization software, service authority management and control software, an MAC address authentication and Wi-Fi mobile phone/PDA terminal and Voip service support software, and position information collecting and processing software.
Description
Affiliated technical field
The present invention is a kind of software systems that are used for user and terminal device authentication, mandate and management on the local and remote long distance wireless hot spot networks.These software systems also can realize the control of priority, bandwidth and service quality to Operational Visit, can support wireless wi-fi/voip mobile phone authentication, provide services such as zone position information to advertisement, multimedia service.
Background technology
Current, the hotspot network all adopts Radius agreement and software systems to realize the authentication and authorization of local broadband access online usually.For different business, adopt different Verification Systems usually.For strange land hotspot network, usually independently Verification System need be set in the strange land.This software systems are difficult to realize user and professional unified management and control.Centralized and unified management to the more wireless network of WLAN (wireless local area network) forms obstacle, causes network system complicated, has increased the cost of system's arrangement.
Summary of the invention
The objective of the invention is to design a kind of software systems that realize the authentication service of place remote in easy mode in order to overcome existing Radius Verification System complicated to the deficiency of user and business support ability and system.These software systems can realize the authentication and the mandate of the online of local and remote broadband access network, Wi-fi mobile phone/PDA terminal simultaneously under the support of multimedia wireless gateway and wireless network access controller, service authority control and location-based service.
The key problem in technology and the major function of software systems of the present invention are:
One, on the basis that meets RADIUS framework agreement and standard, definition and development agreement reserved field and handling process, realize access rights control, priority control and the bandwidth control of customer multi-media business, can provide different service priority and authorities to free user, paying customer and different packaged service users;
Two, under the support of multimedia wireless gateway and wireless network access controller, realize the long-range broadband access network user of local and remote WEB/PORTAL authentication and authorize;
Three, finish the Wi-fi mobile phone/pre-authentication of PDA terminal equipment MAC Address and the distribution of dynamic IP addressing, and set up its via the routing iinformation of gateway, for called VOIP terminal provides route.And for authorizing Wi-fi mobile phone/PDA terminal that the high priority access rights are provided;
Four, definition and the location information field that expands user terminal according to the positional information that radio network gateway and wireless access controller provide, are calculated and the recording user position.
Software systems of the present invention are compared with common wireless network software systems has following characteristics: the one, the authorization services of place remote can be provided; The 2nd, the arrangement of hot spot networks can not be subjected to the limitation of zone and wireless network, has reduced the cost of strange land hotspot service; The 3rd, native system can also provide the control and the service quality assurance of service authority, the service of support voice wireless terminal and positional information.
Description of drawings
Accompanying drawing 1 is a Verification System server outline drawing.
Accompanying drawing 2 is application system workflow diagrams.
(1). after wireless terminal connects AP, by the built-in Dynamic Host Configuration Protocol server application of radio network gateway IP address.
(2). the automatic monitoring terminal MAC Address of radio network gateway MSCG/NAS.
(3). radio network gateway MSCG/NAS will increase MAC Address newly and deliver to certificate server and carry out the MAC pre-authentication.
(4). certificate server is to MAC address authentication, and to the NAS of radio network gateway return results.If the terminal equipment under this user has other service quality, service authority setting, certificate server requires radio network gateway to do the processing of professional management.Illegal terminal MAC then notifies radio network gateway that this MAC is logined the restriction list in this way, and regains the IP address.The Wi-Fi mobile phone terminal after pre-authentication passes through, also need carry out the SIP authentication before per call in this way.
(5). radio network gateway MSCG/NAS sends request to the service authorization of MAC to certificate server.
(6). certificate server sends response to radio network gateway MSCG/NAS, this MAC terminal is set bandwidth, authority and port limit.
(7). the wireless terminal open any browser, visit any website (dns resolution is connected successful with TCP) that can be accessed.
(8). radio network gateway MSCG/NAS is DPI to all flows and surveys, and when detecting the MAC terminal access internet first time with hot spot networks access rights, is automatically brought on the WEB Portal server.
(9) the .WEB Portal server sends the WEB certification page to this terminal use.
(10). the user inserts user name, password in certification page, and clicks the Login button, and authentication information is returned to radio network gateway.
(11). after radio network gateway MSCG/NAS obtains the user name, password of wireless terminal, it is formed the web authentication request together with user's IP address, pass to certificate server.
(12). after certificate server is finished authentication, send authentication result back to radio network gateway MSCG/NAS.
(13) if. authentication success, radio network gateway MSCG/NAS ejects the authentication success page, the remaining available duration via of explicit user, Logout button, user-accessible the Internet to user terminal.
(14). radio network gateway MSCG/NAS sends the Account-Start message to certificate server.
(15) if. failed authentication (reasons such as overtime, arrearage, connection failure) or re-authentication failure, radio network gateway MSCG/NAS is to wireless terminal return authentication interface, and comprises the prompting and the cause of failed authentication last time therein.
(16). in when authentication, certificate server can send the cycle keep cost order to radio network gateway MSCG/NAS, when the user surfs the Net in real time, periodically use the situation of network to pass to accounting server the user.
(17). the user can initiatively send the request of rolling off the production line, and radio network gateway MSCG/NAS also can detect whether abnormal off-line of user automatically.
(18). radio network gateway MSCG/NAS receives the request of rolling off the production line, or detects user's abnormal off-line, sends the request that stops to charge to accounting server.
(19). the IP address of wireless terminal is regained and discharged to radio network gateway MSCG/DHCP server.
Embodiment
These software systems are developed on (SuSE) Linux OS and are finished, and adopt My SQC or oracle database.Software systems are made of following functional module:
Radius authentication and licensed software
Service authority management and Control Software
MAC Address pre-authentication and Wi-Fi mobile phone/PDA terminal and Voip business support software
Positional information is gathered and process software
Claims (4)
1. software systems that are used for user and terminal device authentication, mandate and management on the local and remote long distance wireless hot spot networks.Its feature is to realize local and remote remote authentication, mandate and management, can realize the control of priority, bandwidth and service quality to Operational Visit, supports the authentication of wi-fi/voip mobile phone, and location-based service can be provided.
2. software systems according to claim 1 are on the basis that meets RADIUS framework agreement and standard, definition and development agreement reserved field and treatment system, the control of authority between realization user's professional three parts, priority control, bandwidth control.
3. software systems according to claim 1 under the support of radio network gateway and access controller, realize the long-range Internet user's of local and remote authentication and mandate.
4. software systems according to claim 1 are supported the authentication of wi-fi/voip mobile phone, provide zone position information to advertisement, multimedia service.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200910076905A CN101778386A (en) | 2009-01-14 | 2009-01-14 | Authentication system capable of supporting multimedia wireless gateway |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200910076905A CN101778386A (en) | 2009-01-14 | 2009-01-14 | Authentication system capable of supporting multimedia wireless gateway |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101778386A true CN101778386A (en) | 2010-07-14 |
Family
ID=42514667
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN200910076905A Pending CN101778386A (en) | 2009-01-14 | 2009-01-14 | Authentication system capable of supporting multimedia wireless gateway |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101778386A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103313246A (en) * | 2013-06-05 | 2013-09-18 | 中国科学院计算技术研究所 | Two-factor authentication method and two-factor authentication device for wireless sensor network and network comprising two-factor authentication device |
| CN103916401A (en) * | 2014-04-17 | 2014-07-09 | 中国联合网络通信集团有限公司 | Gateway device authentication method, authentication device and authentication system |
| CN103916616A (en) * | 2013-01-08 | 2014-07-09 | 置富存储科技(深圳)有限公司 | Wireless audio transmitting device and wireless audio transmitting system |
-
2009
- 2009-01-14 CN CN200910076905A patent/CN101778386A/en active Pending
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103916616A (en) * | 2013-01-08 | 2014-07-09 | 置富存储科技(深圳)有限公司 | Wireless audio transmitting device and wireless audio transmitting system |
| CN103313246A (en) * | 2013-06-05 | 2013-09-18 | 中国科学院计算技术研究所 | Two-factor authentication method and two-factor authentication device for wireless sensor network and network comprising two-factor authentication device |
| CN103313246B (en) * | 2013-06-05 | 2016-02-03 | 中国科学院计算技术研究所 | A kind of wireless sense network double factor authentication method and device and network thereof |
| CN103916401A (en) * | 2014-04-17 | 2014-07-09 | 中国联合网络通信集团有限公司 | Gateway device authentication method, authentication device and authentication system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20220078179A1 (en) | Zero sign-on authentication | |
| US11212678B2 (en) | Cross access login controller | |
| US9225706B2 (en) | Multiple access point zero sign-on | |
| US9918353B2 (en) | 802.1X access session keepalive method, device, and system | |
| US9549318B2 (en) | System and method for delayed device registration on a network | |
| CN107409307A (en) | Wireless house access network automatically configures | |
| US10637850B2 (en) | Method and system for accessing service/data of a first network from a second network for service/data access via the second network | |
| CN107819728B (en) | Network authentication method and related device | |
| CN104954508B (en) | A kind of system and its auxiliary charging method for DHCP protocol auxiliary charging | |
| EP2894904B1 (en) | Wlan user fixed network access method and system | |
| WO2009018732A1 (en) | A method, server and system of service authorization | |
| CN101778386A (en) | Authentication system capable of supporting multimedia wireless gateway | |
| CN108271152B (en) | WLAN authentication method, authentication platform and portal server | |
| TWI602445B (en) | Authentication system for integration of heterogeneous networks and its authentication method | |
| JP2008278134A (en) | Network control unit, network control method, and computer program | |
| CN103929726A (en) | Relevant method and system for access control in wireless local area network (WLAN) and fixed network interaction | |
| CA2829892C (en) | System and method for delayed device registration on a network | |
| CN102868672A (en) | Authentication and access control system and method | |
| CN103139756A (en) | User information obtaining system, method and portal server | |
| WO2016107148A1 (en) | Authentication and authorization method combining radius and diameter |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20100714 |