CN104468552B - A kind of connection control method and device - Google Patents

A kind of connection control method and device Download PDF

Info

Publication number
CN104468552B
CN104468552B CN201410712872.0A CN201410712872A CN104468552B CN 104468552 B CN104468552 B CN 104468552B CN 201410712872 A CN201410712872 A CN 201410712872A CN 104468552 B CN104468552 B CN 104468552B
Authority
CN
China
Prior art keywords
attribute information
network
user terminal
user
access equipment
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201410712872.0A
Other languages
Chinese (zh)
Other versions
CN104468552A (en
Inventor
陈睿
黄山
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Maipu Communication Technology Co Ltd
Original Assignee
Maipu Communication Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Maipu Communication Technology Co Ltd filed Critical Maipu Communication Technology Co Ltd
Priority to CN201410712872.0A priority Critical patent/CN104468552B/en
Publication of CN104468552A publication Critical patent/CN104468552A/en
Application granted granted Critical
Publication of CN104468552B publication Critical patent/CN104468552B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0892Network architectures or network communication protocols for network security for authentication of entities by using authentication-authorization-accounting [AAA] servers or protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/50Address allocation
    • H04L61/5007Internet protocol [IP] addresses
    • H04L61/503Internet protocol [IP] addresses using an authentication, authorisation and accounting [AAA] protocol, e.g. remote authentication dial-in user service [RADIUS] or Diameter
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication

Abstract

A kind of connection control method of offer of the embodiment of the present invention and device, are related to the communications field, and access control can be realized in multiple network scene, including:After the user account of aaa authentication server authentication user terminal, access control apparatus receives the customer attribute information of the switch-in attribute information and user terminal for the network access equipment that the aaa authentication server is sent;Wherein, the switch-in attribute information includes indicating that the information of the user terminal network scenarios to be accessed, the customer attribute information include the information for indicating the user terminal;According to the switch-in attribute information of storage, the correspondence of customer attribute information and intelligent binding strategy, the corresponding with the network scenarios to be accessed that the customer attribute information of the switch-in attribute information of the network access equipment and the user terminal indicates first intelligent binding strategy is determined.The present invention is applied to network insertion.

Description

A kind of connection control method and device
Technical field
The present invention relates to the communications field more particularly to a kind of connection control methods and device.
Background technology
With the rapid development of computer and Internet technology, the units such as government, bank, enterprise are required for access internet The shared of office and data is carried out, can inevitably attract the various artificial attacks from all over the world, such as information leakage, letter in this way Breath steals, the deletion of data tampering, data, computer virus etc..Therefore, the access control of network is just particularly important.
Existing connection control method is just for wireless terminal WLAN (Wireless Local Area Networks, nothing Line local area network) access.Specifically, as shown in Figure 1, accessing user terminal to network access device, user terminal is to network insertion Equipment sends account and password, network access equipment again to AAA (Authentication, Authorization, Accounting, verification authorize, book keeping operation) certificate server sends account and password, and aaa authentication server is to account and password It is authenticated, after certification, binding device accesses wlan network according to the intelligent binding strategy of the WLAN of storage.But it above-mentioned connects Access control method does not support the network scenarios such as access 3G network, cable access network just for wlan network.
Invention content
A kind of connection control method of the embodiment of the present invention offer and device, can realize access in multiple network scene Control.
In order to achieve the above objectives, the embodiment of the present invention adopts the following technical scheme that:
In a first aspect, a kind of connection control method is provided, including:
After the user account of aaa authentication server authentication user terminal, access control apparatus receives the aaa authentication The customer attribute information of the switch-in attribute information and user terminal of the network access equipment that server is sent;Wherein, the access Attribute information includes the information for indicating the user terminal network scenarios to be accessed, and the customer attribute information includes instruction institute State the information of user terminal;
According to the switch-in attribute information of storage, the correspondence of customer attribute information and intelligent binding strategy, determine with The network to be accessed of the switch-in attribute information of the network access equipment and the customer attribute information instruction of the user terminal The corresponding first intelligent binding strategy of scene, in order to which the user terminal is according to described in the described first intelligent binding strategy access Network.
Second aspect provides a kind of access control apparatus, including:
Receiving unit, the switch-in attribute information of the network access equipment for receiving the transmission of aaa authentication server and user The customer attribute information of terminal;Wherein, the switch-in attribute information includes instruction user terminal network scenarios to be accessed Information, the customer attribute information includes the information for indicating the user terminal;
Determination unit, for corresponding with intelligent binding strategy according to the switch-in attribute information of storage, customer attribute information Relationship is determined to indicate with the customer attribute information of the switch-in attribute information of the network access equipment and the user terminal The corresponding first intelligent binding strategy of network scenarios to be accessed, in order to which the user terminal is bound according to first intelligence Strategy accesses the network.
Compared to the prior art, the method and apparatus that the present invention provides in fact are no longer merely able to be believed according to the device attribute of WLAN Breath unique intelligent binding strategy corresponding with WLAN accesses WLAN, but can be according to the binding under different access networks scene Attribute information selects one kind suitably to wait binding intelligent binding strategy from the binding strategy for multiple network scene, to Allow user terminal to access the network, be no longer only limited to a kind of WLAN nets, moreover it is possible to be carried out in other networks as accessed The control of WLAN nets.
Description of the drawings
In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, to embodiment or will show below There is attached drawing needed in technology description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this Some embodiments of invention for those of ordinary skill in the art without creative efforts, can be with Obtain other attached drawings according to these attached drawings.
Fig. 1 is a kind of structural schematic diagram of network access system;
Fig. 2 is a kind of flow chart of connection control method provided in an embodiment of the present invention;
Fig. 3 is the flow chart of another connection control method provided in an embodiment of the present invention;
Fig. 4 is a kind of structural schematic diagram of access control apparatus provided in an embodiment of the present invention;
Fig. 5 is the structural schematic diagram of another access control apparatus provided in an embodiment of the present invention.
Specific implementation mode
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete Site preparation describes, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based on Embodiment in the present invention, it is obtained by those of ordinary skill in the art without making creative efforts every other Embodiment shall fall within the protection scope of the present invention.
In order to meet the critical networks system such as department of home government, public security, army, secrecy, finance, security and scientific research institutions Network security demand.Network access system can protect entire Intranet, including manageable (corporate desktop, Laptop computer, server) and not manageable (external visitor, affiliate, client) terminal.It can force enterprise net The safety of network terminal ensures that enterprise network protection mechanism is not interrupted, and configuration is correct and patch possesses newest timeliness Property, so that network security is more effectively promoted.At the same time it is based on equipment access control gateway, it can also be for remotely accessing enterprise The computer of industry internal network carries out identity, uniqueness and safety certification.
Embodiment one
The embodiment of the present invention provides a kind of connection control method, is applied to network access system, which can To include aaa authentication server, network access equipment, user terminal and access control apparatus, as shown in Fig. 2, may include:
Step 101, after the user account of aaa authentication server authentication user terminal, access control apparatus receive AAA The customer attribute information of the switch-in attribute information and user terminal of the network access equipment that certificate server is sent;Wherein, this connects Enter the information that attribute information includes indicating user terminal network scenarios to be accessed, which includes indicating the use The information of family terminal.
Step 102, access control apparatus are according to the switch-in attribute information of storage, customer attribute information and intelligent binding strategy Correspondence, determine to wait for what the customer attribute information of the switch-in attribute information of network access equipment and user terminal indicated The corresponding first intelligent binding strategy of network scenarios of access, in order to which user terminal accesses institute according to the first intelligent binding strategy State network.
Compared to the prior art, the method that the present invention provides in fact be no longer merely able to according to the device attribute information of WLAN and WLAN corresponding unique intelligent binding strategies access WLAN, but can be according to the binding category under different access networks scene Property information, from the binding strategy for multiple network scene select one kind suitably waits binding intelligent binding strategy, to make The network can be accessed by obtaining user terminal, no longer be only limited to a kind of WLAN nets, moreover it is possible to be carried out in other networks as accessed The control of WLAN nets.
Further, after step 102, the method can also include:The the first intelligence binding of access control apparatus statistics The quantity of the corresponding current bindings example of strategy;If it is determined that the quantity of binding example is less than binding example threshold, then one is generated The corresponding binding example of first intelligence binding strategy.
Further, the customer attribute information includes:The attribute of the user account and the user terminal, it is described to connect Entering attribute information includes:The attribute of the network access equipment, step 102 can specifically include:Access control apparatus is according to depositing The account of storage and the correspondence of user group determine the corresponding user group of the user account;According to the user group of storage, belong to Property correspondence with intelligent binding strategy, determine user group corresponding with the user account, the user terminal category Property and the attribute of the network access equipment corresponding described wait binding intelligent binding strategy.
Further, for 3G (3rd-Generation, 3rd generation mobile communication technology) network insertion, the network connects The attribute for entering equipment includes MAC (Media Access Control, medium access control) address of the network access equipment; The attribute of the user terminal includes the system banner of the terminal device and the system MAC Address of the terminal device.
Further, wired network is accessed, the attribute of the network access equipment includes the network access equipment The port numbers of MAC Address, the network access equipment;The attribute of the user terminal includes the MAC Address of user terminal, user IP (Internet Protocol, the agreement interconnected between network) address of terminal.
Embodiment two
The embodiment of the present invention provides a kind of connection control method, it is assumed that is applied to the network access system of bank, the bank Network access system may include aaa authentication server, network access equipment, user terminal and access control apparatus.This hair It is bright by mobile phone access 3G net for, this method may include:
Step 201, mobile phone send access request according to the network that user selects to network access equipment, which includes mobile phone User property, user account and user password.
User can select wired network, 3G, 4G (4th-Generation, forth generation mobile communication skill according to actual conditions Art), WLAN etc..When user uses the desktop computer of wired connection, user can select wired network, when user uses mobile phone When, user can select WLAN, 3G or 4G according to current wireless network situation.Access request includes the user property of user terminal, For example, the system MAC Address of the system banner of terminal device, terminal device.System banner is used to indicate current system, can be with It is mobile phone A ndroid (Android) system, mobile phone Saipan system, mobile phone apple system, mobile phone Windows systems etc..Herein User account and user password can be that user is manually entered, and can also be to automatically save.
Step 202, network access equipment pass through RADIUS (Remote Authentication to aaa authentication server Dial In User Service, remote customer dialing authentication service) agreement send mobile phone user property, user account and use Family password.
Step 203, aaa authentication server judge that user account and user password are matched.If so, thening follow the steps 204;If it is not, thening follow the steps 210.
Specifically, aaa authentication server judges whether the user account is the account preserved, if it is not, then executing 210; If so, according to the correspondence of the account and password that have preserved, password corresponding with the user account is obtained, judges that user is close Whether code and corresponding password are identical.If identical, 204 are thened follow the steps, if it is different, thening follow the steps 210.
Step 204, aaa authentication server send attribute information to access control apparatus, which includes mobile phone The switch-in attribute of user property, user account and user password, network access equipment.
User binds the MAC Address that the switch-in attribute may include network access equipment, which indicates that the network connects It is 3G network to enter network where equipment, which is the total of switch-in attribute information in embodiment one and customer attribute information Claim.
Step 205, access control apparatus determine user account pair according to the account of storage and the correspondence of user group The user group answered.
Specifically, the user group of bank can be divided into enterprise customer's group, personal user's group and administrator's group.Access control Device processed can in advance classify account according to user group, preserve the correspondence of account and user group.The classification of user group is It is allocated according to the operational rights of different user.For example, the user of personal user's group can only carry out small amount trading, look forward to Industry user group can carry out wholesale trading, and management group can be managed each user, the same power for not having transaction Profit etc..Even if therefore just for the different operation of different user groups, intelligent binding strategy be also it is differentiated (specifically can be with Such as table 1).
Step 206, access control apparatus according to user group, the correspondence of attribute and intelligent binding strategy, determine with The attribute of the corresponding user group of user account, the attribute of mobile phone and network access equipment is corresponding to be waited binding intelligent binding strategy.
Table 1 shows the correspondence of attribute information and intelligent binding strategy in 3G network.It can be seen that personal user's group User can be accessed using mobile phone 3G, but enterprise customer's group and enterprise customer's group forbid mobile phone 3G to access, but can pass through pen Remember that this 3G is accessed, therefore, intelligence binding strategy provided in an embodiment of the present invention is artificially designed according to actual conditions, herein Seldom describe.Assuming that user group is personal user's group, it is assured that out and is waited for according to user property and switch-in attribute in table 1 Binding strategy (the first intelligent binding strategy in embodiment one) is 3G strategies 1.
Table 1
Intelligent binding strategy can configure one or more mobile phones (user terminal) and access device attribute binding rule, packet It includes:One or more of specified attribute bound values, unlimited attribute bound values, binding example threshold.The present embodiment is to bind reality Example threshold value is rule.
Step 207, access control apparatus count the already present quantity for waiting for the corresponding binding example of binding strategy.
This waits for that binding strategy can correspond to multiple binding examples, and different binding examples can be directed to different users.
Step 208, access control apparatus judge whether the quantity of already present binding example is less than preset example threshold. If so, thening follow the steps 209;If it is not, thening follow the steps 210.
Step 209, when it is already present binding example quantity be less than preset example threshold when, access control apparatus generate One is waited for the corresponding example of binding strategy so that mobile phone can access the network of bank.
Step 210, when it is already present binding example quantity be greater than or equal to preset example threshold when, access control dress Set refusal mobile phone access.
Compared to the prior art, the method and apparatus of present invention offer in fact are no longer merely able to the device attribute according to WLAN Information and the corresponding unique intelligent binding strategies of WLAN access WLAN, but can be according under different access networks scene Bind properties information selects one kind suitably to wait binding intelligent binding strategy from the binding strategy for multiple network scene, So that user terminal can access the network, it is no longer only limited to a kind of WLAN nets, moreover it is possible to be carried out such as in other networks Access the control of WLAN nets.
Embodiment three
The embodiment of the present invention provides a kind of access control apparatus 30, including:
Receiving unit 301, the switch-in attribute information and use of the network access equipment for receiving the transmission of aaa authentication server The customer attribute information of family terminal;Wherein, the switch-in attribute information includes instruction user terminal solenoid field to be accessed The information of scape, the customer attribute information include the information for indicating the user terminal.
Determination unit 302, for pair according to the switch-in attribute information of storage, customer attribute information and intelligent binding strategy It should be related to, determine to indicate with the customer attribute information of the switch-in attribute information of the network access equipment and the user terminal The corresponding first intelligent binding strategy of network scenarios to be accessed, in order to which the user terminal is tied up according to first intelligence Fixed strategy accesses the network.
Compared to the prior art, the device that the present invention provides in fact be no longer merely able to according to the device attribute information of WLAN and The corresponding unique intelligent binding strategies of WLAN access WLAN, but can be according to the bind properties under different access networks scene Information selects one kind suitably to wait binding intelligent binding strategy from the binding strategy for multiple network scene, so that User terminal can access the network, no longer be only limited to a kind of WLAN nets, moreover it is possible to be carried out in other networks such as access WLAN The control of net.
Described to wait that it includes binding example threshold to bind intelligent binding strategy, described device 30 includes:
Statistic unit 303, the quantity for counting the corresponding current bindings example of the first intelligence binding strategy.
Judging unit 304 described waits whether the quantity for binding the corresponding binding example of intelligent binding strategy is small for judging In the binding example threshold;
Generation unit 305, for when determining that the quantity of the binding example is less than the binding example threshold, generating one The corresponding binding example of a first intelligent binding strategy.
Further, the customer attribute information includes:The attribute of user account and the user terminal, the access belong to Property information includes:The attribute of network access equipment, the determination unit 302 are specifically used for:
According to the correspondence of the account of storage and user group, the corresponding user group of the user account is determined;
According to the user group of storage, the correspondence of attribute and intelligent binding strategy, determine and the user account pair The attribute of the user group, the user terminal the answered and attribute of the network access equipment is corresponding described waits binding intelligent binding Strategy.
Further, 3G network is accessed, the attribute of the network access equipment includes the network access equipment MAC Address;The attribute of the user terminal includes the system banner of the terminal device and the system MAC of the terminal device Location.
Further, wired network is accessed, the attribute of the network access equipment includes the network access equipment The port numbers of MAC Address, the network access equipment;The attribute of the user terminal includes the MAC Address of user terminal, user The IP address of terminal.
One of ordinary skill in the art will appreciate that:Realize that all or part of step of above method embodiment can pass through The relevant hardware of program instruction is completed, and program above-mentioned can be stored in a computer read/write memory medium, the program When being executed, step including the steps of the foregoing method embodiments is executed;And storage medium above-mentioned includes:ROM, RAM, magnetic disc or light The various media that can store program code such as disk.
The above description is merely a specific embodiment, but scope of protection of the present invention is not limited thereto, any Those familiar with the art in the technical scope disclosed by the present invention, can easily think of the change or the replacement, and should all contain Lid is within protection scope of the present invention.Therefore, protection scope of the present invention should be based on the protection scope of the described claims.

Claims (10)

1. a kind of connection control method, which is characterized in that including:
After the user account of aaa authentication server authentication user terminal, access control apparatus receives the aaa authentication service The customer attribute information of the switch-in attribute information and user terminal of the network access equipment that device is sent;Wherein, the switch-in attribute Information includes indicating the information of the user terminal network scenarios to be accessed, and the customer attribute information includes indicating the use The information of family terminal;
According to the correspondence of the user account of storage and user group, the corresponding user group of the user account is determined;
According to the correspondence of the user group of storage, switch-in attribute information, customer attribute information and intelligent binding strategy, determine The user of user group corresponding with the user account, the switch-in attribute information and the user terminal of the network access equipment The corresponding first intelligent binding strategy of network scenarios to be accessed of attribute information instruction, in order to which the user terminal is according to institute It states the first intelligent binding strategy and accesses the network.
2. according to the method described in claim 1, it is characterized in that,
Described first intelligent binding strategy includes binding example threshold;
The correspondence of the switch-in attribute information according to storage, customer attribute information and intelligent binding strategy, determine with The network to be accessed of the switch-in attribute information of the network access equipment and the customer attribute information instruction of the user terminal After the corresponding first intelligent binding strategy of scene, the method includes:
Count the quantity of the corresponding current bindings example of the first intelligence binding strategy;
If it is determined that the quantity of the binding example is less than the binding example threshold, then the first intelligence binding plan is generated Slightly corresponding binding example.
3. method according to claim 1 or 2, which is characterized in that the customer attribute information includes:The user account With the attribute of the user terminal, the switch-in attribute information:Include the attribute of the network access equipment.
4. according to the method described in claim 3, it is characterized in that, being accessed for 3rd generation mobile communication technology 3G network, institute The attribute for stating network access equipment includes the medium access control MAC Address of the network access equipment;The user terminal Attribute includes the system banner of the terminal device and the system MAC Address of the terminal device.
5. according to the method described in claim 3, it is characterized in that, being accessed for wired network, the category of the network access equipment Property includes the port numbers of the MAC Address of the network access equipment, the network access equipment;The attribute packet of the user terminal Include the Protocol IP address interconnected between the MAC Address of user terminal, the network of user terminal.
6. a kind of access control apparatus, which is characterized in that including:
Receiving unit, the switch-in attribute information and user terminal of the network access equipment for receiving the transmission of aaa authentication server Customer attribute information;Wherein, the switch-in attribute information includes indicating the letter of the user terminal network scenarios to be accessed Breath, the customer attribute information includes the information for indicating the user terminal;
Determination unit, for according to the user account of storage and the correspondence of user group, determining that the user account corresponds to User group;And the corresponding pass of the user group, switch-in attribute information, customer attribute information and intelligent binding strategy according to storage System, determines user group corresponding with the user account, the switch-in attribute information of the network access equipment and the user The corresponding first intelligent binding strategy of network scenarios to be accessed of the customer attribute information instruction of terminal, in order to the user Terminal accesses the network according to the described first intelligent binding strategy.
7. device according to claim 6, which is characterized in that the described first intelligent binding strategy includes binding example of thresholds Value, described device include:
Statistic unit, the quantity for counting the corresponding current bindings example of the first intelligence binding strategy;
Generation unit, for when determining that the quantity of the binding example is less than the binding example threshold, generating described in one The corresponding binding example of first intelligence binding strategy.
8. the device described according to claim 6 or 7, which is characterized in that the customer attribute information includes:The user account With the attribute of the user terminal, the switch-in attribute information includes:The attribute of the network access equipment.
9. device according to claim 8, which is characterized in that 3G network is accessed, the category of the network access equipment Property includes the MAC Address of the network access equipment;The attribute of the user terminal includes the system banner of the terminal device With the system MAC Address of the terminal device.
10. device according to claim 8, which is characterized in that wired network is accessed, the category of the network access equipment Property includes the port numbers of the MAC Address of the network access equipment, the network access equipment;The attribute packet of the user terminal Include the MAC Address of user terminal, the IP address of user terminal.
CN201410712872.0A 2014-11-28 2014-11-28 A kind of connection control method and device Active CN104468552B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201410712872.0A CN104468552B (en) 2014-11-28 2014-11-28 A kind of connection control method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201410712872.0A CN104468552B (en) 2014-11-28 2014-11-28 A kind of connection control method and device

Publications (2)

Publication Number Publication Date
CN104468552A CN104468552A (en) 2015-03-25
CN104468552B true CN104468552B (en) 2018-10-19

Family

ID=52913924

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201410712872.0A Active CN104468552B (en) 2014-11-28 2014-11-28 A kind of connection control method and device

Country Status (1)

Country Link
CN (1) CN104468552B (en)

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105554753B (en) * 2015-11-27 2019-01-04 北京博思汇众科技股份有限公司 Mobile communications network access system and method
CN106911489B (en) * 2015-12-22 2019-08-27 中国电信股份有限公司 A kind of automatic adaptation method of access device, managing device and system
US11382030B2 (en) 2016-01-29 2022-07-05 Hewlett Packard Enterprise Development Lp Enterprise-based network selection
CN105871862A (en) * 2016-04-19 2016-08-17 杭州华三通信技术有限公司 Network resource accessing method and device
CN106230668B (en) * 2016-07-14 2020-01-03 新华三技术有限公司 Access control method and device
CN109560954B (en) * 2017-09-27 2022-06-10 阿里巴巴集团控股有限公司 Equipment configuration method and device

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102215597A (en) * 2011-05-30 2011-10-12 杭州华三通信技术有限公司 Access policy management method and device
CN103313343A (en) * 2012-03-13 2013-09-18 百度在线网络技术(北京)有限公司 Method and equipment for implementing user access control

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2747371B1 (en) * 2012-12-24 2018-02-07 Alcatel Lucent Access policy definition with respect to a data object
CN103369531B (en) * 2013-07-02 2017-07-04 新华三技术有限公司 A kind of method and device that control of authority is carried out based on end message
CN103354550A (en) * 2013-07-03 2013-10-16 杭州华三通信技术有限公司 Authorization control method and device based on terminal information

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102215597A (en) * 2011-05-30 2011-10-12 杭州华三通信技术有限公司 Access policy management method and device
CN103313343A (en) * 2012-03-13 2013-09-18 百度在线网络技术(北京)有限公司 Method and equipment for implementing user access control

Also Published As

Publication number Publication date
CN104468552A (en) 2015-03-25

Similar Documents

Publication Publication Date Title
CN104468552B (en) A kind of connection control method and device
CN104184705B (en) Verification method, device, server, subscriber data center and system
KR101361161B1 (en) System and method for reinforcing authentication using context information for mobile cloud
CN108337677B (en) Network authentication method and device
US8745709B2 (en) Multifactor authentication service
CN103249045A (en) Identification method, device and system
CN107566381A (en) Equipment safety control method, apparatus and system
CN101986598B (en) Authentication method, server and system
CN113542201B (en) Access control method and equipment for Internet service
CN108022100B (en) Cross authentication system and method based on block chain technology
CN107026813A (en) Access authentication method, system and the portal server of WiFi network
CN107347054A (en) A kind of auth method and device
WO2016165505A1 (en) Connection control method and apparatus
CN106982430B (en) Portal authentication method and system based on user use habits
CN109218334A (en) Data processing method, device, access control equipment, certificate server and system
CN108696540A (en) A kind of authorizing secure system and its authorization method
CN104703183A (en) Special line APN (Access Point Name) security-enhanced access method and device
CN101741568A (en) Surfing method, client, security gateway and surfing system
CN114244568A (en) Security access control method, device and equipment based on terminal access behavior
CN107786486A (en) The Activiation method and device of operating system
CN104883341A (en) Application management device, terminal and application management method
CN109067749A (en) A kind of information processing method, equipment and computer readable storage medium
CN105871851B (en) Based on SaaS identity identifying method
CN107948210A (en) A kind of login method, device, client, server and medium
CN104270342B (en) The access method and system of virtual desktop

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant