CN105430016A - Network access authentication method and system - Google Patents

Network access authentication method and system Download PDF

Info

Publication number
CN105430016A
CN105430016A CN201511022034.1A CN201511022034A CN105430016A CN 105430016 A CN105430016 A CN 105430016A CN 201511022034 A CN201511022034 A CN 201511022034A CN 105430016 A CN105430016 A CN 105430016A
Authority
CN
China
Prior art keywords
authentication
user
certificate server
radius
nas equipment
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201511022034.1A
Other languages
Chinese (zh)
Inventor
黄山
吴飞
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Maipu Communication Technology Co Ltd
Original Assignee
Maipu Communication Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Maipu Communication Technology Co Ltd filed Critical Maipu Communication Technology Co Ltd
Priority to CN201511022034.1A priority Critical patent/CN105430016A/en
Publication of CN105430016A publication Critical patent/CN105430016A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L1/00Arrangements for detecting or preventing errors in the information received
    • H04L1/22Arrangements for detecting or preventing errors in the information received using redundant apparatus to increase reliability
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/06Management of faults, events, alarms or notifications
    • H04L41/0654Management of faults, events, alarms or notifications using network fault recovery
    • H04L41/0668Management of faults, events, alarms or notifications using network fault recovery by dynamic selection of recovery network elements, e.g. replacement by the most appropriate element after failure
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1001Protocols in which an application is distributed across nodes in the network for accessing one among a plurality of replicated servers

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Power Engineering (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention relates to a security authentication technology and discloses a network access authentication method and system. The objective of the invention is to solve the problems of load imbalance, system resource waste, high system complexity and poor reliability of master/standby authentication server schemes. The network access authentication method comprises the following main steps that: NAS equipment randomly configures a first authentication server or a second authentication server as a master authentication server and a standby authentication server; and after receiving an Internet surfing request of a terminal device, the NAS equipment judges whether the currently-configured master authentication server is down, if the master authentication server is not down, a radius authentication request is transmitted to the configured master authentication server, and if the master authentication server is down, a radius authentication request is transmitted to the configured standby authentication server. In addition, the invention also discloses a corresponding authentication system; and the authentication system is suitable for network security authentication.

Description

A kind of network access verifying method and system
Technical field
The present invention relates to secure authentication technology, be specifically related to a kind of network access verifying method and system.
Background technology
Access authentication server is for reliability consideration, the general two-shipper that all can adopt is mutual for (a master assurance server, another is as backup certificate server), wherein master assurance server has and writes data permission, and backup certificate server, only as data backup, only has digital independent authority, therefore master assurance server normal work period, backup certificate server is only as the data backup of master assurance server, and the data of real-time synchronization master assurance server, can not run authentication business.The machine if master assurance server is delayed, by HA (highly reliable) technology, backup certificate server will be switched to master assurance server, now back up certificate server and will have data write permission, can run authentication business.
The workflow that master control certificate server normally works is as shown in Figure 1:
1) terminal (mobile phone, pc or notebook) initiates online request, as 802.1x or portal protocol massages to NAS equipment.
2), after NAS equipment receives request, the virtual ip address externally provided to master assurance server initiates radius authentication request.
3) master assurance server receives radius authentication request packet, inquiry NAS facility information (IP address, radius key), and the password that authentication username is corresponding.Then verify this user and whether possess access authority, and authentication result daily record is written to data memory module.
4) master assurance server real-time synchronization verify data (authentication result daily record, online user etc.) is to backup certificate server.
5) authentication result is fed back to NAS equipment by master assurance server, and NAS equipment determines the network access authority of whether opening this terminal according to authentication result.
6) NAS equipment feedback online request results is to terminal.
When master authentication certificate server is delayed machine, the workflow of backup certificate server as shown in Figure 2:
1) back up certificate server link HA module and detect that main control server is delayed machine, it is master assurance server that HA module switches backup certificate server, switch external IP address be virtual address and start authentication service, possess data write authority, and externally provide authentication service.
2) terminal (mobile phone, pc or notebook) initiates online request, as 802.1x or portal protocol massages to NAS equipment.
3), after NAS equipment receives request, the virtual ip address externally provided to backup certificate server initiates radius authentication request.
4) back up certificate server and receive radius authentication request packet, inquiry NAS facility information (IP address, radius key), and the password that authentication username is corresponding.Then verify this user and whether possess access authority, and authentication result daily record is preserved.
5) back up certificate server and authentication result is fed back to NAS equipment, NAS equipment determines the network access authority of whether opening this terminal according to authentication result.
6) NAS equipment feedback online request results is to terminal.
There is following problem in existing active and standby certificate server solution:
1. load imbalance:
Master assurance server and backup certificate server can not run authentication business simultaneously, and the load of master assurance server is high;
2. waste system resource:
Under master assurance server normal operation, backup certificate server does not run authentication business, waste resource;
3. system complexity is high:
System configuration is complicated, needs extra introducing HA module;
4. poor reliability:
There is regular hour delay in active and standby certificate server switching, causes partial authentication loss of data, affect customer service.
Summary of the invention
Technical problem to be solved by this invention is: propose a kind of network access verifying method and system, solves the problem of the high and poor reliability of active and standby certificate server scheme exists in conventional art load imbalance, waste system resource, system complexity.
The present invention solves the problems of the technologies described above adopted scheme, a kind of network access authentication system, comprises terminal equipment, NAS equipment, the first certificate server and the second certificate server;
Described terminal equipment, for initiating online request to NAS equipment;
Described NAS equipment, for random, first certificate server or the second certificate server are configured to master assurance server and backup certificate server respectively, after the online request receiving terminal equipment, judge whether the master assurance server of current configuration delays machine, if do not delay machine, the master assurance server to configuration sends radius authentication request; If delay machine, then the backup certificate server to configuration sends radius authentication request;
Real-time synchronization authenticated configuration data between described first certificate server and the second certificate server, and after the radius authentication request receiving the transmission of NAS equipment, read authenticated configuration data and certification is carried out to user profile, and to NAS equipment feedback authentication result;
Described NAS equipment is also for determining whether opening terminal apparatus network access authority according to authentication result.
Further, include in described first certificate server and the second certificate server: authentication module, configuration data memory module and business datum memory module:
Described authentication module, for receive and process NAS equipment send radius authentication request, from configuration data memory module, read authenticated configuration data certification carried out to user profile, and to NAS equipment feedback authentication result;
Described configuration data memory module, for authentication storage configuration data;
Described business datum memory module, for authentication storage result log and online user's information;
Real-time synchronization authenticated configuration data between described master control certificate server and backup certificate server.
Further, described authenticated configuration data comprise NAS facility information, user authentication data and certification policy, and wherein NAS facility information comprises IP address and the radius key thereof of NAS equipment; Described user authentication data comprises user name and corresponding password thereof; Described certification policy comprises user and allows turn-on time, user's black and white lists.
Further, described authentication module receives and processes the radius authentication request of NAS equipment transmission, and from configuration data memory module, read authenticated configuration data to the method that user profile carries out certification is:
Authentication module reads the radius key of NAS equipment corresponding to this IP address from the source IP address of radius authentication request from configuration data memory module, decoding radius authentication request packet extracts user authentication data, and carries out certification to described user authentication data alternately with configuration data memory module.
Further, described authentication result daily record comprises: authenticated time, NAS equipment, authentication result, information of terminal user; Described online user's information comprises online user's title, on-line time, access place, access device, terminal address information.
In addition, another object of the present invention is also to propose a kind of network access verifying method, and it comprises the following steps:
First certificate server or the second certificate server are configured to master assurance server and backup certificate server by A.NAS equipment at random respectively;
B. terminal equipment initiates online request to NAS equipment;
C.NAS equipment, after the online request receiving terminal equipment, judges whether the master assurance server of current configuration delays machine, if do not delay machine, the master assurance server to configuration sends radius authentication request, enters step D; If delay machine, then the backup certificate server to configuration sends radius authentication request, enters step e;
D. master assurance server receives and after processing the radius authentication request that NAS equipment sends, reads authenticated configuration data and carry out certification to user profile, and to NAS equipment feedback authentication result, enter step F;
E. back up certificate server receive and after processing the radius authentication request that NAS equipment sends, read authenticated configuration data and carry out certification to user profile, and feed back authentication result to NAS equipment, enter step F;
F.NAS equipment determines according to the authentication result received the network access authority whether opening terminal equipment.
Further, in step B, in the request message that terminal equipment is initiated to NAS equipment, carry user authentication data.
Further, in step D and E, described reception after processing the radius authentication request that NAS equipment sends, reading authenticated configuration data to the method that user profile carries out certification is:
Authentication module reads the radius key of NAS equipment corresponding to this IP address from the source IP address of radius authentication request from configuration data memory module, decoding radius authentication request packet extracts user authentication data, and carries out certification to described user authentication data alternately with configuration data memory module.
Further, also comprise in described step D:
Master assurance server preserves authentication result daily record to business datum memory module, if authentication success, preserves user's online information simultaneously;
Also comprise in described step e:
Backup certificate server preserves authentication result daily record to business datum memory module, if authentication success, preserves user's online information simultaneously.
Further, described authentication result daily record comprises: authenticated time, NAS equipment, authentication result, information of terminal user; Described online user's information comprises online user's title, on-line time, access place, access device, terminal address information.
The invention has the beneficial effects as follows: by being separated access authentication configuration data and authentication business data, making active and standby certificate server all normally can run authentication business, therefore relative to the active and standby certificate server solution of conventional art, there is following advantage:
1) active and standby load balancing:
NAS equipment at random radius authentication request can be assigned to master control certificate server or backup certificate server carries out certification, effectively can reduce the operating load of main control server;
2) system is highly reliable:
By realizing the selection of active and standby certificate server on NAS equipment, on backup certificate server, not carrying out delay machine testing and switching, authentication request data not packet loss can be ensured, realize system high reliability;
3) resource is made full use of:
Even if under master control certificate server normal operation, backup certificate server also normally can run authentication business, makes full use of resource.
Accompanying drawing explanation
Fig. 1 is master assurance server normal workflow figure in prior art;
Fig. 2 be in prior art master assurance server delay machine time, backup certificate server workflow diagram;
Fig. 3 is network access authentication working-flow figure in the embodiment of the present invention one;
Fig. 4 is network access verifying method flow chart in the embodiment of the present invention two.
Embodiment
The present invention is intended to propose a kind of network access verifying method and system, solves the problem of the high and poor reliability of active and standby certificate server scheme exists in conventional art load imbalance, waste system resource, system complexity.
Do further to describe to the solution of the present invention below in conjunction with drawings and Examples:
Embodiment one:
As shown in Figure 3, the network access authentication system in this example comprises terminal equipment, NAS equipment, the first certificate server, the second certificate server; Described terminal equipment, for initiating online request to NAS equipment; Wherein terminal equipment is the PC, notebook, mobile phone, palmtop PC, the network printer etc. that need access network, can initiate network access authentication request, as 802.1x, pppoe, web authentication etc.;
Described NAS equipment, for random, first certificate server or the second certificate server are configured to master assurance server and backup certificate server respectively, after the online request receiving terminal equipment, judge whether the master assurance server of current configuration delays machine, if do not delay machine, the master assurance server to configuration sends radius authentication request; If delay machine, then the backup certificate server to configuration sends radius authentication request;
Authentication module, configuration data memory module and business datum memory module is included in described first certificate server and the second certificate server;
Described authentication module, for receive and process NAS equipment send radius authentication request, from configuration data memory module, read authenticated configuration data certification carried out to user profile, and to NAS equipment feedback authentication result;
Authentication module reads the radius key of NAS equipment corresponding to this IP address from the source IP address of radius authentication request from configuration data memory module, decoding radius authentication request packet extracts user authentication data, and carries out certification to described user authentication data alternately with configuration data memory module.
Described configuration data memory module, for authentication storage configuration data;
Described business datum memory module, for authentication storage result log and online user's information.Described authentication result daily record comprises: authenticated time, NAS equipment, authentication result, information of terminal user; Described online user's information comprises online user's title, on-line time, access place, access device, terminal address information.
Real-time synchronization authenticated configuration data between first certificate server and the second certificate server; Here authenticated configuration data comprise NAS facility information, user authentication data and certification policy, and wherein NAS facility information comprises IP address and the radius key thereof of NAS equipment; Described user authentication data comprises user name and corresponding password thereof; Described certification policy comprises user and allows turn-on time, user's black and white lists.
Based on above-mentioned network access authentication system, after the master assurance server of configuration delays machine, ensure that authentication request packet can be sent to backup certificate server by NAS device authentication server active-standby switch function, ensure its reliability.
Embodiment two:
With NAS equipment, the first certificate server is configured to master assurance server, the second certificate server is configured to backup certificate server be example so that access authentication method flow process to be described: as shown in Figure 4,
1) the first certificate server is in real time to the synchronous authenticated configuration data of the second certificate server.Configuration data comprises IP address, the radius key of NAS equipment, authentication username and authentication password, certification policy (as user allows turn-on time, user's black and white lists etc.).
2) terminal equipment initiates online request to NAS equipment, and this request message carries authentication username and password.
3) NAS equipment receives the online request of terminal equipment, extracts authentication username and password, and is encapsulated as radius authentication request packet, as the first certificate server normally works, then sends radius authentication request packet to the first certificate server.Otherwise go to step 8).
4) authentication module of the first certificate server receives the radius authentication request packet that NAS equipment sends, read the radius key of NAS equipment corresponding to this IP address from configuration data memory module according to radius source IP, decoding radius message identifying, extract authentication username and password, and then read from configuration data memory module and verify authenticated user information.
5) the first certificate server preserves authentication result daily record (comprising the information such as authenticated time, NAS equipment, authentication result, terminal use) to authentication business data memory module, if authentication success, also need to preserve online user profile (online user's title, on-line time, access place, access device, terminal address etc.).
6) authentication result radius response message is returned to NAS equipment by the first certificate server.
7) NAS equipment is according to authentication result, determines whether open terminal network access rights.Feed back to terminal online request results simultaneously.
8) in above-mentioned steps 3) in, to delay machine if NAS equipment detects the first certificate server, then send radius authentication request packet to the second certificate server.
9) authentication module of the second certificate server receives the radius authentication request packet that NAS equipment sends, read the radius key of NAS equipment corresponding to this IP address from configuration data memory module according to radius source IP, decoding radius message identifying, extract authentication username and password, and then read from configuration data memory module and verify authenticated user information.
10) the second certificate server preserves authentication result daily record (comprising the information such as authenticated time, NAS equipment, authentication result, terminal use) to authentication business data memory module, if authentication success, also need to preserve online user profile (online user's title, on-line time, access place, access device, terminal address etc.).
11) authentication result radius response message is returned to NAS equipment by the second certificate server.
12) NAS equipment is according to authentication result, determines whether open terminal network access rights, feeds back to terminal online request results simultaneously.
In like manner, NAS equipment also can select the second certificate server to be configured to master assurance server, is configured to by the first certificate server back up certificate server; Under this kind of configuration, NAS equipment, after the online request receiving terminal equipment, first judges whether the second certificate server delays machine, if do not delay machine, then sends online request to the second certificate server; If delay machine, then the first certificate server is selected to send online request.

Claims (10)

1. a network access authentication system, is characterized in that, comprises terminal equipment, NAS equipment, the first certificate server and the second certificate server;
Described terminal equipment, for initiating online request to NAS equipment;
Described NAS equipment, for random, first certificate server or the second certificate server are configured to master assurance server and backup certificate server respectively, after the online request receiving terminal equipment, judge whether the master assurance server of current configuration delays machine, if do not delay machine, the master assurance server to configuration sends radius authentication request; If delay machine, then the backup certificate server to configuration sends radius authentication request;
Real-time synchronization authenticated configuration data between described first certificate server and the second certificate server, and after the radius authentication request receiving the transmission of NAS equipment, read authenticated configuration data and certification is carried out to user profile, and to NAS equipment feedback authentication result;
Described NAS equipment is also for determining whether opening terminal apparatus network access authority according to authentication result.
2. a kind of network access authentication system as claimed in claim 1, is characterized in that, includes authentication module, configuration data memory module and business datum memory module in described first certificate server and the second certificate server;
Described authentication module, for receive and process NAS equipment send radius authentication request, from configuration data memory module, read authenticated configuration data certification carried out to user profile, and to NAS equipment feedback authentication result;
Described configuration data memory module, for authentication storage configuration data;
Described business datum memory module, for authentication storage result log and online user's information.
3. a kind of network access authentication system as claimed in claim 2, it is characterized in that, described authentication module receives and processes the radius authentication request of NAS equipment transmission, and from configuration data memory module, read authenticated configuration data to the method that user profile carries out certification is:
Authentication module reads the radius key of NAS equipment corresponding to this IP address from the source IP address of radius authentication request from configuration data memory module, decoding radius authentication request packet extracts user authentication data, and carries out certification to described user authentication data alternately with configuration data memory module.
4. a kind of network access authentication system as described in any one of claim 1-3, it is characterized in that, described authenticated configuration data comprise NAS facility information, user authentication data and certification policy, and wherein NAS facility information comprises IP address and the radius key thereof of NAS equipment; Described user authentication data comprises user name and corresponding password thereof; Described certification policy comprises user and allows turn-on time, user's black and white lists.
5. a kind of network access authentication system as described in any one of claim 1-3, is characterized in that, described authentication result daily record comprises: authenticated time, NAS equipment, authentication result, information of terminal user; Described online user's information comprises online user's title, on-line time, access place, access device, terminal address information.
6. a network access verifying method, is characterized in that, comprises the following steps:
First certificate server or the second certificate server are configured to master assurance server and backup certificate server by A.NAS equipment at random respectively;
B. terminal equipment initiates online request to NAS equipment;
C.NAS equipment, after the online request receiving terminal equipment, judges whether the master assurance server of current configuration delays machine, if do not delay machine, the master assurance server to configuration sends radius authentication request, enters step D; If delay machine, then the backup certificate server to configuration sends radius authentication request, enters step e;
D. master assurance server receives and after processing the radius authentication request that NAS equipment sends, reads authenticated configuration data and carry out certification to user profile, and to NAS equipment feedback authentication result, enter step F;
E. back up certificate server receive and after processing the radius authentication request that NAS equipment sends, read authenticated configuration data and carry out certification to user profile, and feed back authentication result to NAS equipment, enter step F;
F.NAS equipment determines according to the authentication result received the network access authority whether opening terminal equipment.
7. a kind of network access verifying method as claimed in claim 6, is characterized in that, in step B, carries user authentication data in the request message that terminal equipment is initiated to NAS equipment.
8. a kind of network access verifying method as claimed in claim 6, is characterized in that, in step D and E, and described reception after processing the radius authentication request that NAS equipment sends, reading authenticated configuration data to the method that user profile carries out certification is:
Authentication module reads the radius key of NAS equipment corresponding to this IP address from the source IP address of radius authentication request from configuration data memory module, decoding radius authentication request packet extracts user authentication data, and carries out certification to described user authentication data alternately with configuration data memory module.
9. a kind of network access verifying method as claimed in claim 6, is characterized in that,
In described step D, also comprise:
Master assurance server preserves authentication result daily record to business datum memory module, if authentication success, preserves user's online information simultaneously;
In described step e, also comprise:
Backup certificate server preserves authentication result daily record to business datum memory module, if authentication success, preserves user's online information simultaneously.
10. a kind of network access verifying method as described in any one of claim 6-9, is characterized in that,
Described authentication result daily record comprises: authenticated time, NAS equipment, authentication result, information of terminal user; Described online user's information comprises online user's title, on-line time, access place, access device, terminal address information.
CN201511022034.1A 2015-12-30 2015-12-30 Network access authentication method and system Pending CN105430016A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201511022034.1A CN105430016A (en) 2015-12-30 2015-12-30 Network access authentication method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201511022034.1A CN105430016A (en) 2015-12-30 2015-12-30 Network access authentication method and system

Publications (1)

Publication Number Publication Date
CN105430016A true CN105430016A (en) 2016-03-23

Family

ID=55507957

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201511022034.1A Pending CN105430016A (en) 2015-12-30 2015-12-30 Network access authentication method and system

Country Status (1)

Country Link
CN (1) CN105430016A (en)

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106358188A (en) * 2016-08-26 2017-01-25 迈普通信技术股份有限公司 Periodic link switching method, equipment and system
CN107249005A (en) * 2017-07-25 2017-10-13 迈普通信技术股份有限公司 NAS information recovering methods and network authentication server
CN108924096A (en) * 2018-06-13 2018-11-30 杭州迪普科技股份有限公司 A kind of information synchronization method and device
CN109634530A (en) * 2018-12-14 2019-04-16 郑州云海信息技术有限公司 Dual controller NAS storage system and implementation method, the device of port redundancy
CN110121202A (en) * 2018-02-07 2019-08-13 成都鼎桥通信技术有限公司 Cut-in method and terminal device
CN110768844A (en) * 2019-10-31 2020-02-07 杭州迪普科技股份有限公司 Authentication server switching method and device
CN113923045A (en) * 2021-10-29 2022-01-11 北京天融信网络安全技术有限公司 Safety monitoring type intranet access control method and system
CN115022071A (en) * 2022-06-22 2022-09-06 湖北天融信网络安全技术有限公司 Network access control method and system of authentication server
US20220385660A1 (en) * 2021-05-28 2022-12-01 Microsoft Technology Licensing, Llc Client device capable of dynamically routing authentication requests to a backup authentication system
US11855979B2 (en) 2021-05-28 2023-12-26 Microsoft Technology Licensing, Llc Proxy configured to dynamically failover authentication traffic to a backup authentication system

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040073651A1 (en) * 2002-10-10 2004-04-15 International Business Machines Corporation Secure system and method for providing a robust radius accounting server
CN1536811A (en) * 2003-04-09 2004-10-13 华为技术有限公司 Network authentication charging method
CN1848754A (en) * 2005-04-13 2006-10-18 华为技术有限公司 Control method for switching server
CN101141260A (en) * 2007-10-22 2008-03-12 中兴通讯股份有限公司 Method and device for performing passway detection to remote subscriber dialing authentication system server
CN101453341A (en) * 2008-12-19 2009-06-10 中兴通讯股份有限公司 Automatic switching system for remote authentication dialing user server and implementation method thereof
CN102064951A (en) * 2009-11-18 2011-05-18 中兴通讯股份有限公司 Method for implementing master and standby DHCP servers
CN103957251A (en) * 2014-04-28 2014-07-30 迈普通信技术股份有限公司 Method and system for achieving server load balancing

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040073651A1 (en) * 2002-10-10 2004-04-15 International Business Machines Corporation Secure system and method for providing a robust radius accounting server
CN1536811A (en) * 2003-04-09 2004-10-13 华为技术有限公司 Network authentication charging method
CN1848754A (en) * 2005-04-13 2006-10-18 华为技术有限公司 Control method for switching server
CN101141260A (en) * 2007-10-22 2008-03-12 中兴通讯股份有限公司 Method and device for performing passway detection to remote subscriber dialing authentication system server
CN101453341A (en) * 2008-12-19 2009-06-10 中兴通讯股份有限公司 Automatic switching system for remote authentication dialing user server and implementation method thereof
CN102064951A (en) * 2009-11-18 2011-05-18 中兴通讯股份有限公司 Method for implementing master and standby DHCP servers
CN103957251A (en) * 2014-04-28 2014-07-30 迈普通信技术股份有限公司 Method and system for achieving server load balancing

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106358188B (en) * 2016-08-26 2019-06-14 迈普通信技术股份有限公司 A kind of link switch-over method, apparatus and system
CN106358188A (en) * 2016-08-26 2017-01-25 迈普通信技术股份有限公司 Periodic link switching method, equipment and system
CN107249005A (en) * 2017-07-25 2017-10-13 迈普通信技术股份有限公司 NAS information recovering methods and network authentication server
CN107249005B (en) * 2017-07-25 2020-02-14 迈普通信技术股份有限公司 NAS information recovery method and network authentication server
CN110121202A (en) * 2018-02-07 2019-08-13 成都鼎桥通信技术有限公司 Cut-in method and terminal device
CN108924096B (en) * 2018-06-13 2021-08-24 杭州迪普科技股份有限公司 Information synchronization method and device
CN108924096A (en) * 2018-06-13 2018-11-30 杭州迪普科技股份有限公司 A kind of information synchronization method and device
CN109634530A (en) * 2018-12-14 2019-04-16 郑州云海信息技术有限公司 Dual controller NAS storage system and implementation method, the device of port redundancy
CN110768844A (en) * 2019-10-31 2020-02-07 杭州迪普科技股份有限公司 Authentication server switching method and device
US20220385660A1 (en) * 2021-05-28 2022-12-01 Microsoft Technology Licensing, Llc Client device capable of dynamically routing authentication requests to a backup authentication system
US11855979B2 (en) 2021-05-28 2023-12-26 Microsoft Technology Licensing, Llc Proxy configured to dynamically failover authentication traffic to a backup authentication system
CN113923045A (en) * 2021-10-29 2022-01-11 北京天融信网络安全技术有限公司 Safety monitoring type intranet access control method and system
CN115022071A (en) * 2022-06-22 2022-09-06 湖北天融信网络安全技术有限公司 Network access control method and system of authentication server

Similar Documents

Publication Publication Date Title
CN105430016A (en) Network access authentication method and system
US20200322170A1 (en) Identity Authentication Method and System, and Computing Device
CN104320377B (en) The anti-stealing link method and equipment of a kind of files in stream media
CN108462710B (en) Authentication and authorization method, device, authentication server and machine-readable storage medium
CN102638468B (en) The method of protection information transmission security, transmitting terminal, receiving terminal and system
CN105511805A (en) Data processing method and device for cluster file system
CN106708489A (en) Debugging method and system of equipment
CN104767775A (en) Webpage application information push method and webpage application information push system
CN105554146A (en) Remote access method and device
CN103369529B (en) Identity identifying method, accessing points and access controller
CN105873055B (en) Wireless network access authentication method and device
CN104811462A (en) Access gateway redirection method and access gateway
CN111049946B (en) Portal authentication method, portal authentication system, electronic equipment and storage medium
CN102571729A (en) Internet protocol version (IPV)6 network access authentication method, device and system
CN102271133A (en) Authentication method, device and system
CN104468550A (en) User login method for Windows desktop, device and system
CN101465862A (en) Method and device for processing switch of authentication business, network appliance and communication system
TW201509151A (en) A method and computer program product for providing a remote diagnosis with a secure connection for an appliance and an appliance performing the method
CN109413649A (en) A kind of access authentication method and device
CN109818742A (en) A kind of apparatus debugging method, device and storage medium
CN105491045A (en) Authentication-free access control method, apparatus, device and system
JP2009245268A (en) Business management system
CN106537962B (en) Wireless network configuration, access and access method, device and equipment
CN102970141A (en) Client identity authorization system and method
CN107800715B (en) portal authentication method and access equipment

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20160323