CN105592046A - Authentication-free access method and device - Google Patents
Authentication-free access method and device Download PDFInfo
- Publication number
- CN105592046A CN105592046A CN201510527450.0A CN201510527450A CN105592046A CN 105592046 A CN105592046 A CN 105592046A CN 201510527450 A CN201510527450 A CN 201510527450A CN 105592046 A CN105592046 A CN 105592046A
- Authority
- CN
- China
- Prior art keywords
- dns
- domain name
- address
- authentication
- exempt
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/45—Network directories; Name-to-address mapping
- H04L61/4505—Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols
- H04L61/4511—Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols using domain name system [DNS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
Abstract
The invention provides an authentication-free access method, which comprises the steps that: gateway equipment forwards a DNS response message to a client when receiving the DNS response message which is responded to the client by a DNS server, so that the client uses a responded IP address to sent messages; and when an authentication-free rule is configured for a domain name in the DNS response message, an authentication-free rule is configured for an IP address corresponding to the domain name in the DNS response message. Based on the same inventive concept, the invention further provides an authentication-free access device, which can automatically configure an authentication-free rule for an IP address of a server, so that specific content can be accessed by a use without authentication while other content can be accessed after authentication.
Description
Technical field
The present invention relates to communication technical field, particularly a kind of method and apparatus of authentication-exempt access.
Background technology
In user access network, gateway device can be controlled the authority of customer access network. Coordinate certificationServer, the behavior that gateway can be accessed user outer net is redirected to identifying procedure, and certification is passed throughUser authorizes extranet access authority.
Along with ecommerce, the extensive use of the internet new business such as on-line payment, legacy network service is carriedFor business, as telecommunications, mobile, or specific to the manager of certain LAN, to user access network sideFormula has the demand of renewal.
Add white list to be stored in gateway device specific server address, can allow user withoutCertification is addressable these specific servers. If the server in white list belongs to micro-letter, Taobao,Or Web bank, user can just can directly access behind Internet Protocol (IP) address obtaining soThese servers obtain service, very convenient. Still strictly controlled for the access outside white list, needCould granted access after authenticating.
More than comprehensive, white list can be controlled the content that user can directly access flexibly, can not lose simultaneouslyGo the control of authority to other guide access.
The server ip address of user being wished to free access in existing realization is as white list, on gatewayConfiguration authentication-exempt rule, user accesses the message matched rule of this IP and directly lets pass.
Consider that visit capacity is larger, for load balancing, popular internet content provider may have many clothesBusiness device, corresponding multiple IP address; Gateway device keeper needs these IP addresses of complete collection are made and being joinedPut, in the time that server address changes, webmaster needs the configuration of response change in time, comparatively loaded down with trivial details.
Summary of the invention
In view of this, the application provides a kind of authentication-exempt access method and device, can be for serverIP address configures authentication-exempt rule automatically, makes user's unauthenticated get final product access certain content, simultaneously itsAfter need authenticating, its content could access.
For solving the problems of the technologies described above, the application's technical scheme is achieved in that
A kind of authentication-exempt access method, the method comprises:
Gateway device is for the domain name configuration authentication-exempt rule of the server of accessing before certification;
When receiving dns server and responding the DNS response message to client, described DNS is repliedMessage repeating makes described client use the IP address of response to send message to described client;
When configured authentication-exempt rule for the domain name in described DNS response message, for described DNSThe IP address configuration authentication-exempt rule that domain name described in response message is corresponding.
A kind of authentication-exempt access means, this device comprises: receiving element, transmitting element and dispensing unit;
Described receiving element, for receiving DNS response message;
Described transmitting element, for receiving when described receiving element, dns server responds to clientWhen DNS response message, described DNS response message is transmitted to described client and makes described client use soundThe IP address of answering sends message;
Described dispensing unit, for the domain name configuration authentication-exempt rule for the server of accessing before certification; WhenDomain name in the DNS response message receiving for described receiving element has configured authentication-exempt rule, for instituteState IP address configuration authentication-exempt rule corresponding to domain name described in DNS response message.
From technical scheme above, in the application, by for domain name configuration authentication-exempt rule, realizeThe IP address corresponding for domain name configures authentication-exempt rule automatically, can make object IP address exempt from for configuringThe message of the IP address of authenticate ruler carries out authentication-exempt transmission. This scheme can be for the IP ground of serverLocation configures authentication-exempt rule automatically, makes user's unauthenticated get final product access certain content, simultaneously in otherHold and need could access after certification.
Brief description of the drawings
Fig. 1 is access user networking schematic diagram in the embodiment of the present application;
Fig. 2 is authentication-exempt browsing process schematic diagram in the embodiment of the present application;
Fig. 3 is the apparatus structure schematic diagram that is applied to above-mentioned technology in the embodiment of the present application.
Detailed description of the invention
In order to make object of the present invention, technical scheme and advantage clearer, below in conjunction with accompanying drawing alsoFor embodiment, technical scheme of the present invention is elaborated.
A kind of authentication-exempt access method is provided in the embodiment of the present application, is applied on gateway device, for realizingThe technical scheme that the application provides need configure as follows on gateway device:
First, configure authentication-exempt rule for the domain name of the server of accessing before certification.
Referring to Fig. 1, Fig. 1 is access user networking schematic diagram in the embodiment of the present application. In Fig. 1, hypothesis existsBefore certification, the domain name of the white list server of access is www.sample.com, configures for this domain nameAuthentication-exempt rule is as follows:
portalfree-rule1hosthttp://www.sample.com。
The concrete form of the authentication-exempt rule of the embodiment of the present application to configuration does not limit, and user can rootBe configured according to experience, custom the authentication-exempt of realizing for this domain name.
In the time of specific implementation, in order to increase the security of access device, make equipment can verification corresponding to territoryThe authenticity of the IP of name, in the time of configuration authentication-exempt rule, configuration verification option.
As the authentication-exempt rule for domain name www.sample.com configuration, and while increasing verification option,Specific as follows:
portalfree-rule1hosthttp://www.sample.comcheck。
Above-mentioned configuration, using verification (check) field to identify has increased verification option.
Secondly User Datagram Protocol (the UserDatagram that, configuration is 53 to source port and destination interfaceProtocol, UDP) message or transmission control protocol (TransmissionControlProtocol, TCP)Message is let pass, and receives client and send to the DNS query message of dns server, forwardsGive domain name system (DomainNameSystem, DNS) server; Receiving dns server sends outWhile giving the DNS response message of client, be transmitted to described client; And DNS response message is enteredRow is analyzed, and concrete analysis process is below being described in detail again.
The specific implementation form of the configuration that the UDP message that is 53 to source port or TCP message are let passDo not limit, can be achieved as follows:
portalfree-rule2destinationipanyudp53;
portalfree-rule3destinationipanytcp53。
The specific implementation shape of the configuration that the UDP message that is 53 to destination interface or TCP message are let passFormula does not limit, and can be achieved as follows:
portalfree-rule2sourceipanyudp53;
portalfree-rule3sourceipanytcp53。
Below in conjunction with accompanying drawing, describe in detail in the embodiment of the present application and realize authentication-exempt access process.
Referring to Fig. 2, Fig. 2 is authentication-exempt browsing process schematic diagram in the embodiment of the present application. Concrete steps are:
Step 201, gateway device receives dns server and responds the DNS response message to clientTime, described DNS response message is transmitted to described client and makes described client use the IP ground of responseLocation sends message.
Taking Fig. 1 as example, client is by DHCP (DynamicHostConfigurationProtocol, DHCP) get behind the IP address of oneself, in browser, input url:Http:// www.sample.com carry out HTTP (HypertextTransferProtocol,HTTP) access, now the operating system of client can be initiated DNS query message and inquires aboutThe IP address of www.sample.com.
When gateway device receives DNS query message, because this locality has configured for this message the rule of letting pass, this DNS query message is transmitted to dns server.
Dns server can respond by DNS response message, in this DNS response message, carriesThe IP address of corresponding domain name www.sample.com, in practical application, corresponding IP address has multiple,Also may only have one.
Gateway device receives dns server and sends to the DNS response message of client, due to thisDNS response message pass-through rule, is transmitted to dns server by this DNS response message, so that instituteStating client uses the IP address of replying in this DNS response message to send message.
Step 202, this gateway device is when having configured authentication-exempt for the domain name in described DNS response messageWhen rule, for IP address configuration authentication-exempt rule corresponding to domain name described in described DNS response message.
In the embodiment of the present application, DNS response message is let pass, be transmitted to after client, it is right also to needThis DNS response message is analyzed, and while realization, can be to copy a DNS response message herein,Also can be the domain name recording in this DNS response message, and IP address corresponding to domain name.
Concrete analysis for this DNS response message is as follows:
This gateway device determines whether configured authentication-exempt rule for the domain name in described DNS response message;
Determine and configured authentication-exempt rule for the domain name in described DNS response message when this gateway device,For IP address configuration authentication-exempt rule corresponding to domain name described in described DNS response message.
When IP address corresponding to domain name described in described DNS response message is when more than two, for oftenIndividual IP address configuration authentication-exempt rule.
Determine and do not configure authentication-exempt rule for the domain name in described DNS response message when this gateway device,Can be for IP address configuration authentication-exempt rule corresponding to domain name described in described DNS response message.
If when before for need certification, the domain name configuration authentication-exempt of the server of access is regular, configuration verificationOption.
In this step for IP address configuration authentication-exempt corresponding to domain name described in described DNS response messageAfter rule, described method further comprises:
This gateway device is corresponding to dns server request for the domain name in described DNS response messageIP address, if the IP address corresponding with domain name described in described DNS response message, IP address that request is arrivedThere is difference, will configure authentication-exempt rule for domain name, and not in the IP address of askingAuthentication-exempt redundant rule elimination corresponding to IP address.
In the time of the inquiry of initiating to same dns server for same domain name, dns server can be accusedKnow all IP address that this domain name is corresponding, so-called load balancing is the first IP address root of response messageIt is investigated and ask message source IP address difference and inequality, because after client obtains replying, generally to first IP groundLocation initiates to connect.
Therefore, when client query and gateway device are inquired about IP address corresponding to same domain name, can inquire aboutTo consistent with query contents before client, quantity is consistent, the IP sequence that order is different, therefore, this ShenPlease, in the time deleting the face authenticate ruler of configuration, can not delete authentication-exempt rule corresponding to authentic and valid IP address.
In the time that outer net has counterfeit DNS response message to flow through gateway device, gateway device can transitory configuration be exempted fromAuthenticate ruler, then oneself initiates one query again, receives the void issuing before can deleting after actual responseAuthentication-exempt rule corresponding to false IP address.
In actual applications, in order to prevent attacking, the DNS Protocol module of gateway device self can checkThe TransactionID of response message, if be not inconsistent with inquiry, abandons, and has reduced and has been subject to a certain extentThe possibility of attacking.
In the embodiment of the present application, for the domain name in described DNS response message to dns server requestCorresponding IP address, is specially:
Generate and send DNS query message to described dns server for domain name, and startup is fixedTime device timing;
The interface IP ground that the source IP address of the DNS query message that this gateway device generates is gateway deviceLocation, the IP address that object IP address is dns server.
When in described timer timing, receive described dns server for this DNS inquiryThe DNS response message that message sends, determines and obtains the IP address that domain name is corresponding;
When in described timer timing, do not receive described dns server and look into for this DNSAsk the DNS response message that message sends, and the coefficient that sends described DNS query message does not reach defaultWhen number of times, again send DNS query message, and restart timer timing;
When sending after DNS query message in preset times, in timer timing, do not receiveThe DNS response message that described dns server sends for this DNS query message, determines and does not obtainTo IP address corresponding to domain name.
This gateway device, will be for domain name when determining while not getting IP address corresponding to domain nameConfigure the authentication-exempt redundant rule elimination corresponding to IP address of authentication-exempt rule.
By the above-mentioned processing of the embodiment of the present application, gateway device is receiving the object IP of client transmissionAddress configuration when the message of authentication-exempt rule, directly forward the packet to corresponding server, can be toCertificate server is initiated certification, and for message corresponding to IP address that does not configure authentication-exempt rule, can be firstInitiate certification to certificate server, after authentication success, just can forward this message.
In the embodiment of the present application, can also be aging to the authentication-exempt rule configuration automatically configuring for IP addressTime, receive the message of Wei GaiIP address, object IP address in ageing time time, refresh when agingBetween, in ageing time then, while not receiving the message of Wei GaiIP address, object IP address, delete and beThe authentication-exempt rule of this IP address configuration.
Based on same inventive concept, a kind of authentication-exempt access means is also proposed in the embodiment of the present application. Referring to figure3, Fig. 3 is the apparatus structure schematic diagram that is applied to above-mentioned technology in the embodiment of the present application. This device comprises: connectReceive unit 301, transmitting element 302 and dispensing unit 303;
Receiving element 301, for receiving DNS response message;
Transmitting element 302, responds the DNS to client for receiving dns server when receiving element 301When response message, described DNS response message is transmitted to described client described client use is respondedIP address sends message;
Dispensing unit 303, for the domain name configuration authentication-exempt rule for the server of accessing before certification; WhenDomain name in the DNS response message receiving for receiving element 301 has configured authentication-exempt rule, for instituteState IP address configuration authentication-exempt rule corresponding to domain name described in DNS response message.
Preferably,
Dispensing unit 303, is further used for when determining IP corresponding to domain name described in described DNS response messageAddress is when more than two, for each IP address configuration authentication-exempt rule.
Preferably,
Dispensing unit 303, is further used for the domain name configuration authentication-exempt rule for the server of accessing before certificationTime, configuration verification option; Exempt from for IP address configuration corresponding to domain name described in described DNS response messageAfter authenticate ruler, for the domain name in described DNS response message to IP corresponding to dns server requestAddress, if the IP address corresponding with domain name described in described DNS response message, the IP address that request is arrived existsDifference, will configure authentication-exempt rule for domain name, and not request to IP address in IP groundThe authentication-exempt redundant rule elimination that location is corresponding.
Preferably,
Dispensing unit 303, please to dns server specifically for the domain name in described DNS response messageWhile asking corresponding IP address, generate and send DNS inquiry report to described dns server for domain nameLiterary composition, and start timer timing; When in described timer timing, receive described dns serverThe DNS response message sending for this DNS query message, determines and obtains the IP ground that domain name is correspondingLocation; When in described timer timing, do not receive described dns server for this DNS inquiryThe DNS response message that message sends, and the coefficient that sends described DNS query message does not reach preset timesTime, again send DNS query message, and restart timer timing; When sending in preset timesAfter DNS query message, in timer timing, do not receive described dns server for this DNSThe DNS response message that query message sends, determines and does not get the IP address that domain name is corresponding.
Preferably,
Dispensing unit 303, is further used for when determining while not getting IP address corresponding to domain name,The authentication-exempt redundant rule elimination corresponding to IP address of authentication-exempt rule will have been configured for domain name.
The unit of above-described embodiment can be integrated in one, and also can separate deployment; Can merge into oneUnit, also can further split into multiple subelements.
In sum, the application, by for domain name configuration authentication-exempt rule, realizes corresponding for domain nameIP address configures authentication-exempt rule automatically, and can make object IP address is the IP ground of configuration authentication-exempt ruleThe message of location carries out authentication-exempt transmission. This scheme can configure authentication-exempt automatically for the IP address of serverRule, makes user's unauthenticated get final product access certain content, and other content could be visited after need authenticating simultaneouslyAsk.
The technical scheme that the application provides has also added verifying function, make equipment can verification corresponding to white nameThe authenticity of the IP of single domain name, increases the security of access device. Based on domain name configuration white list, to usingFamily access certain content facilitates. User can not authenticate direct access white list content, user,Network insertion service supplier, Web content service supplier directly opens green channel, creates business opportunity.
The foregoing is only preferred embodiment of the present invention, not in order to limit the present invention, all at thisWithin the spirit and principle of invention, any amendment of making, be equal to replacement, improvement etc., all should be included inWithin the scope of protection of the invention.
Claims (10)
1. an authentication-exempt access method, is characterized in that, the method comprises:
Gateway device is for the domain name configuration authentication-exempt rule of the server of accessing before certification;
When receiving domain name system DNS server and responding the DNS response message to client, by described DNSResponse message is transmitted to described client, makes described client use the Internet Protocol IP address of response to sendMessage;
When configured authentication-exempt rule for the domain name in described DNS response message, for described DNSThe IP address configuration authentication-exempt rule that domain name described in response message is corresponding.
2. method according to claim 1, is characterized in that, when institute in described DNS response messageWhile stating IP address corresponding to domain name and be more than two, for each IP address configuration authentication-exempt rule.
3. method according to claim 1 and 2, is characterized in that, described for accessing before certificationThe domain name configuration authentication-exempt rule of server time, described method further comprises: configuration verification option;
Described for IP address configuration authentication-exempt rule corresponding to domain name described in described DNS response messageAfter, described method further comprises:
For the domain name in described DNS response message to IP address corresponding to dns server request, if pleaseThe IP address corresponding from domain name described in described DNS response message, the IP address of asking exists different, willConfigure authentication-exempt rule for domain name, and not corresponding the exempting from IP address in the IP address of askingAuthenticate ruler is deleted.
4. method according to claim 1 and 2, is characterized in that, described for described DNS shouldAnswer domain name in message to IP address corresponding to dns server request, comprising:
Generate and send DNS query message to described dns server for domain name, and starting timingDevice timing;
When in described timer timing, receive described dns server for this DNS inquiry reportThe DNS response message that literary composition sends, determines and obtains the IP address that domain name is corresponding;
When in described timer timing, do not receive described dns server for this DNS inquiryThe DNS response message that message sends, and the coefficient that sends described DNS query message does not reach preset timesTime, again send DNS query message, and restart timer timing;
When sending after DNS query message, described in not receiving in timer timing in preset timesThe DNS response message that dns server sends for this DNS query message, described in definite not gettingThe IP address that domain name is corresponding.
5. method according to claim 4, is characterized in that, described method further comprises:
When determining while not getting IP address corresponding to domain name, will configure authentication-exempt for domain nameThe authentication-exempt redundant rule elimination corresponding to IP address of rule.
6. an authentication-exempt access means, is characterized in that, this device comprises: receiving element, transmitting elementAnd dispensing unit;
Described receiving element, for receiving domain name system DNS response message;
Described transmitting element, for receiving when described receiving element, dns server responds to clientWhen DNS response message, described DNS response message is transmitted to described client, described client is usedThe Internet Protocol IP address of response sends message;
Described dispensing unit, for the domain name configuration authentication-exempt rule for the server of accessing before certification; WhenWhen domain name in the DNS response message receiving for described receiving element has configured authentication-exempt rule, forThe IP address configuration authentication-exempt rule that domain name described in described DNS response message is corresponding.
7. device according to claim 6, is characterized in that,
Described dispensing unit, is further used for when determining IP corresponding to domain name described in described DNS response messageAddress is when more than two, for each IP address configuration authentication-exempt rule.
8. according to the device described in claim 6 or 7, it is characterized in that,
Described dispensing unit, is further used for the domain name configuration authentication-exempt rule for the server of accessing before certificationTime, configuration verification option; Exempt from for IP address configuration corresponding to domain name described in described DNS response messageAfter authenticate ruler, for the domain name in described DNS response message to IP corresponding to dns server requestAddress, if the IP address corresponding with domain name described in described DNS response message, the IP address that request is arrived existsDifference, will configure authentication-exempt rule for domain name, and not request to IP address in IP groundThe authentication-exempt redundant rule elimination that location is corresponding.
9. according to the device described in claim 6 or 7, it is characterized in that,
Described dispensing unit, specifically for the domain name in described DNS response message to dns serverWhile asking corresponding IP address, generate and send DNS inquiry to described dns server for domain nameMessage, and start timer timing; When in described timer timing, receive described DNS serviceThe DNS response message that device sends for this DNS query message, determines and obtains the IP that domain name is correspondingAddress; When in described timer timing, do not receive described dns server and look into for this DNSAsk the DNS response message that message sends, and the coefficient that sends described DNS query message does not reach default timeWhen number, again send DNS query message, and restart timer timing; When sending in preset timesAfter DNS query message, in timer timing, do not receive described dns server for this DNSThe DNS response message that query message sends, determines and does not get the IP address that domain name is corresponding.
10. device according to claim 9, is characterized in that,
Described dispensing unit, is further used for when determining while not getting IP address corresponding to domain name, willConfigured the authentication-exempt redundant rule elimination corresponding to IP address of authentication-exempt rule for domain name.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510527450.0A CN105592046B (en) | 2015-08-25 | 2015-08-25 | A kind of authentication-exempt access method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510527450.0A CN105592046B (en) | 2015-08-25 | 2015-08-25 | A kind of authentication-exempt access method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105592046A true CN105592046A (en) | 2016-05-18 |
| CN105592046B CN105592046B (en) | 2019-04-12 |
Family
ID=55931263
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510527450.0A Active CN105592046B (en) | 2015-08-25 | 2015-08-25 | A kind of authentication-exempt access method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105592046B (en) |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106210173A (en) * | 2016-07-29 | 2016-12-07 | 杭州迪普科技有限公司 | DNS replys retransmission method and the device of message |
| CN107295006A (en) * | 2017-07-28 | 2017-10-24 | 上海斐讯数据通信技术有限公司 | Authentication-exempt accesses URL method and system |
| CN110972139A (en) * | 2019-11-07 | 2020-04-07 | 锐捷网络股份有限公司 | Method and gateway for realizing internet access authentication of mobile terminal |
| CN111263364A (en) * | 2018-12-03 | 2020-06-09 | 中国电信股份有限公司 | WiFi authentication method, system, DNS server and computer-readable storage medium |
| CN112312391A (en) * | 2019-07-26 | 2021-02-02 | 中国电信股份有限公司 | Authentication method, system and related equipment |
| CN114401245A (en) * | 2021-12-22 | 2022-04-26 | 互联网域名系统北京市工程研究中心有限公司 | Method, device, computer equipment and storage medium for realizing high-performance DNS service |
| CN114500094A (en) * | 2022-02-24 | 2022-05-13 | 新华三技术有限公司合肥分公司 | Access method and device |
| CN115085963A (en) * | 2021-03-16 | 2022-09-20 | 西门子股份公司 | Authenticating a node in a communication network of an automation system |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103532717A (en) * | 2013-10-16 | 2014-01-22 | 杭州华三通信技术有限公司 | Portal authentication processing method, Portal authentication assisting method and Portal authentication assisting device |
| CN103581363A (en) * | 2013-11-29 | 2014-02-12 | 杜跃进 | Method and device for controlling baleful domain name and illegal access |
| CN104023001A (en) * | 2013-12-25 | 2014-09-03 | 上海寰创通信科技股份有限公司 | Method for AC equipment to forward unauthorized message information |
| CN104092698A (en) * | 2014-07-21 | 2014-10-08 | 北京网秦天下科技有限公司 | Network resource access control method and device |
| CN104219200A (en) * | 2013-05-30 | 2014-12-17 | 杭州迪普科技有限公司 | Device and method for protection from DNS cache attack |
| WO2015117337A1 (en) * | 2014-07-18 | 2015-08-13 | 中兴通讯股份有限公司 | Method and apparatus for setting network rule entry |
-
2015
- 2015-08-25 CN CN201510527450.0A patent/CN105592046B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104219200A (en) * | 2013-05-30 | 2014-12-17 | 杭州迪普科技有限公司 | Device and method for protection from DNS cache attack |
| CN103532717A (en) * | 2013-10-16 | 2014-01-22 | 杭州华三通信技术有限公司 | Portal authentication processing method, Portal authentication assisting method and Portal authentication assisting device |
| CN103581363A (en) * | 2013-11-29 | 2014-02-12 | 杜跃进 | Method and device for controlling baleful domain name and illegal access |
| CN104023001A (en) * | 2013-12-25 | 2014-09-03 | 上海寰创通信科技股份有限公司 | Method for AC equipment to forward unauthorized message information |
| WO2015117337A1 (en) * | 2014-07-18 | 2015-08-13 | 中兴通讯股份有限公司 | Method and apparatus for setting network rule entry |
| CN104092698A (en) * | 2014-07-21 | 2014-10-08 | 北京网秦天下科技有限公司 | Network resource access control method and device |
Cited By (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106210173A (en) * | 2016-07-29 | 2016-12-07 | 杭州迪普科技有限公司 | DNS replys retransmission method and the device of message |
| CN107295006A (en) * | 2017-07-28 | 2017-10-24 | 上海斐讯数据通信技术有限公司 | Authentication-exempt accesses URL method and system |
| CN111263364B (en) * | 2018-12-03 | 2022-08-02 | 中国电信股份有限公司 | WiFi authentication method, system, DNS server and computer-readable storage medium |
| CN111263364A (en) * | 2018-12-03 | 2020-06-09 | 中国电信股份有限公司 | WiFi authentication method, system, DNS server and computer-readable storage medium |
| CN112312391A (en) * | 2019-07-26 | 2021-02-02 | 中国电信股份有限公司 | Authentication method, system and related equipment |
| CN112312391B (en) * | 2019-07-26 | 2022-08-02 | 中国电信股份有限公司 | Authentication method, system and related equipment |
| CN110972139A (en) * | 2019-11-07 | 2020-04-07 | 锐捷网络股份有限公司 | Method and gateway for realizing internet access authentication of mobile terminal |
| CN115085963A (en) * | 2021-03-16 | 2022-09-20 | 西门子股份公司 | Authenticating a node in a communication network of an automation system |
| US11863544B2 (en) | 2021-03-16 | 2024-01-02 | Siemens Aktiengesellschaft | Authenticating a node in a communication network of an automation installation |
| CN115085963B (en) * | 2021-03-16 | 2024-04-19 | 西门子股份公司 | Authenticating nodes in a communication network of an automation system |
| CN114401245A (en) * | 2021-12-22 | 2022-04-26 | 互联网域名系统北京市工程研究中心有限公司 | Method, device, computer equipment and storage medium for realizing high-performance DNS service |
| CN114401245B (en) * | 2021-12-22 | 2024-03-22 | 上海网基科技有限公司 | Method, device, computer equipment and storage medium for realizing high-performance DNS service |
| CN114500094A (en) * | 2022-02-24 | 2022-05-13 | 新华三技术有限公司合肥分公司 | Access method and device |
| CN114500094B (en) * | 2022-02-24 | 2024-03-12 | 新华三技术有限公司合肥分公司 | Access method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105592046B (en) | 2019-04-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105592046A (en) | Authentication-free access method and device | |
| CN101160787B (en) | Method, apparatus and data download system for controlling the validity of the download transaction | |
| WO2016188256A1 (en) | Application access authentication method, system, apparatus and terminal | |
| CN106416125B (en) | Automatic directory join for virtual machine instances | |
| WO2016015436A1 (en) | Platform authorization method, platform server, application client, system, and storage medium | |
| US9967237B2 (en) | Systems and methods for implementing a layer two tunnel for personalized service functions | |
| US11265397B2 (en) | Systems and methods for providing secure access to shared registration systems | |
| US20100281159A1 (en) | Manipulation of dhcp packets to enforce network health policies | |
| CN102739708A (en) | System and method for accessing third party application based on cloud platform | |
| US20100064353A1 (en) | User Mapping Mechanisms | |
| WO2014201931A1 (en) | Resource processing method and site server | |
| CN101582856A (en) | Session setup method of Portal server and BAS (broadband access server) device and system thereof | |
| CN110557358A (en) | Honeypot server communication method, SSLStrip man-in-the-middle attack perception method and related device | |
| US7917941B2 (en) | System and method for providing physical web security using IP addresses | |
| CN106559405A (en) | A kind of portal authentication method and equipment | |
| CN104253787A (en) | Service authentication method and system | |
| CN109495362B (en) | Access authentication method and device | |
| CN110266736A (en) | A kind of optimization method and device for the portal certification based on https agreement | |
| CN104756462B (en) | For carrying out the method and system of TCP TURN operation after restricted firewall | |
| US20090125999A1 (en) | User Authorization Technique | |
| JP2005217757A (en) | Firewall management system, firewall management method, and firewall management program | |
| CN113812125B (en) | Verification method and device for login behavior, system, storage medium and electronic device | |
| US20150334046A1 (en) | A method and a server for evaluating a request for access to content from a server in a computer network | |
| US20110055908A1 (en) | System and method for remotely accessing and controlling a networked computer | |
| CN112583599A (en) | Communication method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information |
Address after: 310052 Binjiang District Changhe Road, Zhejiang, China, No. 466, No. Applicant after: Xinhua three Technology Co., Ltd. Address before: 310052 Binjiang District Changhe Road, Zhejiang, China, No. 466, No. Applicant before: Huasan Communication Technology Co., Ltd. |
|
| CB02 | Change of applicant information | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |