CN112822160B - Equipment identification method, device, equipment and machine-readable storage medium - Google Patents
Equipment identification method, device, equipment and machine-readable storage medium Download PDFInfo
- Publication number
- CN112822160B CN112822160B CN202011589686.4A CN202011589686A CN112822160B CN 112822160 B CN112822160 B CN 112822160B CN 202011589686 A CN202011589686 A CN 202011589686A CN 112822160 B CN112822160 B CN 112822160B
- Authority
- CN
- China
- Prior art keywords
- terminal equipment
- information
- address
- equipment
- authenticated
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0892—Network architectures or network communication protocols for network security for authentication of entities by using authentication-authorization-accounting [AAA] servers or protocols
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4641—Virtual LANs, VLANs, e.g. virtual private networks [VPN]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/50—Address allocation
- H04L61/5007—Internet protocol [IP] addresses
- H04L61/5014—Internet protocol [IP] addresses using dynamic host configuration protocol [DHCP] or bootstrap protocol [BOOTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Power Engineering (AREA)
- Small-Scale Networks (AREA)
Abstract
The present disclosure provides a device identification method, apparatus, device and machine-readable storage medium, the method comprising: receiving information to be authenticated which is sent by a DHCP server and is related to the terminal equipment, and judging the equipment type of the terminal equipment according to the information to be authenticated; establishing a user account for the terminal equipment which accords with the preset strategy; enabling the terminal equipment with the established user account to be allocated with an IP address of a virtual local area network with authentication failure; and the terminal equipment is used for initiating a request for acquiring the IP address of the service VLAN in the next period according to the allocated IP address and the user account. According to the technical scheme, whether the terminal equipment requesting network access is legal equipment is judged according to the information of the terminal equipment, if the terminal equipment accords with the preset strategy, an account is opened and the IP address in the Auth-Fail VLAN is distributed, the IP address of the service VLAN can be obtained and successfully online, so that the type identification and automatic online of the terminal equipment are completed, and the problem of large workload of terminal equipment authentication is solved.
Description
Technical Field
The present disclosure relates to the field of communications technologies, and in particular, to a device identification method, apparatus, device, and machine-readable storage medium.
Background
AAA is (Authentication, authorization, accounting, authentication, authorization, accounting) unit, which is a server program capable of processing user access request, and may also be a server with AAA function, providing Authentication Authorization and account service, mainly aiming to manage user access to network server, and providing service for user with access right. The AAA server typically works in conjunction with network access control, gateway servers, databases, and user information directories.
DHCP (Dynamic Host Configuration Protocol) is a network Protocol for a lan. The method is characterized in that a server controls a range of IP addresses, and a client can automatically obtain the IP address and the subnet mask allocated by the server when logging in the server. By default, DHCP is not automatically installed by the system as a service component of Windows Server, and also requires manual installation by an administrator and necessary configuration.
With the increasing expansion of network scale and the increasing demand for network access security, more and more network construction schemes require that a terminal can access a network after being authenticated by an authentication system. However, because of the huge terminal scale, how to collect the terminal information, determine which terminals are legal terminals and which terminals are illegal terminals, and how to open an account for the legal terminals ensures that the legal terminals automatically access the network and the illegal terminals forbid accessing the network. When the network is opened and expanded in the later period, the collection statistics of the terminal information and the authentication account opening of the terminal require a large workload.
Disclosure of Invention
In view of the above, the present disclosure provides a device identification method, an apparatus, an electronic device, and a machine-readable storage medium to solve the problem of heavy workload of terminal authentication.
The specific technical scheme is as follows:
the present disclosure provides a device identification method, applied to an AAA unit, the method including: receiving information to be authenticated which is sent by a DHCP server and is related to the terminal equipment, and judging the equipment type of the terminal equipment according to the information to be authenticated; according to a preset strategy, establishing a user account for the terminal equipment according with the preset strategy; enabling the terminal equipment with the established user account to be allocated with an IP address of a virtual local area network with authentication failure; and the terminal equipment is used for initiating a request for acquiring the IP address of the service VLAN in the next period according to the IP address of the distributed authentication failure VLAN and the user account established in the AAA unit.
As a technical solution, the receiving information to be authenticated, which is sent by a DHCP server and is associated with a terminal device, and determining a device type of the terminal device according to the information to be authenticated includes: analyzing the information to be authenticated to acquire the fingerprint information of the terminal equipment, comparing the fingerprint information of the terminal equipment with a preset fingerprint library, and judging the equipment type of the terminal equipment according to the comparison result.
As a technical solution, before establishing a user account for a terminal device meeting a preset policy according to the preset policy, the method includes: and discarding the information to be authenticated associated with the terminal equipment which does not accord with the preset strategy according to the preset strategy.
As a technical scheme, a verification library is established according to address information and equipment types of terminal equipment; and the terminal equipment which is offline and does not accord with the equipment type according to the address information judged by the verification library.
The present disclosure also provides an apparatus identification device, applied to an AAA unit, the apparatus including: the type module is used for receiving information to be authenticated which is sent by the DHCP server and is related to the terminal equipment, and judging the equipment type of the terminal equipment according to the information to be authenticated; the authentication module is used for establishing a user account for the terminal equipment according with the preset strategy according to the preset strategy; the management module is used for enabling the terminal equipment with the established user account to be allocated with the IP address of the virtual local area network with the authentication failure; and the terminal equipment is used for initiating a request for acquiring the IP address of the service VLAN in the next period according to the IP address of the distributed authentication failure VLAN and the user account established in the AAA unit.
As a technical solution, the receiving information to be authenticated related to the terminal device and sent by the DHCP server, and determining the device type of the terminal device according to the information to be authenticated includes: analyzing the information to be authenticated to acquire the fingerprint information of the terminal equipment, comparing the fingerprint information of the terminal equipment with a preset fingerprint library, and judging the equipment type of the terminal equipment according to the comparison result.
As a technical solution, before establishing a user account for a terminal device meeting a preset policy according to the preset policy, the method includes: and discarding the information to be authenticated associated with the terminal equipment which does not accord with the preset strategy according to the preset strategy.
As a technical scheme, the verification module is used for establishing a verification library according to address information and equipment types of the terminal equipment; and the safety module is used for offline the terminal equipment with the address information determined according to the verification library and the equipment type inconsistent.
The present disclosure also provides an electronic device including a processor and a machine-readable storage medium storing machine-executable instructions executable by the processor, the processor executing the machine-executable instructions to implement the aforementioned device identification method.
The present disclosure also provides a machine-readable storage medium having stored thereon machine-executable instructions that, when invoked and executed by a processor, cause the processor to implement the aforementioned device identification method.
The technical scheme provided by the disclosure at least brings the following beneficial effects:
the method comprises the steps of presetting a strategy, judging whether a terminal device requesting network access is a legal device or not according to information of the terminal device, opening an account for the terminal device and distributing an IP address in an Auth-Fail VLAN if the terminal device accords with the preset strategy, so that the legal terminal device can initiate re-authentication in the next period, and finishing obtaining the IP address of a service VLAN and successfully getting online due to the fact that the terminal device is opened in the next period, thereby finishing type identification and automatic online of the terminal device and improving the problem of large workload of terminal device authentication.
Drawings
In order to more clearly illustrate the embodiments of the present disclosure or the technical solutions in the prior art, the drawings used in the embodiments of the present disclosure or the technical solutions in the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments described in the present disclosure, and other drawings can be obtained by those skilled in the art according to the drawings of the embodiments of the present disclosure.
FIG. 1 is a flow chart of a device identification method in one embodiment of the present disclosure;
FIG. 2 is a block diagram of a device identification apparatus in one embodiment of the present disclosure;
fig. 3 is a hardware configuration diagram of an electronic device in an embodiment of the present disclosure.
Detailed Description
The terminology used in the embodiments of the present disclosure is for the purpose of describing particular embodiments only and is not intended to be limiting of the disclosure. As used in this disclosure and the claims, the singular forms "a", "an", and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It should also be understood that the term "and/or" as used herein is meant to encompass any and all possible combinations of one or more of the associated listed items.
It is to be understood that although the terms first, second, third, etc. may be used herein to describe various information in the embodiments of the present disclosure, such information should not be limited by these terms. These terms are only used to distinguish one type of information from another. For example, first information may also be referred to as second information, and similarly, second information may also be referred to as first information, without departing from the scope of the present disclosure. Depending on the context, moreover, the word "if" used may be interpreted as "at \8230; \8230when" or "when 8230; \823030when" or "in response to a determination".
The disclosure provides a device identification method and device, an electronic device and a machine-readable storage medium, so as to solve the problem of large workload of terminal authentication.
The specific technical scheme is as follows.
In one embodiment, the present disclosure provides a device identification method applied to an AAA unit, the method including: receiving to-be-authenticated information which is sent by a DHCP server and is related to the terminal equipment, and judging the equipment type of the terminal equipment according to the to-be-authenticated information; according to a preset strategy, establishing a user account for the terminal equipment according with the preset strategy; enabling the terminal equipment with the established user account to be allocated with an IP address of a virtual local area network with authentication failure; and the terminal equipment is used for initiating a request for acquiring the IP address of the service VLAN in the next period according to the IP address of the distributed authentication failure VLAN and the user account established in the AAA unit.
Specifically, as shown in fig. 1, the method comprises the following steps:
and step S11, receiving to-be-authenticated information which is sent by the DHCP server and is related to the terminal equipment, and judging the equipment type of the terminal equipment according to the to-be-authenticated information.
And S12, establishing a user account for the terminal equipment according with the preset strategy according to the preset strategy.
And step S13, enabling the terminal equipment with the established user account to be allocated with the IP address of the virtual local area network with the authentication failure.
The method comprises the steps of presetting a strategy, judging whether a terminal device requesting network access is a legal device or not according to information of the terminal device, opening an account for the terminal device and distributing an IP address in an Auth-Fail VLAN if the terminal device accords with the preset strategy, so that the legal terminal device can initiate re-authentication in the next period, and finishing obtaining the IP address of a service VLAN and successfully getting online due to the fact that the terminal device is opened in the next period, thereby finishing type identification and automatic online of the terminal device and improving the problem of large workload of terminal device authentication.
In one embodiment, the receiving information to be authenticated related to the terminal device and sent by the DHCP server, and determining the device type of the terminal device according to the information to be authenticated includes: analyzing the information to be authenticated to acquire the fingerprint information of the terminal equipment, comparing the fingerprint information of the terminal equipment with a preset fingerprint library, and judging the equipment type of the terminal equipment according to the comparison result.
In one embodiment, before establishing a user account for a terminal device that meets a preset policy according to the preset policy, the method includes: and discarding the information to be authenticated associated with the terminal equipment which does not accord with the preset strategy according to the preset strategy.
In one embodiment, a verification library is established according to the address information and the device type of the terminal device; and the terminal equipment which is offline and does not accord with the equipment type according to the address information judged by the verification library.
More specifically, in one embodiment:
an AAA authentication management system (AAA unit) defines which types of terminals in a user network are legal terminals and which types of terminals are illegal terminals. For example, defining a PC and printer as legitimate terminals and any other type of terminal as an illegitimate terminal
An access service policy and a DHCP option55 fingerprint library used by a legal terminal are preset, for example, a terminal conforming to the fingerprint A is a PC, a terminal conforming to the fingerprint B is a printer, and a terminal conforming to the fingerprint C is a camera. The fingerprint information of the terminal device refers to characteristic information for distinguishing the type of the terminal device, and may be any field with a definite distinguishing function, such as configuration information, address information, a mark and the like specific to a certain type of terminal device, and different terminal devices may adopt different fingerprint information types or the same fingerprint information type in the same implementation mode. In one embodiment, the option field of DHCP is used as fingerprint information, and a fingerprint library is constructed that holds the fingerprint information.
The terminal equipment enables MAC address authentication, takes an AAA authentication management system as an authentication server, and takes a DHCP server as a DHCP server of an Auth-fail VLAN.
The DHCP Server is a standard DHCP Server, such as a self-contained DHCP Server of a Microsoft system, and the DHCP Agent designates an address of an AAA authentication management system.
If the terminal device does not open an account in the AAA authentication management system, the authentication fails, the terminal enters an Auth-fail VLAN, and an IP address is requested under the VLAN.
And the DHCP server of the Auth-fail VLAN receives a DHCP Discover request sent by the terminal equipment, extracts the MAC address and the DHCP Option55 field of the terminal after the request is acquired by the DHCP Agent module, and sends the two information to the AAA authentication management system. After receiving the message reported by the DHCP Agent, the AAA authentication management system determines the terminal type according to the value of the Option55 field, and compares the preset policy with the MAC address and the terminal type, for example, in this embodiment, if the terminal device type is a PC or a printer, it is considered as a valid terminal device, and further processes the terminal device, and if the terminal device type is a camera, it does not process the MAC address, and discards the related information message.
The AAA authentication management system takes the MAC address of the legal terminal device as a user name to give the terminal device the success of automatic account opening. The legal terminal device opens an account successfully on the AAA authentication management system and acquires the IP address in the Auth-Fail VLAN.
And the terminal equipment which successfully opens an account and acquires the IP address in the Auth-Fail VLAN automatically and periodically triggers MAC address authentication, because the account is automatically opened successfully, the authentication is passed, and the IP in the service VLAN is acquired, so that the network access is successful. Even if the illegal terminal equipment re-initiates the authentication, the authentication fails because no account is opened.
The AAA authentication management system stores the corresponding relation between the legal terminal MAC and the terminal type, establishes an authentication library according to the corresponding relation, and if the illegal terminal copies the legal terminal by modifying the MAC address, if the corresponding relation between the MAC address reported by the DHCP Agent and the terminal type is not consistent with the information stored in the authentication library, the copied terminal is forced to be off-line.
The embodiment can at least rapidly distinguish the terminal type, automatically open an account according to the terminal type, automatically open an account and access, and reduce the workload of a large network and capacity expansion.
In one embodiment, the present disclosure also provides a device identification apparatus, such as fig. 2, applied to an AAA unit, the apparatus including: the type module 21 is configured to receive information to be authenticated, which is sent by the DHCP server and is associated with the terminal device, and determine a device type of the terminal device according to the information to be authenticated; the authentication module 22 is used for establishing a user account for the terminal equipment conforming to the preset strategy according to the preset strategy; a management module 23, configured to enable a terminal device that has established a user account to be assigned an IP address of a verification-failed virtual local area network; and the terminal equipment is used for initiating a request for acquiring the IP address of the service VLAN in the next period according to the IP address of the distributed authentication failure VLAN and the user account established in the AAA unit.
In an embodiment, the receiving information to be authenticated related to the terminal device and sent by the DHCP server, and determining the device type of the terminal device according to the information to be authenticated includes: analyzing the information to be authenticated to acquire the fingerprint information of the terminal equipment, comparing the fingerprint information of the terminal equipment with a preset fingerprint library, and judging the equipment type of the terminal equipment according to the comparison result.
In an embodiment, before establishing a user account for a terminal device that meets a preset policy according to the preset policy, the method includes: and discarding the information to be authenticated associated with the terminal equipment which does not accord with the preset strategy according to the preset strategy.
In one embodiment, the verification module is used for establishing a verification library according to the address information and the device type of the terminal device; and the safety module is used for offline terminal equipment with the address information determined according to the verification library and the equipment type inconsistent with each other.
The device implementation is the same as or similar to the method implementation and is not repeated here.
In one embodiment, the present disclosure provides an electronic device, including a processor and a machine-readable storage medium, where the machine-readable storage medium stores machine-executable instructions executable by the processor, and the processor executes the machine-executable instructions to implement the foregoing device identification method, and from a hardware level, a hardware architecture diagram may be as shown in fig. 3.
In one embodiment, the present disclosure provides a machine-readable storage medium having stored thereon machine-executable instructions that, when invoked and executed by a processor, cause the processor to implement the aforementioned device identification method.
Here, a machine-readable storage medium may be any electronic, magnetic, optical, or other physical storage device that can contain or store information such as executable instructions, data, and so forth. For example, the machine-readable storage medium may be: a RAM (random Access Memory), a volatile Memory, a non-volatile Memory, a flash Memory, a storage drive (e.g., a hard drive), a solid state drive, any type of storage disk (e.g., an optical disk, a dvd, etc.), or similar storage medium, or a combination thereof.
The systems, devices, modules or units described in the above embodiments may be implemented by a computer chip or an entity, or by a product with certain functions. A typical implementation device is a computer, which may take the form of a personal computer, laptop computer, cellular telephone, camera phone, smart phone, personal digital assistant, media player, navigation device, email messaging device, game console, tablet computer, wearable device, or a combination of any of these devices.
For convenience of description, the above devices are described as being divided into various units by function, and are described separately. Of course, the functionality of the various elements may be implemented in the same one or more pieces of software and/or hardware in practicing the disclosure.
As will be appreciated by one of skill in the art, embodiments of the present disclosure may be provided as a method, system, or computer program product. Accordingly, the present disclosure may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, embodiments of the present disclosure may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and so forth) having computer-usable program code embodied therein.
The present disclosure is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the disclosure. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
Furthermore, these computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
As will be appreciated by one skilled in the art, embodiments of the present disclosure may be provided as a method, system, or computer program product. Accordingly, the present disclosure may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present disclosure may take the form of a computer program product embodied on one or more computer-usable storage media (which may include, but is not limited to, disk storage, CD-ROM, optical storage, and so forth) having computer-usable program code embodied therein.
The above description is only an embodiment of the present disclosure, and is not intended to limit the present disclosure. Various modifications and variations of this disclosure will be apparent to those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present disclosure should be included in the scope of the claims of the present disclosure.
Claims (10)
1. A device identification method, applied to an AAA unit, the method comprising:
receiving information to be authenticated which is sent by a DHCP server and is related to the terminal equipment, and judging the equipment type of the terminal equipment according to the information to be authenticated;
according to a preset strategy, establishing a user account for the terminal equipment according with the preset strategy;
enabling the terminal equipment with the established user account to be allocated with an IP address of a virtual local area network with verification failure;
and the terminal equipment is used for initiating a request for acquiring the IP address of the service VLAN in the next period according to the IP address of the distributed authentication failure VLAN and the user account established in the AAA unit.
2. The method of claim 1,
the receiving of the information to be authenticated related to the terminal device sent by the DHCP server and the determining of the device type of the terminal device according to the information to be authenticated include:
analyzing the information to be authenticated to acquire the fingerprint information of the terminal equipment, comparing the fingerprint information of the terminal equipment with a preset fingerprint library, and judging the equipment type of the terminal equipment according to the comparison result.
3. The method of claim 1,
before establishing a user account for a terminal device according with a preset strategy according to the preset strategy, the method comprises the following steps:
and discarding the information to be authenticated associated with the terminal equipment which does not accord with the preset strategy according to the preset strategy.
4. The method of claim 1,
establishing a verification library according to the address information and the equipment type of the terminal equipment;
and the terminal equipment which is offline and does not accord with the equipment type according to the address information judged by the verification library.
5. An apparatus for device identification, applied to an AAA unit, the apparatus comprising:
the type module is used for receiving information to be authenticated which is sent by the DHCP server and is related to the terminal equipment, and judging the equipment type of the terminal equipment according to the information to be authenticated;
the authentication module is used for establishing a user account for the terminal equipment according with the preset strategy according to the preset strategy;
the management module is used for enabling the terminal equipment with the established user account to be allocated with the IP address of the verification failure virtual local area network;
and the terminal equipment is used for initiating a request for acquiring the IP address of the service VLAN in the next period according to the IP address of the distributed authentication failure VLAN and the user account established in the AAA unit.
6. The apparatus of claim 5,
the receiving of the information to be authenticated related to the terminal device sent by the DHCP server and the determining of the device type of the terminal device according to the information to be authenticated include:
analyzing the information to be authenticated to acquire the fingerprint information of the terminal equipment, comparing the fingerprint information of the terminal equipment with a preset fingerprint library, and judging the equipment type of the terminal equipment according to the comparison result.
7. The apparatus of claim 5,
before establishing a user account for a terminal device according with a preset strategy according to the preset strategy, the method comprises the following steps:
and discarding the information to be authenticated associated with the terminal equipment which does not accord with the preset strategy according to the preset strategy.
8. The apparatus of claim 5, further comprising:
the verification module is used for establishing a verification library according to the address information and the equipment type of the terminal equipment;
and the safety module is used for offline terminal equipment with the address information determined according to the verification library and the equipment type inconsistent with each other.
9. An electronic device, comprising: a processor and a machine-readable storage medium storing machine-executable instructions executable by the processor to perform the method of any one of claims 1 to 4.
10. A machine-readable storage medium having stored thereon machine-executable instructions which, when invoked and executed by a processor, cause the processor to implement the method of any of claims 1-4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011589686.4A CN112822160B (en) | 2020-12-29 | 2020-12-29 | Equipment identification method, device, equipment and machine-readable storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011589686.4A CN112822160B (en) | 2020-12-29 | 2020-12-29 | Equipment identification method, device, equipment and machine-readable storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112822160A CN112822160A (en) | 2021-05-18 |
| CN112822160B true CN112822160B (en) | 2022-10-21 |
Family
ID=75855698
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011589686.4A Active CN112822160B (en) | 2020-12-29 | 2020-12-29 | Equipment identification method, device, equipment and machine-readable storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112822160B (en) |
Families Citing this family (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113645079A (en) * | 2021-08-16 | 2021-11-12 | 杭州安恒信息安全技术有限公司 | Internet of things terminal networking method, device, equipment and storage medium |
| CN114050910A (en) * | 2021-09-24 | 2022-02-15 | 新华三大数据技术有限公司 | Terminal authorization method, device, system, equipment and readable storage medium |
| CN113938302A (en) * | 2021-10-12 | 2022-01-14 | 深兰科技(上海)有限公司 | Equipment communication method, device, medium and electronic equipment |
| CN114629725B (en) * | 2022-04-26 | 2024-08-06 | 中国农业银行股份有限公司 | User domain dumb terminal management method, device, system and storage medium |
| CN114978721A (en) * | 2022-05-26 | 2022-08-30 | 新华三信息安全技术有限公司 | Access detection method and device of terminal equipment, electronic equipment and medium |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101582769A (en) * | 2009-07-03 | 2009-11-18 | 杭州华三通信技术有限公司 | Authority setting method of user access network and equipment |
| CN106060072A (en) * | 2016-06-30 | 2016-10-26 | 杭州华三通信技术有限公司 | Authentication method and device |
| CN108712419A (en) * | 2018-05-18 | 2018-10-26 | 迈普通信技术股份有限公司 | A kind of authorization terminal authentication method, system and aaa server |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103475751B (en) * | 2013-09-18 | 2016-08-10 | 杭州华三通信技术有限公司 | A kind of method and device of IP address switching |
| CN103874069B (en) * | 2014-03-24 | 2017-09-01 | 新华三技术有限公司 | A kind of wireless terminal MAC authentication devices and method |
| US9712489B2 (en) * | 2014-07-29 | 2017-07-18 | Aruba Networks, Inc. | Client device address assignment following authentication |
| CN105847223A (en) * | 2015-01-15 | 2016-08-10 | 杭州华三通信技术有限公司 | Authentication method and device of terminal device |
-
2020
- 2020-12-29 CN CN202011589686.4A patent/CN112822160B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101582769A (en) * | 2009-07-03 | 2009-11-18 | 杭州华三通信技术有限公司 | Authority setting method of user access network and equipment |
| CN106060072A (en) * | 2016-06-30 | 2016-10-26 | 杭州华三通信技术有限公司 | Authentication method and device |
| CN108712419A (en) * | 2018-05-18 | 2018-10-26 | 迈普通信技术股份有限公司 | A kind of authorization terminal authentication method, system and aaa server |
Non-Patent Citations (1)
| Title |
|---|
| 基于终端特征指纹的网络准入控制系统;李京飞;《信息技术与标准化》;20180930(第9期);全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112822160A (en) | 2021-05-18 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112822160B (en) | Equipment identification method, device, equipment and machine-readable storage medium | |
| US8516604B2 (en) | Method and apparatus for managing a user | |
| US8190755B1 (en) | Method and apparatus for host authentication in a network implementing network access control | |
| CN110909379B (en) | Storage cluster permission determination method, device, equipment and storage medium | |
| CN107707435B (en) | Message processing method and device | |
| WO2019134234A1 (en) | Rooting-prevention log-in method, device, terminal apparatus, and storage medium | |
| CN110855709A (en) | Access control method, device, equipment and medium for security access gateway | |
| CN112187740B (en) | Network access control method and device, electronic equipment and storage medium | |
| CN105991614A (en) | Open authorization, resource access method and device, and a server | |
| US7134140B2 (en) | Token-based authentication for network connection | |
| CN112615810B (en) | Access control method and device | |
| WO2012117253A1 (en) | An authentication system | |
| CN113014546B (en) | Certificate-based authentication registration state management method and system | |
| CN112910854B (en) | Method and device for safe operation and maintenance of Internet of things, terminal equipment and storage medium | |
| CN101764808A (en) | Authentication processing method and system for automatic login as well as server | |
| JP2022184954A5 (en) | Network system and information processing method | |
| CN109347785A (en) | A kind of terminal type recognition methods and device | |
| US20130055359A1 (en) | Secret information leakage prevention system, secret information leakage prevention method and secret information leakage prevention program | |
| CN104869117A (en) | Safety authentication method and device | |
| CN117254969A (en) | Registration authentication method for intelligent equipment accessing to Internet of things system | |
| WO2007060016A2 (en) | Self provisioning token | |
| CN116388998A (en) | Audit processing method and device based on white list | |
| CN110971609A (en) | Anti-cloning method of DRM client certificate, storage medium and electronic equipment | |
| CN115086042A (en) | User identity authentication method, user identity authentication system and computer storage medium | |
| CN114050910A (en) | Terminal authorization method, device, system, equipment and readable storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |