CN114826683A - Self-adaptive network access authentication control method for heterogeneous terminal based on asset intelligent identification - Google Patents
Self-adaptive network access authentication control method for heterogeneous terminal based on asset intelligent identification Download PDFInfo
- Publication number
- CN114826683A CN114826683A CN202210330233.2A CN202210330233A CN114826683A CN 114826683 A CN114826683 A CN 114826683A CN 202210330233 A CN202210330233 A CN 202210330233A CN 114826683 A CN114826683 A CN 114826683A
- Authority
- CN
- China
- Prior art keywords
- terminal
- network access
- asset
- access authentication
- ter
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
Abstract
The invention discloses a heterogeneous terminal self-adaptive network access authentication control method based on intelligent asset identification. The invention provides a mode combining asset information retrieval and asset online check by relying on a whole network terminal asset information base constructed by a cloud background, can intelligently and accurately identify the type of a network access terminal, and effectively solves the problem that the identification method based on single information retrieval is difficult to accurately identify the type of the terminal in real time.
Description
Technical Field
The invention relates to the technical field of network access control, in particular to a heterogeneous terminal self-adaptive network access authentication control method based on asset intelligent identification.
Background
With the rapid development of information systems, user terminals on the internet and enterprise networks are no longer limited to computer terminals, the number of heterogeneous terminals such as handheld terminals, voice terminals, video terminals and the like accessing the network is increasing, the forms are becoming diverse, and the identification mechanism, the authentication method and the management and control mode of the heterogeneous terminals have great differences. At present, the traditional network access management and control mechanism based on a single computer terminal agent is difficult to adapt to the network access management and control requirements of diversified and heterogeneous terminal systems, how to accurately identify various terminal systems accessing the network, and the network access authentication and network access management and control mechanism is constructed for various terminal systems in a targeted manner, which is a difficult problem in the field of network security operation and maintenance.
In order to bring heterogeneous terminals such as handheld terminals, voice terminals, video terminals and the like into a unified network access authentication control system and comprehensively improve network access authentication and control capabilities of the internet and enterprise networks, a heterogeneous terminal self-adaptive network access authentication control mechanism based on asset intelligent identification is urgently needed, various terminal systems accessing the networks can be comprehensively and accurately identified by relying on a unified network access control system at the boundary of the internet and the enterprise networks, network access authentication and network access control methods adaptive to the heterogeneous terminal self-adaptive network access authentication control mechanism can be provided in a targeted manner, and a high-cost, low-efficiency and difficult-expansion deployment application mode of a class of terminal system deployment a class of network access control system is avoided.
Disclosure of Invention
Aiming at the defects in the prior art, the heterogeneous terminal self-adaptive network access authentication control method based on intelligent asset identification solves the problem that the identification method based on single information retrieval is difficult to accurately identify the terminal type in real time.
In order to achieve the purpose of the invention, the invention adopts the technical scheme that: a heterogeneous terminal self-adaptive network access authentication control method based on asset intelligent identification is characterized by comprising the following steps:
s1, when any terminal a i Network access authentication management and control gateway A at backbone network boundary j Initiating a network access request;
s2, when network access authentication control gateway A j Receiving terminal a i After the network access request, the terminal address message Ter _ IP (a) is checked against the network access terminal information base i ) If no terminal address information exists, the network access request is refused, and the administrator is informed to correct and revise the terminal asset information againThe library is returned to the step S1, otherwise, the step S3 is carried out;
s3, pass authentication gateway A of network entry j Terminal address information Ter _ IP (a) according to feedback i ) Selecting a corresponding network access authentication mode, wherein a terminal with a whole network unique identity adopts a network access authentication mode Ter _ Auth _ ID (a) based on the unique identity i ) Otherwise, adopting an authentication mode Ter _ Auth _ Pro (a) based on the on-line asset verification i );
S4, if adopting network access authentication mode Ter _ Auth _ ID (a) i ) Terminal a i By using its own public and private key pair (a) i -ID,keya i ) Authentication management and control gateway A for network access j Performing identity authentication to realize a terminal network access authentication mode based on the asset unique identifier, and if the network access authentication mode Ter _ Auth _ Pro (a) is adopted i ) Network access authentication control gateway A j Will actively face the terminal a i Network detection is carried out, whether the terminal characteristic information is consistent with the data in the terminal asset information base or not is confirmed, and a terminal network access authentication mode based on asset online check is realized;
s5, if the terminal is a i Successfully authenticating, and accessing to the network to authenticate the control gateway A j Acquiring terminal access authority from a terminal asset information base;
s6, adopting network access authentication mode Ter _ Auth _ ID (a) i ) The terminal adopts a network access Control mode Ter _ Control _ ID (a) after the authentication is finished i ) (ii) a Adopting a network access authentication mode Ter _ Auth _ Pro (a) i ) The terminal adopts a network access Control mode Ter _ Control _ Pro (a) after the authentication is finished i )。
Further: the network access Control mode Ter _ Control _ ID (a) i ) The method specifically comprises the following steps: terminal a i And a network access authentication management and control gateway A j Can negotiate the session identifier based on the identity identifiers of both parties, and then the terminal a i Can carry the conversation label in the subsequent network message, the network access authentication controls the gateway A j Based on the above, the method is implemented.
Further: the network access management and Control mode Ter _ Control _ Pro (a) i ) The method comprises the following specific steps: network access authentication management and control gateway A j Periodically to the terminal a i Network probing is performed ifInformation detected by network and terminal a in terminal asset information base i If the characteristic information is consistent, the access control is continued by adopting a white list mode, otherwise, the terminal a is stopped i Subsequent access actions.
Further: the terminal network access authentication mode based on the asset unique identifier specifically comprises the following steps:
step 1, when network access authentication management and control gateway A j Notification terminal a i After authentication mode, terminal a i First, a random number Rand (a) is generated i ) Sending to an access authentication management and control gateway A j Then from A j Back to terminal a i One challenge information CC (a) i );
Step 2, the terminal a is connected i Terminal characteristic information Ter _ Fea (a) i ) Simultaneously, the latest asset serial number Num (a) is formed i ) Combining the returned challenge information to generate the network access registration information M ═ (a) i -ID,Ter_Fea(a i ),Num(a i ),CC(a i ),Key_a(CC(a i ) And calculates a digest X of the asset registration information M — SHA256 (M);
step 3, terminal a i The public key Pub _ A of the ECC is calculated by utilizing the combined public key algorithm to encrypt the identity information and the abstract, an authentication message Pub _ A (M, X) is generated, and the authentication management and control gateway A is accessed to the network j Sending a network access authentication message;
step 4, network access authentication management and control gateway A j Terminal a is decrypted by using own private Key Key _ A i The access authentication information of the asset registration information M is obtained, the abstract X of the access registration information M is obtained, the abstract SHA256(M) of the asset registration information M is calculated, the SHA256(M) is compared with the X, if the abstract SHA256(M) is equal to the X, the access registration information is not tampered, and if the abstract SHA256(M) is not equal to the X, the access registration information is discarded;
step 5, network access authentication management and control gateway A j A terminal a i The transmitted data of the network access registration information M terminal asset information base are checked, and the data are equal and have an asset serial number Num (a) i ) If the value is the latest value, the network access authentication is successful; if not equal or Num (a) i ) If not, the network access registration information is discarded.
Further, the method can be used for preparing a novel materialGround: the terminal characteristic information Ter _ Fea (a) i ) Including the operating system, open port, and communication protocol of the information appliance.
Further: the terminal network access authentication mode based on the asset online check specifically comprises the following steps:
step 1, when network access authentication management and control gateway A j Notification terminal a i After authentication mode, terminal a i Form the latest asset serial number Num (a) i ) And generates network access registration information M ═ a i -IP,Num(a i ));
Step 2, terminal a i Authentication management and control gateway A for network access j Sending network access registration information M; network access authentication management and control gateway A j Comparing and verifying a in the terminal asset information base i Network access registration information M '═ a' i -IP,Num(a’ i ) A' i -IP=a i -IP and Num (a) i )>Num(a’ i ) Acquiring terminal characteristic information Ter _ Fea (a ') from a terminal asset information base' i ) Otherwise, refusing the network access authentication;
step 3, network access authentication management and control gateway A j To terminal a i Implementing fixed-point network detection, and finishing the network detection to form terminal characteristic information Ter _ Fea (a) i ) If Ter _ Fea (a) i ) And Ter _ Fea (a' i ) If they are identical, generating terminal a i Otherwise, refusing the network access authentication.
The invention has the beneficial effects that:
1) the invention provides a mode combining asset information retrieval and asset online check by relying on a whole network terminal asset information base constructed by a cloud background, can intelligently and accurately identify the type of a network access terminal, and effectively solves the problem that the identification method based on single information retrieval is difficult to accurately identify the type of the terminal in real time.
2) The invention provides a terminal type-based self-adaptive network access authentication control mode, and can intelligently select network access authentication and network access control modes adapted to the terminal type based on the identified network access terminal type, so that a network access control mechanism for realizing multi-class heterogeneous terminals based on a unified control system can be formed, and the problem of one network access control system for one class of terminals at present is solved.
3) The invention provides a terminal network access authentication mode based on asset online check aiming at a terminal without a unique identity, and adopts a method combining network detection and white list control, thereby effectively solving the problem of network access authentication control which cannot adopt an embedded identity terminal.
Drawings
FIG. 1 is a flow chart of the self-adaptive network access authentication management and control of a heterogeneous terminal based on intelligent asset identification according to the present invention;
FIG. 2 is a flow chart of terminal network access authentication based on asset unique identification in the present invention;
fig. 3 is a flow chart of terminal network access authentication management and control based on asset online check in the present invention.
Detailed Description
The following description of the embodiments of the present invention is provided to facilitate the understanding of the present invention by those skilled in the art, but it should be understood that the present invention is not limited to the scope of the embodiments, and it will be apparent to those skilled in the art that various changes may be made without departing from the spirit and scope of the invention as defined and defined by the appended claims, and all changes that can be made by the invention using the inventive concept are intended to be protected.
The invention provides a core idea of a heterogeneous terminal self-adaptive network access authentication control model based on asset intelligent identification, which comprises the following steps: the method comprises the steps that a network access terminal asset information base is formed in a mode of combining manual input and network surveying and mapping, when a terminal applies for network access, a network access authentication management and control system and similar equipment at the boundary of a backbone network intelligently identify the type of an access terminal and select a terminal network access authentication mode according to a terminal network access request by combining the terminal asset information base, and after identity validity verification of the terminal is completed, the terminal network access management and control mode is intelligently selected by combining terminal authority, and terminal access behaviors are safely managed and controlled.
Assuming that a network access terminal asset information base is formed in a cloud background (how to form an accurate and unique asset information base in the whole network to be deployed in the constraint category of the patent), the network access terminal asset information base comprises information such as a terminal type, a terminal identifier, a terminal address and terminal characteristics, and the operation mechanism of a heterogeneous terminal self-adaptive network access authentication control model based on asset intelligent identification is shown in fig. 1, and specifically comprises the following steps:
s1, when any terminal a i Network access authentication management and control gateway A at backbone network boundary j Initiating a network access request;
s2, when network access authentication control gateway A j Receiving terminal a i After the network access request, the terminal address message Ter _ IP (a) is checked against the network access terminal information base i ) If no terminal address information exists, refusing the network access request, informing the administrator to re-check and correct the terminal asset information base, returning to the step S1, otherwise, entering the step S3;
s3, pass authentication gateway A of network entry j Terminal address information Ter _ IP (a) according to feedback i ) Selecting a corresponding network access authentication mode, wherein a terminal with a whole network unique identity adopts a network access authentication mode Ter _ Auth _ ID (a) based on the unique identity i ) Otherwise, adopting an authentication mode Ter _ Auth _ Pro (a) based on the on-line asset verification i );
S4, if adopting network access authentication mode Ter _ Auth _ ID (a) i ) Terminal a i By using its own public and private key pair (a) i -ID,keya i ) Authentication management and control gateway A for network access j Performing identity authentication to realize a terminal network access authentication mode based on the asset unique identifier, and if the network access authentication mode Ter _ Auth _ Pro (a) is adopted i ) Network access authentication control gateway A j Will actively face the terminal a i Network detection is carried out, whether the terminal characteristic information is consistent with the data in the terminal asset information base or not is confirmed, and a terminal network access authentication mode based on asset online check is realized;
when network access authentication management and control gateway A j Discovery terminal a i The terminal access authentication method comprises the steps of having a unique identity identifier of the whole network and informing the terminal access authentication mode based on the unique identity identifier; terminal a i By using its own public and private key pair (a) i -ID,keya i ) Network access authentication management and control gateway A j Identity authentication is carried out, and terminal characteristic information is reportedBreath Ter _ Fea (a) i ) And asset serial number Num (a) i ) (use asset serial number to distinguish whether the asset attribute information is the latest value); wherein the terminal characteristic information Ter _ Fea (a) i ) Including information related to an operating system, an open port, a communication protocol, and the like of the information device, as shown in fig. 2, the specific steps are as follows:
step 1, when network access authentication management and control gateway A j Notification terminal a i After authentication mode, terminal a i First, a random number Rand (a) is generated i ) Sending to an access authentication management and control gateway A j Then from A j Back to terminal a i One challenge information CC (a) i );
Step 2, the terminal a is connected i Integrates the information of the operating system, the open port, the communication protocol and the like into a terminal a i Terminal characteristic information Ter _ Fea (a) i ) Simultaneously, the latest asset serial number Num (a) is formed i ) Combining the returned challenge information to generate the network access registration information M ═ (a) i -ID,Ter_Fea(a i ),Num(a i ),CC(a i ),Key_a(CC(a i ) And calculates a digest X of the asset registration information M — SHA256 (M);
step 3, terminal a i The public key Pub _ A of the ECC is calculated by utilizing the combined public key algorithm to encrypt the identity information and the abstract, an authentication message Pub _ A (M, X) is generated, and the authentication management and control gateway A is accessed to the network j Sending a network access authentication message;
step 4, network access authentication management and control gateway A j Terminal a is decrypted by using own private Key Key _ A i The access authentication information of the asset registration information M is obtained, the abstract X of the access registration information M is obtained, the abstract SHA256(M) of the asset registration information M is calculated, the SHA256(M) is compared with the X, if the abstract SHA256(M) is equal to the X, the access registration information is not tampered, and if the abstract SHA256(M) is not equal to the X, the access registration information is discarded;
step 5, network access authentication management and control gateway A j A terminal a i The transmitted data of the network access registration information M terminal asset information base are checked, and the data are equal and have an asset serial number Num (a) i ) If the value is the latest value, the network access authentication is successful; if not equal or Num (a) i ) If not, the network entry is discardedBook information.
When network access authentication management and control gateway A j Discovery terminal a i The terminal does not have the unique identity identifier of the whole network, and is informed to adopt a terminal network access authentication mode based on asset online check; then, the network access authentication management and control gateway A j Acquiring terminal characteristic information Ter _ Fea (a) from a terminal asset information base i ) The method comprises the steps of checking a terminal a by adopting a network detection mode, wherein the checking mode comprises an operating system, an open port, a communication protocol and the like of the information equipment i If the information matches, a device white list is formed, as shown in fig. 3, which includes the following specific steps:
step 1, when network access authentication management and control gateway A j Notification terminal a i After authentication mode, terminal a i Form the latest asset serial number Num (a) i ) And generates network access registration information M ═ a i -IP,Num(a i ));
Step 2, terminal a i Authentication management and control gateway A for network access j Sending network access registration information M; network access authentication management and control gateway A j Comparing and verifying a in the terminal asset information base i Network access registration information M '═ a' i -IP,Num(a’ i ) A' i -IP=a i -IP and Num (a) i )>Num(a’ i ) Acquiring terminal characteristic information Ter _ Fea (a ') from a terminal asset information base' i ) Otherwise, refusing the network access authentication;
step 3, network access authentication management and control gateway A j To terminal a i Implementing fixed-point network detection, and finishing the network detection to form terminal characteristic information Ter _ Fea (a) i ) If Ter _ Fea (a) i ) And Ter _ Fea (a' i ) If they are identical, generating terminal a i Otherwise, refusing the network access authentication.
S5, if the terminal is a i Successfully authenticating, and accessing to the network to authenticate the control gateway A j Acquiring terminal access authority from a terminal asset information base;
s6, adopting network access authentication mode Ter _ Auth _ ID (a) i ) The terminal adopts a network access Control mode Ter _ Control _ ID (a) after the authentication is finished i ) (ii) a Employing network authenticationMode Ter _ Auth _ Pro (a) i ) The terminal adopts a network access Control mode Ter _ Control _ Pro (a) after the authentication is finished i )。
The invention provides a mode combining asset information retrieval and asset online check by relying on a whole network terminal asset information base constructed by a cloud background, can intelligently and accurately identify the type of a network access terminal, and effectively solves the problem that the identification method based on single information retrieval is difficult to accurately identify the type of the terminal in real time.
The invention provides a terminal type-based self-adaptive network access authentication control mode, and can intelligently select network access authentication and network access control modes adapted to the terminal type based on the identified network access terminal type, so that a network access control mechanism for realizing multi-class heterogeneous terminals based on a unified control system can be formed, and the problem of one network access control system for one class of terminals at present is solved.
The invention provides a terminal network access authentication mode based on asset online check aiming at a terminal without a unique identity, and adopts a method combining network detection and white list control, thereby effectively solving the problem of network access authentication control which cannot adopt an embedded identity terminal.
Claims (6)
1. A heterogeneous terminal self-adaptive network access authentication control method based on asset intelligent identification is characterized by comprising the following steps:
s1, when any terminal a i Network access authentication management and control gateway A at backbone network boundary j Initiating a network access request;
s2, when network access authentication control gateway A j Receiving terminal a i After the network access request, the terminal address message Ter _ IP (a) is checked against the network access terminal information base i ) If no terminal address information exists, refusing the network access request, informing the administrator to re-check and correct the terminal asset information base, returning to the step S1, otherwise, entering the step S3;
s3, pass authentication gateway A of network entry j Terminal address information Ter _ IP (a) according to feedback i ) Selecting corresponding network access authentication mode, and adopting terminal with whole network unique identityNetwork access authentication mode Ter _ Auth _ ID (a) based on unique identity i ) Otherwise, adopting an authentication mode Ter _ Auth _ Pro (a) based on the on-line asset verification i );
S4, if adopting network access authentication mode Ter _ Auth _ ID (a) i ) Terminal a i By using its own public and private key pair (a) i -ID,keya i ) Authentication management and control gateway A for network access j Performing identity authentication to realize a terminal network access authentication mode based on the asset unique identifier, and if the network access authentication mode Ter _ Auth _ Pro (a) is adopted i ) Network access authentication control gateway A j Will actively face the terminal a i Network detection is carried out, whether the terminal characteristic information is consistent with the data in the terminal asset information base or not is confirmed, and a terminal network access authentication mode based on asset online check is realized;
s5, if the terminal is a i Successfully authenticating, and accessing to the network to authenticate the control gateway A j Acquiring terminal access authority from a terminal asset information base;
s6, adopting network access authentication mode Ter _ Auth _ ID (a) i ) The terminal adopts a network access Control mode Ter _ Control _ ID (a) after the authentication is finished i ) (ii) a Adopting a network access authentication mode Ter _ Auth _ Pro (a) i ) The terminal adopts a network access Control mode Ter _ Control _ Pro (a) after the authentication is finished i )。
2. The asset intelligent identification-based heterogeneous terminal adaptive network access authentication Control method according to claim 1, wherein the network access Control mode Ter _ Control _ ID (a) i ) The method comprises the following specific steps: terminal a i And a network access authentication management and control gateway A j Can negotiate the session identification based on the identification of both sides, and then the terminal a i Can carry the conversation label in the subsequent network message, the network access authentication controls the gateway A j Based on this, the method is implemented.
3. The asset intelligent identification-based heterogeneous terminal adaptive network access authentication Control method according to claim 1, wherein the network access Control mode Ter _ Control _ Pro (a) i ) The method specifically comprises the following steps: network access authentication management and control gateway A j Periodically to the terminal a i Performing network detection, if the information detected by the network is the terminal a in the terminal asset information base i If the characteristic information is consistent, the access control is continued by adopting a white list mode, otherwise, the terminal a is stopped i Subsequent access actions.
4. The asset intelligent identification-based heterogeneous terminal adaptive network access authentication control method according to claim 1, wherein the asset unique identifier-based terminal network access authentication mode specifically comprises:
step 1, when network access authentication management and control gateway A j Notification terminal a i After authentication mode, terminal a i First, a random number Rand (a) is generated i ) Sending to an access authentication management and control gateway A j Then from A j Back to terminal a i One challenge information CC (a) i );
Step 2, the terminal a is connected i Terminal characteristic information Ter _ Fea (a) i ) Simultaneously, the latest asset serial number Num (a) is formed i ) Combining the returned challenge information to generate the network access registration information M ═ (a) i -ID,Ter_Fea(a i ),Num(a i ),CC(a i ),Key_a(CC(a i ) And calculates a digest X of the asset registration information M — SHA256 (M);
step 3, terminal a i The public key Pub _ A of the ECC is calculated by utilizing the combined public key algorithm to encrypt the identity information and the abstract, an authentication message Pub _ A (M, X) is generated, and the authentication management and control gateway A is accessed to the network j Sending a network access authentication message;
step 4, network access authentication management and control gateway A j Terminal a is decrypted by using own private Key Key _ A i The access authentication information of the asset registration information M is obtained, the abstract X of the access registration information M is obtained, the abstract SHA256(M) of the asset registration information M is calculated, the SHA256(M) is compared with the X, if the abstract SHA256(M) is equal to the X, the access registration information is not tampered, and if the abstract SHA256(M) is not equal to the X, the access registration information is discarded;
step 5, network access authentication management and control gateway A j A terminal a i The sent data of the asset information base of the network access registration information M terminal are checked and equal and the assets are equalSequence number Num (a) i ) If the value is the latest value, the network access authentication is successful; if not equal or Num (a) i ) If not, the network access registration information is discarded.
5. The asset intelligent identification-based heterogeneous terminal adaptive network access authentication control method according to claim 4, wherein the terminal characteristic information Ter _ Fea (a) i ) Including the operating system, open port, and communication protocol of the information appliance.
6. The asset intelligent identification-based heterogeneous terminal adaptive network access authentication control method according to claim 1, wherein the asset online check-based terminal network access authentication mode specifically comprises:
step 1, when network access authentication management and control gateway A j Notification terminal a i After authentication mode, terminal a i Form the latest asset serial number Num (a) i ) And generates the network-access registration information M ═ (a) i -IP,Num(a i ));
Step 2, terminal a i Authentication management and control gateway A for network access j Sending network access registration information M; network access authentication management and control gateway A j Comparing and verifying a in the terminal asset information base i Network access registration information M '═ a' i -IP,Num(a’ i ) A' i -IP=a i -IP and Num (a) i )>Num(a’ i ) And acquiring terminal characteristic information Ter _ Fea (a ') from the terminal asset information base' i ) Otherwise, refusing the network access authentication;
step 3, network access authentication management and control gateway A j To terminal a i Implementing fixed-point network detection, and finishing the network detection to form terminal characteristic information Ter _ Fea (a) i ) If Ter _ Fea (a) i ) And Ter _ Fea (a' i ) If they are identical, terminal a is generated i Otherwise, refusing the network access authentication.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210330233.2A CN114826683B (en) | 2022-03-31 | 2022-03-31 | Heterogeneous terminal self-adaptive network access authentication management and control method based on asset intelligent identification |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210330233.2A CN114826683B (en) | 2022-03-31 | 2022-03-31 | Heterogeneous terminal self-adaptive network access authentication management and control method based on asset intelligent identification |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114826683A true CN114826683A (en) | 2022-07-29 |
| CN114826683B CN114826683B (en) | 2023-05-09 |
Family
ID=82532313
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210330233.2A Active CN114826683B (en) | 2022-03-31 | 2022-03-31 | Heterogeneous terminal self-adaptive network access authentication management and control method based on asset intelligent identification |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114826683B (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080215366A1 (en) * | 2007-02-28 | 2008-09-04 | Peter Robson | Asset management system and method |
| CN109672671A (en) * | 2018-12-12 | 2019-04-23 | 北京华清信安科技有限公司 | Security gateway and security protection system based on intelligent behavior analysis |
| CN110493195A (en) * | 2019-07-23 | 2019-11-22 | 上海文化广播影视集团有限公司 | A kind of network access control method and system |
| CN113709179A (en) * | 2021-09-08 | 2021-11-26 | 上海和数软件有限公司 | Energy-saving certification system for contract energy asset management based on block chain technology |
-
2022
- 2022-03-31 CN CN202210330233.2A patent/CN114826683B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080215366A1 (en) * | 2007-02-28 | 2008-09-04 | Peter Robson | Asset management system and method |
| CN109672671A (en) * | 2018-12-12 | 2019-04-23 | 北京华清信安科技有限公司 | Security gateway and security protection system based on intelligent behavior analysis |
| CN110493195A (en) * | 2019-07-23 | 2019-11-22 | 上海文化广播影视集团有限公司 | A kind of network access control method and system |
| CN113709179A (en) * | 2021-09-08 | 2021-11-26 | 上海和数软件有限公司 | Energy-saving certification system for contract energy asset management based on block chain technology |
Non-Patent Citations (1)
| Title |
|---|
| 邓永晖: "基于软件定义的网络准入控制体系", 《通信技术》 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114826683B (en) | 2023-05-09 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102077506B (en) | Security architecture for peer-to-peer storage system | |
| EP3388965B1 (en) | System and method for facilitating multi-connection-based authentication | |
| US8590024B2 (en) | Method for generating digital fingerprint using pseudo random number code | |
| CN110162936A (en) | A kind of use authorization method of software content | |
| US20080184029A1 (en) | Method and system for generating digital fingerprint | |
| CN108616504B (en) | Sensor node identity authentication system and method based on Internet of things | |
| CN108173662A (en) | The authentication method and device of a kind of equipment | |
| US20210241270A1 (en) | System and method of blockchain transaction verification | |
| CN112000744A (en) | Signature method and related equipment | |
| CN108040044A (en) | A kind of management method and system for realizing eSIM card security authentications | |
| CN106453321A (en) | Authentication server, system and method, and to-be-authenticated terminal | |
| CN112383401B (en) | User name generation method and system for providing identity authentication service | |
| CN115473655B (en) | Terminal authentication method, device and storage medium for access network | |
| US11240661B2 (en) | Secure simultaneous authentication of equals anti-clogging mechanism | |
| CN114157438A (en) | Network equipment management method and device and computer readable storage medium | |
| CN109190725B (en) | RFID bidirectional authentication method | |
| CN108833105B (en) | Electronic signature method and device | |
| CN109460647A (en) | A kind of method that more equipment safeties log in | |
| WO2017219886A1 (en) | Simple network protocol authentication method and device | |
| CN114826683A (en) | Self-adaptive network access authentication control method for heterogeneous terminal based on asset intelligent identification | |
| CN110168550A (en) | Data-message certification based on random number | |
| US9038143B2 (en) | Method and system for network access control | |
| US11943349B2 (en) | Authentication through secure sharing of digital secrets previously established between devices | |
| CN110535657B (en) | Method and device for mutual identity authentication of multiple private key management devices | |
| EP4047871A1 (en) | Advanced security control implementation of proxied cryptographic keys |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |