CN1423452A - Broad access network user identifying method - Google Patents
Broad access network user identifying method Download PDFInfo
- Publication number
- CN1423452A CN1423452A CN 01139053 CN01139053A CN1423452A CN 1423452 A CN1423452 A CN 1423452A CN 01139053 CN01139053 CN 01139053 CN 01139053 A CN01139053 A CN 01139053A CN 1423452 A CN1423452 A CN 1423452A
- Authority
- CN
- China
- Prior art keywords
- user
- address
- broadband
- access network
- authentication
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Telephonic Communication Services (AREA)
- Computer And Data Communications (AREA)
Abstract
This invention discloses an identification method for wideband user acc network including the following steps: 1) premapping user special information on wideband ace equipment directly connected with users 2) when a user accesses network, the said wideband acc equipment receives analyses data paper of applying for network address, extracts the user feature and searches for the mappid special information of the user 3) the said equipment sends certification request report to the charge server, the report carries the special information and the server identifies and certifies number information of the user, the said acc equipment decides if applying for address to the user from the address server.
Description
Technical field
The present invention relates to a kind of User Recognition and authentication method, relate to a kind of personal identification method that the broadband network network operator is docked access customer or rather broadband access network.
Background technology
Wide band system commonly used now mainly comprises three kinds, a kind of ADSL (Asymmetric Digital Subscriber Line) (ADSL) technology that is based on twisted pair telephone, a kind of cable modem (Cable Modem) mode that is based on cable TV also has a kind of Ethernet (LAN) access way that is based on category-5 cable.
Because the broadband user adopts online mode, be connected to backbone network by the proprietary network facilities.In order to screen and to charge the user, the network that uses mostly adopts the mode of virtual dial-up to realize at present.This Technology Need is installed the client software of a virtual dial-up on user's computer, end is installed the BAS Broadband Access Server of accepting user's virtual dial-up in operator.On implementation method, can find out obviously that there is following shortcoming in this user identification method:
1) operator has increased the investment and the maintenance cost of broadband server in networking;
2) user needs extra memory username and password to use as verifying, and needs monthly to pay the fees for the use broadband separately, has limited user's use;
3) user will carry out the operation of one-stage dialing in each online, uses inconvenient.
Summary of the invention
The purpose of this invention is to provide a kind of user identification method, also can be called broadband user's caller identification method based on subscriber directory number.By the surf the Net caller feature of circuit of checking user when the user surfs the Net, removed operator from the investment on the BAS Broadband Access Server and the user virtual dial-up process during in online.Owing to adopted the recognition methods of subscriber directory number, just loaded down with trivial details username and password needn't be remembered when the user uses simultaneously, the expense and the telephone charges of broadband access network can also be paid in the lump.
To achieve these goals, the present invention has adopted a kind of recognition methods of broadband user's access network, and this method may further comprise the steps:
A kind of recognition methods of broadband user's access network is characterized in, may further comprise the steps:
(1) with broadband access equipment that the user directly links to each other on pre-configured user profile;
When (2) user started shooting online, the data message by described broadband access equipment reception and analysis log on address extracted user's characteristic information, and searches pre-configured subscriber directory number information;
(3) send authentication request packet by described broadband access equipment to the authentication and accounting server, carry user's number information in the described message, by described authentication and accounting server user's number information is screened and authenticated, whether described access device decision gives the user from the address allocation server applied address.
Described telephone number information is the user special information that is configured on the access device, is stored in the access device; When needs checking user or charging, send the authentication and accounting server to by access device.
Described access device is made up of direct connection user's the network equipment and the network equipment of transmission user authentication request, can distinguish the user by the distinct interface that the user is connected on the equipment, and to the authentication request of authentication and accounting server transmission to the user.
Described authentication and accounting server includes the database of the Proprietary Information of validated user, the user profile decision user who sends by the checking access device network of whether having the right to use, and charge.
Described address allocation server includes the database of the network address, distributes idle address to use to the user according to the address request information that access device is sent.
The present invention provides the method for a kind of identification and authenticated user for the broadband network network operator, this method is on the basis of pre-configured subscriber directory number information on the access device, utilize access device to transmit subscriber directory number information from trend authentication and accounting server, reaching does not need the user to carry out virtual dial-up, can finish the purpose of authentification of user yet.
Description of drawings
With reference to the accompanying drawings, for those skilled in the art that, from the detailed description to the inventive method, above-mentioned and other purposes of the present invention, feature and advantage will be apparent.
Fig. 1 is a system configuration schematic diagram of realizing a preferred embodiment of the inventive method;
Fig. 2 is a system configuration schematic diagram of realizing another preferred embodiment of the inventive method;
Fig. 3 is the User Recognition authentication processing flow chart of the inventive method.
Embodiment
Realizing user identification method of the present invention, mainly is to carry out the pre-configured of user profile on access device, just can use these information in the process of User Recognition authentication then.Fig. 1 and Fig. 2 provide two kinds of system configuration schematic diagrames of the user identification method that the present invention is based on calling number.As can be seen, system configuration shown in Figure 1 includes subscriber computer 11, authentication and accounting server 13 and address allocation server 14, the system configuration of preferred embodiment shown in Figure 2 comprises subscriber computer 21, authentication and accounting server 23 and address allocation server 24 compositions equally, and difference is that the access device 12 of Fig. 1 is divided into prime access device 221 and back level access device 222 in Fig. 2.With Fig. 1 is example, subscriber computer 11 is in case the start online, to send the request of an address assignment to broadband access equipment 12, broadband access equipment 12 sends user authentication request to authentication and accounting server 13 respectively, sends address assignment request to address allocation server 14.As shown in Figure 2, broadband access equipment is divided into direct connection user's the network equipment and the network equipment of transmission user authentication request is formed this two parts, these two parts are separately positioned in prime access device 221 and the back level access device 222, in this case, only need prime access device 221 that user's interface message is delivered in the level access device 222 of back, in the level access device 222 of back, user's number information is delivered to authentication and accounting device 23 then and gets final product.By Fig. 2 explanation,, in the network environment of reality, access device might be made up of prime equipment and back level equipment physically fully as long as realize the logic function of access device.Relate to two functions of the present invention: directly connecting the user can be separately in two different physical entity with the transmission user authentication information.
Provide the flow chart of User Recognition authentication referring to Fig. 3, step 301, flow process begins, comprise that subscriber computer is set to obtain automatically the IP address, start also enters the online state, step 302, subscriber computer sends the data message of network address application to broadband access equipment, and this data message comprises interface type, MAC Address of Network Card, the used IP of client layer address, contents such as subscriber's main station name, step 303 is analyzed user's application IP addresses message by broadband access equipment, and according in advance configuration extraction user special information, the user special information here comprises subscriber directory number information and user's characteristic information.Wherein subscriber directory number information comprises domestic consumer's a cable phone number or enterprise customer's a main telephone number; User's characteristic information comprise the subscriber computer network interface card MAC Address, be the port mac address and the vlan number sign indicating number of the IP address of user's fixed configurations, user institute direct interconnection network.User special information is to indicate the information of user and network link position or the specific information that subscriber computer had; Step 304, send the authentication request packet that contains user special information to the authentication and accounting server by broadband access equipment, carry user's number information or user's characteristic information in this message, and in following step 305, user special information is screened and authenticated by the authentication and accounting server, judge whether the user is legal, if result of determination is legal, flow process changes step 306 over to, the authentication and accounting server is responded authentication by broadband access equipment to subscriber computer and is passed through message, then in step 307,, finish behind the response user to the network address server applied address by access device; If step 305 judged result is illegal, flow process changes step 308 over to, and authentication and accounting server response authentication refusal message is sent not by checking to subscriber computer by access device in step 309 then, haves no right the prompting of accesses network.
According to the description of above-mentioned flow process, we can draw, and adopt this user identification method, on the one hand the construction investment that the operator of broadband network has been saved the virtual dial-up server; On the other hand, the broadband user is simplified last network process, do not needed to carry out virtual dial-up, remembered loaded down with trivial details the user name and password.
In sum, the present invention combines the network application technology, and the network communications technology and Computer Applied Technology are for the broadband subscribers access network provides a kind of easy user identification method.
The front provides the description to preferred embodiment, so that any technical staff in this area can use or utilize the present invention.Various modifications to these embodiment are conspicuous to those skilled in the art, can be applied to other embodiment to total principle described here and not use creativeness.Thereby, the embodiment shown in the present invention will be not limited to here, and the wide region of principle that should disclose and new feature according to meeting here.
Claims (6)
1, a kind of recognition methods of broadband user's access network is characterized in that, may further comprise the steps:
(1) with broadband access equipment that the user directly links to each other on pre-configured user special information;
When (2) user started shooting online, the data message by described broadband access equipment reception and analysis log on address extracted user's characteristic information, and searches pre-configured user special information;
(3) send authentication request packet by described broadband access equipment to the authentication and accounting server, carry user special information in the described message, by described authentication and accounting server user's number information is screened and authenticated, whether described access device decision gives the user from the address allocation server applied address.
2, the recognition methods of broadband user's access network according to claim 1 is characterized in that, the result of determination of described step (3) comprising: if receive authentication by message then confirm, for the user asks the distribution network address; If receive the authentification failure message, will be directly to the message of user response application IP addresses failure, the prompting authentification of user fail by.
3, the recognition methods of broadband user's access network according to claim 1 and 2 is characterized in that, described user special information comprises subscriber directory number information and user's characteristic information.
4, the recognition methods of broadband access network according to claim 3 is characterized in that, described subscriber directory number information comprises domestic consumer's cable phone number.
5, the recognition methods of broadband access network according to claim 3 is characterized in that, described subscriber directory number information comprises enterprise customer's a main telephone number.
6, the recognition methods of broadband access network according to claim 3, it is characterized in that, described user's characteristic information comprise the subscriber computer network interface card MAC Address, be the port mac address and the vlan number sign indicating number of the IP address of user's fixed configurations, user institute direct interconnection network.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 01139053 CN1200532C (en) | 2001-12-05 | 2001-12-05 | Broad access network user identifying method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 01139053 CN1200532C (en) | 2001-12-05 | 2001-12-05 | Broad access network user identifying method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1423452A true CN1423452A (en) | 2003-06-11 |
| CN1200532C CN1200532C (en) | 2005-05-04 |
Family
ID=4674984
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 01139053 Expired - Fee Related CN1200532C (en) | 2001-12-05 | 2001-12-05 | Broad access network user identifying method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN1200532C (en) |
Cited By (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2004100574A1 (en) * | 2003-05-07 | 2004-11-18 | Huawei Technologies Co., Ltd. | A transferring method of subscriber location information in a network communication system |
| CN100344094C (en) * | 2004-09-01 | 2007-10-17 | 华为技术有限公司 | Method for realizing authority charging to multi address user in IPv6 network |
| WO2007137482A1 (en) * | 2006-05-19 | 2007-12-06 | Huawei Technologies Co., Ltd. | Charging method, system and device in interoperability network of global microwave system |
| WO2008011832A1 (en) * | 2006-07-19 | 2008-01-31 | Huawei Technologies Co., Ltd. | A network access method, system and a network connection device |
| CN100372322C (en) * | 2003-07-23 | 2008-02-27 | 华为技术有限公司 | A method for controlling access right of private network user |
| CN100589432C (en) * | 2005-04-19 | 2010-02-10 | 中兴通讯股份有限公司 | Method for inhibiting redial in wideband access network |
| CN1652535B (en) * | 2004-02-03 | 2010-06-23 | 华为技术有限公司 | Method for managing network layer address |
| CN1703004B (en) * | 2005-02-28 | 2010-08-25 | 联想(北京)有限公司 | Method for implementing network access authentication |
| CN1681243B (en) * | 2004-04-05 | 2011-06-08 | 华为技术有限公司 | Method for realizing user authentication of wide-band network special bus |
| CN102761618A (en) * | 2012-07-03 | 2012-10-31 | 杭州华三通信技术有限公司 | Method, equipment and system for realizing load balancing |
| CN101053208B (en) * | 2004-05-25 | 2013-06-19 | 思科技术公司 | Wideband protocol |
| CN103607372A (en) * | 2013-08-19 | 2014-02-26 | 深信服网络科技(深圳)有限公司 | Authentication method and device for network access |
| CN104468460A (en) * | 2013-09-12 | 2015-03-25 | 方正宽带网络服务股份有限公司 | Automatic authentication apparatus for network access and automatic authentication method for network access |
| CN106878280A (en) * | 2017-01-10 | 2017-06-20 | 阿里巴巴集团控股有限公司 | The method and apparatus of user authentication, the method and apparatus for obtaining user number information |
| CN108206765A (en) * | 2018-03-30 | 2018-06-26 | 新华三技术有限公司 | PPPoE reaches the standard grade restoration methods, BRAS equipment and aaa server |
| CN110808940A (en) * | 2018-08-06 | 2020-02-18 | 广东亿迅科技有限公司 | ONT-based broadband access line user identification method and system |
-
2001
- 2001-12-05 CN CN 01139053 patent/CN1200532C/en not_active Expired - Fee Related
Cited By (23)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2004100574A1 (en) * | 2003-05-07 | 2004-11-18 | Huawei Technologies Co., Ltd. | A transferring method of subscriber location information in a network communication system |
| AU2004237260B2 (en) * | 2003-05-07 | 2008-01-03 | Huawei Technologies Co., Ltd. | A transferring method of subscriber location information in a network communication system |
| CN100372322C (en) * | 2003-07-23 | 2008-02-27 | 华为技术有限公司 | A method for controlling access right of private network user |
| CN1652535B (en) * | 2004-02-03 | 2010-06-23 | 华为技术有限公司 | Method for managing network layer address |
| CN1681243B (en) * | 2004-04-05 | 2011-06-08 | 华为技术有限公司 | Method for realizing user authentication of wide-band network special bus |
| CN101053208B (en) * | 2004-05-25 | 2013-06-19 | 思科技术公司 | Wideband protocol |
| US8813217B2 (en) | 2004-09-01 | 2014-08-19 | Huawei Technologies Co., Ltd. | Method and system for authorizing and charging host with multiple addresses in IPv6 network |
| CN100344094C (en) * | 2004-09-01 | 2007-10-17 | 华为技术有限公司 | Method for realizing authority charging to multi address user in IPv6 network |
| CN1703004B (en) * | 2005-02-28 | 2010-08-25 | 联想(北京)有限公司 | Method for implementing network access authentication |
| CN100589432C (en) * | 2005-04-19 | 2010-02-10 | 中兴通讯股份有限公司 | Method for inhibiting redial in wideband access network |
| WO2007137482A1 (en) * | 2006-05-19 | 2007-12-06 | Huawei Technologies Co., Ltd. | Charging method, system and device in interoperability network of global microwave system |
| US8484715B2 (en) | 2006-07-19 | 2013-07-09 | Huawei Technologies Co., Ltd. | Method and system for network access and network connection device |
| WO2008011832A1 (en) * | 2006-07-19 | 2008-01-31 | Huawei Technologies Co., Ltd. | A network access method, system and a network connection device |
| CN1901449B (en) * | 2006-07-19 | 2010-05-12 | 华为技术有限公司 | Network access method and network communication system |
| CN102761618A (en) * | 2012-07-03 | 2012-10-31 | 杭州华三通信技术有限公司 | Method, equipment and system for realizing load balancing |
| CN103607372A (en) * | 2013-08-19 | 2014-02-26 | 深信服网络科技(深圳)有限公司 | Authentication method and device for network access |
| CN103607372B (en) * | 2013-08-19 | 2016-12-28 | 深信服网络科技(深圳)有限公司 | The authentication method of network insertion and device |
| CN104468460A (en) * | 2013-09-12 | 2015-03-25 | 方正宽带网络服务股份有限公司 | Automatic authentication apparatus for network access and automatic authentication method for network access |
| CN106878280A (en) * | 2017-01-10 | 2017-06-20 | 阿里巴巴集团控股有限公司 | The method and apparatus of user authentication, the method and apparatus for obtaining user number information |
| CN108206765A (en) * | 2018-03-30 | 2018-06-26 | 新华三技术有限公司 | PPPoE reaches the standard grade restoration methods, BRAS equipment and aaa server |
| CN108206765B (en) * | 2018-03-30 | 2021-08-06 | 新华三技术有限公司 | PPPoE online recovery method, BRAS equipment and AAA server |
| CN110808940A (en) * | 2018-08-06 | 2020-02-18 | 广东亿迅科技有限公司 | ONT-based broadband access line user identification method and system |
| CN110808940B (en) * | 2018-08-06 | 2022-02-22 | 广东亿迅科技有限公司 | ONT-based broadband access line user identification method and system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN1200532C (en) | 2005-05-04 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN1200532C (en) | Broad access network user identifying method | |
| AU709790B2 (en) | Interactive and information data services telephone billing system | |
| US6577720B1 (en) | System and method for providing high-speed communications using a public terminal | |
| US6301618B1 (en) | Forced sequential access to specified domains in a computer network | |
| EP0667729B1 (en) | Secure system for interconnecting local networks via a public transmission network | |
| US20020162029A1 (en) | Method and system for broadband network access | |
| CN100574352C (en) | Remote opening control system and method | |
| CN101567883B (en) | Realization method for preventing MAC address forgery | |
| US7656794B2 (en) | Method and apparatus for authenticated quality of service reservation | |
| JP2000151811A (en) | Internet connection device | |
| JP2002077277A (en) | Method of providing access control for and/or in relation to users accessing the internet from terminals via private access node, and apparatus for carring out such method | |
| KR20070088712A (en) | Method for setting up connections for access of roaming user terminals to data networks | |
| US7715543B2 (en) | Method for verifying telephone call back information for return calls which are initiated via the internet | |
| CN100338909C (en) | Method for discriminating service flow | |
| CN1204713C (en) | Management method of user's connecting network in wideband network | |
| MXPA01013117A (en) | System and method for local policy enforcement for internet service providers. | |
| AU743974B2 (en) | The use of a pair made up of a call number and of an internet originating address | |
| CN1571341A (en) | A control and charging method used for network value added service | |
| WO2006104459A1 (en) | Voice over internet protocol system and method | |
| KR101042114B1 (en) | System and method for controlling internet service providing | |
| CN100356741C (en) | A method and apparatus for implementing network access control based on link layer protocol | |
| CN1630256A (en) | A realizing method for preventing IP address embezzlement during connection to Internet | |
| JP2002041476A (en) | System and method for user authentication | |
| CN1127828C (en) | Method for calling non-on line user to connect network | |
| CN1585341A (en) | Network dialogue managing method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C19 | Lapse of patent right due to non-payment of the annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |