WO2011088695A1 - 一种在公共设备上接入网络的方法及系统 - Google Patents
一种在公共设备上接入网络的方法及系统 Download PDFInfo
- Publication number
- WO2011088695A1 WO2011088695A1 PCT/CN2010/077882 CN2010077882W WO2011088695A1 WO 2011088695 A1 WO2011088695 A1 WO 2011088695A1 CN 2010077882 W CN2010077882 W CN 2010077882W WO 2011088695 A1 WO2011088695 A1 WO 2011088695A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- aid
- user
- asn
- public device
- receiving
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/09—Mapping addresses
- H04L61/10—Mapping addresses of different types
- H04L61/103—Mapping addresses of different types across network layers, e.g. resolution of network layer into physical layer addresses or address resolution protocol [ARP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/08—Access security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/126—Applying verification of the received information the source of the received data
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/30—Network architectures or network communication protocols for network security for supporting lawful interception, monitoring or retaining of communications or communication related information
Definitions
- the present invention relates to the field of mobile communications and the Internet, and more particularly to a method and system for accessing a network on a public device.
- IP Internet Protocol
- a public device accesses a network, it directly uses the IP address of the public device to communicate with other users, and the network supervisor cannot perform access to the user accessing the network on the public device. Tracking and traceability.
- IP Internet Protocol
- the Internet requires an ID card, but many Internet cafes still cannot identify the authenticity of the document, and even if there is no legal document, they can use the public ID provided by the Internet cafe to access the Internet. This has brought great difficulties to the tracking and traceability of network regulators.
- the user can log in to his business account on the public device, such as mail, internet banking, etc., but cannot implement the user network layer IP. Bind to the application layer service, once the account is lost, it will bring great losses to the user. If the user network layer IP is bound to the application layer service on the traditional IP technology, when the user accesses the network on the public device, the application layer service cannot be accessed because the IP address of the network layer is different. For network regulators, the supervision of users is also weakened because account and user IP cannot be bound.
- the ambiguity of the identity and location of the traditional IP address also prevents the user from binding the application layer service with the network layer IP, so that the security of the application layer service cannot be more effectively guaranteed.
- the technical problem to be solved by the present invention is to provide a method and system for accessing a network in a public device, which can effectively trace and trace users accessing the network on a public device in the identity identification and location separation network.
- the present invention provides a method for accessing a network on a public device, which is applied to an identity identification and a location separation network, and the method includes:
- the access server (ASN) After receiving the access network request message sent by the user on the public device, the access server (ASN) sends the request message to the authentication center (AC), where the access network request message includes at least the account and password of the user;
- the AC verifies the validity of the account and the password, and if the verification passes, sends the access identity (AID) of the user to the ASN;
- the ASN After receiving the AID of the user, the ASN sends the AID to the public device, and the public device uses the AID of the user as a virtual AID, and uses the virtual AID to send and receive the message of the user.
- the ASN attaches the AID of the user, establishes a mapping relationship between the AID of the user and a route identifier (RID) of the ASN, and reports the relationship to the user.
- ILR Identity and Location Register
- the ASN After receiving the AID of the user, the ASN establishes a mapping table between the AID of the user and the AID of the public device.
- the ASN sets the AID attribute of the user to a virtual AID, and sets the virtual AID as a source address or a virtual AID, while establishing a mapping table of the AID of the user and the AID of the public device.
- the AID of the public device is obtained by querying the mapping table, and traffic statistics or charging is performed on the public device.
- the ASN is used as: - user or device:
- the ASN records the AID of the managed public device
- the source address of the packet is the filed AID and the destination address is not The AID of the AC, or the destination address of the packet is the AID of the record, and the source address is not the AID of the AC, and the packet is discarded.
- the user accesses the network on the public device, after being online in the network, when the user is offline,
- the user sends an offline request on the public device, and the ASN sends the offline request to the AC;
- the AC After deleting the online status of the user in the network, the AC sends an offline request response to the ASN;
- the ASN Determining, by the ASN, the user's attachment, and requesting the ILR to delete the mapping relationship between the AID of the user and the RID of the ASN; and deleting the mapping between the AID of the user and the AID of the public device. And sending the offline request response to the public device; and after the public device receives the offline request response, deleting the virtual AID of the user.
- the user's account number and password are pre-allocated by the network administrator or submitted by submitting the personal identity information online; and the user is assigned the bound AID while the account is being allocated.
- the method further includes:
- the ASN After receiving the access network request message, the ASN determines whether it is from the public device, and if the access network request message is not from the public device, the ASN sends the access network request message to the AC, and Forwarding the access network response of the AC to the originator of the access network request message.
- the present invention also provides a system for accessing a network on a public device, which is applied to an identity identification and a location separation network, the system comprising: an access server (ASN), a public device, and an authentication center (AC), wherein
- ASN access server
- AC authentication center
- the ASN is configured to: after receiving an access network request message sent by the user on the public device, send the message to the AC, where the access network request message includes at least the account and the password of the user; After the access identifier AID of the user sent by the AC is sent to the public device;
- the AC is configured to: after receiving the access network request message of the user, the account Verification of the validity of the number and password, if the verification is passed, the AID of the user is sent to the ASN;
- the public device is configured to send an access network request message to the ASN according to the account and password input by the user, and after receiving the AID of the user pushed by the ASN, the AID of the user is used as the virtual AID. And transmitting and receiving the user's 4 texts by using the virtual AID.
- the system further includes an identity identifier and an address registration register (ILR), and the ASN is further configured to: after receiving the AID of the user, attach an AID of the user, and establish an AID of the user and Mapping relationship of the route identifier (RID) of the ASN, and reporting the ILR to the user;
- ILR address registration register
- the ILR is set to save a mapping relationship between the AID of the user and the RID of the ASN; and after receiving the mapping relationship query request initiated by the other ASN according to the AID of the user, preferably, the ASN is further set. After the AID of the user is received, a mapping table between the AID of the user and the AID of the public device is established.
- the ASN is further configured to: set the AID attribute of the user to a virtual AID, and query the mapping table to obtain the public when receiving the packet with the virtual AID as a source address or a destination address.
- the ASN is further configured to prohibit the managed public device from accessing a user or device other than the AC.
- the ASN is further configured to: after receiving an offline request of the user, send the
- the AC is further configured to: after receiving the offline request, after deleting the online status of the user in the network, send an offline request response to the ASN;
- the public device is further configured to delete the virtual AID of the user after receiving the offline request response.
- the above implementation is based on the identity identification and location separation network, and utilizes the network uniqueness of the user AID to implement the user accessing the network on the public device. Compared with the current traditional IP network, the above embodiments are used to fully utilize the superiority of the identity identifier and the location identifier to separate the network, and the user accessing the network on the public device can be effectively performed on the basis of the unique AID of the entire network. Ground tracking and traceability.
- FIG. 1 is a schematic structural diagram of a SILSN according to an embodiment of the present invention.
- FIG. 2 is a schematic flowchart of a user accessing a network on a public device according to an embodiment of the present invention
- FIG. 4 is a schematic flowchart of a packet processing from a public device by an ASN according to an embodiment of the present invention
- FIG. 5 is a schematic flowchart of processing an ASN packet from another ASN according to an embodiment of the present invention
- FIG. 6 is a schematic flowchart of a user offline according to an embodiment of the present invention.
- FIG. 7 is a schematic flowchart of a user applying for an account on a public device according to an embodiment of the present invention.
- the present invention proposes a system architecture of the Subscriber Identifier & Locator Separation Network (SILSN) as shown in FIG.
- the SILSN system consists of an Access Service Node (ASN), a User (User), an Authentication Center (AC), and an Identifier Information Center (IIC). 12 and the identity and location registration register (Identification & Location Register, ILR for short) 13 and so on.
- ASN is mainly responsible for user access, and assumes functions such as billing and switching; ILR is set to assume user's location registration and identity location identification, and location query function; AC is responsible for authenticating user access; IIC is responsible for Store the user's identity information.
- AID Access Identity (Access) Identifier
- RID Routing Identifier
- the AID is the identity of the user. This ID is only assigned to the user and is unique to the entire network. The identity can be uniquely changed during network transmission, and the AID does not change when the user moves in the network. The net is unique. The user and the user use the RID of the ASN to which they are attached to route the communication message. It should be noted that the identity and location identifiers may have different names in different SILSN architectures, but the essence is the same.
- the above SILSN network has the following features: Each user in the network can only access after strict authentication, and the user sends the AID in the data packets sent by the various services, and each data packet sent by the user must be After ASN authentication, the data packet sent by the user is guaranteed to carry its own access identity, and the other user AID will not be impersonated to access the network, and the access identity will remain unchanged when transmitted in the network. This logo does not change when moving or switching.
- users Userl and User2 have unique access identities AID1 and AID2, respectively, and Userl and User2 access the network through ASN1 and ASN2, respectively.
- User2 accesses the network normally, that is, the user equipment (User Equipment, UE for short) is used to access the network.
- the AID of the UE is the AID that User2 uses to bind to the service.
- Userl accesses the network on the public device. Because the AID of the public device is not the AID owned by Userl, it cannot be bound to the application service of the user.
- the basic implementation idea of the present invention is as follows:
- the network administrator stores the user's account number, password and AID in the AC, and the user accesses the network by using his own account and password;
- AC to the user The account and the password are authenticated.
- the AC pushes the user's AID to the ASN and the public device.
- the user's AID bound to the account is bound to the public device as the virtual AID.
- the binding of Userl's AID to the application service can be realized.
- the user's account may be directly assigned by the network administrator, or the user may submit a personal information application account on the public network.
- an AID is assigned to it.
- the present invention solves the problem of accessing a network on a public device based on a SILSN network by using the following scheme:
- the ASN After receiving the access network request message sent by the user on the public device, the ASN sends the request to the AC.
- the access network request message includes at least the account and password of the user;
- the AC verifies the validity of the account and the password, and if the verification passes, sends the AID of the user to the ASN;
- the ASN pushes the AID of the user to the public device, and the public device uses the AID of the user as a virtual AID, and uses the virtual AID to send and receive packets of the user.
- the AC After verifying the validity of the account and the password, the AC sends an access network response message to the ASN, and if the verification passes, the AID of the user is carried in the access network response message;
- the ASN After receiving the access network response message including the AID, the ASN attaches the AID of the user, establishes a mapping relationship between the AID of the user and the RID of the user, and reports the ILR to the user, and reports the ILR to the user.
- An AID mapping table between the user and the public device.
- the ASN also sets the attribute of the user's AID to virtual.
- the user sends an access network request message to the ASN by inputting an account and a password on the public device, where the access network request message includes at least the account and password of the user;
- the ASN Determining, by the ASN, whether the access network request is from a public device, and if yes, attaching an AID of the user after receiving the access network response message that is verified, and establishing the user and the public
- the AID mapping table of the device if it is not from the public device, it only needs to forward to the AC for verification, and forwards the received access network response message to the initiator of the access network request.
- the ASN will prohibit public devices from accessing users other than the AC.
- Figure 2 shows the flow of a user accessing a network on a public device using an account.
- the user enters the password on the public device using his own account and enters the password to apply for access to the network.
- the application information is sent to the AC for processing, and the AC queries the account password and the AID according to the account number. Then, AC uses the query
- the account information verifies the authenticity of the account and password submitted by the user to confirm whether the user's access network request can be accepted. If the verification is successful, the AC pushes the user's AID to the public device where the user is located.
- the process may specifically include the following steps:
- S200 The user inputs an account and a password on the public device, and sends an access network request message to the ASN, where the access network request information includes a user account and a password;
- the source AID of the essay is the AID of the public device, and the destination AID is the AID of the AC;
- the ASN receives an access network request message from a user of the public device, and forwards the message to the AC processing.
- the ASN needs to determine whether the access network request message is from a public device. If it is not from a public device, for example, a normal home user passes a PC (Personal Computer, a personal computer) or a UE, the access network request carries itself. The AID is sent to the AC for verification. After receiving the AC access network request response, if the authentication is passed, the ASN directly attaches the AID of the user. The difference between the access and the access on the public device is that the AC only needs to return a response message for verifying the pass, without pushing the AID of the user; and the ASN does not need to establish a mapping table between the AID of the user and the AID of the public device.
- a public device for example, a normal home user passes a PC (Personal Computer, a personal computer) or a UE, the access network request carries itself. The AID is sent to the AC for verification. After receiving the AC access network request response, if the authentication is passed, the ASN directly attaches the
- the AC receives the User access network request information from the public device, and performs verification on the validity of the account and the password, for example, extracting the account and password of the User in the request information, and performing corresponding account and password stored in the AC. If the comparison is consistent, the verification is successful, otherwise the verification fails;
- the AC sends a network access request response message to the ASN, where the message carries the AID of the user;
- the ASN After receiving the user access network authentication response message from the AC, the ASN attaches the AID of the user, and establishes an ⁇ AID, RID> mapping relationship with the RID of the ASN itself, and establishes a relationship between the user and the public device.
- the form is ⁇ 0, AID ⁇ AID mapping table.
- the ASN sets the User's AID attribute to the User virtual AID; if the authentication fails, the ASN directly forwards the access network authentication response message from the AC;
- the public device After the public device receives the access network authentication response message, if the authentication is passed, the public device uses the AID of the user as a virtual AID in the system, and the network behavior of the user on the public device is the virtual AID.
- the source AID For example, when User accesses the File Transfer Protocol (FTP) server, the source AID in the access request message sent is the virtual AID.
- FTP File Transfer Protocol
- the ASN reports the ⁇ , RID> mapping relationship of the User to the ILR.
- the user user establishes an ⁇ AID, RID> mapping relationship with the ASN, and reports the information to the ILR to indicate that the user is attached to the ASN, so that other users and the ASN can query the ILR according to the AID of the user to obtain the corresponding RID information. Then, according to the queried RID information, the message is sent to the ASN.
- the S270JLR After the S270JLR records or updates the ⁇ , RID> mapping relationship of the User, it returns the report mapping relationship response information to the ASN.
- the ILR After receiving the mapping request of the other ASN to the user, the ILR returns the RID corresponding to the AID of the user to the querying party, that is, the ASN that initiates the query request.
- S260 and S270 may also be implemented before S250, and the order of implementation depends on the internal implementation method of the ASN.
- Figure 3 shows the packet forwarding process for users to access the Internet on public devices.
- the user's online behavior on the public device is basically consistent with the user's online behavior on the device. It complies with the network manager and the regulatory agency's tracking and traceability requirements for the user, and also solves the problem between the user network layer AID and the application layer service. Binding problem. The difference is that the ASN needs to count the traffic of the public device to manage the public device.
- the process specifically includes the following steps:
- Userl sends a communication request message to User2 on the public device, and the source AID in the packet is a virtual AID (Userl's AID);
- the public device not only has its own AID, but its system also allows users who successfully access the network on the public device to attach their AID to the public device. That is to say, when the AID of the user is attached to the public device, the AID used by the public device to send and receive messages is the virtual AID of the user, not the AID of the public device. When the user exits the network, the virtual AID will also be deleted. Thereafter, the AID used by the public device to send and receive messages is its own AID.
- the ASN1 receives the packet from the public device, and after checking that the source AID is the virtual AID according to the attribute of the AID of the attached user set by the ASN, the AID is used to query the User1 and the public.
- the AID mapping table of the device obtains the AID of the public device and performs traffic statistics on the public device.
- ASN1 queries the ILR according to the destination AID in the communication request message of User1, that is, the AID of User2 to obtain the corresponding RID (RID of ASN2), and can use the RID of ASN1 as the source RID and the RID of ASN2 as the destination RID.
- the route is forwarded to ASN2;
- the ASN2 de-encapsulates the RID and forwards the communication request of the User1 to the User2;
- ASN2 encapsulates the source RID (the RID of the ASN2) and the destination RID (the RID of the ASN1) in the reply message, and forwards it to the ASN1;
- This example is based on the case where User1 initiates communication with User2. If User2 initiates communication with User1, ASN2 queries the ILR according to the destination address in the communication request packet of User2, that is, the AID of User1, and obtains the RID of the corresponding ASN1. The packet is encapsulated in the packet and forwarded to ASN1.
- the communication process is similar to this example, and is not mentioned here.
- ASN1 receives the 4 ⁇ message from ASN2, checks to obtain the destination AID as the virtual AID, and then uses the AID to query the AID mapping table of the User1 and the public device, obtains the AID of the public device, and performs traffic statistics on the public device.
- ASN1 uses the AID mapping table of Userl and the public device to query the AID of the public device, and performing traffic statistics is only one of the functions.
- the functions that ASN1 can implement based on the AID mapping table are not limited to traffic statistics. It also includes the functions of recording the specific location of Userl access to the network and charging for public devices.
- Figure 4 shows the ASN processing packet flow from the public device.
- the ASN needs to check if the source AID is the AID of the public device, and if so, it is necessary to prohibit the public device from directly accessing the non-AC destination.
- the process specifically includes the following steps: S400: The ASN receives a message from a public device (such as a Internet cafe PC);
- the ASN extracts the source AID in the packet, and determines whether it is the AID of the public device. If yes, the process goes to step S420. If not, the process goes to step S430.
- the ASN can find the source AID according to the list of all the AIDs on the ASN, and then check whether the source AID is a public device by checking the attribute of the source AID.
- the AID can determine whether the source AID is a public device by using various other methods.
- the ASN can record the AID of all the public devices on the ASN, and separately save the AID list of the public device; Determine whether the source AID is a public device according to the AID list of the public device being filed, and so on. It is not listed here one by one.
- step S420 The ASN determines whether the destination of the packet is AC. If yes, the process proceeds to step S470, and the packet is forwarded normally; if not, the process proceeds to step S460, and the packet is discarded;
- the ASN determines whether the AID attribute is a virtual user, that is, whether the user accesses the virtual AID of the network on the public device, and if so, jumps to the step S440; if not, jumps to the S470 Step, normal forwarding;
- step S440 Query whether there is a corresponding AID mapping table between the public device and the public device AID according to the virtual AID of the user accessing the network on the public device. If there is an AID mapping table, the process jumps to step S450; if not, then jumps Go to step S460, discard the text;
- the ASN performs traffic statistics on the public device according to the queried AID mapping table; and proceeds to step 470;
- S470 Forwards the packet normally. It should be noted that S470 is jumped from step S420, S430 or S450.
- the ASN processes the end of the process from the public device.
- Figure 5 shows the flow of ASN processing messages from other ASNs.
- the ASN needs to determine whether the destination AID is accessing the user virtual AID of the network on the public device.
- the process specific Including the following steps:
- S500 The ASN receives the message of the other ASN.
- the ASN extracts the source AID and the destination AID, and determines whether the destination AID is a public device AID, and if yes, jumps to step S520; if not, jumps to step S530;
- step S520 the ASN determines whether the packet is from the AC, and if yes, the process proceeds to step S570, and the packet is forwarded normally; if not, the process proceeds to step S560, and the packet is discarded;
- the ASN determines whether the destination AID of the packet is connected to the user virtual AID of the network on the public device, and if yes, the process proceeds to step S540; if not, the process proceeds to step S570, and the packet is normally forwarded;
- step S540 If the destination AID of the packet is a user virtual AID that accesses the network on the public device, the ASN queries whether the AID mapping table exists with the public device AID according to the AID, and if so, jumps to step S550; , go to step S560, discard the text;
- the ASN calculates the traffic of the public device according to the AID of the public device; and proceeds to step 570;
- the ASN processes the packet flow from other ASNs.
- Figure 6 shows the flow of the user offline.
- the user has access to the network on the public device.
- the offline request is sent to the AC.
- the AC, ILR, and ASN need to delete the records related to the user AID.
- the process specifically includes the following steps:
- the ASN receives the offline request of the User1, and forwards the request to the AC.
- S620 The AC receives an offline request from User1, and deletes the online status of Userl in the network.
- S630 The AC sends an offline request response to the ASN, and notifies the ASN to delete the Userl related information.
- S640 the ASN receives the offline request response message from the AC, cancels the AID attachment of the User1, and deletes the AID mapping table between the AID of the User1 and the AID of the public device;
- the ASN sends the ⁇ 10, 1 10> mapping relationship update to the ILR to the ILR, and requests to delete the mapping relationship of the i ⁇ AID, RID>;
- the ILR deletes the ⁇ AID, RID> mapping relationship of Userl, and sends a mapping relationship deletion response to the ASN.
- S670 The ASN sends an offline successful response message to the public device, and deletes the virtual AID of the User1 attached to the public device.
- Figure 7 shows the process for a user to register an account on a public device.
- the user can fill in the personal information on the public device and submit the registration account application directly.
- the user's real personal information is collected and saved by the network administrator in advance at the IIC to verify the authenticity of the user's online application for submitting the account.
- the process specifically includes the following steps:
- the ASN forwards an account registration application message to the AC.
- the AC receives the account registration application message, and queries the IIC for the real personal information of the user according to the ID card in the message;
- IIC returns the real personal information of the queried User to the AC;
- the AC verifies whether the account registration message submitted by the User is valid by using the real personal information of the User queried from the IIC, if valid (for example, the identity information provided by the user online, such as the ID number, name, password, etc., corresponding to the IIC If the information is consistent, that is, valid, the AC assigns an account, password, and AID to the User;
- the AC sends a registration request response message to the ASN.
- the ASN is attached to the AID of the user, and the AID mapping table with the public device is created, and the mapping relationship is sent to the ILR.
- S770 The ASN sends a registration response message to the User, carrying the AID of the User. If the registration is successful, the AID of the User is virtualized into the AID of the public device. Thereafter, the AID of all User's network behavior is this virtual AID.
- the method and system for accessing a network on a public device utilizes the uniqueness of the entire network of the user AID to implement the user accessing the network on the public device, and uses the above implementation scheme to fully utilize the identity identifier and the location identifier.
- the superiority of the network is separated, and the users accessing the network on the public device can be effectively tracked and traced based on the unique AID of the whole network.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Description
Claims
Priority Applications (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP10843735.1A EP2512089B1 (en) | 2010-01-20 | 2010-10-19 | Method and system for accessing network through public equipment |
ES10843735T ES2776475T3 (es) | 2010-01-20 | 2010-10-19 | Método y sistema para acceder a una red a través de un equipo público |
JP2012549235A JP5451903B2 (ja) | 2010-01-20 | 2010-10-19 | 公共設備においてネットワークにアクセスする方法及びシステム |
US13/520,609 US8661517B2 (en) | 2010-01-20 | 2010-10-19 | Method and system for accessing network through public equipment |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201010002849.4 | 2010-01-20 | ||
CN201010002849.4A CN102130887B (zh) | 2010-01-20 | 2010-01-20 | 一种在公共设备上接入网络的方法及系统 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2011088695A1 true WO2011088695A1 (zh) | 2011-07-28 |
Family
ID=44268779
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2010/077882 WO2011088695A1 (zh) | 2010-01-20 | 2010-10-19 | 一种在公共设备上接入网络的方法及系统 |
Country Status (7)
Country | Link |
---|---|
US (1) | US8661517B2 (zh) |
EP (1) | EP2512089B1 (zh) |
JP (1) | JP5451903B2 (zh) |
KR (1) | KR20120094958A (zh) |
CN (1) | CN102130887B (zh) |
ES (1) | ES2776475T3 (zh) |
WO (1) | WO2011088695A1 (zh) |
Families Citing this family (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102130975A (zh) * | 2010-01-20 | 2011-07-20 | 中兴通讯股份有限公司 | 一种用身份标识在公共设备上接入网络的方法及系统 |
CN104579969B (zh) * | 2013-10-29 | 2019-04-23 | 中兴通讯股份有限公司 | 报文发送方法及装置 |
CN105991785A (zh) * | 2015-02-09 | 2016-10-05 | 中兴通讯股份有限公司 | 网络接入用户的追踪方法及装置 |
CN105610841B (zh) * | 2015-12-31 | 2020-10-23 | 国网智能电网研究院 | 一种基于可溯源的用户信息认证方法 |
CN111970178B (zh) * | 2019-05-20 | 2022-06-14 | 青岛海尔电冰箱有限公司 | 家用电器的通信控制方法及系统 |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101119206A (zh) * | 2007-09-13 | 2008-02-06 | 北京交通大学 | 基于标识的一体化网络终端统一接入控制方法 |
CN101123536A (zh) * | 2007-09-19 | 2008-02-13 | 北京交通大学 | 实现一体化网络位置管理的方法 |
CN101127663A (zh) * | 2007-09-13 | 2008-02-20 | 北京交通大学 | 一种移动自组织网络接入一体化网络的系统及方法 |
Family Cites Families (20)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6327037B1 (en) * | 1997-11-12 | 2001-12-04 | Chien Chou | Optical rotation angle polarimeter |
GB2349244A (en) * | 1999-04-22 | 2000-10-25 | Visage Developments Limited | Providing network access to restricted resources |
WO2001071984A1 (en) * | 2000-03-20 | 2001-09-27 | At & T Corporation | Method and apparatus for coordinating a change in service provider between a client and a server with identity based service access management |
CN1243434C (zh) * | 2002-09-23 | 2006-02-22 | 华为技术有限公司 | 基于远程认证的网络中实现eap认证的方法 |
SG108326A1 (en) | 2002-10-16 | 2005-01-28 | Ntt Docomo Inc | Service verifying system, authentication requesting terminal, service utilizing terminal, and service providing method |
KR100645512B1 (ko) | 2004-09-30 | 2006-11-15 | 삼성전자주식회사 | 통신 시스템에서 네트워크 접속에 대한 사용자 인증 장치및 그 방법 |
US7778199B2 (en) * | 2005-02-19 | 2010-08-17 | Cisco Technology, Inc. | Techniques for customer self-provisioning of edge nodes for a virtual private network |
CN1852094B (zh) * | 2005-12-13 | 2010-09-29 | 华为技术有限公司 | 网络业务应用账户的保护方法和系统 |
CN100571125C (zh) * | 2005-12-30 | 2009-12-16 | 上海贝尔阿尔卡特股份有限公司 | 一种用于用户设备与内部网络间安全通信的方法及装置 |
US8064357B2 (en) * | 2006-02-06 | 2011-11-22 | At&T Intellectual Property I, L.P. | Methods, DSL modems, and computer program products for provisioning DSL service using downloaded username/password |
CN101175067A (zh) * | 2006-11-02 | 2008-05-07 | 华为技术有限公司 | 一种网络安全实现系统及方法 |
US9003488B2 (en) * | 2007-06-06 | 2015-04-07 | Datavalet Technologies | System and method for remote device recognition at public hotspots |
EP2051473B1 (en) * | 2007-10-19 | 2018-04-25 | Deutsche Telekom AG | Method and system to trace the ip traffic back to the sender or receiver of user data in public wireless networks |
JP4993122B2 (ja) * | 2008-01-23 | 2012-08-08 | 大日本印刷株式会社 | プラットフォーム完全性検証システムおよび方法 |
US20090258637A1 (en) * | 2008-04-11 | 2009-10-15 | Beijing Focus Wireless Media Technology Co., ltd. | Method for user identity tracking |
US20100125891A1 (en) * | 2008-11-17 | 2010-05-20 | Prakash Baskaran | Activity Monitoring And Information Protection |
CN102025589B (zh) * | 2009-09-18 | 2015-04-01 | 中兴通讯股份有限公司 | 虚拟专用网络的实现方法及系统 |
CN102035813B (zh) * | 2009-09-30 | 2016-01-20 | 中兴通讯股份有限公司 | 端到端呼叫的实现方法、端到端呼叫终端及系统 |
CN102130975A (zh) * | 2010-01-20 | 2011-07-20 | 中兴通讯股份有限公司 | 一种用身份标识在公共设备上接入网络的方法及系统 |
CN102131197B (zh) * | 2010-01-20 | 2015-09-16 | 中兴通讯股份有限公司 | 一种在公共设备上接入网络的方法及系统 |
-
2010
- 2010-01-20 CN CN201010002849.4A patent/CN102130887B/zh not_active Expired - Fee Related
- 2010-10-19 KR KR1020127018790A patent/KR20120094958A/ko not_active Application Discontinuation
- 2010-10-19 ES ES10843735T patent/ES2776475T3/es active Active
- 2010-10-19 WO PCT/CN2010/077882 patent/WO2011088695A1/zh active Application Filing
- 2010-10-19 JP JP2012549235A patent/JP5451903B2/ja not_active Expired - Fee Related
- 2010-10-19 EP EP10843735.1A patent/EP2512089B1/en active Active
- 2010-10-19 US US13/520,609 patent/US8661517B2/en not_active Expired - Fee Related
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101119206A (zh) * | 2007-09-13 | 2008-02-06 | 北京交通大学 | 基于标识的一体化网络终端统一接入控制方法 |
CN101127663A (zh) * | 2007-09-13 | 2008-02-20 | 北京交通大学 | 一种移动自组织网络接入一体化网络的系统及方法 |
CN101123536A (zh) * | 2007-09-19 | 2008-02-13 | 北京交通大学 | 实现一体化网络位置管理的方法 |
Non-Patent Citations (1)
Title |
---|
See also references of EP2512089A4 * |
Also Published As
Publication number | Publication date |
---|---|
ES2776475T3 (es) | 2020-07-30 |
JP2013517718A (ja) | 2013-05-16 |
EP2512089A4 (en) | 2013-06-19 |
EP2512089A1 (en) | 2012-10-17 |
KR20120094958A (ko) | 2012-08-27 |
US8661517B2 (en) | 2014-02-25 |
JP5451903B2 (ja) | 2014-03-26 |
US20120278874A1 (en) | 2012-11-01 |
CN102130887A (zh) | 2011-07-20 |
CN102130887B (zh) | 2019-03-12 |
EP2512089B1 (en) | 2019-12-18 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US9954868B2 (en) | System and method to associate a private user identity with a public user identity | |
WO2011088693A1 (zh) | 一种在公共设备上接入网络的方法及系统 | |
CN103067337B (zh) | 一种身份联合的方法、IdP、SP及系统 | |
WO2011088694A1 (zh) | 一种在公共设备上接入网络的方法及系统 | |
JP2009163546A (ja) | ゲートウェイ、中継方法及びプログラム | |
WO2011088695A1 (zh) | 一种在公共设备上接入网络的方法及系统 | |
WO2011079650A1 (zh) | 即时通讯控制的实现方法和系统 | |
JP4080402B2 (ja) | 名前解決・認証方法及び装置 | |
JP3953963B2 (ja) | 認証機能付きパケット通信装置、ネットワーク認証アクセス制御サーバ、および分散型認証アクセス制御システム | |
JP4152753B2 (ja) | ネットワーク認証アクセス制御サーバ、アプリケーション認証アクセス制御サーバ、および統合型認証アクセス制御システム | |
WO2011035577A1 (zh) | 一种实现行业应用平台异地多媒体消息发送的方法及系统 | |
WO2012037759A1 (zh) | 一种数据传输的方法及永远在线网关系统 | |
KR100986326B1 (ko) | 로밍 사용자 세션 관리 방법 | |
WO2011054230A1 (zh) | 电子公告板管理方法、系统、终端和服务器 | |
WO2009092225A1 (zh) | 网络信息获取方法及通讯系统以及相关设备 | |
WO2011054232A1 (zh) | 电子公告板管理方法、系统、终端和服务器 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 10843735 Country of ref document: EP Kind code of ref document: A1 |
|
WWE | Wipo information: entry into national phase |
Ref document number: 13520609 Country of ref document: US |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2010843735 Country of ref document: EP |
|
ENP | Entry into the national phase |
Ref document number: 20127018790 Country of ref document: KR Kind code of ref document: A |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2012549235 Country of ref document: JP |