Method, device and system for identifying IP session

A session identification and identification technology, which is applied in the field of communication, can solve the problems of security risks, attackers forging IP addresses or MAC address counterfeiting, etc., and achieve the effect of improving security

Active Publication Date: 2010-06-09
HUAWEI TECH CO LTD
View PDF5 Cites 12 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] In the prior art, the data communication process of IP Session has no coupling relationship with the authentication process / IP address allocation process, and it is easy to happen that although the authentication is passed, in the data communication process of IP Session, it is still possible for the attacker to forge the IP address or MAC address. Counterfeit, there is a big security risk

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method, device and system for identifying IP session
  • Method, device and system for identifying IP session
  • Method, device and system for identifying IP session

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0034] Embodiments of the present invention provide an IP session identification method, device and system. The specific content of the technical solution is: set the IPv6Session ID domain in the IPv6 flow label (Flow label), or set the IPv6Session ID domain (for example, IPv6 address prefix) in the IPv6 address, and the IPv6Session ID in the user authentication / IP address After the allocation process is successful, it will be generated according to the rules agreed between the Subscriber and the operator, realizing the coupling of the IPv6Session with the authentication process / IP address allocation process.

[0035] The IPv6Session ID remains unchanged during the survival of the IP Session. BNG filters the received data packets for the IPv6Session ID, which effectively prevents attackers from forging IP addresses or MAC addresses, and solves the security of shared media access.

[0036] The following will clearly and completely describe the technical solutions in the embodim...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiment of the invention discloses a method, a device and a system for identifying an IP session. The method comprises the following steps of: generating an IP session identifier for the IP session in an authentication process and / or an IP address allocation process according a preset IP session identifier generating rule; judging whether a pre-set IP session identifier field in a receivedmessage of the IP session includes the IP session identifier according to the IP session identifier, wherein the IP session identifier is generated by user equipment according to the IP session identifier generating rule based on an IP session identifier parameter; allowing the message to pass when the pre-set IP session identifier field includes the IP session identifier; and discarding the message when the pre-set IP session identifier field does not include the IP session identifier. The technical scheme of the invention enables the IP session to establish a coupling relationship in a datacommunication process and the authentication process / the IP address allocation process so as to improve the safety of the IP session.

Description

technical field [0001] The present invention relates to the field of communication technology, in particular to an IP session identification method, device and system. Background technique [0002] In the access network, an IP session (session) represents a network access connection session associated with an IP address of a user (Subscriber / user) device, and an IP session and a point-to-point link layer protocol session (Point-to- Point Protocol Session (PPP Session) is peer-to-peer, and user equipment session (Subscriber Session) is a general term for IP Session and PPP Session. The PPP Session adopts a unique PPP survival detection mechanism, and the version 4 IP protocol (IP vision 4, IPv4) session adopts a unique bidirectional forwarding detection (Bidirectional Forwarding Detection, BFD) / Address Resolution Protocol (Address Resolution Protocol, ARP) survival detection mechanism. [0003] IP Session is usually terminated on IP edge device (IP Edge device), for example:...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/12H04L12/66
CPCH04L63/08H04L61/6059H04L61/6022H04L61/2015H04L61/103H04L63/164H04L29/08576H04L29/08621H04L63/0236H04L67/146H04L47/2483H04L67/14H04L61/5014H04L2101/622H04L2101/659
Inventor 郑若滨
Owner HUAWEI TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap