Method for authorizing user equipment migration and network access server

A technology for user equipment and network access, applied in the field of network security, which can solve problems such as unfavorable system operation and process security risks, and achieve the effect of preventing counterfeiting attacks and safeguarding rights

Active Publication Date: 2011-09-28
NEW H3C TECH CO LTD
View PDF2 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0023] It is not difficult to see from the above analysis that there are serious security risks in the processing flow of the existing technology when the physical connection state of the user equipment changes, which is not conducive to the normal and stable operation of the system.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for authorizing user equipment migration and network access server
  • Method for authorizing user equipment migration and network access server
  • Method for authorizing user equipment migration and network access server

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0040]In this section of the detailed description, there is shown and described the preferred embodiment of the invention by way of illustration only of the best mode contemplated by the inventors for carrying out the invention. As will be realized, the invention may be modified in various obvious respects without departing from the invention. Accordingly, the drawings and description are to be regarded as illustrative in nature and not restrictive.

[0041] In order to prevent the forgery attack initiated by the attacker, in the technical solution of the present invention, when assigning the IPv6 address / prefix, record the correspondence between the assigned IPv6 address / prefix and the MAC address of the NAS accessed by the user equipment; After the physical connection migration of the user equipment occurs, check whether there is a user equipment using the IPv6 address / prefix under the original NAS according to the corresponding relationship. If it exists, refuse to generate...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method for authorizing user equipment migration and a network access server. The method includes the following steps: recording corresponding relations between a distributed IPv6 address / prefix and MAC address of NAS connected to user equipment; inquiring whether the user equipment which uses the IPv6 address / prefix of original NAS exists according to the corresponding relation after the user equipment performs a physical connection migration; if the user equipment exists, rejecting to generate a port binding table entry; if the user equipment does not exist, generating the port binding table entry in current connected NAS and allowing access of user equipment. Through the technical scheme of the invention, after the user equipment performs the physical connection migration, the security of authorization migration can be guaranteed and forgery attacks implemented by illegal user equipment during the process can be effectively prevented.

Description

technical field [0001] The invention relates to network security technology, in particular to a method for authorized migration of user equipment and a network access server. Background technique [0002] The Dynamic Host Configuration Protocol for IPv6 (DHCPv6, Dynamic Host Configuration Protocol for IPv6) is a protocol designed for the IPv6 addressing scheme to assign IPv6 addresses and other network configuration parameters to hosts. DHCPv6 adopts the client / server communication mode. The user equipment submits a configuration request to the server, and the server returns corresponding configuration information such as the IPv6 address assigned to the user equipment, so as to realize the dynamic configuration of information such as IP addresses. [0003] see figure 1 , figure 1 It is a basic flow chart of a user equipment requesting an IPv6 address / prefix from a DHCP server through a Network Access Server (NAS, Network Access Server) and accessing a network in the prior...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L12/56H04L29/06H04L29/12H04L45/74
Inventor 林涛
Owner NEW H3C TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap