58 results about "Digest access authentication" patented technology

The invention discloses a method, a device and a system of access authentication, belonging to the field of computer technologies. The method of access authentication comprises the following steps that a device identification of a visited device is obtained; the device identification and a user account of an access device are transmitted to a third-party device, and the third-party device is used for transmitting an authentication request to a login end when the device identification is bound with a user account and the user account is different from the user account of the access device, and transmitting an access password of the visited device to the access device after the access allowed response fed back by the login end is received; and the visited device is visited by the received access password. Through carrying out authentication on the login end in the third-party device, after authentication is successful, the access password is transmitted to the access device, and the access device visits the visited device according to the access password; the problems that a user needs to manually input the access password on a mobile phone App to cause an illegal user to obtain the access password easily and have worse safety are solved; the effect of improving safety of the visited device is achieved.

The utility model relates to a method for user access verifying, which comprises: during the access verifying process, the user sends a request to the network, which sends a random number back to the user; the user adopts the random number and the user password to perform the encryption calculating and transmits the encryption result to the network; the network adopts the random number and the stored user password to perform the same encryption calculating to verify the user; if the verification is passed, the user is accessed into the network through the IP address distributed by the DHCP server. The utility model has the advantages that the password transmission is safer, the waste of the IP address is avoided and the attack from the illegal user is also effectively avoided.

The invention discloses a wireless local area network two-way access authentication system and method based on identity certificates. The wireless local area network two-way access authentication system comprises access routers arranged in a safety area and further comprises an identity certificate management server and an authentication server. The identity certificate management server is used for managing the identity certificates of entities in the safety area, namely, issuing the identity certificates and maintaining the identity certificates. The authentication server is used for authenticating access certification application of mobile subscribers and completing shared key negotiation with the mobile subscribers. The access routers are used for controlling whether the mobile subscribers have access to the wireless local area network or not according to the authentication result fed back from the authentication server and receiving and forwarding authentication information between the mobile subscribers and the authentication server. According to the wireless local area network two-way access authentication system and method, in an autonomous security domain, two-way access authentication and secret key negotiation between the mobile subscribers and the accessed network can be achieved, efficient access authentication conducted when the mobile subscribers switch between the different access routers is supported, and the access authentication efficiency is improved.

The invention relates to a method for safe accessing of a wireless metropolitan area network, which comprises an authenticating step and a session key negotiating step. The authenticating step comprises that: a subscriber station SS sends a request message for access authentication to a base station BS; the BS sends a request message for certificate authentication to an authentication server AS; the AS verifies the request message for certificate authentication and sends a response message for certificate authentication to the BS; the BS verifies the validity of the identity of the SS according to the response message for certificate authentication; if the SS is valid, the BS sends the response message for access authentication to the SS; the SS verifies the validity of the BS according to the response message for access authentication; if the BS is valid, the SS uses the encryption certificate key of the SS to decrypt the material of authentication key. The SS signing certificate in the proposal is used for stating the identity and the SS encrypting certificate is used for encrypting and decrypting the material of authentication key so as to reduce the risk that the key is decrypted; through verifying the certificates of the BS and the SS by the AS, authentication for the subscriber station SS and the base station BS is realized and security level is improved.

The present invention relates to a method, a device and a system that can realize the access authentication. A network node initiates an access authentication operation with an authentication server, which performs an authentication processing on the access authentication operation initiated by the network node; after the network passes the authentication and is authorized as a trusted node, a user connected to the trusted node initiates an access authentication operation via the trusted node, and the authentication server performs an authentication processing on the access authentication operation initiated by the user. Meanwhile, the trusted node utilizes the received control information released by a policy server to perform various control operations on the user. The present invention enables service providers to pointedly carry out accounting and charging on different users under a network node according to different service circumstances and prevents sham users; and the network node can perform the corresponding management operations on the policy information and an admission control list and can locally monitor the service level agreement nearby.

The invention relates to a 3G/WiFi network access authentication system and an achieving method of the 3G/WiFi network access authentication system. A user searches for available network hot spot information nearby through a hot spot management module, the available network hot spot information nearby is pushed to the user through a hot spot information push module, the user is reminded of an available WiFi network through a terminal WLAN/3G/LTE management module, and the user starts a WLAN to be automatically connected with the network. Through a network search and access module, the user acquires corresponding operator Internet surfing account passwords from all operator account management modules, and logs in by inputting the passwords. Through a network authentication module, access is achieved through user information authentication. Through a user timekeeping/accounting management module, after user connection succeeds, timekeeping/accounting management is carried out on the Internet surfing behavior of the user, and when the user has no Internet surfing duration, the user is offline. When the user needs to buy the Internet surfing duration, interaction is carried out through a payment capacity sealing module and a payment platform module. A user management module stores and manages user information.

A two-way access authentication method comprises: According to the system parameters pre-established by the third entity, the first entity sends the access authentication request packet to the second entity, then the second entity validates whether the signature of first entity is correct, and if yes, the share master key of second entity is calculated; the second entity generates the access authentication response packet and sends it to the first entity, then the first entity validates whether the signature of access authentication response packet and the message integrity check code are correct; if yes, the share master key of first entity is calculated; the first entity sends the access authentication acknowledge packet to the second entity, then the second entity validates the integrity of the access authentication acknowledge packet, if passing the validation, the share master key of first entity is consistent with that of the second entity, and the access authentication is achieved. For improving the security, after received the access authentication request packet sent by the first entity, the second entity may perform the identity validity validation and generates the access authentication response packet after passing the validation.

The invention discloses a method for identifying physical uniqueness of blocking-attacking resistant in-net terminal and a terminal access authentication system, which belongs to a method for a user terminal to access a communication service network and a system realizing the same. The invention is characterized in that the method divides the exchanging process of bi-direction messages for determining the legal identity of the user terminal into the following six steps: a network access terminal broadcasts the turbulence intensity of keys and an effective in-net time window; the in-net user terminal initiates an in-net request at an appointed time window; the network access terminal sends a terminal login token in a ciphertext mode; the in-net user terminal attempts to decode a response message; the in-let user terminal passes back terminal login token identifying information to the network access terminal; and the network access terminal verifies the terminal login token identifying information.

The invention discloses a method for realizing access authentication and a client. The method comprises that: the client determines a plurality of authentication protocols adopted for access authentication of a user; and the client performs access authentication of the user by using the plurality of authentication protocols. The method can enable a user to access by using the plurality of protocols, thereby effectively enhancing the flexibility of access authentication and improving the rate of successful accesses on the premise of ensuring the safety of access authentication.

The invention discloses a user authentication method. The method comprises the following steps: an access server stores a binding relationship between a network address of a client and a user identification after the client finishes internet access authentication; an authentication server obtains the user identification corresponding to the network address of the client from the access server according to the network address of the client obtained by a service side when the client requests a page; the authentication server transmits an authentication user identification to the service side, and the server side generates the page requested by the client according to the authentication user identification. The invention also simultaneously discloses a user authentication system. By adopting the user authentication method and the user authentication system, the security of internet business can be improved when fussy logging of the user and access authentication are reduced.

The invention discloses a VoWiFi business achieving method, system and an AAA server. The method comprises the steps that the EAP-AKA authentication requests initiated by UE are verified by the AAA server, if the verification is passed, a first authentication success information is returned to the UE and the EAP-AKA authorized authentication success information of the UE is saved; the IKE-Auther-Request information initiated by the UE is verified by the AAA server, if the EAP-AKA authorized authentication success information of the UE is saved in the AAA server, the verification is passed. The VoWiFi business achieving method, system and the AAA server can avoid the problem of a second time billing of the WiFi data stream and the VoWiFi voice data stream and the WiFi business stream passing through the P-GW device twice, through the saving of the EAP-AKA authorized authentication success information of a user on 3GPP-AAA at the time of crediting the WiFi access authentication, a second time EAP-AKA authentication is no longer needed when the S2b is being authenticated, and the time delay and the system computation amount at the authentication of the user are effectively reduced.

The invention discloses a method for network access authentication. The method for network access authentication comprises: a password generation device generates an authentication password according to a preset password seed, a current serial number and the current time; an authentication device receives the authentication password input by a user and checks the authentication password according to a preset check password; and if the authentication password is checked successfully, the network access authentication is successful, and the authentication device enables the user to access a network. The invention also discloses a system for network access authentication. The authentication password is generated at the same time with the current serial number, that is, only a queuing user can obtain the authentication password, thus network freeloading behaviors can be avoided; and moreover, there is no need to execute authentication in a short message mode, no charge is caused, and thus the cost of the authentication device is reduced.

A method of one-way access authentication is disclosed. The method includes the following steps. According to system parameters set up by a third entity, a second entity sends an authentication request and key distribution grouping message to a first entity. The first entity verifies the validity of the message sent from the second entity, and if it is valid, the first entity generates authentication and key response grouping message and sends it to the second entity, which verifies the validity of the message sent from the first entity, and if it is valid, the second entity generates the authentication and key confirmation grouping message and sends the message to the first entity. The first entity verifies the validity of the authentication and key conformation grouping message, and if it is valid, the authentication succeeds and the key is regarded as the master key of agreement.

The invention provides a method for carrying out access authentication based on WEB, which comprises the following steps: S1, a user inquires the IP address of a domain name from a DNS server; S2, theDNS server answers, informs the user that the IP address of the domain name is A.B.C.D; S3, a user establishes a TCP connection with a website server with an IP address of A.B.C.D; S4, the user sendsHTTP GET/POST request to the web server with IP address A.B.C.D, but the request is intercepted by the network access device; S5, the network access device masquerades as the website server with theIP address A.B.C.D to reply to the user, and returns the HTTP 302 response message to the user. The invention also provides a system for accessing authentication based on WEB. The invention has the beneficial effect that an access authentication scheme which is supported by wireless wires and does not require additional installation of clients is provided.

The invention discloses a method and device for achieving access authentication of a wireless local area network, and belongs to the field of wireless communication. The method comprises the steps of carrying out a connectivity test on an access point with an access mode of wireless fidelity access, opening a login program if the connectivity test fails, and automatically calling a system browser or a browser control through the login program to open a login page to enable a user to achieve the login operation of the wireless local area network in the login page. The device comprises a first testing module and a login module. According to the method and device for achieving the access authentication of the wireless local area network, the system browser or the browser control is automatically called through the login program to open the login page, the user is made to achieve the login operation of the wireless local area network in the login page, the fact that an uniformed mode is used for carrying out authentication on the WIFI access is achieved, the user can also be made to achieve a login process in an original login page, the cognition of the user on an access network is facilitated, and the experience of the user is improved.