CN105162798A - Security authentication method for proprietary network access of intelligent terminal - Google Patents
Security authentication method for proprietary network access of intelligent terminal Download PDFInfo
- Publication number
- CN105162798A CN105162798A CN201510617098.XA CN201510617098A CN105162798A CN 105162798 A CN105162798 A CN 105162798A CN 201510617098 A CN201510617098 A CN 201510617098A CN 105162798 A CN105162798 A CN 105162798A
- Authority
- CN
- China
- Prior art keywords
- visitor
- terminal
- identity
- intelligent terminal
- administrative center
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/102—Entity profiles
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Power Engineering (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention discloses a security authentication method for proprietary network access of an intelligent terminal. The method is specifically implemented according to the following steps that: 1, identity of a visitor allowed to access a proprietary network with the intelligent terminal is registered, and identity of the intelligent terminal used by the visitor allowed to access is registered; 2, an administrator performs terminal distribution through a WEB management center; and 3, when the visitor accesses the network with the intelligent terminal, the WEB management center judges the identity of the visitor and the legitimacy of the terminal according to identity registration information and distribution information, and performs authorization. According to the method, identity authentication and authority management of the visitor and the terminal are realized through registration, correlation, authentication and authorization services, so that the problem that valid visitor identity authentication and terminal legitimacy authentication cannot be performed in the prior art is solved.
Description
Technical field
The present invention relates to communication equipment network secure access technical field, particularly relate to the safety certifying method of a kind of intelligent terminal proprietary network access.
Background technology
The office of current government department, enterprises and institutions and commercial affairs work are all just at cloud computing and mobile interchange, and mobile office becomes one of important form of office process.Due to popularizing of the intelligent terminal such as smart phone and panel computer, clerical workforce gets used to using the intelligent terminal of oneself to carry out Business Processing, and government department, enterprises and institutions also start to accept employee's use and carry out having handled official business its work from carrying device.Thing followed proprietary network access security problem also highlights, and the identification authentication mode based on traditional password cannot meet and judge demand to visitor's terminal legality.Although there are some on the market simply based on the security hardening scheme of mobile terminal device itself, the visitor that these schemes still cannot solve existence when intelligent terminal carries out access to netwoks has authorized and the decision problem of terminal legality.
Summary of the invention
The object of this invention is to provide the safety certifying method of a kind of intelligent terminal proprietary network access, when solving the intelligent terminal access proprietary network existed in prior art, relevant visitor authorizes and terminal legality decision problem.
The technical solution adopted in the present invention is, a kind of safety certifying method of intelligent terminal proprietary network access, specifically implements according to following steps:
Step 1, identity registration is carried out to allowing the visitor utilizing intelligent terminal to access proprietary network, and terminal identity registration is carried out to the intelligent terminal allowing the visitor of access to use: keeper is by WEB administrative center to the visitor person of the conducting interviews identity registration allowing accesses network, and keeper carries out terminal identity registration by WEB administrative center to intelligent terminal;
Step 2, keeper carries out terminal distribution by WEB administrative center;
Step 3, when visitor uses intelligent terminal accesses network, WEB administrative center judges according to identity registration information and point legitimacy of photos and sending messages to visitor's identity and terminal and authorizes; If visitor's identity information to have registered in step 1 and the identity information of intelligent terminal is chartered information in step 1, visitor and intelligent terminal information carry out authentication associated information by distribution in step 2 simultaneously, then WEB administrative center is authorized visitor and intelligent terminal; Otherwise, carry out denial of service process.
Feature of the present invention is also,
Keeper in step 1 and step 2 refers to the personnel or role using WEB administrative center to authorize web visitor and terminal equipment specially and to manage.
Feature of the present invention is also,
WEB administrative center in step 1,2,3 refers to that one is specially carried out registering for visitor and intelligent terminal and the instrument of allocation manager, can the person's of conducting interviews identity registration, intelligent terminal registration and terminal distribution.
Visitor's identity registration in step 1 refers to that keeper uses WEB administrative center record access person identity information, carries out access rights setting for its distribution network access credentials; Terminal identity registration in step 1 refers to that keeper uses WEB administrative center to record the characteristic information of terminal, accesses and install authentication service application for its distribution network.
Terminal distribution in step 2 refers to, keeper uses WEB administrative center that chartered visitor and terminal are carried out Identity Association.
Visitor's identity in step 3 and the legitimacy of terminal are carried out judgement and are referred to, WEB administrative center uses identity registration information and point photos and sending messages by identity authentication service, the identity of visitor and terminal equipment and access rights are carried out to certification and carried out authorization of service.
Beneficial effect of the present invention is as follows:
The invention provides the safety certifying method of a kind of intelligent terminal proprietary network access, realized authentication and the rights management of visitor and terminal by registration, association, certification and authorization service, solve the problem that prior art cannot carry out effective visitor's authentication and terminal legality certification.
Accompanying drawing explanation
Fig. 1 is method flow diagram of the present invention;
Fig. 2 is the safety certifying method structure chart of embodiment of the present invention intelligent terminal proprietary network access;
Fig. 3 is the safety certifying method implementation procedure figure of embodiment of the present invention intelligent terminal proprietary network access.
Embodiment
In order to make object of the present invention, technical scheme and advantage clearly understand, below in conjunction with the drawings and specific embodiments, the present invention is elaborated further.
Fig. 1 shows the flow process of the safety certifying method of intelligent terminal proprietary network of the present invention access, the safety certifying method of intelligent terminal proprietary network access, specifically implements according to following steps:
Step 1, identity registration is carried out to allowing the visitor utilizing intelligent terminal to access proprietary network, and terminal identity registration is carried out to the intelligent terminal allowing the visitor of access to use: keeper is by WEB administrative center to the visitor person of the conducting interviews identity registration allowing accesses network, and keeper carries out terminal identity registration by WEB administrative center to intelligent terminal;
Step 2, keeper carries out terminal distribution by WEB administrative center;
Step 3, when visitor uses intelligent terminal accesses network, WEB administrative center judges according to identity registration information and point legitimacy of photos and sending messages to visitor's identity and terminal and authorizes; If visitor's identity information to have registered in step 1 and the identity information of intelligent terminal is chartered information in step 1, visitor and intelligent terminal information carry out authentication associated information by distribution in step 2 simultaneously, then WEB administrative center is authorized visitor and intelligent terminal; Otherwise, carry out denial of service process.
Keeper in step 1 and step 2 refers to the personnel or role using WEB administrative center to authorize web visitor and terminal equipment specially and to manage.
WEB administrative center in step 1,2,3 refers to that one is specially carried out registering for visitor and intelligent terminal and the instrument of allocation manager, can the person's of conducting interviews identity registration, intelligent terminal registration and terminal distribution.
Visitor's identity registration in step 1 refers to that keeper uses WEB administrative center record access person identity information, carries out access rights setting for its distribution network access credentials; Terminal identity registration in step 1 refers to that keeper uses WEB administrative center to record the characteristic information of terminal, accesses and install authentication service application for its distribution network.
Terminal distribution in step 2 refers to, keeper uses WEB administrative center that chartered visitor and terminal are carried out Identity Association.
Visitor's identity in step 3 and the legitimacy of terminal are carried out judgement and are referred to, WEB administrative center uses identity registration information and point photos and sending messages by identity authentication service, the identity of visitor and terminal equipment and access rights are carried out to certification and carried out authorization of service.
The present invention is the safety certifying method of a kind of intelligent terminal proprietary network access, and as shown in Figure 2, the bottom is data access interface to overall construction drawing; The second layer is serviced component, and this layer uses identify label generation, certification, session etc. to serve as the application component of application layer provides support; Third layer is application layer, and keeper or event trigger call underlying services by this layer and to finish the work affairs.
The safety certifying method of the intelligent terminal proprietary network access of the present embodiment can carry out according to shown in Fig. 3, specifically implements according to following steps:
Step 1, to allowing the visitor utilizing intelligent terminal to access proprietary network to carry out identity registration, and carries out terminal identity registration to the intelligent terminal allowing the visitor of access to use.
1.1, keeper is by visitor the conduct interviews person identity registration of WEB administrative center to permission accesses network.The visitor information registration of WEB administrative center calls identify label generate service-creation visitor's unique identity and it served stored in associated databases by authentication information metadata access.
1.2, keeper carries out terminal identity registration by WEB administrative center to intelligent terminal.The end message registration of WEB administrative center calls identify label generate service-creation terminal unique identity and it served stored in associated databases by authentication information metadata access.
Step 2, keeper carries out terminal distribution by WEB administrative center.The terminal distribution of WEB administrative center calls distribution services create related information and it served stored in associated databases by authentication information metadata access.
Step 3, when the visitor succeeded in registration uses the intelligent terminal succeeded in registration to access proprietary network, WEB administrative center authentication gateway is that invokes authentication service and authorization service are extracted the legitimacy of corresponding information to visitor's identity and terminal by the service of authentication information metadata access and judged, authorize by after call conversational services and create network and to connect and by access to netwoks conversation metadata access services recorded information.
The safety certifying method of intelligent terminal proprietary network access of the present invention, realizes authentication and the rights management of visitor and terminal by registration, association, certification and authorization service, it is convenient, efficiently feasible to implement.
Claims (6)
1. a safety certifying method for intelligent terminal proprietary network access, is characterized in that, specifically implement according to following steps:
Step 1, identity registration is carried out to allowing the visitor utilizing intelligent terminal to access proprietary network, and terminal identity registration is carried out to the intelligent terminal allowing the visitor of access to use: keeper is by WEB administrative center to the visitor person of the conducting interviews identity registration allowing accesses network, and keeper carries out terminal identity registration by WEB administrative center to intelligent terminal;
Step 2, keeper carries out terminal distribution by WEB administrative center;
Step 3, when visitor uses intelligent terminal accesses network, WEB administrative center judges according to identity registration information and point legitimacy of photos and sending messages to visitor's identity and terminal and authorizes; If visitor's identity information to have registered in step 1 and the identity information of intelligent terminal is chartered information in step 1, visitor and intelligent terminal information carry out authentication associated information by distribution in step 2 simultaneously, then WEB administrative center is authorized visitor and intelligent terminal; Otherwise, carry out denial of service process.
2. the safety certifying method of a kind of intelligent terminal proprietary network access according to claim 1, it is characterized in that, the keeper in described step 1 and step 2 refers to the personnel or role using WEB administrative center to authorize web visitor and terminal equipment specially and to manage.
3. the safety certifying method of a kind of intelligent terminal proprietary network access according to claim 1, it is characterized in that, WEB administrative center in described step 1,2,3 refers to that one is specially carried out registering for visitor and intelligent terminal and the instrument of allocation manager, can the person's of conducting interviews identity registration, intelligent terminal registration and terminal distribution.
4. the safety certifying method of a kind of intelligent terminal proprietary network access according to claim 1, it is characterized in that, visitor's identity registration in step 1 refers to that keeper uses WEB administrative center record access person identity information, carries out access rights setting for its distribution network access credentials; Terminal identity registration in step 1 refers to that keeper uses WEB administrative center to record the characteristic information of terminal, accesses and install authentication service application for its distribution network.
5. the safety certifying method of a kind of intelligent terminal proprietary network access according to claim 1, is characterized in that, the terminal distribution in described step 2 refers to, keeper uses WEB administrative center that chartered visitor and terminal are carried out Identity Association.
6. the safety certifying method of a kind of intelligent terminal proprietary network access according to claim 1, it is characterized in that, visitor's identity in described step 3 and the legitimacy of terminal are carried out judgement and are referred to, WEB administrative center uses identity registration information and point photos and sending messages by identity authentication service, the identity of visitor and terminal equipment and access rights are carried out to certification and carried out authorization of service.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510617098.XA CN105162798A (en) | 2015-09-24 | 2015-09-24 | Security authentication method for proprietary network access of intelligent terminal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510617098.XA CN105162798A (en) | 2015-09-24 | 2015-09-24 | Security authentication method for proprietary network access of intelligent terminal |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN105162798A true CN105162798A (en) | 2015-12-16 |
Family
ID=54803552
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510617098.XA Pending CN105162798A (en) | 2015-09-24 | 2015-09-24 | Security authentication method for proprietary network access of intelligent terminal |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105162798A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109218318A (en) * | 2018-09-25 | 2019-01-15 | 北京镇远网安科技有限公司 | A kind of things-internet gateway login detecting method based on equipment knowledge |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2002003178A2 (en) * | 2000-06-30 | 2002-01-10 | Internet Security Systems, Inc. | Method and apparatus for network assessment and authentication |
| CN102932785A (en) * | 2011-08-12 | 2013-02-13 | 中国移动通信集团浙江有限公司 | Rapid authentication method, system and equipment of wireless local area network |
| US20140201813A1 (en) * | 2011-04-27 | 2014-07-17 | International Business Machines Corporation | Enhancing directory service authentication and authorization using contextual information |
| CN104080085A (en) * | 2014-07-15 | 2014-10-01 | 中国电建集团华东勘测设计研究院有限公司 | Double authentication method, device and system for wireless network access |
| CN104601602A (en) * | 2015-02-26 | 2015-05-06 | 北京成众志科技有限公司 | Terminal device network security enhanced access and authentication method |
| CN104754582A (en) * | 2013-12-31 | 2015-07-01 | 中兴通讯股份有限公司 | Client and method for maintaining BYOD (Bring Your Own Device) safety |
-
2015
- 2015-09-24 CN CN201510617098.XA patent/CN105162798A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2002003178A2 (en) * | 2000-06-30 | 2002-01-10 | Internet Security Systems, Inc. | Method and apparatus for network assessment and authentication |
| US20140201813A1 (en) * | 2011-04-27 | 2014-07-17 | International Business Machines Corporation | Enhancing directory service authentication and authorization using contextual information |
| CN102932785A (en) * | 2011-08-12 | 2013-02-13 | 中国移动通信集团浙江有限公司 | Rapid authentication method, system and equipment of wireless local area network |
| CN104754582A (en) * | 2013-12-31 | 2015-07-01 | 中兴通讯股份有限公司 | Client and method for maintaining BYOD (Bring Your Own Device) safety |
| CN104080085A (en) * | 2014-07-15 | 2014-10-01 | 中国电建集团华东勘测设计研究院有限公司 | Double authentication method, device and system for wireless network access |
| CN104601602A (en) * | 2015-02-26 | 2015-05-06 | 北京成众志科技有限公司 | Terminal device network security enhanced access and authentication method |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109218318A (en) * | 2018-09-25 | 2019-01-15 | 北京镇远网安科技有限公司 | A kind of things-internet gateway login detecting method based on equipment knowledge |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8855312B1 (en) | Mobile trust broker | |
| CN110120953B (en) | A railway passenger identity authentication system for smartphone client | |
| US8516259B2 (en) | Verifying authenticity of voice mail participants in telephony networks | |
| CN104158824B (en) | Genuine cyber identification authentication method and system | |
| CN108537046A (en) | A kind of online contract signature system and method based on block chain technology | |
| US20080181380A1 (en) | Proxy for authenticated caller name | |
| CN104735027B (en) | A kind of safety certifying method and authentication server | |
| CN104159225A (en) | Wireless network based real-name registration system management method and system | |
| CN104378210A (en) | Cross-trust-domain identity authentication method | |
| CN105591744A (en) | Network real-name authentication method and system | |
| CN103037366B (en) | Mobile phone users authentication method based on asymmetric cryptographic technique and mobile terminal | |
| TWI632798B (en) | Server, mobile terminal, and network real-name authentication system and method | |
| CN106230592A (en) | A kind of ELA electronics license node network system and control method | |
| JP2013097650A (en) | Authentication system, authentication method and authentication server | |
| CN105656859A (en) | Secure online upgrade method and system for tax control equipment software | |
| CN104038481A (en) | Communication method of power asset management master station system and RFID (radio frequency identification device) terminal | |
| CN109150547A (en) | A kind of system and method for the digital asset real name registration based on block chain | |
| CN107277812A (en) | A kind of wireless network authentication method and system based on Quick Response Code | |
| EP2160863A1 (en) | Multiple user authentications on a communications device | |
| CN109150800A (en) | Login access method, system and storage medium | |
| CN107454064A (en) | A kind of visitor's authentication method and system based on public number | |
| CN106130971A (en) | Identity identifying method and certificate server | |
| CN104657856A (en) | Smart mobile client payment method and server system based on location authentication | |
| CN102083066B (en) | Unified safety authentication method and system | |
| CN103401686A (en) | User Internet identity authentication system and application method thereof |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20151216 |