CN113709741A - Authentication access system of local area network - Google Patents
Authentication access system of local area network Download PDFInfo
- Publication number
- CN113709741A CN113709741A CN202111117607.4A CN202111117607A CN113709741A CN 113709741 A CN113709741 A CN 113709741A CN 202111117607 A CN202111117607 A CN 202111117607A CN 113709741 A CN113709741 A CN 113709741A
- Authority
- CN
- China
- Prior art keywords
- terminal device
- authentication
- server
- access point
- identity
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000013475 authorization Methods 0.000 claims abstract description 65
- 230000002452 interceptive effect Effects 0.000 claims description 20
- 238000000605 extraction Methods 0.000 claims description 11
- 238000004891 communication Methods 0.000 claims description 8
- 239000000284 extract Substances 0.000 claims description 5
- 230000003993 interaction Effects 0.000 claims description 4
- 238000013507 mapping Methods 0.000 claims 1
- 238000013461 design Methods 0.000 abstract description 3
- 238000012423 maintenance Methods 0.000 abstract description 3
- 230000009286 beneficial effect Effects 0.000 abstract description 2
- 238000010586 diagram Methods 0.000 description 6
- 238000000034 method Methods 0.000 description 4
- 238000007726 management method Methods 0.000 description 2
- 210000001503 joint Anatomy 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 230000010076 replication Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
本发明公开一种局域网的认证接入系统,包括:无线接入点,连接多个终端设备,并接收接入请求;远程授权平台,连接至无线接入点并接收接入请求,判断是否允许终端设备接入,并返回第一认证结果;远程授权平台,远程授权平台向终端设备请求身份信息并通过无线接入点转发至身份认证服务器;身份认证服务器根据身份信息判断是否允许终端设备访问局域网内的第一资源,并生成第二认证结果。本发明的有益效果在于:通过设置无线接入点作为远程授权平台以及设置在局域网内的身份认证服务器的桥接节点,简化了系统设计,避免了现有技术中需要额外增设加密信道服务器的问题,降低了维护成本,使得系统整体使用更为便捷。
The invention discloses an authentication access system of a local area network, comprising: a wireless access point, which is connected to a plurality of terminal devices and receives an access request; a remote authorization platform, which is connected to the wireless access point, receives the access request, and judges whether to allow or not. The terminal device accesses, and returns the first authentication result; the remote authorization platform, the remote authorization platform requests identity information from the terminal device and forwards it to the identity authentication server through the wireless access point; the identity authentication server judges whether to allow the terminal device to access the local area network according to the identity information within the first resource and generate a second authentication result. The beneficial effects of the present invention are: by setting the wireless access point as the remote authorization platform and the bridging node of the identity authentication server in the local area network, the system design is simplified, and the problem of additionally adding an encrypted channel server in the prior art is avoided, It reduces maintenance costs and makes the overall use of the system more convenient.
Description
Technical Field
The invention relates to the technical field of network security, in particular to an authentication access system of a local area network.
Background
LDAP is a Lightweight Directory Access Protocol, generally referred to as LDAP for short, and is known as Lightweight Directory Access Protocol. The objective of LDAP birth is to respond quickly and to query in large capacity and to provide the information replication function of a multi-directory server, which is specially optimized for read-intensive operations, LDAP is based on the Internet protocol and runs directly on a simple and general TCP/IP or other reliable transport protocol layer, so that the establishment of connections and the processing of packets are simple and quick, and it is very convenient for the application of the Internet and enterprise networks. The LDAP server may be any one of the open source code or commercially available LDAP directory servers (or possibly a relational database with LDAP interfaces) because the same protocol, client connection software packages and query commands may be used to interact with the LDAP server, the entries in LDAP are organized and stored in a tree structure, and the basic model of LDAP is based on "entries" (Entry). An entry is a collection of one or more attributes and has a globally unique "distinguishable name" (denoted by dn). According to different implementation systems, the LDAP protocol implementation mainly comprises openldap based on a linux system and Active Directory based on a windows system. Currently, many enterprises often use an AD or an LDAP server to manage their employee information, and their wireless network management/authentication systems are all deployed in the cloud, in many scenarios, wireless security authentication requires that the authentication system can be connected to an Active Directory or LDAP server already deployed by the enterprise, and these servers generally have a private IP, and the authentication system cannot be integrated with any Active Directory/LDAP server through a private IP address.
In the prior art, a common solution to this problem is to connect a public network and an enterprise On-premise AD/LDAP server inside a tunnel by encrypting the tunnel, which requires that the enterprise has a very strong network management capability and needs to adjust the existing network planning, and the tunnel brings some loss to the communication performance. The additional VPN server is required to be added as a springboard to complete the butt joint of the enterprise On-premise AD/LDAP server and the cloud server.
Disclosure of Invention
In view of the above problems in the prior art, an authenticated access system for a local area network is provided.
The specific technical scheme is as follows:
an authenticated access system for a local area network, comprising:
the wireless access point is connected with a plurality of terminal devices and receives access requests of the terminal devices;
the remote authorization platform is connected to the wireless access point and receives the access request, judges whether the terminal equipment is allowed to access or not, and returns a first authentication result to the wireless access point;
when the terminal equipment initiates an access request, the wireless access point forwards the access request to the remote authorization platform, and the remote authorization platform requests identity information from the terminal equipment and forwards the identity information to an identity authentication server through the wireless access point;
the identity authentication server judges whether the terminal equipment is allowed to access the first resource in the local area network or not according to the identity information and generates a second authentication result;
and the remote authorization platform enables the terminal equipment to access the first resource through the wireless access point according to the second authentication result.
Preferably, the remote authorization platform comprises:
the authorization server is connected with the wireless access point and is used for judging whether the terminal equipment is allowed to initiate the access request or access the first resource;
the page server is connected with the terminal equipment and the wireless access point and is used for generating an interactive page;
the interactive page is used for inputting the identity information and sending feedback information whether the first resource can be accessed to the terminal equipment.
Preferably, the authorization server includes an authentication judgment sub-module, and the authentication judgment sub-module judges whether to allow the terminal device to initiate the access request through the wireless access point according to whether the terminal device is authenticated by the identity authentication server.
Preferably, the wireless access point includes a remapping sub-module, and when the terminal device fails to perform identity authentication by the identity authentication server, the remapping sub-module remaps a destination address of the access request to a connection address of the wireless access point;
and then the wireless access point returns the connection address of the page server to the terminal equipment so that the terminal equipment accesses the interactive page.
Preferably, the wireless access point has a credential extraction submodule;
when the terminal equipment sends the identity information, the wireless access point redirects the identity information to the certificate extraction submodule;
the certificate extraction submodule extracts an identity certificate from the identity information and forwards the identity certificate to the identity authentication server;
and the identity authentication server judges whether the terminal equipment is allowed to access the first resource or not according to the identity certificate and generates a second authentication result.
Preferably, a plurality of preset identity authentication information is stored in the identity authentication server;
the identity authentication server comprises an information comparison submodule;
and the information comparison sub-module compares the identity authentication information with the identity certificate one by one, and allows the terminal equipment to access the first resource when the identity authentication information consistent with the identity certificate exists.
Preferably, the wireless access point comprises a forwarding sub-module, when the identity authentication server determines to allow the terminal device to access the first resource,
the forwarding sub-module receives the second authentication result sent by the identity authentication server and forwards the second authentication result to the page server through the interactive page;
the page server comprises a communication submodule;
the communication sub-module forwards the second authentication result to the authorization server, so that the authorization server controls the wireless access point to allow the terminal device to access the first resource.
Preferably, when the wireless access point allows the terminal device to access the first resource, the wireless access point sends an authorization result to the identity authentication server, and the identity authentication server forwards the authorization result to the page server for generating feedback information through the interaction page, where the feedback information is used to indicate that the terminal device allows the terminal device to access the first resource.
Preferably, the wireless access point and the identity authentication server are arranged in the same local area network.
The technical scheme has the following advantages or beneficial effects: the wireless access point is used as a remote authorization platform and the bridge node of the identity authentication server in the local area network, so that the system design is simplified, the problem that an encryption channel server needs to be additionally arranged in the prior art is solved, the maintenance cost is reduced, and the integral use of the system is more convenient.
Drawings
Embodiments of the present invention will now be described more fully hereinafter with reference to the accompanying drawings. The drawings are, however, to be regarded as illustrative and explanatory only and are not restrictive of the scope of the invention.
FIG. 1 is an overall schematic diagram of an embodiment of the present invention;
FIG. 2 is a schematic diagram of a sub-module of a remote authorization platform according to an embodiment of the present invention;
FIG. 3 is a diagram of an authorization server sub-module according to an embodiment of the present invention;
FIG. 4 is a schematic diagram of a wireless access point sub-module according to an embodiment of the invention;
FIG. 5 is a schematic diagram of an identity authentication server sub-module according to an embodiment of the present invention;
fig. 6 is a schematic access flow diagram according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
It should be noted that the embodiments and features of the embodiments may be combined with each other without conflict.
The invention is further described with reference to the following drawings and specific examples, which are not intended to be limiting.
The invention comprises the following steps:
an authentication access system of a local area network, as shown in fig. 1, includes:
the wireless access point 2 is connected with a plurality of terminal devices 1, and receives access requests of the terminal devices 1;
the remote authorization platform 4 is connected to the wireless access point 2 and receives the access request, and the remote authorization platform 4 judges whether the terminal device 1 is allowed to access or not and returns a first authentication result to the wireless access point 2;
when the terminal equipment 1 initiates an access request, the wireless access point 2 forwards the access request to the remote authorization platform 4, and the remote authorization platform 4 requests identity information from the terminal equipment 1 and forwards the identity information to the identity authentication server 3 through the wireless access point 2;
the identity authentication server 3 judges whether the terminal equipment 1 is allowed to access the first resource in the local area network or not according to the identity information and generates a second authentication result;
the remote authorization platform 4 enables the terminal device 1 to access the first resource through the wireless access point 2 according to the second authentication result.
In a preferred embodiment, as shown in FIG. 2, the remote authorization platform 4 comprises:
the authorization server 41, the authorization server 41 is connected to the wireless access point 2, and is configured to determine whether to allow the terminal device 1 to initiate an access request or access the first resource;
the page server 42, the page server 42 connects the terminal device 1 and the wireless access point 2, and is used for generating an interactive page;
the interactive page is used for entering identity information and sending feedback information whether the first resource can be accessed to the terminal device 1.
Specifically, in one embodiment, the wireless access point is configured as a wireless AP device with a wireless network (WLAN) function, which is used for connecting with a terminal device 1 such as a mobile phone or a computer with a wireless network function, and serves as a relay node between the authorization server 41 and the authentication server 3, so as to replace a cryptographic tunnel server (VPN) that is common in the prior art. The authorization server 41 is configured as an AAA authentication server deployed on a cloud platform, and is configured to process an access request and an access request of the terminal device 1 to provide an authentication and authorization service. The page server 42 is configured as a Portal server deployed on a cloud platform, and can send a graphical interactive page, which is equivalent to a Portal page, to the terminal device 1. The terminal device 1 fills corresponding identity information on the interactive page, and automatically feeds back the second authentication result to the page server 42 through the JS script at the rear end of the Portal page when receiving the second authentication result. The identity authentication server 3 is set as an LDAP server, stores preset employee account numbers and identity credentials, is used for authenticating whether an access user of a terminal device accessing a network is an enterprise employee, and establishes communication connection with the wireless access point 2 in a manner of LDAP, LDAPs, LDAP Over TLS or the like.
In a preferred embodiment, as shown in fig. 3, the authorization server 41 includes an authentication judgment sub-module 411, and the authentication judgment sub-module 411 judges whether to allow the terminal device 1 to initiate an access request through the wireless access point 2 according to whether the terminal device 1 is authenticated by the identity authentication server 3.
In a preferred embodiment, the wireless access point 2 includes a remapping submodule 21, and when the terminal device 1 does not pass through the identity authentication server 3 for identity authentication, the remapping submodule 21 remaps the target address of the access request to the connection address of the wireless access point 2;
the wireless access point 2 then returns the connection address of the page server 42 to the terminal device 1 to enable the terminal device 1 to access the interaction page.
Specifically, when the terminal device 1 completes authentication to access the corporate lan, the current user of the terminal device 1 is not authenticated, and therefore cannot directly access the first resource that needs to be viewed through the corporate lan and is set in the lan. At this time, the wireless access point 2 as a relay module needs to return the address of the page server 42 to the terminal device 1, so that the current user of the terminal device 1 can further verify the identity thereof.
In a preferred embodiment, as shown in fig. 4, the wireless access point 2 has a credential extraction submodule 22;
when the terminal device 1 sends the identity information, the wireless access point 2 redirects the identity information to the certificate extraction submodule 22;
the certificate extraction submodule 22 extracts the identity certificate from the identity information and forwards the identity certificate to the identity authentication server 3;
the identity authentication server 3 judges whether the terminal device 1 is allowed to access the first resource according to the identity certificate and generates a second authentication result.
As an alternative embodiment, the identity credential is an ID, a physiological characteristic, a password, or an electronic key of the employee of the company.
Specifically, when the terminal device 1 checks the identity information in the interactive page, since the interactive page is set based on the HTTPS protocol, the content of the identity information is automatically forwarded to the connection address of the page server 42 located in the remote authentication platform 4. At this time, the wireless access point 2 monitors the data packet sent by the terminal device 1 according to the connection address of the page server 42, screens out the data packet used for sending the identity information to the page server 42 from the data packet, redirects the data packet to the credential extraction submodule 22, analyzes the data packet by the credential extraction submodule 22, extracts the identity credential, and forwards the identity credential to the identity authentication server 3 arranged in the company local area network, so that better security is realized.
In a preferred embodiment, as shown in fig. 5, a plurality of preset identity authentication information are stored in the identity authentication server 3;
the identity authentication server 3 comprises an information comparison submodule 31;
the information comparison submodule 31 compares the identity authentication information with the identity credential one by one, and allows the terminal device 1 to access the first resource when the identity authentication information consistent with the credential exists.
In a preferred embodiment, the wireless access point 2 comprises a forwarding sub-module 23 which, when the identity authentication server 3 determines to allow the terminal device 1 to access the first resource,
the forwarding sub-module 23 receives the second authentication result sent by the self-identity authentication server 3, and forwards the second authentication result to the page server 42 through the interactive page;
the page server 42 includes a communication sub-module;
the communication sub-module forwards the second authentication result to the authorization server 41, so that the authorization server 41 controls the wireless access point 2 to allow the terminal device 1 to access the first resource.
In a preferred embodiment, when the wireless access point 2 allows the terminal device 1 to access the first resource, the wireless access point 2 sends the authorization result to the authentication server 3, and the authentication server 3 forwards the authorization result to the page server 42 for generating feedback information through the interactive page, where the feedback information is used to indicate that the terminal device 1 allows the access to the first resource.
In a preferred embodiment, the wireless access point 2 and the authentication server 3 are located in the same lan.
When a terminal device 1 tries to access a local area network and accesses a first resource, as shown in fig. 6, the process specifically includes:
1. when the terminal device 1 establishes a connection with the wireless access point 2 to attempt to access the local area network of the company, the terminal device 1 initiates an access request to the wireless access point 2;
2. when the wireless access point 2 receives the access request, the wireless access point 2 initiates an authentication request to an authorization server 41 deployed in the remote authorization platform 4 to determine whether the terminal device 1 can access the local area network; the authentication request includes information of the terminal device 1, such as a MAC address.
3. The authorization server 41 determines whether the terminal device 1 is authenticated by a corresponding data source, such as an identity authentication server local to an enterprise, according to a matching policy built in the authorization server. If yes, allowing the terminal device 1 to access the local area network, and sending a first authentication result to the wireless access point 2 to inform the wireless access point 2 of authorization for the terminal device 1 to enable the terminal device 1 to access the local area network. At the same time, the authorization server 41 also updates the connection address (url) of the page server 42 to the wireless access point 2, so that the wireless access point 2 can redirect the access request of the terminal device 1 to the page server when the terminal device 1 has not been authenticated by the authentication server.
4. When the wireless access point 2 receives the authentication result returned from the first authorization server 41, the wireless access point 2 authorizes the terminal apparatus 1 so that it can access the local area network through the wireless access point 2, and notifies that the terminal apparatus 1 has accessed the local area network.
5. When the terminal device 1 initiates an access request, the wireless access point 2 receives this access request.
6. Since the terminal device 1 has not been authenticated, i.e. the identity of the user of the terminal device 1 has not been confirmed, the user is required to perform identity authentication. At this time, the wireless access point 2 sets the return information of the access request as the connection address of the page server 42 by the DNAT method, and returns a status code, which is HTTP 302.
7. The terminal device 1 receives the returned connection address of the page server 42 and the HTTP302 status code.
8. The terminal device 1 initiates a page request to the page server 42 according to the connection address.
9. The page server 42 returns an interaction page to the terminal device 1 for the user to fill out identity information on the terminal device 1.
10. After the user completes the identity information on the interactive page, the identity information is sent to the wireless access point 2.
11. When the wireless access point 2 receives the identity information sent by the user, the wireless access point 2 redirects the identity information to the CGI module arranged at the wireless access point 2 by the DNAT method, and the CGI module extracts the identity credential from the identity information.
12. The wireless access point 2 establishes connection with an identity authentication server 42 which is also arranged in a company local area network through LDAP over TLS, and requests the identity authentication server 42 to verify the identity certificate;
13. and judging whether the authentication of the identity certificate passes according to preset identity authentication information, and returning a second authentication result representing successful authentication to a CGI module of the wireless access point 2 through LDAP over TLS connection.
14. The CGI module forwards the second authentication result to the terminal device 1 through the wireless access point 2.
15. When the terminal device 1 receives the second authentication result, it does not generate related feedback information at the front end, and receives the second authentication result only through the interactive page opened by the terminal device 1.
16. A JS script has been preset in the interactive page, and is used to automatically return the second authentication result to the page server 42 at the browser back end.
17. When the page server 42 receives the authentication result, the second authentication result is forwarded to the authorization server 41.
18. The authorization server 41 determines whether to allow the terminal device 1 to access the first resource according to the authentication result, and if so, sends a COA request to the wireless access point 2 so that the terminal device 1 can access the first resource.
19. After the wireless access point 2 completes the authorization of the terminal device 1, the authorization result is fed back to the authorization server 41 in a COA ACK/NAK manner.
20. The authorization server 41 forwards the authorization result to the page server 42 so that the page server can generate feedback information for prompting the user whether the authorization passes.
21. The page server 42 displays the feedback information of the successful authorization to the terminal device 1 through the interactive page.
The invention has the advantages that the wireless access point is arranged as the remote authorization platform and the bridging node of the identity authentication server arranged in the local area network, thereby simplifying the system design, avoiding the problem that an encryption channel server needs to be additionally arranged in the prior art, reducing the maintenance cost and ensuring that the whole system is more convenient to use.
While the invention has been described with reference to a preferred embodiment, it will be understood by those skilled in the art that various changes in form and detail may be made therein without departing from the spirit and scope of the invention.
Claims (9)
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111117607.4A CN113709741A (en) | 2021-09-23 | 2021-09-23 | Authentication access system of local area network |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111117607.4A CN113709741A (en) | 2021-09-23 | 2021-09-23 | Authentication access system of local area network |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN113709741A true CN113709741A (en) | 2021-11-26 |
Family
ID=78661664
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111117607.4A Pending CN113709741A (en) | 2021-09-23 | 2021-09-23 | Authentication access system of local area network |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113709741A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116633687A (en) * | 2023-07-20 | 2023-08-22 | 深圳市永达电子信息股份有限公司 | Terminal safety access method, system and controller |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20070271598A1 (en) * | 2006-05-16 | 2007-11-22 | A10 Networks, Inc. | Systems and methods for user access authentication based on network access point |
| CN102984173A (en) * | 2012-12-13 | 2013-03-20 | 迈普通信技术股份有限公司 | Network access control method and system |
| CN103139772A (en) * | 2011-11-23 | 2013-06-05 | 中国移动通信集团上海有限公司 | Method for processing terminal accessed to local area network and method and device for used data statistic |
| CN105744521A (en) * | 2016-04-15 | 2016-07-06 | 上海斐讯数据通信技术有限公司 | Access authentication management method of wireless network |
| CN106656911A (en) * | 2015-10-29 | 2017-05-10 | 华为技术有限公司 | Portal authentication method, access device and management server |
| CN109862565A (en) * | 2019-02-11 | 2019-06-07 | 广东省城乡规划设计研究院 | A kind of WLAN unaware control method, system and readable storage medium storing program for executing |
-
2021
- 2021-09-23 CN CN202111117607.4A patent/CN113709741A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20070271598A1 (en) * | 2006-05-16 | 2007-11-22 | A10 Networks, Inc. | Systems and methods for user access authentication based on network access point |
| CN103139772A (en) * | 2011-11-23 | 2013-06-05 | 中国移动通信集团上海有限公司 | Method for processing terminal accessed to local area network and method and device for used data statistic |
| CN102984173A (en) * | 2012-12-13 | 2013-03-20 | 迈普通信技术股份有限公司 | Network access control method and system |
| CN106656911A (en) * | 2015-10-29 | 2017-05-10 | 华为技术有限公司 | Portal authentication method, access device and management server |
| CN105744521A (en) * | 2016-04-15 | 2016-07-06 | 上海斐讯数据通信技术有限公司 | Access authentication management method of wireless network |
| CN109862565A (en) * | 2019-02-11 | 2019-06-07 | 广东省城乡规划设计研究院 | A kind of WLAN unaware control method, system and readable storage medium storing program for executing |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116633687A (en) * | 2023-07-20 | 2023-08-22 | 深圳市永达电子信息股份有限公司 | Terminal safety access method, system and controller |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP4291213B2 (en) | Authentication method, authentication system, authentication proxy server, network access authentication server, program, and recording medium | |
| USRE45532E1 (en) | Mobile host using a virtual single account client and server system for network access and management | |
| US7940656B2 (en) | System and method for authenticating an element in a network environment | |
| US9015855B2 (en) | Secure tunneling platform system and method | |
| WO2022247751A1 (en) | Method, system and apparatus for remotely accessing application, device, and storage medium | |
| CN108768979B (en) | Enterprise intranet access method, device and system for enterprise intranet access | |
| CN107231336A (en) | A kind of access control method, device and the gateway device of LAN Intranet resource | |
| US11838269B2 (en) | Securing access to network devices utilizing authentication and dynamically generated temporary firewall rules | |
| CN105007579A (en) | Wireless local area network access authentication method and terminal | |
| CA2419853A1 (en) | Location-independent packet routing and secure access in a short-range wireless networking environment | |
| AU2017344389B2 (en) | Portal aggregation service mapping subscriber device identifiers to portal addresses to which connection and authentication requests are redirected and facilitating mass subscriber apparatus configuration | |
| CN106330479A (en) | A device operation and maintenance method and system | |
| CN103179104B (en) | A kind of access method of remote service, system and equipment thereof | |
| US7694015B2 (en) | Connection control system, connection control equipment and connection management equipment | |
| CN114374529B (en) | Resource access method, device, system, electronic device, medium and program | |
| CN113709741A (en) | Authentication access system of local area network | |
| JP2009217722A (en) | Authentication processing system, authentication device, management device, authentication processing method, authentication processing program and management processing program | |
| CN102571817B (en) | Method and device for accessing application server | |
| JP4630296B2 (en) | Gateway device and authentication processing method | |
| CN116545875B (en) | Safety communication control system based on Internet of things | |
| EP4513926A1 (en) | Systems and methods for end user authentication | |
| WO2013034108A1 (en) | Cloud service establishment system and method | |
| CN107800569B (en) | VPN quick access system and method based on ONT | |
| JP2018029233A (en) | Client terminal authentication system and client terminal authentication method | |
| HK40011226B (en) | Portal aggregation service mapping subscriber device identifiers to portal addresses to which connection and authentication requests are redirected and facilitating mass subscriber apparatus configuration |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20211126 |