发明授权
US08689283B2 Security access control method and system for wired local area network
有权
有线局域网的安全访问控制方法和系统
- 专利标题: Security access control method and system for wired local area network
- 专利标题(中): 有线局域网的安全访问控制方法和系统
-
申请号: US13391051申请日: 2009-12-23
-
公开(公告)号: US08689283B2公开(公告)日: 2014-04-01
- 发明人: Manxia Tie , Jun Cao , Li Ge , Xiaolong Lai , Zhenhai Huang , Qin Li , Zhiqiang Du
- 申请人: Manxia Tie , Jun Cao , Li Ge , Xiaolong Lai , Zhenhai Huang , Qin Li , Zhiqiang Du
- 申请人地址: CN Xi'an
- 专利权人: China Iwncomm Co., Ltd.
- 当前专利权人: China Iwncomm Co., Ltd.
- 当前专利权人地址: CN Xi'an
- 代理机构: Harness, Dickey & Pierce, P.L.C.
- 优先权: CN200910023628 20090819
- 国际申请: PCT/CN2009/075895 WO 20091223
- 国际公布: WO2011/020274 WO 20110224
- 主分类号: H04L29/06
- IPC分类号: H04L29/06
摘要:
The present invention relates to a security access control method and system for wired local area network, the method includes the following steps: 1) a requester (REQ) negotiates the security policy with an authentication access controller (AAC); 2) the requester (REQ) and the authentication access controller (AAC) authenticate the identity; 3) the requester (REQ) negotiates the key with the authentication access controller (AAC). The direct identity authentication between the user and the network access control device is realized by the present invention; the negotiation and the dynamic update of the session key for the link layer data protection are realized; a variety of network architectures such as the enterprise network, the telecommunication network are supported; the scalability is good, the multiple authentication methods are supported; the authentication protocols with different security levels are supported, the requirements of the various subscribers are satisfied; the sub-modules of the protocol are independent, flexible, and easy to be accepted or rejected.