专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20060031925A1 Access control method and apparatus 审中-公开
标题翻译：访问控制方法和装置
公开(公告)号：US20060031925A1
公开(公告)日：2006-02-09
申请号：US11196763
申请日：2005-08-04
申请人： Sreekanth Natarajan , Ludwig Pauwels , Stefaan De Cnodder , Nagi Jonnala
发明人： Sreekanth Natarajan , Ludwig Pauwels , Stefaan De Cnodder , Nagi Jonnala
IPC分类号： H04L9/32
CPC分类号： H04L12/4645 , H04L41/08 , H04L45/00 , H04L63/104 , H04L69/16 , H04L69/167
摘要： The present invention relates to an access control unit (21) of a data communication network (61) comprising an access control means (101) adapted to receive an authorization (111) from an authentication server (51), whereby a particular user (15) is authorized to access said data communication network, and thereupon to grant said particular user an access (106) to said data communication network. An access control unit according to the invention is characterized in that said access control means is further adapted to derive, from an additional information element (112) encoded into said authorization, an association (114) for said particular user between a particular payload type (Ipv6) and a particular virtual network (VLAN2) overlaying over said data communication network, and in that said access control unit further comprises a frame classifier (102) coupled to said access control means (via 103), and adapted to tag particular untagged frames (121) entering said data communication network, related to said particular user and carrying said particular payload type, with a particular virtual network identifier (VID2) of said particular virtual network. The present invention also relates to a method for controlling the access to a data communication network, and to an authentication server for use in cooperation with the access control unit.
摘要翻译：本发明涉及数据通信网络（61）的访问控制单元（21），其包括适于从认证服务器（51）接收授权（111）的访问控制装置（101），由此特定用户（15 ）被授权访问所述数据通信网络，并且随后向所述特定用户授予对所述数据通信网络的访问（106）。根据本发明的访问控制单元的特征在于，所述访问控制装置还适于从编码到所述授权中的附加信息元素（112）导出在特定有效载荷类型之间的所述特定用户的关联（114） Ipv6）和覆盖在所述数据通信网络上的特定虚拟网络（VLAN 2），并且所述访问控制单元还包括耦合到所述访问控制装置（经由103）的帧分类器（102），并适于标记特定未标记与所述特定用户相关联并携带所述特定有效载荷类型的帧（121）与所述特定虚拟网络的特定虚拟网络标识符（VID 2）进行通信。本发明还涉及一种用于控制对数据通信网络的访问的方法以及与访问控制单元协作使用的认证服务器。

IPRDB

热门服务

关于我们

友情链接

联系方式