METHOD AND SYSTEM FOR CONTROLLING A TERMINAL ACCESS AND TERMINAL FOR CONTROLLING AN ACCESS

US 20100005181A1
Filed: 06/04/2009
Published: 01/07/2010
Est. Priority Date: 07/07/2008
Status: Abandoned Application

First Claim

Patent Images

1. A method for controlling terminal access, comprising:

receiving a policy configuration sent by a server on a network side, the policy configuration being generated by the server on the network side according to an authorization range of a terminal identity after a terminal is authenticated;

modifying a local setting according to the policy configuration; and

controlling an access authority of the terminal according to the modified local setting.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and a system for controlling terminal access, and a terminal for controlling access are provided. The method includes: receiving a policy configuration sent by a server on a network side; modifying local setting according to the policy configuration; and controlling an access authority of the terminal according to the modified local setting. Thus, when terminal access control is needed for a terminal connected to the network, the policy configuration can be delivered to the agent of the terminal, so that the agent controls an access authority of the terminal according to the policy configuration. Thereby, the convenient and flexible separation of the pre-authentication domain and the post-authentication domain is realized for different terminals, so as to meet the requirements for access control of multiple terminals.

21 Citations

View as Search Results

12 Claims

1. A method for controlling terminal access, comprising:
- receiving a policy configuration sent by a server on a network side, the policy configuration being generated by the server on the network side according to an authorization range of a terminal identity after a terminal is authenticated;
  
  modifying a local setting according to the policy configuration; and
  
  controlling an access authority of the terminal according to the modified local setting.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method according to claim 1, before receiving the policy configuration sent by the server on the network side, the method further comprising:
    - sending an authentication request to the server on the network side.
  - 3. The method according to claim 2, before sending an authentication request to the server on the network side, the method further comprising:
    - controlling the access authority of the terminal according to a default local setting.
  - 4. The method according to claim 1, wherein the policy configuration sent by the server on the network side is generated according to the authorization range of the terminal identity.
  - 5. The method according to claim 1, wherein the policy configuration is an Internet protocol security configuration.
  - 6. The method according to claim 4, wherein the policy configuration is an Internet protocol security configuration.

7. A system for controlling terminal access, comprising:
- a terminal adapted to receive a policy configuration sent by a server on a network side and modify a local setting according to the received policy configuration to control an access authority of the terminal; and
  
  a server adapted to authenticate the terminal, generate the policy configuration according to an authorization range of a terminal identity and send the policy configuration to the terminal.
- View Dependent Claims (8, 9, 10)
- - 8. The system according to claim 7, wherein the terminal comprises:
    - a receiving unit adapted to receive the policy configuration sent by the server;
      
      a configuring unit adapted to modify the local setting according to the policy configuration received by the receiving unit; and
      
      a controlling unit adapted to control the access authority of the terminal according to the local setting set by the configuring unit.
  - 9. The system according to claim 8, wherein the agent further comprises:
    - a sending unit adapted to send an authentication request of the terminal to the server; and
      
      a default configuring unit adapted to provide a default local setting for the controlling unit to the server to control the access authority of the terminal before the sending unit sends the authentication request of the terminal.
  - 10. The system according to claim 7, wherein the server comprises:
    - a server receiving unit adapted to receive the authentication request sent by the terminal;
      
      a server policy configuration generating unit adapted to generate a corresponding policy configuration according to the authorization range of the terminal identity when the server receiving unit receives the authentication request; and
      
      a server sending unit adapted to send the policy configuration generated by the server policy configuration generating unit to the terminal.

11. A terminal for controlling access, comprising:
- a receiving unit adapted to receive a policy configuration sent by a server, the policy configuration being generated by a server on a network side according to an authorization range of a terminal identity after the terminal is authenticated;
  
  a configuring unit adapted to modify a local setting according to the policy configuration received by the receiving unit; and
  
  a controlling unit adapted to control an access authority of the terminal according to the local setting modified by the configuring unit.
- View Dependent Claims (12)
- - 12. The terminal according to claim 11, further comprising:
    - a sending unit adapted to send an authentication request of the terminal to the server; and
      
      a default configuring unit adapted to provide a default local setting for the controlling unit to control the access authority of the terminal before the sending unit sends the authentication request of the terminal to the server.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Huawei Digital Technologies (Cheng Du) Co. Ltd (Huawei Investment & Holding Co., Ltd.)
Original Assignee
Chengdu Huawei Symantec Technologies Company Limited (Huawei Investment & Holding Co., Ltd.)
Inventors
ZHANG, Yi

Application Number

US12/478,113
Publication Number

US 20100005181A1
Time in Patent Office

Days
Field of Search
US Class Current

709/229
CPC Class Codes

H04L 63/102 Entity profiles

H04L 67/34 involving the movement of s...

METHOD AND SYSTEM FOR CONTROLLING A TERMINAL ACCESS AND TERMINAL FOR CONTROLLING AN ACCESS

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

21 Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

METHOD AND SYSTEM FOR CONTROLLING A TERMINAL ACCESS AND TERMINAL FOR CONTROLLING AN ACCESS

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

21 Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links