Search

CN-122027367-A - Client-free authentication method and system based on network card firmware

CN122027367ACN 122027367 ACN122027367 ACN 122027367ACN-122027367-A

Abstract

The invention discloses a client-free authentication method and a client-free authentication system based on network card firmware, which relate to the technical field of information transmission and comprise the steps of acquiring a temporary network address through the firmware after the network card is electrified; the method comprises the steps of obtaining target identity information of a target user, encrypting the target identity information to obtain a target authentication request, sending the target authentication request to an authentication server, judging whether the target identity information passes verification based on the authentication server, generating target authentication success information if the target identity information passes verification, obtaining target identity identification of the target user, sending the target identity identification to an address generation server to call a preset address generation strategy, combining the target identity identification to generate a formal network address, and completing access of client equipment to a target network by the target user based on the formal network address. The invention solves the technical problems of complex deployment and lower safety due to the dependence on client software for authentication in the prior art, and achieves the technical effects of realizing automatic authentication access and improving safety without a client.

Inventors

  • HE XIAOQIN
  • CHENG JINGTONG

Assignees

  • 苏州宏存芯捷科技有限公司

Dates

Publication Date
20260512
Application Date
20260414

Claims (10)

  1. 1. The client-free authentication method based on the network card firmware is characterized in that the client-free authentication method based on the network card firmware is applied to a client-free authentication method system based on the network card firmware, and the client-free authentication system based on the network card firmware is in communication connection with a target network, wherein the target network comprises a network card, an authentication server and an address generation server, the network card is internally provided with the firmware, and the client-free authentication method based on the network card firmware comprises the following steps: After the network card is electrified, acquiring a temporary network address through the firmware; Acquiring target identity information of a target user, wherein the target identity information refers to identity information submitted when the target user accesses the target network through client equipment provided with the network card; encrypting the target identity information through the firmware to obtain a target authentication request, and sending the target authentication request to the authentication server; judging whether the target identity information passes verification or not based on the authentication server, and if so, generating target authentication success information; Acquiring a target identity of the target user based on the target authentication success information, and sending the target identity to the address generation server; The address generation server invokes a preset address generation strategy and generates a formal network address by combining the target identity; And the target user completes the access of the client device to the target network based on the formal network address.
  2. 2. The client-free authentication method based on network card firmware according to claim 1, wherein a security element is built in the network card to obtain target identity information of a target user, and then the method comprises the step of performing hardware-level encryption processing on the target identity information through the security element.
  3. 3. A client-less authentication method based on network card firmware as claimed in claim 2, wherein a two-way digital certificate verification is performed between the authentication server and the secure element.
  4. 4. The network card firmware-based client-free authentication method according to claim 1, wherein the target user completes the access of the client device to the target network based on the formal network address, previously comprising: acquiring a unique hardware identifier of the client device; Binding the unique hardware identifier with the formal network address and feeding back the unique hardware identifier to the target user.
  5. 5. The method for client-free authentication based on network card firmware of claim 4, wherein said target user completes access of said client device to said target network based on said formal network address, and then comprises releasing said temporary network address after said network card detects that said target user completes network access.
  6. 6. The client-free authentication method based on network card firmware of claim 5, further comprising thereafter: acquiring a first address request of the target user; The address generation server determines the formal network address based on the first address request in combination with the unique hardware identifier, and distributes the formal network address to the client device; and the firmware of the client device receives the formal network address and completes the access of the target network.
  7. 7. The client-free authentication method based on network card firmware according to claim 1, wherein the information embedded in the formal network address at least includes one or more of the target identity, the target login timestamp, or the target authority level of the target user, so as to implement user tracing and access control of network traffic.
  8. 8. The client-free authentication method based on network card firmware according to claim 1, wherein the address generation server invokes a preset address generation policy, and generates a formal network address in combination with the target identity, and then comprises: acquiring a network access data packet through the network card; and establishing a safety authentication channel based on the real-time encryption and decryption processing of the network data packet, wherein the safety authentication channel is a safety encryption authentication channel from the network card to the target network.
  9. 9. The client-free authentication method based on network card firmware according to claim 4, wherein a security audit server is embedded in the authentication server, and the security audit server is configured to record the target identity information, the unique hardware identifier, the formal network address, the network connection establishment and termination time, and key operation behaviors of the target user, so as to form an audit log for traceability.
  10. 10. A client-free authentication system based on network card firmware, wherein the system is configured to perform the client-free authentication method based on network card firmware as claimed in any one of claims 1 to 9, and the system comprises: the address acquisition module is used for acquiring a temporary network address through the firmware after the network card is electrified; the identity information acquisition module is used for acquiring target identity information of a target user, wherein the target identity information refers to identity information submitted when the target user accesses the target network through client equipment provided with the network card; The encryption module is used for encrypting the target identity information through the firmware to obtain a target authentication request and sending the target authentication request to the authentication server; The verification module is used for judging whether the target identity information passes verification or not based on the authentication server, and if so, generating target authentication success information; The identification sending module is used for acquiring a target identity of the target user based on the target authentication success information and sending the target identity to the address generation server; the network address generation module is used for calling a preset address generation strategy by the address generation server and generating a formal network address by combining the target identity; And the access module is used for the target user to finish the access of the client device to the target network based on the formal network address.

Description

Client-free authentication method and system based on network card firmware Technical Field The invention relates to the technical field of information transmission, in particular to a client-free authentication method and system based on network card firmware. Background In the network access authentication process, authentication software is usually required to be pre-installed in the client device, and an operating system layer initiates an authentication request and interacts with an authentication server to complete network access control. However, the method depends on terminal environment configuration, the installation and maintenance processes are complicated, the compatibility is poor under different operating systems or terminal types, and the deployment and operation cost is increased. Meanwhile, the authentication process is mainly realized based on software, and is easy to tamper, bypass or maliciously attack, so that the security of identity information and the reliability of access control are difficult to guarantee. Disclosure of Invention The application provides a client-free authentication method and system based on network card firmware, which are used for solving the technical problems of complex deployment and lower safety due to the fact that client software is relied on for authentication in the prior art. In view of the above problems, the present application provides a client-free authentication method and system based on network card firmware. In a first aspect of the present application, a client-free authentication method based on network card firmware is provided, the method comprising: The method comprises the steps of obtaining a temporary network address through firmware after the network card is electrified, obtaining target identity information of a target user, wherein the target identity information refers to identity information submitted when the target user accesses the target network through client equipment provided with the network card, encrypting the target identity information through the firmware to obtain a target authentication request, sending the target authentication request to an authentication server, judging whether the target identity information passes verification or not based on the authentication server, if so, generating target authentication success information, obtaining target identity identification of the target user based on the target authentication success information, and sending the target identity identification to an address generation server, the address generation server invokes a preset address generation strategy, generates a formal network address in combination with the target identity identification, and the target user completes access of the client equipment to the target network based on the formal network address. In a second aspect of the present application, there is provided a client-free authentication system based on network card firmware, the system comprising: The system comprises a network card, an address acquisition module, an identity information acquisition module, an identification information generation module and an access module, wherein the network card is used for acquiring a temporary network address through a firmware after the network card is electrified, the identity information acquisition module is used for acquiring target identity information of a target user, wherein the target identity information refers to identity information submitted when the target user accesses a target network through a client device provided with the network card, the encryption module is used for encrypting the target identity information through the firmware to obtain a target authentication request and sending the target authentication request to an authentication server, the authentication module is used for judging whether the target identity information passes verification or not based on the authentication server, if the target identity information passes verification, target authentication success information is generated, the identification transmission module is used for acquiring a target identity identifier of the target user based on the target authentication success information and sending the target identity identifier to the address generation server, the network address generation module is used for calling a preset address generation strategy by the address generation server and combining the target identity identifier to generate a formal network address, and the access module is used for completing the target network access of the client device to the target network based on the formal network address. One or more technical schemes provided by the application have at least the following technical effects or advantages: The method comprises the steps of obtaining a temporary network address through the firmware after the network card is electrified, obtaining target identity information of a target user