What technology area does this patent fall under?

Primary CPC classification H04W76/25. Mapped technology areas include Electricity.

When was this patent published?

Publication date Tue Mar 13 2018 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).

802.1X access session keepalive method, device, and system

US9918353B2 · US · B2

Patent metadata
Field	Value
Publication number	US-9918353-B2
Application number	US-201314766053-A
Country	US
Kind code	B2
Filing date	Sep 17, 2013
Priority date	Feb 19, 2013
Publication date	Mar 13, 2018
Grant date	Mar 13, 2018

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

The present invention relates to the field of communications. Disclosed are an 802.1X access session keepalive method, device, and system. The method comprises: during network access of a 802.1X client, an authenticating node used for access authentication sending, to the 802.1X client according to an actual keepalive period of the authenticating node, a keepalive request message used for determining whether the 802.1X client is off-net abnormally; and during a preset duration of the authenticating node, if the authenticating node does not receive a keepalive response message from the 802.1X client in response to the keepalive request message, the authenticating node determining that the 802.1X client is off-net abnormally; otherwise, determining that the 802.1X client is on-net normally. The embodiments of the present invention improve network resource utilization, reduce the security problem caused by too heavy load of the authenticating node, and lower the risk of errors in charging on time.

First claim

Opening claim text (preview).

The invention claimed is: 1. A method for keeping an 802.1X access session alive, comprising: determining, by an authenticating node, a Keeplive period of the authenticating node for an 802.1X client according to one of a recommended Keeplive period carried in an Extensible Authentication Protocol over Local Area Network (EAPOL)-Start-Announcement request or an announcement request and sent by the 802.1X client, a local Keeplive period configured locally at the authenticating node, and an authorized Keeplive period carried in an access-granted message and sent by an authenticating server for the 802.1X client; sending, by the authenticating node, according to the Keeplive period of the authenticating node EAPOL-Keeplive request to the 802.1X client while the 802.1X client is connected to a network for determining whether the 802.1X client loses connection to the network abnormally; determining, by the authenticating node, that the 802.1X client loses connection to the network abnormally, when the authenticating node does not receive, within a predetermined period of time at the authenticating node, a Keeplive response sent by the 802.1X client in response to the EAPOL-Keeplive request sent by the authenticating node to the 802.1X client; determining, by the authenticating node, that the 802.1X client is connected to the network, when the authenticating node receives, within the predetermined period of time at the authenticating node, the Keeplive response sent by the 802.1X client in response to the EAPOL-Keeplive request sent by the authenticating node to the 802.1X client; before sending, by the authenticating node to the 802.1X client, or by the 802.1X client to the authenticating node, the EAPOL-Keeplive request receiving, by the authenticating node, the EAPOL-Start-Announcement request sent by the 802.1X client and sending to the 802.1X client an EAPOL-EAP-Request-Identity message: receiving, by the authenticating node, an EAPOL-EAP-Response-Identity message sent by the 802.1X client in response to the EAPOL-EAP-Request-Identity message, packing, by the authenticating node, the EAPOL-EAP-Response-Identity message into an Access-Request, and sending, by the authenticating node, the Access-Request to the authenticating server; determining, by the authenticating server with the 802.1X client through the authenticating node, an authentication mode according to the Access-Request, and authenticating, by the authenticating server, the 802.1X client according to the authentication mode; and packing, by the authenticating server, an authentication-succeeds result into an access-granted message, or an authentication-fails result into an access-refused message, and sending, by the authenticating server, the access-granted or access-refused message to the authenticating node, wherein during access authentication of the 802.1X client, when the EAPOL-Start-Announcement request sent by the 802.1X client does not comprise the recommended Keeplive period, packing, by the 802.1X client, the recommended Keeplive period into the announcement request, and sending, by the 802.1X client, the announcement request to the authenticating node, such that the authenticating node determines the Keeplive period of the authenticating node. 2. The method according to claim 1 , further comprising: while the 802.1X client is connected to the network, sending, by the 802.1X client according to a Keeplive period of the 802.1X client, to the authenticating node, an EAPOL-Keeplive request for determining whether the authenticating node is in an abnormal state; when the 802.1X client receives, within a predetermined period of time at the 802.1X client, no Keeplive response sent by the authenticating node in response to the EAPOL-Keeplive request sent by the 802.1X client to the authenticating node, determining, by the 802.1X client, that the authenticating node is in an abnormal state; otherwise when the 802.1X client receives, within the predetermined period of time at the 802.1X client, a Keeplive response sent by the authenticating node in response to the EAPOL-Keeplive request sent by the 802.1X client to the authenticating node, determining that the authenticating node is in a normal state. 3. The method according to claim 2 , further comprising: before sending, by the authenticating node to the 802.1X client, or by the 802.1X client to the authenticating node, the EAPOL-Keeplive request, receiving, by the authenticating node, an EAPOL-Start-Announcement request sent by the 802.1X client, and sending to the 802.1X client an EAPOL-EAP-Request-Identity message; receiving, by the authenticating node, an EAPOL-EAP-Response-Identity message sent by the 802.1X client in response to the EAPOL-EAP-Request-Identity message, packing, by the authenticating node, the EAPOL-EAP-Response-Identity message into an Access-Request, and sending, by the authenticating node, the Access-Request to the authenticating server; determining, by the authenticating server with the 802.1X client through the authenticating node, an authentication mode according to the Access-Request, and authenticating, by the authenticating server, the 802.1X client according to the authentication mode; and packing, by the authenticating server, an authentication-succeeds result into an access-granted message, or an authentication-fails result into an access-refused message, and sending, by the authenticating server, the access-granted or access-refused message to the authenticating node. 4. The method according to claim 3 , wherein during access authentication of the 802.1X client, when the EAPOL-Start-Announcement request sent by the 802.1X client does not comprise the recommended Keeplive period, packing, by the 802.1X client, the recommended Keeplive period into an announcement request, and sending, by the 802.1X client, the announcement request to the authenticating node, such that the authenticating node determines the Keeplive period of the authenticating node. 5. The method according to claim 1 , further comprising: acquiring, by the authenticating node, an authorization attribute for activating a Keeplive option in the received access-granted message by resolving the received access-granted message, and activating, by the authenticating node, according to the authorization attribute for activating the Keeplive option, a Keeplive option of an 802.1X client corresponding to a specified identity or service manage domain identifier, such that an 802.1X access session is kept alive. 6. The method according to claim 5 , further comprising: before determining, by the authenticating node, the Keeplive period of the authenticating node for the 802.1X client, resolving, by the authenticating node, the received EAPOL-Start-Announcement request or the received announcement request, and acquiring the recommended Keeplive period in the resolved message; and resolving, by the authenticating node, the received access-granted message, and acquiring the authorized Keeplive period in the resolved access-granted message. 7. The method according to claim 5 , wherein the Keeplive period of the 802.1X client is a default Keeplive period local to the 802.1X client. 8. The method according to claim 7 , further comprising: acquiring, by the 802.1X client by resolving the Keeplive response received by the 802.1X client, a forced Keeplive period in the Keeplive response received by the 802.1X client, and adjusting, by the 802.1X client, the Keeplive period of the 802.1X client according to the forced Keeplive period. 9. A system for keeping an 802.1X access session alive, comprising: an 802.1X client; an authenticating node for access authentication: and an authenticating server, wherein the authenticating node is configur

Assignees

Zte Corp

Inventors

Classifications

H04W76/25Primary
Maintenance of established connections · CPC title
H04L69/28
Timers or timing mechanisms used in protocols · CPC title
H04L67/142Primary
Managing session states for stateless protocols; Signalling session states; State transitions; Keeping-state mechanisms · CPC title
H04W12/06
Authentication · CPC title
H04W76/19
Connection re-establishment · CPC title

Patent family

Related publications grouped by family.

View patent family 48722530

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US9918353B2 cover?: The present invention relates to the field of communications. Disclosed are an 802.1X access session keepalive method, device, and system. The method comprises: during network access of a 802.1X client, an authenticating node used for access authentication sending, to the 802.1X client according to an actual keepalive period of the authenticating node, a keepalive request message used for deter…
Who is the assignee on this patent?: Zte Corp
What technology area does this patent fall under?: Primary CPC classification H04W76/25. Mapped technology areas include Electricity.
When was this patent published?: Publication date Tue Mar 13 2018 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).