A Method For User authentication in Public Wireless Lan Service Network

摘要

PURPOSE: A user authentication method in a public wireless land service network is provided to protect a user by informing the user that someone else accesses the Internet with the same ID from a different place at the same time zone. CONSTITUTION: An authentication server receives a user ID of a subscriber(401). The authentication server searches a user authentication table to check whether there exists the user ID(402,403). If there is the user ID, the authentication server searches and stores an authentication record corresponding to the user ID(404). The authentication server checks whether to perform authentication with a MAC address stored in the record(407). If an item of 'MAC checking' is set as 'yes', the authentication server compares a user MAC address of an authentication protocol and the MAC address of the authentication record(408). If both MAC address are identical or the item of 'MAC checking' is set as 'no', the authentication server sends an EAP(Extensible Authentication Protocol)-Challenge message to a wireless LAN AP(410), and then, receives an EAP-Challenge response message(411). The authentication server checks whether passwords are identical through an MD5 hash of the Challenge response(412). If passwords are identical, the authentication server checks an item of 'log-in state'(415) and compares set values(416). If the item of 'log-in state' is set as 'no', the authentication server generates an EAP success message(419), transmits it to the wireless LAN AP(420).