	US 12,470,553 B2
	Access management method, authenticator, and authentication server
Bin He, Dongguan (CN); Cairen Weng, Nanjing (CN); Yibin Xu, Nanjing (CN); and Sisheng Wang, Dongguan (CN)
Assigned to HUAWEI TECHNOLOGIES CO., LTD., Shenzhen (CN)
Filed by HUAWEI TECHNOLOGIES CO., LTD., Guangdong (CN)
Filed on Feb. 17, 2023, as Appl. No. 18/170,806.
Application 18/170,806 is a continuation of application No. PCT/CN2021/106155, filed on Jul. 14, 2021.
Claims priority of application No. 202010842714.2 (CN), filed on Aug. 20, 2020; and application No. 202011027414.5 (CN), filed on Sep. 25, 2020.
Prior Publication US 2023/0208836 A1, Jun. 29, 2023
Int. Cl. H04L 9/40 (2022.01)

CPC H04L 63/0876 (2013.01) [H04L 63/102 (2013.01); H04L 63/20 (2013.01)]

18 Claims

1. A method of access management, the method comprising:

at an authenticator:

in response to a terminal device completing access authentication, receiving a first packet sent by the terminal device, wherein the first packet comprises a first Internet Protocol version 6 (IPv6) address of the terminal device and a Media Access Control (MAC) address of the terminal device, the first IPV6 address is a new temporary IPV6 address of the terminal device, the authenticator stores the MAC address, and the first IPV6 address does not exist in one or more temporary IPv6 addresses corresponding to the MAC address; and

in response to determining that the first IPV6 address is a new IPV6 address, sending a second packet to an authentication server, wherein the second packet comprises the first IPV6 address and the MAC address, and wherein the second packet further comprises instructions for the authentication server to determine a first authorization policy based on the first IPV6 address, and the first authorization policy comprises an access permission of the terminal device corresponding to the first IPV6 address.