CN105939516A - User authentication method and device - Google Patents
User authentication method and device Download PDFInfo
- Publication number
- CN105939516A CN105939516A CN201610039936.4A CN201610039936A CN105939516A CN 105939516 A CN105939516 A CN 105939516A CN 201610039936 A CN201610039936 A CN 201610039936A CN 105939516 A CN105939516 A CN 105939516A
- Authority
- CN
- China
- Prior art keywords
- mobile device
- code
- certification
- sent
- identification information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/08—Access security
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention provides a user authentication method and device. The method comprises the steps of receiving a first authentication request which is sent by a first mobile device through a near filed communication NFC function and carries the identifier information of the first mobile device; generating internet surfing codes by use of the identifier information, adding the internet surfing codes and the identifier information to a database, and sending the internet surfing codes and an SSID (Service Set Identifier) to the first mobile device through the NFC function, thereby enabling the first mobile device to send a first connection request added with the SSID to a wireless router corresponding to the SSID; searching whether there are the internet surfing codes in the database or not when the first connection request from the first mobile device is received, wherein the internet surfing codes are carried in the first connection request; confirming that the first mobile device is authenticated successfully if there are the internet surfing codes in the database, and allowing the first mobile device to access a network. Through application of the method and the device provided by the embodiment of the invention, the user authentication is realized through the NFC function, and the potential safety hazard problems can be solved.
Description
Technical field
The application relates to network communication technology field, particularly relates to user authen method and device.
Background technology
Along with the development of communication technology, the mobile device of wireless mode online is used to get more and more.Mobile
Equipment, when using wireless mode online, needs to first pass through the certification of wireless router, and mobile device is just afterwards
Can access network.In the prior art, a password can be set on wireless router, when mobile device position
Time in the range of signal of wireless router, by the password arranged on input wireless router, just can lead to
Cross the certification of described wireless router, such that it is able to access network.
But, the password arranged on wireless router, generally formed by simple numeral or monogram,
It is easy to be cracked by special cracking by extraneous stranger so that extraneous stranger can also pass through
The certification of described wireless router, thus by this wireless router access network, cause potential safety hazard.
Summary of the invention
In view of this, the application provides a kind of user authen method and device, to solve asking of potential safety hazard
Topic.
First aspect according to the embodiment of the present application, it is provided that a kind of user authen method, described method is applied to
On wireless router, described method includes:
Receive the first mobile device and carry described first mobile device by what near-field communication NFC function sent
Identification information first certification request;
Utilize described identification information to generate online code, and add described online code and described identification information to number
According in storehouse, and by NFC function, described online code and described SSID it is sent to described first and moves and set
It is standby, so that the first connection request being added with described online code is sent to described by described first mobile device
The wireless router that SSID is corresponding;
When receiving the first connection request from described first mobile device, inquire about in described data base and be
No there is the online code carried in described first connection request;
If it is, determine that described first mobile device certification is passed through, it is allowed to access network.
Second aspect according to the embodiment of the present application, it is provided that a kind of user authentication device, described device is applied to
On wireless router, described device includes:
First receives unit, for receiving the first mobile device by carrying that near-field communication NFC function sends
There is the first certification request of the identification information of described first mobile device;
Online code obtains unit, is used for utilizing described identification information to generate online code, and by described online code with
Described identification information adds in data base, and is sent out with described SSID by described online code by NFC function
Deliver to described first mobile device, so that described first mobile device connects be added with described online code first
The request of connecing is sent to wireless router corresponding to described SSID;
Query unit, for when receiving the first connection request from described first mobile device, inquires about
Whether described data base exists the online code carried in described first connection request;
First determines unit, for when judged result is for being, determines that described first mobile device certification is led to
Cross, it is allowed to access network.
Application the embodiment of the present application, the first mobile device sends first by NFC function to wireless router and recognizes
Card request, the identification information that described wireless router utilizes described first certification request to carry generates online code,
Add this online code and identification information in data base, and by NFC function, this online code is sent out with SSID
Giving the first mobile device, described first mobile device adds the online code received to first connection request
In, and it is sent to wireless router corresponding to described SSID, so that described wireless router utilizes described first
The online code that connection request carries searches data base, if finding described online code, it is determined that described first moves
Dynamic device authentication passes through.Therefore, the first mobile device needs closely to contact wireless router (such as 0.1 meter),
Online code could be obtained.And external world stranger i.e. enables the signal receiving wireless router, due to without circuit
Be generally positioned in user family by device, the mobile device that extraneous stranger uses cannot close contact without circuit
By device, online code therefore cannot be obtained.And, the online code that the first mobile device obtains is wireless router
Dynamically generating, extraneous stranger cannot use to crack and crack online code.Based on this, outside can avoiding
Boundary stranger passes through wireless router access network, effectively protects the user's that surfed the Net by wireless router
Information security, with the problem solving potential safety hazard.
Accompanying drawing explanation
Fig. 1 is that the application illustrates according to the application scenarios of a kind of user authentication shown in an exemplary embodiment
Figure;
Fig. 2 is the application embodiment flow process according to a kind of user authen method shown in an exemplary embodiment
Figure;
Fig. 3 be the application according to a kind of wireless router shown in an exemplary embodiment to the second mobile device
The flow chart being authenticated;
Fig. 4 is the application hardware structure diagram according to a kind of wireless router shown in an exemplary embodiment;
Fig. 5 is the application example structure according to a kind of user authentication device shown in an exemplary embodiment
Figure.
Detailed description of the invention
Here will illustrate exemplary embodiment in detail, its example represents in the accompanying drawings.Following retouches
Stating when relating to accompanying drawing, unless otherwise indicated, the same numbers in different accompanying drawings represents same or analogous key element.
Embodiment described in following exemplary embodiment does not represent all embodiment party consistent with the application
Formula.On the contrary, they only with describe in detail in appended claims, the application some in terms of mutually one
The example of the apparatus and method caused.
It is only merely for describing the purpose of specific embodiment at term used in this application, and is not intended to be limiting this
Application." a kind of ", " described " of singulative used in the application and appended claims
" it is somebody's turn to do " be also intended to include most form, unless context clearly shows that other implications.It is also understood that
Term "and/or" used herein refer to and comprise any of one or more project of listing being associated or
Likely combine.
Although should be appreciated that may use term first, second, third, etc. to describe various letter in the application
Breath, but these information should not necessarily be limited by these terms.These terms are only used for same type of information district each other
Separately.Such as, in the case of without departing from the application scope, the first information can also be referred to as the second information,
Similarly, the second information can also be referred to as the first information.Depend on linguistic context, word as used in this
" if " can be construed to " ... time " or " when ... time " or " in response to determining ".
Shown in Figure 1, for the application according to the application of a kind of user authentication shown in an exemplary embodiment
Scene schematic diagram, including mobile device, wireless router.Wherein, mobile device can be mobile phone, flat board
Computers etc. have the mobile device of wireless network access function, by WIFI (Wireless Fidelity, wireless
Fidelity) it is connected with wireless router, after mobile device is by the certification of wireless router, accessible network.
NFC (Near Field Communication, near field is all included on mobile device and wireless router
Communication) module, i.e. it is respectively provided with NFC function.Wherein, NFC refer to two equipment need extremely short distance (as
Within 0.1 meter) carry out data transmission, such data transfer mode can limit eavesdropping and the access of hacker.
In the embodiment of the present application, wireless router can be positioned in user family, surfs the Net for user in family.
Can select in family mobile device with NFC function as the first mobile device, and the selected
One mobile device can use NFC function to be authenticated, and using not there is NFC function mobile device as
Two mobile devices, or by family, other have NFC function, but can also not use NFC function to recognize
Card mobile device as the second mobile device, and, the second mobile device is that the first mobile device mandate is recognized
The mobile device of card.
In the embodiment of the present application, described wireless router be provided with in advance SSID (Service Set Identifier,
Service set), wireless router corresponding to described SSID can be transmitted data to by described SSID,
And be provided with identification information in advance in the first mobile device, identify this first mobile device, institute in order to unique
Stating identification information can be that (International Mobile Equipment Identity, mobile device is international for IMIE
Identification code) or mac address of nic etc., described mark letter can be transmitted data to by this identification information
The first mobile device that breath is corresponding.
Shown in Figure 2, for the application according to a kind of user authen method shown in an exemplary embodiment
Embodiment flow chart, this embodiment is applied on wireless router, comprises the following steps:
Step S201: receive described first mobile device by what NFC function sent and carry described first shifting
First certification request of the identification information of dynamic equipment.
First mobile device before accessing to a network, needs the certification by wireless router.In order to wireless
Being authenticated on router, the first mobile device can send the first certification by NFC function to wireless router
Request.Under normal circumstances, when utilize NFC function carry out information mutual time, the distance between two equipment is not
Can exceed that predeterminable range (such as 0.1 meter).Therefore, wireless router and the first mobile device need preset away from
In the range of from, just can receive the mark carrying described first mobile device that described first mobile device sends
First certification request of knowledge information, the i.e. first mobile device contacts without circuit within closely (in such as 0.1 meter)
By device.
It should be noted that the first mobile device needs, at extremely short distance contact wireless router, just can enter
The verification process that row is follow-up, and the mobile device not used indoor extraneous stranger, both made have NFC
Function, but the most do not possess the probability at extremely short distance contact wireless router, thus avoid extraneous footpath between fields
Stranger carries out follow-up verification process.
Step S202: utilize described identification information to generate online code, and by described online code and described mark letter
Breath adds in data base, and by NFC function, described online code and described SSID is sent to described the
One mobile device, so that the first connection request being added with described online code is sent by described first mobile device
To the wireless router that described SSID is corresponding.
In the optional mode of one, before performing step S202, carry when wireless router receives
When first certification of the identification information of described first mobile device is asked, it is also possible to by NFC function to described
First mobile device sends and selects information, and described selection information includes the machine online and moves for other
Dynamic equipment generates introduces code;After described selection information is selected by described first mobile device,
Information is sent to select result by NFC function to described wireless router preparation;If described wireless router
The information received selects result to be the machine online, then perform the process of step S202.
Wherein, when the first mobile device receives selection information, the user of the first mobile device is to institute
State selection information to select, when the first mobile device receives the selection result command of user, really
Determine information and select result, and described information selection result is sent to without circuit by NFC function
By device.
Wherein, for the process utilizing described identification information to generate online code, based on described identification information, nothing
Line router generates online code by preset algorithm, and described preset algorithm can be random factor generating algorithm,
Described identification information+random factor is combined as code of surfing the Net.Due to identification information be each mobile device only
One mark, generates online code hence with identification information and can ensure that the most repeated of online code.Due at random
The factor is randomly generated, and does not has certain regularity, even if not knowing indoor extraneous stranger
Identification information, also cannot crack random factor.
Wherein, described online code is the first mobile device and logs in the password of wireless router.Therefore, each
By the first mobile device of wireless router certification, dynamic password can be obtained, save manually arrange wireless
The password of router loaded down with trivial details, and the password complexity no matter generated is whether, all need not user and goes memory.
Wherein, by the online code of generation and identification information are added in data base, as long as follow-up first moves
Dynamic equipment is in the range of signal of the wireless router that can receive, it is possible to by searching data base, it is allowed to
It is by the certification of wireless router, access network.
It addition, the first mobile device is after receiving described online code and described SSID, online code can be added
In the first connection request.The addition manner of described online code can manually add, it is also possible to is automatically to add.
First mobile device is after receiving described online code, owing to being no longer necessary to by NFC function and nothing
Line router communicates, it is possible to leave wireless router, as long as at described wireless router signal model
In enclosing, described first mobile device can send the first connection by WIFI function to described wireless router please
Ask.Owing to the first mobile device has learned that the SSID of wireless router, therefore, the first mobile device is permissible
By WIFI function, the first connection request is sent to wireless router corresponding to this SSID.
Step S203: when receiving the first connection request from described first mobile device, inquiry is described
Whether data base exists the online code carried in described first connection request.
When wireless router receives the first connection request from described first mobile device, obtain described
The online code that first connection request carries, and utilize the online code that gets to inquire about in described data base whether to deposit
At described online code.If it is not, then perform step S204;The most then perform step S205.
Step S204: determine that described first mobile device certification is not passed through, do not allow access network.
Step S205: determine that described first mobile device certification is passed through, it is allowed to access network.
Owing to the first mobile device certification is passed through, therefore, as long as follow-up first mobile device can search institute
State the signal of wireless router, it is possible to by described wireless router access network.
It should be noted that the application can also solve the second mobile device (if not having the shifting of NFC function
Dynamic equipment, or there is NFC function but the mobile device that do not uses NFC function to be authenticated), by nothing
The problem of line router certification, implementing is the first mobile device introduction networking by having NFC function,
Described first mobile device is by the certification of this wireless router.
Therefore, determining that described first mobile device certification is passed through afterwards, wireless router moves second and sets
Standby verification process, as it is shown on figure 3, comprise the following steps:
Step S301: receive described first mobile device by what NFC function sent and carry described first shifting
Second certification request of the identification information of dynamic equipment;
For the verification process of the second mobile device, the first mobile device passes through NFC function to wireless router
Send the second certification request.And, the distance between wireless router and the first mobile device still can not surpass
Crossing predeterminable range, just can receive that described first mobile device sends carries described first mobile device
Second certification request of identification information.Therefore the wireless router verification process to the second mobile device, equally
Can effectively reduce and not carry out follow-up verification process indoor extraneous stranger.
Step S302: utilize described identification information to generate and introduce code, and by NFC function by described introduction code
Be sent to described first mobile device with described SSID so that described first mobile device by described introduction code with
Described SSID is sent to the second mobile device, and makes described second mobile device will be added with described introduction code
Second connection request is sent to the wireless router that described SSID is corresponding;
In the optional mode of one, before performing step S302, carry when wireless router receives
When having the second certification request of identification information of described first mobile device, it is also possible to by NFC function to institute
State the first mobile device and send selection information, in described first mobile device to described selection information
After selecting, information is sent to select result by NFC function to described wireless router preparation;If
Described information selects result to be to generate for other mobile devices to introduce code, then perform the process of step S302.
Wherein, when the first mobile device receives selection information, the user of the first mobile device is to institute
State selection information to select, when the first mobile device receives the selection result command of user, really
Determine information and select result, and described information selection result is sent to without circuit by NFC function
By device.
Wherein, the process of code is introduced for utilizing identification information to generate, an optional implementation
In, based on described identification information, wireless router is generated by preset algorithm and introduces code, described pre-imputation
Method can also be random factor generating algorithm, is combined as described identification information+random factor introducing
Code.It addition, the first mobile device can be by various modes (such as QQ, wechat etc.), by described
Introducing code and be sent to the second mobile device with SSID, the second mobile device, will according to the SSID received
Described introduction code adds in the second connection request, and by WIFI function to nothing corresponding for described SSID
Line router sends the second connection request.The addition manner of described introduction code can manually add, it is also possible to
It is automatically to add.
In order to distinguish online code and introduce code, in an optional implementation, can be by asking in connection
Carry different labellings in asking to make a distinction, carry labelling 1 as in the first connection request, for representing first even
Connecing in request is online code, carries labelling 2 in the second connection request, is to be situated between for representing in the second connection request
Continue code.In another optional implementation, can generate online code time, use the first numerical value with
Machine factor figure place;When code is introduced in generation, use the random factor figure place of second value.Thus, when wireless
When router receives the connection request that mobile device sends, can distinguish that connection request carries is to introduce
Code is still surfed the Net code, then carries out follow-up verification process.
Wherein, described introduction code is the second mobile device and logs in the password of wireless router.Therefore, each
By the second mobile device of wireless router certification, dynamic password can be obtained, save manually arrange wireless
The password of router loaded down with trivial details, and the password complexity no matter generated is whether, all need not user and goes memory.
In another optional implementation, carry when wireless router gets described second certification request
Identification information time, utilize the identification information that gets to search the identification information preserved in data base, if not
Find described identification information, it is determined that described first mobile device not by the certification of wireless router, this
Time, wireless router can send information to described first mobile device, and described information can be
This mobile device does not generate the authority introducing code for other mobile devices.This way it is possible to avoid move first
Dynamic equipment is not by the case of wireless router certification, and the first mobile device is to selecting information to carry out
During selection, falsely drop become other mobile devices generate introduce code.
Step S303: the introduction code utilizing described second connection request to carry determines that described second mobile device is
Deny that card passes through.
In an optional implementation, as described in step S302, when wireless router utilizes described
The identification information of one mobile device generates after introducing code, can add described introduction code in data base.
Therefore, when wireless router receives the second connection request that the second mobile device sends, institute is obtained
State the introduction code that the second connection request carries, then utilize the introduction code got to search described data base, when
When finding described introduction code, it is determined that described second mobile device certification is passed through;Otherwise, it determines described
Two mobile device certifications are not passed through.
It should be noted that the indefinite use of introduction code if the second mobile device generation is gone down, have
Some extraneous strangers may be made to know, cause potential safety hazard.Therefore can allow introduce code can be regularly
Dynamically adjust.Such as, wireless router introduces code to time in data base in preservation, can be described Jie
The code that continues arranges ageing timer (such as, the ageing time of ageing timer can be a week or January),
Before described ageing timer time-out, if receiving the second connection request carrying described introduction code, the most more
The ageing time of new described ageing timer;And when described ageing timer time-out, from described data base
Delete described introduction code.So, when the second mobile device is again by wireless router access network, wireless
Its certification is not passed through by router, then is sent out to wireless router by first mobile device with NFC function
Send the second certification request, introduce and network.It is achieved thereby that introduce the dynamic adjustment of code.
Further, wireless router can also be real by this mode preserving online code to time in data base
The now dynamic adjustment of online code.Such as: the indefinite use of online code generated if the first mobile device
Go down, it is possible to some extraneous strangers can be made to know, cause potential safety hazard.Therefore online code can also be allowed
Can the most dynamically adjust.Such as, when wireless router is in preservation online code to data base, can
Think described online code arrange ageing timer (such as, the ageing time of ageing timer can be one week or
January), before described ageing timer time-out, if receiving the first connection carrying described online code
Request, then update the ageing time of described ageing timer;And when described ageing timer time-out, from institute
State and data base deletes described online code.So, when the first mobile device is again by wireless router access network
During network, its certification is not passed through by wireless router, and the first mobile device needs again by wireless router
The first certification request that sends is authenticated.Thus realize the dynamic adjustment of online code.
In another optional implementation, as described in step S302, when wireless router utilizes described
The identification information of the first mobile device generates after introducing code, can not preserve described introduction code in data base.
When wireless router receives the second connection request that the second mobile device sends, obtain described second
The introduction code that connection request carries, and by the introduction code being analyzed and acquired by, move with acquisition for described second
Equipment generates the identification information of the first mobile device of described introduction code;Searching according to the identification information obtained
Described data base, when finding described identification information, it is determined that described second mobile device certification is passed through;
Otherwise, it determines described second mobile device certification is not passed through.
Wherein, for the mark obtaining the first mobile device generating described introduction code for described second mobile device
The process of knowledge information, when the introduction code got is resolved by wireless router, can be according to step S302
Middle generation is introduced the mode of code and is carried out reverse resolution.As step S302 generates the mode introducing code, it is assumed that will
The random factor of+one 5 figure place of identification information of the first mobile device, as when introducing code, can will introduce code
In the random factor of 5 figure places peel off, to obtain the identification information of described first mobile device.Such as,
Introducing code is A1E5F4C990990, and random factor is introduce code latter five, can obtain after resolving
Being 90990 to random factor, the identification information of the first mobile device is A1E5F4C9.
This implementation, does not preserves introducing code, will not take the internal memory of wireless router, Ke Yiti
Rise the process performance of wireless router.
Described in above-described embodiment, the first mobile device sends first by NFC function to wireless router and recognizes
Card request, the identification information that described wireless router utilizes described first certification request to carry generates online code,
Add this online code and identification information in data base, and by NFC function, this online code is sent out with SSID
Giving the first mobile device, described first mobile device adds the online code received to first connection request
In, and it is sent to wireless router corresponding to described SSID, so that described wireless router utilizes described first
The online code that connection request carries searches data base, if finding described online code, it is determined that described first moves
Dynamic device authentication passes through.It addition, determining that described first mobile device certification is passed through afterwards, wireless router
Can also be that code is introduced in the second mobile device generation without NFC function by described first mobile device,
And the second mobile device is authenticated.Therefore the first mobile device needs closely to contact nothing (such as 0.1 meter)
Line router, could obtain online code or introduce code.And external world stranger i.e. enables and receives wireless router
Signal, owing to wireless router is generally positioned in user family, the mobile device that extraneous stranger uses without
Method close contact wireless router, therefore cannot obtain online code or introduce code.And, first moves and sets
The standby online code obtained or to introduce code be that wireless router dynamically generates, extraneous stranger cannot use and crack
Software cracks online code or introduces code.Based on this, extraneous stranger can be avoided to be accessed by wireless router
Network, effectively protects the information security of the user surfed the Net by wireless router, to solve potential safety hazard
Problem.
Corresponding with the embodiment of aforementioned user authen method, present invention also provides the reality of user authentication device
Execute example.
The embodiment of the application user authentication device can be applied on wireless router.Device embodiment is permissible
Realized by software, it is also possible to realize by the way of hardware or software and hardware combining.As a example by implemented in software,
As the device on a logical meaning, it is that the processor by its place equipment is by nonvolatile memory
Corresponding computer program instructions reads and runs formation in internal memory.For hardware view, such as Fig. 4 institute
Showing, the application is according to a kind of hardware of a kind of user authentication device place equipment shown in an exemplary embodiment
Structure chart, in addition to the processor shown in Fig. 4, internal memory, network interface and nonvolatile memory,
In embodiment, the equipment at device place is generally according to the actual functional capability of this equipment, it is also possible to include other hardware,
This is repeated no more.
Shown in Figure 5, for the application according to a kind of user authentication device shown in an exemplary embodiment
Embodiment block diagram, described device is applied on wireless router, and described device includes: the first reception unit 510,
Online code obtains unit 520, query unit 530, first determines unit 540.
Wherein, first receives unit 510, for receiving the first mobile device by near-field communication NFC function
First certification request of the identification information carrying described first mobile device sent;
Online code obtains unit 520, is used for utilizing described identification information to generate online code, and by described online
Code and described identification information add in data base, and pass through NFC function by described online code with described
SSID is sent to described first mobile device, so that described first mobile device will be added with described online code
First connection request is sent to the wireless router that described SSID is corresponding;
Query unit 530, for when receiving the first connection request from described first mobile device, looks into
Ask and whether described data base exists the online code carried in described first connection request;
First determines unit 540, for when judged result is for being, determines that described first mobile device certification is led to
Cross, it is allowed to access network.
In an optional implementation, described device also includes (not shown in Fig. 5):
Second receives unit, for determining that unit determines that described first mobile device certification is by afterwards first
Receive the mark letter carrying described first mobile device that described first mobile device is sent by NFC function
Second certification request of breath;
Introduce code and obtain unit, be used for utilizing described identification information to generate and introduce code, and will by NFC function
Described introduction code and described SSID are sent to described first mobile device, so that described first mobile device is by institute
Give an account of the code that continues and be sent to the second mobile device with described SSID, and make described second mobile device by interpolation
The second connection request giving an account of the code that continues is sent to wireless router corresponding to described SSID;
Acquiring unit, for when receiving the second connection request from described second mobile device, obtains
The introduction code that described second connection request carries;
Second determines unit, for utilizing the introduction code that gets to determine the whether certification of described second mobile device
Pass through.
In another optional implementation, described device also includes (not shown in Fig. 5):
Select Tip element, for when receiving described first certification request, by NFC function to described
First mobile device sends and selects information, and described selection information includes the machine online and moves for other
Dynamic equipment generates introduces code;Receive the information selection that described first mobile device is sent by NFC function
Result;If described information selects result to be the machine online, then perform to utilize described identification information to generate
Net code, and described online code and described identification information are added in data base, and by NFC function by institute
State online code and described SSID and be sent to the process of described first mobile device;When receiving described second certification
During request, send selection information by NFC function to described first mobile device;Receive described first
The information that mobile device is sent by NFC function selects result;If described information selection result is
Generate for other mobile devices and introduce code, then perform to utilize described identification information to generate and introduce code, and pass through NFC
Described introduction code and described SSID are sent to described first mobile device by function, so that described first moves and set
The standby process that described introduction code and described SSID are sent to the second mobile device.
In another optional implementation, described device also includes (not shown in Fig. 5):
Adding device, for, after introducing code acquisition unit and utilizing the generation of described identification information to introduce code, adding
Add described introduction code in described data base;Described second determines unit, specifically for utilizing described introduction code
Search described data base, when finding described introduction code, it is determined that described second mobile device certification is passed through;
Otherwise, it determines described second mobile device certification is not passed through;Or,
Described second determines unit, specifically for resolving described introduction code, moves with acquisition for described second and sets
The identification information of standby the first mobile device generating described introduction code;Search described according to the identification information obtained
Data base, when finding described identification information, it is determined that described second mobile device certification is passed through;Otherwise,
Determine that described second mobile device certification is not passed through.
In another optional implementation, described device also includes (not shown in Fig. 5):
Unit is set, for after the adding device described introduction code of interpolation to described data base, at described number
According in storehouse, ageing timer is set for described introduction code;
Updating block, for before described ageing timer time-out, carries described introduction code if received
The second connection request, then update the ageing time of described ageing timer;
Delete unit, for when described ageing timer time-out, from described data base, delete described introduction
Code.
In said apparatus, the function of unit and the process that realizes of effect specifically refer to corresponding step in said method
Rapid realizes process, does not repeats them here.
For device embodiment, owing to it corresponds essentially to embodiment of the method, so relevant part sees
The part of embodiment of the method illustrates.Device embodiment described above is only schematically, wherein
The described unit illustrated as separating component can be or may not be physically separate, as unit
The parts of display can be or may not be physical location, i.e. may be located at a place, or also may be used
To be distributed on multiple NE.Some or all of module therein can be selected according to the actual needs
Realize the purpose of the application scheme.Those of ordinary skill in the art in the case of not paying creative work,
I.e. it is appreciated that and implements.
Described in above-described embodiment, the first mobile device sends first by NFC function to wireless router and recognizes
Card request, the identification information that described wireless router utilizes described first certification request to carry generates online code,
Add this online code and identification information in data base, and by NFC function, this online code is sent out with SSID
Giving the first mobile device, described first mobile device adds the online code received to first connection request
In, and it is sent to wireless router corresponding to described SSID, so that described wireless router utilizes described first
The online code that connection request carries searches data base, if finding described online code, it is determined that described first moves
Dynamic device authentication passes through.It addition, determining that described first mobile device certification is passed through afterwards, wireless router
Can also be that code is introduced in the second mobile device generation without NFC function by described first mobile device,
And the second mobile device is authenticated.Therefore the first mobile device needs closely to contact nothing (such as 0.1 meter)
Line router, could obtain online code or introduce code.And external world stranger i.e. enables and receives wireless router
Signal, owing to wireless router is generally positioned in user family, the mobile device that extraneous stranger uses without
Method close contact wireless router, therefore cannot obtain online code or introduce code.And, first moves and sets
The standby online code obtained or to introduce code be that wireless router dynamically generates, extraneous stranger cannot use and crack
Software cracks online code or introduces code.Based on this, extraneous stranger can be avoided to be accessed by wireless router
Network, effectively protects the information security of the user surfed the Net by wireless router, to solve potential safety hazard
Problem.
The foregoing is only the preferred embodiment of the application, not in order to limit the application, all in this Shen
Within spirit please and principle, any modification, equivalent substitution and improvement etc. done, should be included in this Shen
Within the scope of please protecting.
Claims (10)
1. a user authen method, described method is applied on wireless router, described wireless router
Be provided with service set SSID in advance, it is characterised in that described method includes:
Receive the first mobile device and carry described first mobile device by what near-field communication NFC function sent
Identification information first certification request;
Utilize described identification information to generate online code, and add described online code and described identification information to number
According in storehouse, and by NFC function, described online code and described SSID it is sent to described first and moves and set
It is standby, so that the first connection request being added with described online code is sent to described by described first mobile device
The wireless router that SSID is corresponding;
When receiving the first connection request from described first mobile device, inquire about in described data base and be
No there is the online code carried in described first connection request;
If it is, determine that described first mobile device certification is passed through, it is allowed to access network.
Method the most according to claim 1, it is characterised in that described determine described first mobile device
Certification, by afterwards, also includes:
Receive the mark carrying described first mobile device that described first mobile device is sent by NFC function
Second certification request of knowledge information;
Utilize described identification information to generate and introduce code, and pass through NFC function by described introduction code with described
SSID is sent to described first mobile device so that described first mobile device by described introduction code with described
SSID is sent to the second mobile device, and makes described second mobile device will be added with the second of described introduction code
Connection request is sent to the wireless router that described SSID is corresponding;
When receiving the second connection request from described second mobile device, obtaining described second connection please
Seek the introduction code carried;
The introduction code got is utilized to determine described second mobile device whether pass through by certification.
Method the most according to claim 2, it is characterised in that described method, also includes:
When receiving described first certification request, send choosing by NFC function to described first mobile device
Selecting information, described selection information includes the machine online and introduces code for the generation of other mobile devices;
Receive the information selection result that described first mobile device is sent by NFC function;If described prompting letter
Breath selects result to be the machine online, then perform to utilize described identification information to generate online code, and by described online
Code and described identification information add in data base, and pass through NFC function by described online code with described
SSID is sent to the process of described first mobile device;
When receiving described second certification request, send choosing by NFC function to described first mobile device
Select information;Receive the information selection result that described first mobile device is sent by NFC function;
If described information selects result to be to generate for other mobile devices to introduce code, then perform to utilize described mark
Information generates introduces code, and by NFC function, with described SSID, described introduction code is sent to described first
Mobile device, moves set so that described introduction code and described SSID is sent to second by described first mobile device
Standby process.
Method the most according to claim 2, it is characterised in that
Described utilize described identification information generate introduce code after, also include: add described introduction code to described
In data base;The introduction code that described utilization gets determines described second mobile device whether pass through by certification, bag
Include: utilize described introduction code to search described data base, when finding described introduction code, it is determined that described the
Two mobile device certifications are passed through;Otherwise, it determines described second mobile device certification is not passed through;Or,
The introduction code that described utilization gets determines described second mobile device whether pass through by certification, including: solve
Analyse described introduction code, with obtain the first mobile device for the described second mobile device described introduction code of generation
Identification information;Described data base is searched according to the identification information obtained, when finding described identification information,
Then determine that described second mobile device certification is passed through;Otherwise, it determines described second mobile device certification is not passed through.
Method the most according to claim 4, it is characterised in that described interpolation described introduction code is to described
After data base, also include:
In the database ageing timer is set for described introduction code;
Before described ageing timer time-out, if receive carry described introduction code second connection please
Ask, then update the ageing time of described ageing timer;
When described ageing timer time-out, from described data base, delete described introduction code.
6. a user authentication device, described device is applied on wireless router, it is characterised in that institute
State device to include:
First receives unit, for receiving the first mobile device by carrying that near-field communication NFC function sends
There is the first certification request of the identification information of described first mobile device;
Online code obtains unit, is used for utilizing described identification information to generate online code, and by described online code with
Described identification information adds in data base, and is sent out with described SSID by described online code by NFC function
Deliver to described first mobile device, so that described first mobile device connects be added with described online code first
The request of connecing is sent to wireless router corresponding to described SSID;
Query unit, for when receiving the first connection request from described first mobile device, inquires about
Whether described data base exists the online code carried in described first connection request;
First determines unit, for when judged result is for being, determines that described first mobile device certification is led to
Cross, it is allowed to access network.
Device the most according to claim 6, it is characterised in that described device also includes:
Second receives unit, for determining that unit determines that described first mobile device certification is passed through afterwards first,
Receive the mark letter carrying described first mobile device that described first mobile device is sent by NFC function
Second certification request of breath;
Introduce code and obtain unit, be used for utilizing described identification information to generate and introduce code, and will by NFC function
Described introduction code and described SSID are sent to described first mobile device, so that described first mobile device is by institute
Give an account of the code that continues and be sent to the second mobile device with described SSID, and make described second mobile device by interpolation
The second connection request giving an account of the code that continues is sent to wireless router corresponding to described SSID;
Acquiring unit, for when receiving the second connection request from described second mobile device, obtains
The introduction code that described second connection request carries;
Second determines unit, for utilizing the introduction code that gets to determine the whether certification of described second mobile device
Pass through.
Device the most according to claim 7, it is characterised in that described device also includes:
Select Tip element, for when receiving described first certification request, by NFC function to described
First mobile device sends and selects information, and described selection information includes the machine online and moves for other
Dynamic equipment generates introduces code;Receive the information selection that described first mobile device is sent by NFC function
Result;If described information selects result to be the machine online, then perform to utilize described identification information to generate
Net code, and described online code and described identification information are added in data base, and by NFC function by institute
State online code and described SSID and be sent to the process of described first mobile device;When receiving described second certification
During request, send selection information by NFC function to described first mobile device;Receive described first
The information that mobile device is sent by NFC function selects result;If described information selection result is
Generate for other mobile devices and introduce code, then perform to utilize described identification information to generate and introduce code, and pass through NFC
Described introduction code and described SSID are sent to described first mobile device by function, so that described first moves and set
The standby process that described introduction code and described SSID are sent to the second mobile device.
Device the most according to claim 7, it is characterised in that described device also includes:
Adding device, for, after introducing code acquisition unit and utilizing the generation of described identification information to introduce code, adding
Add described introduction code in described data base;Described second determines unit, specifically for utilizing described introduction code
Search described data base, when finding described introduction code, it is determined that described second mobile device certification is passed through;
Otherwise, it determines described second mobile device certification is not passed through;Or,
Described second determines unit, specifically for resolving described introduction code, moves with acquisition for described second and sets
The identification information of standby the first mobile device generating described introduction code;Search described according to the identification information obtained
Data base, when finding described identification information, it is determined that described second mobile device certification is passed through;Otherwise,
Determine that described second mobile device certification is not passed through.
Device the most according to claim 9, it is characterised in that described device also includes:
Unit is set, for after the adding device described introduction code of interpolation to described data base, at described number
According in storehouse, ageing timer is set for described introduction code;
Updating block, for before described ageing timer time-out, carries described introduction code if received
The second connection request, then update the ageing time of described ageing timer;
Delete unit, for when described ageing timer time-out, from described data base, delete described introduction
Code.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610039936.4A CN105939516A (en) | 2016-01-20 | 2016-01-20 | User authentication method and device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610039936.4A CN105939516A (en) | 2016-01-20 | 2016-01-20 | User authentication method and device |
Publications (1)
Publication Number | Publication Date |
---|---|
CN105939516A true CN105939516A (en) | 2016-09-14 |
Family
ID=57152902
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610039936.4A Pending CN105939516A (en) | 2016-01-20 | 2016-01-20 | User authentication method and device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN105939516A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112003880A (en) * | 2020-10-27 | 2020-11-27 | 南京易安联网络技术有限公司 | Control method and system for efficient concurrent access based on network stealth |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103874164A (en) * | 2014-02-28 | 2014-06-18 | 齐文钊 | Method and system for connecting to WIFI (Wireless Fidelity) by NFC (Near Field Communication) and mobile terminal equipment |
CN104967994A (en) * | 2014-10-31 | 2015-10-07 | 腾讯科技(上海)有限公司 | Method and apparatus for accessing device into local area network |
CN105101191A (en) * | 2014-05-23 | 2015-11-25 | 宇龙计算机通信科技(深圳)有限公司 | Method and apparatus for WLAN security mechanism setup |
-
2016
- 2016-01-20 CN CN201610039936.4A patent/CN105939516A/en active Pending
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103874164A (en) * | 2014-02-28 | 2014-06-18 | 齐文钊 | Method and system for connecting to WIFI (Wireless Fidelity) by NFC (Near Field Communication) and mobile terminal equipment |
CN105101191A (en) * | 2014-05-23 | 2015-11-25 | 宇龙计算机通信科技(深圳)有限公司 | Method and apparatus for WLAN security mechanism setup |
CN104967994A (en) * | 2014-10-31 | 2015-10-07 | 腾讯科技(上海)有限公司 | Method and apparatus for accessing device into local area network |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112003880A (en) * | 2020-10-27 | 2020-11-27 | 南京易安联网络技术有限公司 | Control method and system for efficient concurrent access based on network stealth |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP6726426B2 (en) | Login-free method and device between terminals | |
US9749324B2 (en) | System, device and method for network authorization based on no password or random password | |
CN104349423B (en) | From the method, system and device of the WLAN (wireless local area network) that is dynamically connected | |
CN108632253B (en) | Client data security access method and device based on mobile terminal | |
US20150312265A1 (en) | Method for Verifying Sensitive Operations, Terminal Device, Server, and Verification System | |
CN104767713B (en) | Account binding method, server and system | |
CN104254073A (en) | Method and device for authentication of access terminal | |
CN103634109A (en) | Operation right authentication method and device | |
CN105933353A (en) | Method and system for realizing secure login | |
CN105430711B (en) | Transmission method, device and the equipment of information | |
JP2018509703A (en) | Method, apparatus and system for identity authentication | |
WO2018107593A1 (en) | Method and device for sharing file between different terminals | |
CN104363226A (en) | Method, device and system for logging in operating system | |
CN104539571B (en) | Information interacting method, identification authentication method, server and terminal | |
CN105992204A (en) | Access authentication method of applications of mobile intelligent terminal and device | |
WO2018076675A1 (en) | Network access method, routing device and terminal, and computer storage medium | |
CN105681258A (en) | Session method and session device based on third-party server | |
CN105306485A (en) | Network access authentication methods, authentication server and authentication system | |
CN109769249A (en) | A kind of authentication method, system and its apparatus | |
CN106453349A (en) | An account number login method and apparatus | |
US9967395B1 (en) | IOT-connected devices and equipment automated login system | |
CN103561063A (en) | Method and terminal for logging onto set top box | |
CN106295271A (en) | Account automatic logging method, device and related system | |
KR20160130457A (en) | Determination method and corresponding terminal, computer program product and storage medium | |
US20140157372A1 (en) | Image forming apparatus, wireless communication system, control method, and computer-readable medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
CB02 | Change of applicant information | ||
CB02 | Change of applicant information |
Address after: Binjiang District and Hangzhou city in Zhejiang Province Road 310051 No. 68 in the 6 storey building Applicant after: Hangzhou Dipu Polytron Technologies Inc Address before: Binjiang District and Hangzhou city in Zhejiang Province Road 310051 No. 68 in the 6 storey building Applicant before: Hangzhou Dipu Technology Co., Ltd. |
|
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20160914 |