CN111031545A - Wireless network access control method and device, relay equipment and electronic equipment - Google Patents

Wireless network access control method and device, relay equipment and electronic equipment Download PDF

Info

Publication number
CN111031545A
CN111031545A CN201911361996.8A CN201911361996A CN111031545A CN 111031545 A CN111031545 A CN 111031545A CN 201911361996 A CN201911361996 A CN 201911361996A CN 111031545 A CN111031545 A CN 111031545A
Authority
CN
China
Prior art keywords
network
access control
electronic device
equipment
relay
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201911361996.8A
Other languages
Chinese (zh)
Inventor
杨鑫
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangdong Oppo Mobile Telecommunications Corp Ltd
Original Assignee
Guangdong Oppo Mobile Telecommunications Corp Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guangdong Oppo Mobile Telecommunications Corp Ltd filed Critical Guangdong Oppo Mobile Telecommunications Corp Ltd
Priority to CN201911361996.8A priority Critical patent/CN111031545A/en
Publication of CN111031545A publication Critical patent/CN111031545A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W40/00Communication routing or communication path finding
    • H04W40/02Communication route or path selection, e.g. power-based or shortest path routing
    • H04W40/22Communication route or path selection, e.g. power-based or shortest path routing using selective relaying for reaching a BTS [Base Transceiver Station] or an access point
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W48/00Access restriction; Network selection; Access point selection
    • H04W48/02Access restriction performed under specific conditions
    • H04W48/04Access restriction performed under specific conditions based on user or terminal location or mobility data, e.g. moving direction, speed
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W48/00Access restriction; Network selection; Access point selection
    • H04W48/08Access restriction or access information delivery, e.g. discovery data delivery

Abstract

The embodiment of the application discloses a wireless network access control method and a wireless network access control device, which are applied to relay equipment, wherein the relay equipment is accessed to a 5G mobile communication technology network in a wireless mode, provides a first Wi-Fi network through a Wi-Fi communication module of a local terminal, and keeps communication connection with first electronic equipment through a cellular communication module of the local terminal; the method comprises the following steps: when detecting that the second electronic equipment requests to access the first Wi-Fi network, determining state information of the relay equipment; determining a first equipment access control strategy currently started by the relay equipment according to the state information; and performing network access control on the second electronic equipment according to the first equipment access control strategy. The embodiment of the application is beneficial to realizing the active network access information pushing of the relay equipment, timely reminding of strange equipment to access the network and equipment network access control, and improving the safety and efficiency of wireless network access control.

Description

Wireless network access control method and device, relay equipment and electronic equipment
Technical Field
The present application relates to the field of wireless network communication technologies, and in particular, to a wireless network access control method and apparatus, a relay device, and an electronic device.
Background
With the development of wireless network communication technology, a large number of users can access a wireless network through electronic equipment at any time and any place to acquire massive information. The mode of accessing the electronic device to the wireless network mainly comprises: one is that the electronic device accesses a mobile communication technology network provided by a mobile communication operator, such as the 4th generation mobile communication technology (4G); the other is that the electronic device accesses a network access device with Wireless Fidelity (Wi-Fi) technology, such as a Wireless router.
Currently, a network access device manages network access permission of an electronic device by using a password login mode. When a large number of electronic devices installed with password cracking software crack Service Set Identifiers (SSIDs) and login passwords of network access devices, a large number of unauthorized electronic devices accessing the network access devices will cause a series of problems such as network speed slowing and network security risks.
Disclosure of Invention
The embodiment of the application provides a wireless network access control method and device, relay equipment and electronic equipment, and aims to improve the security and efficiency of wireless network access control.
In a first aspect, an embodiment of the present application provides a wireless network access control method, which is applied to a relay device, where the relay device accesses a 5G mobile communication technology network in a wireless manner, the relay device provides a first Wi-Fi network through a Wi-Fi communication module of a home terminal, and the relay device maintains a communication connection with a first electronic device through a cellular communication module of the home terminal; the method comprises the following steps:
when detecting that a second electronic device requests to access the first Wi-Fi network, determining state information of the relay device;
determining a first device access control strategy currently enabled by the relay device according to the state information, wherein the first device access control strategy is a strategy in a preset strategy set, and the first device access control strategy is to interactively confirm whether the second electronic device is allowed to access with the first electronic device through the cellular communication module;
and performing network access control on the second electronic equipment according to the first equipment access control strategy.
In a second aspect, an embodiment of the present application provides a wireless network access control method, which is applied to a first electronic device, where a relay device establishes a communication connection with the first electronic device through a cellular communication module of a home terminal, the relay device accesses a 5G mobile communication technology network in a wireless manner, and the relay device provides a first Wi-Fi network through a Wi-Fi communication module of the home terminal; the method comprises the following steps:
receiving a network access request message from the relay device, the network access request being generated by the relay device by: when detecting that a second electronic device requests to access the first Wi-Fi network, determining that the relay device works for a first time period; sending a policy query request carrying the first time period to a policy server, where the policy query request is used for the policy server to determine the first device access control policy according to the first time period, and sending the first device access control policy to the relay device; receiving the first device access control policy from the policy server; or, the first time period is used as a query identifier, and the first equipment access control strategy is queried from the local terminal; acquiring identity information of the second electronic equipment according to the first equipment access control strategy; sending a network access request message carrying identity information of the second electronic device to the first electronic device through the cellular communication module of the local terminal, wherein the network access request is used for the first electronic device to determine whether the second electronic device is allowed to access the first Wi-Fi network;
sending a network access response message to the relay device, wherein the network access response is used for the relay device to perform the following operations: performing network access control on the second electronic device according to the network access response, wherein the network access control includes at least one of the following: allowing the second electronic device to access the first Wi-Fi network, denying the second electronic device access the first Wi-Fi network, and limiting a network speed of the second electronic device at the first Wi-Fi network.
In a third aspect, an embodiment of the present application provides a wireless network access control apparatus, which is applied to a relay device, where the relay device accesses a 5G mobile communication technology network in a wireless manner, the relay device provides a first Wi-Fi network through a Wi-Fi communication module of a home terminal, and the relay device maintains a communication connection with a first electronic device through a cellular communication module of the home terminal; the device comprises:
the processing unit is used for determining the state information of the relay equipment when detecting that a second electronic device requests to access the first Wi-Fi network; the device access control module is configured to determine, according to the status information, a first device access control policy currently enabled by the relay device, where the first device access control policy is a policy in a preset policy set, and the first device access control policy is to interactively confirm, through the cellular communication module, whether to allow the second electronic device to access the first electronic device; and performing network access control on the second electronic equipment according to the first equipment access control strategy.
In a fourth aspect, an embodiment of the present application provides a wireless network access control apparatus, which is applied to a first electronic device, a relay device establishes a communication connection with the first electronic device through a cellular communication module of a home terminal, the relay device accesses a 5G mobile communication technology network in a wireless manner, and the relay device provides a first Wi-Fi network through a Wi-Fi communication module of the home terminal; the apparatus comprises a processing unit and a communication unit, wherein,
the processing unit is configured to receive, by the communication unit, a network access request message from the relay device, where the network access request is generated by the relay device by: when detecting that a second electronic device requests to access the first Wi-Fi network, determining that the relay device works for a first time period; sending a policy query request carrying the first time period to a policy server, where the policy query request is used for the policy server to determine the first device access control policy according to the first time period, and sending the first device access control policy to the relay device; receiving the first device access control policy from the policy server; or, the first time period is used as a query identifier, and the first equipment access control strategy is queried from the local terminal; acquiring identity information of the second electronic equipment according to the first equipment access control strategy; sending a network access request message carrying identity information of the second electronic device to the first electronic device through the cellular communication module of the local terminal, wherein the network access request is used for the first electronic device to determine whether the second electronic device is allowed to access the first Wi-Fi network; and a network access response message for sending to the relay device, by the communication unit, the network access response for the relay device to: performing network access control on the second electronic device according to the network access response, wherein the network access control includes at least one of the following: allowing the second electronic device to access the first Wi-Fi network, denying the second electronic device access the first Wi-Fi network, and limiting a network speed of the second electronic device at the first Wi-Fi network.
In a fifth aspect, an embodiment of the present application provides a relay device, including a processor, a memory, a communication interface, and one or more programs, stored in the memory and configured to be executed by the processor, the programs including instructions for performing the steps in the first aspect of the embodiment of the present application.
In a sixth aspect, embodiments of the present application provide an electronic device, including a processor, a memory, a communication interface, and one or more programs, stored in the memory and configured to be executed by the processor, the programs including instructions for performing the steps of the second aspect of embodiments of the present application.
In a seventh aspect, an embodiment of the present application provides a computer-readable storage medium, where the computer-readable storage medium stores a computer program for electronic data exchange, and the computer program is executed by a processor to implement part or all of the steps described in any one of the methods of the first aspect and the second aspect of the embodiment of the present application.
In an eighth aspect, embodiments of the present application provide a computer program product, where the computer program product includes a non-transitory computer-readable storage medium storing a computer program, where the computer program is operable to cause a computer to perform some or all of the steps as described in any of the methods of the first and second aspects of the embodiments of the present application. The computer program product may be a software installation package.
It can be seen that, according to the wireless network access control method and apparatus described in the embodiments of the present application, when the relay device detects an access request of the second electronic device, the relay device determines, according to the state information of the relay device, a first device access control policy that interactively confirms whether the second electronic device is allowed to access or not with the first electronic device, and performs network access control on the second electronic device according to the first device access control policy, so as to actively push network access information of the relay device, timely remind a strange device of accessing a network and device network access control, and improve security and efficiency of wireless network access control.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below. It is obvious that the drawings described below are only some embodiments of the application, and that for a person skilled in the art, other drawings can be derived from them without inventive effort.
Fig. 1 is an exemplary architecture diagram of a wireless network access control method provided in an embodiment of the present application;
fig. 2 is a schematic structural diagram of a relay device according to an embodiment of the present application;
fig. 3 is a schematic diagram illustrating a first relay device establishing a first communication connection with a first electronic device according to an embodiment of the present application;
fig. 4 is a schematic diagram illustrating a second relay device establishing a first communication connection with a first electronic device according to an embodiment of the present application;
fig. 5 is a schematic diagram of a relay device provided in an embodiment of the present application maintaining a communication connection with a first electronic device;
fig. 6 is a flowchart illustrating a method for controlling access to a wireless network according to an embodiment of the present application;
fig. 7 is a flowchart illustrating another method for controlling access to a wireless network according to an embodiment of the present application;
fig. 8 is a schematic diagram of a second electronic device requesting to access a relay device according to an embodiment of the present application;
FIG. 9 is a schematic diagram illustrating a preset policy set according to an embodiment of the present disclosure;
fig. 10 is a schematic diagram illustrating network access control performed on a second electronic device according to an embodiment of the present application;
fig. 11 is a schematic diagram of another network access control performed on a second electronic device according to an embodiment of the present application;
fig. 12 is a flowchart illustrating another method for controlling access to a wireless network according to an embodiment of the present application;
fig. 13 is a schematic structural diagram of another relay device provided in an embodiment of the present application;
fig. 14 is a block diagram illustrating functional units of a wireless network access control device according to an embodiment of the present disclosure;
fig. 15 is a block diagram illustrating functional units of a radio network access control apparatus according to an embodiment of the present application.
Detailed Description
In order to make the technical solutions of the present application better understood, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
The terms "first," "second," and the like in the description and claims of the present application and in the above-described drawings are used for distinguishing between different objects and not for describing a particular order. Furthermore, the terms "include" and "have," as well as any variations thereof, are intended to cover non-exclusive inclusions. For example, a process, method, software, product or apparatus that comprises a list of steps or elements is not limited to those listed but may alternatively include other steps or elements not listed or inherent to such process, method, product or apparatus.
Reference herein to "an embodiment" means that a particular feature, structure, or characteristic described in connection with the embodiment can be included in at least one embodiment of the application. The appearances of the phrase in various places in the specification are not necessarily all referring to the same embodiment, nor are separate or alternative embodiments mutually exclusive of other embodiments. It is explicitly and implicitly understood by one skilled in the art that the embodiments described herein can be combined with other embodiments. The embodiments of the present application will be described in detail below with reference to the accompanying drawings.
Referring to fig. 1, fig. 1 is a schematic diagram illustrating an exemplary architecture of a method for controlling access to a wireless network according to an embodiment of the present disclosure. The relay device 110 accesses the 5G mobile communication technology network 140 in a wireless manner, the relay device 110 provides a first Wi-Fi network through a Wi-Fi communication module of the home terminal, and the relay device 110 maintains a communication connection with the first electronic device 120 through a cellular communication module of the home terminal. The second electronic device 130 transmits a network access request or transmits and receives network data and the like to the relay device 110 through the first Wi-Fi network.
Specifically, the relay device 110 may be a Customer Premises Equipment (CPE) that may access a 5G or 6G millimeter wave frequency band. The CPE may wirelessly access the 5G mobile communication technology network to perform access and transmission of various network data services, provide a first Wi-Fi network through a Wi-Fi communication module of the local terminal, and maintain a communication connection with the first electronic device 120 through a cellular communication module of the local terminal. In addition, the CPE may have a Subscriber Identity Module (SIM) card, a voice transmission function, a remote application management function, and the like. When the CPE detects that the second electronic device 130 requests to access the first Wi-Fi network, the CPE pushes a network access request message to the first electronic device 120 in a short message form through the SIM card, or pushes a text message, a voice message, a picture message, and the like to application software corresponding to the relay device in the first electronic device in a short message form through a cellular communication module of the CPE.
The structure of the relay device 110 is described in detail below, please refer to fig. 2. Fig. 2 is a schematic structural diagram of a relay device according to an embodiment of the present application. Relay device 110 may include a processor 210, a cellular communication module 220, a Wi-Fi communication module 230, power management 240, memory 250, and a SIM module 260, and may also include other desired modules, not specifically limited herein. The processor 210 is connected to and controls the cellular communication module 220, the Wi-Fi communication module 230, the power management 240, the memory 250, and the SIM module 260 in the form of corresponding buses.
Specifically, processor 210 is a control center of relay device 110, and is connected to each part of relay device 110 through various interfaces and lines. In addition, processor 210 invokes stored data in memory by running or executing software programs and/or modules in memory 250 to perform various functions of relay device 110 and to process data and monitor the overall operation of relay device 110. Optionally, the processor 210 may include a Central Processing Unit (CPU) or a Network Processing Unit (NPU), etc.
Specifically, the cellular communication module 220 has functions of implementing a second generation 2G mobile communication technology network, a third generation 3G mobile communication technology network, a fourth generation 4G mobile communication technology network, and a fifth generation 5G mobile communication technology network, etc. to perform receiving and transmitting of wireless mobile network data.
Specifically, the Wi-Fi communication module 230 is a communication module that provides a wireless local area network technology of IEEE 802.11 standard, and may provide channel spectrum resources of 2.4GHz and 5GHz to perform reception and transmission of network data.
Specifically, the power management 240 may include a power management chip and may provide management functions such as power conversion, distribution, detection, etc. for the relay device 110.
Specifically, memory 250 is used to store software programs and/or modules, and processor 210 executes the software programs and/or modules stored in memory 250 to perform various functional applications and data processing of relay device 110 and to perform radio network access control functions. The memory 250 may include a storage program area and a storage data area, wherein the storage program area may store an operating system or a software program required for at least one function, etc.; the storage data area may store data created according to the use of the relay apparatus, and the like. Further, the memory 250 may include high speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other volatile solid state storage device.
Specifically, the SIM module 260 may include a SIM card for storing user-related data, operation and management of a Personal Identification Number (PIN) of a user, authentication of a user identity, and a security algorithm and a key in the SIM card, etc. The stored Subscriber related data may include an international Mobile Subscriber identity Number (IMSI), an Authentication and Key (AKA), a Location area identity code (LAI), a Mobile Subscriber Temporary identity Number (TMSI), a forbidden public telephone network code, and a PIN. In addition, the relay device 110 may push the network access request message to the first electronic device 120 in a short message form through the SIM module 260.
Specifically, the first electronic device 120 may be an electronic device with a wireless network communication function, and may also include various handheld devices with a wireless network communication function, vehicle-mounted devices, wearable devices, Personal Computers (PCs) or other processing devices connected to wireless modems, and various forms of intelligent terminal devices and internet of things devices.
Further, the first electronic device 120 may be a smart terminal device that is communicatively coupled to the cellular communication model 220 of the relay device 110. Wherein the first electronic device 120 may establish the first communication connection with the relay device 110 by at least one of: establishing a communication connection by scanning a two-dimensional code provided by a manufacturer of the relay device 110, establishing a communication connection by scanning a Service Set Identifier (SSID) of the access relay device 110 and according to corresponding application software, and establishing a communication connection by accessing the SSID of the relay device 110 and according to a corresponding website connection. After the first electronic device 120 establishes the first communication connection with the relay device 110, the relay device 110 maintains the communication connection with the first electronic device 110 through the local cellular communication module 220, for example, the relay device 110 sends a short message to the first electronic device 110 through the local cellular communication module 220 according to the SIM module 260, or the relay device 110 sends a voice message, a picture message, a text message, and the like to the application software corresponding to the relay device 110 in the first electronic device 120 through the local cellular communication module 220.
In one possible example, please refer to fig. 3, fig. 4, and fig. 5, fig. 3 is a schematic diagram illustrating a first relay device and a first electronic device according to an embodiment of the present application establishing a first communication connection, fig. 4 is a schematic diagram illustrating a second relay device and a first electronic device according to an embodiment of the present application establishing a first communication connection, and fig. 5 is a schematic diagram illustrating a relay device and a first electronic device maintaining a communication connection. In fig. 3, the first electronic device 120 transmits a Probe Request (Probe Request) frame to all accessible channels in the 2.4GHz or 5GHz channel band to determine a Probe Response (Probe Response) frame of the relay device 110. The relay device 110 then sends the relevant network parameters including SSID, Basic Service Set Identifier (BSSID), signal strength, encryption and authentication scheme (e.g., WPA-PSK/WPA2-PSK, WPS), etc. to the first electronic device 120. The SSID of the Relay device 110 is Relay _ 5G. Finally, the first electronic device 120 accesses the wireless Wi-Fi network signal provided by the Wi-Fi communication module 230 of the home terminal of the relay device 110. In fig. 4, the communication connection is completed by executing application software corresponding to the relay apparatus 110 in the first electronic apparatus 120 and logging in the application software after registering a corresponding account and password. In fig. 5, after the first electronic device 120 establishes the first communication connection with the relay device 110, the relay device 110 sends a network access request message carrying the identity information (such as AA) of the second electronic device 130 to the first electronic device 120 in at least one of a voice sending form, a picture sending form, and a text sending form through the local cellular communication module 220. The first electronic device 120 obtains the network access request message of the second electronic device 130 through the column of "message" in the application software corresponding to the relay device 110, and performs network access control management on the second electronic device 130 in the column of "device" in the application software.
Specifically, the second electronic device 130 may be an electronic device with a wireless network communication function, and may also include various handheld devices, vehicle-mounted devices, wearable devices, PCs or other processing devices connected to a wireless modem with a wireless network communication function, and various forms of intelligent terminal devices and internet of things devices.
The following will describe the implementation steps of the radio network access control method from the perspective of a method example, please refer to fig. 6. Fig. 6 is a flowchart of a wireless network access control method provided in an embodiment of the present application, and is applied to a relay device 110, where the relay device 110 accesses a 5G mobile communication technology network 140 wirelessly, the relay device 110 provides a first Wi-Fi network through a Wi-Fi communication module 230 of a home terminal, and the relay device 110 maintains a communication connection with a first electronic device 120 through a cellular communication module 220 of the home terminal; the method comprises the following steps:
s601, when detecting that the second electronic device 130 requests to access the first Wi-Fi network, determining the state information of the relay device 110.
Specifically, the status information of the relay device 110 may include that the relay device is operated in the first time period. Wherein the first time period may be a first time period of daytime of each day or a first time period of nighttime of each day. The daytime of each day may include 12 hours from 8:00 am to 20:00 pm, and the nighttime of each day may include 12 hours from 20:00 pm to 8:00 am. For example, in a weather forecast distributed by a broadcast, a television station, or the like, "day by day" means 12 hours from 8:00 am to 20:00 pm today, and "day by night to tomorrow by day" means 12 hours from 20:00 pm today to 8:00 am the next morning.
S602, determining a first device access control policy currently enabled by the relay device 110 according to the status information, where the first device access control policy is to interactively confirm whether to allow the second electronic device to access the first electronic device through the cellular communication module.
S603, performing network access control on the second electronic device 130 according to the first device access control policy.
It can be seen that, in the wireless network access control method described in this embodiment of the application, when the relay device 110 detects an access request of the second electronic device 130, the relay device 110 determines, according to the state information of the relay device, a first device access control policy that interactively confirms whether the second electronic device 130 is allowed to access or not with the first electronic device 120, and performs network access control on the second electronic device 130 according to the first device access control policy, so as to actively push network access information of the relay device 110, timely remind a strange device of accessing a network and device network access control, and improve security and efficiency of wireless network access control.
In one possible example, the status information includes the device operating for a first time period; determining the first device access control policy currently enabled by the relay device according to the state information may include the following operations: sending a policy query request carrying a first time period to a policy server, wherein the policy query request is used for the policy server to determine a first equipment access control policy according to the first time period and sending the first equipment access control policy to relay equipment; a first device access control policy is received from a policy server.
Specifically, the policy server includes a server in the fifth generation mobile communication technology network 140.
It can be seen that the relay device determines the first device access control policy in the first time period through the policy server, so as to further improve the security of wireless network access control.
In one possible example, the status information includes the device operating for a first time period; determining the first device access control policy currently enabled by the relay device according to the status information may include the following operations: and inquiring the first equipment access control strategy from the local terminal by taking the first time period as an inquiry identifier.
It can be seen that the relay device directly determines the first device access control policy from the home terminal through the first time period as the query identifier, and does not need to determine through the policy server, so as to further improve the efficiency of wireless network access control.
In one possible example, network access control of the second electronic device according to the first device access control policy may include the following operations: acquiring identity information of second electronic equipment according to a first equipment access control strategy; sending a network access request message carrying identity information of second electronic equipment to first electronic equipment through a cellular communication module of a home terminal, wherein the network access request is used for the first electronic equipment to determine whether the second electronic equipment allows to access a first Wi-Fi network; receiving a network access response message from the first electronic device; performing network access control on the second electronic device according to the network access response, wherein the network access control comprises at least one of the following: the method includes allowing the second electronic device to access the first Wi-Fi network, denying the second electronic device access to the first Wi-Fi network, and limiting a network speed of the second electronic device at the first Wi-Fi network.
Therefore, the relay device and the first electronic device interactively confirm whether the second electronic device is allowed to access the first Wi-Fi network or not through the cellular communication module of the home terminal, so that active network access information pushing of the relay device is further achieved, strange devices are timely reminded of accessing the network and device network access control, and the security of wireless network access control is further improved.
In one possible example, sending, by the cellular communication module of the local terminal, the network access request message carrying the identity information of the second electronic device to the first electronic device may include the following operations: determining a preset message sending form of the relay equipment according to the identity information of the second electronic equipment, wherein the preset message sending form comprises at least one of a short message sending form, a text sending form, a voice sending form and a picture sending form; and sending a network access request message carrying the identity information of the second electronic equipment to the first electronic equipment by using the local cellular communication module according to the preset message sending form.
It can be seen that the relay device timely pushes the network access request of the second electronic device to the first electronic device through at least one of a short message sending form, a text sending form, a voice sending form and a picture sending form, so as to further realize the active pushing of the network access information by the relay device, timely remind of the access of a strange device to the network and the network access control of the device, and improve the flexibility of the pushing mode.
In one possible example, network access control of the second electronic device according to the first device access control policy may include the following operations: reading a preset device access configuration file from a memory of the local terminal according to a first device access control strategy, wherein the device access configuration file is generated by that the relay device receives a device network access instruction from the first electronic device through a cellular communication module of the local terminal; comparing the relationship between the identity information of the second electronic equipment and the equipment access configuration file to obtain a comparison result; if the identity information of the second electronic equipment meets the equipment access configuration file, the comparison result is that the second electronic equipment is allowed to access the first Wi-Fi network, and the identity information of the second electronic equipment is added to an accessed list of the equipment, wherein the accessed list of the equipment is used for recording the identity information of all electronic equipment accessed to the first Wi-Fi network; if the identity information of the second electronic equipment does not meet the equipment access configuration file, the comparison result is that the second electronic equipment is refused to access the first Wi-Fi network; and performing network access control on the second electronic equipment according to the comparison result.
It can be seen that the relay device receives the device access configuration file generated by the device network access instruction from the first electronic device through the local cellular communication module to determine the network access request of the second electronic device, thereby not only realizing the device network access control of the relay device, but also improving the flexibility and efficiency of the wireless network access control.
In keeping with the embodiment described above with reference to fig. 6, reference is made to fig. 7. Fig. 7 is a flowchart illustrating another wireless network access control method according to an embodiment of the present application, in which a relay device 110 wirelessly accesses a 5G mobile communication technology network 140, the relay device 110 provides a first Wi-Fi network through a Wi-Fi communication module 230 of a home terminal, and the relay device 110 maintains a communication connection with a first electronic device 120 through a cellular communication module 220 of the home terminal; the method comprises the following steps:
s701, the second electronic device 130 sends a request for accessing the first Wi-Fi network to the relay device 110.
Specifically, the second electronic device 130 transmits a Probe Request (Probe Request) frame to all accessible channels in the 2.4GHz or 5GHz channel band to determine a Probe Response (Probe Response) frame of the relay device 110. Then, the relay device 110 transmits the relevant network parameters including SSID, BSSID, signal strength, encryption and authentication methods (e.g., WPA-PSK/WPA2-PSK, WPS), etc. to the second electronic device 130. Finally, the second electronic device 130 transmits an access request to the relay device 110 by accessing the wireless network provided by the corresponding SSID.
Referring to fig. 8, fig. 8 is a schematic diagram illustrating a second electronic device requesting to access a relay device according to an embodiment of the present disclosure. The second electronic device 130 scans to acquire that the SSID of the Relay device 110 is Relay _5G, and sends a network access request in 11/month 9 am 9: 54.
S702, the relay device 110 receives the request and determines the status information of the relay device 110.
Specifically, the status information of the relay device 110 may include that the relay device is operated in the first time period. Wherein the first time period may be a first time period of daytime of each day or a first time period of nighttime of each day, etc. The daytime of each day may include 12 hours from 8:00 am to 20:00 pm, and the nighttime of each day may include 12 hours from 20:00 pm to 8:00 am. For example, in a weather forecast distributed by a broadcast, a television station, or the like, "day by day" means 12 hours from 8:00 am to 20:00 pm today, and "day by night to tomorrow by day" means 12 hours from 20:00 pm today to 8:00 am the next morning.
S703, when the status information includes the first time period, the relay device 110 sends a policy query request carrying the first time period to the policy server.
The policy server may comprise a server in the fifth generation mobile communication technology network 140, among others.
For example, when the relay device 110 receives a request for the second electronic device 130 to access the first Wi-Fi network, the relay device 110 determines time information that is currently operating at 11 months, 9 am, 9:54 am. Then, the relay device 110 sends a policy query request carrying the time information to the policy server.
S704, the policy server receives the policy query request, determines a first device access control policy of the relay device 110 according to the first time period, and sends the first device access control policy to the relay device 110.
Specifically, the policy server may cache a one-to-one mapping relationship between the working time period and a preset policy set. The preset policy set may be configured by the first electronic device and uploaded to the policy server for storage. Alternatively, the preset policy set may be pre-configured by the policy server and pre-configured by the manufacturer. The first device access control policy is a policy in the preset policy set. For example, table 1 records a possible preset policy set in the policy server.
TABLE 1
Figure BDA0002334583990000091
Wherein, the device access control policy 1 may be that the relay device 110 interactively confirms whether the second electronic device 130 is allowed to access with the first electronic device 120 through the cellular communication module 220; the device access control policy 2 may be a device default access policy preset for the first electronic device 110, for example, directly allowing the second electronic device 130 to access the network or directly denying the second electronic device 130 to access the network.
Referring to fig. 9, fig. 9 is a schematic diagram illustrating a preset policy set configuration according to an embodiment of the present disclosure. The first electronic device 120 executes the "network access setting" corresponding to the "tool" in the application software of the relay device 110, and uploads the preset policy set to the policy server in the fifth generation 5G mobile communication technology network 140 through the option settings corresponding to the "network access setting" whether to allow the relay device to send a message within the period of 8:00-20:00 "," whether to allow the relay device to send a message within the period of 20:00-8:00 "," allow a new device to access ", and the like. When the "whether the relay device is allowed to send the message within the time period of 8:00-20: 00" is set to be yes, for the network access request of the second electronic device 130 within the time period of 8:00-20:00, the relay device 110 needs to interactively confirm whether the second electronic device 130 is allowed to access with the first electronic device 120 through the cellular communication module 220, and the first electronic device 120 performs related control management on the network access request of the second electronic device 130 by executing the column "device" in the application software. When "whether to allow the relay device to transmit the message within the 20:00-8:00 period" is set to no, and "allow new device access" is set to no, the relay device 110 does not need to confirm whether to allow the second electronic device 130 to access by interacting with the first electronic device 120 through the cellular communication module 220, but directly rejects the network access request of the second electronic device 130.
S705, the relay device 110 receives the first device access control policy, and acquires the identity information of the second electronic device 130 according to the first device access control policy.
Specifically, the identity information of the second electronic device 130 may include a Media Access Control (MAC) address.
S706, the relay device 110 determines a preset message sending form of the relay device 110 according to the identity information of the second electronic device 130.
The preset message sending form comprises at least one of a short message sending form, a text sending form, a voice sending form and a picture sending form.
S707, the relay device 110 sends a network access request message carrying the identity information of the second electronic device to the first electronic device through the local cellular communication module 220 according to the preset message sending form.
S708, the first electronic device 120 receives the network access request, determines whether the second electronic device 130 is allowed to access the first Wi-Fi network according to the network access request, and sends a network access response message to the relay device 110.
S709, the relay device 110 receives the network access response message, performs network access control on the second electronic device 130 according to the network access response, and sends a network access control result to the second electronic device 130.
Wherein the network access control comprises at least one of: allowing the second electronic device 130 to access the first Wi-Fi network, denying the second electronic device 130 access to the first Wi-Fi network, and limiting the network speed of the second electronic device 130 at the first Wi-Fi network.
Referring to fig. 10 and fig. 11, fig. 10 is a schematic diagram illustrating network access control performed on a second electronic device according to an embodiment of the present disclosure, and fig. 11 is a schematic diagram illustrating network access control performed on the second electronic device according to an embodiment of the present disclosure. In fig. 10, the first electronic device 120 executes the column "device" in the application software corresponding to the first relay device 110, and reads the "device request access list" and the "device already accessed list". In the "device request access list," AA "is the acquired identity information of the second electronic device 130. In fig. 11, the first electronic device 120 performs operations of allowing access to the network, denying access to the network, and limiting the network speed on the AA through the application software.
It can be seen that, in the wireless network access control method described in this embodiment of the application, when the relay device 110 detects an access request of the second electronic device 130, the relay device 110 determines, according to the state information of the relay device, a first device access control policy that interactively confirms whether the second electronic device 130 is allowed to access or not with the first electronic device 120, and performs network access control on the second electronic device 130 according to the first device access control policy, so as to actively push network access information of the relay device 110, timely remind a strange device of accessing a network and device network access control, and improve security and efficiency of wireless network access control.
In keeping with the embodiment described above with reference to fig. 6, refer to fig. 12. Fig. 12 is a flowchart illustrating another wireless network access control method according to an embodiment of the present application, in which a relay device 110 wirelessly accesses a 5G mobile communication technology network 140, the relay device 110 provides a first Wi-Fi network through a Wi-Fi communication module 230 of a home terminal, and the relay device 110 maintains a communication connection with a first electronic device 120 through a cellular communication module 220 of the home terminal; the method comprises the following steps:
s1201, the second electronic device 130 sends a request for accessing the first Wi-Fi network to the relay device 110.
S1202, the relay device 110 receives the request and determines the status information of the relay device 120.
Specifically, the status information of the relay device 110 may include that the relay device is operated in the first time period. Wherein the first time period may be a first time period of daytime of each day or a first time period of nighttime of each day. The daytime of each day may include 12 hours from 8:00 am to 20:00 pm, and the nighttime of each day may include 12 hours from 20:00 pm to 8:00 am. For example, in a weather forecast distributed by a broadcast, a television station, or the like, "day by day" means 12 hours from 8:00 am to 20:00 pm today, and "day by night to tomorrow by day" means 12 hours from 20:00 pm today to 8:00 am the next morning.
S1203, when the status information includes the first time period, the relay device 110 queries the first device access control policy from the home terminal of the relay device 110 by using the first time period as a query identifier.
The relay device 110 may cache a one-to-one mapping relationship between the working time period and a preset policy set. The preset policy set may be configured by the first electronic device and uploaded to the relay device 110 for storage. Alternatively, the preset set of policies may be preconfigured by the relay device 110 and by the vendor. The first device access control strategy is a strategy in a preset strategy set. For example, table 2 records a set of possible preset policies of one of the relay devices 110.
TABLE 2
Figure BDA0002334583990000111
The device access control policy 3 may be that the relay device 110 reads a preset device access profile through the local storage 250, where the device access profile may be generated by the relay device 110 receiving a device network access instruction from the first electronic device 120 through the local cellular communication module 220, or by the local cellular communication module 220 receiving a device network access instruction from the policy server, and the like. The device access control policy 4 may confirm for the relay device 110 to interact with the first electronic device 120 through the cellular communication module 220 whether the second electronic device 130 is allowed to access.
For example, in fig. 9, the first electronic device 120 executes "network access setting" corresponding to "tool" in the application software of the relay device 110, and generates a device network access instruction according to options of "whether the relay device is allowed to send a message" and "allow a new device to access" in a period of 20:00-8:00 "corresponding to" network access setting ", and uploads the device network access instruction to the policy server. The network access instruction is then sent to the relay device 110 through the policy server. The relay device 110 generates a device access profile according to the device network access instruction, and stores the device access profile in the local memory 250. When "whether to allow the relay device to transmit the message within the 20:00-8:00 period" is set to no, and "allow new device access" is set to no, the relay device 110 does not need to confirm whether to allow the second electronic device 130 to access by interacting with the first electronic device 120 through the cellular communication module 220, but directly rejects the network access request of the second electronic device 130.
S1204, the relay device 110 reads a preset device access profile from the local memory according to the first device access control policy, where the device access profile is generated by the relay device 110 receiving a device network access instruction from the first electronic device 120 through the local cellular communication module 220.
S1205, the relay device 110 compares the relationship between the identity information of the second electronic device 130 and the device access configuration file to obtain a comparison result.
If the identity information of the second electronic device 130 meets the device access configuration file, the comparison result is that the second electronic device 130 is allowed to access the first Wi-Fi network, and the identity information of the second electronic device 130 is added to the device already-accessed list, where the device already-accessed list is used to record the identity information of all electronic devices accessing the first Wi-Fi network; if the identity information of the second electronic device 130 does not satisfy the device access profile, the comparison result is that the second electronic device 130 is denied access to the first Wi-Fi network.
For example, in fig. 9, when "whether the relay device is allowed to send a message within a period of 20:00-8: 00" is set to no and "new device access is allowed" is set to yes, the identity information of the second electronic device 130 satisfies the device access profile, the relay device 110 allows the second electronic device 130 to access the first Wi-Fi network, and adds the identity information of the second electronic device 130 to the device already-accessed list. At this time, "AA" will appear in "device has accessed the list" in fig. 10.
S1206, the relay device 110 performs network access control on the second electronic device 130 according to the comparison result, and sends a network access control result to the second electronic device 130.
It can be seen that, in the wireless network access control method described in this embodiment of the application, when the relay device 110 detects an access request of the second electronic device 130, the relay device 110 determines, according to the state information of the relay device, a first device access control policy that interactively confirms whether the second electronic device 130 is allowed to access or not with the first electronic device 120, and performs network access control on the second electronic device 130 according to the first device access control policy, so as to actively push network access information of the relay device 110, timely remind a strange device of accessing a network and device network access control, and improve security and efficiency of wireless network access control.
See fig. 13, consistent with the embodiments described above with respect to fig. 6, 7, and 12. Fig. 13 is a schematic structural diagram of another relay device provided in an embodiment of the present application, where the relay device 110 includes an application processor 1310, a memory 1320, a communication interface 1330, and one or more programs 1321, where the one or more programs 1321 are stored in the memory 1320 and configured to be executed by the application processor 1310, and the one or more programs 1321 include instructions for: when detecting that a second electronic device requests to access the first Wi-Fi network, determining state information of a relay device; determining a first device access control strategy which is currently started by the relay device according to the state information, wherein the first device access control strategy is a strategy in a preset strategy set, and the first device access control strategy is used for interactively confirming whether a second electronic device is allowed to access or not through a cellular communication module and a first electronic device; and performing network access control on the second electronic equipment according to the first equipment access control strategy.
It can be seen that, when detecting an access request of the second electronic device 130, the relay device 110 determines, according to the state information of the relay device, a first device access control policy that interactively confirms whether to allow the second electronic device 130 to access with the first electronic device 120, and performs network access control on the second electronic device 130 according to the first device access control policy, so as to actively push network access information of the relay device 110, timely remind a stranger device of accessing a network and device network access control, and improve security and efficiency of wireless network access control.
In one possible example, the status information includes a device operating for a first period of time; in the aspect of determining, according to the state information, a first device access control policy currently enabled by the relay device, the instructions in the program are specifically configured to perform the following operations: sending a policy query request carrying the first time period to a policy server, where the policy query request is used for the policy server to determine the first device access control policy according to the first time period, and sending the first device access control policy to the relay device; receiving the first device access control policy from the policy server.
In one possible example, the status information includes a device operating for a first period of time; in the aspect of determining, according to the state information, a first device access control policy currently enabled by the relay device, the instructions in the program are specifically configured to perform the following operations: and inquiring the first equipment access control strategy from the local terminal by taking the first time period as an inquiry identifier.
In a possible example, in terms of the network access control performed on the second electronic device according to the first device access control policy, the instructions in the program are specifically configured to perform the following operations: acquiring identity information of the second electronic equipment according to the first equipment access control strategy; sending a network access request message carrying identity information of the second electronic device to the first electronic device through the cellular communication module of the local terminal, wherein the network access request is used for the first electronic device to determine whether the second electronic device is allowed to access the first Wi-Fi network; receiving a network access response message from the first electronic device; performing network access control on the second electronic device according to the network access response, wherein the network access control includes at least one of the following: allowing the second electronic device to access the first Wi-Fi network, denying the second electronic device access the first Wi-Fi network, and limiting a network speed of the second electronic device at the first Wi-Fi network.
In a possible example, in the aspect of sending, by the cellular communication module of the local end, a network access request message carrying identity information of the second electronic device to the first electronic device, the instructions in the program are specifically configured to perform the following operations: determining a preset message sending form of the relay equipment according to the identity information of the second electronic equipment, wherein the preset message sending form comprises at least one of a short message sending form, a text sending form, a voice sending form and a picture sending form; and sending a network access request message carrying the identity information of the second electronic equipment to the first electronic equipment by the cellular communication module of the local terminal according to the preset message sending form.
In a possible example, in terms of the network access control performed on the second electronic device according to the first device access control policy, the instructions in the program are specifically configured to perform the following operations: reading a preset device access configuration file from a memory of the local terminal according to the first device access control strategy, wherein the device access configuration file is generated by the relay device receiving a device network access instruction from the first electronic device through a cellular communication module of the local terminal; comparing the relationship between the identity information of the second electronic equipment and the equipment access configuration file to obtain a comparison result; if the identity information of the second electronic device meets the device access configuration file, the comparison result is that the second electronic device is allowed to access the first Wi-Fi network, and the identity information of the second electronic device is added to a device already-accessed list, wherein the device already-accessed list is used for recording the identity information of all electronic devices accessing the first Wi-Fi network; if the identity information of the second electronic equipment does not meet the equipment access configuration file, the comparison result is that the second electronic equipment is refused to access the first Wi-Fi network; and performing network access control on the second electronic equipment according to the comparison result.
The above description has introduced the solution of the embodiment of the present application mainly from the perspective of the method-side implementation process. It is understood that the relay device 110 includes corresponding hardware structures and/or software modules for performing the respective functions in order to implement the above-described functions. Those of skill in the art will readily appreciate that the present application is capable of hardware or a combination of hardware and computer software implementing the various illustrative elements and algorithm steps described in connection with the embodiments provided herein. Whether a function is performed as hardware or computer software drives hardware depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
In the embodiment of the present application, the relay device 110 may be divided into functional units according to the above method example, for example, each functional unit may be divided corresponding to each function, or two or more functions may be integrated into one processing unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit. It should be noted that the division of the unit in the embodiment of the present application is schematic, and is only a logic function division, and there may be another division manner in actual implementation.
Fig. 14 is a block diagram illustrating functional units of a radio network access control apparatus according to an embodiment of the present application. The wireless network access control device 1400 is applied to the relay device 110, the relay device 110 accesses the 5G mobile communication technology network 140 in a wireless manner, the relay device 110 provides a first Wi-Fi network through the Wi-Fi communication module 230 of the home terminal, and the relay device 110 maintains a communication connection with the first electronic device 120 through the cellular communication module 220 of the home terminal; the apparatus comprises a processing unit 1401 and a communication unit 1402.
The processing unit 1401 is configured to execute any step in the above method embodiments, and when performing data transmission such as sending, optionally invoke the communication unit 1402 to complete corresponding operations, which will be described in detail below.
The processing unit 1401 is specifically configured to: when detecting that a second electronic device requests to access the first Wi-Fi network, determining state information of the relay device; determining a first device access control strategy currently enabled by the relay device according to the state information, wherein the first device access control strategy is a strategy in a preset strategy set, and the first device access control strategy is to interactively confirm whether the second electronic device is allowed to access with the first electronic device through the cellular communication module; and performing network access control on the second electronic equipment according to the first equipment access control strategy.
It can be seen that, in the wireless network access control apparatus described in this embodiment of the application, when the relay device 110 detects an access request of the second electronic device 130, the relay device 110 determines, according to the state information of the relay device, a first device access control policy that interactively confirms whether the second electronic device 130 is allowed to access or not with the first electronic device 120, and performs network access control on the second electronic device 130 according to the first device access control policy, so as to implement active network access information pushing of the relay device 110, prompt that a strange device is accessed to a network and device network access control, and improve security and efficiency of wireless network access control.
In one possible example, the status information includes a device operating for a first period of time; in terms of the determining, according to the state information, the first device access control policy currently enabled by the relay device, the processing unit 1401 is specifically configured to: sending a policy query request carrying the first time period to a policy server, where the policy query request is used for the policy server to determine the first device access control policy according to the first time period, and sending the first device access control policy to the relay device; receiving the first device access control policy from the policy server.
In one possible example, the status information includes a device operating for a first period of time; in terms of the determining, according to the state information, the first device access control policy currently enabled by the relay device, the processing unit 1401 is specifically configured to: and inquiring the first equipment access control strategy from the local terminal by taking the first time period as an inquiry identifier.
In a possible example, in terms of performing network access control on the second electronic device according to the first device access control policy, the processing unit 1401 is specifically configured to: acquiring identity information of the second electronic equipment according to the first equipment access control strategy; sending a network access request message carrying identity information of the second electronic device to the first electronic device through the cellular communication module of the local terminal, wherein the network access request is used for the first electronic device to determine whether the second electronic device is allowed to access the first Wi-Fi network; receiving a network access response message from the first electronic device; performing network access control on the second electronic device according to the network access response, wherein the network access control includes at least one of the following: allowing the second electronic device to access the first Wi-Fi network, denying the second electronic device access the first Wi-Fi network, and limiting a network speed of the second electronic device at the first Wi-Fi network.
In a possible example, in the aspect of sending, to the first electronic device through the cellular communication module of the local end, a network access request message carrying identity information of the second electronic device, the processing unit 1401 is specifically configured to: determining a preset message sending form of the relay equipment according to the identity information of the second electronic equipment, wherein the preset message sending form comprises at least one of a short message sending form, a text sending form, a voice sending form and a picture sending form; and sending a network access request message carrying the identity information of the second electronic equipment to the first electronic equipment by the cellular communication module of the local terminal according to the preset message sending form.
In a possible example, in terms of performing network access control on the second electronic device according to the first device access control policy, the processing unit 1401 is specifically configured to: reading a preset device access configuration file from a memory of the local terminal according to the first device access control strategy, wherein the device access configuration file is generated by the relay device receiving a device network access instruction from the first electronic device through a cellular communication module of the local terminal; comparing the relationship between the identity information of the second electronic equipment and the equipment access configuration file to obtain a comparison result; if the identity information of the second electronic device meets the device access configuration file, the comparison result is that the second electronic device is allowed to access the first Wi-Fi network, and the identity information of the second electronic device is added to a device already-accessed list, wherein the device already-accessed list is used for recording the identity information of all electronic devices accessing the first Wi-Fi network; if the identity information of the second electronic equipment does not meet the equipment access configuration file, the comparison result is that the second electronic equipment is refused to access the first Wi-Fi network; and performing network access control on the second electronic equipment according to the comparison result.
The radio network access control apparatus 1400 may further include a storage unit 1403 for storing program codes and data of the server. The processing unit 1401 may be a processor, the communication unit 1402 may be a touch sensitive display screen or a transceiver, and the storage unit 1403 may be a memory.
Next, in the embodiment of the present application, functional units of the first electronic device 120 may be divided according to the above method example, please refer to fig. 15. Fig. 15 is a block diagram illustrating functional units of a radio network access control apparatus 1500 according to an embodiment of the present disclosure. The wireless network access control device 1500 is applied to the first electronic device 120, the relay device 110 accesses the 5G mobile communication technology network 140 in a wireless manner, the relay device 110 provides a first Wi-Fi network through the Wi-Fi communication module 230 of the home terminal, and the relay device 110 maintains a communication connection with the first electronic device 120 through the cellular communication module 220 of the home terminal; the apparatus includes a processing unit 1501 and a communication unit 1502.
The processing unit 1501 can optionally call the communication unit 1502 to perform corresponding operations when performing data transmission such as transmission, which will be described in detail below.
The processing unit 1501 is specifically configured to receive a network access request message from the relay device, where the network access request is generated by the relay device performing the following operations: when detecting that a second electronic device requests to access the first Wi-Fi network, determining that the relay device works for a first time period; sending a policy query request carrying the first time period to a policy server, where the policy query request is used for the policy server to determine the first device access control policy according to the first time period, and sending the first device access control policy to the relay device; receiving the first device access control policy from the policy server; or, the first time period is used as a query identifier, and the first equipment access control strategy is queried from the local terminal; acquiring identity information of the second electronic equipment according to the first equipment access control strategy; sending a network access request message carrying identity information of the second electronic device to the first electronic device through the cellular communication module of the local terminal, wherein the network access request is used for the first electronic device to determine whether the second electronic device is allowed to access the first Wi-Fi network; and sending a network access response message to the relay device, wherein the network access response is used for the relay device to perform the following operations: performing network access control on the second electronic device according to the network access response, wherein the network access control includes at least one of the following: allowing the second electronic device to access the first Wi-Fi network, denying the second electronic device access the first Wi-Fi network, and limiting a network speed of the second electronic device at the first Wi-Fi network.
It can be seen that the first electronic device 120 and the relay device 110 interactively confirm the first device access control policy whether to allow the second electronic device 130 to access, and perform network access control on the second electronic device 130 according to the first device access control policy, so as to receive active push network access information and device network access control from the relay device 110, and improve security and efficiency of wireless network access control.
The radio network access control apparatus 1500 may further include a storage unit 1503 for storing program codes and data of the server. The processing unit 1501 may be a processor, the communication unit 1502 may be a touch display screen or a transceiver, and the storage unit 1503 may be a memory.
Embodiments of the present application also provide a computer storage medium, wherein the computer storage medium stores a computer program for electronic data exchange, the computer program enables a computer to execute part or all of the steps of any one of the methods described in the above method embodiments, and the computer includes a server.
Embodiments of the present application also provide a computer program product comprising a non-transitory computer readable storage medium storing a computer program operable to cause a computer to perform some or all of the steps of any of the methods as described in the above method embodiments. The computer program product may be a software installation package, the computer comprising a server.
For simplicity of description, each of the above method embodiments is described as a series of combinations of operations. Those skilled in the art should appreciate that the present application is not limited by the order of acts described, as some steps in the embodiments of the present application may occur in other orders or concurrently. Moreover, those skilled in the art should also appreciate that the embodiments described in the specification are preferred embodiments and that acts and modules referred to are not necessarily required to implement the embodiments of the application.
In the foregoing embodiments, the descriptions of the respective embodiments have respective emphasis, and for parts that are not described in detail in a certain embodiment, reference may be made to related descriptions of other embodiments.
In the several embodiments provided in the present application, it should be understood by those skilled in the art that the described apparatus can be implemented in other ways. It will be appreciated that the above described apparatus embodiments are merely illustrative. For example, the division of the unit is only one logic function division, and actually, other division modes can be provided. That is, multiple units or components may be combined or integrated into another software, and some features may be omitted or not implemented. In addition, the shown or discussed mutual coupling, direct coupling or communication connection and the like can be an indirect coupling or communication connection through some interfaces, devices or units, and can also be an electric or other form.
The units described above as separate parts may or may not be physically separate. The above-mentioned components displayed as units may be physical units, may not be, may be located on one network unit, or may be distributed to a plurality of network units. Therefore, the above embodiments can be implemented by selecting some or all of the units according to actual needs.
In addition, each functional unit in the above embodiments may be integrated into one processing unit, may exist in different physical units, or two or more functional units may be integrated into one physical unit. The above units can be realized in the form of hardware, and also can be realized in the form of software functional units.
The above-mentioned units, if implemented in the form of software functional units and sold or used as separate products, may be stored in a computer readable memory. It will be appreciated that the solution of the present application (which form a part of or all or part of the prior art) may be embodied in the form of a computer software product. The computer software product is stored in a memory and includes several instructions for causing a computer device (personal computer, server, network device, etc.) to perform all or part of the steps of the embodiments of the present application. The Memory includes various media that can store program codes, such as a usb disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a removable hard disk, a magnetic disk, or an optical disk.
It will be understood by those skilled in the art that all or part of the steps of the embodiments of the present application may be performed by associated hardware instructed by a program, and the program may be stored in a memory, which may include a flash memory disk, a ROM, a RAM, a magnetic or optical disk, and the like.
The embodiments of the present application are described in detail above, and the description in the embodiments of the present application is only for assisting understanding of the method and the core idea of the present application. One skilled in the art will appreciate that the embodiments of the present application can be varied in both the detailed description and the application, and thus the present description should not be construed as limiting the application.

Claims (12)

1. A wireless network access control method is applied to relay equipment, the relay equipment is wirelessly accessed to a fifth generation 5G mobile communication technology network, the relay equipment provides a first Wi-Fi network through a wireless fidelity Wi-Fi communication module of a local terminal, and the relay equipment is in communication connection with first electronic equipment through a cellular communication module of the local terminal; the method comprises the following steps:
when detecting that a second electronic device requests to access the first Wi-Fi network, determining state information of the relay device;
determining a first device access control strategy currently enabled by the relay device according to the state information, wherein the first device access control strategy is a strategy in a preset strategy set, and the first device access control strategy is to interactively confirm whether the second electronic device is allowed to access with the first electronic device through the cellular communication module;
and performing network access control on the second electronic equipment according to the first equipment access control strategy.
2. The method of claim 1, wherein the status information comprises a device operating for a first period of time; the determining, according to the state information, a first device access control policy currently enabled by the relay device includes:
sending a policy query request carrying the first time period to a policy server, where the policy query request is used for the policy server to determine the first device access control policy according to the first time period, and sending the first device access control policy to the relay device;
receiving the first device access control policy from the policy server.
3. The method of claim 1, the status information comprising a device operating for a first period of time; the determining, according to the state information, a first device access control policy currently enabled by the relay device includes:
and inquiring the first equipment access control strategy from the local terminal by taking the first time period as an inquiry identifier.
4. The method according to claim 2 or 3, wherein the network access control of the second electronic device according to the first device access control policy comprises:
acquiring identity information of the second electronic equipment according to the first equipment access control strategy;
sending a network access request message carrying identity information of the second electronic device to the first electronic device through the cellular communication module of the local terminal, wherein the network access request is used for the first electronic device to determine whether the second electronic device is allowed to access the first Wi-Fi network;
receiving a network access response message from the first electronic device;
performing network access control on the second electronic device according to the network access response, wherein the network access control includes at least one of the following: allowing the second electronic device to access the first Wi-Fi network, denying the second electronic device access the first Wi-Fi network, and limiting a network speed of the second electronic device at the first Wi-Fi network.
5. The method according to claim 4, wherein the sending, by the cellular communication module of the home terminal, the network access request message carrying the identity information of the second electronic device to the first electronic device comprises:
determining a preset message sending form of the relay equipment according to the identity information of the second electronic equipment, wherein the preset message sending form comprises at least one of a short message sending form, a text sending form, a voice sending form and a picture sending form;
and sending a network access request message carrying the identity information of the second electronic equipment to the first electronic equipment by the cellular communication module of the local terminal according to the preset message sending form.
6. The method according to claim 2 or 3, wherein the network access control of the second electronic device according to the first device access control policy comprises:
reading a preset device access configuration file from a memory of the local terminal according to the first device access control strategy, wherein the device access configuration file is generated by the relay device receiving a device network access instruction from the first electronic device through a cellular communication module of the local terminal;
comparing the relationship between the identity information of the second electronic equipment and the equipment access configuration file to obtain a comparison result; if the identity information of the second electronic device meets the device access configuration file, the comparison result is that the second electronic device is allowed to access the first Wi-Fi network, and the identity information of the second electronic device is added to a device already-accessed list, wherein the device already-accessed list is used for recording the identity information of all electronic devices accessing the first Wi-Fi network; if the identity information of the second electronic equipment does not meet the equipment access configuration file, the comparison result is that the second electronic equipment is refused to access the first Wi-Fi network;
and performing network access control on the second electronic equipment according to the comparison result.
7. A wireless network access control method is applied to first electronic equipment, relay equipment establishes communication connection with the first electronic equipment through a cellular communication module of a home terminal, the relay equipment is accessed to a fifth generation 5G mobile communication technology network in a wireless mode, and the relay equipment provides a first Wi-Fi network through a wireless high-fidelity Wi-Fi communication module of the home terminal; the method comprises the following steps:
receiving a network access request message from the relay device, the network access request being generated by the relay device by: when detecting that a second electronic device requests to access the first Wi-Fi network, determining that the relay device works for a first time period; sending a policy query request carrying the first time period to a policy server, where the policy query request is used for the policy server to determine the first device access control policy according to the first time period, and sending the first device access control policy to the relay device; receiving the first device access control policy from the policy server; or, the first time period is used as a query identifier, and the first equipment access control strategy is queried from the local terminal; acquiring identity information of the second electronic equipment according to the first equipment access control strategy; sending a network access request message carrying identity information of the second electronic device to the first electronic device through the cellular communication module of the local terminal, wherein the network access request is used for the first electronic device to determine whether the second electronic device is allowed to access the first Wi-Fi network;
sending a network access response message to the relay device, wherein the network access response is used for the relay device to perform the following operations: performing network access control on the second electronic device according to the network access response, wherein the network access control includes at least one of the following: allowing the second electronic device to access the first Wi-Fi network, denying the second electronic device access the first Wi-Fi network, and limiting a network speed of the second electronic device at the first Wi-Fi network.
8. A wireless network access management device is applied to relay equipment, the relay equipment is wirelessly accessed to a fifth generation 5G mobile communication technology network, the relay equipment provides a first Wi-Fi network through a wireless high-fidelity Wi-Fi communication module of a local terminal, and the relay equipment is in communication connection with first electronic equipment through a cellular communication module of the local terminal; the device comprises:
the processing unit is used for determining the state information of the relay equipment when detecting that a second electronic device requests to access the first Wi-Fi network; the device access control module is configured to determine, according to the status information, a first device access control policy currently enabled by the relay device, where the first device access control policy is a policy in a preset policy set, and the first device access control policy is to interactively confirm, through the cellular communication module, whether to allow the second electronic device to access the first electronic device; and performing network access control on the second electronic equipment according to the first equipment access control strategy.
9. A wireless network access control device is applied to first electronic equipment, relay equipment establishes communication connection with the first electronic equipment through a cellular communication module of a home terminal, the relay equipment is accessed to a fifth generation 5G mobile communication technology network in a wireless mode, and the relay equipment provides a first Wi-Fi network through a wireless high-fidelity Wi-Fi module of the home terminal; the apparatus comprises a processing unit and a communication unit, wherein,
the processing unit is configured to receive, by the communication unit, a network access request message from the relay device, where the network access request is generated by the relay device by: when detecting that a second electronic device requests to access the first Wi-Fi network, determining that the relay device works for a first time period; sending a policy query request carrying the first time period to a policy server, where the policy query request is used for the policy server to determine the first device access control policy according to the first time period, and sending the first device access control policy to the relay device; receiving the first device access control policy from the policy server; or, the first time period is used as a query identifier, and the first equipment access control strategy is queried from the local terminal; acquiring identity information of the second electronic equipment according to the first equipment access control strategy; sending a network access request message carrying identity information of the second electronic device to the first electronic device through the cellular communication module of the local terminal, wherein the network access request is used for the first electronic device to determine whether the second electronic device is allowed to access the first Wi-Fi network; and a network access response message for sending to the relay device, by the communication unit, the network access response for the relay device to: performing network access control on the second electronic device according to the network access response, wherein the network access control includes at least one of the following: allowing the second electronic device to access the first Wi-Fi network, denying the second electronic device access the first Wi-Fi network, and limiting a network speed of the second electronic device at the first Wi-Fi network.
10. A relay device comprising a processor, a memory, a communication interface, and one or more programs stored in the memory and configured to be executed by the processor, the one or more programs including instructions for performing the steps in the method of any of claims 1-6.
11. An electronic device comprising a processor, a memory, a communication interface, and one or more programs stored in the memory and configured to be executed by the processor, the one or more programs including instructions for performing the steps in the method of claim 7.
12. A computer-readable storage medium, characterized in that a computer program for electronic data exchange is stored, wherein the computer program is executed by a processor to implement the method according to any of the claims 1-7.
CN201911361996.8A 2019-12-24 2019-12-24 Wireless network access control method and device, relay equipment and electronic equipment Pending CN111031545A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911361996.8A CN111031545A (en) 2019-12-24 2019-12-24 Wireless network access control method and device, relay equipment and electronic equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911361996.8A CN111031545A (en) 2019-12-24 2019-12-24 Wireless network access control method and device, relay equipment and electronic equipment

Publications (1)

Publication Number Publication Date
CN111031545A true CN111031545A (en) 2020-04-17

Family

ID=70213545

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911361996.8A Pending CN111031545A (en) 2019-12-24 2019-12-24 Wireless network access control method and device, relay equipment and electronic equipment

Country Status (1)

Country Link
CN (1) CN111031545A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111770094A (en) * 2020-06-29 2020-10-13 Oppo广东移动通信有限公司 Access control method of wireless network and related device
CN111918266A (en) * 2020-09-10 2020-11-10 Oppo广东移动通信有限公司 Communication connection method, device, storage medium and electronic equipment
CN115002871A (en) * 2022-05-20 2022-09-02 凌锐蓝信科技(北京)有限公司 Signal connection system, signal connection method, computer device, and storage medium

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101674268A (en) * 2009-09-25 2010-03-17 中兴通讯股份有限公司 Internet access control device and method and gateway thereof
CN102916946A (en) * 2012-09-29 2013-02-06 李勇奇 Access control method and access control system
CN103987130A (en) * 2014-05-16 2014-08-13 北京奇虎科技有限公司 Terminal access method, device and system based on WIFI equipment
WO2014148448A1 (en) * 2013-03-22 2014-09-25 ヤマハ株式会社 Wireless network system, terminal management device, wireless relay device, and communications method
CN104768204A (en) * 2015-03-25 2015-07-08 广东欧珀移动通信有限公司 Network access management method, wearable device and system
CN104854893A (en) * 2012-11-27 2015-08-19 瑞典爱立信有限公司 System for handling access by wireless devices in wi-fi network
CN105871795A (en) * 2015-11-16 2016-08-17 乐视致新电子科技(天津)有限公司 Internet surfing control method and related device
CN107426168A (en) * 2017-05-23 2017-12-01 国网山东省电力公司电力科学研究院 A kind of Secure Network Assecc processing method and processing device
CN108934009A (en) * 2017-05-27 2018-12-04 华为技术有限公司 A kind of WiFi network cut-in method, apparatus and system

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101674268A (en) * 2009-09-25 2010-03-17 中兴通讯股份有限公司 Internet access control device and method and gateway thereof
CN102916946A (en) * 2012-09-29 2013-02-06 李勇奇 Access control method and access control system
CN104854893A (en) * 2012-11-27 2015-08-19 瑞典爱立信有限公司 System for handling access by wireless devices in wi-fi network
WO2014148448A1 (en) * 2013-03-22 2014-09-25 ヤマハ株式会社 Wireless network system, terminal management device, wireless relay device, and communications method
CN103987130A (en) * 2014-05-16 2014-08-13 北京奇虎科技有限公司 Terminal access method, device and system based on WIFI equipment
CN104768204A (en) * 2015-03-25 2015-07-08 广东欧珀移动通信有限公司 Network access management method, wearable device and system
CN105871795A (en) * 2015-11-16 2016-08-17 乐视致新电子科技(天津)有限公司 Internet surfing control method and related device
CN107426168A (en) * 2017-05-23 2017-12-01 国网山东省电力公司电力科学研究院 A kind of Secure Network Assecc processing method and processing device
CN108934009A (en) * 2017-05-27 2018-12-04 华为技术有限公司 A kind of WiFi network cut-in method, apparatus and system

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111770094A (en) * 2020-06-29 2020-10-13 Oppo广东移动通信有限公司 Access control method of wireless network and related device
CN111770094B (en) * 2020-06-29 2022-12-13 Oppo广东移动通信有限公司 Access control method of wireless network and related device
CN111918266A (en) * 2020-09-10 2020-11-10 Oppo广东移动通信有限公司 Communication connection method, device, storage medium and electronic equipment
CN115002871A (en) * 2022-05-20 2022-09-02 凌锐蓝信科技(北京)有限公司 Signal connection system, signal connection method, computer device, and storage medium
CN115002871B (en) * 2022-05-20 2023-01-03 凌锐蓝信科技(北京)有限公司 Signal connection system, signal connection method, computer device, and storage medium

Similar Documents

Publication Publication Date Title
US20230164540A1 (en) Method and apparatus for accessing cellular network for sim profile
EP2158731B1 (en) Scanning procedure in wireless lan, station supporting the same, and frame format therefor
JP5281128B2 (en) WI-FI access method, access point, and WI-FI access system
US8265599B2 (en) Enabling and charging devices for broadband services through nearby SIM devices
EP1589703B1 (en) System and method for accessing a wireless network
US7430604B2 (en) Method and equipment for accessing a telecommunication network
EP2753108B1 (en) Wireless local area network authentication method and mobile terminal
US9148823B2 (en) Ensuring quality of service for private short-range wireless networks
US8611318B2 (en) Method and system for connecting mobile communication terminal with access point
CN100390773C (en) Authentication in a communication system
US8547946B2 (en) Efficient creation of WLAN connections
CN107371163A (en) A kind of method and apparatus for controlling access wireless network
CN102869014A (en) Terminal and data communication method
US8902839B2 (en) Service/mobility domain with handover for private short-range wireless networks
CN111031545A (en) Wireless network access control method and device, relay equipment and electronic equipment
KR20160099396A (en) Using method for communication service and electronic device supporting the same
CN104168561A (en) Hot-spot configuration method and accessing method and device in wireless local-area network
EP1947818B1 (en) A communication system and a communication method
CN103516510A (en) Wireless communication system access control method and related wireless communication system
CN103297968A (en) Wireless terminal identifying method, wireless terminal identifying device and wireless terminal identifying system
WO2016131289A1 (en) Method, device and user equipment for testing security of wireless hotspot
CN100403717C (en) Network sharing method in wireless local network
CN111770094B (en) Access control method of wireless network and related device
EP2453608B1 (en) Method and devices for accessing a wireless local area network
KR20010090037A (en) Wireless local area network connecting device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination