CN112600820B - Network connection method, device, computer equipment and storage medium - Google Patents

Network connection method, device, computer equipment and storage medium Download PDF

Info

Publication number
CN112600820B
CN112600820B CN202011427453.4A CN202011427453A CN112600820B CN 112600820 B CN112600820 B CN 112600820B CN 202011427453 A CN202011427453 A CN 202011427453A CN 112600820 B CN112600820 B CN 112600820B
Authority
CN
China
Prior art keywords
user
identity
type
interface
identifier
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202011427453.4A
Other languages
Chinese (zh)
Other versions
CN112600820A (en
Inventor
赵乾
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tencent Technology Shenzhen Co Ltd
Original Assignee
Tencent Technology Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tencent Technology Shenzhen Co Ltd filed Critical Tencent Technology Shenzhen Co Ltd
Priority to CN202011427453.4A priority Critical patent/CN112600820B/en
Publication of CN112600820A publication Critical patent/CN112600820A/en
Application granted granted Critical
Publication of CN112600820B publication Critical patent/CN112600820B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security

Abstract

The embodiment of the application discloses a network connection method, a network connection device, computer equipment and a storage medium, and belongs to the cloud computing technology under the cloud technology. The network connection method comprises the following steps: when the identity of a user is acquired, displaying an access interface matched with the identity type of the user, wherein the identity of the user is acquired after being scanned in a triggering manner; the identity type of the user is determined according to the authority corresponding to the identity identification of the user; displaying a network connection control in the access interface; and when the network connection control is selected, establishing network connection with the wireless access point according to the service set identifier and the private pre-shared key associated with the identity identifier of the user. By the method and the device, privacy of the network can be guaranteed, and network connection efficiency is improved.

Description

Network connection method, device, computer equipment and storage medium
Technical Field
The present application relates to the field of computer technologies and cloud technologies, and in particular, to a network connection method and apparatus, a computer device, and a storage medium.
Background
With the rapid development of internet technology and cloud technology, various cloud platforms are more and more widely applied, large-scale open Wireless Network establishment accelerates development, and various medium and large-scale enterprises have requirements of Wireless Local Area Networks (WLANs) of enterprises every year. At present, the name and the login password of WIFI need to be known in advance in the login mode of accessing the WIFI input password, the WIFI to be connected is manually selected, then the password is manually input, the operation of the WIFI access mode is quite time-consuming, and the network connection efficiency cannot be effectively guaranteed.
Disclosure of Invention
The embodiment of the application provides a network connection method, a network connection device, computer equipment and a storage medium, which can effectively improve the efficiency of network connection.
An aspect of the present application provides a network connection method, including:
when the identity of a user is acquired, displaying an access interface matched with the identity type of the user, wherein the identity of the user is acquired after being scanned in a triggering manner; the identity type of the user is determined according to the authority corresponding to the identity identification of the user;
displaying a network connection control in the access interface;
and when the network connection control is selected, establishing network connection with the wireless access point according to the service set identifier and the private pre-shared key associated with the identity identifier of the user.
An embodiment of the present application provides a network connection method, including:
receiving an organization identifier and an identity identifier of a user sent by a target applet; the mechanism identification and the identity identification of the user are acquired after the two-dimensional code is scanned;
determining the identity type of the user and a service set identifier and a private pre-shared key which are associated with the identity of the user according to the organization identifier and the identity of the user;
and sending the identity type of the user, the service set identifier associated with the identity of the user and the private pre-shared key to the target applet, so that the target applet displays an access interface matched with the identity type of the user, and the target applet establishes network connection with a wireless access point according to the service set identifier associated with the identity of the user and the private pre-shared key.
An aspect of an embodiment of the present application provides a network connection device, including:
the display module is used for displaying an access interface matched with the identity type of the user when the identity of the user is acquired, wherein the identity of the user is acquired after being scanned in a triggering manner; the identity type of the user is determined according to the authority corresponding to the identity identification of the user;
the output module is used for displaying a network connection control in the access interface, and the access interface carries a service set identifier and a private pre-shared key which are associated with the identity identifier of the user;
and the connection module is used for establishing network connection with the wireless access point according to the service set identifier and the private pre-shared key associated with the identity identifier of the user when the network connection control is selected.
An aspect of an embodiment of the present application provides a network connection device, including:
the receiving module is used for receiving the mechanism identification and the user identification sent by the target applet; the mechanism identification and the identity identification of the user are acquired after the two-dimensional code is scanned;
the determining module is used for determining the identity type of the user and the service set identifier and the private pre-shared key which are associated with the identity of the user according to the mechanism identifier and the identity of the user;
and the sending module is used for sending the identity type of the user, the service set identifier associated with the identity of the user and the private pre-shared key to the target applet so that the target applet displays an access interface matched with the identity type of the user, and the target applet establishes network connection with a wireless access point according to the service set identifier associated with the identity of the user and the private pre-shared key.
An aspect of the embodiments of the present application provides a computer device, including a memory and a processor, where the memory stores a computer program, and when the computer program is executed by the processor, the processor is caused to execute the method in the foregoing embodiments.
An aspect of the embodiments of the present application provides a computer storage medium, in which a computer program is stored, where the computer program includes program instructions, and when the program instructions are executed by a processor, a computer device having the processor is caused to execute the method in the foregoing embodiments.
An aspect of the embodiments of the present application provides a computer program product or a computer program, where the computer program product or the computer program includes computer instructions, and the computer instructions are stored in a computer-readable storage medium, and when executed by a processor of a computer device, cause the computer device to execute the method in the foregoing embodiments.
In the embodiment of the application, when the two-dimensional code is scanned and the identity of the user is obtained, an access interface matched with the identity type of the user can be displayed, when the network connection control is selected, network connection can be performed according to the service set identifier associated with the identity of the user and the private pre-shared key, the user can connect the network only by performing two-dimensional code scanning operation and control selection operation, the service set identifier and the private pre-shared key of the network do not need to be known in advance, WIFI to be connected does not need to be manually selected, and the private pre-shared key does not need to be manually input, so that the network connection efficiency can be improved.
Drawings
FIG. 1a is a system architecture diagram of a network connection provided by an embodiment of the present application;
FIG. 1b is a system architecture diagram of a network connection provided by an embodiment of the present application;
2 a-2 c are schematic diagrams of a network connection scenario provided by an embodiment of the present application;
fig. 3 is a flowchart illustrating a network connection method according to an embodiment of the present application;
FIG. 4a is a schematic diagram of an authorization interface provided by an embodiment of the present application;
FIG. 4b is a schematic diagram of a user connection interface provided by an embodiment of the present application;
FIG. 4c is a schematic diagram of a user connection completion interface according to an embodiment of the present application;
FIG. 4d is a schematic diagram of a user connection completion interface provided by an embodiment of the present application;
fig. 4e-4f are schematic flow charts of a network connection method according to an embodiment of the present application;
fig. 5 is a flowchart illustrating a network connection method according to an embodiment of the present application;
fig. 6a is a schematic structural diagram illustrating a comparison of an authentication method provided in an embodiment of the present application;
fig. 6b is a flowchart illustrating an access network according to an embodiment of the present application;
fig. 6c is a schematic flow chart of a four-way handshake according to an embodiment of the present application;
fig. 6d is a schematic flowchart of determining a first message integrity check code according to an embodiment of the present disclosure;
fig. 7 is a flowchart illustrating a network connection method according to an embodiment of the present application;
fig. 8 is a system architecture diagram of a blockchain according to an embodiment of the present application;
fig. 9 is a flowchart illustrating a network connection method according to an embodiment of the present application;
fig. 10 is a schematic structural diagram of a network connection device according to an embodiment of the present application;
fig. 11 is a schematic structural diagram of a network connection device according to an embodiment of the present application;
fig. 12 is a schematic structural diagram of a computer device according to an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application.
Cloud Technology refers to a hosting Technology for unifying resources of hardware, software, network and the like in a wide area network or a local area network to realize calculation, storage, processing and sharing of data.
The cloud technology is based on the general names of network technology, information technology, integration technology, management platform technology, application technology and the like applied in the cloud computing business model, can form a resource pool, is used as required, and is flexible and convenient. Cloud computing technology will become an important support. Background services of the technical network system require a large amount of computing and storage resources, such as video websites, picture-like websites and more web portals. With the high development and application of the internet industry, each article may have an own identification mark and needs to be transmitted to a background system for logic processing, data of different levels can be processed separately, and various industry data need strong system background support and can be realized only through cloud computing.
Cloud Computing (Cloud Computing) is a Computing model that distributes Computing tasks over a resource pool of large numbers of computers, enabling various application systems to obtain Computing power, storage space, and information services as needed. The network that provides the resources is referred to as the "cloud". Resources in the "cloud" appear to the user as being infinitely expandable and available at any time, available on demand, expandable at any time, and paid for on-demand.
According to the method and the system, data required by network connection are stored in the cloud, the data in the cloud are acquired at any time according to requirements, and the data are expanded at any time, for example, for the network connection of a certain enterprise, enterprise information required by the network connection can be stored in the cloud, and if a certain terminal needs to be accessed to the network of the enterprise, relevant information can be acquired from the cloud to access the network.
As a basic capability provider of cloud computing, a cloud computing resource pool (called as an ifas (Infrastructure as a Service) platform for short is established, and multiple types of virtual resources are deployed in the resource pool and are selectively used by external clients.
According to the method and the system, the cloud platform is utilized to carry out network management, and each enterprise can configure enterprise information required by network connection on the cloud platform, so that the cloud platform can uniformly manage the network of the enterprise, the network management of the enterprise breaks through the space limitation, and the method and the system are more convenient.
Referring to fig. 1a, fig. 1a is a system architecture diagram of a network connection according to an embodiment of the present disclosure. The present application relates to a plurality of terminals 10, a plurality of Wireless Access Points (APs) 20, a cloud platform 30, and a target applet 40 in the terminal 10, and it should be understood that the terminal in fig. 1a has the target applet 40.
In one embodiment, the cloud platform 30 in the system may include at least one of the following functional modules: a functional module, such as an operation platform module, for managing cloud task scheduling, monitoring abnormal conditions, and the like; a function module for connecting with the radio access point 20, such as a HUB module; a function module, such as a device management module, for managing configuration information of the wireless access point 20 connected to the cloud platform 30, where the configuration information may include LAN configuration information of the wireless access point 20, WAN configuration information, an Identifier of the wireless access point 20, an Identifier (SSID) of a Service Set Identifier (SSID) bound by the wireless access point 20, and the like; a functional module for managing configuration information of the wireless access point 20 deployed under each enterprise, such as an enterprise configuration module; a functional module, such as an address book module, for recording the identity of the employee in the enterprise, such as a mobile phone number; for generating, destroying, and updating a Private Pre-Shared Key (PPSK), such as a Key management module, where the Private Pre-Shared Key may be a login password of each employee in an enterprise accessing a wireless network, and each employee corresponds to a Private Pre-Shared Key; a function module, such as an Application service module, for providing a corresponding Application Programming Interface (API) and Interface information to the target applet 40; and a functional module, such as a database module, for persistent storage of data. The operation platform mainly monitors abnormal conditions of network connection, the equipment management mainly manages configuration information of wireless access points connected with the cloud platform 30, the enterprise configuration mainly manages configuration information of the wireless access points to which each enterprise belongs, the HUB mainly takes charge of connection with the wireless access points 20, the address book is used for managing identification marks of employees to which the enterprises belong, the identification marks are unique identification numbers connected with the network and can identify users through the identification marks, the key management is mainly used for distributing different private pre-shared keys to each employee to which the enterprise belongs, the application service mainly provides API and interface information for the network connection small program 40, and the database mainly stores data.
A plurality of wireless access points 20 may be deployed in the system to provide a wireless network. For example, taking a hotel as an example, a plurality of wireless access points 20 may be deployed in the hotel, so that the terminal 10 may access the network anywhere in the hotel, and the configuration information of all the wireless access points in the hotel may be set to be the same, for example, all the wireless access points are set to be the same service set identifier, and then the terminal 10 may implement automatic networking under the network coverage of different wireless access points. The wireless access point 20 may be connected to the cloud platform 30 through the HUB in the cloud platform 30, and may receive configuration information of the wireless access point 20 sent by the cloud platform 30, or a private pre-shared key, and the like, and may also receive and manage connection information of the terminal 10.
The terminals 10 in the system may be connected to the wireless network through the private pre-shared key issued by the cloud platform 30 and specific to the user using the terminals 10, where it should be noted that if one user has multiple terminals 10, the terminals 10 may also be connected to the network through the same private pre-shared key. Wherein the specific implementation of the network connection may be performed by the target applet 40 in the terminal 10. The two-dimensional code may be scanned by using a target application in the terminal, and the two-dimensional code stores a program address of the target applet, and after the two-dimensional code is analyzed, the target applet 40 may be started to perform network connection through the target applet 40. The target application is an application which can bear a target applet in the terminal.
The server in which the cloud platform 30 shown in fig. 1a is located may be an independent physical server, may also be a server cluster or a distributed system formed by a plurality of physical servers, and may also be a cloud server that provides basic cloud computing services such as a cloud service, a cloud database, cloud computing, a cloud function, cloud storage, a network service, cloud communication, middleware service, a domain name service, a security service, a CDN, and a big data and artificial intelligence platform. The terminal 10 may be a Mobile phone, a tablet computer, a notebook computer, a palm computer, a Mobile Internet Device (MID), a wearable Device, or other intelligent devices with a network connection function.
Referring to fig. 1b, fig. 1b is a system architecture diagram of a network connection according to an embodiment of the present disclosure. As shown in fig. 1b, the cloud platform may manage network connections of multiple enterprises, and each enterprise may deploy one or more wireless access points, for example, enterprise 1 shown in fig. 1b deploys one wireless access point, enterprise 2 deploys multiple wireless access points, and in addition to deploying the wireless access points, a firewall and a switch in enterprise 2 may also be deployed to enhance network security. Each enterprise can configure the enterprise information of the network connection to the cloud platform, so that the cloud platform can uniformly manage the network of the enterprise, and the network management of the enterprise is more convenient.
The following is a detailed description of how the target applet 40 is connected to the wireless access point 20 through the cloud platform 30 as shown in fig. 1 a: please refer to fig. 2 a-2 c, which are schematic diagrams illustrating a network connection scenario according to an embodiment of the present application.
As shown in fig. 2a, taking an enterprise as an example, a network manager of the enterprise may perform a series of operations such as configuring a network on a wireless access point purchased by the enterprise through an interface provided by the cloud platform 30, where the network manager may be an administrator for network management in the enterprise, the administrator may create the enterprise on the cloud platform 30, enter enterprise information for network connection into the cloud platform 30 through a function module of the cloud platform 30, and for example, the administrator may enter configuration information of the wireless access point 20 deployed in the enterprise into the cloud platform 30. The administrator may also enter employee information of the enterprise (the employee information may specifically refer to a mobile phone number of the employee) into the cloud platform 30. The administrator may also set a WIFI name and a login password of each employee of the enterprise to which the network is to be connected, and an identity type corresponding to the employee, and store the set WIFI name, login password, identity type, and corresponding employee phone number in the cloud platform 30 in an associated manner. After the enterprise information configuration of the cloud platform 30 is completed, a unique two-dimensional code for network connection for an enterprise (a program address of the target applet 40 and an organization identifier of the enterprise are stored in the two-dimensional code) may be generated, and different branches of the same enterprise, such as a chain hotel, a chain supermarket, and the like, may share the same two-dimensional code, or may use different two-dimensional codes.
After the two-dimensional code of the enterprise is generated, as shown in fig. 2b, the user performs a code scanning operation on the two-dimensional code 21 through the target application, the target application starts the target applet 40 according to the program address stored in the two-dimensional code, and sends the organization identifier of the enterprise in the two-dimensional code 21 to the target applet 40. The target applet 40 sends an authentication request to the target application, the target application returns the user's phone number to the target applet 40 in response to the authentication request, and then the target applet 40 sends the user's phone number and the enterprise's organization identity to the cloud platform 30.
Next, as shown in fig. 2c, the cloud platform 30 determines an address book corresponding to the enterprise according to the mechanism identifier, and then returns the identity type, the login password, and the WIFI name of the user, which are matched with the mobile phone number of the user in the address book, to the target applet 40, and the target applet 40 may display the access interface 23 matched with the identity type according to the difference of the identity types, where the access interface 23 includes a key "one-key networking", and if the user clicks "one-key networking", a network connection may be established according to the login password and the wireless access point 20 corresponding to the WIFI name, and if the network connection is successful, the target applet 40 may be switched from the access interface 23 to the connection completion interface 24.
The implementation details of the technical solution of the embodiment of the present application are set forth in detail below:
referring to fig. 3, fig. 3 is a schematic flowchart of a network connection method provided in an embodiment of the present application, where the network connection method relates to a target applet (e.g., the target applet 40 in the embodiment corresponding to fig. 2a to 2 c) and a cloud platform (e.g., the cloud platform 30 in the embodiment corresponding to fig. 2a to 2 c), and the embodiment mainly describes an interaction process between the target applet and the cloud platform, and the network connection method includes the following steps:
s301: the target applet obtains the identity of the user.
After the two-dimensional code is successfully scanned by the target application, an applet (referred to as a target applet) corresponding to the program address stored in the two-dimensional code may be started, and the target applet sends an authentication request to the target application, so that the target application displays an authorization interface corresponding to the authentication request, where the authorization interface may be an interface shown in fig. 4a, and the authorization interface includes an authorization control, and the authorization control may be "authorization" as shown in fig. 4 a. If the user agrees to authorization, the user may click on the authorization control. When an authorization control in the authorization interface is selected, the target application may obtain the identity of the user, where the target application is an application that carries a target applet. After the target application acquires the identity of the user, the identity of the user can be sent to the target applet, and then the target applet can receive the identity of the user. The identity of the user may be a user name of the user in the target application, for example, the user name may be a mobile phone number, or may be another unique identification number used for indicating the user, which is not limited in this application.
Optionally, the two-dimensional code further stores a mechanism identifier, so that after the two-dimensional code is successfully scanned by the target application, the target application may further obtain the mechanism identifier stored in the two-dimensional code. The target application may then send the mechanism identification to the target applet so that the target applet obtains the mechanism identification. It should be noted that the organization and the enterprise in the embodiment of the present application can be understood in the same way.
S302: and the cloud platform receives the mechanism identification and the identity identification of the user sent by the target applet.
In one implementation, after acquiring the identity and the mechanism identity of the user, the target applet may send the identity and the mechanism identity of the user to the cloud platform, and then the cloud platform may receive the target identity of the target user sent by the target applet.
S303: the cloud platform determines the identity type of the user, and the service set identifier and the private pre-shared key associated with the identity of the user according to the mechanism identifier and the identity of the user.
In one implementation, the cloud platform may store a plurality of user information lists, each of which may be information for all users in one organization, and then the cloud platform may further store a corresponding relationship between the organization identifier and the user information list, and according to the corresponding relationship, the corresponding user information list may be determined according to the organization identifier. Any user information list may include the identities of all users in an organization and the identity types corresponding to the identities, the service set identity (which may be understood as the WIFI name in the embodiment corresponding to fig. 2 a-2 c) and the private pre-shared key (which may be understood as the login password in the embodiment corresponding to fig. 2 a-2 c). The identity type is divided by the authority of the user in the organization, wherein the authority can be the network connection authority. For example, the identity types of the users can be specifically divided into a first type, a second type, a third type and a fourth type according to the sequence of the permissions from low to high. Wherein, the first type of user indicates that the user is a visitor of the organization, the second type of user indicates that the user is a normal employee in the organization, the third type of user indicates that the user is an administrator of network management in the organization, and the fourth type of user indicates that the user is an important employee in the organization, for example, the important employee may be an employee who holds confidential information of the organization in the organization. And aiming at different identity types of the user, the subsequently displayed access interface and the connection completion interface are also different.
Optionally, if the identity type of the user is the second type, the third type, or the fourth type, the private pre-shared key associated with the identity of the user and the identity of the user are uniquely corresponding. While the same private pre-shared key may be configured for any user of the first type.
Optionally, the service set identifier associated with the user of the fourth type is different from the service set identifiers associated with the users of the first type, the second type, and the third type, so that it can be ensured that the network to which the important employee is connected is different from the network to which other employees and visitors in the organization are connected, that is, the connected network is isolated, and thus privacy and network bandwidth of the network can be ensured.
In one implementation, the cloud platform may select a target user information list from a plurality of user information lists according to the mechanism identifier, where the target user information list is a user information list corresponding to the mechanism identifier. After the cloud platform determines the target user information list, the target user information list can be traversed according to the identity of the user, so that the identity type of the user, the service set identifier associated with the identity of the user and the private pre-shared key can be determined from the target user information list.
S304: the cloud platform sends the identity type of the user, the service set identification and the private pre-shared key associated with the identity of the user to the target applet.
S305: the target applet displays an access interface that matches the identity type of the user.
S306: the target applet displays the network connection control in the access interface.
In one implementation, the target applet may display an access interface that matches the identity type of the user, in which a network connection control may be displayed. Optionally, if the identity type of the user is a first type, the access interface is a first access interface corresponding to the first type; or if the identity type of the user is a second type, the access interface is a second access interface corresponding to the second type; or if the identity type of the user is a third type, the access interface is a third access interface corresponding to the third type; or, if the identity type of the user is a fourth type, the access interface is a fourth access interface corresponding to the fourth type.
In one implementation, if the identity type of the user is a first type, the access interface is a first access interface corresponding to the first type, which may be an interface labeled 41 in fig. 4b, and the first access interface may display a network connection control, which may be "one-click networking" as in the interface labeled 41. If the user clicks the network connection control, the target applet can perform authentication processing with the wireless access point corresponding to the service set identifier according to the authentication mode corresponding to the private pre-shared key so as to access the network. That is to say, the first type of users can be networked by one key without knowing the service set identifier and the private pre-shared key, so that the networking is more convenient and faster. For the security of the network, it may be considered that the service set identifier and the private pre-shared key are not displayed on the first access interface, i.e. the service set identifier and the private pre-shared key associated with the identity of the user are hidden in the first access interface. It may also be considered that only the service set identifier is displayed on the first access interface, but the private pre-shared key is not displayed, so that the first type of user cannot acquire the WIFI login password of the network connection, and the leakage of the WIFI login password is avoided.
In one implementation, if the identity type of the user is a second type, the access interface is a second access interface corresponding to the second type, which may be an interface labeled 42 in fig. 4b, which may display a web connection control, which may be "one-click networking" as in the interface labeled 41. If the user clicks the network connection control, the target applet can perform authentication processing with the wireless access point corresponding to the service set identifier according to the authentication mode corresponding to the private pre-shared key so as to access the network. In addition to displaying the network connection control, the second access interface may also display a service set identifier and a private pre-shared key associated with the user's identity. For example, "aaa" in the interface labeled 42 is the service set identification and "222" is the private pre-shared key. The user can obtain the service set identifier and the private pre-shared key on the second access interface, and network connection can be conveniently performed subsequently according to the service set identifier and the private pre-shared key.
In one implementation, if the user's identity type is a third type, then the access interface is a third access interface corresponding to the third type, which may be as labeled by 43 in FIG. 4b, where the third access interface may display, in addition to the network connection control, the service set identification, and the private pre-shared key, such as "push-to-talk," "aaa," and "555" as displayed in the interface labeled by 43. Interface toggle controls may also be included that can "network management" and "personal networking" as shown in the interface labeled 43. The interface switching control can be triggered only after the target applet is successfully connected with the network, namely, a user can click the interface switching control to display different interfaces. If the target applet network connection is not successful, the interface switching control cannot be triggered.
In one implementation, if the identity type of the user is a fourth type, the access interface is a fourth access interface corresponding to the fourth type. Wherein the fourth access interface may be the same as the second access interface, e.g. the fourth access interface may be an interface as marked by 42 in fig. 4 b.
S307: when the network connection control is selected, the target applet establishes a network connection with the wireless access point according to the service set identification and the private pre-shared key associated with the user's identity.
In one implementation, when the network connection control is selected, the target applet may network connect with the private pre-shared key and the service set identification associated with the user's identity. Specifically, when detecting that the network connection control is selected, the target applet may perform authentication processing with the wireless access point according to an authentication method corresponding to the private pre-shared key, where the wireless access point may identify a corresponding wireless access point for the service set, and if the authentication is passed, data communication may be performed between the target applet and the wireless access point.
In one implementation, when the network connection is successful, the access interface displayed by the target applet may switch to a connection completion interface. Alternatively, the connection completion interface may be matched to the identity type of the user. If the identity type of the user is a first type, the connection completion interface is a first connection completion interface corresponding to the first type; or if the identity type of the user is the second type, the connection completion interface is a second connection completion interface corresponding to the second type; or if the identity type of the user is a third type, the connection completion interface is a third connection completion interface corresponding to the third type; or, if the identity type of the user is a fourth type, the connection completion interface is a fourth connection completion interface corresponding to the fourth type.
In one implementation, if the identity type of the user is a first type, the connection completion interface is a first connection completion interface corresponding to the first type, which may be as labeled by 44 in FIG. 4 c. For the security of the network, it may be considered that the service set identifier and the private pre-shared key associated with the user identifier are not displayed on the first connection completion interface, or it may also be considered that the private pre-shared key associated with the user identifier is not displayed on the first connection completion interface, and only the service set identifier is displayed, so that the first type of user cannot acquire the WIFI login password for network connection.
In one implementation, if the identity type of the user is a second type, the connection completion interface is a second connection completion interface corresponding to the second type, which may be the interface labeled 45 in fig. 4 c. Where the service set identification and private pre-shared key associated with the user's identity may be displayed in the second connection completion interface, e.g., "aaa" in the interface labeled 45 for the service set identification and "222" for the private pre-shared key. The user can obtain the service set identifier and the private pre-shared key on the second connection completion interface, and network connection can be conveniently performed subsequently according to the service set identifier and the private pre-shared key.
In one implementation, if the identity type of the user is a third type, the connection completion interface is a third connection completion interface corresponding to the third type, which may be as indicated by 46 in FIG. 4 d. The third connection completion interface may display, among other things, the service set identification and private pre-shared key associated with the user's identity, as shown by "aaa" and "555" in the interface labeled 46. Interface toggle controls may also be included that may be "network management" and "personal networking" as shown in the interface labeled 46. When the interface switching control is selected, the target applet can be switched from the third connection completion interface to the network management interface or from the network management interface to the third connection completion interface. Wherein the network management interface may be as indicated by 47 in figure 4 d. For example, if the user clicks "network management" in the interface labeled 46 in fig. 4d, the target applet may switch from the third connection completion interface labeled 46 to the network management interface labeled 47, and correspondingly, if the user clicks "personal networking" in the interface labeled 47 in fig. 4d, the target applet may switch from the network management interface labeled 47 to the third connection completion interface labeled 46.
Optionally, the network management interface may include network connection information of the wireless access point, and as can be known from the foregoing, the wireless access point herein is a wireless access point corresponding to the service set identifier associated with the user identifier. The network management interface may include network connection information of the wireless access point corresponding to the service set identifier associated with the user identifier, and the network management interface may also include network connection information of all wireless access points in the current organization, which is not limited in the present application. The network connection information may be the network data in the interface labeled 47 in figure 4 d. For example, taking an organization as an example, the network connection information may be related network data under the current organization, such as download speed, online terminal, and the network connection information may further include details of the connected terminal, total flow of online and downlink of an enterprise, and the like, which is not limited in this application. The network management interface may display network connection information and may be operated by a user, for example, the user may click on "wireless access point management", and the target applet may jump to an interface corresponding to a specific operation, assuming that the interface is a wireless access point management interface, in which the user may input configuration information of the wireless access point, which may be LAN configuration information, WAN configuration information, and the like of the wireless access point. Then, after the configuration information of the wireless access point is input in the management interface of the wireless access point, the target applet can acquire the configuration information of the wireless access point and send the configuration information of the wireless access point to the cloud platform, so that the cloud platform configures the wireless access point according to the configuration information of the wireless access point. It should be noted that, the configuration information of the wireless access point is input in the management interface of the wireless access point, where the wireless access point may be a wireless access point corresponding to a service set identifier associated with a user identifier. Or may be all wireless access points under the organization, which is not limited in this application.
In one implementation, if the identity type of the user is a fourth type, the connection completion interface is a fourth connection completion interface corresponding to the fourth type, and the fourth connection completion interface may be a second connection completion interface, for example, the fourth connection completion interface may be an interface as labeled by 45 in fig. 4 c.
In the embodiment of the application, when the two-dimensional code is scanned and the identity of the user is obtained, an access interface matched with the identity type of the user can be displayed, when the network connection control is selected, network connection can be established with the wireless access point according to the service set identifier and the private pre-shared key associated with the identity of the user, the connection completion interface displayed after network connection can also be matched with the identity type of the user, different interface effects can be displayed for users with different identity types, the network can be connected only by performing scanning operation and selection operation, one-key networking is supported, the service set identifier and the private pre-shared key of the network do not need to be known in advance, the private pre-shared key does not need to be manually input, and the network connection efficiency can be improved. In addition, different users have different private pre-shared keys, so that a one-person-one-secret network connection mode is ensured, and the network security is greatly improved; further, even if the key leakage exists, the private pre-shared key can be traced back to the leakage source, and key leakage traceability is achieved.
Referring to fig. 4e-4f, fig. 4e-4f are schematic flow charts of a network connection method according to an embodiment of the present disclosure. As shown in fig. 4e, a third type of user in the enterprise, for example, an administrator in the enterprise for managing the network, may create an enterprise on the cloud platform, and enter enterprise information for performing network connection into the cloud platform through a function module of the cloud platform, for example, configuration information of a wireless access point deployed in the enterprise, employee information (employee phone number) of the enterprise, a WIFI name and a login password of a network to be connected of each employee in the enterprise, and an identity type corresponding to the employee, and the like, into the cloud platform. After the enterprise information connected with the network is input into the cloud platform, unique two-dimensional codes of enterprises can be generated, different branches of the same enterprise can share the same two-dimensional code, and different two-dimensional codes can be used.
The following explains a specific process of the user performing network connection through the two-dimensional code:
as shown in fig. 4f, the user may scan the two-dimensional code through the target application in the terminal, and after the scanning is successful, the target application may start the target applet according to the program address stored in the two-dimensional code, and send the organization identifier of the enterprise in the two-dimensional code to the target applet. After the target application starts the target applet, the target applet may send an authentication request to the target application, and then an authorization interface corresponding to the authentication request, as shown in fig. 4a, may be displayed in the target application to remind the user that authentication and authorization are required, and after the authorization is passed, the target application may obtain an identity of the user, for example, a mobile phone number. And the acquired mechanism identification and the acquired identity identification of the user can be sent to the target small program, so that the target small program sends the mechanism identification and the identity identification of the user to the cloud platform.
Next, as shown in fig. 4f, the cloud platform determines a corresponding address book (stored mobile phone numbers of employees of the enterprise) according to the mechanism identifier, searches and matches the mobile phone number of the user in the address book, and returns a matching result to the target applet, where the matching result may be the identity type of the user, the service set identifier, and the private pre-shared key. The identity types may include a guest user type (the first type described above), a general user type (the second type described above), an administrator user type (the third type described above), and an important user type (the fourth type described above), among others.
And if the identity type of the user is the visitor user type, namely the address book does not have a mobile phone number matched with the mobile phone number, the user is determined as the visitor. The target applet will display a guest user type access interface, such as the interface labeled 41 in FIG. 4 b.
If the identity type of the user is a common user type, namely a mobile phone number matched with the mobile phone number exists in the address book, and the user corresponding to the mobile phone number is determined as a common employee. The target applet will display an access interface of the general user type, as indicated by 42 in fig. 4 b.
If the identity type of the user is the administrator user type, namely a mobile phone number matched with the mobile phone number exists in the address book, and the user corresponding to the mobile phone number is determined as the administrator. The target applet will display an access interface of the administrator user type, as indicated by 43 in fig. 4b, but may also display a network management interface, as indicated by 47 in fig. 4 d.
If the identity type of the user is an important user type, namely a mobile phone number matched with the mobile phone number exists in the address book, and the target user corresponding to the mobile phone number is determined as an important employee. The target applet will display access interfaces of important user types, which may be the same as the access interfaces of normal user types, as the interface marked by 42 in fig. 4b, but users of important user types will have separate service set identities, which are different from the service set identities of users of guest user type, normal user type and administrator user type, i.e. the connected networks are completely isolated, ensuring privacy and network bandwidth.
Referring to fig. 5, fig. 5 is a schematic flowchart of a network connection method provided in an embodiment of the present application, where this embodiment mainly describes a specific implementation process of performing network connection between a service set identifier associated with an identity of a user and a private pre-shared key on a target applet side, and the network connection method described in this embodiment includes the following steps:
s501: when the identity of the user is acquired, displaying an access interface matched with the identity type of the user, wherein the identity of the user is acquired after being scanned in a triggering mode; the identity type of the user is determined according to the authority corresponding to the identity identification of the user.
S502: and displaying the network connection control in the access interface.
S503: and when the network connection control is selected, establishing network connection with the wireless access point according to the service set identifier and the private pre-shared key associated with the identity identifier of the user.
In one implementation, when the network connection control is selected, the target applet may establish a network connection with the wireless access point according to the service set identification and the private pre-shared key associated with the user's identity. Specifically, when detecting that the network connection control is selected, the target applet may perform authentication processing with the wireless access point according to an authentication method corresponding to a private pre-shared key associated with the identity of the user. The authentication mode may be a WPA/WPA2-PPSK authentication mode, and the wireless access point is a wireless access point corresponding to a service set identifier associated with an identity of a user. If the authentication is passed, the target applet can establish a network connection with the wireless access point to facilitate subsequent normal communications.
The WPA/WPA2-PPSK authentication can provide different pre-shared keys for different users, and network security is effectively improved. As shown in fig. 6a, the schematic diagram of the authentication method is compared, and the authentication methods are WPA/WPA2-PSK authentication and WPA/WPA2-PPSK authentication, respectively. As can be seen from fig. 6a, for WPA/WPA2-PSK authentication, the pre-shared key is the same for all terminals connected to the service set identification "aaa". For example, the pre-shared keys of the two terminals shown in fig. 6a are "111", which may have a security hole, and if one user leaks the pre-shared key, the network security may be affected. Whereas for WPA/WPA2-PPSK authentication, each user connected to the service set identified as aaa may have a different pre-shared key and if one user has multiple terminals, these terminals may also be connected to the network with the same pre-shared key. For example, the pre-shared keys of user 1 and user 2 shown in fig. 6a are "111" and "222", respectively, and the pre-shared keys of both terminals owned by user 1 are "111".
In an implementation manner, a specific implementation manner of the target applet performing the authentication processing with the wireless access point according to the authentication manner corresponding to the private pre-shared key may be:
after the target applet obtains the service set identifier, as shown in fig. 6b, the target applet may scan the wireless access points having the same service set identifier as the target applet, and considering that the service set identifiers bound to the wireless access points deployed in the organization may be the same, that is, the target applet may find a plurality of wireless access points having the same service set identifier as the target applet in the scanning process, the target applet may arbitrarily select one wireless access point from the plurality of wireless access points as the wireless access point to establish network connection, or select one wireless access point with the strongest signal from the plurality of wireless access points as the wireless access point to establish network connection according to historical network connection data of the target applet The wireless access point may also be determined according to other manners, which is not limited in this application.
After the target applet determines the wireless access point to establish a network connection, it also needs to authenticate and associate with the wireless access point as shown in fig. 6b, where the authentication process between the target applet and the wireless access point includes the target applet sending an authentication request to the wireless access point, and the wireless access point, after receiving the authentication request, also responds to the authentication request to the target applet. If the target applet wants to access the wireless network through the wireless access point, the target applet must associate with the wireless access point. When the target applet selects the wireless access point through the service set identifier and authenticates with the wireless access point, an association process between the target applet and the wireless access point may be performed, where the association process may specifically be that the target applet sends an association request to the wireless access point, and the wireless access point, after receiving the association request, may also respond to the association request to the target applet. The access procedure between the target applet and the wireless access point is now complete.
Further, after the target applet is connected to the wireless access point, authentication may be performed in a four-way handshake manner, data transmission may be performed only after the authentication is successful, and keys required in subsequent data transmission may be generated in the four-way handshake manner, for example, a Pairwise Transient Key (PTK) and a Group Transient Key (GTK), and data may be encrypted by using the PTK or the GTK in data transmission, where unicast data may be encrypted by using the PTK, and multicast data and broadcast data may be encrypted by using the GTK.
The target applet and the wireless access point may authenticate according to a four-way handshake manner as shown in fig. 6c, and a specific implementation manner of the four-way handshake manner may be:
when the cloud platform sends the private pre-shared key associated with the identity of the user to the target applet, the cloud platform may also send the private pre-shared key to the wireless access point. Then, after the target applet and the wireless access point acquire the Private Pre-Shared Key, a Pairwise Master Key (PMK) may be determined according to the Private Pre-Shared Key and the Service Set Identifier, for example, as shown in fig. 6d, the PMK is obtained according to an Extended Service Set Identifier (ESSID) and a Private Pre-Shared Key PPSK (Private Pre-Shared Key, PPSK), where the ESSID is a Service Set Identifier of the user and the PPSK is a Private Pre-Shared Key of the user. Specifically, the generation of PMK can be expressed by the following formula (1), f 1 A hashing algorithm can be represented:
PMK=f 1 (PPSK,ESSID) (1)
the target applet and the wireless access point may also generate a random number, respectively, where a first random number generated by the wireless access point is denoted as ANonce, and a second random number generated by the target applet is denoted as SNonce.
First handshake: the wireless access point may send an ANonce to the target applet, where the ANonce may be carried in an Extensible Authentication Protocol Key (EAP-Key) message sent by the wireless access point to the target applet. The target applet also obtains a Media Access Control (MAC) Address of the wireless Access point (the MAC Address of the wireless Access point is abbreviated as AA) transmitted to the target applet by the wireless Access point while obtaining the ANonce, and the MAC Address of the wireless Access point may also be understood as a Basic Service Set Identifier (ESSID) as shown in fig. 6 d. Then, the target applet may obtain a first PTK by using a certain hash algorithm according to the PMK, the MAC address of the target applet (the MAC address of the target applet is abbreviated as SPA), and ANonce and AA sent by the wireless access point, where, referring to fig. 6d, generation of the first PTK may be represented by the following formula (2):
PTK 1 =f 2 (PMK,ANonce,SNonce,AA,SPA) (2)
wherein, PTK in the formula (2) 1 Denotes the first PTK, f 2 A hashing algorithm may be represented.
Target applet determines PTK according to equation (2) 1 Thereafter, the target applet may follow the PTK as shown in FIG. 6d 1 A first Message Integrity check Code (MIC) is determined. In the process of determining the first MIC, the first MIC is determined according to the PTK 1 Determining a MIC Key (MIC KEY), which may be a PTK 1 The first 16 bytes, and then determine a first MIC by using the MIC KEY, where the first MIC may be obtained by using a correlation algorithm through the MIC KEY and first EAP-KEY packet data (i.e., a packet as in fig. 6 d), and the generation of the first MIC may be represented by the following formula (3):
MIC 1 =f 3 (MIC Key,Date) (3)
wherein, MIC in formula (3) 1 Denotes the first MIC, f 3 Can represent Advanced Encryption Standard (Advanced Encryption Stan)dard, AES) algorithm or Temporal Key Integration Protocol (TKIP) algorithm, where Date represents the first EAP-Key message data.
Second handshake: after the target applet determines the first MIC, the SNonce and the first MIC may be sent to the wireless access point, which may be carried in a second EAPOL-Key message sent by the target applet to the wireless access point. After the wireless access point receives the SNonce, a second PTK and a second MIC may be determined according to the method for determining the first PTK and the first MIC by the target applet, and then the second MIC is compared with the first MIC, if the second MIC is the same as the first MIC, the second handshake is successful, and if the second MIC is not the same as the first MIC, the authentication fails.
Third handshake: if the second MIC is the same as the first MIC, the wireless access point may send a third EAPOL-Key message to the target applet, where the third EAPOL-Key message may carry the GTK, the second MIC, and first indication information, where the first indication information is used to indicate that the target applet installs the first PTK and GTK on the target applet side. And the second time handshake is performed, and the second PTK is generated by the wireless access point, so that the GTK can be encrypted by using the second PTK in the third EAPOL-Key message.
The fourth handshake: after the target applet side installs the first PTK, the target applet may send a fourth EAPOL-Key packet to the wireless access point, where the fourth EAPOL-Key packet may carry the second MIC and may also carry second indication information, where the second indication information may be used to indicate that the target applet side has successfully installed the first PTK, and then the wireless access point may also install the second PTK after receiving the fourth EAPOL-Key packet. The GTK may be installed on the target applet side after the fourth handshake is completed, or may be installed on the target applet side during the fourth handshake. It should be noted that, if the authentication in the four-way handshake process is successful, the first PTK and the second PTK are the same, and the first MIC and the second MIC are also the same. The installation refers to that data is encrypted by using a PTK or a GTK in data communication, wherein unicast data can be encrypted by using the PTK, and multicast data and broadcast data can be encrypted by using the GTK.
For specific implementation of steps S501 to S503, reference may be made to the detailed description of steps S301 and S305 to S307 in the foregoing embodiment, which is not described herein again.
In the embodiment of the application, the target applet can perform network connection according to the service set identifier associated with the identity identifier of the user and the private pre-shared key, and the private pre-shared keys of different user connection networks are different, so that a one-person and one-secret network connection mode is ensured, and the network security is greatly improved.
Referring to fig. 7, fig. 7 is a flowchart illustrating a network connection method according to an embodiment of the present disclosure. The embodiment mainly describes a specific implementation process of determining, by a cloud platform, an identity type of a user according to an identity of the user, and a service set identifier and a private pre-shared key associated with the identity of the user, and the network connection method described in the embodiment includes the following steps:
s701: and receiving the organization identification and the user identification sent by the target applet.
In one implementation, before receiving the organization identifier and the identity identifier of the user sent by the target applet, configuration information for network connection of each organization may be stored in the cloud platform. The configuration information for network connection of any organization may include information of all users in the organization, and the information may include the identities of the users, the identity type of the user corresponding to the identity of each user, the service set identity associated with the identity of the user, and the private pre-shared key.
Optionally, information of all users in any one organization may be represented by a user information list on the cloud platform, and then, for different organizations, one user information list correspondingly exists. That is, the cloud platform may store a plurality of user information lists, each of which may be information for all users in one organization, and then, the cloud platform may further store a corresponding relationship between the organization identifier and the user information list, as shown in table 1, the corresponding relationship between the organization identifier and the user information list. According to the corresponding relation, a corresponding user information list can be determined according to the mechanism identification. Any user information list may contain information of multiple users, as shown in table 2, a certain user information list stored in the cloud platform is included in the user information list, where the user information list includes an identity identifier, identity type information corresponding to the identity identifier, a service set identifier associated with the identity identifier, and a private pre-shared key. The identity may be a user name of the user in the target application, for example, a mobile phone number. The identity types are divided by the authority of the user in the institution, for example, the identity types of the user can be divided into a first type, a second type, a third type and a fourth type according to the sequence of the authority from low to high. Wherein, the first type of user indicates that the user is not an employee in the organization (because it is not an employee in the organization, the identity is "none"), the second type of user indicates that the user is a normal employee in the organization, the third type of user indicates that the user is an administrator of network management in the organization, and the fourth type of user indicates that the user is an important employee in the organization.
Table 1:
mechanism identification User information list
1 User information list 1
2 User information list 2
3 User information list 3
Table 2:
identity label Identity type Service set identification Private pre-shared key
Is free of First type aaa 111
135…5 Of the second type aaa 222
131…3 Type IV bbb 333
135…3 Of the second type aaa 444
131…7 Third type aaa 555
Optionally, if the identity type of the user is the second type, the third type, or the fourth type, the private pre-shared key associated with the identity of the user and the identity of the user are uniquely corresponding. While the same private pre-shared key may be configured for any user of the first type. Therefore, the target small program of each user accessing the network has an independent password, so that the network security is greatly improved, and even if the password is leaked, the specific leaked password can be processed in a targeted manner. For example, as shown in table 2, the private pre-shared keys with the first type of identity are all 111, and the private pre-shared keys with the second type of identity, the third type of identity, or the fourth type of identity are all different.
It should be noted that the service set identifier corresponding to the fourth type is different from the service set identifiers corresponding to the other types. For example, as shown in Table 2, the service set corresponding to the fourth type is identified as bbb, while the service sets corresponding to the other types are identified as aaa. For the service set identifier corresponding to the first type, the service set identifier corresponding to the second type and the service set identifier corresponding to the third type may be the same or different, and in order to enhance network security, the service set identifier corresponding to the first type may be set differently from the service set identifiers corresponding to the second type and the third type.
In one implementation, the configuration information for network connection of each institution may include, in addition to the information of all users in the institution described above, related information of all wireless access points in the institution, for example, for any institution, the related information may include a wireless access point identifier and a service set identifier corresponding to each wireless access point in the institution, a LAN configuration, a WAN configuration, and the like of each wireless access point. The radio access point identifier may be used to indicate a specific radio access point, for example, if the radio access point identifier of a certain radio access point is 5, it may indicate that the radio access point is the 5 th radio access point in the institution. The service set identifier is a WIFI name of the wireless access point, and the service set identifiers of all the wireless access points in the organization may be set to be the same or different. For example, the service set identifiers shown in table 2 are aaa and bbb, i.e., the service set identifier of at least one wireless access point in the organization is aaa and the service set identifier of at least one wireless access point is bbb.
Then, after the cloud platform completes configuration of the relevant information of all the wireless access points in the mechanism, the relevant information of each wireless access point can be issued to the corresponding wireless access point, and the relevant information is used for configuring the wireless access points.
S702: and determining the identity type of the user and the service set identifier and the private pre-shared key which are associated with the identity of the user according to the organization identifier and the identity of the user.
In one implementation, the cloud platform may select a target user information list from a plurality of user information lists according to the mechanism identifier, where the target user information list is a user information list corresponding to the mechanism identifier. For example, if the mechanism identifier is 2, the target user information list corresponding to the mechanism identifier may be determined to be the user information list 2 according to the mechanism identifier and the corresponding relationship shown in table 1. After the cloud platform determines the target user information list, the target user information list can be traversed according to the identity of the user, so that the identity type of the user, the service set identity associated with the identity of the user and the private pre-shared key can be determined from the target user information list. For example, assuming that the target user information list is table 2 and the user id is 131 … 7, when table 2 is traversed, it may be determined that the corresponding id type with id 131 … 7 is the third type, the service set id associated with the user id is aaa, and the private pre-shared key is 555. For another example, assuming that the identity of the user is 131 … 0, when table 2 is traversed, and no corresponding identity is matched in table 2, it may be determined that the identity type of the user is the first type, the service set identity associated with the identity of the user is aaa, and the private pre-shared key is 111.
S703: and sending the identity type of the user, the service set identifier associated with the identity of the user and the private pre-shared key to the target applet, so that the target applet displays an access interface matched with the identity type of the user, and the target applet establishes network connection with the wireless access point according to the service set identifier associated with the identity of the user and the private pre-shared key.
For specific implementation of steps S701 and S703, reference may be made to the detailed description of steps S302 and S304 in the foregoing embodiment, and details are not described here again.
In the embodiment of the application, the cloud platform can uniformly manage configuration information for network connection in an organization, and issue related information of a plurality of wireless access points in the organization and private pre-shared keys of users, so that the network management is more convenient, and the private pre-shared keys of different wireless access points in the same organization are the same, that is, the same user can access the network through the same private pre-shared key in different wireless access points, thereby realizing the intercommunication of the network.
The terminal where the target applet is located and the server where the cloud platform is located can be nodes in a Block chain network, and the user identity, the user identity type, the service set identity associated with the user identity, and the private pre-shared key can be stored in a Block chain. The blockchain is a novel application mode of computer technologies such as distributed data storage, point-To-point transmission (P2P, Peer To Peer), a consensus mechanism, an encryption algorithm and the like. The blockchain is essentially a decentralized database, which is a string of data blocks associated using cryptography, each data block containing one or more transaction messages for verifying the validity (anti-counterfeiting) of the message and generating the next block.
Referring to fig. 8, fig. 8 is a system architecture diagram of a blockchain according to an embodiment of the present invention. The terminal where the target applet is located and the server where the cloud platform is located in the foregoing embodiment may be any two nodes in node 1, node 2, node 3, or node 4 in fig. 8, all the nodes may be combined into a blockchain system, and each node includes a hardware layer, an intermediate layer, an operating system layer, and an application layer. As can be seen from fig. 8, the blockchain data stored by each node in the blockchain system is the same. It will be appreciated that the nodes may comprise computer devices. The following embodiments are described with a target blockchain node as an execution subject, where the target blockchain node is any one of a plurality of nodes in a blockchain system, and the target blockchain node may correspond to a terminal where the target applet is located:
please refer to fig. 9, which is a flowchart illustrating a network connection method according to an embodiment of the present application, where the network connection method includes the following steps:
s901: when the identity of the user is acquired, the target block chain node encapsulates the identity of the user into a first block, and the first block is stored in a block chain network.
In an implementation manner, after the target block link point obtains the identity of the user, the target block link point may store the identity of the user in a block, calculate the tacher root of the identity of the user, obtain the hash value of the last block of the current block chain, where the target block link point stores the tacher root of the identity of the user, the hash value of the last block of the current block chain, and the current timestamp in a block header, and the target block link point combines the block header and the block in which the identity of the user is stored into a first block, adds the first block to the block chain stored in the target block chain node, and broadcasts the first block to the remaining nodes, so that the remaining nodes add the first block to the block chains maintained by the respective nodes, and the block chains maintained by the respective nodes are synchronized.
In one implementation, after acquiring the identity of the user, the block link point where the cloud platform is located may determine the identity type of the user, the service set identifier and the private pre-shared key associated with the identity of the user, and encapsulate the identity type of the user, the service set identifier and the private pre-shared key associated with the identity of the user into a second block, and store the second block in the block on the block link. When the block chain link point where the cloud platform is located stores the second block on the block chain, the second block can also be broadcast to the rest of nodes, so that the rest of nodes add the second block to the block chain maintained by each node, and the block chains maintained by each node are synchronized.
S902: and acquiring a second block from the block chain, and extracting the identity type of the user and the service set identifier and the private pre-shared key which are associated with the identity of the user from the second block.
In one implementation, the target block chaining point may acquire a second block from the block chain, and read the identity type of the user and the service set identifier and the private pre-shared key associated with the identity of the user from the block of the second block.
By means of the complete attribute and the non-tampering attribute of the block chain, the identity type of the user acquired by the target block chain node point, the service set identifier associated with the identity of the user and the private pre-shared key can be guaranteed to be credible and not tampered, and the trust degree of subsequent network connection is increased.
S903: and when the network connection control is selected, establishing network connection with the wireless access point according to the service set identifier and the private pre-shared key associated with the identity identifier of the user.
For specific implementation of steps S901 to S903, reference may be made to the detailed description of steps S501 to S503 in the foregoing embodiment, which is not described herein again. The execution subject only needs to be adjusted to the target block chain node by the target applet.
By means of the integrity attribute and the non-tampering attribute of the block chain, the identity type of the user acquired by the target block chain node point, the service set identifier associated with the identity of the user and the private pre-shared key can be guaranteed to be trusted and not tampered, the identity of the user stored on the block chain subsequently can be guaranteed not to be tampered, and the security and the credibility of network connection can be improved.
Referring to fig. 10, fig. 10 is a schematic structural diagram of a network connection device according to an embodiment of the present application, where the network connection device may be applied to a target applet in the foregoing embodiment, and the network connection device includes:
the display module 101 is configured to display an access interface matched with the identity type of a user when an identity of the user is acquired, where the identity of the user is acquired after being scanned by triggering; the identity type of the user is determined according to the authority corresponding to the identity identification of the user;
the output module 102 is configured to display a network connection control in the access interface;
a connection module 103, configured to, when the network connection control is selected, establish a network connection with a wireless access point according to the service set identifier and the private pre-shared key associated with the identity of the user.
In one implementation, the identity type of the user is a first type, and the access interface is a first access interface corresponding to the first type; alternatively, the first and second electrodes may be,
the identity type of the user is a second type, and the access interface is a second access interface corresponding to the second type; alternatively, the first and second electrodes may be,
the identity type of the user is a third type, and the access interface is a third access interface corresponding to the third type; wherein the first type, the second type and the third type are divided according to the authority.
In one implementation, the service set identification and private pre-shared key associated with the user's identity are not displayed in the first access interface, and the service set identification and private pre-shared key associated with the user's identity are displayed in the second access interface and the third access interface.
In one implementation, if the identity type of the user is the second type or the third type, the private pre-shared key associated with the identity of the user corresponds uniquely to the identity of the user.
In one implementation, the display module 101 is further configured to:
when the network connection is successful, displaying a connection completion interface matched with the identity type of the user;
the identity type of the user is a first type, and the connection completion interface is a first connection completion interface corresponding to the first type; alternatively, the first and second liquid crystal display panels may be,
the identity type of the user is a second type, and the connection completion interface is a second connection completion interface corresponding to the second type; alternatively, the first and second electrodes may be,
the identity type of the user is a third type, and the connection completion interface is a third connection completion interface corresponding to the third type;
the service set identifier and the private pre-shared key associated with the user's identity are not displayed in the first connection completion interface, and the service set identifier and the private pre-shared key associated with the user's identity are displayed in the second connection completion interface and the third connection completion interface.
In one implementation, the third connection completion interface further includes an interface switching control; the display module 101 is further configured to:
and when the third connection completion interface is displayed and the interface switching control is selected, switching from the third connection completion interface to a network management interface, wherein the network management interface contains network connection information of the wireless access point.
In an implementation manner, the apparatus further includes a sending module 104, specifically configured to:
acquiring configuration information of the wireless access point, wherein the configuration information is input through the network management interface;
and sending the configuration information of the wireless access point to a cloud platform so that the cloud platform configures the wireless access point according to the configuration information of the wireless access point.
In one implementation, the method is performed by a target applet, the target applet being an applet corresponding to a program address stored in the two-dimensional code; the sending module 104 is further configured to: when the two-dimension code is scanned successfully, sending an authentication request to a target application so as to enable the target application to display an authorization interface corresponding to the authentication request, and enabling the target application to acquire the identity of the user when an authorization control in the authorization interface is selected; the target application is an application carrying the target applet;
the apparatus further comprises a receiving module 105, specifically configured to: and receiving the identity of the user sent by the target application.
In one implementation mode, the two-dimensional code stores mechanism identification; the sending module 104 is further configured to: sending the mechanism identification and the identity identification of the user to a cloud platform, so that the cloud platform determines the identity type of the user and a service set identification and a private pre-shared key which are associated with the identity identification of the user according to the mechanism identification and the identity identification of the user;
the receiving module 105 is further configured to: and receiving the identity type of the user, the service set identification and the private pre-shared key which are associated with the identity of the user and sent by the cloud platform.
It should be understood that the division of the modules in the embodiments of the present application is illustrative, and is only one logical function division, and there may be another division manner in actual implementation. Each functional module in the embodiments of the present application may be integrated into one processing module, or each module may exist alone physically, or two or more modules are integrated into one module. The integrated module can be realized in a hardware mode, and can also be realized in a software functional module mode.
Referring to fig. 11, fig. 11 is a schematic structural diagram of a network connection device according to an embodiment of the present disclosure, where the network connection device may be applied to a cloud platform in the foregoing embodiment, and the network connection device includes:
a receiving module 201, configured to receive an organization identifier and an identity identifier of a user, which are sent by a target applet; the mechanism identification and the identity identification of the user are obtained after the two-dimensional code is scanned;
a determining module 202, configured to determine, according to the mechanism identifier and the identity identifier of the user, an identity type of the user, and a service set identifier and a private pre-shared key associated with the identity identifier of the user;
a sending module 203, configured to send the identity type of the user, and the service set identifier and the private pre-shared key associated with the identity of the user to the target applet, so that the target applet displays an access interface matching the identity type of the user, and the target applet establishes a network connection with a wireless access point according to the service set identifier and the private pre-shared key associated with the identity of the user.
In one implementation, the cloud platform stores a plurality of user information lists; the determining module 202 is specifically configured to:
selecting a target user information list from the plurality of user information lists according to the mechanism identification;
and traversing the target user information list according to the identity of the user, and determining the identity type of the user and the service set identity and the private pre-shared key associated with the identity of the user from the target user information list.
It should be understood that the division of the modules in the embodiments of the present application is illustrative, and is only one logical function division, and there may be another division manner in actual implementation. Each functional module in the embodiments of the present application may be integrated into one processing module, or each module may exist alone physically, or two or more modules are integrated into one module. The integrated module can be realized in a hardware mode, and can also be realized in a software functional module mode.
Referring to fig. 12, fig. 12 is a schematic structural diagram of a computer device according to an embodiment of the present application. The computer device may be a terminal where the target applet is located and/or a server where the cloud platform is located, or may perform part or all of the steps performed by the target applet and/or the cloud platform. The computer device described in this embodiment includes: a processor 1201, memory 1202, and a network interface 1203. Data may be exchanged between the processor 1201, the memory 1202, and the network interface 1203.
The Processor 1201 may be a Central Processing Unit (CPU), or other general-purpose Processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), an off-the-shelf Programmable Gate Array (FPGA) or other Programmable logic device, discrete Gate or transistor logic device, discrete hardware component, or the like. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
The memory 1202 may include both read-only memory and random access memory, and provides program instructions and data to the processor 1201. A portion of memory 1202 may also include non-volatile random access memory.
In some embodiments, the computer device may be a terminal where the target applet is located, or may perform some or all of the steps performed by the target applet. For example, the processor 1201, when calling program instructions, is configured to perform:
when the identity of a user is acquired, displaying an access interface matched with the identity type of the user, wherein the identity of the user is acquired after being scanned in a triggering manner; the identity type of the user is determined according to the authority corresponding to the identity identification of the user;
displaying a network connection control in the access interface;
and when the network connection control is selected, establishing network connection with the wireless access point according to the service set identifier and the private pre-shared key associated with the identity identifier of the user.
In one implementation, the identity type of the user is a first type, and the access interface is a first access interface corresponding to the first type; alternatively, the first and second electrodes may be,
the identity type of the user is a second type, and the access interface is a second access interface corresponding to the second type; alternatively, the first and second electrodes may be,
the identity type of the user is a third type, and the access interface is a third access interface corresponding to the third type; wherein the first type, the second type and the third type are divided according to the authority.
In one implementation, the service set identification and the private pre-shared key associated with the user's identity are not displayed in the first access interface, and the service set identification and the private pre-shared key associated with the user's identity are displayed in the second access interface and the third access interface.
In one implementation, if the identity type of the user is the second type or the third type, the private pre-shared key associated with the identity of the user corresponds uniquely to the identity of the user.
In one implementation, the processor 1201 is further configured to:
when the network connection is successful, displaying a connection completion interface matched with the identity type of the user;
the identity type of the user is a first type, and the connection completion interface is a first connection completion interface corresponding to the first type; alternatively, the first and second electrodes may be,
the identity type of the user is a second type, and the connection completion interface is a second connection completion interface corresponding to the second type; alternatively, the first and second electrodes may be,
the identity type of the user is a third type, and the connection completion interface is a third connection completion interface corresponding to the third type;
the service set identifier and the private pre-shared key associated with the user's identity are not displayed in the first connection completion interface, and the service set identifier and the private pre-shared key associated with the user's identity are displayed in the second connection completion interface and the third connection completion interface.
In one implementation, the third connection completion interface further includes an interface switching control; the processor 1201 is further configured to:
and when the third connection completion interface is displayed and the interface switching control is selected, switching from the third connection completion interface to a network management interface, wherein the network management interface contains network connection information of the wireless access point.
In one implementation, the processor 1201 is further configured to:
acquiring configuration information of the wireless access point, wherein the configuration information is input through the network management interface;
and calling a network interface 1203 to send the configuration information of the wireless access point to a cloud platform, so that the cloud platform configures the wireless access point according to the configuration information of the wireless access point.
In one implementation, the method is executed by a target applet, the target applet being an applet corresponding to a program address stored in the two-dimensional code; the processor 1201 is further configured to:
when the two-dimensional code is scanned successfully, a network interface 1203 is called to send an authentication request to a target application, so that the target application displays an authorization interface corresponding to the authentication request, and when an authorization control in the authorization interface is selected, the target application obtains the identity of the user; the target application is an application carrying the target applet;
and calling a network interface 1203 to receive the identity of the user sent by the target application.
In one implementation mode, the two-dimensional code stores mechanism identification; the processor 1201 is further configured to:
calling a network interface 1203 to send the mechanism identifier and the identity identifier of the user to a cloud platform, so that the cloud platform determines the identity type of the user and a service set identifier and a private pre-shared key associated with the identity identifier of the user according to the mechanism identifier and the identity identifier of the user;
and calling a network interface 1203 to receive the identity type of the user and the service set identifier and the private pre-shared key associated with the identity of the user, which are sent by the cloud platform.
In some embodiments, the computer device may be a server on which the cloud platform resides, or may perform some or all of the steps performed by the cloud platform. For example, the processor 1201, when calling program instructions, is configured to perform:
calling a network interface 1203 to receive a mechanism identifier and an identity identifier of a user, which are sent by a target applet; the mechanism identification and the identity identification of the user are obtained after the two-dimensional code is scanned;
determining the identity type of the user and a service set identifier and a private pre-shared key which are associated with the identity of the user according to the mechanism identifier and the identity of the user;
and calling a network interface 1203 to send the identity type of the user, and the service set identifier and the private pre-shared key associated with the identity of the user to the target applet, so that the target applet displays an access interface matched with the identity type of the user, and the target applet establishes network connection with a wireless access point according to the service set identifier and the private pre-shared key associated with the identity of the user.
In one implementation, the cloud platform stores a plurality of user information lists; the processor 1201 is specifically configured to:
the determining the identity type of the user and the service set identifier and the private pre-shared key associated with the identity of the user according to the organization identifier and the identity of the user includes:
selecting a target user information list from the plurality of user information lists according to the mechanism identification;
and traversing the target user information list according to the identity of the user, and determining the identity type of the user, the service set identity associated with the identity of the user and a private pre-shared key from the target user information list.
The embodiment of the present application also provides a computer storage medium, in which program instructions are stored, and when the program is executed, part or all of the steps of the network connection method in the embodiment corresponding to fig. 3, fig. 5, or fig. 7 may be included.
It should be noted that, for simplicity of description, the above-mentioned embodiments of the method are described as a series of acts or combinations, but those skilled in the art should understand that the present application is not limited by the order of acts described, as some steps may be performed in other orders or simultaneously according to the present application. Further, those skilled in the art should also appreciate that the embodiments described in the specification are preferred embodiments and that the acts and modules referred to are not necessarily required in this application.
Those skilled in the art will appreciate that all or part of the steps in the methods of the above embodiments may be implemented by hardware related to instructions of a program, and the program may be stored in a computer-readable storage medium, and the storage medium may include: flash disks, Read-Only memories (ROMs), Random Access Memories (RAMs), magnetic or optical disks, and the like.
Embodiments of the present application also provide a computer program product or computer program, which may include computer instructions, which may be stored in a computer-readable storage medium. The computer instructions may be read by a processor of a computer device from a computer-readable storage medium, and the computer instructions executed by the processor cause the computer device to perform some or all of the steps performed in the embodiments of the methods described above.
The network connection method, apparatus, computer device and storage medium provided in the embodiments of the present application are described in detail above, and specific examples are applied in the present application to explain the principles and embodiments of the present application, and the description of the foregoing embodiments is only used to help understand the method and core ideas of the present application; meanwhile, for a person skilled in the art, according to the idea of the present application, there may be variations in the specific embodiments and application scope, and in summary, the content of the present specification should not be construed as a limitation to the present application.

Claims (14)

1. A network connection method is applied to a target small program, the target small program is a small program corresponding to a program address stored in a two-dimensional code for network connection, a mechanism identifier is stored in the two-dimensional code, and the target small program is triggered and started when the two-dimensional code is successfully scanned, and the method comprises the following steps:
when the identity of a user is acquired, displaying an access interface matched with the identity type of the user, wherein the identity of the user is acquired after being scanned in a triggering manner; the identity type of the user is determined according to the authority corresponding to the identity of the user, the access interface is a first access interface or a second access interface, the service set identifier and the private pre-sharing key associated with the identity of the user are not displayed in the first access interface, and the service set identifier and the private pre-sharing key associated with the identity of the user are displayed in the second access interface;
displaying a network connection control in the access interface;
when the network connection control is selected, establishing network connection with a wireless access point according to a service set identifier and a private pre-shared key associated with the identity identifier of the user; the service set identifier and the private pre-shared key associated with the user identifier are obtained from a user information list stored in a cloud platform and corresponding to the organization identifier, and the user information list comprises the user identifier in the organization corresponding to the organization identifier and the user identity type, the service set identifier and the private pre-shared key corresponding to the user identifier.
2. The method of claim 1,
the identity type of the user is a first type, and the access interface is a first access interface corresponding to the first type; alternatively, the first and second electrodes may be,
the identity type of the user is a second type, and the access interface is a second access interface corresponding to the second type; alternatively, the first and second electrodes may be,
the identity type of the user is a third type, and the access interface is a third access interface corresponding to the third type; wherein the first type, the second type and the third type are divided according to the authority.
3. The method of claim 2, wherein the service set identification and private pre-shared key associated with the user's identity are displayed in the third access interface.
4. The method of claim 2,
and if the identity type of the user is a second type or a third type, the private pre-shared key associated with the identity of the user is uniquely corresponding to the identity of the user.
5. The method of claim 2, further comprising:
when the network connection is successful, displaying a connection completion interface matched with the identity type of the user;
the identity type of the user is a first type, and the connection completion interface is a first connection completion interface corresponding to the first type; alternatively, the first and second liquid crystal display panels may be,
the identity type of the user is a second type, and the connection completion interface is a second connection completion interface corresponding to the second type; alternatively, the first and second electrodes may be,
the identity type of the user is a third type, and the connection completion interface is a third connection completion interface corresponding to the third type;
the service set identifier and the private pre-shared key associated with the user's identity are not displayed in the first connection completion interface, and the service set identifier and the private pre-shared key associated with the user's identity are displayed in the second connection completion interface and the third connection completion interface.
6. The method of claim 5, wherein the third connection completion interface further comprises an interface toggle control;
the method further comprises the following steps:
and when the third connection completion interface is displayed and the interface switching control is selected, switching from the third connection completion interface to a network management interface, wherein the network management interface contains network connection information of the wireless access point.
7. The method of claim 5, further comprising:
acquiring configuration information of the wireless access point, wherein the configuration information is input through the network management interface;
and sending the configuration information of the wireless access point to a cloud platform so that the cloud platform configures the wireless access point according to the configuration information of the wireless access point.
8. The method of claim 1, wherein the method is performed by a target applet, the target applet being an applet corresponding to a program address stored in the two-dimensional code;
the method further comprises;
when the two-dimension code is scanned successfully, sending an authentication request to a target application so that the target application displays an authorization interface corresponding to the authentication request, and when an authorization control in the authorization interface is selected, enabling the target application to acquire the identity of the user; the target application is an application bearing the target applet;
and receiving the identity of the user sent by the target application.
9. The method of claim 8, further comprising:
sending the mechanism identification and the identity identification of the user to a cloud platform, so that the cloud platform determines the identity type of the user and a service set identification and a private pre-shared key which are associated with the identity identification of the user according to the mechanism identification and the identity identification of the user;
and receiving the identity type of the user, the service set identification and the private pre-shared key which are associated with the identity of the user and sent by the cloud platform.
10. A network connection method is applied to a cloud platform, the cloud platform stores a plurality of user information lists, and the method comprises the following steps:
receiving an organization identifier and an identity identifier of a user sent by a target applet; the mechanism identification and the identity identification of the user are obtained after a two-dimensional code is scanned, and the mechanism identification and a program address corresponding to the target small program are stored in the two-dimensional code;
determining the identity type of the user and the service set identifier and the private pre-shared key associated with the identity of the user according to the organization identifier and the identity of the user, comprising: selecting a target user information list corresponding to the mechanism identifier from the plurality of user information lists according to the mechanism identifier; traversing the target user information list according to the identity of the user, and determining the identity type of the user, a service set identity and a private pre-shared key which are associated with the identity of the user from the target user information list;
and sending the identity type of the user and the service set identifier and the private pre-shared key associated with the identity of the user to the target applet so that the target applet displays an access interface matched with the identity type of the user, and the target applet establishes network connection with a wireless access point according to the service set identifier and the private pre-shared key associated with the identity of the user, wherein the access interface is a first access interface or a second access interface, the service set identifier and the private pre-shared key associated with the identity of the user are not displayed in the first access interface, and the service set identifier and the private pre-shared key associated with the identity of the user are displayed in the second access interface.
11. A network connection device, applied to a target applet, where the target applet is an applet corresponding to a program address stored in a two-dimensional code for network connection, and a mechanism identifier is stored in the two-dimensional code, and the target applet is triggered and started when the two-dimensional code is successfully scanned, including:
the display module is used for displaying an access interface matched with the identity type of the user when the identity of the user is acquired, wherein the identity of the user is acquired after being scanned in a triggering manner; the identity type of the user is determined according to the authority corresponding to the identity of the user, the access interface is a first access interface or a second access interface, the service set identifier and the private pre-sharing key associated with the identity of the user are not displayed in the first access interface, and the service set identifier and the private pre-sharing key associated with the identity of the user are displayed in the second access interface;
the output module is used for displaying the network connection control in the access interface;
the connection module is used for establishing network connection with the wireless access point according to the service set identifier and the private pre-shared key associated with the identity identifier of the user when the network connection control is selected; the service set identifier and the private pre-shared key associated with the user identifier are obtained from a user information list stored in a cloud platform and corresponding to the organization identifier, and the user information list comprises the user identifier in the organization corresponding to the organization identifier and the user identity type, the service set identifier and the private pre-shared key corresponding to the user identifier.
12. A network connection device is applied to a cloud platform, the cloud platform stores a plurality of user information lists, and the network connection device comprises:
the receiving module is used for receiving the mechanism identification and the identity identification of the user sent by the target small program; the mechanism identification and the identity identification of the user are acquired after a two-dimensional code is scanned, and the mechanism identification and a program address corresponding to the target small program are stored in the two-dimensional code;
the determining module is used for selecting a target user information list corresponding to the mechanism identifier from the plurality of user information lists according to the mechanism identifier; traversing the target user information list according to the identity of the user, and determining the identity type of the user and a service set identifier and a private pre-shared key associated with the identity of the user from the target user information list;
a sending module, configured to send the identity type of the user and the service set identifier and the private pre-shared key associated with the identity of the user to the target applet, so that the target applet displays an access interface that matches the identity type of the user, and establishes a network connection with a wireless access point according to the service set identifier and the private pre-shared key associated with the identity of the user, where the access interface is a first access interface or a second access interface, the service set identifier and the private pre-shared key associated with the identity of the user are not displayed in the first access interface, and the service set identifier and the private pre-shared key associated with the identity of the user are displayed in the second access interface.
13. A computer arrangement comprising a memory and a processor, the memory storing a computer program which, when executed by the processor, causes the processor to carry out the steps of the method according to any one of claims 1-10.
14. A computer storage medium, characterized in that the computer storage medium stores a computer program comprising program instructions that, when executed by a processor, cause a computer device having the processor to perform the method of any one of claims 1-10.
CN202011427453.4A 2020-12-09 2020-12-09 Network connection method, device, computer equipment and storage medium Active CN112600820B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011427453.4A CN112600820B (en) 2020-12-09 2020-12-09 Network connection method, device, computer equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011427453.4A CN112600820B (en) 2020-12-09 2020-12-09 Network connection method, device, computer equipment and storage medium

Publications (2)

Publication Number Publication Date
CN112600820A CN112600820A (en) 2021-04-02
CN112600820B true CN112600820B (en) 2022-08-26

Family

ID=75191377

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011427453.4A Active CN112600820B (en) 2020-12-09 2020-12-09 Network connection method, device, computer equipment and storage medium

Country Status (1)

Country Link
CN (1) CN112600820B (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20220201480A1 (en) * 2020-12-18 2022-06-23 Cypress Semiconductor Corporation Secure fine time measurement for wireless communication protocols
CN113438712A (en) * 2021-06-07 2021-09-24 上海龙旗科技股份有限公司 Wireless connection method and device
CN114189861B (en) * 2021-11-24 2023-10-20 阿里巴巴(中国)有限公司 Wireless network connection method, device and system
CN116056185B (en) * 2022-05-27 2023-10-27 荣耀终端有限公司 Wi-Fi network connection method, electronic equipment and Wi-Fi network connection system

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105025486A (en) * 2014-04-28 2015-11-04 腾讯科技(深圳)有限公司 Network connection method and user equipment
CN105430643A (en) * 2015-10-28 2016-03-23 广州美渠信息科技有限公司 Method and apparatus for establishing control connection according to information of quick response codes
CN105933353A (en) * 2016-07-05 2016-09-07 北京万维星辰科技有限公司 Method and system for realizing secure login
CN108307529A (en) * 2016-09-26 2018-07-20 宇龙计算机通信科技(深圳)有限公司 A kind of hotspot connection method and its mobile terminal
CN111356090A (en) * 2020-03-12 2020-06-30 深圳市信锐网科技术有限公司 Networking method of network, device thereof, terminal and computer readable storage medium

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107040922B (en) * 2016-05-05 2019-11-26 腾讯科技(深圳)有限公司 Wireless network connecting method, apparatus and system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105025486A (en) * 2014-04-28 2015-11-04 腾讯科技(深圳)有限公司 Network connection method and user equipment
CN105430643A (en) * 2015-10-28 2016-03-23 广州美渠信息科技有限公司 Method and apparatus for establishing control connection according to information of quick response codes
CN105933353A (en) * 2016-07-05 2016-09-07 北京万维星辰科技有限公司 Method and system for realizing secure login
CN108307529A (en) * 2016-09-26 2018-07-20 宇龙计算机通信科技(深圳)有限公司 A kind of hotspot connection method and its mobile terminal
CN111356090A (en) * 2020-03-12 2020-06-30 深圳市信锐网科技术有限公司 Networking method of network, device thereof, terminal and computer readable storage medium

Also Published As

Publication number Publication date
CN112600820A (en) 2021-04-02

Similar Documents

Publication Publication Date Title
CN112600820B (en) Network connection method, device, computer equipment and storage medium
WO2022262078A1 (en) Access control method based on zero-trust security, and device and storage medium
US9992176B2 (en) Systems and methods for encrypted communication in a secure network
US11303431B2 (en) Method and system for performing SSL handshake
US20160269176A1 (en) Key Configuration Method, System, and Apparatus
EP2343917B1 (en) Method, system and device for implementing device addition in the wi-fi device to device network
EP2687036B1 (en) Permitting access to a network
US20200259667A1 (en) Distributed management system for remote devices and methods thereof
US20120266217A1 (en) Permitting Access To A Network
TW201909614A (en) Network access authentication method, apparatus and system
CN111740966B (en) Data processing method based on block chain network and related equipment
US20230344626A1 (en) Network connection management method and apparatus, readable medium, program product, and electronic device
JP2017532837A (en) System and method for pre-association service discovery
TW200833059A (en) System and method for secure record protocol using shared knowledge of mobile user credentials
CN112804354B (en) Method and device for data transmission across chains, computer equipment and storage medium
US20230076147A1 (en) Method and apparatus for authenticating terminal, computer device and storage medium
Wang et al. Application of IoT authentication key management algorithm to personnel information management
Choi et al. Random seed generation for IoT key generation and key management system using blockchain
CN112423300A (en) Wireless network access authentication method and device
CN113452513A (en) Key distribution method, device and system
Lewis et al. Secure VM migration in tactical cloudlets
Gowda et al. TAKM-FC: Two-way Authentication with efficient Key Management in Fog Computing Environments
CN117729056B (en) Equipment identity authentication method and system
CN113347628A (en) Method, access point and terminal for providing network access service
CN115102708A (en) Data processing method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
REG Reference to a national code

Ref country code: HK

Ref legal event code: DE

Ref document number: 40042469

Country of ref document: HK

GR01 Patent grant
GR01 Patent grant