CN116684195A - Unified access method, device, equipment and storage medium based on network twinning - Google Patents

Unified access method, device, equipment and storage medium based on network twinning Download PDF

Info

Publication number
CN116684195A
CN116684195A CN202310824232.8A CN202310824232A CN116684195A CN 116684195 A CN116684195 A CN 116684195A CN 202310824232 A CN202310824232 A CN 202310824232A CN 116684195 A CN116684195 A CN 116684195A
Authority
CN
China
Prior art keywords
network
terminal
twinning
identifier
identity
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202310824232.8A
Other languages
Chinese (zh)
Inventor
于全
秦猛
梁丹丹
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Peng Cheng Laboratory
Original Assignee
Peng Cheng Laboratory
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Peng Cheng Laboratory filed Critical Peng Cheng Laboratory
Priority to CN202310824232.8A priority Critical patent/CN116684195A/en
Publication of CN116684195A publication Critical patent/CN116684195A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks

Landscapes

  • Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Power Engineering (AREA)
  • Medical Informatics (AREA)
  • Biomedical Technology (AREA)
  • Computer And Data Communications (AREA)

Abstract

The invention belongs to the technical field of computer networks, and discloses a unified access method, device, equipment and storage medium based on network twinning. The method comprises the steps of obtaining a terminal identifier of a heterogeneous terminal when an access instruction of the heterogeneous terminal is received; judging whether a network twinning identifier corresponding to the terminal identifier exists in a target mapping table, wherein the target mapping table comprises a one-to-one mapping relationship between the terminal identifier and the network twinning identifier; when the network twinning identification corresponding to the terminal identification exists in the target mapping table, completing the security authentication of the heterogeneous terminal; and after the security authentication of the heterogeneous terminal is completed, initiating a network request for the heterogeneous terminal so that the heterogeneous terminal accesses a cloud primary network. By the mode, the continuity of mobile service can be guaranteed, and the safety access network of man-machine objects can be guaranteed.

Description

Unified access method, device, equipment and storage medium based on network twinning
Technical Field
The present invention relates to the field of computer networks, and in particular, to a unified access method, apparatus, device, and storage medium based on network twinning.
Background
With the continuous development of future network terminal types and access modes, everything interconnection demands facing to man-machine-objects are increasing, and transparent connection of the future network for the man-machine-objects and the like in the network is needed, so that more diversified, individual, efficient and customized services are provided. The traditional network access mode is that a user uses IP to identify identity in a network layer, and an IP address can be changed along with the change of time, place and access mode, so that the continuity of mobile service cannot be ensured.
Disclosure of Invention
The invention mainly aims to provide a unified access method, device, equipment and storage medium based on network twinning, and aims to solve the technical problem that the continuity of service cannot be ensured because an IP address is not fixed when the identity is marked by an IP in a traditional network access mode in the prior art.
In order to achieve the above object, the present invention provides a unified access method based on network twinning, the method comprising the steps of:
when an access instruction of a heterogeneous terminal is received, acquiring a terminal identifier of the heterogeneous terminal;
judging whether a network twinning identifier corresponding to the terminal identifier exists in a target mapping table, wherein the target mapping table comprises a one-to-one mapping relationship between the terminal identifier and the network twinning identifier;
When the network twinning identification corresponding to the terminal identification exists in the target mapping table, completing the security authentication of the heterogeneous terminal;
and after the security authentication of the heterogeneous terminal is completed, initiating a network request for the heterogeneous terminal so that the heterogeneous terminal accesses a cloud primary network.
Optionally, the heterogeneous terminal includes a first heterogeneous terminal, and the network twinning identifier includes a first network twinning identifier; wherein,
before judging whether the network twinning identifier corresponding to the terminal identifier exists in the target mapping table, the method further comprises the following steps:
acquiring iris, fingerprint and identity card information of a target person;
the iris, the fingerprint and the first identification formed after the identity card information are bound are used as the first identity identification of the target person;
generating the target mapping table based on the first identity and the first network twinning identity;
when receiving an access instruction of a heterogeneous terminal, acquiring a terminal identifier of the heterogeneous terminal, including:
when an access instruction of the first heterogeneous terminal is received, acquiring a target person corresponding to the first heterogeneous terminal;
taking the first identity identifier of the target person as the terminal identifier of the first heterogeneous terminal;
The determining whether the network twinning identifier corresponding to the terminal identifier exists in the target mapping table includes:
and judging whether a first network twinning identifier corresponding to the terminal identifier exists in the target mapping table.
Optionally, the heterogeneous terminal includes a second heterogeneous terminal, and the network twinning identifier includes a first network twinning identifier; wherein,
before judging whether the network twinning identifier corresponding to the terminal identifier exists in the target mapping table, the method further comprises the following steps:
acquiring the terminal type, manufacturer, product serial number and MAC address of the target machine;
the second identifier formed after the terminal type, the manufacturer, the product serial number and the MAC address are bound is used as the second identity identifier of the target machine;
and generating the target mapping table based on the second identity and the first network twinning identity.
Optionally, the acquiring, when receiving an access instruction of a heterogeneous terminal, a terminal identifier of the heterogeneous terminal includes:
when an access instruction of the second heterogeneous terminal is received, acquiring a target machine corresponding to the second heterogeneous terminal;
taking the second identity of the target machine as the terminal identity of the second heterogeneous terminal;
The determining whether the network twinning identifier corresponding to the terminal identifier exists in the target mapping table includes:
and judging whether a first network twinning identifier corresponding to the terminal identifier exists in the target mapping table.
Optionally, the heterogeneous terminals include a third heterogeneous terminal, and the network twinning identifier includes a second network twinning identifier; wherein,
before judging whether the network twinning identifier corresponding to the terminal identifier exists in the target mapping table, the method further comprises the following steps:
acquiring the terminal type, manufacturer, product serial number and MAC address of the target object;
the third identifier formed after the terminal type, the manufacturer, the product serial number and the MAC address are bound is used as the third identity identifier of the target object;
and generating the target mapping table based on the third identity and the second network twinning identity.
Optionally, the acquiring, when receiving an access instruction of a heterogeneous terminal, a terminal identifier of the heterogeneous terminal includes:
when an access instruction of the third heterogeneous terminal is received, acquiring a target object corresponding to the third heterogeneous terminal;
taking the third identity of the target object as a terminal identifier of the heterogeneous terminal;
The determining whether the network twinning identifier corresponding to the terminal identifier exists in the target mapping table includes:
and judging whether a second network twinning identifier corresponding to the terminal identifier exists in the target mapping table.
Optionally, the target mapping table further includes a many-to-one mapping relationship of the second network twinning identifier and the first network twinning identifier; wherein,
before judging whether the network twinning identifier corresponding to the terminal identifier exists in the target mapping table, the method further comprises the following steps:
acquiring the terminal type, manufacturer, product serial number and MAC address of the target object;
the third identifier formed after the terminal type, the manufacturer, the product serial number and the MAC address are bound is used as the third identity identifier of the target object;
generating the target mapping table based on the third identity, the second network twinning identity and the first network twinning identity;
the method comprises the steps of obtaining a terminal identifier of the heterogeneous terminal when an access instruction of the heterogeneous terminal is received, wherein the terminal identifier comprises;
when an access instruction of the third heterogeneous terminal is received, acquiring a target object corresponding to the third heterogeneous terminal;
Taking the third identity of the target object as the terminal identity of the third heterogeneous terminal;
the determining whether the network twinning identifier corresponding to the terminal identifier exists in the target mapping table includes:
judging whether a first network twinning identifier corresponding to the terminal identifier exists in the target mapping table;
and when the network twinning identifier corresponding to the terminal identifier exists in the target mapping table, completing the security authentication of the heterogeneous terminal, wherein the security authentication comprises the following steps:
and when the first network twinning identification corresponding to the second network twinning identification exists in the target mapping table, completing the security authentication of the heterogeneous terminal.
In addition, in order to achieve the above object, the present invention also provides a unified access device based on network twinning, which includes:
the acquisition module is used for acquiring the terminal identification of the heterogeneous terminal when receiving the access instruction of the heterogeneous terminal;
the judging module is used for judging whether a network twinning identifier corresponding to the terminal identifier exists in a target mapping table, wherein the target mapping table comprises a one-to-one mapping relation between the terminal identifier and the network twinning identifier;
The completion module is used for completing the security authentication of the heterogeneous terminal when the network twinning identifier corresponding to the terminal identifier exists in the target mapping table;
and the initiating module is used for initiating a network request for the heterogeneous terminal after the security authentication of the heterogeneous terminal is completed, so that the heterogeneous terminal is accessed to a cloud primary network.
In addition, to achieve the above object, the present invention further provides a unified access device based on network twinning, where the unified access device based on network twinning includes: a memory, a processor, and a network twinning-based unified access program stored on the memory and executable on the processor, the network twinning-based unified access program configured to implement the steps of the network twinning-based unified access method as described above.
In addition, to achieve the above object, the present invention also proposes a storage medium having stored thereon a unified access program based on network twinning, which when executed by a processor implements the steps of the unified access method based on network twinning as described above.
According to the unified access method, device, equipment and storage medium based on network twinning, when an access instruction of a heterogeneous terminal is received, the terminal identification of the heterogeneous terminal is obtained; judging whether a network twinning identifier corresponding to the terminal identifier exists in a target mapping table, wherein the target mapping table comprises a one-to-one mapping relationship between the terminal identifier and the network twinning identifier; when the network twinning identification corresponding to the terminal identification exists in the target mapping table, completing the security authentication of the heterogeneous terminal; and after the security authentication of the heterogeneous terminal is completed, initiating a network request for the heterogeneous terminal so that the heterogeneous terminal accesses a cloud primary network. By the method, a supporting technology of intelligent interconnection of the man-machine objects in the cloud primary network architecture can be provided, a core foundation is provided for intelligent interconnection, resource intercommunication, sharing and cooperation of the man-machine objects in the cloud primary network, and the network twinning identification system is creatively established based on network twinning, so that heterogeneous terminals such as the man-machine objects and the like can be accessed into the cloud primary network after the network twinning identification is determined through the terminal identification, and the network twinning identification corresponding to the heterogeneous terminals cannot be changed along with changes of time, places and access modes, so that continuity of mobile services can be ensured.
Drawings
FIG. 1 is a schematic diagram of a network twinning-based unified access device of a hardware operating environment according to an embodiment of the present invention;
FIG. 2 is a flow chart of a first embodiment of a unified access method based on network twinning according to the present invention;
FIG. 3 is a dynamic mapping relationship diagram of heterogeneous terminals such as man-machine-object and network twinning identifiers in a first embodiment of a unified access method based on network twinning in the invention;
fig. 4 is a schematic diagram of a unified access network based on network twinning identification in a first embodiment of the unified access method based on network twinning of the present invention;
FIG. 5 is a flow chart of a second embodiment of a unified access method based on network twinning according to the present invention;
fig. 6 is a block diagram of a first embodiment of a network twinning-based unified access device according to the present invention.
The achievement of the objects, functional features and advantages of the present invention will be further described with reference to the accompanying drawings, in conjunction with the embodiments.
Detailed Description
It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the scope of the invention.
Referring to fig. 1, fig. 1 is a schematic diagram of a unified access device architecture based on network twinning of a hardware running environment according to an embodiment of the present invention.
As shown in fig. 1, the unified access device based on network twinning may include: a processor 1001, such as a central processing unit (Central Processing Unit, CPU), a communication bus 1002, a user interface 1003, a network interface 1004, a memory 1005. Wherein the communication bus 1002 is used to enable connected communication between these components. The user interface 1003 may include a Display, an input unit such as a Keyboard (Keyboard), and the optional user interface 1003 may further include a standard wired interface, a wireless interface. The network interface 1004 may optionally include a standard wired interface, a Wireless interface (e.g., a Wireless-Fidelity (Wi-Fi) interface). The Memory 1005 may be a high-speed random access Memory (Random Access Memory, RAM) Memory or a stable nonvolatile Memory (NVM), such as a disk Memory. The memory 1005 may also optionally be a storage device separate from the processor 1001 described above.
Those skilled in the art will appreciate that the architecture shown in fig. 1 does not constitute a limitation of a network twinned based unified access device, and may include more or fewer components than shown, or may combine certain components, or a different arrangement of components.
As shown in fig. 1, an operating system, a network communication module, a user interface module, and a unified access program based on network twinning may be included in the memory 1005 as one type of storage medium.
In the unified access device based on network twinning shown in fig. 1, the network interface 1004 is mainly used for data communication with a network server; the user interface 1003 is mainly used for data interaction with a user; the processor 1001 and the memory 1005 in the network twinning-based unified access device of the present invention may be disposed in the network twinning-based unified access device, where the network twinning-based unified access device invokes the network twinning-based unified access program stored in the memory 1005 through the processor 1001, and executes the network twinning-based unified access method provided by the embodiment of the present invention.
Based on the hardware structure, the unified access method embodiment based on network twinning is provided.
Referring to fig. 2, fig. 2 is a flow chart of a first embodiment of a unified access method based on network twinning according to the present invention.
In this embodiment, the unified access method based on network twinning includes the following steps:
step S10: and when receiving an access instruction of the heterogeneous terminal, acquiring a terminal identifier of the heterogeneous terminal.
It should be noted that, the execution body of the embodiment may be a computing service device with functions of data processing, network communication and program running, such as a mobile phone, a tablet computer, a personal computer, or an electronic device or a unified access device based on network twinning, which can implement the above functions. The present embodiment and the following embodiments will be described below by taking the unified access device based on network twinning as an example.
It can be understood that the access instruction refers to an instruction that the heterogeneous terminal needs to access the cloud primary network.
It should be noted that the heterogeneous terminal includes a heterogeneous terminal such as a man-machine-object, and the terminal identifier refers to an identifier that can be used to refer to the heterogeneous terminal, specifically, for example, a heterogeneous terminal of a person may use iris, fingerprint, id card information, and the like of the person as the terminal identifier of the heterogeneous terminal of the person.
Step S20: judging whether a network twinning identifier corresponding to the terminal identifier exists in a target mapping table, wherein the target mapping table comprises a one-to-one mapping relation between the terminal identifier and the network twinning identifier.
It should be noted that network twinning is a mobile agent, a transmission agent and a security agent of people, machines and objects in a cloud primary network, is a basic cloud service in the cloud primary network, is a unique entry for accessing the cloud primary network, has no binding relation with an IP address, and the IP address is only used as a position identifier of the network twinning agent, so that heterogeneous terminals such as people, machines and objects only need to complete the function of the mobile agent through the network twinning agent in the mobile process, the access identifier is kept unchanged, and the mobility of users and the continuity of services are ensured; the network twinning identification system can be established based on network twinning, so that the characteristics of supporting network endophytic safety, flexible expansion, ubiquitous movement, flexibility and the like for cloud service are realized, and the network is more efficient, more flexible, more intelligent and safer; the network twinning identification in the network twinning identification system is a service identification and a unique access identification in the cloud primary network.
Step S30: and when the network twinning identification corresponding to the terminal identification exists in the target mapping table, completing the security authentication of the heterogeneous terminal.
It can be understood that when it is determined that the network twinning identifier corresponding to the terminal identifier exists in the target mapping table, the security authentication of the heterogeneous terminal can be considered to be completed.
In a specific implementation, as shown in fig. 3, the identity of a person, the identity of a machine and the identity of an object can be used as elements with the function of accessing to a cloud primary network, and the real-name system is accessed to the network.
In an embodiment, the heterogeneous terminal comprises a first heterogeneous terminal, and the network twinning identity comprises a first network twinning identity; wherein,
before judging whether the network twinning identifier corresponding to the terminal identifier exists in the target mapping table, the method further comprises the following steps:
acquiring iris, fingerprint and identity card information of a target person;
the iris, the fingerprint and the first identification formed after the identity card information are bound are used as the first identity identification of the target person;
generating the target mapping table based on the first identity and the first network twinning identity;
when receiving an access instruction of a heterogeneous terminal, acquiring a terminal identifier of the heterogeneous terminal, including:
When an access instruction of the first heterogeneous terminal is received, acquiring a target person corresponding to the first heterogeneous terminal;
taking the first identity identifier of the target person as the terminal identifier of the first heterogeneous terminal;
the determining whether the network twinning identifier corresponding to the terminal identifier exists in the target mapping table includes:
and judging whether a first network twinning identifier corresponding to the terminal identifier exists in the target mapping table.
It should be noted that the target person may be a natural person or a legal person; for a natural person, the iris, the fingerprint and the first identification formed after the identity card information of the natural person are bound can be used as the first identity identification of a target person; for a legal person, the characterization identity information which can be used for characterizing the legal person can be used as a first identity of the target person.
It should be noted that, the first network twinning identifier refers to a network twinning identifier of a person, where the network twinning identifier of the person includes multidimensional attributes such as an identity identifier of the person, an identity identifier of a machine, and an identifier of man-machine data.
It should be noted that the first identity identifier refers to a person's identity identifier, and the first heterogeneous terminal refers to a person's heterogeneous terminal.
It can be understood that determining whether the first network twinning identifier corresponding to the terminal identifier exists in the target mapping table is to determine whether the first network twinning identifier corresponding to the first identity identifier exists in the target mapping table.
In the embodiment, the personal identity is supported and authenticated based on authentication means such as multi-factor authentication and the like, and potential security threat and attack of the existing network are solved by a real-name internet surfing mode.
In an embodiment, the heterogeneous terminals comprise a second heterogeneous terminal, and the network twinning identity comprises a first network twinning identity; wherein,
before judging whether the network twinning identifier corresponding to the terminal identifier exists in the target mapping table, the method further comprises the following steps:
acquiring the terminal type, manufacturer, product serial number and MAC address of the target machine;
the second identifier formed after the terminal type, the manufacturer, the product serial number and the MAC address are bound is used as the second identity identifier of the target machine;
and generating the target mapping table based on the second identity and the first network twinning identity.
It should be noted that, the first network twinning identifier refers to a network twinning identifier of a person, where the network twinning identifier of the person includes multidimensional attributes such as an identity identifier of the person, an identity identifier of a machine, and an identifier of man-machine data.
It should be noted that the second identity refers to an identity of the machine, and the second heterogeneous terminal refers to the machine heterogeneous terminal.
It should be noted that, the person attaches to the machine access network with the internet function to realize the internet function, and the identity of the person (person ID) and the identity of the machine (machine ID) are dynamically mapped one-to-one with the network twinning identity of the person in the network (network twinning (Cybertwin) ID). The network twinning (Cybertwin) identifier of the person comprises multidimensional attributes such as an identity identifier of the person, an identity identifier of the machine, an identifier of man-machine data and the like.
It should be noted that, both machines and objects have their affiliated legal persons, and the person-machine-object can be uniformly connected into the cloud primary network based on the mapping relation between the identity and the access identity.
In an embodiment, the obtaining, when receiving the access instruction of the heterogeneous terminal, the terminal identifier of the heterogeneous terminal includes:
when an access instruction of the second heterogeneous terminal is received, acquiring a target machine corresponding to the second heterogeneous terminal;
taking the second identity of the target machine as the terminal identity of the second heterogeneous terminal;
the determining whether the network twinning identifier corresponding to the terminal identifier exists in the target mapping table includes:
And judging whether a first network twinning identifier corresponding to the terminal identifier exists in the target mapping table.
It can be understood that determining whether the first network twinning identifier corresponding to the terminal identifier exists in the target mapping table is to determine whether the first network twinning identifier corresponding to the second identifier exists in the target mapping table.
In an embodiment, the heterogeneous terminals include a third heterogeneous terminal, and the network twinning identifier includes a second network twinning identifier; wherein,
before judging whether the network twinning identifier corresponding to the terminal identifier exists in the target mapping table, the method further comprises the following steps:
acquiring the terminal type, manufacturer, product serial number and MAC address of the target object;
the third identifier formed after the terminal type, the manufacturer, the product serial number and the MAC address are bound is used as the third identity identifier of the target object;
and generating the target mapping table based on the third identity and the second network twinning identity.
It should be noted that the second network twinning identifier refers to a network twinning identifier of an object, where the network twinning (Cybertwin) of the object includes multidimensional attributes such as an identity identifier of a person, an identity identifier of the person, and a data identifier of the person.
It should be noted that the third identity refers to an identity of the object, and the third heterogeneous terminal refers to an object heterogeneous terminal.
In an embodiment, the obtaining, when receiving the access instruction of the heterogeneous terminal, the terminal identifier of the heterogeneous terminal includes:
when an access instruction of the third heterogeneous terminal is received, acquiring a target object corresponding to the third heterogeneous terminal;
taking the third identity of the target object as a terminal identifier of the heterogeneous terminal;
the determining whether the network twinning identifier corresponding to the terminal identifier exists in the target mapping table includes:
and judging whether a second network twinning identifier corresponding to the terminal identifier exists in the target mapping table.
It can be understood that determining whether the second network twinning identifier corresponding to the terminal identifier exists in the target mapping table is to determine whether the second network twinning identifier corresponding to the third identity exists in the target mapping table.
Step S40: and after the security authentication of the heterogeneous terminal is completed, initiating a network request for the heterogeneous terminal so that the heterogeneous terminal accesses a cloud primary network.
In a specific implementation, as shown in fig. 4, when a heterogeneous terminal such as a man-machine-object in a network needs to access a cloud primary network, a network twinning identifier corresponding to the terminal identifier is determined by determining a terminal identifier of the heterogeneous terminal such as the man-machine-object according to a mapping relation table (i.e. security authentication is needed for the heterogeneous terminal such as the man-machine-object), and after authentication is completed, a network request is initiated for the heterogeneous terminal to access the cloud primary network.
In the embodiment, when an access instruction of a heterogeneous terminal is received, a terminal identifier of the heterogeneous terminal is obtained; judging whether a network twinning identifier corresponding to the terminal identifier exists in a target mapping table, wherein the target mapping table comprises a one-to-one mapping relationship between the terminal identifier and the network twinning identifier; when the network twinning identification corresponding to the terminal identification exists in the target mapping table, completing the security authentication of the heterogeneous terminal; and after the security authentication of the heterogeneous terminal is completed, initiating a network request for the heterogeneous terminal so that the heterogeneous terminal accesses a cloud primary network. By the method, a support technology of intelligent man-machine-object interconnection in a cloud primary network architecture can be provided, a core foundation is provided for intelligent interconnection, resource intercommunication, sharing and cooperation of man-machine-objects in the cloud primary network, and by creatively establishing a network twinning identification system based on network twinning, heterogeneous terminals such as the man-machine-objects and the like can determine the network twinning identification through the terminal identification and then access the cloud primary network, and the network twinning identification corresponding to the heterogeneous terminals cannot change along with changes of time, place and access modes, so that continuity of mobile services can be ensured.
Referring to fig. 5, fig. 5 is a flowchart of a second embodiment of a unified access method based on network twinning according to the present invention.
Based on the first embodiment, the target mapping table further includes a many-to-one mapping relationship between the second network twinning identifier and the first network twinning identifier; before the step S30, the unified access method based on network twinning in this embodiment further includes:
step S301: and acquiring the terminal type, manufacturer, product serial number and MAC address of the target object.
Step S302: and using a third identifier formed after the terminal type, the manufacturer, the product serial number and the MAC address are bound as a third identity identifier of the target object.
Step S303: and generating the target mapping table based on the third identity, the second network twinning identity and the first network twinning identity.
It should be noted that, the first network twinning identifier refers to a network twinning identifier of a person, the second network twinning identifier refers to a network twinning identifier of an object, the third identity identifier refers to an identity identifier of the object, the identity identifier of the object and the network twinning identifier of the object form a one-to-one mapping relationship, the network twinning identifier of the object and the network twinning identifier of the person affiliated to the object form a mapping relationship, the network twinning identifier of the object and the network twinning identifier of the person form a many-to-one mapping relationship, and the person can be a natural person or a french person.
Step S304: and when receiving the access instruction of the third heterogeneous terminal, acquiring a target object corresponding to the third heterogeneous terminal.
Step S305: and taking the third identity of the target object as the terminal identity of the third heterogeneous terminal.
Step S306: and judging whether a first network twinning identifier corresponding to the terminal identifier exists in the target mapping table.
It can be understood that the identity of the object may first determine the network twinning identity of the object by a one-to-one mapping relationship between the identity of the object in the target mapping table and the network twinning identity of the object, and then determine the network twinning identity of the person by a many-to-one mapping relationship between the network twinning identity of the object in the target mapping table and the network twinning identity of the person.
Step S307: and when the first network twinning identification corresponding to the second network twinning identification exists in the target mapping table, completing the security authentication of the heterogeneous terminal.
The embodiment obtains the terminal type, the manufacturer, the product serial number and the MAC address of the target object; the third identifier formed after the terminal type, the manufacturer, the product serial number and the MAC address are bound is used as the third identity identifier of the target object; generating the target mapping table based on the third identity, the second network twinning identity and the first network twinning identity; taking the third identity of the target object as the terminal identity of the third heterogeneous terminal; judging whether a second network twinning identifier corresponding to the terminal identifier exists in the target mapping table; and when the first network twinning identification corresponding to the second network twinning identification exists in the target mapping table, completing the security authentication of the heterogeneous terminal. By the method, the security authentication is carried out on the heterogeneous terminal by defining the mapping relation among the identity mark of the object, the network twinning mark of the object and the network twinning mark of the person, so that the problems of network security threat and network security attack are prevented in the process of accessing the cloud primary network.
Optionally, generating the target mapping table based on the third identity and the second network twinning identity; and taking the third identity of the target object as the terminal identity of the third heterogeneous terminal, judging that a second network twinning identity corresponding to the terminal identity exists in the target mapping table, and finishing the security authentication of the heterogeneous terminal.
In addition, the embodiment of the invention also provides a storage medium, wherein the storage medium is stored with a unified access program based on network twinning, and the unified access program based on network twinning realizes the steps of the unified access method based on network twinning when being executed by a processor.
Referring to fig. 6, fig. 6 is a block diagram illustrating a first embodiment of a network twinning-based unified access device according to the present invention.
As shown in fig. 6, a unified access device based on network twinning according to an embodiment of the present invention includes:
and the acquisition module 10 is used for acquiring the terminal identification of the heterogeneous terminal when receiving the access instruction of the heterogeneous terminal.
The judging module 20 is configured to judge whether a network twinning identifier corresponding to the terminal identifier exists in a target mapping table, where the target mapping table includes a one-to-one mapping relationship between the terminal identifier and the network twinning identifier.
And a completion module 30, configured to complete security authentication of the heterogeneous terminal when it is determined that the network twinning identifier corresponding to the terminal identifier exists in the target mapping table.
And the initiating module 40 is configured to initiate a network request for the heterogeneous terminal after the security authentication of the heterogeneous terminal is completed, so that the heterogeneous terminal accesses to a cloud primary network.
It should be understood that the foregoing is illustrative only and is not limiting, and that in specific applications, those skilled in the art may set the invention as desired, and the invention is not limited thereto.
In the embodiment, when an access instruction of a heterogeneous terminal is received, a terminal identifier of the heterogeneous terminal is obtained; judging whether a network twinning identifier corresponding to the terminal identifier exists in a target mapping table, wherein the target mapping table comprises a one-to-one mapping relationship between the terminal identifier and the network twinning identifier; when the network twinning identification corresponding to the terminal identification exists in the target mapping table, completing the security authentication of the heterogeneous terminal; and after the security authentication of the heterogeneous terminal is completed, initiating a network request for the heterogeneous terminal so that the heterogeneous terminal accesses a cloud primary network. By the method, a support technology of intelligent man-machine-object interconnection in a cloud primary network architecture can be provided, a core foundation is provided for intelligent interconnection, resource intercommunication, sharing and cooperation of man-machine-objects in the cloud primary network, and by creatively establishing a network twinning identification system based on network twinning, heterogeneous terminals such as the man-machine-objects and the like can determine the network twinning identification through the terminal identification and then access the cloud primary network, and the network twinning identification corresponding to the heterogeneous terminals cannot change along with changes of time, place and access modes, so that continuity of mobile services can be ensured.
In an embodiment, the heterogeneous terminal comprises a first heterogeneous terminal, and the network twinning identity comprises a first network twinning identity; wherein,
the judging module 20 is further configured to:
acquiring iris, fingerprint and identity card information of a target person;
the iris, the fingerprint and the first identification formed after the identity card information are bound are used as the first identity identification of the target person;
generating the target mapping table based on the first identity and the first network twinning identity;
when receiving an access instruction of a heterogeneous terminal, acquiring a terminal identifier of the heterogeneous terminal, including:
when an access instruction of the first heterogeneous terminal is received, acquiring a target person corresponding to the first heterogeneous terminal;
taking the first identity identifier of the target person as the terminal identifier of the first heterogeneous terminal;
the judging module 20 is further configured to:
and judging whether a first network twinning identifier corresponding to the terminal identifier exists in the target mapping table.
In an embodiment, the heterogeneous terminals comprise a second heterogeneous terminal, and the network twinning identity comprises a first network twinning identity; wherein,
The judging module 20 is further configured to:
acquiring the terminal type, manufacturer, product serial number and MAC address of the target machine;
the second identifier formed after the terminal type, the manufacturer, the product serial number and the MAC address are bound is used as the second identity identifier of the target machine;
and generating the target mapping table based on the second identity and the first network twinning identity.
In an embodiment, the obtaining module 10 is further configured to:
when an access instruction of the second heterogeneous terminal is received, acquiring a target machine corresponding to the second heterogeneous terminal;
taking the second identity of the target machine as the terminal identity of the second heterogeneous terminal;
the judging module 20 is further configured to:
and judging whether a first network twinning identifier corresponding to the terminal identifier exists in the target mapping table.
In an embodiment, the heterogeneous terminals include a third heterogeneous terminal, and the network twinning identifier includes a second network twinning identifier; wherein,
the judging module 20 is further configured to:
acquiring the terminal type, manufacturer, product serial number and MAC address of the target object;
The third identifier formed after the terminal type, the manufacturer, the product serial number and the MAC address are bound is used as the third identity identifier of the target object;
and generating the target mapping table based on the third identity and the second network twinning identity.
In an embodiment, the obtaining module 10 is further configured to:
when an access instruction of the third heterogeneous terminal is received, acquiring a target object corresponding to the third heterogeneous terminal;
taking the third identity of the target object as a terminal identifier of the heterogeneous terminal;
the judging module 20 is further configured to:
and judging whether a second network twinning identifier corresponding to the terminal identifier exists in the target mapping table.
In an embodiment, the target mapping table further includes a many-to-one mapping relationship of the second network twinning identifier and the first network twinning identifier; wherein,
the judging module 20 is further configured to:
acquiring the terminal type, manufacturer, product serial number and MAC address of the target object;
the third identifier formed after the terminal type, the manufacturer, the product serial number and the MAC address are bound is used as the third identity identifier of the target object;
Generating the target mapping table based on the third identity, the second network twinning identity and the first network twinning identity;
the acquiring module 20 is further configured to:
when an access instruction of the third heterogeneous terminal is received, acquiring a target object corresponding to the third heterogeneous terminal;
taking the third identity of the target object as the terminal identity of the third heterogeneous terminal;
the judging module 20 is further configured to:
judging whether a first network twinning identifier corresponding to the terminal identifier exists in the target mapping table;
and when the network twinning identifier corresponding to the terminal identifier exists in the target mapping table, completing the security authentication of the heterogeneous terminal, wherein the security authentication comprises the following steps:
and when the first network twinning identification corresponding to the second network twinning identification exists in the target mapping table, completing the security authentication of the heterogeneous terminal.
It should be noted that the above-described working procedure is merely illustrative, and does not limit the scope of the present invention, and in practical application, a person skilled in the art may select part or all of them according to actual needs to achieve the purpose of the embodiment, which is not limited herein.
In addition, technical details not described in detail in the present embodiment may refer to the network twinning-based unified access method provided in any embodiment of the present invention, which is not described herein.
Furthermore, it should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or system that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or system. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or system that comprises the element.
The foregoing embodiment numbers of the present invention are merely for the purpose of description, and do not represent the advantages or disadvantages of the embodiments.
From the above description of the embodiments, it will be clear to those skilled in the art that the above-described embodiment method may be implemented by means of software plus a necessary general hardware platform, but of course may also be implemented by means of hardware, but in many cases the former is a preferred embodiment. Based on such understanding, the technical solution of the present invention may be embodied essentially or in a part contributing to the prior art in the form of a software product stored in a storage medium (e.g. Read Only Memory)/RAM, magnetic disk, optical disk) and including several instructions for causing a terminal device (which may be a mobile phone, a computer, a server, or a network device, etc.) to perform the method according to the embodiments of the present invention.
The foregoing description is only of the preferred embodiments of the present invention, and is not intended to limit the scope of the invention, but rather is intended to cover any equivalents of the structures or equivalent processes disclosed herein or in the alternative, which may be employed directly or indirectly in other related arts.

Claims (10)

1. The unified access method based on the network twinning is characterized by comprising the following steps of:
when an access instruction of a heterogeneous terminal is received, acquiring a terminal identifier of the heterogeneous terminal;
judging whether a network twinning identifier corresponding to the terminal identifier exists in a target mapping table, wherein the target mapping table comprises a one-to-one mapping relationship between the terminal identifier and the network twinning identifier;
when the network twinning identification corresponding to the terminal identification exists in the target mapping table, completing the security authentication of the heterogeneous terminal;
and after the security authentication of the heterogeneous terminal is completed, initiating a network request for the heterogeneous terminal so that the heterogeneous terminal accesses a cloud primary network.
2. The method of claim 1, wherein the heterogeneous terminal comprises a first heterogeneous terminal, the network twinning identity comprising a first network twinning identity; wherein,
Before judging whether the network twinning identifier corresponding to the terminal identifier exists in the target mapping table, the method further comprises the following steps:
acquiring iris, fingerprint and identity card information of a target person;
the iris, the fingerprint and the first identification formed after the identity card information are bound are used as the first identity identification of the target person;
generating the target mapping table based on the first identity and the first network twinning identity;
when receiving an access instruction of a heterogeneous terminal, acquiring a terminal identifier of the heterogeneous terminal, including:
when an access instruction of the first heterogeneous terminal is received, acquiring a target person corresponding to the first heterogeneous terminal;
taking the first identity identifier of the target person as the terminal identifier of the first heterogeneous terminal;
the determining whether the network twinning identifier corresponding to the terminal identifier exists in the target mapping table includes:
and judging whether a first network twinning identifier corresponding to the terminal identifier exists in the target mapping table.
3. The method of claim 1, wherein the heterogeneous terminal comprises a second heterogeneous terminal, the network twinning identity comprising a first network twinning identity; wherein,
Before judging whether the network twinning identifier corresponding to the terminal identifier exists in the target mapping table, the method further comprises the following steps:
acquiring the terminal type, manufacturer, product serial number and MAC address of the target machine;
the second identifier formed after the terminal type, the manufacturer, the product serial number and the MAC address are bound is used as the second identity identifier of the target machine;
and generating the target mapping table based on the second identity and the first network twinning identity.
4. The method of claim 3, wherein the obtaining the terminal identification of the heterogeneous terminal when the access instruction of the heterogeneous terminal is received comprises:
when an access instruction of the second heterogeneous terminal is received, acquiring a target machine corresponding to the second heterogeneous terminal;
taking the second identity of the target machine as the terminal identity of the second heterogeneous terminal;
the determining whether the network twinning identifier corresponding to the terminal identifier exists in the target mapping table includes:
and judging whether a first network twinning identifier corresponding to the terminal identifier exists in the target mapping table.
5. The method of claim 1, wherein the heterogeneous terminal comprises a third heterogeneous terminal, the network twinning identity comprising a second network twinning identity; wherein,
Before judging whether the network twinning identifier corresponding to the terminal identifier exists in the target mapping table, the method further comprises the following steps:
acquiring the terminal type, manufacturer, product serial number and MAC address of the target object;
the third identifier formed after the terminal type, the manufacturer, the product serial number and the MAC address are bound is used as the third identity identifier of the target object;
and generating the target mapping table based on the third identity and the second network twinning identity.
6. The method of claim 5, wherein the obtaining the terminal identification of the heterogeneous terminal when the access instruction of the heterogeneous terminal is received comprises:
when an access instruction of the third heterogeneous terminal is received, acquiring a target object corresponding to the third heterogeneous terminal;
taking the third identity of the target object as the terminal identity of the third heterogeneous terminal;
the determining whether the network twinning identifier corresponding to the terminal identifier exists in the target mapping table includes:
and judging whether a second network twinning identifier corresponding to the terminal identifier exists in the target mapping table.
7. The method of claim 1, wherein the target mapping table further comprises a many-to-one mapping of second network twinning identifications and first network twinning identifications; wherein,
Before judging whether the network twinning identifier corresponding to the terminal identifier exists in the target mapping table, the method further comprises the following steps:
acquiring the terminal type, manufacturer, product serial number and MAC address of the target object;
the third identifier formed after the terminal type, the manufacturer, the product serial number and the MAC address are bound is used as the third identity identifier of the target object;
generating the target mapping table based on the third identity, the second network twinning identity and the first network twinning identity;
the method comprises the steps of obtaining a terminal identifier of the heterogeneous terminal when an access instruction of the heterogeneous terminal is received, wherein the terminal identifier comprises;
when an access instruction of the third heterogeneous terminal is received, acquiring a target object corresponding to the third heterogeneous terminal;
taking the third identity of the target object as the terminal identity of the third heterogeneous terminal;
the determining whether the network twinning identifier corresponding to the terminal identifier exists in the target mapping table includes:
judging whether a first network twinning identifier corresponding to the terminal identifier exists in the target mapping table;
and when the network twinning identifier corresponding to the terminal identifier exists in the target mapping table, completing the security authentication of the heterogeneous terminal, wherein the security authentication comprises the following steps:
And when the first network twinning identification corresponding to the second network twinning identification exists in the target mapping table, completing the security authentication of the heterogeneous terminal.
8. A network twinning-based unified access device, characterized in that the network twinning-based unified access device comprises:
the acquisition module is used for acquiring the terminal identification of the heterogeneous terminal when receiving the access instruction of the heterogeneous terminal;
the judging module is used for judging whether a network twinning identifier corresponding to the terminal identifier exists in a target mapping table, wherein the target mapping table comprises a one-to-one mapping relation between the terminal identifier and the network twinning identifier;
the completion module is used for completing the security authentication of the heterogeneous terminal when the network twinning identifier corresponding to the terminal identifier exists in the target mapping table;
and the initiating module is used for initiating a network request for the heterogeneous terminal after the security authentication of the heterogeneous terminal is completed, so that the heterogeneous terminal is accessed to a cloud primary network.
9. A unified access device based on network twinning, the device comprising: a memory, a processor and a network twinning based unified access program stored on the memory and executable on the processor, the network twinning based unified access program being configured to implement the steps of the network twinning based unified access method of any one of claims 1 to 7.
10. A storage medium having stored thereon a network twinning based unified access program which when executed by a processor implements the steps of the network twinning based unified access method of any one of claims 1 to 7.
CN202310824232.8A 2023-07-05 2023-07-05 Unified access method, device, equipment and storage medium based on network twinning Pending CN116684195A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310824232.8A CN116684195A (en) 2023-07-05 2023-07-05 Unified access method, device, equipment and storage medium based on network twinning

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310824232.8A CN116684195A (en) 2023-07-05 2023-07-05 Unified access method, device, equipment and storage medium based on network twinning

Publications (1)

Publication Number Publication Date
CN116684195A true CN116684195A (en) 2023-09-01

Family

ID=87783864

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310824232.8A Pending CN116684195A (en) 2023-07-05 2023-07-05 Unified access method, device, equipment and storage medium based on network twinning

Country Status (1)

Country Link
CN (1) CN116684195A (en)

Similar Documents

Publication Publication Date Title
US10869196B2 (en) Internet access authentication method and client, and computer storage medium
AU2002228369C1 (en) Method and device for limiting call origination accompanied by executing application
CN113067859B (en) Communication method and device based on cloud mobile phone
CN102833777A (en) Method for testing PORTAL performance of access controller
CN111586716B (en) Network slice deployment method and device
CN108076042A (en) User information acquiring method, server and computer-readable medium
CN105763545B (en) A kind of BYOD method and device
EP1462909A2 (en) A method for managing data sharing among application programs
CN116684195A (en) Unified access method, device, equipment and storage medium based on network twinning
CN106576329B (en) Context-based resource access mediation
CN114531279B (en) Private network access method, server and storage medium
CN114585055A (en) Vehicle-mounted WiFi access method, vehicle controller, cloud server and mobile terminal
CN108282784A (en) Wireless network access method, MiFi terminals, mobile terminal and storage medium
JP2004140563A (en) Communication system and communication terminal device
CN114827924A (en) Service information acquisition method, device and storage medium
CN113746909A (en) Network connection method, device, electronic equipment and computer readable storage medium
CN113566822A (en) Method and system for providing visual positioning navigation service
CN114143144A (en) Distributed gateway-based micro-service calling method and device and related equipment
CN112528333A (en) User privacy protection method, MEC server, terminal, device and medium
CN112000313A (en) Request response method, device, equipment and storage medium
CN113541981A (en) Member management method and system for network slices
CN114268653B (en) Equipment calling method, device, equipment, medium and product
WO2014161338A1 (en) Method, apparatus, and system for webgame interaction
CN114281459B (en) Resource acquisition method and related product
CN111770181B (en) Access method, device and equipment of Internet of things equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination