TW200838222A - Mobile device, communication system and connection establishing method - Google Patents

Mobile device, communication system and connection establishing method Download PDF

Info

Publication number
TW200838222A
TW200838222A TW96108359A TW96108359A TW200838222A TW 200838222 A TW200838222 A TW 200838222A TW 96108359 A TW96108359 A TW 96108359A TW 96108359 A TW96108359 A TW 96108359A TW 200838222 A TW200838222 A TW 200838222A
Authority
TW
Taiwan
Prior art keywords
base station
module
mobile device
set identifier
service set
Prior art date
Application number
TW96108359A
Other languages
Chinese (zh)
Inventor
Yu-Chiang Hung
Original Assignee
Hon Hai Prec Ind Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hon Hai Prec Ind Co Ltd filed Critical Hon Hai Prec Ind Co Ltd
Priority to TW96108359A priority Critical patent/TW200838222A/en
Publication of TW200838222A publication Critical patent/TW200838222A/en

Links

Landscapes

  • Mobile Radio Communication Systems (AREA)

Abstract

A mobile device for establishing a connection with an access point includes an interface module, an authentication module, and an association module. The interface module receives a user authentication instruction to launch authentication. The authentication module authenticates the access point based on a first service set identifier (SSID) in order to acquire a second SSID and a key from the access point. The association module re-associates with the access point using the second SSID and the key. A communication system and a connection establishing method are also provided.

Description

200838222 九、發明說明: 【發明所屬之技術領域】 ’本發明涉及無線通訊領域,尤其涉及一種行動裝置、通訊 系統及連線建立方法。 【先前技術】 隨者無線網路語音(voiceoverInternetProt〇c〇i,ν〇ιρ)技術的發 展’出產了可同時支持全球行動通訊系統(G1〇bai system f〇r m〇硫 (commumcation ’ GSM)與無線區域網路語音(v〇ke _ wirdess200838222 IX. Description of the Invention: [Technical Field of the Invention] The present invention relates to the field of wireless communications, and in particular, to a mobile device, a communication system, and a connection establishment method. [Prior Art] The development of wireless network voice (voiceoverInternetProt〇c〇i, ν〇ιρ) technology has produced a global mobile communication system (G1〇bai system f〇rm〇 〇 〇 与Wireless local area network voice (v〇ke _ wirdess

Area Netw她’ VqWLan)的雙模手機。此雙模手觀可以進行一般 的GSM通話,亦可進行VoWLAN通話。 田此雙杈手機進行VoWLAN通話時,需要先與麗頻内的一基 地臺建立親,才驗由所連_基地臺進行VqWlan通話。 通常,雙模手機與基地臺建立連線需設定基地臺的服務集 標識符(Service Set Ide痛er,ssm)及無線保真(戰^ 、Fidelity ’ WiFi)保護訪問-預共享密输(WiFi pr〇tected八⑽“ ⑽d Key,WPA_PSK),從而需要使用者有相關的技術 背景才能正確的設定SSID及WPA-PSK。 然而,對於一般使用者而言,設定SSID及wpA_pSK複雜度高, 而且有些使用者亦不知應該如何進行設定。 【發明内容】 有鑑於此,需要提供一種行動裝置’可與一基地臺自動且 安全的建立連線。 5 200838222 另,還需要提供一種通訊系統,可用於一行動裝置與一基 地臺之間自動且安全的建立連線。 , 此外,還需要提供一種連線建立方法,可用於一行動裝置 •與一基地臺之間自動且安全的建立連線。 一種行動裝置,用於與一基地臺建立連線,其包括一介面 模組、一認證模組及一連結模組。介面模組用於接收一用戶認 證指令以啟動認證。認證模組用於當認證啟動時根據一第一服 r,,務集標識符(Service Set Identifier,SSID)與該基地臺進行認 證以從基地臺獲取一第二SSID及一密鑰。連結模組用於藉由 第二SSID及密鑰與基地臺重新連結。 .’ 一種通訊系統包括一行動裝置及一基地臺。行動裝置包括 一介面模組、一認證模組及一連結模組。介面模組用於接收一 用戶認證指令以啟動認證。認證模組用於當認證啟動時根據一 第一 SSID與基地臺進行認證以從基地臺獲取一第二SSID及 ,一密鑰。連結模組用於藉由第二SSID及密鑰與基地臺重新連 結。基地臺包括一開始模組、一授權模組及一通訊模組。開始 模組用於接收一用戶授權指令以開始授權。授權模組用於對行 動裝置進行授權以告知第二SSID及密鑰。通訊模組用於藉由 第二SSID及密鑰與行動裝置進行資料傳輸。 一種連線建立方法用於在一基地臺與一行動裝置之間建 立通訊連接,該方法包括以下步驟:基地臺接收一用戶授權指 令以開始授權;行動裝置接收一用戶認證指令以啓動認證;行 6 200838222 動裝置根據一第一 3幻0傳送一握手請求封包至基地臺以查詢 一第二SSID及一密鑰;基地臺傳送一歡迎參與封包至行動裝 •置以告知第二SSID及密鑰;行動裝置傳送一確認封包至基地 •堂以告知第二SSID及密錄已收到;及行動裝置藉由第二 及密鑰與基地臺重新連結。 藉由以下對具體實施方式詳細的描述結合附圖,將可輕易 的瞭解上述内容及此項發明之諸多優點。 錢 【實施方式】 參閱圖1,為本發明實施方式中一無線通訊系統之示意 圖。在本實施方式中,無線通訊系統包括複數行動裝置100及 一基地臺200。在本實施例中,行動裝置1〇〇可為任一接入無 線區域網路之設備,例如··支持全球行動通訊系統(G1〇bal system for mobile communication,GSM)與無線區域網路語音 (Voice over Wireless Local Area Network,Vo WLAN)的雙模 l手機、無線保真(Wireless Fidelity,WiFi)手機、可攜式電腦、 個人數位助理(Personal Digital Assistant,PDA)等。 在本實施方式中,基地臺200先接收一用戶授權指令以開 始授權,行動裝置100接收一用戶認證指令以啓動認證,並根 據一第一服務集標識符(Service Set Identifier,SSID)傳送一 握手請求封包至基地臺200以查詢一第二SSID及一密鑰,基 地臺200傳送一歡迎參與封包至行動裝置1〇〇以告知第二 SSID及密鑰,行動裝置1〇〇再傳送一確認封包至基地臺200 7 200838222 以告知苐二SSID及密餘已收到。此後,行動裝置100藉由第 二SSID及密鑰與基地臺200重新連結,即進行資料傳輸。 • 由此可知,基地臺200包括兩個SSID,第一 SSID用於行 •動裝置100與基地臺200之間的認證授權,第二SSID用於行 動裝置100與基地臺200之間的資料傳輸。故,行動裝置100 與基地臺200可藉由第一 SSID與第二SSID自動且安全的建 立連線。 C 舉例而言,當行動裝置100為雙模手機時,第一 SSID可 用於基地臺200之手機群組(phone Group)之認證授權,第 二SSID可用於行動裝置1⑻與基地臺2〇〇之間的通話。因此, 行動裝置100可自動且安全的參與基地臺2〇〇之手機群組。 且,當有新的行動裝置100參與基地臺200之手機群組 時’不會中斷現有行動裝置100與基地臺200之間的通話。 參閱圖2,為本發明一實施方式中行動裝置1〇〇與基地臺 I 200之模組圖。在本實施方式中,行動裝置1〇〇包括一介面模 組110、一認證模組120及一連結模組130。 介面模組110用於接收一用戶認證指令以啟動認證。在本 實施方式中,介面模組110可為一按鈕或其他類似輸入裝置, 當使用者按壓介面模組110後,介面模組110即可接收用戶認 證指令。 舉例而言,當行動裝置10〇為一雙模手機時,介面模組uo 用於接收用戶認證指令以啟動群組參與。 8 200838222 認證模組120用於當認證啟動時根據一第一 SSID與基地 臺200進行認證以從基地臺200獲取一第二SSID及一密鑰。 •在本實施方式中,密鑰可為一 WiFi保護訪問-預共享密鑰(Wi-Fi .Protected Access Pre-shared Key 5 WPA-PSK)、WiFi 保護訪問 2-預共享密餘(Wi-Fi Protected Access Version 2 Pre_shared Key ’ WPA2-PSK )或有線等效保密(Wired Equivalent Privacy, WEP)密鑰等。 f 認證模組120包括一計算模組121及一握手模組122。計 异模組121用於根據基地臺200之序列號計算第一 SSID。在 本貝加方式中’基地堂200擁有唯一的序列號(Unique SerialArea Netw her 'VqWLan' dual-mode phone. This dual-mode view allows for general GSM calls and VoWLAN calls. When this mobile phone is used for VoWLAN calls, it is necessary to establish a parent relationship with a base station in the LF, and then check the VqWlan call by the _ base station. Usually, the dual-mode mobile phone and the base station need to set the base station's service set identifier (Service Set Ide pain er, ssm) and wireless fidelity (war ^, Fidelity 'WiFi) protection access - pre-shared secret transmission (WiFi) Pr〇tected eight (10) "(10)d Key, WPA_PSK), which requires the user to have the relevant technical background to correctly set the SSID and WPA-PSK. However, for the average user, setting the SSID and wpA_pSK is high, and some The user also does not know how to make settings. [Invention] In view of the above, it is necessary to provide a mobile device that can automatically and securely establish a connection with a base station. 5 200838222 In addition, it is also required to provide a communication system that can be used for one. An automatic and secure connection between the mobile device and a base station. In addition, there is a need to provide a method of establishing a connection that can be used for a mobile device to automatically and securely establish a connection with a base station. The device is configured to establish a connection with a base station, and includes an interface module, an authentication module and a connection module. The interface module is used for receiving The authentication module is configured to start the authentication. The authentication module is configured to perform authentication with the base station according to a first service, when the authentication is started, to obtain a second SSID from the base station according to a first service, and an authentication set identifier (SSID). A key module is used to reconnect with the base station by using the second SSID and the key. A communication system includes a mobile device and a base station. The mobile device includes an interface module, an authentication module, and a connection module, the interface module is configured to receive a user authentication command to initiate authentication. The authentication module is configured to perform authentication with the base station according to a first SSID to obtain a second SSID from the base station when the authentication is started. The key module is used for reconnecting with the base station by using the second SSID and the key. The base station includes a start module, an authorization module and a communication module. The start module is configured to receive a user authorization command. To initiate authorization, the authorization module is configured to authorize the mobile device to notify the second SSID and the key. The communication module is configured to perform data transmission with the mobile device by using the second SSID and the key. The method is for establishing a communication connection between a base station and a mobile device, the method comprising the steps of: the base station receiving a user authorization command to start authorization; and the mobile device receiving a user authentication command to initiate authentication; line 6 200838222 Transmitting a handshake request packet to the base station according to a first 3 magic 0 to query a second SSID and a key; the base station transmits a welcome participation packet to the mobile device to notify the second SSID and the key; the mobile device transmits A confirmation packet is sent to the base to inform the second SSID and the secret record has been received; and the mobile device is re-linked to the base station by the second and the key. The above and many of the advantages of the invention will be readily apparent from the Detailed Description of the Detailed Description. [Embodiment] Referring to Figure 1, there is shown a schematic diagram of a wireless communication system in accordance with an embodiment of the present invention. In the present embodiment, the wireless communication system includes a plurality of mobile devices 100 and a base station 200. In this embodiment, the mobile device 1 can be any device that accesses the wireless local area network, for example, supporting a global mobile communication system (GSM) and wireless local area network ( Voice over Wireless Local Area Network (Vo WLAN) dual-mode l mobile phone, Wireless Fidelity (WiFi) mobile phone, portable computer, Personal Digital Assistant (PDA), etc. In this embodiment, the base station 200 first receives a user authorization command to start authorization, and the mobile device 100 receives a user authentication command to initiate authentication, and transmits a handshake according to a first Service Set Identifier (SSID). Requesting a packet to the base station 200 to query a second SSID and a key, the base station 200 transmits a welcome participation packet to the mobile device 1 to inform the second SSID and the key, and the mobile device 1 transmits a confirmation packet. To base station 200 7 200838222 to inform the second SSID and the secret has been received. Thereafter, the mobile device 100 reconnects with the base station 200 by means of the second SSID and the key, i.e., performs data transmission. • It can be seen that the base station 200 includes two SSIDs, the first SSID is used for authentication authorization between the mobile device 100 and the base station 200, and the second SSID is used for data transmission between the mobile device 100 and the base station 200. . Therefore, the mobile device 100 and the base station 200 can automatically and securely establish a connection by using the first SSID and the second SSID. For example, when the mobile device 100 is a dual-mode mobile phone, the first SSID can be used for the authentication of the mobile phone group of the base station 200, and the second SSID can be used for the mobile device 1 (8) and the base station 2 Between calls. Therefore, the mobile device 100 can automatically and securely participate in the mobile phone group of the base station. Moreover, when a new mobile device 100 participates in the mobile phone group of the base station 200, the call between the existing mobile device 100 and the base station 200 is not interrupted. 2 is a block diagram of a mobile device 1 and a base station I 200 according to an embodiment of the present invention. In this embodiment, the mobile device 1 includes an interface module 110, an authentication module 120, and a connection module 130. The interface module 110 is configured to receive a user authentication command to initiate authentication. In this embodiment, the interface module 110 can be a button or other similar input device. After the user presses the interface module 110, the interface module 110 can receive the user authentication command. For example, when the mobile device 10 is a dual-mode mobile phone, the interface module uo is used to receive a user authentication command to initiate group participation. 8 200838222 The authentication module 120 is configured to perform authentication with the base station 200 according to a first SSID when the authentication is started to acquire a second SSID and a key from the base station 200. In the present embodiment, the key may be a WiFi protected access-pre-shared key (Wi-Fi. Protected Access Pre-shared Key 5 WPA-PSK), WiFi protected access 2 - pre-shared secret (Wi-Fi) Protected Access Version 2 Pre_shared Key 'WPA2-PSK) or Wired Equivalent Privacy (WEP) key. The authentication module 120 includes a computing module 121 and a handshake module 122. The counting module 121 is configured to calculate the first SSID according to the serial number of the base station 200. In the Benbega way, the base hall 200 has a unique serial number (Unique Serial

Number) ’ 如生產序列號(Manufacturing Serial Number)。計 异模組121儲存有基地臺200之序列號,並根據所儲存之序列 號計算第一 SSID。 在其他實施方式中,若計算模組121未儲存有基地臺2〇〇 κ ,之序列號,或所儲存之序列號有誤,則會通知用戶重新輸入基 地臺200之序列號。Number) ’ is the Manufacturing Serial Number. The counting module 121 stores the serial number of the base station 200 and calculates the first SSID based on the stored serial number. In other embodiments, if the calculation module 121 does not store the serial number of the base station 2 〇〇 κ, or the stored serial number is incorrect, the user is notified to re-enter the serial number of the base station 200.

握手模組122用於根據計算模組121所計算之第一 SSID 傳送-握手請求封包至基地臺200以查詢第二ssid&密錄。 當基地臺200接收握手請求封包後,會將第二SSID及密 鑰傳送至行動裝置100。 山 ^然後,握手模組122接收第二SSID及密鑰,並傳送一確 涊封包至基地臺200以告知第二SSID及密鑰已收到。 9 200838222 連結模組130用於藉由第二SSID及密鑰與基地臺2〇〇重 新連結’即與基地臺200進行資料傳輪。 • 另一方面,基地臺200包括一開始模組210、一授權模組 • 220及一通訊模組230。開始模組210用於接收一用戶授權指 令以開始授權。在本實施方式中,開始模組21〇可為一按鈕或 其他類似輸入裳置’當使用者按壓開始模組21〇後,開始模組 210即可接收用戶授權指令。 f; 授權模組22〇用於對行動裝置100進行授權以告知第二 SSID及密鑰。在本實施方式中,授權模組22〇包括一安全設 定模組221及一歡迎模組222。 安全設定模組221用於取消(Disable)及啟用(Enable) 第一 SSID之安全設定。在本實施方式中,當開始模組21〇開 始授權時,安全設定模組221取消第一 SSID之安全設定,以 便於行動裝置100藉由第一 SSID與基地臺200進行認證。 I, 當行動裝置100與基地臺200認證成功後,安全設定模組 221再啟用第一 SSID之安全設定,以確保通訊安全。 歡迎模組222用於傳送一歡迎參與封包至行動裝置以 告知弟二SSID及密錄。在本實施方式中,歡迎模組222儲存 有第二SSID及密鑰,歡迎模組222先利用高級加密標準 (Advanced Encryption Standard,AES )算法對第二 SSID 及贫 鑰加密,再藉由歡迎參與封包傳送加密之第二SSID及密輪。 行動裝置100之握手模組122接收歡迎參與封包後,藉由AEs 10 200838222 算法解密被加密之第二SSID及密鑰而獲取第二SSID及密鑰。 通訊模組230用於藉由第二SSID及密鑰與行動裝置100 ,進行資料傳輸。 ^ 參閱圖3,為本發明連線建立方法一實施方式之流程圖。 在步驟S300,基地臺200接收一用戶授權指令以開始授 權。 在步驟S302,行動裝置100接收一用戶認證指令以啓動 f .認證。 在步驟S304,行動裝置100根據一第一 SSID傳送一握手 請求封包至基地臺200以查詢一第二SSID及一密鑰。 在步驟S306,基地臺200傳送一歡迎參與封包至行動裝 置100以告知第二SSID及密鑰。 在步驟S308,行動裝置100傳送一確認封包至基地臺200 以告知第二SSID及密鑰已收到。 / 在步驟S310,行動裝置100藉由第二SSID及密鑰與基地 臺200重新連結,即進行資料傳輸。 參閱圖4,為圖3中連線建立方法之具體流程圖,其中流 程可藉由圖2之模組來達成。 在步驟S400,與圖3之步驟S300相同,詳而言之,基地 臺200藉由開始模組210接收一用戶授權指令以開始授權。在 本實施方式中,開始模組210可為一按鈕或其他類似輸入裝 置,當使用者按壓開始模組210後,基地臺200即可藉由開始 11 200838222 模組210接收用戶授權指令。 在步驟S402,與圖3之步驟S3〇2相同,詳而言之,行動 •裝置100藉由介面模組11〇接收一用戶認證指令以啟動認證。 .在本實施方式中,介面模組110亦可為一按鈕或其他類似輸入 裝置,當使用者按壓介面模組11〇後,行動裴置1〇〇即可藉由 介面模組110接收用戶認證指令。 在步驟S404,基地臺2⑻取消第一 SSID之安全設定。在 本灵轭方式中,當基地臺2〇〇開始授權時,安全設定模組22〇 取消第一 SSID之安全設定,以便於行動裝置1〇〇藉由第一 SSID與基地臺2〇〇進行認證。 在步驟S406,行動裝置1〇〇根據基地臺2〇〇之序列號計 算第一 SSID。在本實施方式中,基地臺2〇〇擁有唯一的序列 號如生產序列號。计异模組丨21儲存有基地臺2〇〇之序列號, 並根據所儲存之序列號計算第一 SSID。 L 在步驟S408,與圖3之步驟S304相同,行動裝置1〇〇根 據第SSID傳送握手請求封包至基地臺2⑻以查詢第二The handshake module 122 is configured to send a packet to the base station 200 according to the first SSID transmission-handshake request calculated by the calculation module 121 to query the second ssid& secret record. When the base station 200 receives the handshake request packet, the second SSID and the key are transmitted to the mobile device 100. Then, the handshake module 122 receives the second SSID and the key, and transmits a confirmation packet to the base station 200 to inform the second SSID that the key has been received. 9 200838222 The connection module 130 is configured to reconnect with the base station 2 by the second SSID and the key, that is, to carry out data transmission with the base station 200. • On the other hand, the base station 200 includes a start module 210, an authorization module 220, and a communication module 230. The start module 210 is configured to receive a user authorization command to initiate authorization. In this embodiment, the start module 21 can be a button or other similar input. When the user presses the start module 21, the start module 210 can receive the user authorization command. f; The authorization module 22 is configured to authorize the mobile device 100 to inform the second SSID and the key. In this embodiment, the authorization module 22 includes a security setting module 221 and a welcome module 222. The security setting module 221 is used to disable and enable the security setting of the first SSID. In the present embodiment, when the start module 21 starts the authorization, the security setting module 221 cancels the security setting of the first SSID to facilitate the mobile device 100 to authenticate with the base station 200 by the first SSID. I. After the mobile device 100 and the base station 200 are successfully authenticated, the security setting module 221 enables the security setting of the first SSID to ensure communication security. The welcome module 222 is configured to transmit a welcome participation packet to the mobile device to inform the second SSID and the secret record. In this embodiment, the welcome module 222 stores the second SSID and the key, and the welcome module 222 first encrypts the second SSID and the poor key by using the Advanced Encryption Standard (AES) algorithm, and then welcomes the participation. The packet transmits the encrypted second SSID and the secret wheel. After receiving the welcome participation packet, the handshake module 122 of the mobile device 100 acquires the second SSID and the key by decrypting the encrypted second SSID and the key by the AEs 10 200838222 algorithm. The communication module 230 is configured to perform data transmission by using the second SSID and the key and the mobile device 100. Referring to FIG. 3, it is a flowchart of an embodiment of a method for establishing a connection according to the present invention. At step S300, the base station 200 receives a user authorization command to start authorizing. In step S302, the mobile device 100 receives a user authentication command to initiate f. authentication. In step S304, the mobile device 100 transmits a handshake request packet to the base station 200 according to a first SSID to query a second SSID and a key. In step S306, the base station 200 transmits a welcome participation packet to the mobile device 100 to inform the second SSID and the key. In step S308, the mobile device 100 transmits an acknowledgement packet to the base station 200 to inform the second SSID that the key has been received. / In step S310, the mobile device 100 reconnects with the base station 200 by means of the second SSID and the key, that is, data transmission. Referring to FIG. 4, it is a specific flowchart of the method for establishing a connection in FIG. 3, wherein the process can be achieved by using the module of FIG. 2. In step S400, the same as step S300 of Fig. 3, in detail, the base station 200 receives a user authorization command by the start module 210 to start the authorization. In this embodiment, the start module 210 can be a button or other similar input device. After the user presses the start module 210, the base station 200 can receive the user authorization command by starting the module 2008210. In step S402, the same as step S3〇2 of FIG. 3, in detail, the action device 100 receives a user authentication command by the interface module 11 to initiate authentication. In this embodiment, the interface module 110 can also be a button or other similar input device. After the user presses the interface module 11 , the user device can receive the user authentication through the interface module 110. instruction. At step S404, the base station 2 (8) cancels the security setting of the first SSID. In the present yoke mode, when the base station 2 starts to authorize, the security setting module 22 cancels the security setting of the first SSID, so that the mobile device 1 performs the first SSID with the base station 2 Certification. In step S406, the mobile device 1 calculates the first SSID based on the serial number of the base station 2〇〇. In the present embodiment, the base station 2 has a unique serial number such as a production serial number. The counting module 储存21 stores the serial number of the base station 2, and calculates the first SSID based on the stored serial number. In step S408, similar to step S304 of FIG. 3, the mobile device 1 transmits a handshake request packet to the base station 2 (8) according to the SSID to query the second.

及逾錄在本實施方式中’密鑰可為一 Wpa-psk、WPA2-PSK 或WEP密鑰等。 參閱圖5,為圖4中節點A之後的流程圖。 在步驟S500,基地臺200接收握手請求封包。 在步驟S502,與圖3之步驟S306相同,基地臺2⑻傳送 一歡迎參與封包至行動裝置1〇〇以告知第二SSID及密鑰。在 12 200838222 本實施方式中,歡迎模組222儲存有第二SSID及您丛卜 ^ %,歡迎 模組222先利用AES算法對第二SSID及密鑰加密,再藉由歡 ,迎參與封包傳送被加密之第二SSID及密餘。 - 在步驟S504,行動裝置1〇〇接收歡迎參與封包,'解^ 歡迎參與封包而獲取第二SSID及密鑰。在本實施方次中 ^ 手模組122先接收歡迎參與封包,再藉由AES算法解褒被加 密之第二SSID及密鑰而獲取第二SSID及密錄。 ( 在步驟S506,與圖3之步驟S308相同,行動裳置1〇〇傳 送確認封包至基地臺1〇〇以告知第二SSID及密鑰已收到。 在步驟S508’基地堂200接收確認封包,並啟用第一 ssid 之安全設定。 在步驟S510,與圖3之步驟S310相同,行動裝置1〇〇藉 由第二SSID及密鑰與基地臺200重新連結,即進行資料傳輸。 在本發明實施方式中,基地臺200包括兩個SSID,第一 r SSID用於行動裝置1⑻與基地臺200之間的認證授權,第二 SSID用於行動裝置1⑻與基地臺200之間的資料傳輸。故, 當有新的行動裝置100與基地臺200進行認證時,不會中斷現 有行動裝Ϊ 1〇〇與基地臺200之資料傳輸。 且,由於行動裝置100與基地臺200進行資料傳輸時未使 用第一 SSIP,即第一 SSID被隱藏’從而可以防止駭客試圖掃 描第一 SSIP ’減少被入侵的可能性。 綜上所述,本發明符合發明專利要件,爰依法提出專利申 13 200838222 請。惟,以上所述者僅為本發明之較佳實施方式,舉凡熟悉本 案技藝之人士,在援依本案發明精神所作之等效修飾或變化, -皆應包含於以下之申請專利範圍内。 .【圖式簡單說明】 圖1係本發明實施方式中一無線通訊系統之示意圖。 圖2係本發明一實施方式中行動裝置與基地臺之模組圖。 圖3係本發明連線建立方法一實施方式之流程圖。 ^ 圖4係圖3中連線建立方法之具體流程圖。 圖5係圖4中節點A之後的流程圖。 【主要元件符號說明】 行動裝置 100 介面模組 110 認證模組 120 計算模組 121 握手模組 122 連結模組 130 基L 士也堂 200 開始模組 210 授權模組 220 安全設定模組 221 歡迎模組 222 通訊模組 230 14And the excess is recorded in the present embodiment. The key may be a Wpa-psk, WPA2-PSK or WEP key. Referring to FIG. 5, it is a flowchart after node A in FIG. At step S500, the base station 200 receives the handshake request packet. In step S502, similar to step S306 of Fig. 3, the base station 2 (8) transmits a welcome participation packet to the mobile device 1 to inform the second SSID and the key. In 12 200838222, in the embodiment, the welcome module 222 stores the second SSID and the bundle, and the welcome module 222 first encrypts the second SSID and the key by using the AES algorithm, and then participates in the packet transmission by using the AES algorithm. The second SSID and the secret that are encrypted. - In step S504, the mobile device 1 receives the welcome participation packet, and 'resolves the welcome packet to acquire the second SSID and the key. In the embodiment, the hand module 122 first receives the welcome participation packet, and then decrypts the encrypted second SSID and the key by the AES algorithm to obtain the second SSID and the secret record. (In step S506, as in step S308 of Fig. 3, the action is set to transmit a confirmation packet to the base station 1 to inform the second SSID and the key has been received. In step S508, the base hall 200 receives the confirmation packet. And enabling the security setting of the first ssid. In step S510, similar to step S310 of FIG. 3, the mobile device 1 re-links with the base station 200 by using the second SSID and the key, that is, data transmission. In an embodiment, the base station 200 includes two SSIDs, the first r SSID is used for authentication authorization between the mobile device 1 (8) and the base station 200, and the second SSID is used for data transmission between the mobile device 1 (8) and the base station 200. When the new mobile device 100 authenticates with the base station 200, the data transmission of the existing mobile device and the base station 200 is not interrupted. Moreover, since the mobile device 100 and the base station 200 perform data transmission, they are not used. The first SSIP, that is, the first SSID is hidden 'to prevent the hacker from attempting to scan the first SSIP' to reduce the possibility of being invaded. In summary, the present invention complies with the patent requirements of the invention, and patents are filed according to law. 200838222 Please note that the above description is only the preferred embodiment of the present invention, and those who are familiar with the art of the present invention, equivalent modifications or variations in the spirit of the invention, should be included in the following patent application scope. BRIEF DESCRIPTION OF THE DRAWINGS Fig. 1 is a schematic diagram of a wireless communication system in accordance with an embodiment of the present invention. Fig. 2 is a block diagram of a mobile device and a base station according to an embodiment of the present invention. A flowchart of a method for establishing a method is shown in Fig. 4. Fig. 4 is a specific flowchart of a method for establishing a connection line in Fig. 3. Fig. 5 is a flow chart after node A in Fig. 4. [Description of main component symbols] Mobile device 100 interface module 110 Authentication Module 120 Calculation Module 121 Handshake Module 122 Connection Module 130 Base L Shiyitang 200 Start Module 210 Authorization Module 220 Security Setting Module 221 Welcome Module 222 Communication Module 230 14

Claims (1)

200838222 十、申請專利範圍: 1. 一種行動裝置,用於與一基地臺建立連線,該行動裝置包括: • 一介面模組,用於接收一用戶認證指令以啟動認證; • 一認證模組,用於當認證啟動時根據一第一服務集標識符與 該基地臺進行認證以從該基地臺獲取一第二服務集標識符 及一密鑰;及 一連結模組,用於藉由該第二服務集標識符及該密鑰與該基 瘦 地臺重新連結。 i 2. 如申請專利範圍第1項所述之行動裝置,其中該行動裝置為 一雙模手機,該介面模組用於接收該用戶認證指令以啟動群 組參與。 3. 如申請專利範圍第1項所述之行動裝置,其中該介面模組為 一按鈕。 4. 如申請專利範圍第1項所述之行動裝置,其中該認證模組包 / 括一計算模組,用於根據該基地臺之序列號計算該第一服務 I 集標識符。 5. 如申請專利範圍第4項所述之行動裝置,其中該認證模組更 包括一握手模組,用於根據所計算之第一服務集標識符傳送 一握手請求封包至該基地臺以查詢該第二服務集標識符及 該密錄。 6. 如申請專利範圍第5項所述之行動裝置,其中該握手模組還 用於傳送一確認封包至該基地臺以告知該第二服務集標識 15 200838222 符及該密鑰已收到。 7.如申請專利範圍第1項所述之行動裝置,其中該密錄為一有 , 線等效保密密鑰。 -8.如申請專利範圍第1項所述之行動裝置,其中該密鑰為一無 線保真保護訪問-預共享密鑰。 9.如申請專利範圍第1項所述之行動裝置,其中該密鑰為一無 線保真保護訪問2-預共享密鑰。 f 10.—種通訊系統,包括一基地臺及一行動裝置,其中: 該行動裝置包括: 一介面模組,用於接收一用戶認證指令以啟動認證; 一認證模組,用於當認證啟動時根據一第一服務集標識符與 該基地臺進行認證以從該基地臺獲取一第二服務集標識符 及一密鑰;及 一連結模組,用於藉由該第二服務集標識符及該密鑰與該基 , 地臺重新連結; \ - 該基地臺包括: 一開始模組,用於接收一用戶授權指令以開始授權; 一授權模組,用於對該行動裝置進行授權以告知該第二服務 集標識符及該密鑰;及 一通訊模組,用於藉由該第二服務集標識符及該密鑰與該行 動裝置進行資料傳輸。 11.如申請專利範圍第10項所述之通訊系統,其中該介面模組 16 200838222 為一按钮。 12.如申請專利範圍第10項所述之通訊系統,其中該開始模組 • 為一按钮。 • 13.如申請專利範圍第10項所述之通訊系統,其中該認證模組 包括一計算模組,用於根據該基地臺之序列號計算該第一服 務集標識符。 14. 如申請專利範圍第13項所述之通訊系統,其中該認證模組 r 更包括一握手模組,用於根據所計算之第一服務集標識符傳 送一握手請求封包至該基地臺以查詢該第二服務集標識符 及該密錄。 15. 如申請專利範圍第14項所述之通訊系統,其中該授權模組 包括一歡迎模組,用於傳送一歡迎參與封包至該行動裝置以 告知該第二服務集標識符及該密鑰。 16. 如申請專利範圍第15項所述之通訊系統,其中該握手模組 , 還用於傳送一確認封包至該基地臺以告知該第二服務集標 識符及該密输已收到。 17. 如申請專利範圍第10項所述之通訊系統,其中該授權模組 包括一安全設定模組,用於取消及啓用該第一服務集標識符 之安全設定。 18. —種連線建立方法,用於在一基地臺與一行動裝置之間建 立通訊連接,該連線建立方法包括以下步驟: 該基地臺接收一用戶授權指令以開始授權; 17 200838222 該行動裝置接收一用戶認證指令以啓動認證; 該行動裝置根據一第一服務集標識符傳送一握手請求封包 - 至該基地臺以查詢一第二服務集標識符及一密鑰; • 該基地臺傳送一歡迎參與封包至該行動裝置以告知該第二 服務集標識符及該密鑰; 該行動裝置傳送一確認封包至該基地臺以告知該第二服務 集標識符及該密鑰已收到;及 , 該行動裝置藉由該第二服務集標識符及該密鑰與該基地臺 重新連結。 19.如申請專利範圍第18項所述之連線建立方法,更包括以下 步驟: 該基地臺取消該第一服務集標識符之安全設定;及 該行動裝置根據該基地臺之序列號計算該第一服務集標識 符。 f 20.如申請專利範圍第19項所述之連線建立方法,更包括以下 V 步驟: 該基地臺接收該握手請求封包。 21. 如申請專利範圍第20項所述之連線建立方法,更包括以下 步驟: 該行動裝置接收該歡迎參與封包,並解讀該歡迎參與封包而 獲取該第二服務集標識符及該密鑰。 22. 如申請專利範圍第21項所述之連線建立方法,更包括以下 18 200838222 步驟: 該基地臺接收該確認封包,並啟用該第一服務集標識符之安 * 全設定。200838222 X. Patent application scope: 1. A mobile device for establishing a connection with a base station, the mobile device comprising: • an interface module for receiving a user authentication command to initiate authentication; • an authentication module And, when the authentication is started, performing authentication with the base station according to a first service set identifier to obtain a second service set identifier and a key from the base station; and a link module for using the The second service set identifier and the key are re-linked to the base platform. 2. The mobile device of claim 1, wherein the mobile device is a dual mode mobile phone, and the interface module is configured to receive the user authentication command to initiate group participation. 3. The mobile device of claim 1, wherein the interface module is a button. 4. The mobile device of claim 1, wherein the authentication module includes a computing module for calculating the first service I set identifier according to the serial number of the base station. 5. The mobile device of claim 4, wherein the authentication module further comprises a handshake module, configured to transmit a handshake request packet to the base station according to the calculated first service set identifier to query The second service set identifier and the secret record. 6. The mobile device of claim 5, wherein the handshake module is further configured to transmit a confirmation packet to the base station to inform the second service set identifier 15 200838222 and the key has been received. 7. The mobile device of claim 1, wherein the secret record is a one-line, line equivalent secret key. -8. The mobile device of claim 1, wherein the key is a wireless fidelity protection access-pre-shared key. 9. The mobile device of claim 1, wherein the key is a wireless fidelity protection access 2-pre-shared key. f 10. A communication system comprising a base station and a mobile device, wherein: the mobile device comprises: an interface module for receiving a user authentication command to initiate authentication; and an authentication module for starting the authentication And authenticating with the base station according to a first service set identifier to obtain a second service set identifier and a key from the base station; and a link module for using the second service set identifier And the key is re-linked to the base and the base; the base station includes: a start module for receiving a user authorization command to start authorization; and an authorization module for authorizing the mobile device Notifying the second service set identifier and the key; and a communication module, configured to perform data transmission with the mobile device by using the second service set identifier and the key. 11. The communication system of claim 10, wherein the interface module 16 200838222 is a button. 12. The communication system of claim 10, wherein the start module is a button. 13. The communication system of claim 10, wherein the authentication module comprises a computing module for calculating the first service set identifier based on the serial number of the base station. 14. The communication system of claim 13, wherein the authentication module r further comprises a handshake module, configured to transmit a handshake request packet to the base station according to the calculated first service set identifier. Query the second service set identifier and the secret record. 15. The communication system of claim 14, wherein the authorization module comprises a welcome module for transmitting a welcome participation packet to the mobile device to inform the second service set identifier and the key . 16. The communication system of claim 15, wherein the handshake module is further configured to transmit a confirmation packet to the base station to inform the second service set identifier and the secret transmission has been received. 17. The communication system of claim 10, wherein the authorization module comprises a security setting module for canceling and enabling security settings of the first service set identifier. 18. A method of establishing a connection for establishing a communication connection between a base station and a mobile device, the method for establishing a connection comprising the steps of: receiving, by the base station, a user authorization command to initiate authorization; 17 200838222 the action Receiving, by the device, a user authentication command to initiate authentication; the mobile device transmitting a handshake request packet according to a first service set identifier - to the base station to query a second service set identifier and a key; a welcome participation packet to the mobile device to inform the second service set identifier and the key; the mobile device transmits an acknowledgement packet to the base station to inform the second service set identifier and the key has been received; And the mobile device reconnects to the base station by using the second service set identifier and the key. 19. The method for establishing a connection according to claim 18, further comprising the steps of: canceling, by the base station, a security setting of the first service set identifier; and calculating, by the mobile device, the serial number of the base station The first service set identifier. f 20. The method for establishing a connection as described in claim 19, further comprising the following V steps: The base station receives the handshake request packet. 21. The method for establishing a connection according to claim 20, further comprising the steps of: receiving, by the mobile device, the welcome participation packet, and interpreting the welcome participation packet to obtain the second service set identifier and the key . 22. The method for establishing a connection as described in claim 21, further includes the following 18 200838222 Step: The base station receives the acknowledgement packet and enables the security setting of the first service set identifier. 1919
TW96108359A 2007-03-12 2007-03-12 Mobile device, communication system and connection establishing method TW200838222A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW96108359A TW200838222A (en) 2007-03-12 2007-03-12 Mobile device, communication system and connection establishing method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW96108359A TW200838222A (en) 2007-03-12 2007-03-12 Mobile device, communication system and connection establishing method

Publications (1)

Publication Number Publication Date
TW200838222A true TW200838222A (en) 2008-09-16

Family

ID=44820438

Family Applications (1)

Application Number Title Priority Date Filing Date
TW96108359A TW200838222A (en) 2007-03-12 2007-03-12 Mobile device, communication system and connection establishing method

Country Status (1)

Country Link
TW (1) TW200838222A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI424727B (en) * 2009-08-27 2014-01-21 Arcadyan Technology Corp Method for network connection

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI424727B (en) * 2009-08-27 2014-01-21 Arcadyan Technology Corp Method for network connection

Similar Documents

Publication Publication Date Title
CN101262670B (en) Mobile device, communication system and connection establishment method
JP6203985B1 (en) Secure provisioning of authentication credentials
US9113330B2 (en) Wireless authentication using beacon messages
KR101901448B1 (en) Method and apparatus for associating statinon (sta) with access point (ap)
EP2900006B1 (en) Method and system for securely accessing portable hotspot of smart phones
US9392453B2 (en) Authentication
CN1836404B (en) Method and system for reducing cross switch wait time
CN102726080B (en) The Station To Station security association that individual's basic service is concentrated
EP2845362B1 (en) Secure communications for computing devices utilizing proximity services
US20160360407A1 (en) Distributed configurator entity
CN102111766B (en) Network accessing method, device and system
US20110320802A1 (en) Authentication method, key distribution method and authentication and key distribution method
CN104836787A (en) System and method for authenticating client station
WO2009094942A1 (en) Method and communication network system for establishing security conjunction
JP2006345205A (en) Wireless lan connection control method, wireless lan connection control system, and setting wireless relay device
CN102333309B (en) Method, equipment system for key transmission in wireless local area network
WO2019029531A1 (en) Method for triggering network authentication, and related device
WO2013181847A1 (en) Method, apparatus and system for wlan access authentication
WO2015100974A1 (en) Terminal authentication method, device and system
WO2009074050A1 (en) A method, system and apparatus for authenticating an access point device
JP2022043175A (en) Non-3gpp device access to core network
JP3905803B2 (en) Authentication system, authentication method, and terminal device in wireless communication
JP2018526846A (en) Wireless device configuration and authentication
US9960922B2 (en) Device-to-device communication security with authentication certificates
WO2022237561A1 (en) Communication method and apparatus