TWI455561B - Network access device and method for accessing a network - Google Patents
Network access device and method for accessing a network Download PDFInfo
- Publication number
- TWI455561B TWI455561B TW099125822A TW99125822A TWI455561B TW I455561 B TWI455561 B TW I455561B TW 099125822 A TW099125822 A TW 099125822A TW 99125822 A TW99125822 A TW 99125822A TW I455561 B TWI455561 B TW I455561B
- Authority
- TW
- Taiwan
- Prior art keywords
- network
- access device
- password
- network access
- physical address
- Prior art date
Links
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Description
本發明涉及一種網路接入設備及其接入網路的方法。The present invention relates to a network access device and a method of accessing the same.
目前,用戶廣泛採用PPPoE(point to point protocol over Ethernet,乙太網點對點協定)的方式接入網路(例如網際網路)。網路管理者(例如網路服務提供商)需要為用戶分配上網帳號及密碼,用戶使用分配得到的上網帳號和密碼進行網路連接。隨著上網用戶的增加,網路管理者分配上網帳號及密碼的工作量大大增加。同時,用戶在接入網路時需要輸入上網帳號及密碼,一方面增加了用戶操作,另一方面還可能出現上網帳號及密碼被偷窺而盜用的情況。At present, users widely use PPPoE (point to point protocol over Ethernet) to access the network (such as the Internet). Network administrators (such as network service providers) need to assign users an Internet account and password, and users use the assigned Internet account and password for network connection. With the increase of Internet users, the workload of network administrators to allocate Internet accounts and passwords has greatly increased. At the same time, the user needs to input the online account number and password when accessing the network, on the one hand, the user operation is increased, and on the other hand, the Internet account and the password may be stolen and stolen.
鑒於以上內容,有必要提供一種網路接入設備及其接入網路的方法,能夠自動生成上網帳號及密碼用以接入網路。In view of the above, it is necessary to provide a network access device and a method for accessing the network, which can automatically generate an online account and a password for accessing the network.
一種網路接入設備,該網路接入設備包括:讀取模組,用於讀取網路接入設備的物理位址;帳號生成模組,用於根據讀取的物理位址生成上網帳號;密碼生成模組,用於根據讀取的物理位址生成上網密碼;及驗證模組,用於將生成的上網帳號及密碼發送給接入伺服器進行用戶驗證,以確定是否將網路接入設備接入網路。A network access device includes: a reading module for reading a physical address of a network access device; and an account generating module configured to generate an Internet based on the read physical address An account; a password generating module, configured to generate an online password according to the read physical address; and a verification module, configured to send the generated online account and password to the access server for user verification to determine whether the network is to be The access device accesses the network.
一種網路接入設備接入網路的方法,該方法包括步驟:讀取網路接入設備的物理位址;根據讀取的物理位址生成上網帳號;根據讀取的物理位址生成上網密碼;及將生成的上網帳號及密碼發送給接入伺服器進行用戶驗證,以確定是否將網路接入設備接入網路。A method for a network access device to access a network, the method comprising the steps of: reading a physical address of a network access device; generating an online account according to the read physical address; generating an Internet based on the read physical address The password is sent to the access server for user authentication to determine whether to connect the network access device to the network.
本發明由網路接入設備根據其物理位址自動生成上網帳號及密碼並使用該上網帳號及密碼進行網路連接,省卻了為用戶分配上網帳號及密碼的工作,並且簡化了用戶上網的操作。The network access device automatically generates an online account and password according to the physical address of the network access device and uses the online account and password to perform network connection, thereby eliminating the task of assigning an online account and password to the user, and simplifying the operation of the user to access the Internet. .
參閱圖1所示,係本發明網路接入設備較佳實施例的運行環境示意圖。所述網路接入設備10連接用戶終端11及接入伺服器12,接入伺服器12還連接網路13(例如網際網路)。網路接入設備10向接入伺服器12請求接入網路13,使得用戶終端11能夠享受網路13提供的服務。在本實施例中,網路接入設備10採用PPPoE(point to point protocol over Ethernet,乙太網點對點協定)的方式向接入伺服器12請求接入網路13。所述網路接入設備10可以是纜線數據機(cable modem)或非對稱數位用戶線路數據機(asymmetrical digital subscriber line modem,ADSL modem)。所述用戶終端11可以是電腦、手機或個人數位助理。Referring to FIG. 1 , it is a schematic diagram of an operating environment of a preferred embodiment of the network access device of the present invention. The network access device 10 is connected to the user terminal 11 and the access server 12, and the access server 12 is also connected to the network 13 (for example, the Internet). The network access device 10 requests the access server 12 to access the network 13 so that the user terminal 11 can enjoy the services provided by the network 13. In this embodiment, the network access device 10 requests the access server 13 to access the network 13 by means of a point-to-point protocol over Ethernet (PPPoE). The network access device 10 can be a cable modem or an asymmetrical digital subscriber line modem (ADSL modem). The user terminal 11 can be a computer, a mobile phone or a personal digital assistant.
參閱圖2所示,係圖1中網路接入設備10的示意圖。所述網路接入設備10包括讀取模組200、帳號生成模組210、密碼生成模組220、驗證模組230及儲存器240。Referring to FIG. 2, a schematic diagram of the network access device 10 of FIG. The network access device 10 includes a reading module 200, an account generation module 210, a password generation module 220, a verification module 230, and a storage unit 240.
所述讀取模組200用於讀取網路接入設備10的物理位址。在本實施例中,網路接入設備10的物理位址預先儲存在儲存器240(例如快閃記憶體)中,讀取模組200從儲存器240讀取網路接入設備10的物理位址。讀取模組200可以在網路接入設備10啟動後立即讀取網路接入設備10的物理位址。The reading module 200 is configured to read a physical address of the network access device 10. In this embodiment, the physical address of the network access device 10 is pre-stored in the storage 240 (for example, a flash memory), and the reading module 200 reads the physics of the network access device 10 from the storage 240. Address. The reading module 200 can read the physical address of the network access device 10 immediately after the network access device 10 is booted.
所述帳號生成模組210用於根據讀取的物理位址生成上網帳號。在本實施例中,帳號生成模組210將讀取的物理位址與特定字串進行組合以生成上網帳號。例如,在讀取的物理位址之後加上電子郵箱尾碼,生成電子郵箱形式的上網帳號。舉例來說,讀取的物理位址為99-22-11-05-00-24,帳號生成模組210根據該物理位址生成的上網帳號為99-22-11-05-00-24@vendor.com.cn。又如,在讀取的物理位址之前加上特定字串以生成上網帳號。The account generation module 210 is configured to generate an online account according to the read physical address. In this embodiment, the account generation module 210 combines the read physical address with a specific string to generate an online account. For example, after the physical address of the read, the e-mail end code is added to generate an online account in the form of an e-mail. For example, the physical address of the read is 99-22-11-05-00-24, and the account generated by the account generation module 210 according to the physical address is 99-22-11-05-00-24@ Vendor.com.cn. As another example, a specific string is added before the read physical address to generate an online account.
所述密碼生成模組220用於根據讀取的物理位址生成上網密碼。在本實施例中,密碼生成模組220運用散列演算法對讀取的物理位址進行散列運算得到一個固定長度的散列值(即資訊摘要),以該散列值作為上網密碼。透過散列運算生成的散列值具有不可偽造性,保證了上網密碼的安全。所述散列演算法可以是SHA-1(Secure Hash Algorithm-1,安全散列演算法-1)或MD5(Message-digest Algorithm 5,消息摘要演算法5)。The password generating module 220 is configured to generate an online password according to the read physical address. In this embodiment, the password generation module 220 hashes the read physical address by using a hash algorithm to obtain a fixed-length hash value (ie, an information digest), and uses the hash value as the online password. The hash value generated by the hash operation is unforgeable, which ensures the security of the password. The hash algorithm may be SHA-1 (Secure Hash Algorithm-1) or MD5 (Message-digest Algorithm 5).
所述驗證模組230用於將生成的上網帳號及密碼發送給接入伺服器12進行用戶驗證,以確定是否將網路接入設備10接入網路13。在本實施例中,接入伺服器12儲存有所有的合法上網帳號,接入伺服器12判斷收到的上網帳號是否存在於合法上網帳號中。若收到的上網帳號存在於合法上網帳號中,則接入伺服器12根據收到的上網帳號採用與密碼生成模組220同樣的演算法生成上網密碼,並判斷自身生成的上網密碼與收到的上網密碼是否一致。若自身生成的上網密碼與收到的上網密碼一致,則該接收的上網帳號及密碼通過用戶驗證,接入伺服器12將網路接入設備10接入網路13。若收到的上網帳號不存在於合法上網帳號中,或者接入伺服器12自身生成的上網密碼與收到的上網密碼不一致,則所述接收的上網帳號及密碼未通過用戶驗證,接入伺服器12不會將網路接入設備10接入網路13。接入伺服器12還可以對通過用戶驗證的網路接入設備10進行業務授權,使得用戶可以享受網路13提供的指定服務。The verification module 230 is configured to send the generated online account number and password to the access server 12 for user verification to determine whether to access the network access device 10 to the network 13. In this embodiment, the access server 12 stores all the legal online accounts, and the access server 12 determines whether the received online account exists in the legal online account. If the received online account exists in the legal online account, the access server 12 generates an online password according to the received online account using the same algorithm as the password generating module 220, and determines the online password generated and received by the access server. Is the password for the Internet consistent? If the online password generated by the user is consistent with the received password, the received online account and password are authenticated by the user, and the access server 12 connects the network access device 10 to the network 13. If the received Internet account does not exist in the legal Internet account, or the Internet access password generated by the access server 12 itself is inconsistent with the received Internet password, the received Internet account and password are not authenticated by the user, and the access server is accessed. The device 12 does not access the network access device 10 to the network 13. The access server 12 can also authorize the network access device 10 authenticated by the user so that the user can enjoy the specified service provided by the network 13.
參閱圖3所示,係本發明網路接入設備接入網路的方法較佳實施例的流程圖。Referring to FIG. 3, it is a flowchart of a preferred embodiment of a method for accessing a network access device of the present invention.
步驟S301,開啟網路接入設備10。In step S301, the network access device 10 is turned on.
步驟S302,讀取模組200讀取網路接入設備10的物理位址。在本實施例中,網路接入設備10的物理位址預先儲存在儲存器240(例如快閃記憶體)中,讀取模組200從儲存器240讀取網路接入設備10的物理位址。In step S302, the reading module 200 reads the physical address of the network access device 10. In this embodiment, the physical address of the network access device 10 is pre-stored in the storage 240 (for example, a flash memory), and the reading module 200 reads the physics of the network access device 10 from the storage 240. Address.
步驟S303,帳號生成模組210根據讀取的物理位址生成上網帳號。在本實施例中,帳號生成模組210將讀取的物理位址與特定字串進行組合以生成上網帳號。例如,在讀取的物理位址之後加上電子郵箱尾碼,生成電子郵箱形式的上網帳號。舉例來說,讀取的物理位址為99-22-11-05-00-24,帳號生成模組210根據該物理位址生成的上網帳號為99-22-11-05-00-24@vendor.com.cn。又如,在讀取的物理位址之前加上特定字串以生成上網帳號。In step S303, the account generation module 210 generates an online account according to the read physical address. In this embodiment, the account generation module 210 combines the read physical address with a specific string to generate an online account. For example, after the physical address of the read, the e-mail end code is added to generate an online account in the form of an e-mail. For example, the physical address of the read is 99-22-11-05-00-24, and the account generated by the account generation module 210 according to the physical address is 99-22-11-05-00-24@ Vendor.com.cn. As another example, a specific string is added before the read physical address to generate an online account.
步驟S304,密碼生成模組220根據讀取的物理位址生成上網密碼。在本實施例中,密碼生成模組220運用散列演算法對讀取的物理位址進行散列運算得到一個固定長度的散列值(即資訊摘要),以該散列值作為上網密碼。透過散列運算生成的散列值具有不可偽造性,保證了上網密碼的安全。所述散列演算法可以是SHA-1(Secure Hash Algorithm-1,安全散列演算法-1)或MD5(Message-digest Algorithm 5,消息摘要演算法5)。Step S304, the password generation module 220 generates an online password according to the read physical address. In this embodiment, the password generation module 220 hashes the read physical address by using a hash algorithm to obtain a fixed-length hash value (ie, an information digest), and uses the hash value as the online password. The hash value generated by the hash operation is unforgeable, which ensures the security of the password. The hash algorithm may be SHA-1 (Secure Hash Algorithm-1) or MD5 (Message-digest Algorithm 5).
步驟S305,驗證模組230將生成的上網帳號及密碼發送給接入伺服器12進行用戶驗證,以確定是否將網路接入設備10接入網路13。在本實施例中,接入伺服器12儲存有所有的合法上網帳號,接入伺服器12判斷收到的上網帳號是否存在於合法上網帳號中。若收到的上網帳號存在於合法上網帳號中,則接入伺服器12根據收到的上網帳號採用與密碼生成模組220同樣的演算法生成上網密碼,並判斷自身生成的上網密碼與收到的上網密碼是否一致。若自身生成的上網密碼與收到的上網密碼一致,則該接收的上網帳號及密碼通過用戶驗證,接入伺服器12將網路接入設備10接入網路13。若收到的上網帳號不存在於合法上網帳號中,或者接入伺服器12自身生成的上網密碼與收到的上網密碼不一致,則所述接收的上網帳號及密碼未通過用戶驗證,接入伺服器12不會將網路接入設備10接入網路13。接入伺服器12還可以對通過用戶驗證的網路接入設備10進行業務授權,使得用戶可以享受網路13提供的指定服務。In step S305, the verification module 230 sends the generated online account number and password to the access server 12 for user verification to determine whether to access the network access device 10 to the network 13. In this embodiment, the access server 12 stores all the legal online accounts, and the access server 12 determines whether the received online account exists in the legal online account. If the received online account exists in the legal online account, the access server 12 generates an online password according to the received online account using the same algorithm as the password generating module 220, and determines the online password generated and received by the access server. Is the password for the Internet consistent? If the online password generated by the user is consistent with the received password, the received online account and password are authenticated by the user, and the access server 12 connects the network access device 10 to the network 13. If the received Internet account does not exist in the legal Internet account, or the Internet access password generated by the access server 12 itself is inconsistent with the received Internet password, the received Internet account and password are not authenticated by the user, and the access server is accessed. The device 12 does not access the network access device 10 to the network 13. The access server 12 can also authorize the network access device 10 authenticated by the user so that the user can enjoy the specified service provided by the network 13.
本發明根據網路接入設備10的物理位址生成上網帳號及密碼,由於網路接入設備10的物理位址的唯一性,網路接入設備10生成唯一的上網帳號及密碼,保證了該上網帳號及密碼的有效性。The invention generates an online account and a password according to the physical address of the network access device 10. Due to the uniqueness of the physical address of the network access device 10, the network access device 10 generates a unique online account and password, which ensures The validity of the online account and password.
綜上所述,本發明符合發明專利要件,爰依法提出專利申請。惟,以上所述者僅為本發明之較佳實施例,本發明之範圍並不以上述實施例為限,舉凡熟悉本案技藝之人士援依本發明之精神所作之等效修飾或變化,皆應涵蓋於以下申請專利範圍內。In summary, the present invention complies with the requirements of the invention patent and submits a patent application according to law. The above is only the preferred embodiment of the present invention, and the scope of the present invention is not limited to the above-described embodiments, and equivalent modifications or variations made by those skilled in the art in light of the spirit of the present invention are It should be covered by the following patent application.
10...網路接入設備10. . . Network access device
11...用戶終端11. . . User terminal
12...接入伺服器12. . . Access server
13...網路13. . . network
200...讀取模組200. . . Read module
210...帳號生成模組210. . . Account generation module
220...密碼生成模組220. . . Password generation module
230...驗證模組230. . . Verification module
240...儲存器240. . . Storage
圖1係本發明網路接入設備較佳實施例的運行環境示意圖。1 is a schematic diagram of an operating environment of a preferred embodiment of a network access device of the present invention.
圖2係圖1中網路接入設備的示意圖。2 is a schematic diagram of a network access device in FIG. 1.
圖3係本發明網路接入設備網路接入網路的方法較佳實施例的流程圖。3 is a flow chart of a preferred embodiment of a method for accessing a network access network of a network access device of the present invention.
10...網路接入設備10. . . Network access device
200...讀取模組200. . . Read module
210...帳號生成模組210. . . Account generation module
220...密碼生成模組220. . . Password generation module
230...驗證模組230. . . Verification module
240...儲存器240. . . Storage
Claims (10)
讀取模組,用於讀取網路接入設備的物理位址;
帳號生成模組,用於根據讀取的物理位址生成上網帳號;
密碼生成模組,用於根據讀取的物理位址生成上網密碼;及
驗證模組,用於將生成的上網帳號及密碼發送給接入伺服器進行用戶驗證,以確定是否將網路接入設備接入網路。A network access device, including:
a reading module for reading a physical address of the network access device;
An account generation module is configured to generate an online account according to the read physical address;
a password generating module, configured to generate an online password according to the read physical address; and a verification module, configured to send the generated online account and password to the access server for user verification to determine whether to access the network The device is connected to the network.
讀取網路接入設備的物理位址;
根據讀取的物理位址生成上網帳號;
根據讀取的物理位址生成上網密碼;及
將生成的上網帳號及密碼發送給接入伺服器進行用戶驗證,以確定是否將網路接入設備接入網路。A method for a network access device to access a network includes the following steps:
Reading the physical address of the network access device;
Generate an online account according to the read physical address;
The online password is generated according to the read physical address; and the generated online account and password are sent to the access server for user authentication to determine whether the network access device is connected to the network.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| TW099125822A TWI455561B (en) | 2010-08-04 | 2010-08-04 | Network access device and method for accessing a network |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| TW099125822A TWI455561B (en) | 2010-08-04 | 2010-08-04 | Network access device and method for accessing a network |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| TW201208331A TW201208331A (en) | 2012-02-16 |
| TWI455561B true TWI455561B (en) | 2014-10-01 |
Family
ID=46762465
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| TW099125822A TWI455561B (en) | 2010-08-04 | 2010-08-04 | Network access device and method for accessing a network |
Country Status (1)
| Country | Link |
|---|---|
| TW (1) | TWI455561B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107888383B (en) * | 2017-11-27 | 2020-10-09 | 新华三技术有限公司 | Login authentication method and device |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| TW200511756A (en) * | 2003-09-03 | 2005-03-16 | D Link Corp | ADSL modem to provide IPoA, PPPoA, or PPPoE dialing-up Internet service through Ethernet |
| EP1517480A1 (en) * | 2003-05-16 | 2005-03-23 | Sony Corporation | Information processing device, access control processing method, and computer program |
| CN101005678A (en) * | 2007-01-17 | 2007-07-25 | 华为技术有限公司 | Method for revising terminal configuration, network side management unit, terminal and system |
| TW200842643A (en) * | 2007-04-27 | 2008-11-01 | Hon Hai Prec Ind Co Ltd | Device and method for encrypting and decrypting data |
| US20090150991A1 (en) * | 2007-12-07 | 2009-06-11 | Pistolstar, Inc. | Password generation |
| CN101505308A (en) * | 2009-03-17 | 2009-08-12 | 中国电信股份有限公司 | Authentication method and system for IP over Ethernet |
-
2010
- 2010-08-04 TW TW099125822A patent/TWI455561B/en active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1517480A1 (en) * | 2003-05-16 | 2005-03-23 | Sony Corporation | Information processing device, access control processing method, and computer program |
| TW200511756A (en) * | 2003-09-03 | 2005-03-16 | D Link Corp | ADSL modem to provide IPoA, PPPoA, or PPPoE dialing-up Internet service through Ethernet |
| CN101005678A (en) * | 2007-01-17 | 2007-07-25 | 华为技术有限公司 | Method for revising terminal configuration, network side management unit, terminal and system |
| TW200842643A (en) * | 2007-04-27 | 2008-11-01 | Hon Hai Prec Ind Co Ltd | Device and method for encrypting and decrypting data |
| US20090150991A1 (en) * | 2007-12-07 | 2009-06-11 | Pistolstar, Inc. | Password generation |
| CN101505308A (en) * | 2009-03-17 | 2009-08-12 | 中国电信股份有限公司 | Authentication method and system for IP over Ethernet |
Also Published As
| Publication number | Publication date |
|---|---|
| TW201208331A (en) | 2012-02-16 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9282120B2 (en) | Securing communication over a network using client integrity verification | |
| US8799309B2 (en) | Verifying network delivery of information to a device based on physical characteristics | |
| US9294468B1 (en) | Application-level certificates for identity and authorization | |
| JP5850382B2 (en) | Client platform trust root with web authentication | |
| JP6875482B2 (en) | Computer-readable storage media for legacy integration and methods and systems for using it | |
| CN112671720B (en) | Token construction method, device and equipment for cloud platform resource access control | |
| WO2014059860A1 (en) | Method and system for improving cloud computing data security | |
| JP2010531516A (en) | Device provisioning and domain join emulation over insecure networks | |
| JP6079394B2 (en) | Certificate generation method, certificate generation apparatus, information processing apparatus, communication device, and program | |
| JP2009032070A (en) | Authentication system and authentication method | |
| TW201248526A (en) | Dynamic platform reconfiguration by multi-tenant service providers | |
| TW201828162A (en) | Device configuration method, apparatus and system | |
| WO2015196441A1 (en) | Configuration file acquisition method, apparatus and system | |
| TWI516965B (en) | File sharing method and file sharing system utilizing the same | |
| WO2018166163A1 (en) | Pos terminal control method, pos terminal, server and storage medium | |
| JP2022519743A (en) | How to authenticate users using blockchain, systems, and media | |
| JP2022184954A5 (en) | Network system and information processing method | |
| JP2004158025A (en) | Network system, server device, and authentication method | |
| TW201328284A (en) | System for accessing and identifying among different software development platforms and method thereof | |
| TW201430608A (en) | Single-sign-on system and method | |
| TWI455561B (en) | Network access device and method for accessing a network | |
| JP6162260B2 (en) | System and method for confirming validity of SCEP certificate registration request | |
| US11012434B2 (en) | Method for automated authentication of VoIP phone | |
| WO2017210977A1 (en) | Method and apparatus for management terminal to access wi-fi | |
| KR102048534B1 (en) | Apparatus and method of authentication |