WO2013178136A1 - Wireless fidelity authentication method, system and terminal - Google Patents
Wireless fidelity authentication method, system and terminal Download PDFInfo
- Publication number
- WO2013178136A1 WO2013178136A1 PCT/CN2013/079196 CN2013079196W WO2013178136A1 WO 2013178136 A1 WO2013178136 A1 WO 2013178136A1 CN 2013079196 W CN2013079196 W CN 2013079196W WO 2013178136 A1 WO2013178136 A1 WO 2013178136A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- wireless
- information
- ssid
- authentication
- password
- Prior art date
Links
- 238000000034 method Methods 0.000 title claims abstract description 36
- 230000010365 information processing Effects 0.000 claims abstract description 21
- 238000004891 communication Methods 0.000 claims abstract description 9
- 238000000060 site-specific infrared dichroism spectroscopy Methods 0.000 claims 14
- 238000010586 diagram Methods 0.000 description 7
- 230000002457 bidirectional effect Effects 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 3
- 230000001788 irregular Effects 0.000 description 2
- 230000000717 retained effect Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000006243 chemical reaction Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/18—Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/03—Protecting confidentiality, e.g. by encryption
- H04W12/033—Protecting confidentiality, e.g. by encryption of the user plane, e.g. user's traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
- H04W12/062—Pre-authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/40—Security arrangements using identity modules
- H04W12/47—Security arrangements using identity modules using near field communication [NFC] or radio frequency identification [RFID] modules
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/80—Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W84/00—Network topologies
- H04W84/02—Hierarchically pre-organised networks, e.g. paging networks, cellular networks, WLAN [Wireless Local Area Network] or WLL [Wireless Local Loop]
- H04W84/10—Small scale networks; Flat hierarchical networks
- H04W84/12—WLAN [Wireless Local Area Networks]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W88/00—Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
- H04W88/08—Access point devices
Definitions
- the present invention relates to the field of communications technologies, and in particular, to a wireless fidelity authentication method, system, and terminal.
- WiFi wireless fidelity
- the present invention provides a WiFi authentication method, system and terminal for solving the problem that a wireless AP of an individual or a merchant in the related art cannot be well protected.
- An embodiment of the present invention provides a wireless fidelity WiFi authentication method, including:
- the wireless AP information includes at least a service set identifier SSID and a password
- the method also includes encrypting the wireless AP information including the SSID and the password prior to storing.
- the step of the terminal performing WiFi authentication according to the wireless AP information includes: performing encrypted wireless After the AP information is decrypted, the SSID and the password are obtained, and the SSID and the password are used to perform WiFi authentication with the corresponding router, and after the authentication is passed, the WiFi network corresponding to the wireless AP information is accessed.
- the method further includes: deleting the SSID and password of the wireless AP information when the terminal disconnects the connected WiFi network.
- the method also includes: setting the SSID to a hidden state in the router.
- the hotspot information storage device is a contactless card, an NFC device, or an NFC tag that stores wireless AP information.
- the embodiment of the present invention further provides a wireless fidelity WiFi authentication system, including: a hotspot information storage device and a terminal, where
- the hotspot information storage device is configured to store wireless access point AP information
- the terminal is configured to read wireless AP information from the hotspot information storage device by using a short-range wireless communication NFC function, and perform WiFi authentication according to the wireless AP information.
- the wireless AP information includes at least a service set identifier SSID and a password, where the wireless AP information is encrypted before being stored; the terminal includes:
- a wireless AP information processing module configured to read the encrypted wireless AP information from the hotspot information storage device by using an NFC function, and decrypt the encrypted wireless AP information to obtain an SSID and a password;
- An authentication module configured to obtain an SSID and a password from the wireless AP information processing module, perform WiFi authentication with the corresponding router according to the SSID and the password, and access the wireless AP information after the authentication is passed WiFi network.
- the wireless AP information processing module is further configured to delete the SSID and the password of the wireless AP information when the terminal disconnects the connected WiFi network.
- the embodiment of the present invention further provides a terminal, including: a wireless access point AP information processing module and an authentication module, where
- the wireless AP information processing module is configured to read wireless AP information from a predetermined hotspot information storage device by using a short-range wireless communication NFC function;
- the authentication module is configured to perform WiFi authentication according to the wireless AP information.
- the wireless AP information processing module is further configured to: if the read wireless AP information is encrypted before being stored, decrypt the wireless AP information to obtain an SSID and a password;
- the authentication module is configured to perform WiFi authentication by: obtaining an SSID and a password from the wireless AP information processing module, performing WiFi authentication with the corresponding router according to the SSID and the password, and after the authentication is passed Accessing to the WiFi network corresponding to the wireless AP information.
- the terminal obtains the wireless AP information through the NFC function, which can effectively ensure the security of the WiFi hotspot.
- FIG. 1 is a schematic flowchart of a method according to an embodiment of the present invention.
- FIG. 2 is a schematic flowchart of an application of a method in a hotel environment according to an embodiment of the present invention
- FIG. 3 is a schematic flowchart of a method for applying the method in a shopping mall environment according to an embodiment of the present invention
- FIG. 4 is a schematic structural diagram of a system according to an embodiment of the present invention.
- FIG. 5 is a schematic structural diagram of a terminal according to an embodiment of the present invention.
- FIG. 1 is a schematic flowchart of a method according to an embodiment of the present invention, which may specifically include: Step 101: The wireless AP information is stored in the predetermined hotspot information storage device in advance. Step 102: The terminal reads the wireless AP information from the hotspot information storage device by using the NFC function, and performs WiFi authentication according to the wireless AP information.
- the hotspot information storage device may be a contactless card, an NFC device, or an NFC tag that stores wireless AP information.
- the wireless AP information includes at least: an SSID (Service Set Identifier) and a password.
- the wireless AP information including the SSID and the password may be encrypted before being stored, and after the terminal obtains the encrypted wireless AP information and decrypts, the terminal obtains the SSID and the password, and performs the SSID and the password with the corresponding router according to the SSID and the password.
- WiFi authentication, and access to the corresponding WiFi network after the authentication is passed, the SSID can be set to be hidden in the router; when the terminal disconnects the connected WiFi network, the corresponding SSID and password are deleted.
- the merchant pre-registers the SSID and password of the wireless AP information into the predetermined hotspot information storage device after being encrypted by the algorithm; the terminal that needs to perform WiFi authentication should have the NFC function and the WiFi function;
- the hotspot information storage device may be a non-contact room card of the hotel.
- the contactless room card is produced, information about the room is generally put into the room, and the room card generally has room for some data.
- the wireless AP information is placed when the room card is created;
- the hotspot information storage device may also be a separate contactless card containing wireless AP information, and the card may be handed over to the user at the same time as the room card;
- the NFC device may also be provided by the hotel.
- the NFC device includes wireless AP information. When the user uses the terminal to exchange NFC information with the NFC device, the wireless AP information is sent to the terminal.
- the encrypted wireless AP information exists. The way is:
- FIG. 2 is a schematic diagram of a process of applying the method in a hotel environment according to an embodiment of the present invention, which may specifically include:
- Step 201 The terminal is ready to perform WiFi authentication.
- the specific implementation process is as follows: The terminal downloads a background server for authentication (here named NFC-Wifi- Authentication Server, referred to as NWAS), the subsequent authentication process is mainly completed by NWAS;
- NWAS NFC-Wifi- Authentication Server
- Step 202 The NWAS adjusts the NFC function of the terminal to the card reading mode.
- Step 203 The NWAS reads the encrypted wireless AP information from the hotspot information storage device, that is, the NWAS obtains the following data through the NFC function, and the NWAS sets the NFC function to the standby mode: SSID encrypted data (space) password encryption Data
- Step 204 The NWAS decrypts the wireless AP information by using a bidirectional algorithm to obtain an SSID and a password.
- Step 205 The NWAS invokes the background WiFi function according to the obtained SSID to start searching for the bearer router of the SSID.
- Step 206 After shaking hands with the router, NWAS Entering a password corresponding to the SSID through the background WiFi function, and completing authentication authentication with the router;
- Step 207 The WiFi authentication is completed, and the terminal can use the WiFi network provided by the merchant; at the same time, the NWAS hides the wireless AP information of the WiFi connection to avoid leakage of the SSID;
- Step 208 Determine whether the terminal needs to disconnect from the WiFi network, if yes, go to step 209; if no, go to step 211;
- Step 209 Disconnect the WiFi network by using the function of disconnecting the WiFi network provided by the NWAS, and the NWAS will delete all the wireless AP information of the current connection;
- Step 210 When the terminal wants to re-use the WiFi network, go to step 203 and restart the use of the WiFi network by swiping the card again;
- Step 211 Keep connected.
- the SSID in order to protect the security of the AP, and to maintain the availability of the AP, the SSID should be made invisible; and the SSID and password should be replaced once, and the SSID and password are unordered letters/numbers; Moreover, since the function of hiding the hotspot SSID is retained in most of the routers, the SSID can also be set to the hidden state for the hotel router; in addition, it can be set completely differently for different routers. , irregular SSID to effectively protect hot spots;
- the wireless AP information encryption and decryption should use some bidirectional algorithm.
- the specific algorithm is selected by the merchant.
- the encryption and decryption algorithm exists in both the NWAS and the merchant's card writing device.
- Scene 2 A shopping mall, the mall can provide customers with a large number of NFC tags, through the NFC tag, you can get specific information for each item; the merchant pre-set the SSID and password of the wireless AP information, after the algorithm is encrypted, and the product information Write to NFC tags together; terminals that require WiFi authentication should have NFC and WiFi capabilities.
- FIG. 3 is a schematic diagram of a process of applying the method in a shopping mall environment according to an embodiment of the present invention, which may specifically include:
- Step 301 The terminal is ready to perform WiFi authentication.
- the specific implementation process is: the user downloads and obtains the merchant-specific commodity parsing program, where the parsing program includes the NWAS and the commodity parsing program;
- Step 302 The NWAS adjusts the NFC function of the terminal. To information exchange mode;
- Step 303 The user uses the terminal to exchange information with the NFC tag.
- the NFC tag exchanges information with the background server through the location information of the terminal, obtains the latest product information and wireless AP information, and obtains the following data through the NFC function.
- the NWAS Set the NFC function to standby mode Product information (space) SSID encrypted data (space) password encrypted data;
- the product information is parsed by the product parsing program and displayed to the user; if the user chooses to use the WiFi network provided by the mall, the encrypted wireless AP information is handed over to the decryption process by the NWAS;
- Step 304 The NWAS decrypts the wireless AP information by using a bidirectional algorithm to obtain the SSID and the password.
- Step 305 The NWAS invokes the background WiFi function according to the obtained SSID to start searching for the bearer router of the SSID.
- Step 306 After shaking hands with the router, NWAS Enter and use the background WiFi function
- the password corresponding to the SSID completes the authentication with the router
- Step 307 After the WiFi authentication is completed, the terminal can use the WiFi network provided by the merchant; at the same time, the NWAS hides the wireless AP information of the WiFi connection to avoid the leakage of the SSID;
- Step 308 Determine whether the terminal needs to disconnect from the WiFi network, if yes, go to step 309; if no, go to step 311;
- Step 309 Disconnect the WiFi network by using the function of disconnecting the WiFi network provided by the NWAS, and the NWAS will delete all the wireless AP information connected this time;
- Step 310 When the terminal wants to re-use the WiFi network, go to step 303 and pass the Brush the NFC tag twice to restart the use of the WiFi network;
- Step 311 Stay connected.
- the SSID in order to protect the security of the AP, and to maintain the availability of the AP, the SSID should be made invisible; and the SSID and password should be replaced once, and the SSID and password are unordered letters/numbers; Moreover, since the function of hiding the hotspot SSID is retained in most of the routers, the SSID can also be set to the hidden state for the hotel router; in addition, it can be set completely differently for different routers. , irregular SSID to effectively protect hot spots;
- the wireless AP information encryption and decryption should use some bidirectional algorithm, the specific algorithm is selected by the merchant, and the encryption and decryption algorithm exists in both the NWAS and the merchant's card writing device;
- the user may be advised to uninstall the dedicated NWAS when leaving the hotel or the mall.
- the device also needs a background servo program, which can call the NFC module to complete the function related to the AP related information with the first part of the device; meanwhile, the servo program can call the background WiFi program, and the obtained AP related information. After the conversion, the background program completes the authentication of the WiFi.
- FIG. 4 is a schematic structural diagram of a system according to an embodiment of the present invention, which may include: a hotspot information storage device and a terminal, where
- the hotspot information storage device 40 is configured to store the wireless access point AP information; the wireless AP information includes at least: a service set identifier SSID and a password, and the wireless AP information including the SSID and the password has been encrypted before being stored.
- the terminal 41 is arranged to read the wireless AP information from the hotspot information storage device 40 through the NFC function, and perform WiFi authentication based on the wireless AP information.
- the terminal 41 may include: a wireless AP information processing module 411 and an authentication module 412, wherein the wireless AP information processing module 411 is configured to: read the encrypted wireless AP information from the hotspot information storage device 40 by using the NFC function, and The encrypted wireless AP information is decrypted to obtain the SSID and the password; when the terminal disconnects the connected WiFi network, the corresponding SSID is deleted. Password.
- the wireless AP information processing module 411 is configured to: read the encrypted wireless AP information from the hotspot information storage device 40 by using the NFC function, and The encrypted wireless AP information is decrypted to obtain the SSID and the password; when the terminal disconnects the connected WiFi network, the corresponding SSID is deleted. Password.
- the authentication module 412 is configured to obtain the SSID and the password from the wireless AP information processing module 411, perform WiFi authentication with the corresponding router according to the SSID and the password, and access the corresponding WiFi network after the authentication is passed.
- FIG. 5 is a schematic structural diagram of a terminal according to an embodiment of the present invention, including: a wireless AP information processing module 501 configured to read wireless AP information from a predetermined hotspot information storage device by using an NFC function; The wireless AP information processing module needs to decrypt the encrypted wireless AP information to obtain the SSID and password after storing the wireless AP information including the SSID and the password.
- a wireless AP information processing module 501 configured to read wireless AP information from a predetermined hotspot information storage device by using an NFC function
- the wireless AP information processing module needs to decrypt the encrypted wireless AP information to obtain the SSID and password after storing the wireless AP information including the SSID and the password.
- the authentication module 502 is configured to perform WiFi authentication according to the wireless AP information. Specifically, the authentication module 502 obtains an SSID and a password from the wireless AP information processing module, and performs WiFi according to the SSID and the password and the corresponding router. Authentication, and access to the corresponding WiFi network after the authentication is passed.
- the embodiment of the present invention provides a WiFi authentication method, system, and terminal
- NFC communication has the characteristics of privacy. Because its working distance is short, it can effectively protect the working distance of the AP. At the same time, the SSID of the AP can be hidden. By hiding the SSID, but putting the SSID in the relevant device, the NFC will be The SSID and password information are read in, and then the WIFI-related interface is called through the background server to find the SSID and enter the password to complete the authentication.
- the present invention does not need to modify the WiFi hotspot to support additional protocols, and only needs a hotspot information storage device capable of providing WiFi wireless AP information.
- the hotel room card can complete this function after simple data modification;
- the WiFi protocol of the terminal requires only one servo program. Through the combination of the two, the whole process of WiFi authentication is completed, that is, the security of the hotspot is ensured, and the cost is saved.
- the method, system and terminal provided by the embodiments of the present invention can effectively protect the security of the WiFi hotspot.
Abstract
A wireless fidelity (WiFi) authentication method, system and terminal. The method comprises: storing wireless AP information in a preset hotspot information storage device in advance; and a terminal reading the wireless AP information from the hotspot information storage device through a near field communication (NFC) function, and conducting WiFi authentication according to the wireless AP information. The system comprises a hotspot information storage device and a terminal. The terminal comprises a wireless access point (AP) information processing module and an authentication module. In the present invention, the terminal obtains wireless AP information through an NFC function, thereby being able to ensure the security of a WiFi hotspot effectively.
Description
无线保真鉴权方法、 系统及终端 Wireless fidelity authentication method, system and terminal
技术领域 Technical field
本发明涉及通信技术领域, 尤其涉及一种无线保真鉴权方法、 系统及终 端。 The present invention relates to the field of communications technologies, and in particular, to a wireless fidelity authentication method, system, and terminal.
背景技术 Background technique
随着 WiFi ( wireless fidelity, 无线保真)技术的发展, 各地开始部署越来 越多的 WiFi热点。 由于 WiFi机制本身的原因, WiFi机制不允许动态更改热 点的密码, 而固定密码, 往往是不安全的。 With the development of WiFi (wireless fidelity) technology, more and more WiFi hotspots have been deployed everywhere. Due to the WiFi mechanism itself, the WiFi mechanism does not allow the password of the hot spot to be dynamically changed, and the fixed password is often unsafe.
虽然目前已经衍生出了很多为 WiFi进行无密码鉴权的方案,但是这类方 案只能用于运营商网络,而对于个人或商家 (如酒店、麦当劳、肯德基餐厅等), 不能实现对自己无线 AP (接入点) 的很好保护。 Although many schemes for password-free authentication for WiFi have been developed, such schemes can only be used for carrier networks, but for individuals or businesses (such as hotels, McDonald's, KFC restaurants, etc.), wireless AP (access point) is well protected.
发明内容 Summary of the invention
鉴于上述的分析, 本发明提供一种 WiFi鉴权方法、 系统及终端, 用以解 决相关技术中个人或商家的无线 AP不能很好被保护的问题。 In view of the above analysis, the present invention provides a WiFi authentication method, system and terminal for solving the problem that a wireless AP of an individual or a merchant in the related art cannot be well protected.
本发明的目的主要是通过以下技术方案实现的: The object of the present invention is mainly achieved by the following technical solutions:
本发明实施方式提供了一种无线保真 WiFi鉴权方法, 包括: An embodiment of the present invention provides a wireless fidelity WiFi authentication method, including:
预先将无线接入点 AP信息存储于预定的热点信息存储设备中; 以及 终端通过近距离无线通讯 NFC功能从所述热点信息存储设备中读取所述 无线 AP信息, 并根据所述无线 AP信息进行 WiFi鉴权。 Storing the wireless access point AP information in a predetermined hotspot information storage device in advance; and reading, by the terminal, the wireless AP information from the hotspot information storage device by using a short-range wireless communication NFC function, and according to the wireless AP information Perform WiFi authentication.
所述无线 AP信息至少包括服务集标识 SSID和密码; The wireless AP information includes at least a service set identifier SSID and a password;
所述方法还包括: 在存储之前对包含有 SSID和密码的无线 AP信息进行 加密。 The method also includes encrypting the wireless AP information including the SSID and the password prior to storing.
终端根据所述无线 AP信息进行 WiFi鉴权的步骤包括: 对加密后的无线
AP信息进行解密后得到 SSID和密码, 根据所述 SSID和密码与对应的路由 器进行 WiFi鉴权, 并在鉴权通过后接入到所述无线 AP信息对应的 WiFi网 络。 The step of the terminal performing WiFi authentication according to the wireless AP information includes: performing encrypted wireless After the AP information is decrypted, the SSID and the password are obtained, and the SSID and the password are used to perform WiFi authentication with the corresponding router, and after the authentication is passed, the WiFi network corresponding to the wireless AP information is accessed.
该方法还包括: 当所述终端断开已连接的 WiFi 网络时, 删除所述无线 AP信息的 SSID和密码。 The method further includes: deleting the SSID and password of the wireless AP information when the terminal disconnects the connected WiFi network.
该方法还包括: 在所述路由器中设置所述 SSID为隐藏状态。 The method also includes: setting the SSID to a hidden state in the router.
所述热点信息存储设备为存储有无线 AP信息的非接触式卡片、 NFC设 备或者 NFC标签。 The hotspot information storage device is a contactless card, an NFC device, or an NFC tag that stores wireless AP information.
本发明实施方式还提供了一种无线保真 WiFi鉴权系统, 包括: 热点信息 存储设备和终端, 其中, The embodiment of the present invention further provides a wireless fidelity WiFi authentication system, including: a hotspot information storage device and a terminal, where
所述热点信息存储设备设置成存储无线接入点 AP信息; The hotspot information storage device is configured to store wireless access point AP information;
所述终端设置成通过近距离无线通讯 NFC功能从所述热点信息存储设备 中读取无线 AP信息, 并根据所述无线 AP信息进行 WiFi鉴权。 The terminal is configured to read wireless AP information from the hotspot information storage device by using a short-range wireless communication NFC function, and perform WiFi authentication according to the wireless AP information.
所述无线 AP信息至少包括服务集标识 SSID和密码,用于在存储前对所 述无线 AP信息进行加密; 所述终端包括: The wireless AP information includes at least a service set identifier SSID and a password, where the wireless AP information is encrypted before being stored; the terminal includes:
无线 AP信息处理模块, 其设置成利用 NFC功能从所述热点信息存储设 备中读取加密后的无线 AP信息,并对加密后的无线 AP信息进行解密后得到 SSID和密码; 以及 a wireless AP information processing module, configured to read the encrypted wireless AP information from the hotspot information storage device by using an NFC function, and decrypt the encrypted wireless AP information to obtain an SSID and a password;
鉴权模块, 其设置成从所述无线 AP信息处理模块得到 SSID和密码, 根 据所述 SSID和密码与对应的路由器进行 WiFi鉴权, 并在鉴权通过后接入到 所述无线 AP信息对应的 WiFi网络。 An authentication module, configured to obtain an SSID and a password from the wireless AP information processing module, perform WiFi authentication with the corresponding router according to the SSID and the password, and access the wireless AP information after the authentication is passed WiFi network.
所述无线 AP信息处理模块还设置成当所述终端断开已连接的 WiFi网络 时, 删除所述无线 AP信息的 SSID和密码。 The wireless AP information processing module is further configured to delete the SSID and the password of the wireless AP information when the terminal disconnects the connected WiFi network.
本发明实施方式还提供了一种终端, 包括: 无线接入点 AP信息处理模 块和鉴权模块, 其中, The embodiment of the present invention further provides a terminal, including: a wireless access point AP information processing module and an authentication module, where
所述无线 AP信息处理模块设置成利用近距离无线通讯 NFC功能从预定 的热点信息存储设备中读取无线 AP信息; 以及
所述鉴权模块设置成根据所述无线 AP信息进行 WiFi鉴权。 The wireless AP information processing module is configured to read wireless AP information from a predetermined hotspot information storage device by using a short-range wireless communication NFC function; The authentication module is configured to perform WiFi authentication according to the wireless AP information.
所述无线 AP信息处理模块还设置成如果所读取的无线 AP信息在存储前 进行了加密处理, 则对所述无线 AP信息进行解密后得到 SSID和密码; The wireless AP information processing module is further configured to: if the read wireless AP information is encrypted before being stored, decrypt the wireless AP information to obtain an SSID and a password;
所述鉴权模块是设置成通过如下方式进行 WiFi鉴权: 从所述无线 AP信 息处理模块得到 SSID和密码, 根据所述 SSID和密码与对应的路由器进行 WiFi鉴权, 并在鉴权通过后接入到所述无线 AP信息对应的 WiFi网络。 The authentication module is configured to perform WiFi authentication by: obtaining an SSID and a password from the wireless AP information processing module, performing WiFi authentication with the corresponding router according to the SSID and the password, and after the authentication is passed Accessing to the WiFi network corresponding to the wireless AP information.
本发明有益效果如下: The beneficial effects of the present invention are as follows:
本发明中, 终端通过 NFC功能获取无线 AP信息, 可以有效保障 WiFi 热点的安全。 In the present invention, the terminal obtains the wireless AP information through the NFC function, which can effectively ensure the security of the WiFi hotspot.
本发明的其他特征和优点将在随后的说明书中阐述, 并且, 部分的从说 明书中变得显而易见, 或者通过实施本发明而了解。 本发明的目的和其他优 点可通过在所写的说明书、 权利要求书、 以及附图中所特别指出的结构来实 现和获得。 Other features and advantages of the invention will be set forth in the description in the description which follows. The objectives and other advantages of the invention will be realized and attained by the <RTI
附图概述 BRIEF abstract
图 1为本发明实施例所述方法的流程示意图; 1 is a schematic flowchart of a method according to an embodiment of the present invention;
图 2为本发明实施例所述方法在酒店环境下应用的流程示意图; 图 3为本发明实施例所述方法在商场环境下应用的流程示意图; 图 4为本发明实施例所述系统的结构示意图; 2 is a schematic flowchart of an application of a method in a hotel environment according to an embodiment of the present invention; FIG. 3 is a schematic flowchart of a method for applying the method in a shopping mall environment according to an embodiment of the present invention; FIG. 4 is a schematic structural diagram of a system according to an embodiment of the present invention; Schematic diagram
图 5为本发明实施例所述终端的结构示意图。 FIG. 5 is a schematic structural diagram of a terminal according to an embodiment of the present invention.
本发明的较佳实施方式 Preferred embodiment of the invention
下面结合附图来具体描述本发明的优选实施例, 其中, 附图构成本申请 一部分, 并与本发明的实施例一起用于阐释本发明的原理。 The preferred embodiments of the present invention are described in detail below with reference to the accompanying drawings, in which FIG.
首先, 结合附图 1到 3对本发明实施例所述方法进行说明。 First, the method according to the embodiment of the present invention will be described with reference to FIGS. 1 to 3.
如图 1所示, 图 1为本发明实施例所述方法的流程示意图, 具体可以包 括:
步骤 101 : 预先将无线 AP信息存储于预定的热点信息存储设备中; 步骤 102: 终端通过 NFC功能从该热点信息存储设备中读取无线 AP信 息, 并根据该无线 AP信息进行 WiFi鉴权。 As shown in FIG. 1 , FIG. 1 is a schematic flowchart of a method according to an embodiment of the present invention, which may specifically include: Step 101: The wireless AP information is stored in the predetermined hotspot information storage device in advance. Step 102: The terminal reads the wireless AP information from the hotspot information storage device by using the NFC function, and performs WiFi authentication according to the wireless AP information.
其中, 热点信息存储设备可以为, 存储有无线 AP信息的非接触式卡片、 NFC设备或者 NFC标签;无线 AP信息至少包括: SSID( Service Set Identifier, 服务集标识)和密码。 The hotspot information storage device may be a contactless card, an NFC device, or an NFC tag that stores wireless AP information. The wireless AP information includes at least: an SSID (Service Set Identifier) and a password.
可选地, 在存储前可以对包含有 SSID和密码的无线 AP信息进行加密, 终端获取到加密后的无线 AP信息后进行解密后, 得到 SSID和密码, 根据该 SSID和密码与对应的路由器进行 WiFi鉴权, 并在鉴权通过后接入到对应的 WiFi网络, 在路由器中可以设置将 SSID为隐藏状态; 当所述终端断开已连 接的 WiFi网络时, 删除对应的 SSID和密码。 Optionally, the wireless AP information including the SSID and the password may be encrypted before being stored, and after the terminal obtains the encrypted wireless AP information and decrypts, the terminal obtains the SSID and the password, and performs the SSID and the password with the corresponding router according to the SSID and the password. WiFi authentication, and access to the corresponding WiFi network after the authentication is passed, the SSID can be set to be hidden in the router; when the terminal disconnects the connected WiFi network, the corresponding SSID and password are deleted.
为了便于理解本发明实施例所述方法, 以下将以两个具体的应用场景为 例进一步说明。 In order to facilitate the understanding of the method in the embodiment of the present invention, two specific application scenarios are further described below as an example.
场景一: 某酒店, 商家预先将无线 AP信息的 SSID和密码, 经过该算法 加密后, 写入到预定的热点信息存储设备中; 需要进行 WiFi鉴权的终端应该 具备 NFC功能和 WiFi功能; 该场景下, 热点信息存储设备可以是酒店的非 接触式房卡, 非接触式房卡在制作时, 一般会放入房间的相关信息, 而该房 卡一般还会有空间可以放入一些数据, 在制作房卡的时候将该无线 AP信息 放入; 热点信息存储设备也可以是一个独立的包含有无线 AP信息的非接触 式卡片, 该卡片可以与房卡同时交由用户; 热点信息存储设备还可以是酒店 提供的 NFC设备, 该 NFC设备中包含了无线 AP信息, 当用户使用终端与该 NFC设备进行 NFC信息交换时, 将无线 AP信息发送给终端; 其中, 加密后 的无线 AP信息存在方式为: Scenario 1: In a hotel, the merchant pre-registers the SSID and password of the wireless AP information into the predetermined hotspot information storage device after being encrypted by the algorithm; the terminal that needs to perform WiFi authentication should have the NFC function and the WiFi function; In the scenario, the hotspot information storage device may be a non-contact room card of the hotel. When the contactless room card is produced, information about the room is generally put into the room, and the room card generally has room for some data. The wireless AP information is placed when the room card is created; the hotspot information storage device may also be a separate contactless card containing wireless AP information, and the card may be handed over to the user at the same time as the room card; The NFC device may also be provided by the hotel. The NFC device includes wireless AP information. When the user uses the terminal to exchange NFC information with the NFC device, the wireless AP information is sent to the terminal. The encrypted wireless AP information exists. The way is:
SSID加密数据 (空格)密码加密数据。 SSID Encrypted Data (Space) Password Encrypted Data.
如图 2所示, 图 2为本发明实施例所述方法在酒店环境下应用的流程示 意图, 具体可以包括: As shown in FIG. 2, FIG. 2 is a schematic diagram of a process of applying the method in a hotel environment according to an embodiment of the present invention, which may specifically include:
步骤 201 : 终端准备进行 WiFi鉴权; 具体实现过程为: 终端下载用于鉴 权的后台伺服程序 (这里将之命名为 NFC—Wifi— Authentication Server, 简称
NWAS ) , 后续鉴权过程主要由 NWAS完成; Step 201: The terminal is ready to perform WiFi authentication. The specific implementation process is as follows: The terminal downloads a background server for authentication (here named NFC-Wifi- Authentication Server, referred to as NWAS), the subsequent authentication process is mainly completed by NWAS;
步骤 202: NWAS将该终端的 NFC功能调整至卡读取模式; Step 202: The NWAS adjusts the NFC function of the terminal to the card reading mode.
步骤 203: NWAS读取到来自热点信息存储设备的加密无线 AP信息, 即, NWAS通过 NFC功能获取了如下的数据, 同时, NWAS将 NFC功能设 定为待机模式: SSID加密数据 (空格)密码加密数据; Step 203: The NWAS reads the encrypted wireless AP information from the hotspot information storage device, that is, the NWAS obtains the following data through the NFC function, and the NWAS sets the NFC function to the standby mode: SSID encrypted data (space) password encryption Data
步骤 204: NWAS通过双向算法解密该无线 AP信息,获得 SSID和密码; 步骤 205: NWAS根据获得的 SSID调用后台 WiFi功能,开始搜索该 SSID 的承载路由器; 步骤 206: 与该路由器进行握手后, NWAS通过后台 WiFi功能输入与该 SSID对应的密码, 完成与路由器的鉴权认证; Step 204: The NWAS decrypts the wireless AP information by using a bidirectional algorithm to obtain an SSID and a password. Step 205: The NWAS invokes the background WiFi function according to the obtained SSID to start searching for the bearer router of the SSID. Step 206: After shaking hands with the router, NWAS Entering a password corresponding to the SSID through the background WiFi function, and completing authentication authentication with the router;
步骤 207: WiFi认证完成,终端可以使用该商户提供的 WiFi网络; 同时, NWAS隐藏该 WiFi连接的无线 AP信息, 避免 SSID的泄露; Step 207: The WiFi authentication is completed, and the terminal can use the WiFi network provided by the merchant; at the same time, the NWAS hides the wireless AP information of the WiFi connection to avoid leakage of the SSID;
步骤 208: 判断终端是否需要断开与 WiFi网络的连接, 如果是, 执行步 骤 209; 如果否, 执行步骤 211 ; Step 208: Determine whether the terminal needs to disconnect from the WiFi network, if yes, go to step 209; if no, go to step 211;
步骤 209:通过 NWAS提供的断开 WiFi网络的功能,来断开 WiFi网络, 同时, NWAS将删除所有本次连接的无线 AP信息; Step 209: Disconnect the WiFi network by using the function of disconnecting the WiFi network provided by the NWAS, and the NWAS will delete all the wireless AP information of the current connection;
步骤 210: 当终端想要重新使用 WiFi该网络时, 转到步骤 203 , 通过再 次刷卡的方式, 来重新开始使用该 WiFi网络; Step 210: When the terminal wants to re-use the WiFi network, go to step 203 and restart the use of the WiFi network by swiping the card again;
步骤 211 : 保持连接。 Step 211: Keep connected.
需要说明的是, 酒店为保护 AP的安全性, 也为了维护该 AP的可用性, 应该将该 SSID设为不可见; 并且定期更换一次 SSID及密码, 该 SSID和密 码均为无序字母 /数列; 并且, 由于在绝大部分的路由器中均保留有隐藏热点 SSID的功能, 因此对于酒店的路由器, 还可以将 SSID设置为隐藏状态; 另 夕卜,还可以通过为不同的路由器设定完全不同的、无规律的 SSID来有效保护 热点; It should be noted that, in order to protect the security of the AP, and to maintain the availability of the AP, the SSID should be made invisible; and the SSID and password should be replaced once, and the SSID and password are unordered letters/numbers; Moreover, since the function of hiding the hotspot SSID is retained in most of the routers, the SSID can also be set to the hidden state for the hotel router; in addition, it can be set completely differently for different routers. , irregular SSID to effectively protect hot spots;
无线 AP信息加密解密时应该使用某种双向算法, 具体算法由商户选定, 在 NWAS和商家的写卡设备中均存在该加密解密算法。
场景二: 某商场, 该商场可以为顾客提供大量的 NFC标签, 通过 NFC 标签, 可以获得每件商品的具体信息; 商家预先将无线 AP信息的 SSID和密 码, 经过该算法加密后, 与商品信息一起写入到 NFC标签中; 需要进行 WiFi 鉴权的终端应该具备 NFC功能和 WiFi功能。 The wireless AP information encryption and decryption should use some bidirectional algorithm. The specific algorithm is selected by the merchant. The encryption and decryption algorithm exists in both the NWAS and the merchant's card writing device. Scene 2: A shopping mall, the mall can provide customers with a large number of NFC tags, through the NFC tag, you can get specific information for each item; the merchant pre-set the SSID and password of the wireless AP information, after the algorithm is encrypted, and the product information Write to NFC tags together; terminals that require WiFi authentication should have NFC and WiFi capabilities.
如图 3所示, 图 3为本发明实施例所述方法在商场环境下应用的流程示 意图, 具体可以包括: As shown in FIG. 3, FIG. 3 is a schematic diagram of a process of applying the method in a shopping mall environment according to an embodiment of the present invention, which may specifically include:
步骤 301 : 终端准备进行 WiFi鉴权; 具体实现过程为: 用户下载获得该 商家专有的商品解析程序, 该解析程序中, 包含 NWAS和商品解析程序; 步骤 302: NWAS将该终端的 NFC功能调整至信息交换模式; Step 301: The terminal is ready to perform WiFi authentication. The specific implementation process is: the user downloads and obtains the merchant-specific commodity parsing program, where the parsing program includes the NWAS and the commodity parsing program; Step 302: The NWAS adjusts the NFC function of the terminal. To information exchange mode;
步骤 303: 用户使用该终端与 NFC标签进行信息交互, NFC标签通过自 身的位置信息与后台服务器进行信息交换, 获得最新的商品信息和无线 AP 信息, 通过 NFC功能获取到如下的数据, 同时, NWAS将 NFC功能设定为 待机模式: 商品信息 (空格) SSID加密数据 (空格)密码加密数据; Step 303: The user uses the terminal to exchange information with the NFC tag. The NFC tag exchanges information with the background server through the location information of the terminal, obtains the latest product information and wireless AP information, and obtains the following data through the NFC function. Meanwhile, the NWAS Set the NFC function to standby mode: Product information (space) SSID encrypted data (space) password encrypted data;
其中, 商品信息由商品解析程序进行解析后显示给用户; 如果用户选择 使用商场提供的 WiFi网络,则加密的无线 AP信息将交由由 NWAS完成解密 过程; The product information is parsed by the product parsing program and displayed to the user; if the user chooses to use the WiFi network provided by the mall, the encrypted wireless AP information is handed over to the decryption process by the NWAS;
步骤 304: NWAS通过双向算法解密该无线 AP信息,获得 SSID和密码; 步骤 305: NWAS根据获得的 SSID调用后台 WiFi功能,开始搜索该 SSID 的承载路由器; 步骤 306: 与该路由器进行握手后, NWAS通过后台 WiFi功能输入与该 Step 304: The NWAS decrypts the wireless AP information by using a bidirectional algorithm to obtain the SSID and the password. Step 305: The NWAS invokes the background WiFi function according to the obtained SSID to start searching for the bearer router of the SSID. Step 306: After shaking hands with the router, NWAS Enter and use the background WiFi function
SSID对应的密码, 完成与路由器的鉴权认证; The password corresponding to the SSID completes the authentication with the router;
步骤 307: WiFi认证完成,终端可以使用该商户提供的 WiFi网络; 同时, NWAS隐藏该 WiFi连接的无线 AP信息, 避免 SSID的泄露; Step 307: After the WiFi authentication is completed, the terminal can use the WiFi network provided by the merchant; at the same time, the NWAS hides the wireless AP information of the WiFi connection to avoid the leakage of the SSID;
步骤 308: 判断终端是否需要断开与 WiFi网络的连接, 如果是, 执行步 骤 309; 如果否, 执行步骤 311 ; Step 308: Determine whether the terminal needs to disconnect from the WiFi network, if yes, go to step 309; if no, go to step 311;
步骤 309:通过 NWAS提供的断开 WiFi网络的功能,来断开 WiFi网络, 同时, NWAS将删除所有本次连接无线 AP信息; Step 309: Disconnect the WiFi network by using the function of disconnecting the WiFi network provided by the NWAS, and the NWAS will delete all the wireless AP information connected this time;
步骤 310: 当终端想要重新使用 WiFi该网络时, 转到步骤 303 , 通过再
次刷任意 NFC标签的方式, 来重新开始使用该 WiFi网络; Step 310: When the terminal wants to re-use the WiFi network, go to step 303 and pass the Brush the NFC tag twice to restart the use of the WiFi network;
步骤 311 : 保持连接。 Step 311: Stay connected.
需要说明的是, 酒店为保护 AP的安全性, 也为了维护该 AP的可用性, 应该将该 SSID设为不可见; 并且定期更换一次 SSID及密码, 该 SSID和密 码均为无序字母 /数列; 并且, 由于在绝大部分的路由器中均保留有隐藏热点 SSID的功能, 因此对于酒店的路由器, 还可以将 SSID设置为隐藏状态; 另 夕卜,还可以通过为不同的路由器设定完全不同的、无规律的 SSID来有效保护 热点; It should be noted that, in order to protect the security of the AP, and to maintain the availability of the AP, the SSID should be made invisible; and the SSID and password should be replaced once, and the SSID and password are unordered letters/numbers; Moreover, since the function of hiding the hotspot SSID is retained in most of the routers, the SSID can also be set to the hidden state for the hotel router; in addition, it can be set completely differently for different routers. , irregular SSID to effectively protect hot spots;
无线 AP信息加密解密时应该使用某种双向算法, 具体算法由商户选定, 在 NWAS和商家的写卡设备中均存在该加密解密算法; The wireless AP information encryption and decryption should use some bidirectional algorithm, the specific algorithm is selected by the merchant, and the encryption and decryption algorithm exists in both the NWAS and the merchant's card writing device;
并且, 为了用户使用方便, 可以建议用户离开该酒店或者商场时, 卸载 该专用的 NWAS。 Moreover, for the convenience of the user, the user may be advised to uninstall the dedicated NWAS when leaving the hotel or the mall.
同时, 该设备还需要后台伺服程序, 该伺服程序可以调用 NFC模块, 与 第一部分的设备完成关于 AP相关信息获得的功能; 同时, 该伺服程序可以 调用后台的 WiFi程序, 将获得的 AP相关信息转换后, 交由后台程序完成 WiFi的鉴权。 At the same time, the device also needs a background servo program, which can call the NFC module to complete the function related to the AP related information with the first part of the device; meanwhile, the servo program can call the background WiFi program, and the obtained AP related information. After the conversion, the background program completes the authentication of the WiFi.
接下来, 结合附图 4对本发明实施例所述系统进行详细说明。 Next, the system according to the embodiment of the present invention will be described in detail with reference to FIG.
如图 4所示, 图 4为本发明实施例所述系统的结构示意图, 具体可以包 括: 热点信息存储设备和终端, 其中, As shown in FIG. 4, FIG. 4 is a schematic structural diagram of a system according to an embodiment of the present invention, which may include: a hotspot information storage device and a terminal, where
热点信息存储设备 40设置成存储无线接入点 AP信息; 该无线 AP信息 至少包括: 服务集标识 SSID和密码, 并且存储前已经对包含有 SSID和密码 的无线 AP信息进行了加密处理。 The hotspot information storage device 40 is configured to store the wireless access point AP information; the wireless AP information includes at least: a service set identifier SSID and a password, and the wireless AP information including the SSID and the password has been encrypted before being stored.
终端 41设置成通过 NFC功能从热点信息存储设备 40中读取无线 AP信 息, 并根据所述无线 AP信息进行 WiFi鉴权。 The terminal 41 is arranged to read the wireless AP information from the hotspot information storage device 40 through the NFC function, and perform WiFi authentication based on the wireless AP information.
该终端 41可以包括: 无线 AP信息处理模块 411和鉴权模块 412, 其中, 无线 AP信息处理模块 411设置成: 利用 NFC功能从热点信息存储设备 40中读取加密后的无线 AP信息, 并对加密后的无线 AP信息进行解密后得 到 SSID和密码; 当该终端断开已连接的 WiFi网络时, 删除对应的 SSID和
密码。 The terminal 41 may include: a wireless AP information processing module 411 and an authentication module 412, wherein the wireless AP information processing module 411 is configured to: read the encrypted wireless AP information from the hotspot information storage device 40 by using the NFC function, and The encrypted wireless AP information is decrypted to obtain the SSID and the password; when the terminal disconnects the connected WiFi network, the corresponding SSID is deleted. Password.
鉴权模块 412设置成从无线 AP信息处理模块 411得到 SSID和密码,根 据该 SSID和密码与对应的路由器进行 WiFi鉴权, 并在鉴权通过后接入到对 应的 WiFi网络。 The authentication module 412 is configured to obtain the SSID and the password from the wireless AP information processing module 411, perform WiFi authentication with the corresponding router according to the SSID and the password, and access the corresponding WiFi network after the authentication is passed.
最后, 结合附图 5对本发明实施例所述终端进行详细说明。 Finally, the terminal according to the embodiment of the present invention is described in detail with reference to FIG.
如图 5所示, 图 5为本发明实施例所述终端的结构示意图, 包括: 无线 AP信息处理模块 501 , 其设置成利用 NFC功能从预定的热点信息 存储设备中读取无线 AP信息; 如果存储前对包含有 SSID和密码的无线 AP 信息进行加密,则无线 AP信息处理模块还需要对加密后的无线 AP信息进行 解密后得到 SSID和密码; 以及 As shown in FIG. 5, FIG. 5 is a schematic structural diagram of a terminal according to an embodiment of the present invention, including: a wireless AP information processing module 501 configured to read wireless AP information from a predetermined hotspot information storage device by using an NFC function; The wireless AP information processing module needs to decrypt the encrypted wireless AP information to obtain the SSID and password after storing the wireless AP information including the SSID and the password.
鉴权模块 502, 其设置成根据所述无线 AP信息进行 WiFi鉴权, 具体来 说就是,鉴权模块 502从无线 AP信息处理模块得到 SSID和密码,根据该 SSID 和密码与对应的路由器进行 WiFi鉴权, 并在鉴权通过后接入到对应的 WiFi 网络。 The authentication module 502 is configured to perform WiFi authentication according to the wireless AP information. Specifically, the authentication module 502 obtains an SSID and a password from the wireless AP information processing module, and performs WiFi according to the SSID and the password and the corresponding router. Authentication, and access to the corresponding WiFi network after the authentication is passed.
综上所述, 本发明实施例提供了一种 WiFi鉴权方法、 系统及终端, 由于 In summary, the embodiment of the present invention provides a WiFi authentication method, system, and terminal,
NFC通信具有私密性的特点, 因为其作用距离短, 所以可以有效保护 AP的 作用距离; 同时, AP的 SSID是可以隐藏的, 通过隐藏 SSID, 但是在相关设 备中放入该 SSID, 通过 NFC将 SSID及密码信息读入, 然后通过后台的伺服 程序, 调用 WIFI相关的接口, 来找出该 SSID, 并输入密码, 从而完成鉴权。 NFC communication has the characteristics of privacy. Because its working distance is short, it can effectively protect the working distance of the AP. At the same time, the SSID of the AP can be hidden. By hiding the SSID, but putting the SSID in the relevant device, the NFC will be The SSID and password information are read in, and then the WIFI-related interface is called through the background server to find the SSID and enter the password to complete the authentication.
本发明无需改造 WiFi热点以支持额外的协议,只需要一个能够提供 WiFi 的无线 AP信息的热点信息存储设备, 如酒店的房卡经过简单的数据改造, 就可以完成此功能; 对于终端, 无需改造终端的 WiFi协议, 仅需一个伺服程 序。通过这两者的结合,完成了关于 WiFi鉴权的全过程, 即保证热点的安全, 又节约了成本。 The present invention does not need to modify the WiFi hotspot to support additional protocols, and only needs a hotspot information storage device capable of providing WiFi wireless AP information. For example, the hotel room card can complete this function after simple data modification; The WiFi protocol of the terminal requires only one servo program. Through the combination of the two, the whole process of WiFi authentication is completed, that is, the security of the hotspot is ensured, and the cost is saved.
以上所述, 仅为本发明较佳的具体实施方式, 但本发明的保护范围并不 局限于此, 任何熟悉本技术领域的技术人员在本发明揭露的技术范围内, 可 轻易想到的变化或替换, 都应涵盖在本发明的保护范围之内。 因此, 本发明 的保护范围应该以权利要求书的保护范围为准。
工业实用性 The above is only a preferred embodiment of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can easily think of changes or within the technical scope disclosed by the present invention. Alternatives are intended to be covered by the scope of the present invention. Therefore, the scope of the invention should be determined by the scope of the claims. Industrial applicability
与有关技术相比, 本发明实施方式所提供的方法、 系统以及终端可以有 效保障 WiFi热点的安全。
Compared with related technologies, the method, system and terminal provided by the embodiments of the present invention can effectively protect the security of the WiFi hotspot.
Claims
1、 一种无线保真 WiFi鉴权方法, 包括: 1. A wireless fidelity WiFi authentication method, including:
预先将无线接入点 AP信息存储于预定的热点信息存储设备中; 以及 终端通过近距离无线通讯 NFC功能从所述热点信息存储设备中读取所述 无线 AP信息, 并根据所述无线 AP信息进行 WiFi鉴权。 Pre-store the wireless access point AP information in a predetermined hotspot information storage device; and the terminal reads the wireless AP information from the hotspot information storage device through the short-range wireless communication NFC function, and based on the wireless AP information Perform WiFi authentication.
2、 根据权利要求 1所述的方法, 其中, 所述无线 AP信息至少包括服务 集标识 SSID和密码; 2. The method according to claim 1, wherein the wireless AP information at least includes a service set identifier SSID and a password;
所述方法还包括: 在存储之前对包含有 SSID和密码的无线 AP信息进行 加密。 The method further includes: encrypting the wireless AP information including the SSID and password before storing.
3、 根据权利要求 2所述的方法, 其中, 终端根据所述无线 AP信息进行 3. The method according to claim 2, wherein the terminal performs the operation according to the wireless AP information.
WiFi鉴权的步骤包括:对加密后的无线 AP信息进行解密后得到 SSID和密码, 根据所述 SSID和密码与对应的路由器进行 WiFi鉴权, 并在鉴权通过后接入 到所述无线 AP信息对应的 WiFi网络。 The steps of WiFi authentication include: decrypting the encrypted wireless AP information to obtain the SSID and password, performing WiFi authentication with the corresponding router based on the SSID and password, and accessing the wireless AP after passing the authentication. The WiFi network corresponding to the information.
4、根据权利要求 3所述的方法,还包括: 当所述终端断开已连接的 WiFi 网络时, 删除所述无线 AP信息的 SSID和密码。 4. The method according to claim 3, further comprising: when the terminal disconnects the connected WiFi network, deleting the SSID and password of the wireless AP information.
5、 根据权利要求 3或 4所述的方法, 还包括: 在所述路由器中设置所述 SSID为隐藏状态。 5. The method according to claim 3 or 4, further comprising: setting the SSID in the router to a hidden state.
6、 根据权利要求 1所述的方法, 其中, 所述热点信息存储设备为存储有 无线 AP信息的非接触式卡片、 NFC设备或者 NFC标签。 6. The method according to claim 1, wherein the hotspot information storage device is a contactless card, NFC device or NFC tag that stores wireless AP information.
7、 一种无线保真 WiFi鉴权系统, 包括: 热点信息存储设备和终端, 其 中, 7. A wireless fidelity WiFi authentication system, including: hotspot information storage device and terminal, wherein,
所述热点信息存储设备设置成存储无线接入点 AP信息; The hotspot information storage device is configured to store wireless access point AP information;
所述终端设置成通过近距离无线通讯 NFC功能从所述热点信息存储设备 中读取无线 AP信息, 并根据所述无线 AP信息进行 WiFi鉴权。 The terminal is configured to read wireless AP information from the hotspot information storage device through the short-range wireless communication NFC function, and perform WiFi authentication based on the wireless AP information.
8、 根据权利要求 7所述的系统, 其中, 所述无线 AP信息至少包括服务 集标识 SSID和密码, 用于在存储前对所述无线 AP信息进行加密; 所述终端 包括:
无线 AP信息处理模块, 其设置成利用 NFC功能从所述热点信息存储设 备中读取加密后的无线 AP信息,并对加密后的无线 AP信息进行解密后得到 SSID和密码; 以及 8. The system according to claim 7, wherein the wireless AP information at least includes a service set identifier SSID and a password, which are used to encrypt the wireless AP information before storage; the terminal includes: A wireless AP information processing module, which is configured to use the NFC function to read the encrypted wireless AP information from the hotspot information storage device, and decrypt the encrypted wireless AP information to obtain the SSID and password; and
鉴权模块, 其设置成从所述无线 AP信息处理模块得到 SSID和密码, 根 据所述 SSID和密码与对应的路由器进行 WiFi鉴权, 并在鉴权通过后接入到 所述无线 AP信息对应的 WiFi网络。 An authentication module, which is configured to obtain the SSID and password from the wireless AP information processing module, perform WiFi authentication with the corresponding router based on the SSID and password, and access the corresponding wireless AP information after passing the authentication. WiFi network.
9、 根据权利要求 8所述的系统, 其中, 所述无线 AP信息处理模块还设 置成当所述终端断开已连接的 WiFi网络时, 删除所述无线 AP信息的 SSID 和密码。 9. The system according to claim 8, wherein the wireless AP information processing module is further configured to delete the SSID and password of the wireless AP information when the terminal disconnects the connected WiFi network.
10、 一种终端, 包括: 无线接入点 AP信息处理模块和鉴权模块, 其中, 所述无线 AP信息处理模块设置成利用近距离无线通讯 NFC功能从预定 的热点信息存储设备中读取无线 AP信息; 以及 10. A terminal, including: a wireless access point AP information processing module and an authentication module, wherein the wireless AP information processing module is configured to use the near field wireless communication (NFC) function to read wireless data from a predetermined hotspot information storage device. AP information; and
所述鉴权模块设置成根据所述无线 AP信息进行 WiFi鉴权。 The authentication module is configured to perform WiFi authentication based on the wireless AP information.
11、 根据权利要求 10所述的终端, 其中, 所述无线 AP信息处理模块还 设置成如果所读取的无线 AP信息在存储前进行了加密处理, 则对所述无线 AP信息进行解密后得到 SSID和密码; 11. The terminal according to claim 10, wherein the wireless AP information processing module is further configured to decrypt the wireless AP information to obtain SSID and password;
所述鉴权模块是设置成通过如下方式进行 WiFi鉴权: 从所述无线 AP信 息处理模块得到 SSID和密码, 根据所述 SSID和密码与对应的路由器进行 WiFi鉴权, 并在鉴权通过后接入到所述无线 AP信息对应的 WiFi网络。
The authentication module is configured to perform WiFi authentication in the following manner: obtain the SSID and password from the wireless AP information processing module, perform WiFi authentication with the corresponding router based on the SSID and password, and after passing the authentication Access the WiFi network corresponding to the wireless AP information.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2012103102154A CN102883315A (en) | 2012-08-28 | 2012-08-28 | Wireless fidelity (WiFi) authentication method and system, and terminal |
CN201210310215.4 | 2012-08-28 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2013178136A1 true WO2013178136A1 (en) | 2013-12-05 |
Family
ID=47484417
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2013/079196 WO2013178136A1 (en) | 2012-08-28 | 2013-07-11 | Wireless fidelity authentication method, system and terminal |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN102883315A (en) |
WO (1) | WO2013178136A1 (en) |
Families Citing this family (32)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102883315A (en) * | 2012-08-28 | 2013-01-16 | 中兴通讯股份有限公司 | Wireless fidelity (WiFi) authentication method and system, and terminal |
CN103945369B (en) * | 2013-01-18 | 2017-12-19 | 杭州古北电子科技有限公司 | A kind of length by checking WIFI packets realizes the Internet-surfing configuration method of WIFI equipment |
US9432910B2 (en) | 2013-03-11 | 2016-08-30 | Futurewei Technologies, Inc. | System and method for WiFi authentication and selection |
CN103281759A (en) * | 2013-05-28 | 2013-09-04 | 北京推博信息技术有限公司 | WIFI (wireless fidelity) network access method and device, electronic equipment and communication system |
CN103281752A (en) * | 2013-05-28 | 2013-09-04 | 北京推博信息技术有限公司 | WIFI (wireless fidelity) network access method and device, electronic equipment and communication system |
CN104254070B (en) * | 2013-06-25 | 2019-11-08 | 南京中兴新软件有限责任公司 | WiFi cut-in method, intelligent terminal and routing device |
CN103546200A (en) * | 2013-08-26 | 2014-01-29 | 深圳Tcl新技术有限公司 | Data transmission method and system based on near-field communication |
CN103619017A (en) * | 2013-11-22 | 2014-03-05 | 福州瑞芯微电子有限公司 | Method and system for wireless router authorized connection based on NFC technology |
KR102118049B1 (en) * | 2013-12-19 | 2020-06-09 | 엘지전자 주식회사 | robot cleaner, robot cleaner system and a control method of the same |
CN105165071A (en) * | 2013-12-20 | 2015-12-16 | 华为终端有限公司 | Wireless access method and relevant device and system |
CN103874164B (en) * | 2014-02-28 | 2017-06-06 | 上海升途智能系统有限公司 | Method, system and the mobile terminal device of WIFI are connected by NFC |
CN105025477A (en) * | 2014-04-29 | 2015-11-04 | 华晶科技股份有限公司 | Wireless security automatic pairing method, network connection establishing method and wireless access point device |
CN103987040A (en) * | 2014-05-07 | 2014-08-13 | 华晶科技股份有限公司 | Bluetooth-assisting online connection establishment method and wireless access point device |
CN104010309B (en) * | 2014-05-19 | 2018-12-21 | 百度在线网络技术(北京)有限公司 | The method and terminal of connection are established between access point and terminal |
CN104010352B (en) * | 2014-05-19 | 2017-12-26 | 百度在线网络技术(北京)有限公司 | Connection method and related device between router and smart machine |
MX2017005790A (en) * | 2014-11-04 | 2017-10-23 | Huawei Tech Co Ltd | Hidden hotspot access method and device. |
CN104410969A (en) * | 2014-11-07 | 2015-03-11 | 广东欧珀移动通信有限公司 | Wireless fidelity (WIFI) hotspot hiding method and terminal equipment |
CN105704780A (en) * | 2014-11-24 | 2016-06-22 | 中兴通讯股份有限公司 | Wireless network access method and device |
CN104410949A (en) * | 2014-12-22 | 2015-03-11 | 上海斐讯数据通信技术有限公司 | System and method for adding mobile equipment into white list of router |
CN104834863A (en) * | 2015-03-31 | 2015-08-12 | 努比亚技术有限公司 | Wi-Fi password storage method and apparatus |
CN105848090A (en) * | 2016-03-30 | 2016-08-10 | 乐视控股(北京)有限公司 | Router, terminal device, access method thereof and device thereof |
CN105873034A (en) * | 2016-05-19 | 2016-08-17 | 徐美琴 | Safe hot spot information processing method |
CN106101058A (en) * | 2016-05-19 | 2016-11-09 | 郑建钦 | A kind of hot information processing method based on Quick Response Code |
CN106028327A (en) * | 2016-05-19 | 2016-10-12 | 徐美琴 | Method for realizing hotspot security through authentication server |
CN107548062A (en) * | 2016-06-29 | 2018-01-05 | 联芯科技有限公司 | Storage method, wifi connection methods and the device of wifi passwords |
CN106572488B (en) * | 2016-11-02 | 2021-01-08 | 捷开通讯(深圳)有限公司 | WIFI hotspot sharing method of terminal equipment and terminal equipment |
CN107968994A (en) * | 2017-11-29 | 2018-04-27 | 北京小米移动软件有限公司 | Method for building up, the apparatus and system of LAN |
RU2679882C1 (en) * | 2018-03-12 | 2019-02-14 | Хуавей Дивайс (Дунгуань) Ко., Лтд | Wireless access method and associated device and system |
CN108696866A (en) * | 2018-05-14 | 2018-10-23 | 四川斐讯信息技术有限公司 | A kind of wireless connection method and system, wireless terminal, radio reception device |
CN108684067A (en) * | 2018-05-14 | 2018-10-19 | 四川斐讯信息技术有限公司 | Time-based wireless connection method and system, radio reception device |
CN111010693B (en) * | 2019-11-25 | 2023-10-03 | 华为技术有限公司 | Method for providing wireless fidelity network access service and electronic equipment |
CN113225788B (en) * | 2021-04-20 | 2023-04-07 | Oppo广东移动通信有限公司 | WiFi connection method and device, electronic equipment and readable storage medium |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101873719A (en) * | 2010-05-31 | 2010-10-27 | 华为终端有限公司 | Method, device and system for configuring wireless fidelity (WIFI) parameter |
WO2010145142A1 (en) * | 2009-06-30 | 2010-12-23 | 中兴通讯股份有限公司 | Monitoring system, monitoring method and wireless fidelity local system of monitoring system |
CN102315864A (en) * | 2011-09-07 | 2012-01-11 | 百度在线网络技术(北京)有限公司 | Method of point-to-point data transmission for mobile device and device |
CN202210805U (en) * | 2011-07-08 | 2012-05-02 | 陈利人 | Wireless fidelity device, wireless receiving device and short-distance wireless broadcast system |
CN102883315A (en) * | 2012-08-28 | 2013-01-16 | 中兴通讯股份有限公司 | Wireless fidelity (WiFi) authentication method and system, and terminal |
Family Cites Families (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8532304B2 (en) * | 2005-04-04 | 2013-09-10 | Nokia Corporation | Administration of wireless local area networks |
CN101114901B (en) * | 2006-07-26 | 2010-08-25 | 联想(北京)有限公司 | Safety authentication system, apparatus and method for non-contact type wireless data transmission |
CN102547566A (en) * | 2012-01-06 | 2012-07-04 | 南京中兴软创科技股份有限公司 | Location-based multimedia information pushing method in wireless local area network and pushing system thereof |
-
2012
- 2012-08-28 CN CN2012103102154A patent/CN102883315A/en active Pending
-
2013
- 2013-07-11 WO PCT/CN2013/079196 patent/WO2013178136A1/en active Application Filing
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2010145142A1 (en) * | 2009-06-30 | 2010-12-23 | 中兴通讯股份有限公司 | Monitoring system, monitoring method and wireless fidelity local system of monitoring system |
CN101873719A (en) * | 2010-05-31 | 2010-10-27 | 华为终端有限公司 | Method, device and system for configuring wireless fidelity (WIFI) parameter |
CN202210805U (en) * | 2011-07-08 | 2012-05-02 | 陈利人 | Wireless fidelity device, wireless receiving device and short-distance wireless broadcast system |
CN102315864A (en) * | 2011-09-07 | 2012-01-11 | 百度在线网络技术(北京)有限公司 | Method of point-to-point data transmission for mobile device and device |
CN102883315A (en) * | 2012-08-28 | 2013-01-16 | 中兴通讯股份有限公司 | Wireless fidelity (WiFi) authentication method and system, and terminal |
Also Published As
Publication number | Publication date |
---|---|
CN102883315A (en) | 2013-01-16 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2013178136A1 (en) | Wireless fidelity authentication method, system and terminal | |
JP5739072B2 (en) | System and method for encoding exchanges using a set of shared ephemeral key data | |
EP2988534A2 (en) | Method of configuring wireless connection via near field communication function and image forming apparatus for performing the method | |
US20190116046A1 (en) | Privacy preserving tag | |
AU2015261578B2 (en) | Communication control apparatus, authentication device, central control apparatus and communication system | |
JP2019537871A5 (en) | ||
CN106572427B (en) | Method and device for establishing near field communication | |
CA3126812A1 (en) | Improved handling of unique identifiers for stations | |
CN103458382A (en) | Hardware encryption transmission and storage method and system of mobile phone private short messages | |
US11042866B2 (en) | Mobile device and method for accessing access point of wireless LAN | |
CN102761870A (en) | Terminal authentication and service authentication method, system and terminal | |
JP6397046B2 (en) | Address book protection method, apparatus and communication system | |
KR20130030474A (en) | System and method for communicating bewteen nfc terminals | |
CN103458101B (en) | The hardware encryption storage method of a kind of mobile phone privacy contact person and system | |
WO2017219642A1 (en) | Information sharing method and system | |
JP6349712B2 (en) | Mobile device setting method | |
KR20140103579A (en) | System and method for authentication of wiress network using near field communication | |
JP7099461B2 (en) | Wireless communication equipment, wireless communication methods and wireless communication systems | |
US10708762B2 (en) | Method and apparatus for virtualizing SIM card, terminal and network side device | |
JP6056467B2 (en) | Wireless terminal and wireless communication device | |
WO2016045168A1 (en) | Data processing method and data processing apparatus | |
KR101604927B1 (en) | Automatic connection ststem and method using near field communication | |
TWI577145B (en) | Method for encrypted data transmission of near field communication device and system thereof | |
JP4585529B2 (en) | Mobile terminal, ID information concealment method, and ID information inquiry method | |
JP6160479B2 (en) | Wireless connection apparatus and method for setting wireless communication |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 13798082 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 13798082 Country of ref document: EP Kind code of ref document: A1 |