WO2013178136A1 - Wireless fidelity authentication method, system and terminal - Google Patents

Wireless fidelity authentication method, system and terminal Download PDF

Info

Publication number
WO2013178136A1
WO2013178136A1 PCT/CN2013/079196 CN2013079196W WO2013178136A1 WO 2013178136 A1 WO2013178136 A1 WO 2013178136A1 CN 2013079196 W CN2013079196 W CN 2013079196W WO 2013178136 A1 WO2013178136 A1 WO 2013178136A1
Authority
WO
WIPO (PCT)
Prior art keywords
wireless
information
ssid
authentication
password
Prior art date
Application number
PCT/CN2013/079196
Other languages
French (fr)
Chinese (zh)
Inventor
应贲
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2013178136A1 publication Critical patent/WO2013178136A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/18Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • H04W12/033Protecting confidentiality, e.g. by encryption of the user plane, e.g. user's traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/062Pre-authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/40Security arrangements using identity modules
    • H04W12/47Security arrangements using identity modules using near field communication [NFC] or radio frequency identification [RFID] modules
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/80Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W84/00Network topologies
    • H04W84/02Hierarchically pre-organised networks, e.g. paging networks, cellular networks, WLAN [Wireless Local Area Network] or WLL [Wireless Local Loop]
    • H04W84/10Small scale networks; Flat hierarchical networks
    • H04W84/12WLAN [Wireless Local Area Networks]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W88/00Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
    • H04W88/08Access point devices

Definitions

  • the present invention relates to the field of communications technologies, and in particular, to a wireless fidelity authentication method, system, and terminal.
  • WiFi wireless fidelity
  • the present invention provides a WiFi authentication method, system and terminal for solving the problem that a wireless AP of an individual or a merchant in the related art cannot be well protected.
  • An embodiment of the present invention provides a wireless fidelity WiFi authentication method, including:
  • the wireless AP information includes at least a service set identifier SSID and a password
  • the method also includes encrypting the wireless AP information including the SSID and the password prior to storing.
  • the step of the terminal performing WiFi authentication according to the wireless AP information includes: performing encrypted wireless After the AP information is decrypted, the SSID and the password are obtained, and the SSID and the password are used to perform WiFi authentication with the corresponding router, and after the authentication is passed, the WiFi network corresponding to the wireless AP information is accessed.
  • the method further includes: deleting the SSID and password of the wireless AP information when the terminal disconnects the connected WiFi network.
  • the method also includes: setting the SSID to a hidden state in the router.
  • the hotspot information storage device is a contactless card, an NFC device, or an NFC tag that stores wireless AP information.
  • the embodiment of the present invention further provides a wireless fidelity WiFi authentication system, including: a hotspot information storage device and a terminal, where
  • the hotspot information storage device is configured to store wireless access point AP information
  • the terminal is configured to read wireless AP information from the hotspot information storage device by using a short-range wireless communication NFC function, and perform WiFi authentication according to the wireless AP information.
  • the wireless AP information includes at least a service set identifier SSID and a password, where the wireless AP information is encrypted before being stored; the terminal includes:
  • a wireless AP information processing module configured to read the encrypted wireless AP information from the hotspot information storage device by using an NFC function, and decrypt the encrypted wireless AP information to obtain an SSID and a password;
  • An authentication module configured to obtain an SSID and a password from the wireless AP information processing module, perform WiFi authentication with the corresponding router according to the SSID and the password, and access the wireless AP information after the authentication is passed WiFi network.
  • the wireless AP information processing module is further configured to delete the SSID and the password of the wireless AP information when the terminal disconnects the connected WiFi network.
  • the embodiment of the present invention further provides a terminal, including: a wireless access point AP information processing module and an authentication module, where
  • the wireless AP information processing module is configured to read wireless AP information from a predetermined hotspot information storage device by using a short-range wireless communication NFC function;
  • the authentication module is configured to perform WiFi authentication according to the wireless AP information.
  • the wireless AP information processing module is further configured to: if the read wireless AP information is encrypted before being stored, decrypt the wireless AP information to obtain an SSID and a password;
  • the authentication module is configured to perform WiFi authentication by: obtaining an SSID and a password from the wireless AP information processing module, performing WiFi authentication with the corresponding router according to the SSID and the password, and after the authentication is passed Accessing to the WiFi network corresponding to the wireless AP information.
  • the terminal obtains the wireless AP information through the NFC function, which can effectively ensure the security of the WiFi hotspot.
  • FIG. 1 is a schematic flowchart of a method according to an embodiment of the present invention.
  • FIG. 2 is a schematic flowchart of an application of a method in a hotel environment according to an embodiment of the present invention
  • FIG. 3 is a schematic flowchart of a method for applying the method in a shopping mall environment according to an embodiment of the present invention
  • FIG. 4 is a schematic structural diagram of a system according to an embodiment of the present invention.
  • FIG. 5 is a schematic structural diagram of a terminal according to an embodiment of the present invention.
  • FIG. 1 is a schematic flowchart of a method according to an embodiment of the present invention, which may specifically include: Step 101: The wireless AP information is stored in the predetermined hotspot information storage device in advance. Step 102: The terminal reads the wireless AP information from the hotspot information storage device by using the NFC function, and performs WiFi authentication according to the wireless AP information.
  • the hotspot information storage device may be a contactless card, an NFC device, or an NFC tag that stores wireless AP information.
  • the wireless AP information includes at least: an SSID (Service Set Identifier) and a password.
  • the wireless AP information including the SSID and the password may be encrypted before being stored, and after the terminal obtains the encrypted wireless AP information and decrypts, the terminal obtains the SSID and the password, and performs the SSID and the password with the corresponding router according to the SSID and the password.
  • WiFi authentication, and access to the corresponding WiFi network after the authentication is passed, the SSID can be set to be hidden in the router; when the terminal disconnects the connected WiFi network, the corresponding SSID and password are deleted.
  • the merchant pre-registers the SSID and password of the wireless AP information into the predetermined hotspot information storage device after being encrypted by the algorithm; the terminal that needs to perform WiFi authentication should have the NFC function and the WiFi function;
  • the hotspot information storage device may be a non-contact room card of the hotel.
  • the contactless room card is produced, information about the room is generally put into the room, and the room card generally has room for some data.
  • the wireless AP information is placed when the room card is created;
  • the hotspot information storage device may also be a separate contactless card containing wireless AP information, and the card may be handed over to the user at the same time as the room card;
  • the NFC device may also be provided by the hotel.
  • the NFC device includes wireless AP information. When the user uses the terminal to exchange NFC information with the NFC device, the wireless AP information is sent to the terminal.
  • the encrypted wireless AP information exists. The way is:
  • FIG. 2 is a schematic diagram of a process of applying the method in a hotel environment according to an embodiment of the present invention, which may specifically include:
  • Step 201 The terminal is ready to perform WiFi authentication.
  • the specific implementation process is as follows: The terminal downloads a background server for authentication (here named NFC-Wifi- Authentication Server, referred to as NWAS), the subsequent authentication process is mainly completed by NWAS;
  • NWAS NFC-Wifi- Authentication Server
  • Step 202 The NWAS adjusts the NFC function of the terminal to the card reading mode.
  • Step 203 The NWAS reads the encrypted wireless AP information from the hotspot information storage device, that is, the NWAS obtains the following data through the NFC function, and the NWAS sets the NFC function to the standby mode: SSID encrypted data (space) password encryption Data
  • Step 204 The NWAS decrypts the wireless AP information by using a bidirectional algorithm to obtain an SSID and a password.
  • Step 205 The NWAS invokes the background WiFi function according to the obtained SSID to start searching for the bearer router of the SSID.
  • Step 206 After shaking hands with the router, NWAS Entering a password corresponding to the SSID through the background WiFi function, and completing authentication authentication with the router;
  • Step 207 The WiFi authentication is completed, and the terminal can use the WiFi network provided by the merchant; at the same time, the NWAS hides the wireless AP information of the WiFi connection to avoid leakage of the SSID;
  • Step 208 Determine whether the terminal needs to disconnect from the WiFi network, if yes, go to step 209; if no, go to step 211;
  • Step 209 Disconnect the WiFi network by using the function of disconnecting the WiFi network provided by the NWAS, and the NWAS will delete all the wireless AP information of the current connection;
  • Step 210 When the terminal wants to re-use the WiFi network, go to step 203 and restart the use of the WiFi network by swiping the card again;
  • Step 211 Keep connected.
  • the SSID in order to protect the security of the AP, and to maintain the availability of the AP, the SSID should be made invisible; and the SSID and password should be replaced once, and the SSID and password are unordered letters/numbers; Moreover, since the function of hiding the hotspot SSID is retained in most of the routers, the SSID can also be set to the hidden state for the hotel router; in addition, it can be set completely differently for different routers. , irregular SSID to effectively protect hot spots;
  • the wireless AP information encryption and decryption should use some bidirectional algorithm.
  • the specific algorithm is selected by the merchant.
  • the encryption and decryption algorithm exists in both the NWAS and the merchant's card writing device.
  • Scene 2 A shopping mall, the mall can provide customers with a large number of NFC tags, through the NFC tag, you can get specific information for each item; the merchant pre-set the SSID and password of the wireless AP information, after the algorithm is encrypted, and the product information Write to NFC tags together; terminals that require WiFi authentication should have NFC and WiFi capabilities.
  • FIG. 3 is a schematic diagram of a process of applying the method in a shopping mall environment according to an embodiment of the present invention, which may specifically include:
  • Step 301 The terminal is ready to perform WiFi authentication.
  • the specific implementation process is: the user downloads and obtains the merchant-specific commodity parsing program, where the parsing program includes the NWAS and the commodity parsing program;
  • Step 302 The NWAS adjusts the NFC function of the terminal. To information exchange mode;
  • Step 303 The user uses the terminal to exchange information with the NFC tag.
  • the NFC tag exchanges information with the background server through the location information of the terminal, obtains the latest product information and wireless AP information, and obtains the following data through the NFC function.
  • the NWAS Set the NFC function to standby mode Product information (space) SSID encrypted data (space) password encrypted data;
  • the product information is parsed by the product parsing program and displayed to the user; if the user chooses to use the WiFi network provided by the mall, the encrypted wireless AP information is handed over to the decryption process by the NWAS;
  • Step 304 The NWAS decrypts the wireless AP information by using a bidirectional algorithm to obtain the SSID and the password.
  • Step 305 The NWAS invokes the background WiFi function according to the obtained SSID to start searching for the bearer router of the SSID.
  • Step 306 After shaking hands with the router, NWAS Enter and use the background WiFi function
  • the password corresponding to the SSID completes the authentication with the router
  • Step 307 After the WiFi authentication is completed, the terminal can use the WiFi network provided by the merchant; at the same time, the NWAS hides the wireless AP information of the WiFi connection to avoid the leakage of the SSID;
  • Step 308 Determine whether the terminal needs to disconnect from the WiFi network, if yes, go to step 309; if no, go to step 311;
  • Step 309 Disconnect the WiFi network by using the function of disconnecting the WiFi network provided by the NWAS, and the NWAS will delete all the wireless AP information connected this time;
  • Step 310 When the terminal wants to re-use the WiFi network, go to step 303 and pass the Brush the NFC tag twice to restart the use of the WiFi network;
  • Step 311 Stay connected.
  • the SSID in order to protect the security of the AP, and to maintain the availability of the AP, the SSID should be made invisible; and the SSID and password should be replaced once, and the SSID and password are unordered letters/numbers; Moreover, since the function of hiding the hotspot SSID is retained in most of the routers, the SSID can also be set to the hidden state for the hotel router; in addition, it can be set completely differently for different routers. , irregular SSID to effectively protect hot spots;
  • the wireless AP information encryption and decryption should use some bidirectional algorithm, the specific algorithm is selected by the merchant, and the encryption and decryption algorithm exists in both the NWAS and the merchant's card writing device;
  • the user may be advised to uninstall the dedicated NWAS when leaving the hotel or the mall.
  • the device also needs a background servo program, which can call the NFC module to complete the function related to the AP related information with the first part of the device; meanwhile, the servo program can call the background WiFi program, and the obtained AP related information. After the conversion, the background program completes the authentication of the WiFi.
  • FIG. 4 is a schematic structural diagram of a system according to an embodiment of the present invention, which may include: a hotspot information storage device and a terminal, where
  • the hotspot information storage device 40 is configured to store the wireless access point AP information; the wireless AP information includes at least: a service set identifier SSID and a password, and the wireless AP information including the SSID and the password has been encrypted before being stored.
  • the terminal 41 is arranged to read the wireless AP information from the hotspot information storage device 40 through the NFC function, and perform WiFi authentication based on the wireless AP information.
  • the terminal 41 may include: a wireless AP information processing module 411 and an authentication module 412, wherein the wireless AP information processing module 411 is configured to: read the encrypted wireless AP information from the hotspot information storage device 40 by using the NFC function, and The encrypted wireless AP information is decrypted to obtain the SSID and the password; when the terminal disconnects the connected WiFi network, the corresponding SSID is deleted. Password.
  • the wireless AP information processing module 411 is configured to: read the encrypted wireless AP information from the hotspot information storage device 40 by using the NFC function, and The encrypted wireless AP information is decrypted to obtain the SSID and the password; when the terminal disconnects the connected WiFi network, the corresponding SSID is deleted. Password.
  • the authentication module 412 is configured to obtain the SSID and the password from the wireless AP information processing module 411, perform WiFi authentication with the corresponding router according to the SSID and the password, and access the corresponding WiFi network after the authentication is passed.
  • FIG. 5 is a schematic structural diagram of a terminal according to an embodiment of the present invention, including: a wireless AP information processing module 501 configured to read wireless AP information from a predetermined hotspot information storage device by using an NFC function; The wireless AP information processing module needs to decrypt the encrypted wireless AP information to obtain the SSID and password after storing the wireless AP information including the SSID and the password.
  • a wireless AP information processing module 501 configured to read wireless AP information from a predetermined hotspot information storage device by using an NFC function
  • the wireless AP information processing module needs to decrypt the encrypted wireless AP information to obtain the SSID and password after storing the wireless AP information including the SSID and the password.
  • the authentication module 502 is configured to perform WiFi authentication according to the wireless AP information. Specifically, the authentication module 502 obtains an SSID and a password from the wireless AP information processing module, and performs WiFi according to the SSID and the password and the corresponding router. Authentication, and access to the corresponding WiFi network after the authentication is passed.
  • the embodiment of the present invention provides a WiFi authentication method, system, and terminal
  • NFC communication has the characteristics of privacy. Because its working distance is short, it can effectively protect the working distance of the AP. At the same time, the SSID of the AP can be hidden. By hiding the SSID, but putting the SSID in the relevant device, the NFC will be The SSID and password information are read in, and then the WIFI-related interface is called through the background server to find the SSID and enter the password to complete the authentication.
  • the present invention does not need to modify the WiFi hotspot to support additional protocols, and only needs a hotspot information storage device capable of providing WiFi wireless AP information.
  • the hotel room card can complete this function after simple data modification;
  • the WiFi protocol of the terminal requires only one servo program. Through the combination of the two, the whole process of WiFi authentication is completed, that is, the security of the hotspot is ensured, and the cost is saved.
  • the method, system and terminal provided by the embodiments of the present invention can effectively protect the security of the WiFi hotspot.

Abstract

A wireless fidelity (WiFi) authentication method, system and terminal. The method comprises: storing wireless AP information in a preset hotspot information storage device in advance; and a terminal reading the wireless AP information from the hotspot information storage device through a near field communication (NFC) function, and conducting WiFi authentication according to the wireless AP information. The system comprises a hotspot information storage device and a terminal. The terminal comprises a wireless access point (AP) information processing module and an authentication module. In the present invention, the terminal obtains wireless AP information through an NFC function, thereby being able to ensure the security of a WiFi hotspot effectively.

Description

无线保真鉴权方法、 系统及终端  Wireless fidelity authentication method, system and terminal
技术领域 Technical field
本发明涉及通信技术领域, 尤其涉及一种无线保真鉴权方法、 系统及终 端。  The present invention relates to the field of communications technologies, and in particular, to a wireless fidelity authentication method, system, and terminal.
背景技术 Background technique
随着 WiFi ( wireless fidelity, 无线保真)技术的发展, 各地开始部署越来 越多的 WiFi热点。 由于 WiFi机制本身的原因, WiFi机制不允许动态更改热 点的密码, 而固定密码, 往往是不安全的。  With the development of WiFi (wireless fidelity) technology, more and more WiFi hotspots have been deployed everywhere. Due to the WiFi mechanism itself, the WiFi mechanism does not allow the password of the hot spot to be dynamically changed, and the fixed password is often unsafe.
虽然目前已经衍生出了很多为 WiFi进行无密码鉴权的方案,但是这类方 案只能用于运营商网络,而对于个人或商家 (如酒店、麦当劳、肯德基餐厅等), 不能实现对自己无线 AP (接入点) 的很好保护。  Although many schemes for password-free authentication for WiFi have been developed, such schemes can only be used for carrier networks, but for individuals or businesses (such as hotels, McDonald's, KFC restaurants, etc.), wireless AP (access point) is well protected.
发明内容 Summary of the invention
鉴于上述的分析, 本发明提供一种 WiFi鉴权方法、 系统及终端, 用以解 决相关技术中个人或商家的无线 AP不能很好被保护的问题。  In view of the above analysis, the present invention provides a WiFi authentication method, system and terminal for solving the problem that a wireless AP of an individual or a merchant in the related art cannot be well protected.
本发明的目的主要是通过以下技术方案实现的:  The object of the present invention is mainly achieved by the following technical solutions:
本发明实施方式提供了一种无线保真 WiFi鉴权方法, 包括:  An embodiment of the present invention provides a wireless fidelity WiFi authentication method, including:
预先将无线接入点 AP信息存储于预定的热点信息存储设备中; 以及 终端通过近距离无线通讯 NFC功能从所述热点信息存储设备中读取所述 无线 AP信息, 并根据所述无线 AP信息进行 WiFi鉴权。  Storing the wireless access point AP information in a predetermined hotspot information storage device in advance; and reading, by the terminal, the wireless AP information from the hotspot information storage device by using a short-range wireless communication NFC function, and according to the wireless AP information Perform WiFi authentication.
所述无线 AP信息至少包括服务集标识 SSID和密码;  The wireless AP information includes at least a service set identifier SSID and a password;
所述方法还包括: 在存储之前对包含有 SSID和密码的无线 AP信息进行 加密。  The method also includes encrypting the wireless AP information including the SSID and the password prior to storing.
终端根据所述无线 AP信息进行 WiFi鉴权的步骤包括: 对加密后的无线 AP信息进行解密后得到 SSID和密码, 根据所述 SSID和密码与对应的路由 器进行 WiFi鉴权, 并在鉴权通过后接入到所述无线 AP信息对应的 WiFi网 络。 The step of the terminal performing WiFi authentication according to the wireless AP information includes: performing encrypted wireless After the AP information is decrypted, the SSID and the password are obtained, and the SSID and the password are used to perform WiFi authentication with the corresponding router, and after the authentication is passed, the WiFi network corresponding to the wireless AP information is accessed.
该方法还包括: 当所述终端断开已连接的 WiFi 网络时, 删除所述无线 AP信息的 SSID和密码。  The method further includes: deleting the SSID and password of the wireless AP information when the terminal disconnects the connected WiFi network.
该方法还包括: 在所述路由器中设置所述 SSID为隐藏状态。  The method also includes: setting the SSID to a hidden state in the router.
所述热点信息存储设备为存储有无线 AP信息的非接触式卡片、 NFC设 备或者 NFC标签。  The hotspot information storage device is a contactless card, an NFC device, or an NFC tag that stores wireless AP information.
本发明实施方式还提供了一种无线保真 WiFi鉴权系统, 包括: 热点信息 存储设备和终端, 其中,  The embodiment of the present invention further provides a wireless fidelity WiFi authentication system, including: a hotspot information storage device and a terminal, where
所述热点信息存储设备设置成存储无线接入点 AP信息;  The hotspot information storage device is configured to store wireless access point AP information;
所述终端设置成通过近距离无线通讯 NFC功能从所述热点信息存储设备 中读取无线 AP信息, 并根据所述无线 AP信息进行 WiFi鉴权。  The terminal is configured to read wireless AP information from the hotspot information storage device by using a short-range wireless communication NFC function, and perform WiFi authentication according to the wireless AP information.
所述无线 AP信息至少包括服务集标识 SSID和密码,用于在存储前对所 述无线 AP信息进行加密; 所述终端包括:  The wireless AP information includes at least a service set identifier SSID and a password, where the wireless AP information is encrypted before being stored; the terminal includes:
无线 AP信息处理模块, 其设置成利用 NFC功能从所述热点信息存储设 备中读取加密后的无线 AP信息,并对加密后的无线 AP信息进行解密后得到 SSID和密码; 以及  a wireless AP information processing module, configured to read the encrypted wireless AP information from the hotspot information storage device by using an NFC function, and decrypt the encrypted wireless AP information to obtain an SSID and a password;
鉴权模块, 其设置成从所述无线 AP信息处理模块得到 SSID和密码, 根 据所述 SSID和密码与对应的路由器进行 WiFi鉴权, 并在鉴权通过后接入到 所述无线 AP信息对应的 WiFi网络。  An authentication module, configured to obtain an SSID and a password from the wireless AP information processing module, perform WiFi authentication with the corresponding router according to the SSID and the password, and access the wireless AP information after the authentication is passed WiFi network.
所述无线 AP信息处理模块还设置成当所述终端断开已连接的 WiFi网络 时, 删除所述无线 AP信息的 SSID和密码。  The wireless AP information processing module is further configured to delete the SSID and the password of the wireless AP information when the terminal disconnects the connected WiFi network.
本发明实施方式还提供了一种终端, 包括: 无线接入点 AP信息处理模 块和鉴权模块, 其中,  The embodiment of the present invention further provides a terminal, including: a wireless access point AP information processing module and an authentication module, where
所述无线 AP信息处理模块设置成利用近距离无线通讯 NFC功能从预定 的热点信息存储设备中读取无线 AP信息; 以及 所述鉴权模块设置成根据所述无线 AP信息进行 WiFi鉴权。 The wireless AP information processing module is configured to read wireless AP information from a predetermined hotspot information storage device by using a short-range wireless communication NFC function; The authentication module is configured to perform WiFi authentication according to the wireless AP information.
所述无线 AP信息处理模块还设置成如果所读取的无线 AP信息在存储前 进行了加密处理, 则对所述无线 AP信息进行解密后得到 SSID和密码;  The wireless AP information processing module is further configured to: if the read wireless AP information is encrypted before being stored, decrypt the wireless AP information to obtain an SSID and a password;
所述鉴权模块是设置成通过如下方式进行 WiFi鉴权: 从所述无线 AP信 息处理模块得到 SSID和密码, 根据所述 SSID和密码与对应的路由器进行 WiFi鉴权, 并在鉴权通过后接入到所述无线 AP信息对应的 WiFi网络。  The authentication module is configured to perform WiFi authentication by: obtaining an SSID and a password from the wireless AP information processing module, performing WiFi authentication with the corresponding router according to the SSID and the password, and after the authentication is passed Accessing to the WiFi network corresponding to the wireless AP information.
本发明有益效果如下:  The beneficial effects of the present invention are as follows:
本发明中, 终端通过 NFC功能获取无线 AP信息, 可以有效保障 WiFi 热点的安全。  In the present invention, the terminal obtains the wireless AP information through the NFC function, which can effectively ensure the security of the WiFi hotspot.
本发明的其他特征和优点将在随后的说明书中阐述, 并且, 部分的从说 明书中变得显而易见, 或者通过实施本发明而了解。 本发明的目的和其他优 点可通过在所写的说明书、 权利要求书、 以及附图中所特别指出的结构来实 现和获得。  Other features and advantages of the invention will be set forth in the description in the description which follows. The objectives and other advantages of the invention will be realized and attained by the <RTI
附图概述 BRIEF abstract
图 1为本发明实施例所述方法的流程示意图;  1 is a schematic flowchart of a method according to an embodiment of the present invention;
图 2为本发明实施例所述方法在酒店环境下应用的流程示意图; 图 3为本发明实施例所述方法在商场环境下应用的流程示意图; 图 4为本发明实施例所述系统的结构示意图;  2 is a schematic flowchart of an application of a method in a hotel environment according to an embodiment of the present invention; FIG. 3 is a schematic flowchart of a method for applying the method in a shopping mall environment according to an embodiment of the present invention; FIG. 4 is a schematic structural diagram of a system according to an embodiment of the present invention; Schematic diagram
图 5为本发明实施例所述终端的结构示意图。  FIG. 5 is a schematic structural diagram of a terminal according to an embodiment of the present invention.
本发明的较佳实施方式 Preferred embodiment of the invention
下面结合附图来具体描述本发明的优选实施例, 其中, 附图构成本申请 一部分, 并与本发明的实施例一起用于阐释本发明的原理。  The preferred embodiments of the present invention are described in detail below with reference to the accompanying drawings, in which FIG.
首先, 结合附图 1到 3对本发明实施例所述方法进行说明。  First, the method according to the embodiment of the present invention will be described with reference to FIGS. 1 to 3.
如图 1所示, 图 1为本发明实施例所述方法的流程示意图, 具体可以包 括: 步骤 101 : 预先将无线 AP信息存储于预定的热点信息存储设备中; 步骤 102: 终端通过 NFC功能从该热点信息存储设备中读取无线 AP信 息, 并根据该无线 AP信息进行 WiFi鉴权。 As shown in FIG. 1 , FIG. 1 is a schematic flowchart of a method according to an embodiment of the present invention, which may specifically include: Step 101: The wireless AP information is stored in the predetermined hotspot information storage device in advance. Step 102: The terminal reads the wireless AP information from the hotspot information storage device by using the NFC function, and performs WiFi authentication according to the wireless AP information.
其中, 热点信息存储设备可以为, 存储有无线 AP信息的非接触式卡片、 NFC设备或者 NFC标签;无线 AP信息至少包括: SSID( Service Set Identifier, 服务集标识)和密码。  The hotspot information storage device may be a contactless card, an NFC device, or an NFC tag that stores wireless AP information. The wireless AP information includes at least: an SSID (Service Set Identifier) and a password.
可选地, 在存储前可以对包含有 SSID和密码的无线 AP信息进行加密, 终端获取到加密后的无线 AP信息后进行解密后, 得到 SSID和密码, 根据该 SSID和密码与对应的路由器进行 WiFi鉴权, 并在鉴权通过后接入到对应的 WiFi网络, 在路由器中可以设置将 SSID为隐藏状态; 当所述终端断开已连 接的 WiFi网络时, 删除对应的 SSID和密码。  Optionally, the wireless AP information including the SSID and the password may be encrypted before being stored, and after the terminal obtains the encrypted wireless AP information and decrypts, the terminal obtains the SSID and the password, and performs the SSID and the password with the corresponding router according to the SSID and the password. WiFi authentication, and access to the corresponding WiFi network after the authentication is passed, the SSID can be set to be hidden in the router; when the terminal disconnects the connected WiFi network, the corresponding SSID and password are deleted.
为了便于理解本发明实施例所述方法, 以下将以两个具体的应用场景为 例进一步说明。  In order to facilitate the understanding of the method in the embodiment of the present invention, two specific application scenarios are further described below as an example.
场景一: 某酒店, 商家预先将无线 AP信息的 SSID和密码, 经过该算法 加密后, 写入到预定的热点信息存储设备中; 需要进行 WiFi鉴权的终端应该 具备 NFC功能和 WiFi功能; 该场景下, 热点信息存储设备可以是酒店的非 接触式房卡, 非接触式房卡在制作时, 一般会放入房间的相关信息, 而该房 卡一般还会有空间可以放入一些数据, 在制作房卡的时候将该无线 AP信息 放入; 热点信息存储设备也可以是一个独立的包含有无线 AP信息的非接触 式卡片, 该卡片可以与房卡同时交由用户; 热点信息存储设备还可以是酒店 提供的 NFC设备, 该 NFC设备中包含了无线 AP信息, 当用户使用终端与该 NFC设备进行 NFC信息交换时, 将无线 AP信息发送给终端; 其中, 加密后 的无线 AP信息存在方式为:  Scenario 1: In a hotel, the merchant pre-registers the SSID and password of the wireless AP information into the predetermined hotspot information storage device after being encrypted by the algorithm; the terminal that needs to perform WiFi authentication should have the NFC function and the WiFi function; In the scenario, the hotspot information storage device may be a non-contact room card of the hotel. When the contactless room card is produced, information about the room is generally put into the room, and the room card generally has room for some data. The wireless AP information is placed when the room card is created; the hotspot information storage device may also be a separate contactless card containing wireless AP information, and the card may be handed over to the user at the same time as the room card; The NFC device may also be provided by the hotel. The NFC device includes wireless AP information. When the user uses the terminal to exchange NFC information with the NFC device, the wireless AP information is sent to the terminal. The encrypted wireless AP information exists. The way is:
SSID加密数据 (空格)密码加密数据。  SSID Encrypted Data (Space) Password Encrypted Data.
如图 2所示, 图 2为本发明实施例所述方法在酒店环境下应用的流程示 意图, 具体可以包括:  As shown in FIG. 2, FIG. 2 is a schematic diagram of a process of applying the method in a hotel environment according to an embodiment of the present invention, which may specifically include:
步骤 201 : 终端准备进行 WiFi鉴权; 具体实现过程为: 终端下载用于鉴 权的后台伺服程序 (这里将之命名为 NFC—Wifi— Authentication Server, 简称 NWAS ) , 后续鉴权过程主要由 NWAS完成; Step 201: The terminal is ready to perform WiFi authentication. The specific implementation process is as follows: The terminal downloads a background server for authentication (here named NFC-Wifi- Authentication Server, referred to as NWAS), the subsequent authentication process is mainly completed by NWAS;
步骤 202: NWAS将该终端的 NFC功能调整至卡读取模式;  Step 202: The NWAS adjusts the NFC function of the terminal to the card reading mode.
步骤 203: NWAS读取到来自热点信息存储设备的加密无线 AP信息, 即, NWAS通过 NFC功能获取了如下的数据, 同时, NWAS将 NFC功能设 定为待机模式: SSID加密数据 (空格)密码加密数据;  Step 203: The NWAS reads the encrypted wireless AP information from the hotspot information storage device, that is, the NWAS obtains the following data through the NFC function, and the NWAS sets the NFC function to the standby mode: SSID encrypted data (space) password encryption Data
步骤 204: NWAS通过双向算法解密该无线 AP信息,获得 SSID和密码; 步骤 205: NWAS根据获得的 SSID调用后台 WiFi功能,开始搜索该 SSID 的承载路由器; 步骤 206: 与该路由器进行握手后, NWAS通过后台 WiFi功能输入与该 SSID对应的密码, 完成与路由器的鉴权认证;  Step 204: The NWAS decrypts the wireless AP information by using a bidirectional algorithm to obtain an SSID and a password. Step 205: The NWAS invokes the background WiFi function according to the obtained SSID to start searching for the bearer router of the SSID. Step 206: After shaking hands with the router, NWAS Entering a password corresponding to the SSID through the background WiFi function, and completing authentication authentication with the router;
步骤 207: WiFi认证完成,终端可以使用该商户提供的 WiFi网络; 同时, NWAS隐藏该 WiFi连接的无线 AP信息, 避免 SSID的泄露;  Step 207: The WiFi authentication is completed, and the terminal can use the WiFi network provided by the merchant; at the same time, the NWAS hides the wireless AP information of the WiFi connection to avoid leakage of the SSID;
步骤 208: 判断终端是否需要断开与 WiFi网络的连接, 如果是, 执行步 骤 209; 如果否, 执行步骤 211 ;  Step 208: Determine whether the terminal needs to disconnect from the WiFi network, if yes, go to step 209; if no, go to step 211;
步骤 209:通过 NWAS提供的断开 WiFi网络的功能,来断开 WiFi网络, 同时, NWAS将删除所有本次连接的无线 AP信息;  Step 209: Disconnect the WiFi network by using the function of disconnecting the WiFi network provided by the NWAS, and the NWAS will delete all the wireless AP information of the current connection;
步骤 210: 当终端想要重新使用 WiFi该网络时, 转到步骤 203 , 通过再 次刷卡的方式, 来重新开始使用该 WiFi网络;  Step 210: When the terminal wants to re-use the WiFi network, go to step 203 and restart the use of the WiFi network by swiping the card again;
步骤 211 : 保持连接。  Step 211: Keep connected.
需要说明的是, 酒店为保护 AP的安全性, 也为了维护该 AP的可用性, 应该将该 SSID设为不可见; 并且定期更换一次 SSID及密码, 该 SSID和密 码均为无序字母 /数列; 并且, 由于在绝大部分的路由器中均保留有隐藏热点 SSID的功能, 因此对于酒店的路由器, 还可以将 SSID设置为隐藏状态; 另 夕卜,还可以通过为不同的路由器设定完全不同的、无规律的 SSID来有效保护 热点;  It should be noted that, in order to protect the security of the AP, and to maintain the availability of the AP, the SSID should be made invisible; and the SSID and password should be replaced once, and the SSID and password are unordered letters/numbers; Moreover, since the function of hiding the hotspot SSID is retained in most of the routers, the SSID can also be set to the hidden state for the hotel router; in addition, it can be set completely differently for different routers. , irregular SSID to effectively protect hot spots;
无线 AP信息加密解密时应该使用某种双向算法, 具体算法由商户选定, 在 NWAS和商家的写卡设备中均存在该加密解密算法。 场景二: 某商场, 该商场可以为顾客提供大量的 NFC标签, 通过 NFC 标签, 可以获得每件商品的具体信息; 商家预先将无线 AP信息的 SSID和密 码, 经过该算法加密后, 与商品信息一起写入到 NFC标签中; 需要进行 WiFi 鉴权的终端应该具备 NFC功能和 WiFi功能。 The wireless AP information encryption and decryption should use some bidirectional algorithm. The specific algorithm is selected by the merchant. The encryption and decryption algorithm exists in both the NWAS and the merchant's card writing device. Scene 2: A shopping mall, the mall can provide customers with a large number of NFC tags, through the NFC tag, you can get specific information for each item; the merchant pre-set the SSID and password of the wireless AP information, after the algorithm is encrypted, and the product information Write to NFC tags together; terminals that require WiFi authentication should have NFC and WiFi capabilities.
如图 3所示, 图 3为本发明实施例所述方法在商场环境下应用的流程示 意图, 具体可以包括:  As shown in FIG. 3, FIG. 3 is a schematic diagram of a process of applying the method in a shopping mall environment according to an embodiment of the present invention, which may specifically include:
步骤 301 : 终端准备进行 WiFi鉴权; 具体实现过程为: 用户下载获得该 商家专有的商品解析程序, 该解析程序中, 包含 NWAS和商品解析程序; 步骤 302: NWAS将该终端的 NFC功能调整至信息交换模式;  Step 301: The terminal is ready to perform WiFi authentication. The specific implementation process is: the user downloads and obtains the merchant-specific commodity parsing program, where the parsing program includes the NWAS and the commodity parsing program; Step 302: The NWAS adjusts the NFC function of the terminal. To information exchange mode;
步骤 303: 用户使用该终端与 NFC标签进行信息交互, NFC标签通过自 身的位置信息与后台服务器进行信息交换, 获得最新的商品信息和无线 AP 信息, 通过 NFC功能获取到如下的数据, 同时, NWAS将 NFC功能设定为 待机模式: 商品信息 (空格) SSID加密数据 (空格)密码加密数据;  Step 303: The user uses the terminal to exchange information with the NFC tag. The NFC tag exchanges information with the background server through the location information of the terminal, obtains the latest product information and wireless AP information, and obtains the following data through the NFC function. Meanwhile, the NWAS Set the NFC function to standby mode: Product information (space) SSID encrypted data (space) password encrypted data;
其中, 商品信息由商品解析程序进行解析后显示给用户; 如果用户选择 使用商场提供的 WiFi网络,则加密的无线 AP信息将交由由 NWAS完成解密 过程;  The product information is parsed by the product parsing program and displayed to the user; if the user chooses to use the WiFi network provided by the mall, the encrypted wireless AP information is handed over to the decryption process by the NWAS;
步骤 304: NWAS通过双向算法解密该无线 AP信息,获得 SSID和密码; 步骤 305: NWAS根据获得的 SSID调用后台 WiFi功能,开始搜索该 SSID 的承载路由器; 步骤 306: 与该路由器进行握手后, NWAS通过后台 WiFi功能输入与该 Step 304: The NWAS decrypts the wireless AP information by using a bidirectional algorithm to obtain the SSID and the password. Step 305: The NWAS invokes the background WiFi function according to the obtained SSID to start searching for the bearer router of the SSID. Step 306: After shaking hands with the router, NWAS Enter and use the background WiFi function
SSID对应的密码, 完成与路由器的鉴权认证; The password corresponding to the SSID completes the authentication with the router;
步骤 307: WiFi认证完成,终端可以使用该商户提供的 WiFi网络; 同时, NWAS隐藏该 WiFi连接的无线 AP信息, 避免 SSID的泄露;  Step 307: After the WiFi authentication is completed, the terminal can use the WiFi network provided by the merchant; at the same time, the NWAS hides the wireless AP information of the WiFi connection to avoid the leakage of the SSID;
步骤 308: 判断终端是否需要断开与 WiFi网络的连接, 如果是, 执行步 骤 309; 如果否, 执行步骤 311 ;  Step 308: Determine whether the terminal needs to disconnect from the WiFi network, if yes, go to step 309; if no, go to step 311;
步骤 309:通过 NWAS提供的断开 WiFi网络的功能,来断开 WiFi网络, 同时, NWAS将删除所有本次连接无线 AP信息;  Step 309: Disconnect the WiFi network by using the function of disconnecting the WiFi network provided by the NWAS, and the NWAS will delete all the wireless AP information connected this time;
步骤 310: 当终端想要重新使用 WiFi该网络时, 转到步骤 303 , 通过再 次刷任意 NFC标签的方式, 来重新开始使用该 WiFi网络; Step 310: When the terminal wants to re-use the WiFi network, go to step 303 and pass the Brush the NFC tag twice to restart the use of the WiFi network;
步骤 311 : 保持连接。  Step 311: Stay connected.
需要说明的是, 酒店为保护 AP的安全性, 也为了维护该 AP的可用性, 应该将该 SSID设为不可见; 并且定期更换一次 SSID及密码, 该 SSID和密 码均为无序字母 /数列; 并且, 由于在绝大部分的路由器中均保留有隐藏热点 SSID的功能, 因此对于酒店的路由器, 还可以将 SSID设置为隐藏状态; 另 夕卜,还可以通过为不同的路由器设定完全不同的、无规律的 SSID来有效保护 热点;  It should be noted that, in order to protect the security of the AP, and to maintain the availability of the AP, the SSID should be made invisible; and the SSID and password should be replaced once, and the SSID and password are unordered letters/numbers; Moreover, since the function of hiding the hotspot SSID is retained in most of the routers, the SSID can also be set to the hidden state for the hotel router; in addition, it can be set completely differently for different routers. , irregular SSID to effectively protect hot spots;
无线 AP信息加密解密时应该使用某种双向算法, 具体算法由商户选定, 在 NWAS和商家的写卡设备中均存在该加密解密算法;  The wireless AP information encryption and decryption should use some bidirectional algorithm, the specific algorithm is selected by the merchant, and the encryption and decryption algorithm exists in both the NWAS and the merchant's card writing device;
并且, 为了用户使用方便, 可以建议用户离开该酒店或者商场时, 卸载 该专用的 NWAS。  Moreover, for the convenience of the user, the user may be advised to uninstall the dedicated NWAS when leaving the hotel or the mall.
同时, 该设备还需要后台伺服程序, 该伺服程序可以调用 NFC模块, 与 第一部分的设备完成关于 AP相关信息获得的功能; 同时, 该伺服程序可以 调用后台的 WiFi程序, 将获得的 AP相关信息转换后, 交由后台程序完成 WiFi的鉴权。  At the same time, the device also needs a background servo program, which can call the NFC module to complete the function related to the AP related information with the first part of the device; meanwhile, the servo program can call the background WiFi program, and the obtained AP related information. After the conversion, the background program completes the authentication of the WiFi.
接下来, 结合附图 4对本发明实施例所述系统进行详细说明。  Next, the system according to the embodiment of the present invention will be described in detail with reference to FIG.
如图 4所示, 图 4为本发明实施例所述系统的结构示意图, 具体可以包 括: 热点信息存储设备和终端, 其中,  As shown in FIG. 4, FIG. 4 is a schematic structural diagram of a system according to an embodiment of the present invention, which may include: a hotspot information storage device and a terminal, where
热点信息存储设备 40设置成存储无线接入点 AP信息; 该无线 AP信息 至少包括: 服务集标识 SSID和密码, 并且存储前已经对包含有 SSID和密码 的无线 AP信息进行了加密处理。  The hotspot information storage device 40 is configured to store the wireless access point AP information; the wireless AP information includes at least: a service set identifier SSID and a password, and the wireless AP information including the SSID and the password has been encrypted before being stored.
终端 41设置成通过 NFC功能从热点信息存储设备 40中读取无线 AP信 息, 并根据所述无线 AP信息进行 WiFi鉴权。  The terminal 41 is arranged to read the wireless AP information from the hotspot information storage device 40 through the NFC function, and perform WiFi authentication based on the wireless AP information.
该终端 41可以包括: 无线 AP信息处理模块 411和鉴权模块 412, 其中, 无线 AP信息处理模块 411设置成: 利用 NFC功能从热点信息存储设备 40中读取加密后的无线 AP信息, 并对加密后的无线 AP信息进行解密后得 到 SSID和密码; 当该终端断开已连接的 WiFi网络时, 删除对应的 SSID和 密码。 The terminal 41 may include: a wireless AP information processing module 411 and an authentication module 412, wherein the wireless AP information processing module 411 is configured to: read the encrypted wireless AP information from the hotspot information storage device 40 by using the NFC function, and The encrypted wireless AP information is decrypted to obtain the SSID and the password; when the terminal disconnects the connected WiFi network, the corresponding SSID is deleted. Password.
鉴权模块 412设置成从无线 AP信息处理模块 411得到 SSID和密码,根 据该 SSID和密码与对应的路由器进行 WiFi鉴权, 并在鉴权通过后接入到对 应的 WiFi网络。  The authentication module 412 is configured to obtain the SSID and the password from the wireless AP information processing module 411, perform WiFi authentication with the corresponding router according to the SSID and the password, and access the corresponding WiFi network after the authentication is passed.
最后, 结合附图 5对本发明实施例所述终端进行详细说明。  Finally, the terminal according to the embodiment of the present invention is described in detail with reference to FIG.
如图 5所示, 图 5为本发明实施例所述终端的结构示意图, 包括: 无线 AP信息处理模块 501 , 其设置成利用 NFC功能从预定的热点信息 存储设备中读取无线 AP信息; 如果存储前对包含有 SSID和密码的无线 AP 信息进行加密,则无线 AP信息处理模块还需要对加密后的无线 AP信息进行 解密后得到 SSID和密码; 以及  As shown in FIG. 5, FIG. 5 is a schematic structural diagram of a terminal according to an embodiment of the present invention, including: a wireless AP information processing module 501 configured to read wireless AP information from a predetermined hotspot information storage device by using an NFC function; The wireless AP information processing module needs to decrypt the encrypted wireless AP information to obtain the SSID and password after storing the wireless AP information including the SSID and the password.
鉴权模块 502, 其设置成根据所述无线 AP信息进行 WiFi鉴权, 具体来 说就是,鉴权模块 502从无线 AP信息处理模块得到 SSID和密码,根据该 SSID 和密码与对应的路由器进行 WiFi鉴权, 并在鉴权通过后接入到对应的 WiFi 网络。  The authentication module 502 is configured to perform WiFi authentication according to the wireless AP information. Specifically, the authentication module 502 obtains an SSID and a password from the wireless AP information processing module, and performs WiFi according to the SSID and the password and the corresponding router. Authentication, and access to the corresponding WiFi network after the authentication is passed.
综上所述, 本发明实施例提供了一种 WiFi鉴权方法、 系统及终端, 由于 In summary, the embodiment of the present invention provides a WiFi authentication method, system, and terminal,
NFC通信具有私密性的特点, 因为其作用距离短, 所以可以有效保护 AP的 作用距离; 同时, AP的 SSID是可以隐藏的, 通过隐藏 SSID, 但是在相关设 备中放入该 SSID, 通过 NFC将 SSID及密码信息读入, 然后通过后台的伺服 程序, 调用 WIFI相关的接口, 来找出该 SSID, 并输入密码, 从而完成鉴权。 NFC communication has the characteristics of privacy. Because its working distance is short, it can effectively protect the working distance of the AP. At the same time, the SSID of the AP can be hidden. By hiding the SSID, but putting the SSID in the relevant device, the NFC will be The SSID and password information are read in, and then the WIFI-related interface is called through the background server to find the SSID and enter the password to complete the authentication.
本发明无需改造 WiFi热点以支持额外的协议,只需要一个能够提供 WiFi 的无线 AP信息的热点信息存储设备, 如酒店的房卡经过简单的数据改造, 就可以完成此功能; 对于终端, 无需改造终端的 WiFi协议, 仅需一个伺服程 序。通过这两者的结合,完成了关于 WiFi鉴权的全过程, 即保证热点的安全, 又节约了成本。  The present invention does not need to modify the WiFi hotspot to support additional protocols, and only needs a hotspot information storage device capable of providing WiFi wireless AP information. For example, the hotel room card can complete this function after simple data modification; The WiFi protocol of the terminal requires only one servo program. Through the combination of the two, the whole process of WiFi authentication is completed, that is, the security of the hotspot is ensured, and the cost is saved.
以上所述, 仅为本发明较佳的具体实施方式, 但本发明的保护范围并不 局限于此, 任何熟悉本技术领域的技术人员在本发明揭露的技术范围内, 可 轻易想到的变化或替换, 都应涵盖在本发明的保护范围之内。 因此, 本发明 的保护范围应该以权利要求书的保护范围为准。 工业实用性 The above is only a preferred embodiment of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can easily think of changes or within the technical scope disclosed by the present invention. Alternatives are intended to be covered by the scope of the present invention. Therefore, the scope of the invention should be determined by the scope of the claims. Industrial applicability
与有关技术相比, 本发明实施方式所提供的方法、 系统以及终端可以有 效保障 WiFi热点的安全。  Compared with related technologies, the method, system and terminal provided by the embodiments of the present invention can effectively protect the security of the WiFi hotspot.

Claims

权 利 要 求 书 claims
1、 一种无线保真 WiFi鉴权方法, 包括: 1. A wireless fidelity WiFi authentication method, including:
预先将无线接入点 AP信息存储于预定的热点信息存储设备中; 以及 终端通过近距离无线通讯 NFC功能从所述热点信息存储设备中读取所述 无线 AP信息, 并根据所述无线 AP信息进行 WiFi鉴权。 Pre-store the wireless access point AP information in a predetermined hotspot information storage device; and the terminal reads the wireless AP information from the hotspot information storage device through the short-range wireless communication NFC function, and based on the wireless AP information Perform WiFi authentication.
2、 根据权利要求 1所述的方法, 其中, 所述无线 AP信息至少包括服务 集标识 SSID和密码; 2. The method according to claim 1, wherein the wireless AP information at least includes a service set identifier SSID and a password;
所述方法还包括: 在存储之前对包含有 SSID和密码的无线 AP信息进行 加密。 The method further includes: encrypting the wireless AP information including the SSID and password before storing.
3、 根据权利要求 2所述的方法, 其中, 终端根据所述无线 AP信息进行 3. The method according to claim 2, wherein the terminal performs the operation according to the wireless AP information.
WiFi鉴权的步骤包括:对加密后的无线 AP信息进行解密后得到 SSID和密码, 根据所述 SSID和密码与对应的路由器进行 WiFi鉴权, 并在鉴权通过后接入 到所述无线 AP信息对应的 WiFi网络。 The steps of WiFi authentication include: decrypting the encrypted wireless AP information to obtain the SSID and password, performing WiFi authentication with the corresponding router based on the SSID and password, and accessing the wireless AP after passing the authentication. The WiFi network corresponding to the information.
4、根据权利要求 3所述的方法,还包括: 当所述终端断开已连接的 WiFi 网络时, 删除所述无线 AP信息的 SSID和密码。 4. The method according to claim 3, further comprising: when the terminal disconnects the connected WiFi network, deleting the SSID and password of the wireless AP information.
5、 根据权利要求 3或 4所述的方法, 还包括: 在所述路由器中设置所述 SSID为隐藏状态。 5. The method according to claim 3 or 4, further comprising: setting the SSID in the router to a hidden state.
6、 根据权利要求 1所述的方法, 其中, 所述热点信息存储设备为存储有 无线 AP信息的非接触式卡片、 NFC设备或者 NFC标签。 6. The method according to claim 1, wherein the hotspot information storage device is a contactless card, NFC device or NFC tag that stores wireless AP information.
7、 一种无线保真 WiFi鉴权系统, 包括: 热点信息存储设备和终端, 其 中, 7. A wireless fidelity WiFi authentication system, including: hotspot information storage device and terminal, wherein,
所述热点信息存储设备设置成存储无线接入点 AP信息; The hotspot information storage device is configured to store wireless access point AP information;
所述终端设置成通过近距离无线通讯 NFC功能从所述热点信息存储设备 中读取无线 AP信息, 并根据所述无线 AP信息进行 WiFi鉴权。 The terminal is configured to read wireless AP information from the hotspot information storage device through the short-range wireless communication NFC function, and perform WiFi authentication based on the wireless AP information.
8、 根据权利要求 7所述的系统, 其中, 所述无线 AP信息至少包括服务 集标识 SSID和密码, 用于在存储前对所述无线 AP信息进行加密; 所述终端 包括: 无线 AP信息处理模块, 其设置成利用 NFC功能从所述热点信息存储设 备中读取加密后的无线 AP信息,并对加密后的无线 AP信息进行解密后得到 SSID和密码; 以及 8. The system according to claim 7, wherein the wireless AP information at least includes a service set identifier SSID and a password, which are used to encrypt the wireless AP information before storage; the terminal includes: A wireless AP information processing module, which is configured to use the NFC function to read the encrypted wireless AP information from the hotspot information storage device, and decrypt the encrypted wireless AP information to obtain the SSID and password; and
鉴权模块, 其设置成从所述无线 AP信息处理模块得到 SSID和密码, 根 据所述 SSID和密码与对应的路由器进行 WiFi鉴权, 并在鉴权通过后接入到 所述无线 AP信息对应的 WiFi网络。 An authentication module, which is configured to obtain the SSID and password from the wireless AP information processing module, perform WiFi authentication with the corresponding router based on the SSID and password, and access the corresponding wireless AP information after passing the authentication. WiFi network.
9、 根据权利要求 8所述的系统, 其中, 所述无线 AP信息处理模块还设 置成当所述终端断开已连接的 WiFi网络时, 删除所述无线 AP信息的 SSID 和密码。 9. The system according to claim 8, wherein the wireless AP information processing module is further configured to delete the SSID and password of the wireless AP information when the terminal disconnects the connected WiFi network.
10、 一种终端, 包括: 无线接入点 AP信息处理模块和鉴权模块, 其中, 所述无线 AP信息处理模块设置成利用近距离无线通讯 NFC功能从预定 的热点信息存储设备中读取无线 AP信息; 以及 10. A terminal, including: a wireless access point AP information processing module and an authentication module, wherein the wireless AP information processing module is configured to use the near field wireless communication (NFC) function to read wireless data from a predetermined hotspot information storage device. AP information; and
所述鉴权模块设置成根据所述无线 AP信息进行 WiFi鉴权。 The authentication module is configured to perform WiFi authentication based on the wireless AP information.
11、 根据权利要求 10所述的终端, 其中, 所述无线 AP信息处理模块还 设置成如果所读取的无线 AP信息在存储前进行了加密处理, 则对所述无线 AP信息进行解密后得到 SSID和密码; 11. The terminal according to claim 10, wherein the wireless AP information processing module is further configured to decrypt the wireless AP information to obtain SSID and password;
所述鉴权模块是设置成通过如下方式进行 WiFi鉴权: 从所述无线 AP信 息处理模块得到 SSID和密码, 根据所述 SSID和密码与对应的路由器进行 WiFi鉴权, 并在鉴权通过后接入到所述无线 AP信息对应的 WiFi网络。 The authentication module is configured to perform WiFi authentication in the following manner: obtain the SSID and password from the wireless AP information processing module, perform WiFi authentication with the corresponding router based on the SSID and password, and after passing the authentication Access the WiFi network corresponding to the wireless AP information.
PCT/CN2013/079196 2012-08-28 2013-07-11 Wireless fidelity authentication method, system and terminal WO2013178136A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN2012103102154A CN102883315A (en) 2012-08-28 2012-08-28 Wireless fidelity (WiFi) authentication method and system, and terminal
CN201210310215.4 2012-08-28

Publications (1)

Publication Number Publication Date
WO2013178136A1 true WO2013178136A1 (en) 2013-12-05

Family

ID=47484417

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2013/079196 WO2013178136A1 (en) 2012-08-28 2013-07-11 Wireless fidelity authentication method, system and terminal

Country Status (2)

Country Link
CN (1) CN102883315A (en)
WO (1) WO2013178136A1 (en)

Families Citing this family (32)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102883315A (en) * 2012-08-28 2013-01-16 中兴通讯股份有限公司 Wireless fidelity (WiFi) authentication method and system, and terminal
CN103945369B (en) * 2013-01-18 2017-12-19 杭州古北电子科技有限公司 A kind of length by checking WIFI packets realizes the Internet-surfing configuration method of WIFI equipment
US9432910B2 (en) 2013-03-11 2016-08-30 Futurewei Technologies, Inc. System and method for WiFi authentication and selection
CN103281759A (en) * 2013-05-28 2013-09-04 北京推博信息技术有限公司 WIFI (wireless fidelity) network access method and device, electronic equipment and communication system
CN103281752A (en) * 2013-05-28 2013-09-04 北京推博信息技术有限公司 WIFI (wireless fidelity) network access method and device, electronic equipment and communication system
CN104254070B (en) * 2013-06-25 2019-11-08 南京中兴新软件有限责任公司 WiFi cut-in method, intelligent terminal and routing device
CN103546200A (en) * 2013-08-26 2014-01-29 深圳Tcl新技术有限公司 Data transmission method and system based on near-field communication
CN103619017A (en) * 2013-11-22 2014-03-05 福州瑞芯微电子有限公司 Method and system for wireless router authorized connection based on NFC technology
KR102118049B1 (en) * 2013-12-19 2020-06-09 엘지전자 주식회사 robot cleaner, robot cleaner system and a control method of the same
CN105165071A (en) * 2013-12-20 2015-12-16 华为终端有限公司 Wireless access method and relevant device and system
CN103874164B (en) * 2014-02-28 2017-06-06 上海升途智能系统有限公司 Method, system and the mobile terminal device of WIFI are connected by NFC
CN105025477A (en) * 2014-04-29 2015-11-04 华晶科技股份有限公司 Wireless security automatic pairing method, network connection establishing method and wireless access point device
CN103987040A (en) * 2014-05-07 2014-08-13 华晶科技股份有限公司 Bluetooth-assisting online connection establishment method and wireless access point device
CN104010309B (en) * 2014-05-19 2018-12-21 百度在线网络技术(北京)有限公司 The method and terminal of connection are established between access point and terminal
CN104010352B (en) * 2014-05-19 2017-12-26 百度在线网络技术(北京)有限公司 Connection method and related device between router and smart machine
MX2017005790A (en) * 2014-11-04 2017-10-23 Huawei Tech Co Ltd Hidden hotspot access method and device.
CN104410969A (en) * 2014-11-07 2015-03-11 广东欧珀移动通信有限公司 Wireless fidelity (WIFI) hotspot hiding method and terminal equipment
CN105704780A (en) * 2014-11-24 2016-06-22 中兴通讯股份有限公司 Wireless network access method and device
CN104410949A (en) * 2014-12-22 2015-03-11 上海斐讯数据通信技术有限公司 System and method for adding mobile equipment into white list of router
CN104834863A (en) * 2015-03-31 2015-08-12 努比亚技术有限公司 Wi-Fi password storage method and apparatus
CN105848090A (en) * 2016-03-30 2016-08-10 乐视控股(北京)有限公司 Router, terminal device, access method thereof and device thereof
CN105873034A (en) * 2016-05-19 2016-08-17 徐美琴 Safe hot spot information processing method
CN106101058A (en) * 2016-05-19 2016-11-09 郑建钦 A kind of hot information processing method based on Quick Response Code
CN106028327A (en) * 2016-05-19 2016-10-12 徐美琴 Method for realizing hotspot security through authentication server
CN107548062A (en) * 2016-06-29 2018-01-05 联芯科技有限公司 Storage method, wifi connection methods and the device of wifi passwords
CN106572488B (en) * 2016-11-02 2021-01-08 捷开通讯(深圳)有限公司 WIFI hotspot sharing method of terminal equipment and terminal equipment
CN107968994A (en) * 2017-11-29 2018-04-27 北京小米移动软件有限公司 Method for building up, the apparatus and system of LAN
RU2679882C1 (en) * 2018-03-12 2019-02-14 Хуавей Дивайс (Дунгуань) Ко., Лтд Wireless access method and associated device and system
CN108696866A (en) * 2018-05-14 2018-10-23 四川斐讯信息技术有限公司 A kind of wireless connection method and system, wireless terminal, radio reception device
CN108684067A (en) * 2018-05-14 2018-10-19 四川斐讯信息技术有限公司 Time-based wireless connection method and system, radio reception device
CN111010693B (en) * 2019-11-25 2023-10-03 华为技术有限公司 Method for providing wireless fidelity network access service and electronic equipment
CN113225788B (en) * 2021-04-20 2023-04-07 Oppo广东移动通信有限公司 WiFi connection method and device, electronic equipment and readable storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101873719A (en) * 2010-05-31 2010-10-27 华为终端有限公司 Method, device and system for configuring wireless fidelity (WIFI) parameter
WO2010145142A1 (en) * 2009-06-30 2010-12-23 中兴通讯股份有限公司 Monitoring system, monitoring method and wireless fidelity local system of monitoring system
CN102315864A (en) * 2011-09-07 2012-01-11 百度在线网络技术(北京)有限公司 Method of point-to-point data transmission for mobile device and device
CN202210805U (en) * 2011-07-08 2012-05-02 陈利人 Wireless fidelity device, wireless receiving device and short-distance wireless broadcast system
CN102883315A (en) * 2012-08-28 2013-01-16 中兴通讯股份有限公司 Wireless fidelity (WiFi) authentication method and system, and terminal

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8532304B2 (en) * 2005-04-04 2013-09-10 Nokia Corporation Administration of wireless local area networks
CN101114901B (en) * 2006-07-26 2010-08-25 联想(北京)有限公司 Safety authentication system, apparatus and method for non-contact type wireless data transmission
CN102547566A (en) * 2012-01-06 2012-07-04 南京中兴软创科技股份有限公司 Location-based multimedia information pushing method in wireless local area network and pushing system thereof

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2010145142A1 (en) * 2009-06-30 2010-12-23 中兴通讯股份有限公司 Monitoring system, monitoring method and wireless fidelity local system of monitoring system
CN101873719A (en) * 2010-05-31 2010-10-27 华为终端有限公司 Method, device and system for configuring wireless fidelity (WIFI) parameter
CN202210805U (en) * 2011-07-08 2012-05-02 陈利人 Wireless fidelity device, wireless receiving device and short-distance wireless broadcast system
CN102315864A (en) * 2011-09-07 2012-01-11 百度在线网络技术(北京)有限公司 Method of point-to-point data transmission for mobile device and device
CN102883315A (en) * 2012-08-28 2013-01-16 中兴通讯股份有限公司 Wireless fidelity (WiFi) authentication method and system, and terminal

Also Published As

Publication number Publication date
CN102883315A (en) 2013-01-16

Similar Documents

Publication Publication Date Title
WO2013178136A1 (en) Wireless fidelity authentication method, system and terminal
JP5739072B2 (en) System and method for encoding exchanges using a set of shared ephemeral key data
EP2988534A2 (en) Method of configuring wireless connection via near field communication function and image forming apparatus for performing the method
US20190116046A1 (en) Privacy preserving tag
AU2015261578B2 (en) Communication control apparatus, authentication device, central control apparatus and communication system
JP2019537871A5 (en)
CN106572427B (en) Method and device for establishing near field communication
CA3126812A1 (en) Improved handling of unique identifiers for stations
CN103458382A (en) Hardware encryption transmission and storage method and system of mobile phone private short messages
US11042866B2 (en) Mobile device and method for accessing access point of wireless LAN
CN102761870A (en) Terminal authentication and service authentication method, system and terminal
JP6397046B2 (en) Address book protection method, apparatus and communication system
KR20130030474A (en) System and method for communicating bewteen nfc terminals
CN103458101B (en) The hardware encryption storage method of a kind of mobile phone privacy contact person and system
WO2017219642A1 (en) Information sharing method and system
JP6349712B2 (en) Mobile device setting method
KR20140103579A (en) System and method for authentication of wiress network using near field communication
JP7099461B2 (en) Wireless communication equipment, wireless communication methods and wireless communication systems
US10708762B2 (en) Method and apparatus for virtualizing SIM card, terminal and network side device
JP6056467B2 (en) Wireless terminal and wireless communication device
WO2016045168A1 (en) Data processing method and data processing apparatus
KR101604927B1 (en) Automatic connection ststem and method using near field communication
TWI577145B (en) Method for encrypted data transmission of near field communication device and system thereof
JP4585529B2 (en) Mobile terminal, ID information concealment method, and ID information inquiry method
JP6160479B2 (en) Wireless connection apparatus and method for setting wireless communication

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 13798082

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 13798082

Country of ref document: EP

Kind code of ref document: A1