WO2018076675A1 - Network access method, routing device and terminal, and computer storage medium - Google Patents

Network access method, routing device and terminal, and computer storage medium Download PDF

Info

Publication number
WO2018076675A1
WO2018076675A1 PCT/CN2017/085495 CN2017085495W WO2018076675A1 WO 2018076675 A1 WO2018076675 A1 WO 2018076675A1 CN 2017085495 W CN2017085495 W CN 2017085495W WO 2018076675 A1 WO2018076675 A1 WO 2018076675A1
Authority
WO
WIPO (PCT)
Prior art keywords
terminal
authentication
activation
identifier
unit
Prior art date
Application number
PCT/CN2017/085495
Other languages
French (fr)
Chinese (zh)
Inventor
常少宝
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2018076675A1 publication Critical patent/WO2018076675A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security

Definitions

  • the present disclosure relates to wireless access technologies in the field of communications, and in particular, to a network access method, a routing device, and a terminal and a computer storage medium.
  • wireless routing devices With the popularity of smart terminal devices, wireless routing devices have become the necessary Internet access devices for most users.
  • the user usually logs in to the wireless routing device by using the Service Set Identifier (SSID) and the password Password to access the network.
  • SSID Service Set Identifier
  • the existing method of accessing the wireless routing device can be easily cracked, thereby affecting the user's network security and network stability.
  • the embodiments of the present invention provide a network access method, a routing device, and a terminal, which use a dual authentication connection network to improve network security and stability.
  • an embodiment of the present invention provides a network access method, where the method includes:
  • the authentication information carries at least the identification information of the first terminal
  • the generating an activation identifier corresponding to the first terminal includes:
  • the performing, by the activation identifier, performing network connection second authentication on the first terminal includes:
  • the method further includes:
  • the identifier information of the first terminal and the activation code corresponding to the first terminal are stored in a database, and an initial identifier status of the first terminal in the database is an inactive state.
  • the performing, by the activation identifier, performing network connection second authentication on the first terminal includes:
  • the first authentication of the network connection by the first terminal according to the authentication information sent by the first terminal includes:
  • the authentication information carries at least a service set identifier and a password
  • an embodiment of the present invention provides a network access method, where the method includes:
  • an activation identifier where the activation identifier carries a uniform resource locator address, where the uniform resource locator address is used by the first terminal to connect to the routing device network for the second authentication;
  • the method before the obtaining the activation identifier, the method further includes:
  • the authentication information is sent to the routing device, and the authentication information carries at least the identifier information, the service set identifier, and the password of the first terminal, so that the routing device performs network connection first authentication on the first terminal according to the authentication information.
  • an embodiment of the present invention provides a routing device, where the device includes: an authentication unit, a determining unit, and a generating unit, where
  • the authentication unit is configured to perform network connection on the first terminal according to the authentication information sent by the first terminal.
  • the determining unit is configured to determine, if the first authentication of the first terminal is successful, whether the identity status of the first terminal is an active state;
  • the generating unit is configured to generate an activation identifier corresponding to the first terminal if the identifier status of the first terminal is an inactive state;
  • the authentication unit is further configured to perform network connection second authentication on the first terminal by using the activation identifier.
  • the authentication information carries at least the identification information of the first terminal
  • the generating unit is configured to generate a uniform resource locator address according to the identifier information of the first terminal and the activation code, and generate a two-dimensional code according to the uniform resource locator address, where the two-dimensional code is Activate the logo.
  • the device further includes: a display unit, a receiving unit, and a processing unit,
  • the display unit is configured to display the two-dimensional code, so that the first terminal performs network connection second authentication by using the two-dimensional code;
  • the receiving unit is configured to receive an activation request sent by the first terminal
  • the processing unit is configured to modify an identity state of the first terminal in the database to an activated state, where the second authentication of the first terminal is successful.
  • the device further includes: a storage unit, configured to store the identification information of the first terminal and an activation code corresponding to the first terminal in a database, where the first in the database The initial identity status of the terminal is inactive.
  • the device further includes: an obtaining unit, a sending unit, a receiving unit, and a processing unit,
  • the acquiring unit is configured to acquire a second terminal in a network coverage area, where the second terminal is installed with an application for acquiring the two-dimensional code;
  • the sending unit is configured to send the two-dimensional code to the second terminal, so that the first terminal acquires the two-dimensional code by using the second terminal;
  • the receiving unit is configured to receive an activation request sent by the first terminal
  • the processing unit is configured to modify an identity state of the first terminal in the database to an activated state, where the second authentication of the first terminal is successful.
  • the device further includes: a receiving unit, configured to receive, send by the first terminal Authentication information, the authentication information carrying at least a service set identifier and a password;
  • the authentication unit is configured to perform network connection first authentication on the first terminal according to the service set identifier and password.
  • an embodiment of the present invention provides a terminal, where the terminal includes: an acquiring unit, and a sending unit, where
  • the obtaining unit is configured to obtain an activation identifier, where the activation identifier carries a uniform resource locator address, where the uniform resource locator address is used for the first terminal to connect to the routing device network for the second authentication, and is further configured to activate according to the Identify the activation request;
  • the sending unit is configured to send the activation request to the routing device, so that the routing device connects the first terminal to the network according to the activation request.
  • the sending unit is further configured to send the authentication information to the routing device, where the authentication information carries at least the identifier information, the service set identifier, and the password of the first terminal, so that the routing device is configured according to the The authentication information performs a network connection first authentication on the first terminal.
  • the embodiment of the invention further provides a computer storage medium, wherein the computer storage medium stores computer executable instructions, and the computer executable instructions are used to perform at least one of the foregoing methods.
  • the embodiment of the present invention provides a network access method, a routing device, and a terminal, performing network connection first authentication on the first terminal according to the authentication information sent by the first terminal; if the first authentication of the first terminal is successful Determining whether the identity status of the first terminal is an active state; if the identity status of the first terminal is an inactive state, generating an activation identifier corresponding to the first terminal, by using the activation identifier A terminal performs a second connection of the network connection.
  • the network access method, the routing device, and the terminal provided by the embodiment of the present invention use the dual authentication to connect to the routing device, and the terminal performs the first authentication by using the authentication information.
  • the routing device After the first authentication, the routing device generates an activation identifier for the terminal, and the activation is performed by the terminal.
  • the identification performs the second authentication, and the terminal can access the routing device after the double authentication, thereby improving the network security and stability, and the operation is fast, safe and reliable, and can effectively block software such as the wifi universal key.
  • FIG. 1 is a schematic flowchart 1 of a network access method according to an embodiment of the present invention.
  • FIG. 2 is a second schematic flowchart of a network access method according to an embodiment of the present invention.
  • FIG. 3 is a schematic flowchart 3 of a network access method according to an embodiment of the present disclosure
  • FIG. 4 is a schematic diagram of a process of a network access method according to an embodiment of the present disclosure
  • FIG. 5 is a schematic structural diagram 1 of a routing device according to an embodiment of the present disclosure.
  • FIG. 6 is a schematic structural diagram 2 of a routing device according to an embodiment of the present disclosure.
  • FIG. 7 is a schematic structural diagram of a terminal according to an embodiment of the present invention.
  • the embodiment of the invention provides a network access method. As shown in FIG. 1 , the method includes:
  • Step 101 Perform network connection first authentication on the first terminal according to the authentication information sent by the first terminal.
  • the execution entity of the network access method provided by the embodiment of the present invention is a routing device, and the routing device may be a wireless routing device, such as a router.
  • a router also known as a gateway, is used to connect multiple logically separate networks.
  • a logical network is a single network or a subnet. When data is transferred from one subnet to another, it can be done through the routing function of the router. Therefore, the router has the function of judging the network address and selecting the IP path. It can establish a flexible connection in a multi-network interconnection environment, and can connect various subnets by completely different data packets and media access methods, and the router only accepts the source station or The information of other routers is an interconnected device at the network layer.
  • the routing device performs the first connection of the network connection to the first terminal according to the authentication information sent by the first terminal, and may include:
  • the routing device receives the authentication information sent by the first terminal, where the authentication information carries at least a service set identifier and a password, and performs network connection first authentication on the first terminal according to the service set identifier and the password.
  • SSID Service Set Identifie
  • Step 102 If the first authentication of the first terminal is successful, determine whether the identity status of the first terminal is an active state.
  • the terminal device uses the SSID and the password to connect to the wireless routing device; after receiving the connection request of the terminal, the wireless routing device determines whether the terminal has performed the second authentication, that is, the wireless routing device determines whether the MAC address of the terminal has been Activated.
  • MAC Media access control
  • Physical address hardware address
  • MAC Media Access Control
  • Medium Access Control Media Access Control
  • the Layer 3 network layer is responsible for the IP address
  • the Layer 2 data link layer is responsible for the MAC address, so a host will have a MAC address, and each network location will have an IP address specific to it.
  • Step 103 If the identity status of the first terminal is in an inactive state, generate an activation identifier corresponding to the first terminal, and perform network connection second authentication on the first terminal by using the activation identifier.
  • the wireless routing device determines whether the MAC address of the terminal has been activated, and if it has been activated, determines that the second authentication has been performed, and directly accesses, if the identity status of the first terminal is inactive, then determining If the second authentication is not performed, the terminal needs to perform the second authentication.
  • the authentication information carries at least the identifier information of the first terminal.
  • the generating the activation identifier corresponding to the first terminal may include:
  • the method further includes:
  • the identifier information of the first terminal and the activation code corresponding to the first terminal are stored in a database, and an initial identifier status of the first terminal in the database is an inactive state.
  • the performing, by using the activation identifier, performing network connection second authentication on the first terminal includes:
  • the performing, by using the activation identifier, performing network connection second authentication on the first terminal includes:
  • UUID Universally Unique Identifier
  • UUID refers to the number generated on one machine, which is guaranteed to be unique to all machines in the same time and space.
  • the purpose of UUID is to allow all elements in a distributed system to have unique identification information without the need to specify the identification information through the central console, so that each terminal can be established without conflicting with other terminals.
  • each information resource has a unified and unique address on the network.
  • the address is called a Uniform Resource Locator (URL), which is a unified resource location identifier of the WWW, which refers to a network address. .
  • URL Uniform Resource Locator
  • the wireless routing device randomly generates a UUID as the activation code of the first terminal, and saves the MAC address of the first terminal and the activation code in a database of the wireless routing device, where the initial state in the database is that the user is not activated. Then, construct a URL address including the terminal device MAC address and the activation code, use the URL address to generate a QR code, and display it on the screen of the wireless router, and send the QR code to the wireless routing device without the integrated display screen.
  • the second terminal that can obtain the APP of the two-dimensional code is installed in the coverage of the wireless routing network; the first terminal device scans the two-dimensional code on the wireless routing device or the screen of the second terminal to initiate an activation request to the wireless routing device. , that is, the second certification.
  • the wireless routing device changes the state of the first terminal in the database to be activated, so that the second authentication is completed, and the first terminal successfully accesses the network of the wireless routing device.
  • the activation operation can be completed by inputting the URL address below the QR code through the browser.
  • the network access method provided by the embodiment of the present invention uses a dual authentication connection routing device, and the terminal performs the first authentication by using the authentication information. After the first authentication, the routing device generates an activation identifier for the terminal, and performs the second authentication by using the activation identifier. The terminal can access the routing device after being authenticated by two, thereby improving network security and stability.
  • the embodiment of the invention provides a network access method. As shown in FIG. 2, the method includes:
  • Step 201 Acquire an activation identifier, where the activation identifier carries a uniform resource locator address, where the uniform resource locator address is used by the first terminal to connect to the routing device network for the second authentication.
  • the executor of the network access method provided by the embodiment of the present invention is a first terminal, and the first terminal may be a mobile phone, a computer, a tablet computer, or the like, and is specifically a terminal device that can be connected to a routing device for networking.
  • the first terminal device performs the first authentication by sending the service set identifier and the password to the routing device. After the first authentication succeeds, the routing device randomly generates the UUID as the activation code of the first terminal, and the MAC of the first terminal is used.
  • the address and the activation code are stored in the database of the wireless routing device, and the initial state in the database is that the user is not activated.
  • the routing device constructs a URL address including the MAC address of the terminal device and the activation code, and uses the URL address to generate a two-dimensional code, and the terminal acquires the two-dimensional code.
  • Step 202 Acquire an activation request according to the activation identifier, and send the activation request to the routing device, so that the routing device connects the first terminal to the network according to the activation request.
  • the method further includes:
  • the authentication information is sent to the routing device, and the authentication information carries at least the identifier information, the service set identifier, and the password of the first terminal, so that the routing device performs network connection first authentication on the first terminal according to the authentication information.
  • the identifier information of the first terminal may be specifically the MAC address of the first terminal.
  • the first terminal device uses the SSID and the password to connect to the routing device, and the routing device performs the first authentication according to the SSID and the password first terminal.
  • the network access method provided by the embodiment of the present invention uses a dual authentication connection routing device, and the terminal performs the first authentication by using the authentication information. After the first authentication, the routing device generates an activation identifier for the terminal, and performs the second authentication by using the activation identifier. The terminal can access the routing device after being authenticated by two, thereby improving network security and stability.
  • the embodiment of the invention provides a network access method. As shown in FIG. 3, the method may include:
  • Step 301 The first terminal sends the authentication information to the routing device.
  • the authentication information carries at least the identifier information, the service set identifier, and the password of the first terminal.
  • the identifier information of the first terminal may be specifically the MAC address of the first terminal.
  • Step 302 The routing device receives the authentication information sent by the first terminal.
  • Step 303 The routing device performs network connection first authentication on the first terminal according to the service set identifier and the password.
  • Step 304 If the first authentication of the first terminal is successful, the routing device determines whether the identity status of the first terminal is an active state.
  • Step 305 If the identity status of the first terminal is inactive, the routing device randomly generates an activation code corresponding to the first terminal, and stores the identifier information of the first terminal and the activation code corresponding to the first terminal in a database. Generating a uniform resource locator address by using the identification information of the first terminal and the activation code, according to the unified resource The source locator address generates a two-dimensional code, and the two-dimensional code is the activation identifier.
  • Step 306 The routing device displays the two-dimensional code.
  • Step 307 The first terminal acquires the two-dimensional code, obtains an activation request according to the two-dimensional code, and sends an activation request to the routing device.
  • Step 308 The routing device receives the activation request sent by the first terminal, and changes the identity status of the first terminal in the database to an active state, and the second authentication of the first terminal is successful.
  • acquiring a second terminal in the network coverage where the second terminal installs an application for acquiring the two-dimensional code, and sending the two-dimensional code to the second terminal, so that the first terminal passes the
  • the second terminal acquires the two-dimensional code; receives the activation request sent by the first terminal, and changes the identification status of the first terminal in the database to an activated state, and the second authentication of the first terminal is successful.
  • the first terminal accesses the wireless routing device for the first time, firstly using the SSID and the password access mode to perform the first authentication of the network connection, and connecting the wireless routing device, because the MAC address of the first terminal
  • the wireless router device has not been connected before, so the wireless router randomly generates an activation code, and saves the activation code and MAC address in the database, and displays the QR code with the URL address of the MAC address and the activation code in the wireless route.
  • the first terminal scans the two-dimensional code, or enters a URL address in the browser to perform activation, that is, second authentication.
  • the wireless routing device modifies the state of the terminal to be activated, so that the first terminal accesses the wireless routing device successfully.
  • the SSID and the password access mode are first used to perform the first authentication of the network connection, and the wireless routing device is connected, because the MAC address of the first terminal has been activated before. Therefore, direct access is successful.
  • the network access method provided by the embodiment of the present invention uses a dual authentication connection routing device, and the terminal performs the first authentication by using the authentication information. After the first authentication, the routing device generates an activation identifier for the terminal, and performs the second authentication by using the activation identifier. The terminal can access the routing device after being authenticated by two, thereby improving network security and stability.
  • the embodiment of the present invention provides a routing device 40.
  • the device 40 includes an authentication unit 401, a determining unit 402, and a generating unit 403.
  • the authentication unit 401 is configured to perform network connection first authentication on the first terminal according to the authentication information sent by the first terminal.
  • the determining unit 402 is configured to determine, if the first authentication of the first terminal is successful, whether the identity status of the first terminal is an active state;
  • the generating unit 403 is configured to generate an activation identifier corresponding to the first terminal if the identifier status of the first terminal is an inactive state;
  • the authentication unit 401 is further configured to perform network connection second authentication on the first terminal by using the activation identifier.
  • the authentication information carries at least the identifier information of the first terminal
  • the generating unit 403 is specifically configured to generate a uniform resource locator address according to the identifier information of the first terminal and the activation code, and generate a two-dimensional code according to the uniform resource locator address, where the two-dimensional code is Description of the activation identifier;
  • the device further includes: a display unit 404, a receiving unit 405, and a processing unit 406.
  • the display unit 404 is configured to display the two-dimensional code, so that the first terminal performs network connection second authentication by using the two-dimensional code;
  • the receiving unit 405 is configured to receive an activation request sent by the first terminal
  • the processing unit 406 is configured to modify an identity state of the first terminal in the database to an activated state, where the second authentication of the first terminal is successful.
  • the device further includes: a storage unit 407, configured to store the identifier information of the first terminal and an activation code corresponding to the first terminal in a database, where The initial identification status of the first terminal is an inactive state.
  • the device further includes: an obtaining unit 408, a sending unit 409, a receiving unit 405, and a processing unit 406.
  • the acquiring unit 408 is configured to acquire a second terminal in a network coverage area, where the second terminal is installed with an application for acquiring the two-dimensional code;
  • the sending unit 409 is configured to send the two-dimensional code to the second terminal, so that the first terminal acquires the two-dimensional code by using the second terminal;
  • the receiving unit 405 is configured to receive an activation request sent by the first terminal
  • the processing unit 406 is configured to modify an identity state of the first terminal in the database to an activated state, where the second authentication of the first terminal is successful.
  • the device further includes: a receiving unit 405, configured to receive authentication information sent by the first terminal, where the authentication information carries at least a service set identifier and a password;
  • the authentication unit 401 is configured to perform network connection on the first terminal according to the service set identifier and password. Receive the first certification.
  • routing device For a detailed description of the routing device provided by the embodiment of the present invention, reference may be made to the description of the foregoing embodiment of the network access method, and details are not described herein again.
  • the routing device uses the dual authentication to connect to the routing device, and the terminal performs the first authentication by using the authentication information. After the first authentication, the routing device generates an activation identifier for the terminal, and performs the second authentication by using the activation identifier. After the two-factor authentication, the routing device can be accessed, thereby improving network security and stability.
  • the embodiment of the present invention provides a terminal.
  • the terminal 50 includes: an obtaining unit 501 and a sending unit 502, where
  • the obtaining unit 501 is configured to obtain an activation identifier, where the activation identifier carries a uniform resource locator address, where the uniform resource locator address is used by the first terminal to connect to the routing device network for the second authentication; Activate the identification to obtain an activation request;
  • the sending unit 502 is configured to send the activation request to the routing device, so that the routing device connects the first terminal to the network according to the activation request.
  • the sending unit 502 is further configured to send the authentication information to the routing device, where the authentication information carries at least the identifier information, the service set identifier, and the password of the first terminal, so that the routing device is configured according to the authentication information.
  • the first terminal performs network connection first authentication.
  • the description of the terminal provided by the embodiment of the present invention may be referred to the description of the foregoing embodiment of the network access method, and details are not described herein again.
  • the terminal provided by the embodiment of the present invention uses the dual authentication to connect to the routing device, and the terminal performs the first authentication by using the authentication information. After the first authentication, the routing device generates an activation identifier for the terminal, and performs the second authentication by using the activation identifier. After the two-factor authentication, the routing device can be accessed, thereby improving network security and stability.
  • embodiments of the present invention can be provided as a method, system, or computer program product.
  • embodiments of the invention may take the form of a hardware embodiment, a software embodiment, or a combination of software and hardware aspects.
  • embodiments of the invention may take the form of a computer program product embodied on one or more computer-usable storage media (including but not limited to disk storage and optical storage, etc.) including computer usable program code.
  • the computer program instructions can also be stored in a computer readable memory that can direct a computer or other programmable data processing device to operate in a particular manner, such that the instructions stored in the computer readable memory produce an article of manufacture comprising the instruction device.
  • the apparatus implements the functions specified in one or more blocks of a flow or a flow and/or block diagram of the flowchart.
  • These computer program instructions can also be loaded onto a computer or other programmable data processing device such that a series of operational steps are performed on a computer or other programmable device to produce computer-implemented processing for execution on a computer or other programmable device.
  • the instructions provide steps for implementing the functions specified in one or more of the flow or in a block or blocks of a flow diagram.
  • the first terminal performs network connection first authentication according to the authentication information sent by the first terminal; if the first authentication of the first terminal succeeds, the first is determined. Whether the identity status of the terminal is an active state; if the identity status of the first terminal is an inactive state, generating an activation identifier corresponding to the first terminal, and performing network connection on the first terminal by using the activation identifier Second certification.
  • the network access method, the routing device, and the terminal provided by the embodiment of the present invention use the dual authentication to connect to the routing device, and the terminal performs the first authentication by using the authentication information.
  • the routing device After the first authentication, the routing device generates an activation identifier for the terminal, and the activation is performed by the terminal.
  • the identification performs the second authentication, and the terminal can access the routing device after the double authentication, thereby improving the network security and stability, and the operation is fast, safe and reliable, and can effectively block software such as the wifi universal key.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

Disclosed in an embodiment of the present invention is a network access method, comprising: performing a first network connection authentication on a first terminal according to authentication information sent by the first terminal; if the first authentication of the first terminal is successful, determining whether the state of an identifier of the first terminal is an activated state; and if the state of the identifier of the first terminal is an inactive state, generating an activation identifier corresponding to the first terminal and performing a second network connection authentication on the first terminal by means of the activation identifier. Also disclosed in the embodiments of the present invention are a routing device and a terminal.

Description

一种网络接入方法、路由设备和终端和计算机存储介质Network access method, routing device and terminal and computer storage medium 技术领域Technical field
本公开涉及通信领域的无线接入技术,尤其涉及一种网络接入方法、路由设备和终端和计算机存储介质。The present disclosure relates to wireless access technologies in the field of communications, and in particular, to a network access method, a routing device, and a terminal and a computer storage medium.
背景技术Background technique
随着智能终端设备的普及,无线路由设备成了大多数用户必备的上网接入设备。现有技术中,用户在终端通常使用服务集标识(SSID,Service Set Identifier)和密码Password登录无线路由设备,从而接入网络。然而,随着无线局域网wifi万能钥匙等软件的出现,现有接入无线路由设备的方法很容易被破解,从而,影响用户的网络安全性和网络稳定性。With the popularity of smart terminal devices, wireless routing devices have become the necessary Internet access devices for most users. In the prior art, the user usually logs in to the wireless routing device by using the Service Set Identifier (SSID) and the password Password to access the network. However, with the advent of software such as the wireless LAN wifi universal key, the existing method of accessing the wireless routing device can be easily cracked, thereby affecting the user's network security and network stability.
发明内容Summary of the invention
本发明实施例提供一种网络接入方法、路由设备和终端,使用双重认证连接网络,提高了网络安全性和稳定性。The embodiments of the present invention provide a network access method, a routing device, and a terminal, which use a dual authentication connection network to improve network security and stability.
本发明实施例的技术方案如下。The technical solution of the embodiment of the present invention is as follows.
第一方面,本发明实施例提供了一种网络接入方法,所述方法包括:In a first aspect, an embodiment of the present invention provides a network access method, where the method includes:
根据第一终端发送的认证信息对所述第一终端进行网络连接第一认证;Performing network connection first authentication on the first terminal according to the authentication information sent by the first terminal;
若所述第一终端的第一认证成功,确定所述第一终端的标识状态是否为激活状态;If the first authentication of the first terminal is successful, determining whether the identity status of the first terminal is an active state;
若所述第一终端的标识状态为未激活状态,生成与所述第一终端对应的激活标识,通过所述激活标识对所述第一终端进行网络连接第二认证。And if the identity status of the first terminal is in an inactive state, generating an activation identifier corresponding to the first terminal, and performing network connection second authentication on the first terminal by using the activation identifier.
根据一示例性实施例,所述认证信息至少携带第一终端的标识信息;According to an exemplary embodiment, the authentication information carries at least the identification information of the first terminal;
所述生成与所述第一终端对应的激活标识,包括:The generating an activation identifier corresponding to the first terminal includes:
随机生成与所述第一终端对应的激活码;Generating an activation code corresponding to the first terminal randomly;
根据所述第一终端的标识信息和所述激活码生成统一资源定位符地址,根据所述统一资源定位符地址生成二维码,所述二维码为所述激活标识。Generating a uniform resource locator address according to the identifier information of the first terminal and the activation code, and generating a two-dimensional code according to the uniform resource locator address, where the two-dimensional code is the activation identifier.
根据一示例性实施例,所述通过所述激活标识对所述第一终端进行网络连接第二认证,包括: According to an exemplary embodiment, the performing, by the activation identifier, performing network connection second authentication on the first terminal includes:
显示所述二维码,以使得所述第一终端通过所述二维码进行网络连接第二认证;Displaying the two-dimensional code, so that the first terminal performs network connection second authentication by using the two-dimensional code;
接收所述第一终端发送的激活请求,将数据库中所述第一终端的标识状态修改为激活状态,所述第一终端的第二认证成功。Receiving the activation request sent by the first terminal, modifying the identity status of the first terminal in the database to an active state, and the second authentication of the first terminal is successful.
根据一示例性实施例,在所述随机生成与所述第一终端对应的激活码之后,所述方法还包括:According to an exemplary embodiment, after the randomly generating an activation code corresponding to the first terminal, the method further includes:
将所述第一终端的标识信息和所述第一终端对应的激活码存储在数据库中,所述数据库中所述第一终端的初始标识状态为未激活状态。The identifier information of the first terminal and the activation code corresponding to the first terminal are stored in a database, and an initial identifier status of the first terminal in the database is an inactive state.
根据一示例性实施例,所述通过所述激活标识对所述第一终端进行网络连接第二认证,包括:According to an exemplary embodiment, the performing, by the activation identifier, performing network connection second authentication on the first terminal includes:
获取网络覆盖范围内的第二终端,所述第二终端上安装获取所述二维码的应用;Acquiring a second terminal in the network coverage area, where the second terminal is installed with an application for acquiring the two-dimensional code;
发送所述二维码至第二终端,以使得所述第一终端通过所述第二终端获取所述二维码;Sending the two-dimensional code to the second terminal, so that the first terminal acquires the two-dimensional code by using the second terminal;
接收所述第一终端发送的激活请求,将数据库中所述第一终端的标识状态修改为激活状态,所述第一终端的第二认证成功。Receiving the activation request sent by the first terminal, modifying the identity status of the first terminal in the database to an active state, and the second authentication of the first terminal is successful.
根据一示例性实施例,所述根据第一终端发送的认证信息对所述第一终端进行网络连接第一认证,包括:According to an exemplary embodiment, the first authentication of the network connection by the first terminal according to the authentication information sent by the first terminal includes:
接收所述第一终端发送的认证信息,所述认证信息至少携带服务集标识和密码;Receiving the authentication information sent by the first terminal, where the authentication information carries at least a service set identifier and a password;
根据所述服务集标识和密码对所述第一终端进行网络连接第一认证。Performing network connection first authentication on the first terminal according to the service set identifier and password.
第二方面,本发明实施例提供了一种网络接入方法,所述方法包括:In a second aspect, an embodiment of the present invention provides a network access method, where the method includes:
获取激活标识,所述激活标识携带统一资源定位符地址,所述统一资源定位符地址用于第一终端与路由设备网络连接第二认证;Obtaining an activation identifier, where the activation identifier carries a uniform resource locator address, where the uniform resource locator address is used by the first terminal to connect to the routing device network for the second authentication;
根据所述激活标识获取激活请求,发送所述激活请求至所述路由设备,以使得所述路由设备根据所述激活请求将所述第一终端连接网络。Obtaining an activation request according to the activation identifier, and sending the activation request to the routing device, so that the routing device connects the first terminal to the network according to the activation request.
根据一示例性实施例,在所述获取激活标识之前,还包括:According to an exemplary embodiment, before the obtaining the activation identifier, the method further includes:
发送认证信息至路由设备,所述认证信息至少携带第一终端的标识信息、服务集标识和密码,以使得所述路由设备根据所述认证信息对所述第一终端进行网络连接第一认证。The authentication information is sent to the routing device, and the authentication information carries at least the identifier information, the service set identifier, and the password of the first terminal, so that the routing device performs network connection first authentication on the first terminal according to the authentication information.
第三方面,本发明实施例提供了一种路由设备,所述设备包括:认证单元、确定单元、生成单元,其中,In a third aspect, an embodiment of the present invention provides a routing device, where the device includes: an authentication unit, a determining unit, and a generating unit, where
所述认证单元,用于根据第一终端发送的认证信息对所述第一终端进行网络连接 第一认证;The authentication unit is configured to perform network connection on the first terminal according to the authentication information sent by the first terminal. First certification;
所述确定单元,用于若所述第一终端的第一认证成功,确定所述第一终端的标识状态是否为激活状态;The determining unit is configured to determine, if the first authentication of the first terminal is successful, whether the identity status of the first terminal is an active state;
所述生成单元,用于若所述第一终端的标识状态为未激活状态,生成与所述第一终端对应的激活标识;The generating unit is configured to generate an activation identifier corresponding to the first terminal if the identifier status of the first terminal is an inactive state;
所述认证单元,还用于通过所述激活标识对所述第一终端进行网络连接第二认证。The authentication unit is further configured to perform network connection second authentication on the first terminal by using the activation identifier.
根据一示例性实施例,所述认证信息至少携带第一终端的标识信息;According to an exemplary embodiment, the authentication information carries at least the identification information of the first terminal;
所述生成单元,具体用于根据所述第一终端的标识信息和所述激活码生成统一资源定位符地址,根据所述统一资源定位符地址生成二维码,所述二维码为所述激活标识。The generating unit is configured to generate a uniform resource locator address according to the identifier information of the first terminal and the activation code, and generate a two-dimensional code according to the uniform resource locator address, where the two-dimensional code is Activate the logo.
根据一示例性实施例,所述设备还包括:显示单元、接收单元、处理单元,According to an exemplary embodiment, the device further includes: a display unit, a receiving unit, and a processing unit,
所述显示单元,用于显示所述二维码,以使得所述第一终端通过所述二维码进行网络连接第二认证;The display unit is configured to display the two-dimensional code, so that the first terminal performs network connection second authentication by using the two-dimensional code;
所述接收单元,用于接收所述第一终端发送的激活请求;The receiving unit is configured to receive an activation request sent by the first terminal;
所述处理单元,用于将数据库中所述第一终端的标识状态修改为激活状态,所述第一终端的第二认证成功。The processing unit is configured to modify an identity state of the first terminal in the database to an activated state, where the second authentication of the first terminal is successful.
根据一示例性实施例,所述设备还包括:存储单元,用于将所述第一终端的标识信息和所述第一终端对应的激活码存储在数据库中,所述数据库中所述第一终端的初始标识状态为未激活状态。According to an exemplary embodiment, the device further includes: a storage unit, configured to store the identification information of the first terminal and an activation code corresponding to the first terminal in a database, where the first in the database The initial identity status of the terminal is inactive.
根据一示例性实施例,所述设备还包括:获取单元、发送单元、接收单元、处理单元,According to an exemplary embodiment, the device further includes: an obtaining unit, a sending unit, a receiving unit, and a processing unit,
所述获取单元,用于获取网络覆盖范围内的第二终端,所述第二终端上安装获取所述二维码的应用;The acquiring unit is configured to acquire a second terminal in a network coverage area, where the second terminal is installed with an application for acquiring the two-dimensional code;
所述发送单元,用于发送所述二维码至第二终端,以使得所述第一终端通过所述第二终端获取所述二维码;The sending unit is configured to send the two-dimensional code to the second terminal, so that the first terminal acquires the two-dimensional code by using the second terminal;
所述接收单元,用于接收所述第一终端发送的激活请求;The receiving unit is configured to receive an activation request sent by the first terminal;
所述处理单元,用于将数据库中所述第一终端的标识状态修改为激活状态,所述第一终端的第二认证成功。The processing unit is configured to modify an identity state of the first terminal in the database to an activated state, where the second authentication of the first terminal is successful.
根据一示例性实施例,所述设备还包括:接收单元,用于接收所述第一终端发送 的认证信息,所述认证信息至少携带服务集标识和密码;According to an exemplary embodiment, the device further includes: a receiving unit, configured to receive, send by the first terminal Authentication information, the authentication information carrying at least a service set identifier and a password;
所述认证单元,用于根据所述服务集标识和密码对所述第一终端进行网络连接第一认证。The authentication unit is configured to perform network connection first authentication on the first terminal according to the service set identifier and password.
第四方面,本发明实施例提供了一种终端,所述终端包括:获取单元、发送单元,其中,In a fourth aspect, an embodiment of the present invention provides a terminal, where the terminal includes: an acquiring unit, and a sending unit, where
所述获取单元,用于获取激活标识,所述激活标识携带统一资源定位符地址,所述统一资源定位符地址用于第一终端与路由设备网络连接第二认证,还用于根据所述激活标识获取激活请求;The obtaining unit is configured to obtain an activation identifier, where the activation identifier carries a uniform resource locator address, where the uniform resource locator address is used for the first terminal to connect to the routing device network for the second authentication, and is further configured to activate according to the Identify the activation request;
所述发送单元,用于发送所述激活请求至所述路由设备,以使得所述路由设备根据所述激活请求将所述第一终端连接网络。The sending unit is configured to send the activation request to the routing device, so that the routing device connects the first terminal to the network according to the activation request.
根据一示例性实施例,所述发送单元,还用于发送认证信息至路由设备,所述认证信息至少携带第一终端的标识信息、服务集标识和密码,以使得所述路由设备根据所述认证信息对所述第一终端进行网络连接第一认证。According to an exemplary embodiment, the sending unit is further configured to send the authentication information to the routing device, where the authentication information carries at least the identifier information, the service set identifier, and the password of the first terminal, so that the routing device is configured according to the The authentication information performs a network connection first authentication on the first terminal.
本发明实施例还提供一种计算机存储介质,所述计算机存储介质中存储有计算机可执行指令,所述计算机可执行指令用于执行上述方法中的至少其中之一。The embodiment of the invention further provides a computer storage medium, wherein the computer storage medium stores computer executable instructions, and the computer executable instructions are used to perform at least one of the foregoing methods.
本发明实施例提供了一种网络接入方法、路由设备和终端,根据第一终端发送的认证信息对所述第一终端进行网络连接第一认证;若所述第一终端的第一认证成功,确定所述第一终端的标识状态是否为激活状态;若所述第一终端的标识状态为未激活状态,生成与所述第一终端对应的激活标识,通过所述激活标识对所述第一终端进行网络连接第二认证。本发明实施例提供的网络接入方法、路由设备和终端,使用双重认证连接路由设备,终端通过认证信息进行第一认证,通过后第一认证,路由设备为该终端生成激活标识,通过该激活标识进行第二认证,终端通过双重认证后才可以接入路由设备,从而,提高了网络安全性和稳定性,而且操作快捷,安全可靠,能有效拦截wifi万能钥匙等软件。The embodiment of the present invention provides a network access method, a routing device, and a terminal, performing network connection first authentication on the first terminal according to the authentication information sent by the first terminal; if the first authentication of the first terminal is successful Determining whether the identity status of the first terminal is an active state; if the identity status of the first terminal is an inactive state, generating an activation identifier corresponding to the first terminal, by using the activation identifier A terminal performs a second connection of the network connection. The network access method, the routing device, and the terminal provided by the embodiment of the present invention use the dual authentication to connect to the routing device, and the terminal performs the first authentication by using the authentication information. After the first authentication, the routing device generates an activation identifier for the terminal, and the activation is performed by the terminal. The identification performs the second authentication, and the terminal can access the routing device after the double authentication, thereby improving the network security and stability, and the operation is fast, safe and reliable, and can effectively block software such as the wifi universal key.
附图说明DRAWINGS
在附图(其不一定是按比例绘制的)中,相似的附图标记可在不同的视图中描述相似的部件。具有不同字母后缀的相似附图标记可表示相似部件的不同示例。附图以示例而非限制的方式大体示出了本文中所讨论的各个实施例。In the drawings, which are not necessarily to scale, the Like reference numerals with different letter suffixes may indicate different examples of similar components. The drawings generally illustrate the various embodiments discussed herein by way of example and not limitation.
图1为本发明实施例提供的网络接入方法流程示意图一; 1 is a schematic flowchart 1 of a network access method according to an embodiment of the present invention;
图2为本发明实施例提供的网络接入方法流程示意图二;2 is a second schematic flowchart of a network access method according to an embodiment of the present invention;
图3为本发明实施例提供的网络接入方法流程示意图三;FIG. 3 is a schematic flowchart 3 of a network access method according to an embodiment of the present disclosure;
图4为本发明实施例提供的网络接入方法流程示例图;FIG. 4 is a schematic diagram of a process of a network access method according to an embodiment of the present disclosure;
图5为本发明实施例提供的路由设备结构示意图一;FIG. 5 is a schematic structural diagram 1 of a routing device according to an embodiment of the present disclosure;
图6为本发明实施例提供的路由设备结构示意图二;FIG. 6 is a schematic structural diagram 2 of a routing device according to an embodiment of the present disclosure;
图7为本发明实施例提供的终端结构示意图。FIG. 7 is a schematic structural diagram of a terminal according to an embodiment of the present invention.
具体实施方式detailed description
下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述。The technical solutions in the embodiments of the present invention will be clearly and completely described in the following with reference to the accompanying drawings.
本发明实施例提供一种网络接入方法,如图1所示,所述方法包括:The embodiment of the invention provides a network access method. As shown in FIG. 1 , the method includes:
步骤101、根据第一终端发送的认证信息对所述第一终端进行网络连接第一认证。Step 101: Perform network connection first authentication on the first terminal according to the authentication information sent by the first terminal.
本发明实施例提供的网络接入方法的执行主体为路由设备,该路由设备可以为无线路由设备,例如路由器。The execution entity of the network access method provided by the embodiment of the present invention is a routing device, and the routing device may be a wireless routing device, such as a router.
路由器(Router)又称网关设备(Gateway)是用于连接多个逻辑上分开的网络,所谓逻辑网络是代表一个单独的网络或者一个子网。当数据从一个子网传输到另一个子网时,可通过路由器的路由功能来完成。因此,路由器具有判断网络地址和选择IP路径的功能,它能在多网络互联环境中,建立灵活的连接,可用完全不同的数据分组和介质访问方法连接各种子网,路由器只接受源站或其他路由器的信息,属网络层的一种互联设备。A router, also known as a gateway, is used to connect multiple logically separate networks. A logical network is a single network or a subnet. When data is transferred from one subnet to another, it can be done through the routing function of the router. Therefore, the router has the function of judging the network address and selecting the IP path. It can establish a flexible connection in a multi-network interconnection environment, and can connect various subnets by completely different data packets and media access methods, and the router only accepts the source station or The information of other routers is an interconnected device at the network layer.
具体的,路由设备根据第一终端发送的认证信息对第一终端进行网络连接第一认证,可以包括:Specifically, the routing device performs the first connection of the network connection to the first terminal according to the authentication information sent by the first terminal, and may include:
路由设备接收所述第一终端发送的认证信息,所述认证信息至少携带服务集标识和密码;根据所述服务集标识和密码对所述第一终端进行网络连接第一认证。The routing device receives the authentication information sent by the first terminal, where the authentication information carries at least a service set identifier and a password, and performs network connection first authentication on the first terminal according to the service set identifier and the password.
服务集标识(SSID,Service Set Identifie)技术可以将一个无线局域网分为几个需要不同身份验证的子网络,每一个子网络都需要独立的身份验证,只有通过身份验证的用户才可以进入相应的子网络,防止未被授权的用户进入本网络。Service Set Identifie (SSID) technology can divide a wireless local area network into several sub-networks that require different authentication. Each sub-network needs independent authentication. Only authenticated users can enter the corresponding A subnet prevents unauthorized users from entering the network.
步骤102、若所述第一终端的第一认证成功,确定所述第一终端的标识状态是否为激活状态。 Step 102: If the first authentication of the first terminal is successful, determine whether the identity status of the first terminal is an active state.
具体的,终端设备使用SSID和Password连接无线路由设备;无线路由设备在收到该终端的连接请求后,先判断该终端是否进行过第二认证,即无线路由设备判断该终端的MAC地址是否已经被激活。Specifically, the terminal device uses the SSID and the password to connect to the wireless routing device; after receiving the connection request of the terminal, the wireless routing device determines whether the terminal has performed the second authentication, that is, the wireless routing device determines whether the MAC address of the terminal has been Activated.
其中,媒体访问控制,或称为物理地址、硬件地址(MAC,Media Access Control或者Medium Access Control)用来定义网络设备的位置。在OSI模型中,第三层网络层负责IP地址,第二层数据链路层则负责MAC地址,因此一个主机会有一个MAC地址,而每个网络位置会有一个专属于它的IP地址。Media access control, or physical address, hardware address (MAC, Media Access Control, or Medium Access Control) is used to define the location of the network device. In the OSI model, the Layer 3 network layer is responsible for the IP address, and the Layer 2 data link layer is responsible for the MAC address, so a host will have a MAC address, and each network location will have an IP address specific to it.
步骤103、若所述第一终端的标识状态为未激活状态,生成与所述第一终端对应的激活标识,通过所述激活标识对所述第一终端进行网络连接第二认证。Step 103: If the identity status of the first terminal is in an inactive state, generate an activation identifier corresponding to the first terminal, and perform network connection second authentication on the first terminal by using the activation identifier.
具体的,无线路由设备判断该终端的MAC地址是否已经被激活,如果已经被激活,则确定已经进行过第二认证,则直接接入,如果第一终端的标识状态为未激活状态,则确定未进行第二认证,则需要对该终端进行第二认证。Specifically, the wireless routing device determines whether the MAC address of the terminal has been activated, and if it has been activated, determines that the second authentication has been performed, and directly accesses, if the identity status of the first terminal is inactive, then determining If the second authentication is not performed, the terminal needs to perform the second authentication.
其中,所述认证信息至少携带第一终端的标识信息。The authentication information carries at least the identifier information of the first terminal.
具体的,所述生成与所述第一终端对应的激活标识,可以包括:Specifically, the generating the activation identifier corresponding to the first terminal may include:
随机生成与所述第一终端对应的激活码;Generating an activation code corresponding to the first terminal randomly;
根据所述第一终端的标识信息和所述激活码生成统一资源定位符地址,根据所述统一资源定位符地址生成二维码,所述二维码为所述激活标识。Generating a uniform resource locator address according to the identifier information of the first terminal and the activation code, and generating a two-dimensional code according to the uniform resource locator address, where the two-dimensional code is the activation identifier.
进一步地,在所述随机生成与所述第一终端对应的激活码之后,所述方法还包括:Further, after the activating the activation code corresponding to the first terminal, the method further includes:
将所述第一终端的标识信息和所述第一终端对应的激活码存储在数据库中,所述数据库中所述第一终端的初始标识状态为未激活状态。The identifier information of the first terminal and the activation code corresponding to the first terminal are stored in a database, and an initial identifier status of the first terminal in the database is an inactive state.
一种可能的实现方式中,所述通过所述激活标识对所述第一终端进行网络连接第二认证,包括:In a possible implementation manner, the performing, by using the activation identifier, performing network connection second authentication on the first terminal includes:
显示所述二维码,以使得所述第一终端通过所述二维码进行网络连接第二认证;Displaying the two-dimensional code, so that the first terminal performs network connection second authentication by using the two-dimensional code;
接收所述第一终端发送的激活请求,将数据库中所述第一终端的标识状态修改为激活状态,所述第一终端的第二认证成功。Receiving the activation request sent by the first terminal, modifying the identity status of the first terminal in the database to an active state, and the second authentication of the first terminal is successful.
一种可能的实现方式中,所述通过所述激活标识对所述第一终端进行网络连接第二认证,包括:In a possible implementation manner, the performing, by using the activation identifier, performing network connection second authentication on the first terminal includes:
获取网络覆盖范围内的第二终端,所述第二终端上安装获取所述二维码的应用;Acquiring a second terminal in the network coverage area, where the second terminal is installed with an application for acquiring the two-dimensional code;
发送所述二维码至第二终端,以使得所述第一终端通过所述第二终端获取所述二维码; Sending the two-dimensional code to the second terminal, so that the first terminal acquires the two-dimensional code by using the second terminal;
接收所述第一终端发送的激活请求,将数据库中所述第一终端的标识状态修改为激活状态,所述第一终端的第二认证成功。Receiving the activation request sent by the first terminal, modifying the identity status of the first terminal in the database to an active state, and the second authentication of the first terminal is successful.
其中,通用唯一识别码(UUID,Universally Unique Identifier),UUID是指在一台机器上生成的数字,它保证对在同一时空中的所有机器都是唯一的。UUID的目的,是让分布式系统中的所有元素,都能有唯一的辨识资讯,而不需要透过中央控制端来做辨识资讯的指定,这样,每个终端都可以建立不与其它终端冲突的UUID。Among them, UUID (Universally Unique Identifier), UUID refers to the number generated on one machine, which is guaranteed to be unique to all machines in the same time and space. The purpose of UUID is to allow all elements in a distributed system to have unique identification information without the need to specify the identification information through the central console, so that each terminal can be established without conflicting with other terminals. UUID.
其中,在WWW上,每一信息资源都有统一的且在网上唯一的地址,该地址就叫统一资源定位符(URL,Uniform Resource Locator),它是WWW的统一资源定位标志,就是指网络地址。Among them, on the WWW, each information resource has a unified and unique address on the network. The address is called a Uniform Resource Locator (URL), which is a unified resource location identifier of the WWW, which refers to a network address. .
具体的,无线路由设备随机生成UUID,作为第一终端的激活码,并将该第一终端的MAC地址和该激活码保存在无线路由设备的数据库中,数据库中的初始状态是用户未激活。然后,构建一个包含终端设备MAC地址、激活码的URL地址,使用该URL地址生成二维码,并显示在无线路由器的屏幕上,对于未集成显示屏的无线路由设备,将该二维码发送到本无线路由网络覆盖范围内已安装可以获取二维码的APP的第二终端;第一终端设备扫描无线路由设备上或者第二终端屏幕上的二维码即可向无线路由设备发起激活请求,即第二认证。无线路由设备在收到激活请求后,将该第一终端在数据库中的状态改为已激活,这样,第二认证完成,第一终端成功接入无线路由设备的网络。Specifically, the wireless routing device randomly generates a UUID as the activation code of the first terminal, and saves the MAC address of the first terminal and the activation code in a database of the wireless routing device, where the initial state in the database is that the user is not activated. Then, construct a URL address including the terminal device MAC address and the activation code, use the URL address to generate a QR code, and display it on the screen of the wireless router, and send the QR code to the wireless routing device without the integrated display screen. The second terminal that can obtain the APP of the two-dimensional code is installed in the coverage of the wireless routing network; the first terminal device scans the two-dimensional code on the wireless routing device or the screen of the second terminal to initiate an activation request to the wireless routing device. , that is, the second certification. After receiving the activation request, the wireless routing device changes the state of the first terminal in the database to be activated, so that the second authentication is completed, and the first terminal successfully accesses the network of the wireless routing device.
需要说明的是,对于无法扫描二维码的设备,如笔记本电脑、智能电视等设备,在第二认证的时候,可以通过浏览器输入二维码下方的URL地址,即可完成激活操作。It should be noted that for devices that cannot scan the QR code, such as laptops, smart TVs, etc., in the second authentication, the activation operation can be completed by inputting the URL address below the QR code through the browser.
本发明实施例提供的网络接入方法,使用双重认证连接路由设备,终端通过认证信息进行第一认证,通过后第一认证,路由设备为该终端生成激活标识,通过该激活标识进行第二认证,终端通过双重认证后才可以接入路由设备,从而,提高了网络安全性和稳定性。The network access method provided by the embodiment of the present invention uses a dual authentication connection routing device, and the terminal performs the first authentication by using the authentication information. After the first authentication, the routing device generates an activation identifier for the terminal, and performs the second authentication by using the activation identifier. The terminal can access the routing device after being authenticated by two, thereby improving network security and stability.
本发明实施例提供一种网络接入方法,如图2所示,所述方法包括:The embodiment of the invention provides a network access method. As shown in FIG. 2, the method includes:
步骤201、获取激活标识,所述激活标识携带统一资源定位符地址,所述统一资源定位符地址用于第一终端与路由设备网络连接第二认证。Step 201: Acquire an activation identifier, where the activation identifier carries a uniform resource locator address, where the uniform resource locator address is used by the first terminal to connect to the routing device network for the second authentication.
本发明实施例提供的网络接入方法的执行主体为第一终端,该第一终端可以为手机、电脑、平板电脑等,具体为可以连接路由设备联网的终端设备。 The executor of the network access method provided by the embodiment of the present invention is a first terminal, and the first terminal may be a mobile phone, a computer, a tablet computer, or the like, and is specifically a terminal device that can be connected to a routing device for networking.
具体的,第一终端设备通过向路由设备发送服务集标识和密码进行第一认证,第一认证成功后,路由设备随机生成UUID,作为第一终端的激活码,并将该第一终端的MAC地址和该激活码保存在无线路由设备的数据库中,数据库中的初始状态是用户未激活。路由设备构建一个包含终端设备MAC地址、激活码的URL地址,使用该URL地址生成二维码,终端获取该二维码。Specifically, the first terminal device performs the first authentication by sending the service set identifier and the password to the routing device. After the first authentication succeeds, the routing device randomly generates the UUID as the activation code of the first terminal, and the MAC of the first terminal is used. The address and the activation code are stored in the database of the wireless routing device, and the initial state in the database is that the user is not activated. The routing device constructs a URL address including the MAC address of the terminal device and the activation code, and uses the URL address to generate a two-dimensional code, and the terminal acquires the two-dimensional code.
步骤202、根据所述激活标识获取激活请求,发送所述激活请求至所述路由设备,以使得所述路由设备根据所述激活请求将所述第一终端连接网络。Step 202: Acquire an activation request according to the activation identifier, and send the activation request to the routing device, so that the routing device connects the first terminal to the network according to the activation request.
进一步地,在所述获取激活标识之前,还包括:Further, before the obtaining the activation identifier, the method further includes:
发送认证信息至路由设备,所述认证信息至少携带第一终端的标识信息、服务集标识和密码,以使得所述路由设备根据所述认证信息对所述第一终端进行网络连接第一认证。The authentication information is sent to the routing device, and the authentication information carries at least the identifier information, the service set identifier, and the password of the first terminal, so that the routing device performs network connection first authentication on the first terminal according to the authentication information.
其中,第一终端的标识信息具体可以为第一终端的MAC地址。The identifier information of the first terminal may be specifically the MAC address of the first terminal.
具体的,第一终端设备使用SSID和Password连接路由设备,路由设备根据SSID和Password第一终端进行第一认证。Specifically, the first terminal device uses the SSID and the password to connect to the routing device, and the routing device performs the first authentication according to the SSID and the password first terminal.
本发明实施例提供的网络接入方法,使用双重认证连接路由设备,终端通过认证信息进行第一认证,通过后第一认证,路由设备为该终端生成激活标识,通过该激活标识进行第二认证,终端通过双重认证后才可以接入路由设备,从而,提高了网络安全性和稳定性。The network access method provided by the embodiment of the present invention uses a dual authentication connection routing device, and the terminal performs the first authentication by using the authentication information. After the first authentication, the routing device generates an activation identifier for the terminal, and performs the second authentication by using the activation identifier. The terminal can access the routing device after being authenticated by two, thereby improving network security and stability.
本发明实施例提供一种网络接入方法,如图3所示,所述方法可以包括:The embodiment of the invention provides a network access method. As shown in FIG. 3, the method may include:
步骤301、第一终端发送认证信息至路由设备。Step 301: The first terminal sends the authentication information to the routing device.
其中,所述认证信息至少携带第一终端的标识信息、服务集标识和密码。第一终端的标识信息具体可以为第一终端的MAC地址。The authentication information carries at least the identifier information, the service set identifier, and the password of the first terminal. The identifier information of the first terminal may be specifically the MAC address of the first terminal.
步骤302、路由设备接收第一终端发送的认证信息。Step 302: The routing device receives the authentication information sent by the first terminal.
步骤303、路由设备根据服务集标识和密码对所述第一终端进行网络连接第一认证。Step 303: The routing device performs network connection first authentication on the first terminal according to the service set identifier and the password.
步骤304、若第一终端的第一认证成功,路由设备确定第一终端的标识状态是否为激活状态。Step 304: If the first authentication of the first terminal is successful, the routing device determines whether the identity status of the first terminal is an active state.
步骤305、若第一终端的标识状态为未激活状态,路由设备随机生成与第一终端对应的激活码,将第一终端的标识信息和第一终端对应的激活码存储在数据库中,根据所述第一终端的标识信息和所述激活码生成统一资源定位符地址,根据所述统一资 源定位符地址生成二维码,所述二维码为所述激活标识。Step 305: If the identity status of the first terminal is inactive, the routing device randomly generates an activation code corresponding to the first terminal, and stores the identifier information of the first terminal and the activation code corresponding to the first terminal in a database. Generating a uniform resource locator address by using the identification information of the first terminal and the activation code, according to the unified resource The source locator address generates a two-dimensional code, and the two-dimensional code is the activation identifier.
步骤306、路由设备显示二维码。Step 306: The routing device displays the two-dimensional code.
步骤307、第一终端获取二维码,根据二维码获取激活请求,发送激活请求至路由设备。Step 307: The first terminal acquires the two-dimensional code, obtains an activation request according to the two-dimensional code, and sends an activation request to the routing device.
步骤308、路由设备接收第一终端发送的激活请求,将数据库中第一终端的标识状态修改为激活状态,第一终端的第二认证成功。Step 308: The routing device receives the activation request sent by the first terminal, and changes the identity status of the first terminal in the database to an active state, and the second authentication of the first terminal is successful.
可选的,获取网络覆盖范围内的第二终端,所述第二终端上安装获取所述二维码的应用;发送所述二维码至第二终端,以使得所述第一终端通过所述第二终端获取所述二维码;接收所述第一终端发送的激活请求,将数据库中所述第一终端的标识状态修改为激活状态,所述第一终端的第二认证成功。Optionally, acquiring a second terminal in the network coverage, where the second terminal installs an application for acquiring the two-dimensional code, and sending the two-dimensional code to the second terminal, so that the first terminal passes the The second terminal acquires the two-dimensional code; receives the activation request sent by the first terminal, and changes the identification status of the first terminal in the database to an activated state, and the second authentication of the first terminal is successful.
示例性的,如图4所示,第一终端第一次接入无线路由设备,首先使用SSID和Password接入方式进行网络连接第一次认证,连接无线路由设备,由于第一终端的MAC地址之前没有连接过无线路由设备,所以无线路由器会随机生成激活码,并将该激活码和MAC地址保存在数据库中,同时将附带有MAC地址和激活码的URL地址的二维码显示在无线路由设备或者第二终端的屏幕上。第一终端扫描二维码,或者在浏览器输入URL地址,进行激活,即第二认证。无线路由设备在收到该激活请求后,将该终端的状态修改为已激活,这样,第一终端接入无线路由设备成功。Exemplarily, as shown in FIG. 4, the first terminal accesses the wireless routing device for the first time, firstly using the SSID and the password access mode to perform the first authentication of the network connection, and connecting the wireless routing device, because the MAC address of the first terminal The wireless router device has not been connected before, so the wireless router randomly generates an activation code, and saves the activation code and MAC address in the database, and displays the QR code with the URL address of the MAC address and the activation code in the wireless route. On the screen of the device or the second terminal. The first terminal scans the two-dimensional code, or enters a URL address in the browser to perform activation, that is, second authentication. After receiving the activation request, the wireless routing device modifies the state of the terminal to be activated, so that the first terminal accesses the wireless routing device successfully.
当第一终端在首次接入成功后,再次连接无线路由器时,首先使用SSID和Password接入方式进行网络连接第一次认证,连接无线路由设备,由于该第一终端的MAC地址之前已经激活成功,因此直接接入成功。When the first terminal successfully connects to the wireless router after the first access is successful, the SSID and the password access mode are first used to perform the first authentication of the network connection, and the wireless routing device is connected, because the MAC address of the first terminal has been activated before. Therefore, direct access is successful.
本发明实施例提供的网络接入方法,使用双重认证连接路由设备,终端通过认证信息进行第一认证,通过后第一认证,路由设备为该终端生成激活标识,通过该激活标识进行第二认证,终端通过双重认证后才可以接入路由设备,从而,提高了网络安全性和稳定性。The network access method provided by the embodiment of the present invention uses a dual authentication connection routing device, and the terminal performs the first authentication by using the authentication information. After the first authentication, the routing device generates an activation identifier for the terminal, and performs the second authentication by using the activation identifier. The terminal can access the routing device after being authenticated by two, thereby improving network security and stability.
本发明是实施例提供一种路由设备40,如图5所示,所述设备40包括:认证单元401、确定单元402、生成单元403,其中,The embodiment of the present invention provides a routing device 40. As shown in FIG. 5, the device 40 includes an authentication unit 401, a determining unit 402, and a generating unit 403.
所述认证单元401,用于根据第一终端发送的认证信息对所述第一终端进行网络连接第一认证;The authentication unit 401 is configured to perform network connection first authentication on the first terminal according to the authentication information sent by the first terminal.
所述确定单元402,用于若所述第一终端的第一认证成功,确定所述第一终端的标识状态是否为激活状态; The determining unit 402 is configured to determine, if the first authentication of the first terminal is successful, whether the identity status of the first terminal is an active state;
所述生成单元403,用于若所述第一终端的标识状态为未激活状态,生成与所述第一终端对应的激活标识;The generating unit 403 is configured to generate an activation identifier corresponding to the first terminal if the identifier status of the first terminal is an inactive state;
所述认证单元401,还用于通过所述激活标识对所述第一终端进行网络连接第二认证。The authentication unit 401 is further configured to perform network connection second authentication on the first terminal by using the activation identifier.
进一步地,所述认证信息至少携带第一终端的标识信息;Further, the authentication information carries at least the identifier information of the first terminal;
所述生成单元403,具体用于根据所述第一终端的标识信息和所述激活码生成统一资源定位符地址,根据所述统一资源定位符地址生成二维码,所述二维码为所述激活标识;The generating unit 403 is specifically configured to generate a uniform resource locator address according to the identifier information of the first terminal and the activation code, and generate a two-dimensional code according to the uniform resource locator address, where the two-dimensional code is Description of the activation identifier;
进一步地,如图6所示,所述设备还包括:显示单元404、接收单元405、处理单元406,Further, as shown in FIG. 6, the device further includes: a display unit 404, a receiving unit 405, and a processing unit 406.
所述显示单元404,用于显示所述二维码,以使得所述第一终端通过所述二维码进行网络连接第二认证;The display unit 404 is configured to display the two-dimensional code, so that the first terminal performs network connection second authentication by using the two-dimensional code;
所述接收单元405,用于接收所述第一终端发送的激活请求;The receiving unit 405 is configured to receive an activation request sent by the first terminal;
所述处理单元406,用于将数据库中所述第一终端的标识状态修改为激活状态,所述第一终端的第二认证成功。The processing unit 406 is configured to modify an identity state of the first terminal in the database to an activated state, where the second authentication of the first terminal is successful.
进一步地,如图6所示,所述设备还包括:存储单元407,用于将所述第一终端的标识信息和所述第一终端对应的激活码存储在数据库中,所述数据库中所述第一终端的初始标识状态为未激活状态。Further, as shown in FIG. 6, the device further includes: a storage unit 407, configured to store the identifier information of the first terminal and an activation code corresponding to the first terminal in a database, where The initial identification status of the first terminal is an inactive state.
进一步地,如图6所示,所述设备还包括:获取单元408、发送单元409、接收单元405、处理单元406,Further, as shown in FIG. 6, the device further includes: an obtaining unit 408, a sending unit 409, a receiving unit 405, and a processing unit 406.
所述获取单元408,用于获取网络覆盖范围内的第二终端,所述第二终端上安装获取所述二维码的应用;The acquiring unit 408 is configured to acquire a second terminal in a network coverage area, where the second terminal is installed with an application for acquiring the two-dimensional code;
所述发送单元409,用于发送所述二维码至第二终端,以使得所述第一终端通过所述第二终端获取所述二维码;The sending unit 409 is configured to send the two-dimensional code to the second terminal, so that the first terminal acquires the two-dimensional code by using the second terminal;
所述接收单元405,用于接收所述第一终端发送的激活请求;The receiving unit 405 is configured to receive an activation request sent by the first terminal;
所述处理单元406,用于将数据库中所述第一终端的标识状态修改为激活状态,所述第一终端的第二认证成功。The processing unit 406 is configured to modify an identity state of the first terminal in the database to an activated state, where the second authentication of the first terminal is successful.
进一步地,如图6所示,所述设备还包括:接收单元405,用于接收所述第一终端发送的认证信息,所述认证信息至少携带服务集标识和密码;Further, as shown in FIG. 6, the device further includes: a receiving unit 405, configured to receive authentication information sent by the first terminal, where the authentication information carries at least a service set identifier and a password;
所述认证单元401,用于根据所述服务集标识和密码对所述第一终端进行网络连 接第一认证。The authentication unit 401 is configured to perform network connection on the first terminal according to the service set identifier and password. Receive the first certification.
具体的,本发明实施例提供的路由设备的理解可以参考上述网络接入方法的实施例的说明,本发明实施例在此不再赘述。For a detailed description of the routing device provided by the embodiment of the present invention, reference may be made to the description of the foregoing embodiment of the network access method, and details are not described herein again.
本发明实施例提供的路由设备,使用双重认证连接路由设备,终端通过认证信息进行第一认证,通过后第一认证,路由设备为该终端生成激活标识,通过该激活标识进行第二认证,终端通过双重认证后才可以接入路由设备,从而,提高了网络安全性和稳定性。The routing device provided by the embodiment of the present invention uses the dual authentication to connect to the routing device, and the terminal performs the first authentication by using the authentication information. After the first authentication, the routing device generates an activation identifier for the terminal, and performs the second authentication by using the activation identifier. After the two-factor authentication, the routing device can be accessed, thereby improving network security and stability.
本发明实施例提供一种终端,如图7所示,所述终端50包括:获取单元501、发送单元502,其中,The embodiment of the present invention provides a terminal. As shown in FIG. 7, the terminal 50 includes: an obtaining unit 501 and a sending unit 502, where
所述获取单元501,用于获取激活标识,所述激活标识携带统一资源定位符地址,所述统一资源定位符地址用于第一终端与路由设备网络连接第二认证;还用于根据所述激活标识获取激活请求;The obtaining unit 501 is configured to obtain an activation identifier, where the activation identifier carries a uniform resource locator address, where the uniform resource locator address is used by the first terminal to connect to the routing device network for the second authentication; Activate the identification to obtain an activation request;
所述发送单元502,用于发送所述激活请求至所述路由设备,以使得所述路由设备根据所述激活请求将所述第一终端连接网络。The sending unit 502 is configured to send the activation request to the routing device, so that the routing device connects the first terminal to the network according to the activation request.
进一步地,所述发送单元502,还用于发送认证信息至路由设备,所述认证信息至少携带第一终端的标识信息、服务集标识和密码,以使得所述路由设备根据所述认证信息对所述第一终端进行网络连接第一认证。Further, the sending unit 502 is further configured to send the authentication information to the routing device, where the authentication information carries at least the identifier information, the service set identifier, and the password of the first terminal, so that the routing device is configured according to the authentication information. The first terminal performs network connection first authentication.
具体的,本发明实施例提供的终端的理解可以参考上述网络接入方法的实施例的说明,本发明实施例在此不再赘述。Specifically, the description of the terminal provided by the embodiment of the present invention may be referred to the description of the foregoing embodiment of the network access method, and details are not described herein again.
本发明实施例提供的终端,使用双重认证连接路由设备,终端通过认证信息进行第一认证,通过后第一认证,路由设备为该终端生成激活标识,通过该激活标识进行第二认证,终端通过双重认证后才可以接入路由设备,从而,提高了网络安全性和稳定性。The terminal provided by the embodiment of the present invention uses the dual authentication to connect to the routing device, and the terminal performs the first authentication by using the authentication information. After the first authentication, the routing device generates an activation identifier for the terminal, and performs the second authentication by using the activation identifier. After the two-factor authentication, the routing device can be accessed, thereby improving network security and stability.
本领域内的技术人员应明白,本发明的实施例可提供为方法、系统、或计算机程序产品。因此,本发明的实施例可采用硬件实施例、软件实施例、或结合软件和硬件方面的实施例的形式。而且,本发明的实施例可采用在一个或多个其中包含有计算机可用程序代码的计算机可用存储介质(包括但不限于磁盘存储器和光学存储器等)上实施的计算机程序产品的形式。Those skilled in the art will appreciate that embodiments of the present invention can be provided as a method, system, or computer program product. Thus, embodiments of the invention may take the form of a hardware embodiment, a software embodiment, or a combination of software and hardware aspects. Moreover, embodiments of the invention may take the form of a computer program product embodied on one or more computer-usable storage media (including but not limited to disk storage and optical storage, etc.) including computer usable program code.
本发明是参照根据本发明实施例的方法、设备(系统)、和计算机程序产品的流程图和/或方框图来描述的。应理解可由计算机程序指令实现流程图和/或方框图中的 每一流程和/或方框、以及流程图和/或方框图中的流程和/或方框的结合。可提供这些计算机程序指令到通用计算机、专用计算机、嵌入式处理机或其他可编程数据处理设备的处理器以产生一个机器,使得通过计算机或其他可编程数据处理设备的处理器执行的指令产生用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的装置。The present invention has been described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (system), and computer program products according to embodiments of the invention. It should be understood that the flowchart and/or block diagrams can be implemented by computer program instructions. Combinations of processes and/or blocks in each of the processes and/or blocks, and in the flowcharts and/or block diagrams. These computer program instructions can be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing device to produce a machine for the execution of instructions for execution by a processor of a computer or other programmable data processing device. Means for implementing the functions specified in one or more of the flow or in a block or blocks of the flow chart.
这些计算机程序指令也可存储在能引导计算机或其他可编程数据处理设备以特定方式工作的计算机可读存储器中,使得存储在该计算机可读存储器中的指令产生包括指令装置的制造品,该指令装置实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能。The computer program instructions can also be stored in a computer readable memory that can direct a computer or other programmable data processing device to operate in a particular manner, such that the instructions stored in the computer readable memory produce an article of manufacture comprising the instruction device. The apparatus implements the functions specified in one or more blocks of a flow or a flow and/or block diagram of the flowchart.
这些计算机程序指令也可装载到计算机或其他可编程数据处理设备上,使得在计算机或其他可编程设备上执行一系列操作步骤以产生计算机实现的处理,从而在计算机或其他可编程设备上执行的指令提供用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的步骤。These computer program instructions can also be loaded onto a computer or other programmable data processing device such that a series of operational steps are performed on a computer or other programmable device to produce computer-implemented processing for execution on a computer or other programmable device. The instructions provide steps for implementing the functions specified in one or more of the flow or in a block or blocks of a flow diagram.
以上所述,仅为本发明的较佳实施例而已,并非用于限定本发明的保护范围。The above is only the preferred embodiment of the present invention and is not intended to limit the scope of the present invention.
工业实用性Industrial applicability
本发明实施例提供的技术方案可以应用于通信领域的无线接入技术。在本发明实施例提供的方法及装置中,根据第一终端发送的认证信息对所述第一终端进行网络连接第一认证;若所述第一终端的第一认证成功,确定所述第一终端的标识状态是否为激活状态;若所述第一终端的标识状态为未激活状态,生成与所述第一终端对应的激活标识,通过所述激活标识对所述第一终端进行网络连接第二认证。本发明实施例提供的网络接入方法、路由设备和终端,使用双重认证连接路由设备,终端通过认证信息进行第一认证,通过后第一认证,路由设备为该终端生成激活标识,通过该激活标识进行第二认证,终端通过双重认证后才可以接入路由设备,从而,提高了网络安全性和稳定性,而且操作快捷,安全可靠,能有效拦截wifi万能钥匙等软件。 The technical solution provided by the embodiment of the present invention can be applied to a wireless access technology in the communication field. In the method and device provided by the embodiment of the present invention, the first terminal performs network connection first authentication according to the authentication information sent by the first terminal; if the first authentication of the first terminal succeeds, the first is determined. Whether the identity status of the terminal is an active state; if the identity status of the first terminal is an inactive state, generating an activation identifier corresponding to the first terminal, and performing network connection on the first terminal by using the activation identifier Second certification. The network access method, the routing device, and the terminal provided by the embodiment of the present invention use the dual authentication to connect to the routing device, and the terminal performs the first authentication by using the authentication information. After the first authentication, the routing device generates an activation identifier for the terminal, and the activation is performed by the terminal. The identification performs the second authentication, and the terminal can access the routing device after the double authentication, thereby improving the network security and stability, and the operation is fast, safe and reliable, and can effectively block software such as the wifi universal key.

Claims (17)

  1. 一种网络接入方法,其中,所述方法包括:A network access method, where the method includes:
    根据第一终端发送的认证信息对所述第一终端进行网络连接第一认证;Performing network connection first authentication on the first terminal according to the authentication information sent by the first terminal;
    若所述第一终端的第一认证成功,确定所述第一终端的标识状态是否为激活状态;If the first authentication of the first terminal is successful, determining whether the identity status of the first terminal is an active state;
    若所述第一终端的标识状态为未激活状态,生成与所述第一终端对应的激活标识,通过所述激活标识对所述第一终端进行网络连接第二认证。And if the identity status of the first terminal is in an inactive state, generating an activation identifier corresponding to the first terminal, and performing network connection second authentication on the first terminal by using the activation identifier.
  2. 根据权利要求1所述的方法,其中,所述认证信息至少携带第一终端的标识信息;The method according to claim 1, wherein the authentication information carries at least the identification information of the first terminal;
    所述生成与所述第一终端对应的激活标识,包括:The generating an activation identifier corresponding to the first terminal includes:
    随机生成与所述第一终端对应的激活码;Generating an activation code corresponding to the first terminal randomly;
    根据所述第一终端的标识信息和所述激活码生成统一资源定位符地址,根据所述统一资源定位符地址生成二维码,所述二维码为所述激活标识。Generating a uniform resource locator address according to the identifier information of the first terminal and the activation code, and generating a two-dimensional code according to the uniform resource locator address, where the two-dimensional code is the activation identifier.
  3. 根据权利要求2所述的方法,其中,所述通过所述激活标识对所述第一终端进行网络连接第二认证,包括:The method according to claim 2, wherein the performing network connection second authentication on the first terminal by using the activation identifier comprises:
    显示所述二维码,以使得所述第一终端通过所述二维码进行网络连接第二认证;Displaying the two-dimensional code, so that the first terminal performs network connection second authentication by using the two-dimensional code;
    接收所述第一终端发送的激活请求,将数据库中所述第一终端的标识状态修改为激活状态,所述第一终端的第二认证成功。Receiving the activation request sent by the first terminal, modifying the identity status of the first terminal in the database to an active state, and the second authentication of the first terminal is successful.
  4. 根据权利要求2所述的方法,其中,在所述随机生成与所述第一终端对应的激活码之后,所述方法还包括:The method of claim 2, wherein after the randomly generating an activation code corresponding to the first terminal, the method further comprises:
    将所述第一终端的标识信息和所述第一终端对应的激活码存储在数据库中,所述数据库中所述第一终端的初始标识状态为未激活状态。The identifier information of the first terminal and the activation code corresponding to the first terminal are stored in a database, and an initial identifier status of the first terminal in the database is an inactive state.
  5. 根据权利要求2所述的方法,其中,所述通过所述激活标识对所述第一终端进行网络连接第二认证,包括:The method according to claim 2, wherein the performing network connection second authentication on the first terminal by using the activation identifier comprises:
    获取网络覆盖范围内的第二终端,所述第二终端上安装获取所述二维码的应用;Acquiring a second terminal in the network coverage area, where the second terminal is installed with an application for acquiring the two-dimensional code;
    发送所述二维码至第二终端,以使得所述第一终端通过所述第二终端获取所述二维码;Sending the two-dimensional code to the second terminal, so that the first terminal acquires the two-dimensional code by using the second terminal;
    接收所述第一终端发送的激活请求,将数据库中所述第一终端的标识状态修改为激活状态,所述第一终端的第二认证成功。 Receiving the activation request sent by the first terminal, modifying the identity status of the first terminal in the database to an active state, and the second authentication of the first terminal is successful.
  6. 根据权利要求1所述的方法,其中,所述根据第一终端发送的认证信息对所述第一终端进行网络连接第一认证,包括:The method according to claim 1, wherein the performing the network connection first authentication on the first terminal according to the authentication information sent by the first terminal comprises:
    接收所述第一终端发送的认证信息,所述认证信息至少携带服务集标识和密码;Receiving the authentication information sent by the first terminal, where the authentication information carries at least a service set identifier and a password;
    根据所述服务集标识和密码对所述第一终端进行网络连接第一认证。Performing network connection first authentication on the first terminal according to the service set identifier and password.
  7. 一种网络接入方法,其中,所述方法包括:A network access method, where the method includes:
    获取激活标识,所述激活标识携带统一资源定位符地址,所述统一资源定位符地址用于第一终端与路由设备网络连接第二认证;Obtaining an activation identifier, where the activation identifier carries a uniform resource locator address, where the uniform resource locator address is used by the first terminal to connect to the routing device network for the second authentication;
    根据所述激活标识获取激活请求,发送所述激活请求至所述路由设备,以使得所述路由设备根据所述激活请求将所述第一终端连接网络。Obtaining an activation request according to the activation identifier, and sending the activation request to the routing device, so that the routing device connects the first terminal to the network according to the activation request.
  8. 根据权利要求6所述的方法,其中,在所述获取激活标识之前,还包括:The method according to claim 6, wherein before the obtaining the activation identifier, the method further comprises:
    发送认证信息至路由设备,所述认证信息至少携带第一终端的标识信息、服务集标识和密码,以使得所述路由设备根据所述认证信息对所述第一终端进行网络连接第一认证。The authentication information is sent to the routing device, and the authentication information carries at least the identifier information, the service set identifier, and the password of the first terminal, so that the routing device performs network connection first authentication on the first terminal according to the authentication information.
  9. 一种路由设备,其中,所述设备包括:认证单元、确定单元、生成单元,其中,A routing device, where the device includes: an authentication unit, a determining unit, and a generating unit, where
    所述认证单元,设置为根据第一终端发送的认证信息对所述第一终端进行网络连接第一认证;The authentication unit is configured to perform network connection first authentication on the first terminal according to the authentication information sent by the first terminal;
    所述确定单元,设置为若所述第一终端的第一认证成功,确定所述第一终端的标识状态是否为激活状态;The determining unit is configured to determine, if the first authentication of the first terminal is successful, determining whether the identity status of the first terminal is an active state;
    所述生成单元,设置为若所述第一终端的标识状态为未激活状态,生成与所述第一终端对应的激活标识;The generating unit is configured to generate an activation identifier corresponding to the first terminal if the identifier status of the first terminal is an inactive state;
    所述认证单元,还设置为通过所述激活标识对所述第一终端进行网络连接第二认证。The authentication unit is further configured to perform network connection second authentication on the first terminal by using the activation identifier.
  10. 根据权利要求9所述的设备,其中,The apparatus according to claim 9, wherein
    所述认证信息至少携带第一终端的标识信息;The authentication information carries at least the identifier information of the first terminal;
    所述生成单元,设置为根据所述第一终端的标识信息和所述激活码生成统一资源定位符地址,根据所述统一资源定位符地址生成二维码,所述二维码为所述激活标识。The generating unit is configured to generate a uniform resource locator address according to the identifier information of the first terminal and the activation code, and generate a two-dimensional code according to the uniform resource locator address, where the two-dimensional code is the activation Logo.
  11. 根据权利要求10所述的设备,其中,所述设备还包括:显示单元、接收单元、处理单元, The device according to claim 10, wherein the device further comprises: a display unit, a receiving unit, and a processing unit,
    所述显示单元,设置为显示所述二维码,以使得所述第一终端通过所述二维码进行网络连接第二认证;The display unit is configured to display the two-dimensional code, so that the first terminal performs network connection second authentication by using the two-dimensional code;
    所述接收单元,设置为接收所述第一终端发送的激活请求;The receiving unit is configured to receive an activation request sent by the first terminal;
    所述处理单元,设置为将数据库中所述第一终端的标识状态修改为激活状态,所述第一终端的第二认证成功。The processing unit is configured to modify the identity status of the first terminal in the database to an activated state, and the second authentication of the first terminal is successful.
  12. 根据权利要求10所述的设备,其中,所述设备还包括:存储单元,设置为将所述第一终端的标识信息和所述第一终端对应的激活码存储在数据库中,所述数据库中所述第一终端的初始标识状态为未激活状态。The device according to claim 10, wherein the device further comprises: a storage unit, configured to store the identification information of the first terminal and an activation code corresponding to the first terminal in a database, in the database The initial identity status of the first terminal is an inactive state.
  13. 根据权利要求10所述的设备,其中,所述设备还包括:获取单元、发送单元、接收单元、处理单元,The device according to claim 10, wherein the device further comprises: an obtaining unit, a sending unit, a receiving unit, and a processing unit,
    所述获取单元,设置为获取网络覆盖范围内的第二终端,所述第二终端上安装获取所述二维码的应用;The acquiring unit is configured to acquire a second terminal in a network coverage area, where the second terminal is installed with an application for acquiring the two-dimensional code;
    所述发送单元,设置为发送所述二维码至第二终端,以使得所述第一终端通过所述第二终端获取所述二维码;The sending unit is configured to send the two-dimensional code to the second terminal, so that the first terminal acquires the two-dimensional code by using the second terminal;
    所述接收单元,设置为接收所述第一终端发送的激活请求;The receiving unit is configured to receive an activation request sent by the first terminal;
    所述处理单元,设置为将数据库中所述第一终端的标识状态修改为激活状态,所述第一终端的第二认证成功。The processing unit is configured to modify the identity status of the first terminal in the database to an activated state, and the second authentication of the first terminal is successful.
  14. 根据权利要求9所述的方法,其中,所述设备还包括:接收单元,设置为接收所述第一终端发送的认证信息,所述认证信息至少携带服务集标识和密码;The method according to claim 9, wherein the device further comprises: a receiving unit, configured to receive authentication information sent by the first terminal, the authentication information carrying at least a service set identifier and a password;
    所述认证单元,设置为根据所述服务集标识和密码对所述第一终端进行网络连接第一认证。The authentication unit is configured to perform network connection first authentication on the first terminal according to the service set identifier and password.
  15. 一种终端,其中,所述终端包括:获取单元、发送单元,其中,A terminal, where the terminal includes: an acquiring unit and a sending unit, where
    所述获取单元,设置为获取激活标识,所述激活标识携带统一资源定位符地址,所述统一资源定位符地址用于第一终端与路由设备网络连接第二认证,还用于根据所述激活标识获取激活请求;The acquiring unit is configured to obtain an activation identifier, where the activation identifier carries a uniform resource locator address, where the uniform resource locator address is used for the first terminal to connect to the routing device network for the second authentication, and is further configured to activate according to the Identify the activation request;
    所述发送单元,设置为发送所述激活请求至所述路由设备,以使得所述路由设备根据所述激活请求将所述第一终端连接网络。The sending unit is configured to send the activation request to the routing device, so that the routing device connects the first terminal to the network according to the activation request.
  16. 根据权利要求15所述的终端,其中,所述发送单元,还设置为发送认证信息至路由设备,所述认证信息至少携带第一终端的标识信息、服务集标识和密码,以使得所述路由设备根据所述认证信息对所述第一终端进行网络连接第一认证。 The terminal according to claim 15, wherein the sending unit is further configured to send authentication information to the routing device, the authentication information carrying at least the identification information, the service set identifier and the password of the first terminal, so that the routing The device performs network connection first authentication on the first terminal according to the authentication information.
  17. 一种计算机可读存储介质,存储有计算机可执行指令,所述计算机可执行指令用于执行如权利要求1至8中所述的方法中的至少其中之一。 A computer readable storage medium storing computer executable instructions for performing at least one of the methods of claims 1-8.
PCT/CN2017/085495 2016-10-27 2017-05-23 Network access method, routing device and terminal, and computer storage medium WO2018076675A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201610958699.1A CN108377499A (en) 2016-10-27 2016-10-27 A kind of method for network access, routing device and terminal
CN201610958699.1 2016-10-27

Publications (1)

Publication Number Publication Date
WO2018076675A1 true WO2018076675A1 (en) 2018-05-03

Family

ID=62023069

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2017/085495 WO2018076675A1 (en) 2016-10-27 2017-05-23 Network access method, routing device and terminal, and computer storage medium

Country Status (2)

Country Link
CN (1) CN108377499A (en)
WO (1) WO2018076675A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116385975A (en) * 2023-04-18 2023-07-04 盐城工学院 Power distribution room safety monitoring system and method based on target detection

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110072237A (en) * 2019-03-13 2019-07-30 广东九联科技股份有限公司 A kind of wireless network access scheme and its method with dual affirmation mechanism
CN110995644A (en) * 2019-10-19 2020-04-10 南京禾泽信息技术有限公司 Device and method capable of generating random login information
CN113259965A (en) * 2020-07-01 2021-08-13 杭州微法软件技术有限公司 CNC equipment data monitoring method
CN111988335B (en) * 2020-08-31 2022-11-08 广州极飞科技股份有限公司 Battery cell identity authentication method and related device

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104135753A (en) * 2014-06-11 2014-11-05 腾讯科技(深圳)有限公司 Wireless network access method, wireless network access device, terminal and server
CN104820643A (en) * 2015-03-25 2015-08-05 百度在线网络技术(北京)有限公司 Method and apparatus for establishing connection between user equipment and smart device
CN105430764A (en) * 2015-12-30 2016-03-23 魅族科技(中国)有限公司 Method and terminal for connecting with Wi-Fi hot spot
CN105682093A (en) * 2014-11-20 2016-06-15 中兴通讯股份有限公司 Wireless network access method and access device, and client
CN105792204A (en) * 2016-02-29 2016-07-20 宇龙计算机通信科技(深圳)有限公司 Network connection authentication method and device
CN105898747A (en) * 2016-05-13 2016-08-24 中科创达软件科技(深圳)有限公司 Wireless network security authentication method and device and wireless network access method and device

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104135753A (en) * 2014-06-11 2014-11-05 腾讯科技(深圳)有限公司 Wireless network access method, wireless network access device, terminal and server
CN105682093A (en) * 2014-11-20 2016-06-15 中兴通讯股份有限公司 Wireless network access method and access device, and client
CN104820643A (en) * 2015-03-25 2015-08-05 百度在线网络技术(北京)有限公司 Method and apparatus for establishing connection between user equipment and smart device
CN105430764A (en) * 2015-12-30 2016-03-23 魅族科技(中国)有限公司 Method and terminal for connecting with Wi-Fi hot spot
CN105792204A (en) * 2016-02-29 2016-07-20 宇龙计算机通信科技(深圳)有限公司 Network connection authentication method and device
CN105898747A (en) * 2016-05-13 2016-08-24 中科创达软件科技(深圳)有限公司 Wireless network security authentication method and device and wireless network access method and device

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116385975A (en) * 2023-04-18 2023-07-04 盐城工学院 Power distribution room safety monitoring system and method based on target detection
CN116385975B (en) * 2023-04-18 2023-10-27 盐城工学院 Power distribution room safety monitoring system and method based on target detection

Also Published As

Publication number Publication date
CN108377499A (en) 2018-08-07

Similar Documents

Publication Publication Date Title
WO2018076675A1 (en) Network access method, routing device and terminal, and computer storage medium
US10111096B2 (en) AP connection method, terminal, and server
KR102154384B1 (en) Portal authentication
US11240314B2 (en) Systems and methods for remote management of appliances
US11751052B2 (en) Credential information processing method and apparatus for network connection, and application (APP)
US11765164B2 (en) Server-based setup for connecting a device to a local area network
CN107070931B (en) Cloud application data uploading/accessing method and system and cloud proxy server
TW201933848A (en) Device connection method, device and system
CN107567017B (en) Wireless connection system, device and method
CN101379795A (en) address assignment by a DHCP server while client credentials are checked by an authentication server
TW201706901A (en) Authentication method, apparatus, and system
US20170238183A1 (en) Mac address-bound wlan password
CN105873055B (en) Wireless network access authentication method and device
US11638149B2 (en) Instant secure wireless network setup
WO2018090831A1 (en) Method and apparatus allowing smart terminal device to access internet
US11943213B2 (en) Device and method for mediating configuration of authentication information
CN106790036B (en) A kind of information tamper resistant method, device, server and terminal
CN104349318A (en) Automatic authentication method, apparatus and system of wireless local area network (WLAN)
JP6056970B2 (en) Information processing apparatus, terminal, information processing system, and information processing method
US20230232228A1 (en) Method and apparatus for establishing secure communication
CN111492358B (en) Device authentication
CN109150862B (en) Method and server for realizing token roaming
WO2018157782A1 (en) Credential information processing method and apparatus for network connection, and application (app)
JP2008244945A (en) Wireless connection environment setting system, wireless connection environment setting server, information terminal, and program
CN105939516A (en) User authentication method and device

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17863521

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17863521

Country of ref document: EP

Kind code of ref document: A1