Background technology
The application of the Internet is extensive day by day, provide the information of simple and fast to obtain channel to the user on the one hand, on the other hand, the application of the Internet has also brought a lot of problems: comprise a large amount of violences and Pornograph in the information that provides as the Internet, have a bigger negative effect to children and teenager are physically and mentally healthy.Network supervision department usually adopts traditional management means to control spreading unchecked of violence on the Internet and pornographic information, but facts have proved that the effect of this means is limited.Thereby people turn to technological means, head of a family's Control Software or in other softwares integrated parental control function be main a kind of in these technological means, the up-to-date windowing software Windows Vista that Microsoft releases has also comprised parental control function.
Head of a family's control comprises that scope widely, for example time control, the restriction of Web webpage, game ratings restriction etc., topmost purpose are to stop those contents that are not suitable for child to be touched by child, and this is especially outstanding in internet browsing.In addition, the miscellaneous service by the Internet is realized also should limit to some extent to child, for example the downloading service of Fu Feiing etc.
The existing head of a family controls the following technical scheme of main employing: in home network, by giving each kinsfolk or account number of member's set of dispense, must input oneself account number and password when the kinsfolk surfs the Net and could surf the Net.Distribute user's classification or class information for each account number, and every class user set addressable URL (Uniform Resource Locator, the unified resource position, on the WWW of Internet service routine, be used to specify the method for expressing of information position), the URL of inaccessible, the information such as keyword that can not relate to, realization is to the filtration of URL and content, thereby reaches the control purpose.
After having added parental control function, the kinsfolk must input account number and password ability access internet, this technical measures can not cause too big inconvenience to the kinsfolk, but for the visitor of family will be temporarily the situation of family network access the Internet by owner produced some obstacles.Certainly owner can be temporarily uses oneself account number and password to the visitor, afterwards, revises the password of account number again for safety.Though this method can be dealt with problems simply, technically, this is not safe way, and frequently revise password can be more loaded down with trivial details.
For addressing the above problem, existing a kind of way is: suppose that the visitor's of family demand can not exceed the scope of minimum authority, an account number that does not need password is set, and for example the account number name just is Guest (visitor), and it is minimum scope of authority that this account number has grade.In parental control function, this Guest account number cannot be visited any website that pornographic, violence etc. are not suitable for children, teenager's content of containing, also cannot use any restricted service, for example pay and download, can also limit the spendable time of Guest account number etc.
As mentioned above, to the visitor account number that does not need password is set, the behavior that at first is based on the visitor can not exceed the hypothesis of the minimum authority that sets, but this hypothesis often is not inconsistent with reality in practice, for example visitor's portable computer of carrying oneself finds that when the host surfs the Net an own interested film needs to download, but because it uses the Guest account number, can not download this film, have to detour is copied on visitor's the computer by owner's download again, causes using inconvenience.
Also have a kind of technical scheme in the prior art: owner use and management person identity is provided with an account number for the visitor, sets corresponding user gradation or authority, and password is set, and the visitor uses the account online, and the visitor leaves the back owner and cancels this account number or revise its password.This scheme is than the account number and the password that are directly used owner by the visitor, and it is more loaded down with trivial details to revise the using method of password by owner then.
Above-mentioned problem exists when guest access owner's home network or a certain equipment in the home network equally.
Summary of the invention
The purpose of the embodiment of the invention is to provide method and system, the home gateway of managing caller in a kind of home network, is intended to solve the problem of the complex operation that managing caller is existed that exists in the prior art.
For achieving the above object, the technical scheme of embodiment of the invention employing is as follows:
A kind of method of managing caller in household network, described method comprises the steps:
Home gateway is provided with Guest User's access rights according to owner to the mandate of guest access network, and the visitor inserts described network and within the scope of authority network conducted interviews described owner.
The embodiment of the invention also provides the method for another kind of managing caller in household network, and described method comprises the steps:
Home gateway is provided with Guest User's access rights by authorizing the interface to the mandate of guest access network according to owner, and the visitor conducts interviews to network within the scope of authority described owner.
The embodiment of the invention also provides a kind of system of managing caller in household network, and described system comprises:
Home gateway, it is provided with Guest User's authority according to owner to the mandate of guest access network;
User terminal, it is connected communication by home network with home gateway, and it is used for the visitor and sends network access request to described home gateway, and imports the authorization message of described owner to the guest access network for owner.
The embodiment of the invention also provides a kind of home gateway,, described home gateway comprises the managing caller module, described managing caller module is used for according to owner the mandate of guest access network being provided with Guest User's authority.
The embodiment of the invention overcomes the deficiencies in the prior art, the visitor of family adopts when need pass through access to netwoks the Internet in the host, by owner visitor's visit is authorized, the visitor is in owner's access internet within the scope of authority, the visitor does not need to use owner's account number and password, owner need not finish the technical scheme that the password of oneself is revised in the back in the guest access the Internet yet, needn't to the visitor account number and password be set in advance, do not need to use the back to revise password the visitor yet, simplified operation greatly, bring visitor's internet access behavior into scope that the head of a family controls, take into account flexibility and fail safe in the application.
Embodiment
The technical scheme that the embodiment of the invention provides is: when the visitor of family need be by the access to netwoks the Internet in the host, by owner visitor's visit is authorized, home gateway is provided with Guest User's information according to owner's mandate temporarily, the visitor is in owner's access internet within the scope of authority, the visitor does not need to use owner's account number and password, and owner also need not finish the back and revise the password of oneself in the guest access the Internet.
In order to make purpose of the present invention, technical scheme and advantage clearer,, the present invention is further elaborated below in conjunction with drawings and Examples.Should be appreciated that specific embodiment described herein only in order to explanation the present invention, and be not used in qualification the present invention.
Self has authentification of user existing P C, need import username and password when that is to say user's log into thr computer one time.But present trend is to realize head of a family's control on home gateway, and HGI (home gateway initialization) standardization body that main telecom operators in the world and equipment vendor form just stipulates that home gateway will realize the parental control function of internet access.The user logins the account number that PC uses and can associate by certain mode and the account number of home gateway at user's setting, and for example the account number title is all consistent with password and the notion of Windows operating system " territory " etc.
Usually the home gateway authentication is general adopts following mode to realize: the user is opening account number and the password that need input oneself when Internet-browser is visited certain URL for the first time.Certain kinsfolk uses the IE browser will trigger the authenticating user identification interface under the WindowsXP environment, user's open any browser, visit google website, owing to be access internet website first after the open any browser, home gateway pushes an authentication interface to user terminal PC, requires the user to import username and password.
In home network environment, above-mentioned verification process can be done corresponding optimization, if do not consider restriction to user's surf time, whether the URL that can check earlier before user identity is verified to be visited belongs to that anyone can visit, if just needn't eject authentication interface, can improve user experience like this, avoid an online to authenticate.If the URL that visits is limited, then the user is authenticated.In case through authentication, the accessed URL that meets this user right later on just no longer authenticates.
In the embodiment of the invention, owner also realizes by home gateway the visitor's of family interim mandate, the network of guest request visit is that example illustrates with the Internet, but technical scheme provided by the invention also can be applied in other the network, as guest access owner's home network or the equipment in the home network, the process of specific implementation is contrasted following embodiment to those skilled in the art, do not need to realize that through performing creative labour this does not give unnecessary details.
The visitor surfs the Net in two kinds of situation the host: a kind of visitor of being uses the equipment of oneself; Another kind is the equipment (domestic consumer's terminal) that the visitor uses owner, below is divided into two embodiment and describes.
Embodiment one: the visitor uses owner's equipment
When the visitor passes through owner's device access the Internet, visitor's open any browser, visit a certain website, owing to be access internet website first after the open any browser, home gateway pushes an authentication interface to user terminal PC, and this authentication interface and existing authentication interface are distinct: be provided with a button for visitor's use on this interface.For example this button just is " visitor ", if the visitor does not have corresponding account number in owner's home network, just clicks this button, as shown in Figure 1.After the visitor clicks " visitor ", home gateway is to user terminal (PC) release interface as shown in Figure 2, this interface is the interface of owner to visitor's access authorization, before authorizing, owner at first needs to import the username and password of oneself, select visitor's feature then in visitor's feature one hurdle, visitor's feature correspondence visitor's user gradation, i.e. scope of Shou Quaning.During specific implementation, " children ", " teenager " and " adult " as shown in Figure 1 etc. can be arranged in visitor's feature one hurdle, also can be to be divided into several age groups, or direct several demonstration visitor grade owner selects.After selection was finished, PC sent a message to home gateway.
Home gateway is provided with the Guest User for information about after receiving the authorization messages of owner to the visitor, and the visitor can use its user gradation access internet that is set.
After the user finished visit to the Internet, home gateway was with Guest User's information deletion.
The present embodiment flow chart specifically comprises the steps: as shown in Figure 3
1, the visitor is by owner's device access the Internet, and visitor's open any browser is visited a certain website, and home gateway pushes an authentication interface that is provided with " visitor " button to user terminal PC;
2, the visitor clicks " visitor " button in the authentication interface, and request message is sent to gateway;
3, home gateway is released owner to user terminal and is authorized the interface, and owner selects the account number of oneself and the password of input oneself, and visitor's user gradation is set then, selects then " affirmation ", and message is sent to home gateway;
The specific implementation process also can be divided into for two steps, was promptly imported the username and password of oneself earlier by owner, released new layout setting visitor grade to PC again after the home gateway checking mastership;
For preventing that children and teenager from evading head of a family's control by technical scheme provided by the invention, owner can not be arranged to visitor's user gradation the rank above the user gradation of oneself, for example owner is teenager's identity, and he does not have authority that the visitor is arranged to the grade of being grown up;
4, home gateway is provided with this Guest User for information about after receiving the message of step 3, and the visitor can use its user gradation access internet that is set;
In the present embodiment, consider the easy of operation, after home gateway is provided with Guest User's relevant information, do not need to generate visitor's account number and password, therefore do not need the visitor to input account number and password; Another kind of mode is after home gateway is received the authorization requests of owner to the visitor of PC transmission, according to selection generation a account number at visitor (Guest User account number) and the password of owner to visitor's feature, and to interface as shown in Figure 4 of equipment propelling movement of owner, the visitor is by account and cryptographic acess the Internet;
5, the visitor finishes internet access, and home gateway is deleted set Guest User's information automatically.
If home gateway does not generate visitor's account number and password, then home gateway is deleted the Guest User for information about when the visitor finishes to visit; If home gateway has generated account number and password for the visitor, then deletion this disappointed number and password when the visitor finishes to visit perhaps keeps a period of time with account and password, uses next time to make things convenient for the visitor.
As mentioned above,, that is to say that no matter which kind of URL of user capture requires authentication without exception, then the scheme that provides of the above embodiments can be suitable fully if home gateway adopts the mode of authentication fully to user's visit; If home gateway adopts the mode of optimizing to user's authentication, just require authentication when promptly having only the specific URL of user capture, then the technical scheme in the present embodiment need be carried out adaptive modification: when the general URL of guest access, home gateway does not require that owner authorizes, when the specific URL in visitor orientation, home gateway pushes an authentication interface that is provided with " visitor " button to user terminal PC, and follow-up flow process is the same with the flow process among the embodiment, and this does not give unnecessary details.
The theory diagram of the system of the managing caller in household network that present embodiment provides comprises home gateway and owner's user terminal as shown in Figure 5, wherein:
Home gateway comprises managing caller module (figure does not show), this managing caller module user terminal to owner when the guest request access internet pushes a user interface that comprises " visitor " button, after the visitor clicks this " visitor " button, this managing caller module sends an owner to user terminal again and authorizes the interface, and authorize the authorization mechanism of importing in the interface that Guest User's information is set owner according to owner, the visitor promptly can access internet, after described visitor finished visit, home gateway was with this Guest User's information deletion;
Owner's user terminal by with the information interaction of home gateway, authorize the authorization message of selecting in the interface to send to home gateway owner the request and the owner of guest access the Internet.
During concrete the application, this managing caller module can also generate Guest User's account number and password when Guest User's information is set after receiving owner's authorization message, use for the visitor.
Embodiment two, visitor use the equipment of oneself
Since equipment for surfing the net is not a household internal, for safety, just should not be in disappointed number of user and the password of input owner on this equipment, in case this equipment gets up by the password and the preservation of TSR intercepting user input, perhaps preserved password, thereby produced potential safety hazard by the cookie function of system.Therefore, in the present embodiment, Authorized operation can only be finished on owner's oneself equipment.
When the visitor passes through the device access the Internet of oneself, with the equipment access owner home network of oneself, open any browser access internet.After home gateway was received the request of guest access the Internet, identifying this equipment was not the home network internal unit, ejected interface shown in Figure 2 on owner's PC, and owner's mandate is waited at displayed map 6 interfaces on visitor device with the prompting visitor simultaneously.Owner authorizes the visitor by the PC of oneself, and the process of mandate is the same with the description among the embodiment with the process that home gateway is provided with Guest User's information, and this does not give unnecessary details.After mandate was finished, the visitor can be by the device access the Internet of oneself.
The flow chart of present embodiment specifically comprises following step as shown in Figure 7:
1, the visitor inserts owner's home network, open any browser access internet with the equipment of oneself;
2, after home gateway was received the request of access internet, identifying this equipment was not the home network internal unit, ejected interface shown in Figure 2, displayed map 6 interfaces on visitor device on owner's computer;
3, owner operates interface shown in Figure 2 and authorizes, finish mandate after, Fig. 6 interface disappears automatically, the addressable the Internet of visitor;
4, the visitor finishes access internet, and set user profile is deleted automatically.
Above step and visitor use owner's the step of equipment basic identical, and the main distinction is step 2, does not show authentication interface on visitor's the equipment, directly points out the visitor to wait for mandate.
Wherein, if home gateway generates visitor's account number and password at the user in the step 3, described in embodiment one, and account number and the password that generates be presented on the visitor device after interface shown in Figure 6 disappears, the visitor is by account and cryptographic acess the Internet.After the visitor finishes visit, if home gateway is preserved the time of setting with visitor's account number and password, when the visitor in the time of setting once more during access internet, home gateway will push an interface as shown in Figure 8 to visitor device this moment, access internet once more after the visitor selects the user name of oneself and inputs password.If the visitor did not visit the Internet before this in the host, promptly there are not user name corresponding and password, perhaps surpassed the time cycle of setting the blanking time of twice visit, perhaps the visitor has forgotten account number or the password that obtained last time, then click " new visitor " button on this interface, change above-mentioned step 2 over to.
Differently among the visitor management system that present embodiment provides and the embodiment one be: system also comprises visitor's user terminal in the present embodiment, the visitor is by the terminal access the Internet of oneself, but as mentioned above, owner still finishes on the terminal of oneself setting of authorization mechanism, only when its request access internet, the information that receives home gateway " waits for that owner authorizes " to visitor's user terminal; Home gateway in the present embodiment also comprises a user terminal identification module that links to each other with the managing caller module, be used for discerning and ask whether the terminal of visit is the user terminal of home network inside, if not, then provide the information of " wait subscriber authorisation ".
As mentioned above, the embodiment of the invention adopts when the visitor of family need pass through access to netwoks the Internet in the host, by owner visitor's visit is authorized, the visitor is in owner's access internet within the scope of authority, the visitor does not need to use owner's account number and password, owner need not finish the technical scheme that the password of oneself is revised in the back in the guest access the Internet yet, needn't to the visitor account number and password be set in advance, do not need to use the back to revise password the visitor yet, simplified operation greatly, bring visitor's internet access behavior into scope that the head of a family controls, take into account flexibility and fail safe in the application.
The above only is preferred embodiment of the present invention, not in order to restriction the present invention, all any modifications of being done within the spirit and principles in the present invention, is equal to and replaces and improvement etc., all should be included within protection scope of the present invention.