CN101383746A - Access control method and system for wireless network - Google Patents
Access control method and system for wireless network Download PDFInfo
- Publication number
- CN101383746A CN101383746A CNA2008102244679A CN200810224467A CN101383746A CN 101383746 A CN101383746 A CN 101383746A CN A2008102244679 A CNA2008102244679 A CN A2008102244679A CN 200810224467 A CN200810224467 A CN 200810224467A CN 101383746 A CN101383746 A CN 101383746A
- Authority
- CN
- China
- Prior art keywords
- mac address
- user profile
- radio network
- network controller
- corresponding relation
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention provides a method and a system for controlling the access of a wireless network, wherein the method comprises: a certificate server obtains user information and the MAC address which is provided when the user logs in the wireless network accessing, creates the corresponding relation between the user information and the MAC address or updates the established corresponding relation containing the user information, and sends the MAC address corresponding to the user information to a wireless network controller; the wireless network controller uses the received MAC address to update an access-permitting list stored in the wireless network controller, and allows the MAC address to permit a user terminal in the access-permitting list to access the wireless network. By the invention, the MAC address of the user who logs in the wireless network accessing can be more conveniently managed.
Description
Technical field
The present invention relates to radio network technique, particularly a kind of connection control method of wireless network and system.
Background technology
Usually, the connection control method of wireless network is to be undertaken by the mode that the MAC Address of user terminal is filtered, configuration allows access list on radio network controller, it is usually said white list, if the MAC Address of the user terminal of request access of radio network is in allowing access list, then allow this user terminal access of radio network, otherwise, this user terminal access of radio network refused.
Yet, in the prior art, allowing access list is that webmaster is configured on radio network controller by hand according to the MAC Address that the user provides when the registration wireless network inserts, in case the number of users that the registration wireless network inserts is more, then disposing on radio network controller by hand and allowing access list is very loaded down with trivial details and complicated work.For example, if the MAC Address that certain user registers the wireless network access to be provided changes, then webmaster needs the manual original employed MAC Address of this user of searching, and MAC Address is after changing being replaced the MAC Address of using originally.Owing to do not have user profile on the radio network controller, obviously, it is very difficult searching the original employed MAC Address of user in a large amount of MAC Address in allowing access list.
Summary of the invention
In view of this, the invention provides a kind of connection control method and system of wireless network, manage with the convenient employed MAC Address of user that the registration wireless network is inserted.
A kind of connection control method of wireless network, this method comprises:
Certificate server obtains user profile and this user is being provided by the MAC Address that provides when wireless network inserts, set up the corresponding relation between described user profile and the described MAC Address or upgrade the corresponding relation of having set up that comprises described user profile, and the MAC Address of all user profile correspondences is sent to radio network controller;
The MAC Address that described radio network controller utilization receives is upgraded the permission access list of this radio network controller storage, and the permission MAC Address allows the user terminal access of radio network in the access list after renewal.
A kind of access control system of wireless network, this system comprises: certificate server and radio network controller;
Described certificate server, be used to obtain user profile and this user the MAC Address that provides when wireless network inserts is being provided, set up the corresponding relation between described user profile and the described MAC Address or upgrade the corresponding relation of having set up that comprises described user profile, and the MAC Address of all user profile correspondences is sent to described radio network controller;
Described radio network controller is used to utilize the MAC Address that receives to upgrade the permission access list of this radio network controller storage, and allows the user terminal access of radio network of MAC Address in described permission access list.
As can be seen from the above technical solutions, the method and system that the embodiment of the invention provides, the characteristic of utilizing certificate server to manage in conjunction with user profile, to transfer on the certificate server the access control of wireless network on the radio network controller, come MAC Address in the permission access list on the configuring wireless network controller by certificate server, make when the user is provided by the MAC Address generation change that provides when wireless network inserts, can utilize user profile to upgrade the MAC Address of this user profile correspondence on the certificate server easily, and upgrade the permission access list of radio network controller by the mode that the MAC Address with all user profile correspondences sends to radio network controller, and need not as prior art manual MAC Address of on radio network controller, revising change under the situation of no user information on the radio network controller, visible the present invention can insert the employed MAC Address of user to the registration wireless network more easily and manage.
Description of drawings
The method flow diagram that Fig. 1 provides for the embodiment of the invention;
The system construction drawing that Fig. 2 provides for the embodiment of the invention.
Embodiment
In order to make the purpose, technical solutions and advantages of the present invention clearer, describe the present invention below in conjunction with the drawings and specific embodiments.
Method provided by the invention mainly comprises: certificate server obtains user profile and this user is being provided by the MAC Address that provides when wireless network inserts, set up the corresponding relation between this user profile and the MAC Address or upgrade the corresponding relation of having set up that comprises this user profile, and the MAC Address of all user profile correspondences is sent to radio network controller; The MAC Address that this radio network controller utilization receives is upgraded the permission access list of this radio network controller storage, and the permission MAC Address allows the user terminal access of radio network in the access list after renewal.
Below in conjunction with specific embodiment said method is described in detail.The method flow diagram that Fig. 1 provides for the embodiment of the invention, as shown in Figure 1, this method can may further comprise the steps:
Step 101: the user terminal that the active agency server uses to the user provides enrollment page to carry out the registration that wireless network inserts for the user, obtains the user in the user profile of enrollment page input and the MAC Address of employed user terminal.
In this step, the user can insert by the enrollment page registration wireless network that the active agency server provides, and the user imports the MAC Address of user profile and employed user terminal on this enrollment page.
Step 102: the active agency server is given certificate server synchronously with user profile and the MAC Address obtained.
Step 103: user profile and MAC Address that the certificate server utilization comes synchronously, set up the corresponding relation between this user profile and the MAC Address.
Certificate server is except obtaining by the mode of step 101 and step 102 mac address information of user profile and user terminal, can also directly obtain user profile and the MAC Address of network management configuration in this certificate server, this mode needs webmaster to dispose user profile and the MAC Address of having registered the wireless network access in advance in certificate server.
In addition, can further include before the corresponding relation of setting up between this user profile and the MAC Address: certificate server judges whether self to have set up the corresponding relation that comprises this user profile, if not, then carry out the above-mentioned step of setting up the corresponding relation between this user profile and the MAC Address; If then upgrade the corresponding relation of having set up that comprises this user profile.
Wherein, if judging, certificate server set up the corresponding relation that comprises this user profile, in the corresponding relation that comprises this user profile that then can set up at first, whether the MAC Address of this user profile correspondence is consistent with the MAC Address of obtaining, if consistent, then need not upgrade the corresponding relation of having set up; If inconsistent, then the MAC Address of this user profile correspondence is updated to the MAC Address of obtaining in the corresponding relation that will set up.
Step 104: the MAC Address of the used user profile correspondence that certificate server will be stored offers NM server by internal interface.
Step 105: NM server is transmitted to radio network controller by Simple Network Management Protocol (SNMP) message with the MAC Address that receives.
NM server can also be transmitted to radio network controller with the MAC Address that receives by Telnet (TELNET) message.
In addition, in step 104 and step 105, send to the mode of radio network controller by the MAC Address of NM server with all user profile correspondences, if have usable interface between certificate server and the radio network controller, then certificate server also can be directly directly sends to radio network controller with the MAC Address of all user profile correspondences.
Step 106: the MAC Address that the radio network controller utilization receives is upgraded the permission access list that self stores.
In a single day radio network controller receives the MAC Address that NM server or certificate server send, then utilize the MAC Address that receives to upgrade the permission access list of self storing, so that the employed user terminal MAC Address of user that the permission access list of self storing keeps the up-to-date registered wireless network of storage to insert.
Step 107: when receiving the wireless access request that user terminal sends, if the MAC Address of this user terminal then allows this user terminal access of radio network in allowing access list, otherwise, refuse this user terminal access of radio network.
The operation of step 107 is identical with the processing mode of radio network controller in the prior art, is not giving unnecessary details.
More than be the description that method provided by the present invention is carried out, below system provided by the present invention be described.The system construction drawing that Fig. 2 provides for the embodiment of the invention, as shown in Figure 2, this system mainly comprises: certificate server 201 and radio network controller 202.
Wherein, certificate server 201 can obtain the user profile of network management configuration in this certificate server 201 and this user is being provided by the MAC Address that provides when wireless network inserts, can also also obtain user profile and MAC Address by the active agency server, at this moment, this system can also comprise: active agency server 203, be used for providing enrollment page to the user, obtain the user in the user profile of enrollment page input and the MAC Address that when the registration wireless network inserts, provides, and give certificate server 201 synchronously user profile and the MAC Address obtained.
Further, certificate server 201, after the MAC Address that can also be used for when obtaining user profile and this user, providing in the access of registration wireless network, judge whether to set up the corresponding relation that comprises this user profile, if not, then carry out the operation of setting up the corresponding relation between this user profile and the MAC Address, if then carry out the operation of upgrading the corresponding relation of having set up that comprises this user profile.
When certificate server 201 sends to radio network controller in the MAC Address with all user profile correspondences, can directly send to radio network controller, also can be transmitted to radio network controller by NM server, at this moment, this system can also comprise: NM server 204 is used to receive the MAC Address of all user profile correspondences that certificate server 201 sends and is transmitted to radio network controller 202.
This NM server 204 can by with certificate server between internal interface obtain the corresponding MAC Address of all user profile, and the MAC Address of all user profile correspondences is transmitted to radio network controller 202 by snmp message or TELNET message.
By above description as can be seen, the method and system that the embodiment of the invention provides, the characteristic of utilizing certificate server to manage in conjunction with user profile, to transfer on the certificate server the access control of wireless network on the radio network controller, come MAC Address in the permission access list on the configuring wireless network controller by certificate server, make when the user is provided by the MAC Address generation change that provides when wireless network inserts, can utilize user profile to upgrade the MAC Address of this user profile correspondence on the certificate server easily, and upgrade the permission access list of radio network controller by the mode that the MAC Address with all user profile correspondences sends to radio network controller, and need not under the situation of no user information on the radio network controller, on radio network controller, to revise the MAC Address that changes by hand as prior art, visible the present invention can manage the MAC Address of registering wireless network access user more easily.
The above only is preferred embodiment of the present invention, and is in order to restriction the present invention, within the spirit and principles in the present invention not all, any modification of being made, is equal to replacement, improvement etc., all should be included within the scope of protection of the invention.
Claims (10)
1, a kind of connection control method of wireless network is characterized in that, this method comprises:
Certificate server obtains user profile and this user is being provided by the MAC Address that provides when wireless network inserts, set up the corresponding relation between described user profile and the described MAC Address or upgrade the corresponding relation of having set up that comprises described user profile, and the MAC Address of all user profile correspondences is sent to radio network controller;
The MAC Address that described radio network controller utilization receives is upgraded the permission access list of this radio network controller storage, and the permission MAC Address allows the user terminal access of radio network in the access list after renewal.
2, method according to claim 1, it is characterized in that the described MAC Address of obtaining user profile and this user and providing when the registration wireless network inserts specifically comprises: described certificate server obtains the MAC Address that the user profile of network management configuration in described certificate server and this user provide when the registration wireless network inserts; Perhaps,
The active agency server provides enrollment page to described user, obtain described user in the user profile of described enrollment page input and the MAC Address that when the registration wireless network inserts, provides, and give described certificate server synchronously user profile and the MAC Address obtained.
3, method according to claim 1, it is characterized in that, after carrying out the described step of obtaining, also comprise: judge whether to set up the corresponding relation that comprises described user profile, if not, then carry out the step of setting up the corresponding relation between described user profile and the described MAC Address; If then carry out and upgrade the corresponding relation of having set up that comprises described user profile.
4, method according to claim 3, it is characterized in that, before upgrading the corresponding relation of having set up that comprises described user profile, also comprise: judge in the corresponding relation of having set up that comprises described user profile, whether the MAC Address of described user profile correspondence is consistent with the described MAC Address of obtaining, if consistent, then do not carry out the corresponding relation that comprises described user profile that described renewal has been set up; If inconsistent, then carry out the corresponding relation that comprises described user profile that described renewal has been set up.
5, method according to claim 1, it is characterized in that described MAC Address with all user profile correspondences sends to radio network controller and specifically comprises: described certificate server directly sends to described radio network controller with the MAC Address of all user profile correspondences; Perhaps,
Described certificate server is transmitted to described radio network controller with the MAC Address of all user profile correspondences by NM server.
6, method according to claim 5, it is characterized in that, the MAC Address of all user profile correspondences is transmitted to described radio network controller by NM server to be specially: described certificate server sends to described NM server by self and internal interface between the described NM server MAC Address that all user profile are corresponding, and described NM server sends to described radio network controller by Simple Network Management Protocol snmp message or Telnet TELNET message with the MAC Address of all user profile correspondences.
7, a kind of access control system of wireless network is characterized in that, this system comprises: certificate server and radio network controller;
Described certificate server, be used to obtain user profile and this user the MAC Address that provides when wireless network inserts is being provided, set up the corresponding relation between described user profile and the described MAC Address or upgrade the corresponding relation of having set up that comprises described user profile, and the MAC Address of all user profile correspondences is sent to described radio network controller;
Described radio network controller is used to utilize the MAC Address that receives to upgrade the permission access list of this radio network controller storage, and allows the user terminal access of radio network of MAC Address in described permission access list.
8, system according to claim 7, it is characterized in that, this system also comprises: the active agency server, be used for providing enrollment page to described user, obtain described user in the user profile of described enrollment page input and the MAC Address that when the registration wireless network inserts, provides, and give described certificate server synchronously user profile and the MAC Address obtained;
Described certificate server also is used to obtain user profile and the MAC Address that described active agency server sync is come.
9, system according to claim 7, it is characterized in that, described certificate server, after the MAC Address that also is used for when obtaining user profile and this user, providing in the access of registration wireless network, judge whether to set up the corresponding relation that comprises described user profile, if not, then carry out the operation of setting up the corresponding relation between described user profile and the described MAC Address, if then carry out the operation of upgrading the corresponding relation of having set up that comprises described user profile.
10, according to claim 7,8 or 9 described systems, it is characterized in that this system also comprises: NM server is used to receive the MAC Address of all user profile correspondences that described certificate server sends and is transmitted to described radio network controller.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2008102244679A CN101383746A (en) | 2008-10-15 | 2008-10-15 | Access control method and system for wireless network |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2008102244679A CN101383746A (en) | 2008-10-15 | 2008-10-15 | Access control method and system for wireless network |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101383746A true CN101383746A (en) | 2009-03-11 |
Family
ID=40463379
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNA2008102244679A Pending CN101383746A (en) | 2008-10-15 | 2008-10-15 | Access control method and system for wireless network |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101383746A (en) |
Cited By (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102014459A (en) * | 2010-11-25 | 2011-04-13 | 中国联合网络通信集团有限公司 | Wireless access control method and device |
| CN102420801A (en) * | 2010-09-28 | 2012-04-18 | 中国电信股份有限公司 | Method, device and system for realizing automatic user identity authentication |
| CN102821439A (en) * | 2012-07-18 | 2012-12-12 | 中兴通讯股份有限公司 | Access method and access device of wireless network |
| CN102970192A (en) * | 2011-09-01 | 2013-03-13 | 中兴通讯股份有限公司 | Machine-to-machine (M2M) wired terminal access control method and system |
| CN101848430B (en) * | 2009-03-24 | 2014-01-22 | 阿尔卡特朗讯 | Device and method for service request authentication, service request authentication system and method of service request authentication system |
| CN104821925A (en) * | 2015-04-28 | 2015-08-05 | 福建星网锐捷网络有限公司 | Data interaction method, system and device |
| CN104871503A (en) * | 2014-04-18 | 2015-08-26 | 华为终端有限公司 | Accessing method and apparatus of router and portable wireless router |
| CN105208560A (en) * | 2015-09-15 | 2015-12-30 | 新浪网技术(中国)有限公司 | WiFi certification-free log-in method, device and system |
| CN106879045A (en) * | 2017-01-25 | 2017-06-20 | 成都众网行科技有限公司 | Wireless network access user screening plant and method |
| CN110401948A (en) * | 2018-04-24 | 2019-11-01 | 北京码牛科技有限公司 | Wireless network authentication method and device |
| CN110446214A (en) * | 2018-05-03 | 2019-11-12 | 中兴通讯股份有限公司 | Manage method, device and equipment, the storage medium of network access process |
| CN114598519A (en) * | 2022-03-02 | 2022-06-07 | 深圳市吉祥腾达科技有限公司 | Method and system for supporting terminal to set black and white list without disconnection |
-
2008
- 2008-10-15 CN CNA2008102244679A patent/CN101383746A/en active Pending
Cited By (17)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101848430B (en) * | 2009-03-24 | 2014-01-22 | 阿尔卡特朗讯 | Device and method for service request authentication, service request authentication system and method of service request authentication system |
| CN102420801A (en) * | 2010-09-28 | 2012-04-18 | 中国电信股份有限公司 | Method, device and system for realizing automatic user identity authentication |
| CN102420801B (en) * | 2010-09-28 | 2015-01-14 | 中国电信股份有限公司 | Method, device and system for realizing automatic user identity authentication |
| CN102014459A (en) * | 2010-11-25 | 2011-04-13 | 中国联合网络通信集团有限公司 | Wireless access control method and device |
| CN102014459B (en) * | 2010-11-25 | 2013-11-06 | 中国联合网络通信集团有限公司 | Wireless access control method and device |
| CN102970192A (en) * | 2011-09-01 | 2013-03-13 | 中兴通讯股份有限公司 | Machine-to-machine (M2M) wired terminal access control method and system |
| CN102821439A (en) * | 2012-07-18 | 2012-12-12 | 中兴通讯股份有限公司 | Access method and access device of wireless network |
| CN104871503A (en) * | 2014-04-18 | 2015-08-26 | 华为终端有限公司 | Accessing method and apparatus of router and portable wireless router |
| WO2015158001A1 (en) * | 2014-04-18 | 2015-10-22 | 华为终端有限公司 | Method and apparatus for accessing router, and portable wireless router |
| CN104821925A (en) * | 2015-04-28 | 2015-08-05 | 福建星网锐捷网络有限公司 | Data interaction method, system and device |
| CN104821925B (en) * | 2015-04-28 | 2018-08-07 | 福建星网锐捷网络有限公司 | A kind of data interactive method, system and equipment |
| CN105208560A (en) * | 2015-09-15 | 2015-12-30 | 新浪网技术(中国)有限公司 | WiFi certification-free log-in method, device and system |
| CN106879045A (en) * | 2017-01-25 | 2017-06-20 | 成都众网行科技有限公司 | Wireless network access user screening plant and method |
| CN110401948A (en) * | 2018-04-24 | 2019-11-01 | 北京码牛科技有限公司 | Wireless network authentication method and device |
| CN110446214A (en) * | 2018-05-03 | 2019-11-12 | 中兴通讯股份有限公司 | Manage method, device and equipment, the storage medium of network access process |
| CN114598519A (en) * | 2022-03-02 | 2022-06-07 | 深圳市吉祥腾达科技有限公司 | Method and system for supporting terminal to set black and white list without disconnection |
| CN114598519B (en) * | 2022-03-02 | 2024-04-12 | 深圳市和为顺网络技术有限公司 | Method and system for supporting terminal to set black-and-white list without disconnection |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101383746A (en) | Access control method and system for wireless network | |
| JP6444405B2 (en) | Software update method, system and device | |
| US9350611B2 (en) | Apparatus and method for locating a target operation object | |
| CN101577901B (en) | Wireless access platform and equipment upgrading management system and method thereof | |
| KR100979201B1 (en) | Mobile terminals and Method for updating software thereof | |
| US20070208782A1 (en) | Updating of Data Processing and Communication Devices | |
| CN105049502B (en) | The method and apparatus that device software updates in a kind of cloud network management system | |
| CN101442566A (en) | Method and apparatus for implementing dynamic domain name update | |
| CN104937895A (en) | Method and apparatus for controlling access in wireless communication system | |
| CN108512747A (en) | The plug-in management method and home gateway of home gateway, communication system | |
| CN105528205A (en) | Update control method and update control system | |
| CN106060797A (en) | SIM card-based information synchronization method, device, server and system | |
| CN111367542A (en) | Household appliance and household appliance firmware upgrading method | |
| CN106558126B (en) | A kind of gate inhibition's key code management method and system | |
| WO2015180251A1 (en) | Wake-on-lan method, server, and client | |
| CN106961677A (en) | A kind of management method and server, terminal | |
| CN104793998B (en) | Terminal system resource management method and device | |
| WO2011076045A1 (en) | Method and system for realizing configuration of handheld device operating system | |
| WO2010012157A1 (en) | Device description framework information reporting and updating method, device and system | |
| CN104125622B (en) | A kind of collocation method, equipment and system for accessing standard | |
| WO2010075738A1 (en) | Method and system for managing multi-mode network element, and multi-mode network element | |
| CN101136925A (en) | Processing method for maintaining data consistency using dynamic service active information | |
| US8326933B2 (en) | Appearance package management method, system and device | |
| WO2016201734A1 (en) | Operation control method and system for application program, and terminal | |
| US9917837B1 (en) | Determining trusted sources from which to download content to a mobile device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Open date: 20090311 |