CN101662771B - Method for realizing automatic certification of wireless access short message and system thereof - Google Patents

Method for realizing automatic certification of wireless access short message and system thereof Download PDF

Info

Publication number
CN101662771B
CN101662771B CN2009101804377A CN200910180437A CN101662771B CN 101662771 B CN101662771 B CN 101662771B CN 2009101804377 A CN2009101804377 A CN 2009101804377A CN 200910180437 A CN200910180437 A CN 200910180437A CN 101662771 B CN101662771 B CN 101662771B
Authority
CN
China
Prior art keywords
authentication information
wireless broadband
broadband client
network side
short message
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN2009101804377A
Other languages
Chinese (zh)
Other versions
CN101662771A (en
Inventor
张力军
郭宁
赵凌云
薛泾
李鑫
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Telecom Corp Ltd
Original Assignee
China Telecom Corp Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Telecom Corp Ltd filed Critical China Telecom Corp Ltd
Priority to CN2009101804377A priority Critical patent/CN101662771B/en
Publication of CN101662771A publication Critical patent/CN101662771A/en
Application granted granted Critical
Publication of CN101662771B publication Critical patent/CN101662771B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/065Continuous authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • H04W12/084Access security using delegated authorisation, e.g. open authorisation [OAuth] protocol
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W84/00Network topologies
    • H04W84/02Hierarchically pre-organised networks, e.g. paging networks, cellular networks, WLAN [Wireless Local Area Network] or WLL [Wireless Local Loop]
    • H04W84/10Small scale networks; Flat hierarchical networks
    • H04W84/12WLAN [Wireless Local Area Networks]

Abstract

The invention discloses a method for realizing the automatic certification of a wireless access short message and a system thereof. The method comprises the steps: when firstly connecting with a wireless broadband (WiFi) after installing an user identification module (UIM), a wireless wideband user terminal backstage transmits a request certification short message with the international mobile subscriber identity (IMSI) of an UIM card to a network side; the network side returns the certification information of the WiFi to the wireless wideband user terminal by means of the short message, and the wireless wideband user terminal receives the certification information and memorizes the certification information at local; and when starting a wireless connection request, the wireless wideband user terminal directly extracts the certification information from the local and transmits to the network side to be certificated. The invention can automatically complete the certification of the wireless access without user manual intervention, thereby reducing the operation of the user and providing the convenience for the wireless wideband user.

Description

The implementation method of wireless access short message automated validation and system
Technical field
The present invention relates to WiMAX (WiFi) applied technical field, be meant a kind of implementation method and system of wireless access short message automated validation especially.
Background technology
Along with popularizing of wireless broadband network, various users of enterprise group and personal user provide the demand of information application service more and more higher to various wireless modes.It is fast that wireless mode has speed, easy to use, disposes simply characteristics such as shared bandwidth.
Present client WiFi network access needs the user to import username and password to authenticate, and can not realize that automatic recognition user information finishes authentication, uses to the user and has brought very big inconvenience.
Summary of the invention
In view of this, the objective of the invention is to propose a kind of implementation method and system of wireless access short message automated validation, can make the user need not manual input authentication information and finish the automation of authentication.
Implementation method based on above-mentioned purpose a kind of wireless access short message automated validation provided by the invention comprises:
Wireless broadband client is being installed subscriber identification module (UIM) card back when connecting WiMAX (WiFi) for the first time, and wireless broadband client sends the requests verification note of the international mobile subscriber identity (IMSI) number that carries the UIM card to network side on the backstage;
Network side returns the authentication information of WiFi with short message mode to described wireless broadband client, and described wireless broadband client receives described authentication information and is kept at this locality;
When described wireless broadband client is initiated the wireless connections request, directly extract described authentication information and send to network side and authenticate from this locality.
Optionally, the described wireless broadband client of this method verifies that with described request note sends to the automated validation Service Gateway of network side, and the automated validation Service Gateway obtains corresponding user account number by IMSI number inquiry, and user account number is passed to authentication center; Authentication center's inquiring user account number obtains corresponding authentication information, returns to the automated validation Service Gateway; The automated validation Service Gateway sends to wireless broadband client according to user account number with described authentication information.
Optionally, there is cryptographic validity with short message mode in the described network side of this method to the authentication information that described wireless broadband client returns, and when exceeding cryptographic validity, described authentication information ceases to be in force automatically; Described wireless broadband client sends IMSI number the requests verification note that carries the UIM card to network side after judging that authentication information ceases to be in force automatically again.
Optionally, the described wireless broadband client of this method initiates also to comprise before the wireless connections request: wireless broadband client detects current data card and the UIM card of whether inserting, if, then according to the local authentication information of IMSI correspondence of whether having stored of IMSI number judgement of current insertion UIM card, if store, then extract and this IMSI number corresponding authentication information from this locality, sending to network side authenticates, if the step that sends IMSI number the requests verification note that carries the UIM card on the backstage to network side is then carried out in not storage.
Optionally, store many groups authentication information of corresponding different IMS I number respectively in the described same wireless broadband client of this method.
Optionally, the described wireless broadband client of this method sends described request checking note in the mode of mourning in silence; Described wireless broadband client receives described authentication information and is kept at this locality in the mode of mourning in silence.
Optionally, the described authentication information of this method comprises: the user account number of WiFi and password; Described wireless broadband client is preserved with IMSI number authentication information after receiving described authentication information in this locality.
Optionally, the described wireless broadband client of this method is kept at this locality after the information that comprises described authentication information and IMSI number that receives is encrypted.
Optionally, when this method had been revised described password as the user by other approach, wireless broadband client used the authentication information of local storage to authenticate network side authentication password mistake, return the prompting of a password mistake, wireless broadband client is initiated the step of requests verification note again.
Aspect the opposing party, the present invention also provides a kind of realization system of the wireless access short message automated validation based on said method, comprising:
Wireless broadband client when being used for connecting WiMAX WiFi for the first time after subscriber identification module UIM card has been installed, sends international mobile subscriber identity IMSI number the requests verification note that carries the UIM card on the backstage to network side; And the described authentication information that will receive and be kept at this locality; When described wireless broadband client is initiated the wireless connections request, directly extract described authentication information and send to network side and authenticate from this locality;
The automated validation Service Gateway is used to receive after described request is verified note obtain corresponding user account number by IMSI number inquiry, and user account number is passed to authentication center; After receiving the authentication information that authentication center returns, described authentication information is sent to wireless broadband client with short message mode according to user account number;
Authentication center is used for the inquiring user account number and obtains corresponding authentication information, returns to the automated validation Service Gateway.
From above as can be seen, the implementation method of wireless access short message automated validation provided by the invention and system, when the data card that has subscriber identification module (UIM) card inserts WiFi for the first time, utilize authentication informations such as number of the account that up note request WiFi inserts and password, preserve at client terminal local by downlink short message acquisition number of the account and password, automatically send to authentication center and finish authentication, do not need user's manual intervention, thereby reduced user's operation, for WiMAX user's use is provided convenience.
Description of drawings
Fig. 1 is the schematic flow sheet of embodiment of the invention automatic authentication method;
Fig. 2 is the structural representation that embodiment of the invention wireless access short message automated validation is realized system.
Embodiment
For making the purpose, technical solutions and advantages of the present invention clearer, below in conjunction with specific embodiment, and with reference to accompanying drawing, the present invention is described in more detail.
For solving described problem, the implementation method of wireless access short message automated validation provided by the invention, mainly comprise: when wireless broadband client for the first time connected WiFi after the UIM card has been installed, wireless broadband client sent the requests verification note of the international mobile subscriber identity (IMSI) number that carries the UIM card to network side on the backstage; Network side returns the authentication information of WiFi with short message mode to described wireless broadband client, and described wireless broadband client receives described authentication information and is kept at this locality; When described wireless broadband client is initiated the wireless connections request, directly extract described authentication information and send to network side and authenticate from this locality.Wherein, described authentication information comprises at least: the user account number of WiFi and password.
Referring to shown in Figure 1, the automated validation realization flow of one embodiment of the invention may further comprise the steps:
Step 101, after wireless broadband client inserts and has the data card of UIM card, when connecting WiMAX (WiFi) for the first time, the note that this client can send a requests verification in the mode of mourning in silence on the backstage is to the automated validation Service Gateway, and short message content comprises IMSI number of UIM card.
In this step, wireless broadband client is after detecting the data card insertion that has the UIM card, automatically judge the local authentication information of this UIM card correspondence of whether having preserved, if preserve, then judge it is not for the first time, if do not preserve, then judge it is for the first time, carry out the step of the note of described transmission requests verification.
Step 102, described request checking note is forwarded to the automated validation Service Gateway through the whole network Short Message Service Gateway, and this automated validation Service Gateway obtains corresponding user account number by the IMSI in the described note number inquiry, and this user account number is passed to national roaming authentication center.
Wherein, user account number for example is a WiFi subscriber phone number etc.
Step 103, authentication center's inquiring user account number obtain corresponding authentication information, return to the automated validation Service Gateway.
This authentication information comprises: user account number and password, and can also comprise relevant authentication informations such as information of home location.Wherein, information of home location for example belongs to province etc.
Step 104, the automated validation Service Gateway obtains user ascription area according to user account number, and authentication information sends to client with the form of note by the whole network Short Message Service Gateway together.
The term of validity of password in the authentication information can also be set by the automated validation Service Gateway in this step, this cryptographic validity is sent to client with authentication information with the form of note.
After step 105, wireless broadband client received described note in the mode of mourning in silence, content stores such as the authentication information that comprises in note on the backstage, IMSI number and cryptographic validity was in this locality.
In this step, preferred wireless broadband client can will be stored in this locality behind the described content-encrypt that comprise in the note.
As an embodiment, wireless broadband client can be stored information such as IMSI number of many UIM cards, authentication information, cryptographic validity.During the wireless broadband client start, at first can detect the current data card that has the UIM card that whether inserted, then judge the local authentication information of IMSI correspondence of whether having stored as plug-in card according to IMSI number of current insertion UIM card, if store, then extract and this IMSI number corresponding authentication information from this locality, send to network side and authenticate, if the described step 101 of note automated validation flow performing is then initiated in not storage again.
In addition, if comprised cryptographic validity in the local information of preserving, then wireless broadband client also can further judge whether to have exceeded cryptographic validity in this step, and when exceeding cryptographic validity, described authentication information ceases to be in force automatically; Described wireless broadband client is initiated the described step 101 of note automated validation flow performing after judging that authentication information ceases to be in force automatically again.
User authentication information is directly extracted in the WiMAX authentication that step 106, wireless broadband client are carried out later on from this locality, authentication information is sent to insert province authentication center (economizing AAA) authentication; If nonlocal roamer inserts province authentication center request is transmitted to national roaming authentication center, national roaming center is transmitted to request ownership province authentication center again and authenticates.
In addition, in order to increase flexibility, under following situation, when initiating the WiMAX connection request, can use the mode of traditional manual input account number cipher to authenticate:
When the user does not carry data card or UIM card;
When the user has carried data card and UIM card, the whole network Short Message Service Gateway goes wrong when causing normally carrying out the upstream and downstream note.
In addition, when the user has revised password by other approach, after the number of the account and password submission authentication of wireless broadband client with this locality storage, authentication center's authentification failure of ownership, network side can return the prompting of a password mistake, and the note verification process that this moment, wireless broadband client can be initiated step 101 again regains authentication informations such as new number of the account and password.
Described wireless broadband client can be portable terminals such as mobile phone, also can be other-end equipment such as computer.
In addition, based on said method, the present invention also provides a kind of realization system of wireless access short message automated validation, referring to shown in Figure 2, comprising:
Wireless broadband client when being used for connecting WiMAX WiFi for the first time after subscriber identification module UIM card has been installed, sends international mobile subscriber identity IMSI number the requests verification note that carries the UIM card on the backstage to network side; And the described authentication information that will receive and be kept at this locality; When described wireless broadband client is initiated the wireless connections request, directly extract described authentication information and send to network side and authenticate from this locality;
Be positioned at the automated validation Service Gateway of network side, be used to receive after described request is verified note obtain corresponding user account number, user account number is passed to authentication center by IMSI number inquiry; After receiving the authentication information that authentication center returns, described authentication information is sent to wireless broadband client with short message mode according to user account number; And
Authentication center is used for the inquiring user account number and obtains corresponding authentication information, returns to the automated validation Service Gateway.This authentication center generally can be the province authentication center of UIM card ownership place.
Above-described specific embodiment is specific embodiments of the invention only, is not limited to the present invention, and is within the spirit and principles in the present invention all, any modification of being made, is equal to replacement, improvement etc., all should be included within protection scope of the present invention.

Claims (9)

1. the implementation method of a wireless access short message automated validation is characterized in that, comprising:
When wireless broadband client connected WiMAX WiFi for the first time after subscriber identification module UIM card has been installed, wireless broadband client sent international mobile subscriber identity IMSI number the requests verification note that carries the UIM card on the backstage to network side;
The automated validation Service Gateway of network side obtains corresponding user account number by IMSI number inquiry after receiving described request checking note, and user account number is passed to authentication center;
Authentication center's inquiring user account number obtains corresponding authentication information, returns to the automated validation Service Gateway;
The automated validation Service Gateway is according to user account number, returns the authentication information of WiFi with short message mode to described wireless broadband client, and described wireless broadband client receives described authentication information and is kept at this locality;
When described wireless broadband client is initiated the wireless connections request, directly extract described authentication information and send to network side and authenticate from this locality.
2. method according to claim 1 is characterized in that there is cryptographic validity with short message mode in described network side to the authentication information that described wireless broadband client returns, and when exceeding cryptographic validity, described authentication information ceases to be in force automatically; Described wireless broadband client sends IMSI number the requests verification note that carries the UIM card to network side after judging that authentication information ceases to be in force automatically again.
3. method according to claim 1, it is characterized in that, described wireless broadband client initiates also to comprise before the wireless connections request: wireless broadband client detects current data card and the UIM card of whether inserting, if, then according to the local authentication information of IMSI correspondence of whether having stored of IMSI number judgement of current insertion UIM card, if store, then extract and this IMSI number corresponding authentication information from this locality, sending to network side authenticates, if the step that sends IMSI number the requests verification note that carries the UIM card on the backstage to network side is then carried out in not storage.
4. method according to claim 3 is characterized in that, stores many groups authentication information of corresponding different IMS I number respectively in the described same wireless broadband client.
5. method according to claim 1 is characterized in that, described wireless broadband client sends described request checking note in the mode of mourning in silence; Described wireless broadband client receives described authentication information and is kept at this locality in the mode of mourning in silence.
6. according to any described method of claim 1-5, it is characterized in that described authentication information comprises: the user account number of WiFi and password; Described wireless broadband client is preserved with IMSI number authentication information after receiving described authentication information in this locality.
7. method according to claim 6 is characterized in that, described wireless broadband client is kept at this locality after the information that comprises described authentication information and IMSI number that receives is encrypted.
8. method according to claim 6, it is characterized in that, when the user has revised described password by other approach, wireless broadband client uses the authentication information of local storage to authenticate, network side authentication password mistake, return the prompting of a password mistake, wireless broadband client is initiated the step of requests verification note again.
9. the realization system based on the wireless access short message automated validation of any described method of claim 1-8 is characterized in that, comprising:
Wireless broadband client when being used for connecting WiMAX WiFi for the first time after subscriber identification module UIM card has been installed, sends international mobile subscriber identity IMSI number the requests verification note that carries the UIM card on the backstage to network side; And the described authentication information that will receive and be kept at this locality; When described wireless broadband client is initiated the wireless connections request, directly extract described authentication information and send to network side and authenticate from this locality;
The automated validation Service Gateway is used to receive after described request is verified note obtain corresponding user account number by IMSI number inquiry, and user account number is passed to authentication center; After receiving the authentication information that authentication center returns, described authentication information is sent to wireless broadband client with short message mode according to user account number;
Authentication center is used for the inquiring user account number and obtains corresponding authentication information, returns to the automated validation Service Gateway.
CN2009101804377A 2009-10-14 2009-10-14 Method for realizing automatic certification of wireless access short message and system thereof Active CN101662771B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN2009101804377A CN101662771B (en) 2009-10-14 2009-10-14 Method for realizing automatic certification of wireless access short message and system thereof

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN2009101804377A CN101662771B (en) 2009-10-14 2009-10-14 Method for realizing automatic certification of wireless access short message and system thereof

Publications (2)

Publication Number Publication Date
CN101662771A CN101662771A (en) 2010-03-03
CN101662771B true CN101662771B (en) 2011-12-21

Family

ID=41790462

Family Applications (1)

Application Number Title Priority Date Filing Date
CN2009101804377A Active CN101662771B (en) 2009-10-14 2009-10-14 Method for realizing automatic certification of wireless access short message and system thereof

Country Status (1)

Country Link
CN (1) CN101662771B (en)

Families Citing this family (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102378175A (en) 2011-10-08 2012-03-14 华为终端有限公司 Wireless local area network (WLAN) authentication method and mobile terminal
CN103249040B (en) * 2012-02-08 2017-04-26 华为终端有限公司 Method and device for wireless access authentication
CN103369526A (en) * 2012-03-31 2013-10-23 华为终端有限公司 Key information processing method and device
CN102638797B (en) * 2012-04-24 2016-08-03 华为技术有限公司 Access the method for wireless network, terminal, access network node and authentication server
CN103686706A (en) * 2012-09-14 2014-03-26 中兴通讯股份有限公司 User network information processing method and data card
CN103118327A (en) * 2013-01-25 2013-05-22 无锡万事通科技有限公司 WiFi-based (wireless fidelity-based) information transmission system and WiFi-based information transmission method
CN103607372B (en) * 2013-08-19 2016-12-28 深信服网络科技(深圳)有限公司 The authentication method of network insertion and device
US9693296B2 (en) 2014-07-17 2017-06-27 Xiaomi Inc. Network connection method and apparatus
CN105282821A (en) * 2014-07-21 2016-01-27 中兴通讯股份有限公司 Terminal and method for connecting the terminal with wireless fidelity WiFi access point
CN105357242B (en) * 2014-08-22 2019-02-22 中国电信股份有限公司 Access the method and system of WLAN, short message pushes platform, gate system
CN104507089A (en) * 2014-11-20 2015-04-08 重庆蓝岸通讯技术有限公司 Wireless network automatic access control method
CN106559228A (en) * 2015-09-25 2017-04-05 中兴通讯股份有限公司 A kind of terminal use's puts dress method and device
CN107396319B (en) * 2017-09-01 2019-09-20 深圳回收宝科技有限公司 A kind of method of wireless network authentication, equipment, storage medium and terminal reclaimer
CN107484155B (en) * 2017-09-30 2021-09-14 联想(北京)有限公司 Network access method, electronic equipment and mobile terminal
CN107889194B (en) * 2017-11-06 2018-05-25 上海连尚网络科技有限公司 Obtain, provide method, equipment and the medium of wireless access point access information

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101160782A (en) * 2005-12-13 2008-04-09 华为技术有限公司 Method, system and equipment for protecting application account of network service
EP1919157A1 (en) * 2006-11-06 2008-05-07 Axalto SA Authentication based on a single message
CN101369893A (en) * 2008-10-06 2009-02-18 中国移动通信集团设计院有限公司 Method for local area network access authentication of casual user

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101160782A (en) * 2005-12-13 2008-04-09 华为技术有限公司 Method, system and equipment for protecting application account of network service
EP1919157A1 (en) * 2006-11-06 2008-05-07 Axalto SA Authentication based on a single message
CN101369893A (en) * 2008-10-06 2009-02-18 中国移动通信集团设计院有限公司 Method for local area network access authentication of casual user

Also Published As

Publication number Publication date
CN101662771A (en) 2010-03-03

Similar Documents

Publication Publication Date Title
CN101662771B (en) Method for realizing automatic certification of wireless access short message and system thereof
CN102843682B (en) Access point authorizing method, device and system
EP3223549B1 (en) Wireless network access method and access apparatus, client and storage medium
EP2651097B1 (en) Method of authenticating a user at a service on a service server, application and system
WO2016082483A1 (en) Pseudo base station discrimination method and apparatus
CN106559783B (en) Authentication method, device and system for WIFI network
CN104008325A (en) Mobile phone Wi-Fi network-connecting real name identity authentication platform and method based on two-dimension codes
US20130109351A1 (en) Authentication system, authentication method and authentication server
CN102421098A (en) User authentication method, device and system
CN103905194A (en) Identity traceability authentication method and system
CN101711022A (en) Wireless local area network (WLAN) access terminal, WLAN authentication server and WLAN authentication method
CN107113613A (en) Server, mobile terminal, real-name network authentication system and method
CN103874065A (en) Method and device for judging user position abnormity
CN101795196A (en) Authentication method and authentication system for logging in to online banks
CN101917408A (en) Mobile phone two-dimensional code electronic receipt method based on C/S framework
CN106936802A (en) Mobile phone A PP information protecting methods and mobile phone A PP clients, system
CN102892091A (en) Scheme for acquiring own mobile phone number
CN101282259B (en) System, application and method for IP network access authentication based on personal identification module IM
CN107659935A (en) A kind of authentication method, certificate server, network management system and Verification System
CN101600169A (en) A kind of authentication method and device to the access mail server apparatus
CN106954213A (en) A kind of system of real name wireless authentication cut-in method and system
CN103166755B (en) A kind of method and system issuing mobile subscriber identifier digital certificate
CN206993151U (en) Network signal security authentication systems
CN102547698B (en) Authentication system, method and intermediate authentication platform
CN102215227A (en) Method and system for authenticating electronic commerce identity of mobile communication network

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant