CN102137395B - Method, device and system for configuring access device - Google Patents

Method, device and system for configuring access device Download PDF

Info

Publication number
CN102137395B
CN102137395B CN201010279931.1A CN201010279931A CN102137395B CN 102137395 B CN102137395 B CN 102137395B CN 201010279931 A CN201010279931 A CN 201010279931A CN 102137395 B CN102137395 B CN 102137395B
Authority
CN
China
Prior art keywords
access device
terminal equipment
master key
type
identification information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201010279931.1A
Other languages
Chinese (zh)
Other versions
CN102137395A (en
Inventor
欧阳伟龙
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Priority to CN201010279931.1A priority Critical patent/CN102137395B/en
Priority to PCT/CN2011/075351 priority patent/WO2011144174A1/en
Publication of CN102137395A publication Critical patent/CN102137395A/en
Application granted granted Critical
Publication of CN102137395B publication Critical patent/CN102137395B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W24/00Supervisory, monitoring or testing arrangements
    • H04W24/04Arrangements for maintaining operational condition

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention discloses a method, device and system for configuring an access device. The method comprises the steps of: obtaining a type and a master key of the access device, sending the type of the access device to a terminal device, and receiving a response message of the terminal device, wherein the response message carries identifier information appointed by the terminal device for the access device according to the type of the access device; and configuring the access device according to the master key and the identifier information of the access device. The technical scheme disclosed by the invention realizes that the access device is uniformly and automatically configured by a gateway device and then the terminal device can access the access device according to the master key of the access device. The technical scheme ensures that a user does not need to remember the master key of each access device and manually configure the access device before the terminal device accesses each access device, and therefore, the requirement on the user is lowered and the load of the user is reduced.

Description

Method, the Apparatus and system of configuration access device
Technical field
The present invention relates to communication technical field, be specifically related to collocation method, the Apparatus and system of access device.
Background technology
How flourish along with Network, better utilize the resource of existing network, safety, at a high speed, access network is paid close attention to widely easily and efficiently.In the prior art, conventional network is wired broadband network, comprises community local area network (LAN) (LAN, Local Area Network) and ADSL (Asymmetric Digital Subscriber Line) (ADSL, Asymmetric Digital Subscriber Loop).Experience for improving network performance and user, the network of other type has also all obtained developing rapidly as wireless network, power line communication, coaxial communication etc.
The basic configuration of generally setting up wireless network is to utilize wireless network card and wireless access node (AP, Access Point), adopts wireless pattern, coordinates existing cable network framework to carry out network resource sharing.AP is called again bridger, plays the part of the role of wireless stations and wired local area network bridge in medium access control layer (MAC, MediaAccess Control), is similar to the hub (HUB) in wired local area network.Conventionally wireless network sets up in the following ways: first wired broadband network (ADSL, community LAN) operator installs gateway device by the family user and realizes broadband to family, secondly connect an AP (or gateway is integrated with AP function) at gateway, then in the terminal equipments such as user's computer, a wired network adapter is installed, AP is configured to rear terminal equipment can be connected AP and then be connected in the wired broadband network of operator by wireless network.Because the mobility of wireless network is good, and set up expense and complexity well below traditional cable network, thereby start to adopt in a large number wireless local area network technology (WiFi, Wireless Fidelity) as access means at application scenarioss such as home network, enterprise network and focus coverings.In recent years, WiFi technology obtains universal development progressively becomes mainstream technology, and the multiple terminal equipment such as smart mobile phone, portable machine, printer also all start integrated WiFi technology.
Adopt (the ITU of International Telecommunication Union, International Telecommunication Union) the power line communication and coaxially communicate by letter of family wired network standard (G.hn) wait cable communicating technology (ITU G.hn) set up employing and the similar network configuration of WLAN, its basic configuration is to utilize network adapter and network coordinator (or network supervisor reason equipment).Similar with AP, network coordinator (or network supervisor reason equipment) is played the part of the role of network bridge.Conventionally power line communication is set up in the following ways with coaxial communication: first wired broadband network operator installs gateway device by the family user and realizes broadband to family, secondly at gateway interconnection network telegon (or network supervisor reason equipment), then connect the network adapter (or network interface card) of a power line or coaxial communication at terminal equipments such as user's computers, network coordinator (or network supervisor reason equipment) is configured to rear terminal equipment can and then be connected in the wired broadband network of operator by power line communication and coaxial communication network interconnection network telegon (or network supervisor reason equipment).
Along with becoming increasingly abundant of Network, user by network do shopping, transfer accounts, the increase of the behavior such as auction, people are more and more higher to the safety requirements of network.WiFi alliance, ITU etc. organize and not only in the technology such as WiFi, G.hn, have added security mechanism, and change security mechanism updating.In prior art, the general principles of this security mechanism is as follows: the pre-configured master key of terminal equipment and access device, by believable security key exchange agreement, derive temporary key according to the master key of communicating pair, in communication, by temporary key, communication data is encrypted.
In actual communication, subscriber terminal equipment is being linked into AP, network coordinator or main management equipment (being referred to as below access device) before, and user must know network identity and the access pin (key) thereof of access device.Taking WiFi as example, user must know the service set (SSID, Service Set Identifier) of WLAN to be accessed and the password (master key) of affiliated cipher mode thereof, could access in AP.And terminal equipment will be linked into different access devices, just need different keys.
Before user's terminal equipment will be linked into certain access device, user must be to carrying out certain configuration to access device, input identification information and the access pin (being master key) thereof of this access device, obtain after the license of access device, its terminal equipment could access this access device.Conventionally, in user's home network, may be equipped with many access devices, user just must know and remember network identity and the master key thereof of all access devices so, respectively every access device is carried out to certain configuration.The above-mentioned certain technology general knowledge of process need of access device being carried out to certain configuration, may need operator (or distributors) to visit and solve or instruct by phone; And the more energy and time of process need consumption user that respectively each access device is carried out certain configuration, in this process, user must know network identity and the master key of all access devices.
Summary of the invention
The embodiment of the present invention provides a kind of method, Apparatus and system that configures access device.
A method that configures access device, comprising:
Obtain type and the master key of access device;
The type of access device is sent to terminal equipment;
The response message of receiving terminal apparatus, this response message carried terminal equipment is the identification information that access device is specified according to the type of access device;
According to the master key of access device and identification information, access device is configured.
A kind of gateway device, comprising:
Acquiring unit, for obtaining type and the master key of access device;
Transmitting element, for sending to terminal equipment by the type of access device;
Receiving element, for the response message of receiving terminal apparatus, this response message carried terminal equipment is the identification information that access device is specified according to the type of access device;
Dispensing unit, for being configured access device according to the master key of access device and identification information.
A kind of terminal equipment, comprising:
Receiving element, the type of access device sending for receiving gateway device;
Designating unit, for being access device designated identification information according to the type of access device;
Transmitting element, for sending response message to gateway device, this response message carries the identification information of specifying into access device.
A kind of communication system, comprises gateway device, terminal equipment and access device, and gateway device is connected with access device with terminal equipment respectively;
Gateway device, for obtaining type and the master key of access device, the type of access device is sent to terminal equipment, the response message of receiving terminal apparatus, this response message carried terminal equipment is the identification information that access device is specified according to the type of access device, according to the master key of access device and identification information, access device is configured;
Terminal equipment, the type of access device sending for receiving gateway device, is access device designated identification information according to the type of access device, sends response message to gateway device, this response message carries the identification information of specifying into access device.
In the technical scheme that the embodiment of the present invention adopts, gateway device obtains type and the master key of access device, it is the identification information that access device is specified that the type of access device is sent to terminal equipment receiving terminal apparatus, then according to the master key of access device and identification information, access device is configured.This technical scheme has realized that unification configures automatically to access device by gateway device, make user need to before terminal equipment is accessed to every access device, not carry out manual configuration to this access device, thereby reduce the requirement to user, alleviated user's burden.
Brief description of the drawings
Fig. 1 is the basic procedure schematic diagram of the method for the configuration access device of the embodiment of the present invention one;
Fig. 2 is the basic procedure schematic diagram of the method for the configuration access device of the embodiment of the present invention two;
Fig. 3 is the basic procedure schematic diagram of the method for the configuration access device of the embodiment of the present invention three;
Fig. 4 is the basic procedure schematic diagram of the method for the configuration access device of the embodiment of the present invention four;
Fig. 5 is the basic procedure schematic diagram of the method for the configuration access device of the embodiment of the present invention five;
Fig. 6 is the basic procedure schematic diagram of the method for the configuration access device of the embodiment of the present invention six;
Fig. 7 is the schematic network structure of the method for the configuration access device of the embodiment of the present invention three;
Fig. 8 is the schematic network structure of the method for the configuration access device of the embodiment of the present invention four;
Fig. 9 is the schematic network structure of the method for the configuration access device of the embodiment of the present invention five;
Figure 10 is the schematic network structure of the method for the configuration access device of the embodiment of the present invention six;
Figure 11 is the logical construction schematic diagram of the gateway device of the embodiment of the present invention seven;
Figure 12 is the logical construction schematic diagram of the terminal equipment of the embodiment of the present invention eight;
Figure 13 is the logical construction schematic diagram of the communication system of the embodiment of the present invention nine.
Embodiment
The embodiment of the present invention provides a kind of method that configures access device, comprise: the type and the master key that obtain access device, the type of access device is sent to terminal equipment, the response message of receiving terminal apparatus, this response message carried terminal equipment is the identification information that access device is specified according to the type of access device, according to the master key of access device and identification information, access device is configured.The embodiment of the present invention also provides corresponding device and system, comprises gateway device and terminal equipment and communication system.Below be elaborated respectively.
Embodiment mono-,
A method for gateway device configuration access device, please refer to Fig. 1, mainly comprises the following steps:
101, gateway device obtains type and the master key of access device.
Gateway device sends topology detecting message to access device, access device is responded first information message after receiving this topology detecting message, report the type of access device and empty configuration information to gateway device, gateway device sends authentication request to access device after receiving this sky configuration information, after certification is passed through, access device is responded the second infomational message, reports the master key of access device to gateway device.The mode of certification can be certificate (CA, Certificate Authority) certification.In order to improve fail safe, the key that access device can certificate of utility sends to gateway device after the master key of access device is encrypted again.
102, the type of access device is sent to terminal equipment by gateway device.
Gateway device can be by Ethernet or other escape way of having set up, and for example safety shell protocol (SSH, Secure Shell) passage is connected to terminal equipment, reports the device type of access device to terminal equipment.
103, the response message of receiving terminal apparatus, this response message carried terminal equipment is the identification information that access device is specified according to the type of access device.
For the identification information of access device appointment, it can be the identification information that terminal equipment is specified automatically according to the type of access device, also can be that terminal equipment shows the type of access device, be confirmed whether access the identification information according to the type input of access device by user.In the time that access device is AP, this identification information is the service set information (SSID) of network to be accessed; In the time that access device is network coordinator or main management equipment, this identification information is the device id information of this network coordinator or main management equipment.
104, according to the master key of access device and identification information, access device is configured.
Access device is carried out after corresponding configuration, and terminal equipment can utilize the master key of access device to access this access device.
In the embodiment of the present invention, access device can be AP, network coordinator, main management equipment, router, digital subscriber line access multiplex (DSLAM, Digital Subscriber Line AccessMultiplexer), multiplexer unit (MXU, MultipleXer Unit), optical line terminal (OLT, opticalline terminal) etc., gateway device can be home gateway etc., and terminal equipment can be PC, mobile phone, Set Top Box etc.
The technical scheme of the embodiment of the present invention has realized the automatic configuration of gateway device to access device.After configuration completes, terminal equipment can pass through the master key access switch in device of access device; In whole layoutprocedure, user does not need to remember the master key of every access device, need to before terminal equipment is accessed to every access device, not carry out manual configuration to this access device yet.
Embodiment bis-,
A method for terminal equipment configuration access device, please refer to Fig. 2, mainly comprises the following steps:
201, terminal equipment receives the type of the access device of gateway device transmission.
Terminal equipment can be by Ethernet or other escape way of having set up, and for example safety shell protocol (SSH, Secure Shell) passage is connected with gateway device, receives the type of the access device of gateway device transmission.
202, be access device designated identification information according to the type of access device.
Can utilize pre-configured program by terminal equipment is the automatic designated identification information of access device according to the type of access device, can be also access device designated identification information according to the type of access device by user.During by user's designated identification information, comprise the following steps: terminal equipment shows the type of access device and the option that whether allows to be connected access device, be confirmed whether to access this access device by user, that input select signal is also inputted the information as identification information, terminal equipment receives selection signal and the information of user's input, and the information of user's input is assigned to access device as identification information.In the time that access device is AP, this identification information is the service set information (SSID) of wireless network to be accessed; In the time that access device is network coordinator or main management equipment, this identification information is the device id information of this network coordinator or main management equipment.
203, terminal equipment sends response message to gateway device, and this response message carries the identification information of specifying into access device.
Terminal equipment sends to gateway device by the identification information of specifying for access device by itself and the passage of gateway device foundation.
At gateway device, access device is carried out after corresponding configuration, terminal equipment can utilize the master key of access device to access this access device.
In a preferred version of the present embodiment:
In step 201, terminal equipment also receives the master key of the access device of gateway device transmission;
Also comprise step 204, according to the master key of access device and identification information, terminal equipment self be configured.
Adopt this preferred version, at gateway device, to after access device configuration, and terminal equipment is to after self configuration, and terminal equipment can access this access device automatically; In whole configuration access procedure, operate without user, solve user in prior art and need to remember that the identification information of every access device and master key are also every problem that access device is configured by hand, alleviated the requirement to user, reduced the burden to user.
In the embodiment of the present invention, access device can be AP, network coordinator, main management equipment, router, digital subscriber line access multiplex (DSLAM, Digital Subscriber Line AccessMultiplexer), multiplexer unit (MXU, MultipleXer Unit), optical line terminal (OLT, opticalline terminal) etc., gateway device can be home gateway etc., terminal equipment can be PC, mobile phone, Set Top Box etc., the network adapter being connected with terminal equipment comprises that power adapter etc. is considered as a part for terminal equipment.
In the technical scheme of the embodiment of the present invention, terminal equipment obtains the type of access device by gateway device, is access device designated identification information according to the type of access device, this identification information is sent to gateway device and by gateway device, access device is configured; Thereby realize the automatic configuration to access device.In preferred version, terminal equipment also utilizes the master key of access device and identification information to configure accordingly self, has configured rear terminal equipment and has got final product access switch in device; In whole layoutprocedure, user does not need to remember the master key of every access device, need to before terminal equipment is accessed to every access device, not carry out manual configuration to this access device yet.
Utilize the method for tri-to six pairs of embodiment of the present invention of embodiment to further expand explanation below:
Embodiment tri-,
The method of describing according to embodiment mono-and embodiment bis-, is described in more details the method for configuration access device in the present embodiment.Please refer to Fig. 3 and Fig. 7.
In the present embodiment, the method for configuration access device is applied in following application scenarios:
Bandwidth operator, for user provides broadband inserting service, has installed family gateway equipment, and the home network that user is set up is voluntarily connected in broadband network by gateway device.For convenient access and use network, user has bought access device AP and has prepared to set up wireless network.In the present embodiment, the terminal equipment that user uses is described as an example of PC example, can certainly be the terminal equipments such as Set Top Box; Access device describes as an example of AP example.Certainly, the present embodiment is also applicable to following situation, and when what user prepared to set up is power line network or coaxial line network, difference is now that access device is network coordinator or main management equipment.First according to the schematic network structure shown in Fig. 7, AP is connected to family gateway equipment, it should be noted that gateway device and terminal equipment computer have connected and composed existing home network, is then that AP is configured rear terminal equipment computer and can be linked in AP by wireless network to access device.In the present embodiment, as shown in Figure 3, details are as follows for the method for configuration access device:
301, gateway device regularly sends topology detecting message, the network equipment newly increasing in detecting network in network.It is by 802.1AB Link Layer Discovery Protocol (LLDP that this gateway device sends topology detecting message, Link Layer Discovery Protocol) or general plug-and-play protocol (UPnP, UniversalPlug and Play) carry out.
302, detect after message when AP receives the topology that gateway device sends, send first information message to gateway device, this first information message carries the parameter of AP, and this parameter comprises the information such as device type, device identification, mailing address and the empty configuration of AP.
303, gateway device receives the parameter of AP that AP sends, if receive when sky configuration information finds that the configuration of AP is empty, sends authentication request to AP, carries out two-way authentication:
3031, first, gateway device case AP sends the query message for obtaining concrete authentication mode;
3032, AP sends it back and answers query message to gateway device, reports the authentication mode of its support, as certificate (CA) certification;
3033, in this step, AP and gateway device exchange certificate mutually, and both sides are believable by certificate validation each other, and verification process completes, and both set up escape way.
304, after certification is passed through, AP sends its master key to gateway device.In order to improve fail safe, can take the mode of encrypting to send the master key of AP, the master key of the secret key encryption AP of for example certificate of utility.
305, gateway device receives after the master key of AP, is first decrypted, and then sets up and the mapping relations of the parameter of AP, is specially the mapping relations of mailing address, device identification and master key.Wherein, the mailing address of AP can be the media interviews address of AP.
306, gateway device and terminal equipment are set up escape way by certification, and details are as follows for this process:
3061, first, terminal equipment receives account and the password of user's input and sends to gateway device, by Ethernet or other escape way of having set up, for example safety shell protocol (SSH,
Secure Shell) passage is connected to gateway device;
3062, gateway device is verified this account and password, if account and password are correct, thinks that terminal equipment is credible, sets up escape way with terminal equipment.
307, the parameter that gateway device sends AP is to terminal equipment.This parameter comprises the type of AP, conventionally can also comprise device identification and the mailing address etc. of AP.
308, terminal equipment receives the parameter of the AP of gateway device transmission.
309, terminal equipment is this AP designated identification information according to the type of AP.Can be the automatic designated identification information of access device according to pre-configured program by terminal equipment, also can be by user by the artificial designated identification information of terminal equipment.In the time adopting artificial designated identification information, step is as follows:
3091, show the parameter information of AP and judge whether to access the option of this AP for user;
3092, receive the judgement signal of user's input, if be judged as YES, receive the identification information for AP appointment of user's input; This identification information is the SSID of wireless network to be accessed.
310, terminal equipment sends to gateway device the identification information (SSID) of specifying for AP.
311, gateway device is received as the identification information (SSID) that AP specifies, and configures accordingly for AP according to the master key of AP and identification information (SSID).
312, the master key that gateway device sends AP is to terminal equipment.This step can be before step 311, synchronously or afterwards carry out.Gateway device sends to terminal equipment after can encrypting the master key of AP again, for example, utilize user's account and password to be encrypted the master key of AP.
Above step 301 has been carried out comparatively detailed and complete explanation to the method for configuration access device to 312.Describe completing the process of access network afterwards that configures below:
313, terminal equipment receives after the master key of AP, first the master key of the AP encrypting is decrypted and stores (being recorded in this locality).Then display reminding option selects whether to access this AP for user.
If 314 users select to access this AP, terminal equipment is notified its network interface card for WiFi to start and is connected to the AP that SSID identifies, and utilizes the master key of AP and AP to consult temporary key, sets up safe interface channel with AP by wireless mode.
315,, after the successful connection of terminal equipment and AP, AP is notification gateway equipment connection broadband supplier's external broadband network.Wherein, after the successful connection of terminal equipment and AP, terminal equipment shows successful connection message; Gateway device connects after external broadband network success, and terminal equipment shows successful connection message equally.
Now, terminal equipment is connected to external broadband network by Ap and gateway device, and user can freely enjoy a trip to network.
The present embodiment configures AP as example is illustrated when setting up wireless network, it should be noted that the method for the present embodiment is equally applicable to the configuration to network coordinator or main management equipment in the time of erecting power lines network or coaxial line network.In addition, in the method for the present embodiment, all users of needs confirm or the step of input message can be undertaken automatically configuring and substituting by set in advance corresponding program in equipment.
Embodiment tetra-,
The method of describing according to embodiment tri-, is further described in detail the method for configuration access device in the present embodiment.Please refer to Fig. 4 and Fig. 8.
In the present embodiment, the method for configuration access device is applied in following application scenarios:
On the basis of embodiment tri-, suppose that the wireless network having set up can not accomplish effective covering, now, must access new AP and supplement, to expand the coverage of original wireless network.Therefore in the home network of the present embodiment, will comprise two AP, wherein one is to access AP home network and that configured before, another is the not yet AP of configuration at rear access home network, for avoiding producing ambiguity, hereinafter the AP having configured of access is before called to an AP, the not AP of configuration in rear access is called to the 2nd AP, and the 2nd AP and an AP use identical SSID.First, the 2nd AP is linked into gateway device, network configuration as shown in Figure 8.
The method of the present embodiment, as shown in Figure 4, most of step is identical with embodiment tri-, and difference is mainly step 311.In the present embodiment, with step 411 step of replacing 311.
411, gateway device is received as after the identification information (SSID) of the 2nd AP appointment, first check that whether this SSID is to there being two AP (i.e. an AP and the 2nd AP), if, be that the 2nd AP distributes an idle working channel (or new channel), to avoid overlapping with the working channel of an AP; Then according to the master key of the 2nd AP and identification information (SSID) for AP configures accordingly, the 2nd AP of configuration successful is operated on the working channel different from an AP.
The difference of the method for the present embodiment and embodiment tri-can also be step 314, in the present embodiment, and can be with step 414 step of replacing 314.
If 414 users select to access the 2nd AP, terminal equipment checks the broadcast frame that the 2nd AP sends, in the 2nd AP, find the master key of corresponding the 2nd AP according to the MAC Address in broadcast frame, then notify its network interface card for WiFi to start and be connected to the 2nd AP that SSID identifies, utilize master key and the 2nd AP of the 2nd AP to consult temporary key, set up escape way with AP by wireless mode.Wherein, the broadcast frame that the 2nd AP sends carries the basic configuration information of the represented wireless network of this SSID and the mailing address of the 2nd AP conventionally.
The difference of the method for the present embodiment and embodiment tri-can also be step 306, in the step 3061 of embodiment tri-, terminal equipment is by Ethernet or other escape way of having set up, for example safety shell protocol (SSH, Secure Shell) passage is connected to gateway device; In the present embodiment, terminal equipment can also be connected to gateway device by the wireless network having set up.
Embodiment five,
The method of describing according to embodiment tri-and embodiment tetra-, does further detailed explanation to the method for configuration access device in the present embodiment.Please refer to Fig. 5 and Fig. 9.
In the present embodiment, the method for configuration access device is applied in following application scenarios:
On the basis of embodiment tri-and four, suppose that the wireless network having set up still can not accomplish effective covering, but now user's home network comprises or supports power line network, the new AP (hereinafter referred to as the 3rd AP) of access user home network is integrated with the power line network adapter (power adapter) of supporting G.hn agreement, and gateway device is inherited the main management equipment of supporting G.hn agreement.So, can be that the 3rd AP selects suitable position, the 3rd AP is connected to gateway device by power line network, network configuration is as shown in Figure 9.
The method of the present embodiment, as shown in Figure 5, most of step identical with embodiment tri-and four (being specially step 305-310 identical with embodiment tri-, identical with embodiment bis-after step 310), difference is mainly step 301-304.In the present embodiment, with step 501-504 step of replacing 301-304.
501, be integrated in main management equipment in gateway device and regularly sent the topological broadcast of detecting message effect, with the network equipment newly increasing in Sampling network, in the time the network equipment newly increasing being detected, an open log-in window;
502, the 3rd AP active detecting that is integrated with power adapter is after log-in window, application adds, send infomational message to the gateway device that is integrated with main management equipment, this infomational message carries the parameter of the 3rd AP, this parameter comprises the supplier information such as device type and equipment Serial Number of the 3rd AP and integrated power adapter thereof, can also comprise the parameter informations such as device identification, mailing address and empty configuration.
503, gateway device connects the master key (gateway device can be set up escape way by the agreements such as TR069 and supplier's remote server) of supplier's remote server inquiry the 3rd equipment according to the supplier information of the 3rd AP, utilize the echo message of supplier's remote server, in the 3rd AP, find and obtain the master key of the 3rd AP according to the supplier information of the 3rd AP as equipment Serial Number.
504, gateway device utilizes the master key of the 3rd AP to initiate two-way authentication to the 3rd AP, and the X.1035 agreement that this certification can be specified by ITU is carried out, and process and the step 303 of certification are similar, repeat no more herein.Verification process completes, and gateway device and the 3rd AP set up escape way.
In the present embodiment, the 3rd AP for setting up wireless WiFi network and power line network, preferably uses identical master key corresponding to these two kinds of networks due to simultaneously.
The present embodiment, is illustrated as an example of power line network example, it should be noted that coaxial line network is suitable for the method that the present embodiment is described equally.
Embodiment six,
The method of describing according to embodiment mono-and embodiment bis-, is described in detail the method for configuration access device in the present embodiment.Please refer to Fig. 6 and Figure 10.
In the present embodiment, the method for configuration access device is applied in following application scenarios:
On the basis of embodiment mono-and two, user's home network is in continuous expansion process, its terminal equipment computer need to be linked in access device by power line network, and be built in family gateway equipment as the main management equipment of access device, this main management equipment is for managing power spider lines, but in terminal equipment computer due to not built-in for the power adapter that plays bridge joint effect of power line communication, at this moment just need in home network, access power adapter, and then relevant device is configured.Before the present embodiment method is implemented, first power adapter is accessed in home network, as shown in figure 10, one end of this power adapter is connected with computer by Ethernet network configuration, and the other end is by power line network be integrated in the main management equipment connection in family gateway equipment.
The basic technical scheme of the present embodiment method is as follows: power adapter, owing to not knowing the master key of main management equipment, cannot be set up escape way with main management equipment; But main management equipment can allow the infomational message being sent by power adapter for example, through power line network access location, designated destination, family gateway equipment; Then subscriber terminal equipment just can be accessed gateway device to obtain the master key of the main management equipment in gateway device that is integrated in by power adapter.Afterwards, terminal equipment just can utilize the master key configuration power adapter of main management equipment, and the power adapter having configured can be set up escape way with main management equipment.In the present embodiment, as shown in Figure 6, details are as follows for the method for configuration access device:
601, the main management equipment periodic for managing power spider lines being built in gateway device sends log-in window message to power line network.Meanwhile, terminal equipment is cycle transmission Topology Discovery message also, for detecting the network equipment of new access.
602, power adapter is received after log-in window message, sends logon message to the main management equipment in gateway device, and the parameter that this logon message carries power adapter comprises its device type and configuration information not.
603, main management equipment allows power adapter registration but does not start verification process, only authorizes the limited access of power adapter (for example, only allowing power adapter access gateway device), sets up occasional passage.
604, power adapter is received after the Topology Discovery message that terminal equipment sends, and sends infomational message to terminal equipment, and the parameter that this infomational message carries power adapter comprises its device type and the information such as configuration not.
605, terminal equipment is received after the infomational message of power adapter transmission, the certificate verification of startup and power adapter, and certification is set up escape way with power adapter after passing through.
606, the escape way that terminal equipment is set up by itself and power adapter and power adapter are connected to gateway device with the occasional passage of main management equipment foundation.This process comprises:
6061, terminal equipment receives account and the password of user's input and sends to gateway device;
6062, gateway device is verified this account and password, if account and password are correct, thinks that terminal equipment is credible, is based upon the trusted channel in application layer with terminal equipment.
607, the parameter of the parameter of power adapter and main management equipment is sent to terminal equipment by gateway device, and said parameter specifically can comprise device type, device identification, the information such as mailing address.
608, terminal equipment receives the parameter of power adapter and the parameter of main management equipment that gateway device sends, whether judgement is received from the parameter of the power adapter that gateway device sends and is received from the parameter of power adapter of power adapter transmission consistent, if consistent, carry out next step.
609, terminal equipment is power adapter designated identification information, and this identification information is specially device id.Can be the automatic designated identification information of access device according to pre-configured program by terminal equipment, also can be by user by the artificial designated identification information of terminal equipment.In the time adopting artificial designated identification information, step is as follows:
6091, show the parameter information of AP and judge whether to access the option of this power adapter for user;
6092, receive the judgement signal of user's input, if be judged as YES, receive the identification information for power adapter appointment of user's input; This identification information can be device id.
610, terminal equipment sends to gateway device the identification information of specifying for power adapter.
611, gateway device receives after this identification information, can carry out corresponding configuration to built-in main management equipment according to this identification information.
612, gateway device before the step that main management equipment is configured, the master key that synchronously or afterwards sends main management equipment is to terminal equipment.Gateway device sends to terminal equipment after can encrypting the master key of main management equipment, for example, utilize user's account and password to be encrypted the master key of main management equipment.
613, terminal equipment receives after the master key of main management equipment, if this master key is encrypted, is first decrypted, and is then stored in this locality.Then display reminding option selects whether to access this access device for user.
If 614 users select to access this access device, terminal equipment by it escape way with power adapter foundation, be that power adapter configures accordingly according to the master key of power adapter and equipment identification information.
615, after having configured, power adapter is initiated registration and verification process according to the master key of main management equipment and equipment identification information to main management equipment, in this verification process and embodiment tri-, the verification process (step 303) of gateway device and AP is basic identical, repeats no longer one by one herein.After authentication success, both set up escape way.
Power adapter, after escape way is successfully established, sends successful connection message and shows to terminal equipment and by terminal equipment; Gateway device, after escape way is successfully established, sends equally successful connection message terminal equipment and is shown by terminal equipment; Now, gateway device connects after broadband supplier's external broadband network, and terminal just can be connected to external broadband network by the gateway device of power adapter and built-in main management equipment successively, and user can freely enjoy a trip to network.
In the method for the present embodiment, all users of needs confirm or the step of input message can be undertaken automatically configuring and substituting by set in advance corresponding program in equipment.
Utilize seven to nine couples of embodiment to be elaborated for device and the system of the method for carrying out the embodiment of the present invention below:
Embodiment seven,
A kind of gateway device, please refer to Figure 11, mainly comprises acquiring unit 701, transmitting element 702, receiving element 703 and dispensing unit 704, further, can also comprise judging unit.
Acquiring unit 701, for obtaining type and the master key of access device.
Transmitting element 702, for sending to terminal equipment by the type of access device.
Receiving element 703, for the response message of receiving terminal apparatus, this response message carried terminal equipment is the identification information that access device is specified according to the type of access device.
Dispensing unit 704, for being configured access device according to the master key of access device and identification information.
Judging unit, for judging whether the existing configuration access device corresponding with identification information, if so, distributes an idle channel for not configuring access device, otherwise for not configuring channel of access device Random assignment.
Acquiring unit 701 may further include:
The first transmitting element, for sending topology detecting message to access device;
The first receiving element, the first information message of responding for receiving access device, first information message carries type and the empty configuration information of access device;
Authentication ' unit, for receiving after sky configuration information, sends authentication request to access device;
The second receiving element, for by after certification, receives the second infomational message that access device is responded, and the second infomational message carries the master key of access device.
This gateway device can obtain type and the master key of access device, the type of access device is sent to terminal equipment, receiving terminal equipment is the identification information that access device is specified, and according to the master key of access device and identification information, access device is configured.This gateway device configures automatically to access device, has configured rear terminal equipment and can pass through the master key access switch in device of access device; In whole layoutprocedure, user does not need to remember the master key of every access device, need to before terminal equipment is accessed to every access device, not carry out manual configuration to this access device yet.
Embodiment eight,
A kind of terminal equipment, please refer to Figure 12, mainly comprises receiving element 801, designating unit 802, transmitting element 803, further can also comprise dispensing unit 804.
Receiving element 801, the type of access device sending for receiving gateway device, can also be used for receiving the master key of the access device that gateway device sends.
Designating unit 802, for being access device designated identification information according to the type of access device.
Transmitting element 803, sends response message to gateway device, and this response message carries the identification information of specifying into access device.
Dispensing unit 804, for being configured terminal equipment self according to the master key of access device and identification information.
This designating unit may further include:
Specify display unit, for the type that shows access device and the option that whether allows to be connected access device;
Specify receiving element, for receiving the selection signal of user to option and the information of user's input;
Designated treatment unit, for being assigned to access device using the information of user's input as identification information.
This terminal equipment is specifically as follows computer, mobile phone or Set Top Box etc.This terminal equipment obtains type and the master key of access device by gateway device, be access device designated identification information according to the type of access device, send to gateway device by gateway device, access device to be configured this identification information, terminal equipment can utilize the master key of access device and identification information to configure accordingly self subsequently, has configured rear terminal equipment and has got final product access switch in device.In whole layoutprocedure, user does not need to remember the master key of every access device, need to before terminal equipment is accessed to every access device, not carry out manual configuration to this access device yet.
Embodiment nine,
A kind of communication system, please refer to Figure 13, mainly comprises gateway device 901, terminal equipment 902 and access device 903, and gateway device 901 is connected with access device 903 with terminal equipment 902 respectively.
Gateway device 901, for obtaining the type master key of access device, send the type of access device to terminal equipment, the response message of receiving terminal apparatus, this response message carried terminal equipment is the identification information that access device is specified, and according to the master key of access device and identification information, access device is configured.
Terminal equipment 902, the type of access device sending for receiving gateway device, is access device designated identification information according to the type of access device, sends response message to gateway device, this response message carries the identification information of specifying into access device.
In this communication system, by gateway device, to access device, unification configures automatically, and terminal equipment can be with the master key access switch in device of access device subsequently.This technical scheme makes user not need to remember the master key of every access device, also need to before terminal equipment is accessed to every access device, not carry out manual configuration to this access device, thereby reduce the requirement to user, has alleviated user's burden.
One of ordinary skill in the art will appreciate that all or part of step in the whole bag of tricks of above-described embodiment is can carry out the hardware that instruction is relevant by program to complete, this program can be stored in a computer-readable recording medium, storage medium can comprise: read-only memory (ROM, Read-Only Memory), random access memory (RAM, Random Access Memory), disk or CD etc.
Method, the Apparatus and system of the configuration the access device above embodiment of the present invention being provided are described in detail, applied specific case herein principle of the present invention and execution mode are set forth, the explanation of above embodiment is just for helping to understand method of the present invention and core concept thereof; , for one of ordinary skill in the art, according to thought of the present invention, all will change in specific embodiments and applications, in sum, this description should not be construed as limitation of the present invention meanwhile.

Claims (6)

1. a method that configures access device, is characterized in that, comprising:
Gateway device obtains type and the master key of access device;
The type of described access device is sent to terminal equipment;
Receive the response message of described terminal equipment, it is the identification information that described access device is specified according to the type of described access device that described response message carries described terminal equipment;
According to the master key of described access device and identification information, described access device is configured; Described type and the master key that obtains access device specifically comprises: send topology detecting message to access device; Receive the first information message that described access device is responded, described first information message carries type and the empty configuration information of described access device; Receive after described empty configuration information, send authentication request to described access device; After certification, receive the second infomational message that described access device is responded, described the second infomational message carries the master key of described access device.
2. method according to claim 1, is characterized in that, described in also comprise after obtaining the type of access device and master key:
The master key of described access device is sent to terminal equipment.
3. method according to claim 1, is characterized in that, described access device is for not configuring access device, describedly also comprises before described access device being configured according to the master key of described access device and identification information:
Judging whether the existing configuration access device corresponding with described identification information, if so, for the described access device that do not configure distributes an idle channel, otherwise is the described channel of access device Random assignment that do not configure.
4. a gateway device, is characterized in that, comprising:
Acquiring unit, for obtaining type and the master key of access device;
Transmitting element, for sending to terminal equipment by the type of described access device;
Receiving element, for receiving the response message of described terminal equipment, it is the identification information that described access device is specified according to the type of described access device that described response message carries described terminal equipment;
Dispensing unit, for being configured described access device according to the master key of described access device and identification information;
Described acquiring unit further comprises:
The first transmitting element, for sending topology detecting message to access device; The first receiving element, the first information message of responding for receiving described access device, described first information message carries type and the empty configuration information of described access device; Authentication ' unit, for receiving after described empty configuration information, sends authentication request to described access device; The second receiving element, for by after certification, receives the second infomational message that described access device is responded, and described the second infomational message carries the master key of described access device.
5. gateway device according to claim 4, is characterized in that, also comprises:
Judging unit, for judging whether the existing configuration access device corresponding with described identification information, if so, distributes an idle channel for not configuring access device, otherwise is the described channel of access device Random assignment that do not configure.
6. a communication system, is characterized in that, comprises gateway device, terminal equipment and access device, and described gateway device is connected with described access device with described terminal equipment respectively;
Described gateway device, for obtaining type and the master key of access device, the type of described access device is sent to terminal equipment, receive the response message of described terminal equipment, it is the identification information that described access device is specified according to the type of described access device that described response message carries described terminal equipment, according to the master key of described access device and identification information, described access device is configured; Described type and the master key that obtains access device specifically comprises: send topology detecting message to access device; Receive the first information message that described access device is responded, described first information message carries type and the empty configuration information of described access device; Receive after described empty configuration information, send authentication request to described access device; After certification, receive the second infomational message that described access device is responded, described the second infomational message carries the master key of described access device;
Described terminal equipment, be used for the type of the access device that receives gateway device transmission, be described access device designated identification information according to the type of described access device, send response message to described gateway device, described response message carries the identification information of specifying into described access device.
CN201010279931.1A 2010-09-09 2010-09-09 Method, device and system for configuring access device Active CN102137395B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201010279931.1A CN102137395B (en) 2010-09-09 2010-09-09 Method, device and system for configuring access device
PCT/CN2011/075351 WO2011144174A1 (en) 2010-09-09 2011-06-03 Method, device and system for configuring access device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201010279931.1A CN102137395B (en) 2010-09-09 2010-09-09 Method, device and system for configuring access device

Publications (2)

Publication Number Publication Date
CN102137395A CN102137395A (en) 2011-07-27
CN102137395B true CN102137395B (en) 2014-07-30

Family

ID=44297030

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201010279931.1A Active CN102137395B (en) 2010-09-09 2010-09-09 Method, device and system for configuring access device

Country Status (2)

Country Link
CN (1) CN102137395B (en)
WO (1) WO2011144174A1 (en)

Families Citing this family (26)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP6019950B2 (en) * 2011-09-13 2016-11-02 ソニー株式会社 Power supply apparatus and method, and program
CN102394840A (en) * 2011-11-11 2012-03-28 刘显福 Communication realization method and device thereof
CN103079186B (en) * 2012-03-05 2015-07-22 上海寰创通信科技股份有限公司 License-information transmission method based on wireless network environment
EP2978250B1 (en) * 2012-08-24 2017-05-10 Huawei Device Co., Ltd. Method, related device, and system for configuring wireless local area network device
CN102843686A (en) * 2012-09-14 2012-12-26 惠州Tcl移动通信有限公司 Wireless network system and portable electronic device
CN103781098B (en) * 2012-10-25 2017-08-11 施耐德电器工业公司 Wireless network adapter and its self-configuration method
WO2015021595A1 (en) * 2013-08-13 2015-02-19 华为技术有限公司 Service channel configuration method, optical line terminal and passive optical network
CN103634177B (en) * 2013-12-05 2016-08-17 北京东土科技股份有限公司 Configuration method and system based on Network
CN105323598B (en) * 2014-07-28 2020-03-10 中兴通讯股份有限公司 Set top box management method, device and system
US9591554B2 (en) * 2014-09-10 2017-03-07 Microsoft Technology Licensing, Llc Management capabilities for a wireless docking experience
EP3236442B1 (en) * 2014-12-19 2020-09-30 Huawei Technologies Co. Ltd. Anti-theft method and device
CN104735813B (en) * 2015-03-10 2019-05-21 小米科技有限责任公司 Internetwork connection establishing method and device
CN104869612B (en) * 2015-04-30 2019-05-10 小米科技有限责任公司 Access the method and device of network
CN105182774A (en) * 2015-09-15 2015-12-23 烽火通信科技股份有限公司 G.hn-based intelligent home gateway control system and method
CN105677418B (en) * 2016-01-08 2018-10-23 烽火通信科技股份有限公司 The method and system of multiple and different voice protocols are realized in access device
CN106302415A (en) * 2016-08-03 2017-01-04 杭州晟元数据安全技术股份有限公司 A kind of method verifying equipment validity and distribution automatic to legitimate device
US10530748B2 (en) 2016-10-24 2020-01-07 Fisher-Rosemount Systems, Inc. Publishing data across a data diode for secured process control communications
US10270745B2 (en) * 2016-10-24 2019-04-23 Fisher-Rosemount Systems, Inc. Securely transporting data across a data diode for secured process control communications
EP3382948B1 (en) * 2016-12-22 2021-03-31 Huawei Technologies Co., Ltd. Method, device and system for selecting gateway
CN109818734B (en) * 2017-11-21 2021-07-27 中国移动通信有限公司研究院 Basic key distribution method, device and medium
CN109818903B (en) * 2017-11-21 2021-07-23 中国电信股份有限公司 Data transmission method, system, device and computer readable storage medium
CN108174401B (en) * 2018-01-05 2020-12-22 深圳市海亿康科技有限公司 Identification method of management equipment in power line network
CN108282551B (en) * 2018-03-07 2021-04-09 成都众网行科技有限公司 Message identification processing method and device, monitoring equipment and readable storage medium
CN108900306A (en) * 2018-07-02 2018-11-27 四川斐讯信息技术有限公司 A kind of production method and system of wireless router digital certificate
CN111918306B (en) * 2020-07-28 2022-03-11 烽火通信科技股份有限公司 Method and system for realizing network element communication under IP unreachable scene
CN116527260B (en) * 2023-07-03 2023-12-01 广东电网有限责任公司佛山供电局 Access method, device, equipment and medium of power grid communication system

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1784911A (en) * 2003-03-27 2006-06-07 汤姆森许可公司 Secure roaming between wireless access points
CN1859085A (en) * 2005-08-12 2006-11-08 华为技术有限公司 Method for delivering key in radio local network
CN101668290A (en) * 2008-09-04 2010-03-10 深圳华为通信技术有限公司 Method and device for configuring wireless local area network (WLAN)
CN101772188A (en) * 2008-12-29 2010-07-07 华为技术有限公司 Method, server and system for configuring femtocell access point paging group and neighboring cell list
CN101772053A (en) * 2008-12-05 2010-07-07 华为终端有限公司 Terminal unit configuration method, device, terminal and terminal unit

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7746868B2 (en) * 2008-01-25 2010-06-29 Cisco Technology, Inc. Transporting multi-basic service set (BSS) frames over wired medium preserving BSS-ID
KR20090113033A (en) * 2008-04-25 2009-10-29 삼성전자주식회사 Method and apparatus for setting wireless LAN of device
CN101621433B (en) * 2008-07-02 2011-12-21 上海华为技术有限公司 Method, device and system for configuring access equipment

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1784911A (en) * 2003-03-27 2006-06-07 汤姆森许可公司 Secure roaming between wireless access points
CN1859085A (en) * 2005-08-12 2006-11-08 华为技术有限公司 Method for delivering key in radio local network
CN101668290A (en) * 2008-09-04 2010-03-10 深圳华为通信技术有限公司 Method and device for configuring wireless local area network (WLAN)
CN101772053A (en) * 2008-12-05 2010-07-07 华为终端有限公司 Terminal unit configuration method, device, terminal and terminal unit
CN101772188A (en) * 2008-12-29 2010-07-07 华为技术有限公司 Method, server and system for configuring femtocell access point paging group and neighboring cell list

Also Published As

Publication number Publication date
WO2011144174A1 (en) 2011-11-24
CN102137395A (en) 2011-07-27

Similar Documents

Publication Publication Date Title
CN102137395B (en) Method, device and system for configuring access device
US9444639B2 (en) Multi-tier wireless home mesh network with a secure network discovery protocol
CN103828412B (en) Method and system for Remote configuration wireless device
CN103096426B (en) Use automatic ad-hoc network creation and the associating of WPS
JP4769815B2 (en) Restricted WLAN access for unknown wireless terminals
EP2467969B1 (en) Method and apparatus for remote management of device
KR20210032133A (en) Method for iot terminal to autonomically accessing wireless lan network and system there of
CN104717225B (en) A kind of things-internet gateway access authentication method and system
TWI651978B (en) Communication system and communication method
WO2011116617A1 (en) Combination network and method for accessing network of wireless sensor network terminal
EP2234438B1 (en) Wireless personal area network accessing method
WO2011116589A1 (en) Combination network and method for wireless sensor network terminal to join in network
CN112136299A (en) Facilitating residential wireless roaming via VPN connectivity over a public service provider network
CN112566113B (en) Key generation and terminal network distribution method, device and equipment
CN104519517A (en) Method and system for automatically configuring wireless access points AP in wireless local area networks
CN106060970A (en) Intelligent terminal and network configuration method thereof
WO2011113262A1 (en) Access method and system for wireless sensor network
CN103781071B (en) The method of access points and relevant device
CN103167509B (en) Wireless lan signal extension device and method
CN104519513A (en) WLAN (wireless local area network)-based communication method and system
TW201210251A (en) Plug-and-play wireless network extension station and method of automatic configuration thereof
CN105722076A (en) Communication system and method for realizing WIFI network coverage by use of pavement manhole covers
CN105827440A (en) Intelligent terminal and route configuration method thereof
CN102812773B (en) The method and apparatus accessed for local network
TWI616110B (en) System and method for backhaul connection management in a lan

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant