CN102791011B - A kind of guard method and system of flexible networking - Google Patents

A kind of guard method and system of flexible networking Download PDF

Info

Publication number
CN102791011B
CN102791011B CN201210110337.9A CN201210110337A CN102791011B CN 102791011 B CN102791011 B CN 102791011B CN 201210110337 A CN201210110337 A CN 201210110337A CN 102791011 B CN102791011 B CN 102791011B
Authority
CN
China
Prior art keywords
user
cluster
region
cluster head
information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active - Reinstated
Application number
CN201210110337.9A
Other languages
Chinese (zh)
Other versions
CN102791011A (en
Inventor
周冲
宋波
王婷
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
ZTE Corp
Original Assignee
ZTE Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by ZTE Corp filed Critical ZTE Corp
Priority to CN201210110337.9A priority Critical patent/CN102791011B/en
Priority to PCT/CN2012/077216 priority patent/WO2013155783A1/en
Publication of CN102791011A publication Critical patent/CN102791011A/en
Application granted granted Critical
Publication of CN102791011B publication Critical patent/CN102791011B/en
Active - Reinstated legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W84/00Network topologies
    • H04W84/18Self-organising networks, e.g. ad-hoc networks or sensor networks

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Small-Scale Networks (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention discloses a kind of guard method of flexible networking and systems, the described method includes: establishing the Ad Hoc network for realizing the region this area Zhong Ge Ad Hoc communication in the area for needing to carry out gate inhibition, including being set up respectively in each region for making a cluster head of each region progress Ad Hoc communication, and the cluster node for carrying out Ad Hoc communication with its region cluster head set up respectively in each standalone feature area in each region;Each region cluster head obtains the user information of user from its cluster node by Ad Hoc network, and inquires it, obtains user's access permission;Each region cluster head sends access control instruction to the cluster node according to obtained user's access permission, carries out access control by it.The present invention realizes the distribution of flexible networking and user's multiplicity permission by Ad Hoc network networking mode.

Description

A kind of guard method and system of flexible networking
Technical field
The present invention relates to mobile radio telecommunications application field, in particular to it is a kind of can with the guard method of flexible networking and its Relevant system.
Background technique
Ad Hoc net is a kind of multi-hop, acentric, ad hoc deployed wireless networks, also known as multihop network (Multi-hop Network), foundation-free facility network or self-organization network.The infrastructure that whole network is not fixed, each node are mobile , and can dynamically keep contacting with other nodes in any way.In such networks, since terminal wireless covers The finiteness of value range, two user terminals that can not be directly communicated can be grouped forwarding by other nodes. Each node is again simultaneously a router, they can complete the function of finding and maintain to arrive other node-routings.
Ad Hoc network is a kind of special mobile radio network.All nodes is equal in network, and no setting is required Any center control nodes.Needed for node in network not only has the function of common mobile terminal, but also turn with message Hair ability.Compared with common mobile network and fixed network, it is had the following characteristics that
1) independence of network
For the relatively conventional communication network of Ad Hoc network, it is maximum difference be exactly can at any time, any place The support of the hardware foundation network facilities is not needed, rapid build plays a mobile communications network.Its foundation is independent of existing Network communication facility, have certain independence.
2) network topology structure of dynamic change
In Ad Hoc network, mobile host can arbitrarily move in net.The movement of host will lead between host Link increases or disappears, and the relationship between host constantly changes.In ad hoc network, host possibility while still router, Therefore, movement can make network topology structure constantly change, and the mode and speed that change all are uncertain.
3) Self-organization of network
The laying or expansion of Ad Hoc network need not rely upon any preset network facilities.Node by layered protocol and Distributed algorithm coordinates respective behavior, can quickly and automatically form an independent network after node booting.
Generally there are two types of structures for Ad Hoc network: planar structure and hierarchical structure.In planar structure, the ground of all nodes Position equality, so being properly termed as peer-to-peer structure again.In hierarchical structure, network is divided into cluster.Each cluster by a cluster head and Multiple cluster node member compositions, these cluster heads form higher leveled network.In high primary network station, and can be with sub-clustering, again More higher leveled network is formed, until highest.
Access control system carries out the basic means of permission control as enterprise, and more and more common is applied to various types of fields It closes.But with the fast development of some enterprises, the rapid of scale is expanded and is adjusted, so that traditional access control system, more Show its limitation.
1) height of fixed network is relied on
Existing access control system, for fixed network infrastructure have high dependency, if enterprise need to its scale into Row adjustment, it is necessary first to which what is done is exactly to be laid out static infrastructure again, to realize the complete of entire enterprises access control system Property, therefore, lack enough flexibilities, while being also added significantly to the investment of enterprise.
2) single access permission control
With the high speed development of enterprise, composition of personnel structure is also all the more complicated, for the various permissions of different personnel, such as Authority distributions and the control problems such as equipment use, security level also become comparable important.Traditional access control system is merely able to list One realization accesses personnel the control in fixed physical region, and cannot achieve being uniformly controlled for various permission.
Summary of the invention
The purpose of the present invention is to provide a kind of guard method of flexible networking and system, can better solve numerous at present The problem of inefficient energy of access control system used in large enterprise, high investment, control of single permission.
According to an aspect of the present invention, a kind of guard method of the flexible networking provided includes:
The Ad Hoc network for realizing the region this area Zhong Ge Ad Hoc communication is established in the area for needing to carry out gate inhibition, including The cluster head for being used to that each region to be made to carry out Ad Hoc communication set up respectively in each region, and in each region Each standalone feature area in set up respectively with its region cluster head carry out Ad Hoc communication cluster node;
Each region cluster head obtains the user information of user from its cluster node by Ad Hoc network, and inquires it, Obtain user's access permission;
Each region cluster head according to obtained user's access permission to the cluster node send access control instruction, by its into Row access control.
Preferably, cluster node obtains customer identification number information by its door control terminal, and will include the customer identification number The user information packet of information and address information is sent to its region cluster head.
Preferably, cluster head parses its user information packet received, obtains comprising the customer identification number information and institute The user information of address information is stated, and local search is carried out according to customer identification number information therein, obtains user's access permission, According to obtained user's access permission, access control instruction is sent to cluster node.
Preferably, cluster node is instructed according to the access control received, controls the unlatching of its door control terminal, and notify its area Domain cluster head updates user data information.
Preferably, the user data information includes customer identification number information, user right information, current region cluster head letter Breath, current cluster nodal information, last time cluster node information and history information, the cluster head is according to the customer identification number information With the address information, update the current region cluster head information of relative users, current cluster nodal information, last time cluster node information and History information.
Preferably, cluster head inquires the user data information of its maintenance, and judges current cluster node and last time cluster where user Whether node is consistent, when judging result is inconsistent, sends to current cluster node for distributing peripheral hardware access right for user Peripheral hardware control instruction, and released to the peripheral hardware of peripheral hardware access right that last time cluster node is sent for cancelling as user distribution Put instruction.
Preferably, the method also includes:
Cluster head obtains the customer identification number information of user by its door control terminal, and according to the customer identification number information, It whether is that authorized user carries out local search or carries out the inquiry of Ad Hoc network by communicating with other cluster heads to the user;
When query result is authorized user, cluster head controls the unlatching of its door control terminal;
When query result is unauthorized user, the user is authorized, and controls its gate inhibition unlatching.
Preferably, when cluster head carries out the inquiry of Ad Hoc network, if inquiring the user at other cluster heads is authorization The user data information for the user that other cluster heads are safeguarded then is copied to local preservation by user.
According to another aspect of the present invention, a kind of access control system of the flexible networking provided includes:
The Ad Hoc network for needing to carry out the progress Ad Hoc communication of in the gate inhibition area so that this area region Zhong Ge is set, The Ad Hoc network includes:
A respectively arranged cluster head in each region is led to for making each region carry out Ad Hoc by its cluster head Letter;
Respectively arranged multiple cluster nodes, each of which cluster node and Qi Qu in each standalone feature area in each region The cluster head in domain carries out Ad Hoc communication;
Wherein, the cluster head in each region obtains the user information of user from its cluster node by Ad Hoc network, and to its into Row inquiry, obtains user's access permission;
Wherein, each region cluster head sends access control instruction to the cluster node according to obtained user's access permission, Access control is carried out by it.
Preferably, the cluster head is also used to obtain the customer identification number information of user by its door control terminal, and according to institute Customer identification number information is stated, whether is that authorized user carries out local search or by communicating progress with other cluster heads to the user The inquiry of Ad Hoc network, when query result is authorized user, cluster head controls the unlatching of its door control terminal, when query result is not award When weighing user, the user is authorized, and controls its gate inhibition unlatching.
Compared with prior art, the beneficial effects of the present invention are:
1, the present invention is by the network organizing mode of Ad Hoc, can flexible networking, reduce enterprise's investment;
2, the present invention realizes being uniformly controlled for user's multiplicity permission, the various permissions including different personnel, as equipment makes With etc. authority distributions.
Detailed description of the invention
Fig. 1 is the guard method schematic diagram of flexible networking provided in an embodiment of the present invention;
Fig. 2 is Ad Hoc cluster network topological diagram provided in an embodiment of the present invention;
Fig. 3 is cluster node network topological diagram provided in an embodiment of the present invention;
Fig. 4 is the user data information structure chart of cluster head maintenance provided in an embodiment of the present invention;
Fig. 5 is user's authorization flow figure provided in an embodiment of the present invention;
Fig. 6 is access control system control flow chart provided in an embodiment of the present invention.
Specific embodiment
Below in conjunction with attached drawing to a preferred embodiment of the present invention will be described in detail, it should be understood that described below is excellent Select embodiment only for the purpose of illustrating and explaining the present invention and is not intended to limit the present invention.
The hierarchical structure of Ad Hoc network is utilized in realization of the invention, carries out the topology of real network.By standalone feature Each plant area be divided into cluster head, become a high hierarchical network between cluster head and cluster head, it is logical to carry out data by AdHoc network Letter;Standalone feature region division in each plant area is cluster node, is sane level structure between each cluster node, with unified cluster head structure The Ad Hoc network of Cheng Xin.
Fig. 1 is the guard method schematic diagram of flexible networking provided in an embodiment of the present invention, as shown in Figure 1, comprising:
Step S101, the Ad Hoc for realizing that the region this area Zhong Ge Ad Hoc is communicated is established in the area for needing to carry out gate inhibition Network, including being set up respectively in each region for making each region carry out a cluster head of Ad Hoc communication, Yi Ji That sets up respectively in each standalone feature area in each region carries out the cluster node of Ad Hoc communication with its region cluster head.
Step S102, each region cluster head obtains the user information of user from its cluster node by Ad Hoc network, and to it It is inquired, obtains user's access permission.
Cluster node obtains customer identification number information by its door control terminal, and will include the customer identification number information and ground The user information packet of location information is sent to its region cluster head.Cluster head parses its user information packet received, obtains comprising institute The user information of customer identification number information and the address information is stated, and local look into is carried out according to customer identification number information therein It askes, obtains user's access permission.
Step S103, each region cluster head sends access control to the cluster node according to obtained user's access permission and refers to It enables, access control is carried out by it.
Cluster head sends access control instruction according to obtained user's access permission, to cluster node, so as to cluster node according to The access control instruction received, controls the unlatching of its door control terminal.
Fig. 2 is Ad Hoc cluster network topological diagram provided in an embodiment of the present invention, as shown in Fig. 2, this figure is big with one Type enterprise is model, and using each plant area of enterprise as cluster head, each standalone feature region in plant area is as cluster node.
There are dining room, office building, test department, production district and the research and development independent groups of building in five, area, as whole in region 101 Cluster head in a network topology structure, they belong to the Ad Hoc network of same layer.It is carried out between five cluster heads in region 101 When Ad Hoc is communicated, if the wireless communication distance of a certain cluster head can not reach the other cluster heads in the region, so that it may utilize Ad The multi-hop performance of Hoc network realizes the data communication between remote cluster head.For example, research and development area wishes that same office building carries out data Communication, and mutual physical distance is farther out, AdHoc multi-network wireless communications distance not enough, cannot achieve the wireless intercommunication of data, this When, research and development area can by with test department intercommunication, the office building in test department wireless network range is jumped to, finally with Ad Hoc net The multi-hop of network realizes the long range wireless communication in research and development area and office building.
The research and development area A, the research and development area B, the region of meeting room and four, laboratory with standalone feature in region 102 are under the jurisdiction of Area is researched and developed, consolidated network level is belonged to, belongs to the cluster node in cluster head research and development area, they and cluster head research and development area constitute another floor Secondary Ad Hoc network.The customer identification number information that oneself is obtained is sent to it by each cluster node in region 102 in real time Region cluster head, customer identification number information that cluster head is transmitted according to cluster node and in sending the customer identification number information process (routing iinformation includes routing information of the cluster node to its region cluster head to routing iinformation, and cluster head is when obtaining customer identification number Obtain the routing iinformation), user is handled and safeguarded in the access situation of each cluster node, and is mentioned for each cluster node For data query service.Further, which is also other cluster heads in region 101, provides corresponding message reference, inquiry Service.
If enterprise development needs to add a special logistics area, then only need to increase a logistics area in region 101, As a new cluster head in network.The self-organization for making full use of Ad Hoc network, without being laid out fixed network again, and only need to be It adds independent wireless network cluster head and network can be completed using the coordination of layered protocol and distributed algorithm in new region Dilatation.Similarly, it is also applied for the addition of cluster node, due to the difference of belonging network level, only in Distribution Algorithm slightly It is different.
Fig. 3 is cluster node network topological diagram provided in an embodiment of the present invention, since each Ad Hoc network node will have The function and message transfer capability of standby common mobile terminal, i.e., will have the function of router, therefore, the single net in the present invention Network node at least will include host, door control terminal and wireless device.Wherein, host completes the function of common mobile terminal, including The functions such as human interface function, intra-node equipment permission control function, data processing;Door control terminal is mainly responsible for user identifier Reading and access control;Wireless device provides wireless channel for information transmission and supports.
Using a conventional office room as prototype, as shown in figure 3, providing an Ad Hoc network cluster node network topology Figure, the cluster knot spot net include: host 201, wireless device 202, RFID door control terminal 203 and other network peripheral hardwares, such as PC machine 204, duplicator 205, phone 206 and printer 207.
Bidirectional data communication is carried out between host 201 and wireless device 202, host will include customer identification number information and ground Location information (address of cluster node and its address of region cluster head where user) utilizes Ad Hoc network by wireless device 202 It is supplied to its region cluster head;Meanwhile wireless device 202 is used to open or close RFID by Ad Hoc network acquisition cluster head The instruction and user of prohibiting terminal use the authority information of cluster knot spot net peripheral hardware, host are sent to, to realize associated user's permission Control.
Bidirectional data interaction is carried out between RFID door control terminal 203 and host 201, RFID door control terminal 203 is obtained Customer identification number information be supplied to host 201, for user information inquire, and receiving host 201 provide access permission look into Ask the open and close as a result, to determine gate inhibition.
Including PC machine 204, duplicator 205, phone 206, printer 207 other network peripheral hardwares and host between be unidirectional Process, host issue control command to peripheral hardware, determine that user makes related peripherals according to the authority information from its cluster head Use permission.Specifically, host distributes peripheral hardware access right according to the peripheral hardware control instruction from its cluster head for user, alternatively, root It releases order according to the peripheral hardware from its cluster head, cancels the peripheral hardware access right for user's distribution.
For sensing equipment used in access control system, the present embodiment has used RFID door control terminal, it is not limited to The wireless technology is suitable for the present invention as the common sensing equipment such as near-field communication NFC.
Fig. 4 is the user data information structure chart of cluster head maintenance provided in an embodiment of the present invention, and the present invention is to user data Message structure is made that specific definition, works as proparea including customer identification number information, corresponding user right information, the user Domain cluster head information, the current cluster nodal information of the user, the last time cluster node information of the user and the gate inhibition of the user go through The Records of the Historian records information.Host in each cluster head needs to be responsible for user data information and is safeguarded, to be in real time that user's distribution is outer If access right, monitoring user location and its access history.As shown in figure 4, user is described in detail in access control system in this figure Relevant information, unified maintenance is carried out to these data by each cluster head host.
For the customer identification number information for identifying unique subscriber, the device identifier one obtained with door control terminal is a pair of It answers.
The user right information is used to identify the various permissions that cluster head is user distribution.
The current region cluster head information is currently located cluster head belonging to cluster node for identifying the user, is convenient for user area Domain positioning.
The current cluster nodal information is for identifying the current user position that door control terminal captures, the last time cluster node For information for identifying the last user position that door control terminal captures, the two message segments can determine user in the same area Repeatedly access, if need multiple authority distribution.
User history information accesses the record of each node for recording user.
Cluster head host can intercept current region cluster head and current cluster node from the routing iinformation received, and to being stored in cluster Relevant user data information in head is safeguarded, the data transmitting of individual event is carried out without each node.Administrative staff pass through Inquiry to above-mentioned two message segment in cluster head host can quickly navigate to regional location locating for related personnel, realize people Member's quickly positioning and tracking.Cooperate corresponding monitoring device, efficient personnel monitoring may be implemented, greatly improves gate inhibition's safety Property.
The present invention in actual use, needs to undergo two processes: user's authorization flow and access control process.
Fig. 5 is user's authorization flow figure provided in an embodiment of the present invention, and in user's authorization flow, cluster head is reading the use It after the mark of family, is inquired by Ad Hoc network whether it authorizes, determines it is to distribute completely new permission for the user with this, also It is that the user is obtained by network in the registration information of other cluster heads, as shown in figure 5, step includes:
Step S501, user enters a cluster head;
Step S502, the RFID door control terminal of cluster head obtains the device identifier of the held RFID device of user, and according to institute Device identifier is stated, customer identification number information is obtained, sends it to cluster head host;
Step S503, cluster head host obtains customer identification number information by RFID door control terminal, is locally used in cluster head User data inquiry, confirm whether the user had carried out authorization in this cluster head, if in the authorization of this cluster head if execute step Otherwise rapid S508 executes step S504;
Step S504, user data query is carried out to other cluster heads by Ad Hoc network;
Step S505, confirmation user it is whether authorized in other cluster heads, if in the authorization of this cluster head if execute Otherwise step S507 executes step S506;
Step S506, the user data information that the user is replicated from corresponding cluster head, is stored in this cluster head, and execute step S508;
Step S507, such as other cluster heads do not authorize user, then are authorized by this cluster head host to the user, The user data information of the user is established in the cluster head host, and executes step S508;
Step S508, opening gate is let pass the user.
Fig. 6 is access control system control flow chart provided in an embodiment of the present invention, and access control system control flow mainly realizes use Distributed the use of permission at family, and the routing iinformation accessed according to user in each cluster node, safeguards user data information, such as Fig. 6 Shown, step includes:
Step S601, user enters a cluster node;
Step S602, the RFID access control equipment of the cluster node reads the device identifier of the held RFID device of the user, and According to the device identifier, customer identification number information is obtained, its host is sent it to;
Step S603, the host of the cluster node is inquired by Ad Hoc network to its region cluster head, is obtained from its region The access control of cluster head instructs;
Step S604, cluster node is instructed according to the access control, judges whether the user has the gate inhibition of the cluster node Otherwise permission, executes step S606 if so, thening follow the steps S605;
Step S605, it is user's opening gate, while cluster head is notified to modify working as in the user data information of the user Prevariety Node field information and last time cluster node field information;
Step S606, gate inhibition does not make any response to the user;
Step S607, cluster head inquires the user data information of the user, confirm its current cluster node whether with last time cluster knot Point is consistent, no to then follow the steps S608 if unanimously, thening follow the steps S609 terminates process;
Step S608, cluster head host notification cluster node host distributes corresponding network peripheral hardware access right for the user, Which equipment permission there is in cluster node, by various peripheral hardwares inside the management program control cluster node in cluster node host, be The user distributes relevant device access right;
Step S610, cluster head host notifies last time cluster node host, before cancellation according to user's last time cluster node information The access right of the related peripherals of distribution.
In conclusion the present invention has following technical effect that
1, the present invention makes full use of the self-organization of Ad Hoc network, need to only be added in new region independent cluster head and/ Or independent cluster node is added in new standalone feature area, the dilatation of network can be completed, without being laid out fixed network again.
2, the user data information that the present invention is safeguarded by cluster head, can be uniformly controlled user's multiplicity permission.
3, the user data information that the present invention is safeguarded by cluster head, can be realized efficient personnel monitoring, greatly improves door Prohibit safety.
Although describing the invention in detail above, but the invention is not restricted to this, those skilled in the art of the present technique It can be carry out various modifications with principle according to the present invention.Therefore, all to be modified according to made by the principle of the invention, all it should be understood as Fall into protection scope of the present invention.

Claims (10)

1. a kind of guard method of flexible networking characterized by comprising
The Ad Hoc network for realizing the region this area Zhong Ge Ad Hoc communication, the Ad are established in the area for needing to carry out gate inhibition Hoc network includes;
The region cluster head for being used to that each region to be made to carry out Ad Hoc communication set up respectively in each region, and
That sets up respectively in each standalone feature area in each region carries out the cluster knot of Ad Hoc communication with its region cluster head Point;
Each region cluster head is looked into using the user's information of the user obtained by Ad Hoc network from its cluster node It askes, obtains user's access permission;
Each region cluster head sends access control instruction to the cluster node according to obtained user's access permission, by its progress Access control;
Each region cluster head carries out the data communication between remote cluster head using the multi-hop of Ad Hoc network;
The customer identification number information and sending the customer identification number information process that each region cluster head is transmitted according to cluster node In include the cluster node to its region cluster head routing information routing iinformation, to user each cluster node access situation into Row processing and maintenance, and data query service is provided for other cluster nodes;
Wherein, each region cluster head obtains the routing iinformation when obtaining customer identification number information.
2. the method according to claim 1, wherein cluster node obtains customer identification number letter by its door control terminal Breath, and the user information packet comprising the customer identification number information and address information is sent to its region cluster head.
3. according to the method described in claim 2, obtaining it is characterized in that, cluster head parses its user information packet received User information comprising the customer identification number information and the address information, and carried out according to customer identification number information therein Local search obtains user's access permission, according to obtained user's access permission, sends access control instruction to cluster node.
4. according to the method described in claim 3, it is characterized in that, cluster node is according to the access control instruction received, control The unlatching of its door control terminal is made, and its region cluster head is notified to update user data information.
5. according to the method described in claim 4, it is characterized in that, the user data information include customer identification number information, User right information, current region cluster head information, current cluster nodal information, last time cluster node information and history information, institute Cluster head is stated according to the customer identification number information and the address information, update relative users current region cluster head information, when Prevariety nodal information, last time cluster node information and history information.
6. according to the method described in claim 5, and judging it is characterized in that, cluster head inquires the user data information of its maintenance Whether current cluster node and last time cluster node are consistent where user, when judging result is inconsistent, send to current cluster node For distributing the peripheral hardware control instruction of peripheral hardware access right for user, and sending to last time cluster node for cancelling is the user The peripheral hardware of the peripheral hardware access right of distribution releases order.
7. method described in -6 any one according to claim 1, which is characterized in that further include:
Cluster head obtains the customer identification number information of user by its door control terminal, and according to the customer identification number information, to institute State whether user is that authorized user carries out local search or carries out the inquiry of Ad Hoc network by communicating with other cluster heads;
When query result is authorized user, cluster head controls the unlatching of its door control terminal;
When query result is unauthorized user, the user is authorized, and controls its gate inhibition unlatching.
8. the method according to the description of claim 7 is characterized in that when cluster head carry out Ad Hoc network inquiry when, if other It is authorized user that the user is inquired at cluster head, then copies to the user data information for the user that other cluster heads are safeguarded It is local to save.
9. a kind of access control system of flexible networking characterized by comprising
The Ad Hoc network for needing to carry out the progress Ad Hoc communication of in the gate inhibition area so that this area region Zhong Ge is set, it is described Ad Hoc network includes:
A respectively arranged region cluster head in each region, for making each region carry out Ad Hoc by its region cluster head Communication;
Respectively arranged multiple cluster nodes in each standalone feature area in each region, each of which cluster node and its region Cluster head carries out Ad Hoc communication;
Wherein, each region cluster head utilizes the user information of user obtained by Ad Hoc network from its cluster node, and to Family is inquired, and user's access permission is obtained;
Wherein, each region cluster head sends access control instruction to the cluster node according to obtained user's access permission, by It carries out access control;
Wherein, each region cluster head carries out the data communication between remote cluster head using the multi-hop of Ad Hoc network;
Wherein, the customer identification number information and sending the customer identification number information that each region cluster head is transmitted according to cluster node In the process include the cluster node to its region cluster head routing information routing iinformation, to user each cluster node access feelings Condition is handled and is safeguarded, and provides data query service for other cluster nodes;
Wherein, each region cluster head obtains the routing iinformation when obtaining customer identification number information.
10. system according to claim 9, which is characterized in that the cluster head is also used to obtain by its door control terminal and use The customer identification number information at family, and according to the customer identification number information, it whether is that authorized user carries out locally to the user Inquiry carries out the inquiry of Ad Hoc network by communicating with other cluster heads, and when query result is authorized user, cluster head controls it Door control terminal is opened, and when query result is unauthorized user, is authorized to the user, and controls its gate inhibition unlatching.
CN201210110337.9A 2012-04-16 2012-04-16 A kind of guard method and system of flexible networking Active - Reinstated CN102791011B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201210110337.9A CN102791011B (en) 2012-04-16 2012-04-16 A kind of guard method and system of flexible networking
PCT/CN2012/077216 WO2013155783A1 (en) 2012-04-16 2012-06-20 Flexible networking access control method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201210110337.9A CN102791011B (en) 2012-04-16 2012-04-16 A kind of guard method and system of flexible networking

Publications (2)

Publication Number Publication Date
CN102791011A CN102791011A (en) 2012-11-21
CN102791011B true CN102791011B (en) 2019-01-04

Family

ID=47156290

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201210110337.9A Active - Reinstated CN102791011B (en) 2012-04-16 2012-04-16 A kind of guard method and system of flexible networking

Country Status (2)

Country Link
CN (1) CN102791011B (en)
WO (1) WO2013155783A1 (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107295533B (en) * 2017-06-20 2020-06-30 海信集团有限公司 Method and device for electing cluster head node
CN112685606A (en) * 2020-12-31 2021-04-20 上海氪邦智能技术有限公司 Authority rule configuration/management method, system, computer medium and terminal
CN114220206A (en) * 2021-12-08 2022-03-22 全民认证科技(杭州)有限公司 Intelligent access control method and system suitable for multiple scenes
CN115238257B (en) * 2022-09-26 2023-01-06 深圳市亲邻科技有限公司 Access control face permission updating method and device, computer equipment and storage medium

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1643862A (en) * 2002-03-27 2005-07-20 摩托罗拉公司 Method and apparatus for a communication network with nodes capable of selective cluster head operation
CN101916464A (en) * 2010-08-25 2010-12-15 华南理工大学 Zigbee technology-based access control management method and device

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070030120A1 (en) * 2005-08-02 2007-02-08 Echolock, Inc. Security access control system and associated methods
CN101477720A (en) * 2009-01-13 2009-07-08 许仁德 Gate inhibition system
CN102088522A (en) * 2009-12-04 2011-06-08 中国移动通信集团公司 System and method for modifying state of mobile terminal, and relevant equipment
CN202306667U (en) * 2011-10-09 2012-07-04 苏州元澄智能科技有限公司 Zigbee wireless access control system

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1643862A (en) * 2002-03-27 2005-07-20 摩托罗拉公司 Method and apparatus for a communication network with nodes capable of selective cluster head operation
CN101916464A (en) * 2010-08-25 2010-12-15 华南理工大学 Zigbee technology-based access control management method and device

Also Published As

Publication number Publication date
WO2013155783A1 (en) 2013-10-24
CN102791011A (en) 2012-11-21

Similar Documents

Publication Publication Date Title
CN102484593B (en) Zone migration in network access
KR101862965B1 (en) Management system, gateway apparatus, server apparatus, management method, gateway method and management process execution method
CN104412677B (en) System and method for the position detection based on service set identifier
CN103460764B (en) System and method for managing personal local area network equipment
CN106488525B (en) A kind of wireless network construction method and corresponding network framework of IP dynamic binding
CN102791011B (en) A kind of guard method and system of flexible networking
CN100369434C (en) Method for implementing virtual LAN based on WAPI system in WLAN
CN107409369A (en) The system and method for mobile core data, services
CN104040948B (en) Network coordinator device
CN102469553B (en) The cut-in method of a kind of wireless sensor network and system
CN109922469A (en) For supporting the method, apparatus and system of radio roaming
CN102202298A (en) Combined network and method for wireless sensor network terminal to join network
CN102202302A (en) Method for joining network combining network and wireless sensor network (WSN) terminal
JP2012208627A (en) Operation method for data aggregating network through instrument with communication function
CN106470115A (en) A kind of security configuration method, relevant apparatus and system
CN108199869A (en) For the wireless MAN and its safety management system of education sector
CN104349511B (en) The distribution method and device of AP addresses in wlan network
Zhou et al. The 5G communication technology-oriented intelligent building system planning and design
CN102196529A (en) Access method and system for wireless sensor network
CN106464692A (en) Determining trust levels on a device receiving authorization
CN104618931B (en) A kind of method for establishing cell parameter mapping relations, transmission method and equipment
CN102685786A (en) Method and system for accessing wireless sensor network (WSN) to telecommunication network
US10038729B1 (en) Cooperative network access
Hu et al. Multi-principal multi-agent contract design: theory and application to device-to-device communications
CN100407815C (en) Method for insertion point obtaining insertion gateway address in mobile communication network

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20190104

Termination date: 20190416

CF01 Termination of patent right due to non-payment of annual fee
RR01 Reinstatement of patent right

Former decision: termination of patent right due to unpaid annual fee

Former decision publication date: 20200403

RR01 Reinstatement of patent right