CN105072613B - A kind of Radio Network System and wireless network access method - Google Patents

A kind of Radio Network System and wireless network access method Download PDF

Info

Publication number
CN105072613B
CN105072613B CN201510471313.XA CN201510471313A CN105072613B CN 105072613 B CN105072613 B CN 105072613B CN 201510471313 A CN201510471313 A CN 201510471313A CN 105072613 B CN105072613 B CN 105072613B
Authority
CN
China
Prior art keywords
equipment
accessed
router
white list
beacon frame
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201510471313.XA
Other languages
Chinese (zh)
Other versions
CN105072613A (en
Inventor
罗鸣
罗一鸣
张祠瑞
王振
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Chengdu Century Photosynthesis Science And Technology Ltd
Original Assignee
Chengdu Century Photosynthesis Science And Technology Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chengdu Century Photosynthesis Science And Technology Ltd filed Critical Chengdu Century Photosynthesis Science And Technology Ltd
Priority to CN201510471313.XA priority Critical patent/CN105072613B/en
Publication of CN105072613A publication Critical patent/CN105072613A/en
Application granted granted Critical
Publication of CN105072613B publication Critical patent/CN105072613B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/101Access control lists [ACL]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W48/00Access restriction; Network selection; Access point selection
    • H04W48/16Discovering, processing access restriction or access information

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The present invention relates to a kind of Radio Network System and wireless network access methods, including coordinator and at least one router, the router is based on beacon frame watch-list by equipment to be accessed and is screened, and the router is provided with the white list for being authenticated with the equipment to be accessed, the identification information of the authentication result of the white list and the equipment to be accessed is sent to each router by the coordinator, is again coupled to request with receiving/refusal equipment to be accessed.The present invention can not only filter out invalid or malice equipment to be accessed, and can screen to obtain most effective equipment to be accessed according to historical context number, improve the security performance of wireless network by carrying out beacon frame buffer screening to router.

Description

A kind of Radio Network System and wireless network access method
Technical field
The present invention relates to field of communication technology more particularly to a kind of Radio Network Systems and wireless network access method.
Background technique
With the development of network technology, the coverage area of wireless network is increasing.Wireless network (wireless It network) is the network realized using wireless communication technique.Wireless network had both included allowing user to establish remote-wireless to connect Global voice and data network, also include for the near radio infrared technology that optimizes of connection and radio-frequency technique.Nothing Line network protocol defines complete set low-power consumption, highly reliable, property low rate communication mechanism.It is very suitable to equipment remote-control, it is small Data transmission, Internet of Things, Industry Control and smart home field.According to different application environments, what WLAN used is opened up Flutter structure mainly and have bridge connecting-type, accessed node connecting-type, HUB access type and four kinds of non-stop layer type.Wireless network is exclusive Safety problem is the emphasis of enterprise's prevention.The attack that wireless network receives specifically includes that interpolation attacks, roaming attack, fraudulent Access point, steals Internet resources and abduction and monitoring to wireless communication at two-sided demon attack.
Wireless network is usually taken two ways and carries out networking.The first is the device node for directly configuring network to be added PANID it is consistent with the PANID of coordinator.Second is the association licensing function for opening wireless network in limited time.Both the above side There is disadvantage in formula, first method is needed to each product configuration of reservations interface, or preset PANID when leaving the factory, such as Fruit is used for Intelligent hardware product, will increase production, and the complexity of after-sales service and user's operation is especially increased production and sells Cost afterwards.Second method operationally, needs to start router to be networked when wireless network opens association license, such as Fruit opens the overlong time of association license, will lead to wireless network by malicious attack, and the time started too short will lead to equipment It networks unsuccessful.
Patent document (103442351 A of CN) discloses a kind of method for protecting wireless network, comprising: step 10 is incited somebody to action WIFI module is placed under STA operating mode, scans surrounding wireless access points using WIFI module, gets wireless visit around Ask the beacon frame data packet of access point;Step 20 is selected from the beacon frame data packet of surrounding's wireless access points One beacon frame data packet extracts physical address and service set information from the beacon frame data packet;Step 30 is incited somebody to action WIFI module is switched under AP operating mode, using WIFI module broadcast beacon frame, the physical address kimonos of the beacon frame Business set identifier information is the physical address extracted and service set information.The patent passes through selection ambient signals intensity It is worth a maximum beacon frame data packet to access new router.But when router is not nearby that the equipment is uncommon there are one It hopes the coordinator being added, then router can not just access its desired network, but also can be produced with unexpected coordinator Raw data interaction, leads to serious safety consequences.
Summary of the invention
For the deficiencies of the prior art, the present invention provides a kind of Radio Network System and wireless network access method, including Coordinator and at least one router, which is characterized in that
The router is based on beacon frame watch-list by equipment to be accessed and is screened, and
The router is provided with the white list for being authenticated with the equipment to be accessed,
The identification information of the authentication result of the white list and the equipment to be accessed is sent to each by the coordinator The router is again coupled to request with receiving/refusal equipment to be accessed.
According to a preferred embodiment, the router feeds back beacon based on the beacon request of the equipment to be accessed Frame, the beacon frame, which carries out white list with the equipment to be accessed with the matched router of the beacon frame watch-list, to be recognized Card.
According to a preferred embodiment, the router is by the equipment to be accessed based on the history in the beacon frame Degree of incidence is screened and is connected.
According to a preferred embodiment, the router is by the identification information of the equipment to be accessed and the white list The information of record is matched, to carry out white list certification.
According to a preferred embodiment, the coordinator will not pass through the mark of the equipment to be accessed of white list certification Know information and disposably broadcasts each router into wireless network.
According to a preferred embodiment, the coordinator or the router feed back beacon to the equipment to be accessed Frame, the equipment to be accessed delay to access wireless network based on the process state information in the beacon frame.
According to a preferred embodiment, the networking that the coordinator or the router respond the equipment to be accessed is tested Card instruction is verified the equipment to be accessed and is authenticated by white list.
According to a preferred embodiment, the white list persistence in the router allows to network described wait network The identification information of equipment.
A kind of the step of wireless network access method, the cut-in method includes:
Coordinator or at least one router feed back the beacon request of equipment to be accessed;
The coordinator or the router are based on beacon frame watch-list by equipment to be accessed and are screened and connected;
The coordinator or the router carry out white list certification to the equipment to be accessed;
The coordinator or the router response network verifying instruction so that access network the equipment to be accessed into Row is verified certainly.
According to a preferred embodiment, the step of the cut-in method further include:
The coordinator or the router are based on historical context number record in beacon frame by equipment to be accessed and are sieved Choosing and connection.
Advantageous effects of the invention:
The present invention carries out beacon frame buffer screening by treating access device, can not only filter out it is invalid or malice to Access device, and can be screened to obtain most effective equipment to be accessed according to historical context number, improve wireless network Security performance.
The present invention improves wireless network by delaying the busy extent in threshold value according to equipment to delay to connect wireless network The success rate of network networking.
The present invention had both avoided equipment and has repeatedly refused the broadcast storm generated, in turn avoids wireless network and generates safety leakage Hole.
The present invention also makes by the equipment to be accessed of certification connection to carry out in the form instructed from verifying, thus the company of ensure that Access the legal connection of equipment of wireless network.
Detailed description of the invention
Fig. 1 is a kind of structural schematic diagram of Radio Network System;
Fig. 2 is one of preferred embodiment of wireless network access method.
Specific embodiment
It is described in detail with reference to the accompanying drawing.
In the present invention, wireless network includes the ZigBee-network for being based not only on IEEE802.15.4 agreement, MiW wireless network It further include the wireless network that the wireless signals such as WiFi, bluetooth, iBeacon and EnOcean are formed with Wireless HART network.
As shown in Figure 1, the present invention provides a kind of Radio Network System, including coordinator and at least one router, it is described Router by equipment to be accessed be based on beacon frame watch-list screened, and the router be provided with for it is described to The white list that access device is authenticated, the coordinator is by the mark of the authentication result of the white list and the equipment to be accessed Know information and be sent to each router, is again coupled to request with receiving/refusal equipment to be accessed.
Router feeds back beacon frame based on the beacon request of equipment to be accessed, and beacon frame and beacon frame watch-list are matched Router and equipment to be accessed carry out white list certification.
Equipment to be accessed is preset with beacon frame watch-list.Beacon frame watch-list record have at least one invalid or There is the beacon frame of record of bad behavior history.Coordinator or router around equipment search to be accessed.Search at least one coordination After the signal of device or router, equipment to be accessed is at least one router broadcast beacon request.At least one router is to letter Feedback is made in mark request.After several beacon frames of equipment receiving router feedback to be accessed, it is based on beacon frame watch-list pair Received beacon frame is identified and is screened.Equipment to be accessed throws the beacon filtering frames being displayed in beacon frame watch-list It abandons, and retains the beacon frame not being listed in beacon frame watch-list.Retained beacon frame is stored in beacon caching.With quilt The corresponding router of the beacon frame of reservation, becomes the associated objects of equipment to be accessed.
Router is screened and is connected based on the historical context number in beacon frame by equipment to be accessed.
It is stored in each of beacon caching beacon frame, all has the record information of historical context number.It is to be accessed to set Standby to be based on beacon frame watch-list, it is invalid or after having the router of record of bad behavior to exclude, and determines the road for needing to be associated By device.Equipment to be accessed according to beacon cache in beacon frame historical context number number, successively road corresponding with beacon frame Association request is sent by device, avoids only being associated with the strongest wireless network of signal.Equipment to be accessed to beacon cache in each The corresponding router of beacon frame sends association request.When equipment to be accessed is rejected once, then the degree of incidence of corresponding router Increase primary.The identification information of equipment to be accessed includes the physical address and server identification information of equipment to be accessed.Physically Location includes the address IEEE.When the corresponding identification information of equipment to be accessed be not stored in router white list caching in when It waits, equipment to be accessed can receive the associated response of refusal connection.Equipment to be accessed after receiving the associated response of refusal, with The corresponding router of next beacon frame of beacon caching record is associated.When equipment to be accessed is successively routed with the last one After device association failure, equipment to be accessed carries out the second secondary association according to the record that beacon caches.After the first round, which is associated with, to fail, to The identification information of equipment to be accessed may be had been written into the white list caching for the router that access device was associated with.Therefore, this When equipment to be accessed send the association request of the second wheel, it is possible to obtain the associated response of at least one router, allow to Access device accesses wireless network.It is waiting after the second wheel association request of equipment to be accessed is all successively refused by router Enter equipment and sends beacon request again.At least one router feeds back the beacon request and establishes beacon caching.
Coordinator or router are to equipment to be accessed feedback beacon frame, and equipment to be accessed is based on the processing status in beacon frame Information delays to access wireless network.
There are a regions (domain pending) to be allocated for the beacon frame of IEEE802.15.4.Region instruction currently can be with The data jamming of how many equipment is in sending caching in the coordinator or router of access.Coordinator or router accordingly to The association request of access device feeds back beacon frame to equipment to be accessed.In the beacon frame that equipment to be accessed is fed back according to router The case where region to be allocated, judges whether coordinator or router are in busy working condition.If coordinator or router are in Busy working condition, equipment selection to be accessed connect networking with the router in cache-time threshold value.Equipment i.e. to be accessed Networking is connect after waiting for a period of time, with router so as to improve the success rate of networking.If the equipment waiting time to be accessed is super Cross after caching time threshold, such as after having cached 255s, still not with any one router successful connection.That , equipment to be accessed re-initiates association request, starts new primary search and connection.
Router matches the identification information of equipment to be accessed with the information that white list records, to carry out white list Certification.
Router is preset with white list, ZDO layers of instruction and white list management processing module.ZDO layers instruction include refuse into Net instruction, allow to network instruction and the verifying instruction that networks.White list record has the identification information for the equipment for allowing to access network, packet Include physical address and service set information.
According to a preferred embodiment, white list identical with router is provided in coordinator.It is white when router List increases, deletes, after modification, and the white list in coordinator, which synchronizes, to be increased, deleted and modified.White name i.e. in coordinator Single variation synchronous with the white list in router.
Router treats access device based on white list and is identified information matches.Radio Network System includes at least one Router and/or at least one device node.White list is preset in router.Router is in the association for receiving equipment to be accessed After request, short address and link circuit resource will not be distributed for it immediately, but be authenticated with white list.What equipment to be accessed was sent It include the globally unique address 8 byte IEEE in association request.Router is waited for according to globally unique 8 byte IEEE address validation Whether access device meets the condition of networking.If the address IEEE of equipment to be accessed meets the physical address letter of white list record Breath, then allowing equipment access network to be accessed.Router allows to network to equipment to be accessed feedback to be instructed.Equipment to be accessed exists It receives and accesses wireless network after allowing to network instruction.
Coordinator disposably broadcasts the identification information for the equipment to be accessed not authenticated by white list into wireless network Each router.If in the identification information of the white list record in 8 addresses byte IEEE of equipment to be accessed and router Physical address mismatches.Router feeds back refusal networking instruction to equipment to be accessed.Meanwhile the institute that will be rejected in the unit time The identification information and refusal for needing access device, which network to instruct, is sent to coordinator.Coordinator will be refused in the unit time by router The identification information of exhausted all equipment to be accessed and refusal network, and instruction is unified to be broadcasted to each of wireless network router, To avoid gradually sending caused broadcast storm one by one.If the router in wireless network is connected with other equipment.Road Information by device equally by refusal networking instruction and its equipment to be accessed is sent to other equipment.
According to a preferred embodiment, the white list persistence of the router in wireless network allows to network waiting Enter the identification information of equipment.
White list in router permanent can save the identification information for allowing the equipment to be accessed to network.It routes in this way The equipment to be accessed docked into network of device or coordinator at any time is authenticated.Due to non-wireless device, permanent protect may be supported The function and human-computer interaction interface (such as FLASH ROM or host computer) of deposit data.Therefore, the to be accessed of networking will be allowed to set Standby identification information is permanently stored in white list, and allows to support its increase, deletes, the operation of change.Work as non-wireless device After receiving refusal networking notice, local data can be matched.When successful match, if notified from being directly connected to Identification information can be then written in its white list by router.If notice is led to from other routers or coordinator It crosses to allow to network and instruct, its identification information is written in the white list of the router.
The record of preset white list can be deleted in router.Such as the MAC Address of an equipment to be accessed is recorded in In the white list of router.After white list certification passes through, the MAC Address of equipment to be accessed can be sent to coordinator by router White list in.The MAC Address of equipment to be accessed is sent to each router in wireless network by coordinator again.If should After MAC Address has cached a period of time, such as after having cached 255s, the router is by the MAC Address from white list It deletes.It thus is avoided that the equipment to be accessed of malice is continuously linked into wireless network, promotes the safety of wireless network.
Coordinator or router respond the networking verifying instruction of equipment to be accessed, verify equipment to be accessed and are recognized by white list Card.
After the router in wireless network is received again by the association request that equipment to be accessed issues, equipment to be accessed can Directly by verifying, to be successfully joined wireless network.And after an equipment to be accessed is successfully joined network, it can be asked again to association The router asked sends a networkings verifying and instructs, determine oneself whether by way of white list legal access wireless network Network.Router response, which networks, verifies instruction, confirms that the equipment to be accessed is authenticated by white list.Router is according to white list The instruction of authentication record feedback acknowledgment.If equipment to be accessed is not the legal access wireless network of approach by white list, do not have There is router to respond the verifying instruction that networks.Equipment to be accessed needs to exit current network, rejoins other wireless networks Network.
When being verified by the white list of router, the related information in beacon frame is labeled white equipment to be accessed The specific coding of list.It is programmed into the beacon frame of equipment i.e. to be accessed for the specific coding from verifying identity.It is to be accessed to set After being successfully joined wireless network, the router that can be crossed again to association request sends a networking verifying instruction.Equipment to be accessed Related information encoded in beacon frame is sent to router.After router receives related information, related information is searched In specific coding.If the specific coding being added in specific coding and white list verification process is consistent, with equipment to be accessed into The formal connection of row, starts network information transmitting.If the specific coding being added in specific coding and white list verifying is inconsistent, say Bright equipment to be accessed is not that wireless network is added by the approach that white list is verified.Equipment to be accessed needs to exit current network, Re-search for and be added other wireless networks.
As shown in Fig. 2, the present invention provides a kind of cut-in method of wireless network, the step of cut-in method, includes:
Equipment to be accessed is in the way of screening at least one wireless device based on beacon frame watch-list and institute It states wireless device and carries out white list certification;
Wireless network is accessed in a manner of delaying access the equipment to be accessed that the white list authenticates;
The equipment to be accessed is carried out to the associated wireless device from verifying, to access wireless network.
According to a preferred embodiment, equipment to be accessed wirelessly sets at least one according to based on beacon frame watch-list Include: for the mode screened and the step of wireless device progress white list certification
At least one wireless device is screened based on beacon frame watch-list;
The screening of historical context number is carried out at least one wireless device based on beacon frame information;
White list verifying is carried out to the wireless device by screening.
It is described that at least one wireless device is screened based on beacon frame watch-list according to a preferred embodiment The step of include:
The equipment to be accessed sends beacon request to wireless device described at least one;
Receive at least one beacon frame of at least one wireless device feedback;
Beacon frame of the deletion record in the blacklist simultaneously retains remaining beacon frame;
Select at least one wireless device corresponding with the beacon frame retained.
It is described that historical context is carried out at least one wireless device based on beacon frame information according to a preferred embodiment Number screen the step of include:
The equipment to be accessed records at least one described wireless device pre-association based on the historical context number Arrange association sequence;
Association request successively is cycled through to wireless device described at least one until and wireless device based on association sequence It is successfully associated.
According to a preferred embodiment, described the step of carrying out white list verifying to the wireless device for passing through screening Include:
The equipment to be accessed sends its physical address and is matched with the white list;
Receive and execute the command adapted thereto that the wireless device is sent according to white list authentication result.
According to a preferred embodiment, the command adapted thereto that the wireless device is sent according to white list authentication result is received The step of include:
The wireless device is in a broadcast manner by the physical address for the equipment to be accessed not authenticated by white list It disposably broadcasts with refusal networking password to each equipment of wireless network.
According to a preferred embodiment, the equipment to be accessed authenticated by the white list is to delay to access Mode the step of accessing wireless network include:
After the beacon frame information that the equipment to be accessed is fed back according to the wireless device waits in slack time threshold value Access wireless network.
According to a preferred embodiment, the wireless device by be more than slack time threshold value the equipment to be accessed Physical address is deleted from the white list.
According to a preferred embodiment, the equipment to be accessed is networked with sending to the wireless device with association history The mode of instruction is verified from the approach of verifying access wireless network.
According to a preferred embodiment, the white list persistence allows to access the equipment to be accessed of network Physical address.
Embodiment one
The router that accessing wirelessly access is supported around equipment scanning to be accessed, obtains the beacon frame of surrounding router.Letter Mark frame watch-list record has invalid beacon frame and the beacon frame with bad history.According to the beacon frame in equipment to be accessed Watch-list screens router.The beacon frame in beacon frame watch-list is deleted and filtered out, remaining beacon is retained Frame simultaneously caches.Select the maximum beacon frame of signal strength indication in the beacon frame retained.Physics is extracted from the beacon frame Address and service set information.Include signal strength indication (RSSI value) in beacon frame, intensity value is compared by parsing and is selected The maximum beacon frame of intensity value out, intensity value maximum illustrate that the wireless access points of this beacon frame are opposite from equipment to be accessed It is relatively close.Equipment to be accessed sends connection request to router corresponding with the maximum beacon frame of intensity value.Router is receiving After connection request, address and resource are distributed to equipment to be accessed.Equipment to be accessed is attached with router, accesses wireless network Network.
Embodiment two
Zigbee network default, which is opened, allows networking function, without being set as specific time unlatching or the manually opened function Energy.Router receives the inbound information of equipment to be accessed, includes the verifying ID of equipment to be accessed, equipment to be accessed in inbound information Unique verifying ID is each equipped with before product export.Later, whether router judges the verifying ID of equipment to be accessed on road By in the white list of device.White list is default is stored in router.If the verifying ID of equipment to be accessed in white list, Then allow equipment to be accessed that network is added.Meanwhile network can not be just added in equipment to be accessed of the certification ID not in white list.I.e. Network itself can actively refuse the addition of other equipment to be accessed without permission, ensure that the safety of Zigbee network. Also, if there is other Zigbee networks, also in its white list, other can also be added in the verifying ID of the log equipment Zigbee network is not limited by a Zigbee network.
The present embodiment the following steps are included:
S01: router receives the inbound information of equipment to be accessed, and inbound information includes association request information, association request Information includes the verifying ID of equipment to be accessed.
S02: after router receives association request information, judge the verifying ID for the equipment to be accessed that association request information includes Whether in white list.
S03: if allowing equipment to be accessed that network is added if, router.
The inbound information of equipment to be accessed in the present embodiment, including the BEACON frame successively issued and association request information, Association request information includes the verifying ID of equipment to be accessed.The BEACON frame and association request information successively issued corresponding following two A step:
1) equipment to be accessed broadcast transmission BEACON REQUEST frame first, to search for network;Router receives BEACON After REQUEST frame, BEACON frame is sent, BEACON frame includes the information of this network.
2) equipment to be accessed receives BEACON frame and just sends association request information to router after confirming.
After the router for executing step S02 receives association request information, judge to verify ID whether in white list.Then ID is such as verified in white list, network is added in the permission equipment to be accessed for executing step S03.ID is such as verified not in white list, Router directly refuses the association request information of equipment to be accessed.
Embodiment three
The present invention will be described by taking ZigBee-network as an example for the present embodiment.Equipment to be accessed is based on beacon frame watch-list Screening:
When equipment to be accessed at least one router send beacon request, and receive router feedback several beacons After frame, the beacon frame received can be filtered by beacon frame watch-list.All beacon frame mistakes in beacon frame watch-list Filter is deleted, and then remaining beacon frame is stored in beacon caching.This is that equipment to be accessed carries out at least one router First time screening.
Screening based on association history number:
After equipment to be accessed sends beacon request at least one router, after receiving multiple beacon frames.In beacon caching Each beacon frame is all recorded with historical context number.Equipment to be accessed can be according to the historical context number in beacon frame Record, successively corresponding router initiates association request, avoids only being associated with the strongest ZigBee-network of signal.Each After beacon frame association is primary, degree of incidence increases primary.When initiating to be associated with to router, it is possible to which its physical address is not at this In the white list of router.At this moment, the instruction of network is added in the refusal that equipment to be accessed will receive router feedback, then waiting Enter equipment and continues the next router for being associated with beacon caching record.When the last one router association failure in beacon caching Afterwards, equipment to be accessed can cache the association for carrying out the second wheel according to beacon.Therefore, it after the first round, which is associated with, to fail, was associated with The physical address of equipment to be accessed may be had been written in the white list caching of router.Equipment to be accessed carries out again at this time Two wheel it is operation associated, it is possible to be successfully associated, so that ZigBee-network be added.When the second wheel association is also by all-router When refusal, equipment to be accessed at least one router solicitation beacon, establishes beacon caching again.
Equipment to be accessed delays to access:
Beacon frame has a region to be allocated.In multiple routers that region to be allocated instruction can currently access how many The data jamming of a equipment is in sending caching.When equipment to be accessed receives the excessive beacon of area equipment to be allocated Frame, it will be able to judge that the router current working status is busy.Equipment to be accessed selection not immediately with the router connection group Net delays to access ZigBee-network, so as to improve the success rate of networking.
After router receives the association request that equipment to be accessed is sent, it can't be distributed at once for equipment to be accessed short Address and link circuit resource, but verified with white list caching.If certification passes through, equipment to be accessed networks successfully.
If white list certification does not pass through, the refusal that equipment to be accessed receives router transmission, which networks, to be instructed, and is entered Net failure.Router is by the information of equipment to be accessed and refuses networking command broadcast to coordinator.Coordinator is set to be accessed again Other routers of standby information and refusal networking command broadcast to whole ZigBee-networks.That is router is by institute in the unit time There is the address IEEE for the equipment to be accessed being rejected uniformly to be broadcast to whole ZigBee-networks.If the every refusal of router is primary The address IEEE is broadcasted, then can cause broadcast storm, it can be to avoid broadcast storm by unified broadcast.If ZigBee-network In the router equipment that connects other non-supporting Zigbee protocols by other interfaces or communication protocol, can also be refused Inbound information notifies to give the equipment.And the equipment to be accessed of refusal networking notice is received, it is connected to it other non-supporting The equipment of Zigbee protocol also will receive the notice for being rejected networking.
After non-ZigBee equipment receives refusal networking notice, local data can be matched.When successful match, if It is notified from the router being directly connected to, then the address IEEE can be written in its white list.If notice to Access device is then instructed by allowing to network, is written into the white list of router.
When the MAC Address of equipment to be accessed is in the white list of coordinator, and after being verified, coordinator can should The MAC Address of ZigBee equipment is sent to router.If the MAC Address cache-time is more than cache-time threshold value 200S, road The MAC Address of equipment to be accessed will be deleted by device.To avoid the ZigBee equipment of malice from being continuously linked into ZigBee-network In, promote the safety of ZigBee-network.
After at least one router in ZigBee-network is received again by corresponding association request, so that it may directly pass through White list certification, is added ZigBee-network.After equipment to be accessed is successfully joined network, the router that can be crossed to association request is sent out It is sent into net verifying instruction, is carried out from verifying, to determine that the approach for oneself whether passing through white list accesses network.If from verifying discovery Equipment to be accessed is not that ZigBee-network is added by the verifying approach of white list, and equipment to be accessed can exit current network, Rejoin other ZigBee-networks.
When being verified by the white list of router, the related information in beacon frame is labeled white equipment to be accessed The specific coding of list.It is programmed into the beacon frame of equipment i.e. to be accessed for the specific coding from verifying identity.It is to be accessed to set After being successfully joined wireless network, the router that can be crossed again to association request sends a networking verifying instruction.Equipment to be accessed Related information encoded in beacon frame is sent to router.After router receives related information, related information is searched In specific coding.If the specific coding being added in specific coding and white list verification process is consistent, with equipment to be accessed into The formal connection of row, starts network information transmitting.If the specific coding being added in specific coding and white list verifying is inconsistent, say Bright equipment to be accessed is not that wireless network is added by the approach that white list is verified.Equipment to be accessed needs to exit current network, Re-search for and be added other wireless networks.
It should be noted that above-mentioned specific embodiment is exemplary, those skilled in the art can disclose in the present invention Various solutions are found out under the inspiration of content, and these solutions also belong to disclosure of the invention range and fall into this hair Within bright protection scope.It will be understood by those skilled in the art that description of the invention and its attached drawing are illustrative and are not Constitute limitations on claims.Protection scope of the present invention is defined by the claims and their equivalents.

Claims (9)

1. a kind of Radio Network System, including coordinator and at least one router, which is characterized in that the router is by waiting Enter equipment to be screened based on beacon frame watch-list, and the router is provided with for carrying out with the equipment to be accessed The identification information of the authentication result of the white list and the equipment to be accessed is sent to by the white list of certification, the coordinator Each router is again coupled to request with receiving/refusal equipment to be accessed;The coordinator or the router The networking verifying instruction for responding the equipment to be accessed, verifies the equipment to be accessed and is authenticated by white list.
2. Radio Network System as described in claim 1, which is characterized in that the router is based on the equipment to be accessed Beacon request feeds back beacon frame, the beacon frame and the matched router of the beacon frame watch-list with it is described to be accessed Equipment carries out white list certification.
3. Radio Network System as claimed in claim 2, which is characterized in that the router is based on by the equipment to be accessed Historical context number in the beacon frame is screened and is connected.
4. Radio Network System as claimed in claim 3, which is characterized in that the router is by the mark of the equipment to be accessed Know information to be matched with the information that the white list records, to carry out white list certification.
5. Radio Network System as claimed in claim 4, which is characterized in that the coordinator will not pass through white list certification The identification information of the equipment to be accessed disposably broadcasts each router into wireless network.
6. Radio Network System as claimed in claim 5, which is characterized in that the coordinator or the router to it is described to Access device feeds back beacon frame, and the equipment to be accessed delays to access wireless network based on the process state information in the beacon frame Network.
7. Radio Network System as described in claim 1, which is characterized in that the white list persistence in the router is permitted Perhaps the identification information of the equipment to be accessed to network.
8. a kind of wireless network access method, which is characterized in that the step of cut-in method include: coordinator or at least one Router feeds back the beacon request of equipment to be accessed;
The coordinator or the router are based on beacon frame watch-list by equipment to be accessed and are screened and connected;
The coordinator or the router carry out white list certification to the equipment to be accessed;
The coordinator or router response network and verify instruction, verify the equipment to be accessed and are authenticated by white list;
After the router in wireless network is received again by the association request that equipment to be accessed issues, equipment to be accessed can be straight Verifying was connected, wireless network is successfully joined.
9. wireless network access method as claimed in claim 8, which is characterized in that the step of the cut-in method further include:
The coordinator or the router by equipment to be accessed be based on historical context number record in beacon frame carry out screening and Connection.
CN201510471313.XA 2015-08-04 2015-08-04 A kind of Radio Network System and wireless network access method Active CN105072613B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510471313.XA CN105072613B (en) 2015-08-04 2015-08-04 A kind of Radio Network System and wireless network access method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510471313.XA CN105072613B (en) 2015-08-04 2015-08-04 A kind of Radio Network System and wireless network access method

Publications (2)

Publication Number Publication Date
CN105072613A CN105072613A (en) 2015-11-18
CN105072613B true CN105072613B (en) 2019-01-08

Family

ID=54501865

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510471313.XA Active CN105072613B (en) 2015-08-04 2015-08-04 A kind of Radio Network System and wireless network access method

Country Status (1)

Country Link
CN (1) CN105072613B (en)

Families Citing this family (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106788615B (en) * 2016-12-22 2022-08-12 华南理工大学 Method and system for rapidly managing white list of Bluetooth equipment
CN109275202A (en) * 2017-07-18 2019-01-25 上海顺舟智能科技股份有限公司 A kind of wireless networking method of ZigBee-network
US20190223244A1 (en) * 2018-01-12 2019-07-18 Mediatek Inc. Method for avoiding establishing an inefficient wireless connection and a communications apparatus utilizing the same
CN108366438B (en) * 2018-03-09 2021-09-07 成都世纪光合作用科技有限公司 Generating cluster networking method and generating cluster network for large-scale self-organizing wireless communication
CN108540547A (en) * 2018-03-29 2018-09-14 四川斐讯信息技术有限公司 A kind of router connection method, device, system and router
CN108540497A (en) * 2018-06-01 2018-09-14 深圳市彬讯科技有限公司 Intelligent gateway and its connection control method
CN108881328B (en) * 2018-09-29 2021-02-23 北京东土军悦科技有限公司 Data packet filtering method and device, gateway equipment and storage medium
CN109495888A (en) * 2018-12-04 2019-03-19 深圳市四海伽蓝电子科技有限公司 Certification connection mechanism method based on wireless signal strength
CN109743402B (en) * 2019-01-31 2020-07-07 深圳云合科技有限公司 Processing method, transmission method, receiver and answering machine of answering information
CN109921966B (en) * 2019-03-01 2021-05-14 深圳冠特家居健康系统有限公司 Network distribution method of intelligent household equipment and intelligent household system
CN110309505A (en) * 2019-05-27 2019-10-08 重庆高开清芯科技产业发展有限公司 A kind of data format self-analytic data method of word-based insertion semantic analysis
CN110740490A (en) * 2019-10-22 2020-01-31 深圳市信锐网科技术有限公司 Terminal network access method, gateway equipment, system, storage medium and device
CN112787884B (en) 2020-12-28 2022-09-30 北京小米移动软件有限公司 Networking method and device and storage medium
CN113970893A (en) * 2021-09-10 2022-01-25 江苏方天电力技术有限公司 Power consumption monitoring terminal equipment and immediate installation and immediate acquisition method thereof
CN113923241B (en) * 2021-09-29 2024-05-24 青岛海尔空调器有限总公司 Method and device for Internet of things equipment distribution network, router and Internet of things equipment
CN114338074B (en) * 2021-11-09 2023-08-01 国网浙江省电力有限公司宁波供电公司 Automatic detection method and detection system for IP white list of power distribution terminal

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2006262176A (en) * 2005-03-17 2006-09-28 Tdk Corp Onboard radio lan device
CN101848514A (en) * 2009-03-23 2010-09-29 华为技术有限公司 Method for switching WiMAX access network to WiFi access network and relevant equipment
CN102833824A (en) * 2012-08-30 2012-12-19 福建星网锐捷网络有限公司 Access method and device for wireless local area network and network equipment
CN103379480A (en) * 2012-04-17 2013-10-30 腾讯科技(深圳)有限公司 Wireless network connection method and wireless network connection apparatus
CN103716795A (en) * 2012-10-09 2014-04-09 中兴通讯股份有限公司 Wireless network safe access method, apparatus and system
CN104144472A (en) * 2014-08-06 2014-11-12 广东欧珀移动通信有限公司 Wireless router scanning method and system

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2006262176A (en) * 2005-03-17 2006-09-28 Tdk Corp Onboard radio lan device
CN101848514A (en) * 2009-03-23 2010-09-29 华为技术有限公司 Method for switching WiMAX access network to WiFi access network and relevant equipment
CN103379480A (en) * 2012-04-17 2013-10-30 腾讯科技(深圳)有限公司 Wireless network connection method and wireless network connection apparatus
CN102833824A (en) * 2012-08-30 2012-12-19 福建星网锐捷网络有限公司 Access method and device for wireless local area network and network equipment
CN103716795A (en) * 2012-10-09 2014-04-09 中兴通讯股份有限公司 Wireless network safe access method, apparatus and system
CN104144472A (en) * 2014-08-06 2014-11-12 广东欧珀移动通信有限公司 Wireless router scanning method and system

Also Published As

Publication number Publication date
CN105072613A (en) 2015-11-18

Similar Documents

Publication Publication Date Title
CN105072613B (en) A kind of Radio Network System and wireless network access method
JP6416409B2 (en) Access point steering
US7342906B1 (en) Distributed wireless network security system
JP4764108B2 (en) Wireless terminal, management device, wireless LAN control method, wireless LAN system
EP3396928B1 (en) Method for managing network access rights and related device
CN105915550B (en) A kind of Portal/Radius authentication method based on SDN
CN112261708B (en) System and method for automatically configuring WiFi equipment in batches
EP2846586B1 (en) A method of accessing a network securely from a personal device, a corporate server and an access point
CN101379795A (en) address assignment by a DHCP server while client credentials are checked by an authentication server
KR20160114620A (en) Methods, devices and systems for dynamic network access administration
CN109413649B (en) Access authentication method and device
EP1589703B1 (en) System and method for accessing a wireless network
CN111885680A (en) Method, system and core equipment for establishing network connection
CN105554758B (en) A kind of multiple WiFi network Centralized Authentication Systems and method based on cloud platform
CN106686592B (en) Network access method and system with authentication
CN107421060A (en) Air conditioner communication means and air conditioner based on NB IoT networks
CN106487583A (en) A kind of method for setting up network connection and LAN system
CN105052177B (en) Radio Network System, terminal management apparatus, relay apparatus and communication means
CN103442359A (en) Sensor node authentication method and system based on short distance wireless access mode
US20060161770A1 (en) Network apparatus and program
CN108712743B (en) Method and system for managing wireless networking of device groups
CN113938525A (en) 5G universal terminal access management and resource scheduling platform server, system and method
JP2003318939A (en) Communication system and control method thereof
CN103973570B (en) A kind of method of message transmissions, AP and system
JP2005167580A (en) Access control method and apparatus in wireless lan system

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
PE01 Entry into force of the registration of the contract for pledge of patent right
PE01 Entry into force of the registration of the contract for pledge of patent right

Denomination of invention: A wireless network system and wireless network access method

Effective date of registration: 20230203

Granted publication date: 20190108

Pledgee: Agricultural Bank of China Co.,Ltd. Chengdu Tianfu New Area Branch

Pledgor: CHENGDU CENTURY PHOTOSYNTHESIS TECHNOLOGY Co.,Ltd.

Registration number: Y2023510000040