CN105188055B - wireless network access method, wireless access point and server - Google Patents
wireless network access method, wireless access point and server Download PDFInfo
- Publication number
- CN105188055B CN105188055B CN201510502758.XA CN201510502758A CN105188055B CN 105188055 B CN105188055 B CN 105188055B CN 201510502758 A CN201510502758 A CN 201510502758A CN 105188055 B CN105188055 B CN 105188055B
- Authority
- CN
- China
- Prior art keywords
- wireless access
- access point
- terminal
- authentication information
- authentication
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/08—Access security
Abstract
The present invention provides a kind of wireless network access method, wireless access point and server, wherein, wireless network access method includes:After access pin in the wireless access request sent to the terminal received is verified, being returned to terminal allows access information, and terminal iidentification is further included in wireless access request;The first certification request that terminal is sent is received, the first certification request includes random number and terminal iidentification;According to random number and pre-stored root key, the first authentication information is determined;Send the second certification request to server so that server the first authentication information is authenticated in the random number in the second certification request and wireless access point identification it is rear to terminal return authentication as a result, authentication result represents whether wireless access point legal.Ensure safety and the legitimacy of wireless access point, terminal is prevented to be linked into illegal wireless access point, and then prevent illegal wireless access point from the data in terminal can be stolen and be usurped.
Description
Technical field
The present invention relates to a kind of communication technology more particularly to wireless network access method, wireless access point and servers.
Background technology
With the development of the communication technology, wireless communication technique is more and more widely used to home-use wireless network
In.
In the prior art, terminal can ask the wireless access for carrying access pin after wireless network is detected
Be sent to wireless access point, wireless access point demonstrate access pin it is correct after, the terminal is allowed to be linked into wireless access
In the wireless network of point, terminal establishes wireless connection with wireless access point.
However, as long as wireless access point demonstrates that access pin is correct, and terminal can be with wireless access in the prior art
Point establishes connection, so as to which the safety of wireless access point and legitimacy can not ensure, can not prevent whether terminal can be linked into
In legal wireless access point, cause illegal wireless access point that the data in terminal can be stolen and be usurped, so as to
Economic loss is brought to using the user of the terminal.
Invention content
The present invention provides a kind of wireless network access method, wireless access point and server, to solve the prior art
The safety of middle wireless access point and legitimacy can not ensure, can not prevent whether terminal can be linked into legal wireless access
In point, cause illegal wireless access point that the data in terminal can be stolen and be usurped, so as to give using the terminal
User brings economic loss.
It is an aspect of the present invention to provide a kind of wireless network access method, including:
The wireless access request that terminal is sent is received, the wireless access request includes terminal iidentification and access pin;
The access pin is verified, and after being verified, being returned to the terminal allows access information;
The first certification request that the terminal is sent is received, first certification request includes random number and terminal mark
Know;
According to the random number and pre-stored root key, the first authentication information is determined;
To server send the second certification request, second certification request include the terminal iidentification, it is described at random
Number, wireless access point identification and first authentication information, so that the server is according to the random number and the nothing
Line access point identity first authentication information is authenticated after according to the terminal iidentification to the terminal return authentication
As a result, the authentication result represents whether the wireless access point is legal.
Another aspect of the present invention is to provide a kind of wireless network access method, including:
The second certification request that wireless access point is sent is received, wherein, second certification request is the wireless access
Random number and pre-stored root key of the point in the first certification request sent according to terminal determine the first authentication information
Send later, second certification request include the random number, wireless access point identification, first authentication information with
And the terminal iidentification in first certification request;
According to the random number and the wireless access point identification, first authentication information is authenticated;
According to the terminal iidentification to the terminal return authentication as a result, the authentication result represents the wireless access point
It is whether legal.
It is another aspect of the present invention to provide a kind of wireless access point, including:
Wireless access request receiving module, for receiving the wireless access request of terminal transmission, the wireless access request
Include terminal iidentification and access pin;
Wireless access requests verification module, for being verified to the access pin, and after being verified, to described
Terminal, which returns, allows access information;
First certification request receiving module, for receiving the first certification request that the terminal is sent, first certification
Request includes random number and terminal iidentification;
First authentication module, for according to the random number and pre-stored root key, determining that the first certification is believed
Breath;
Sending module, for sending the second certification request to server, second certification request includes the terminal
Mark, the random number, wireless access point identification and first authentication information so that the server according to it is described with
Machine number and the wireless access point identification first authentication information is authenticated after according to the terminal iidentification to described
Terminal return authentication is as a result, the authentication result represents whether the wireless access point is legal.
It is a further aspect of the present invention to provide a kind of server, including:
Second certification request receiving module, for receiving the second certification request of wireless access point transmission, wherein, described the
Two certification requests is random number of the wireless access point in the first certification request sent according to terminal and prestore
Root key determine what is sent after the first authentication information, second certification request includes the random number, wireless access
Terminal iidentification in point identification, first authentication information and first certification request;
Second authentication module, for according to the random number and the wireless access point identification, believing first certification
Breath is authenticated;
Return module, for according to the terminal iidentification to the terminal return authentication as a result, the authentication result represent
Whether the wireless access point is legal.
The solution have the advantages that:The wireless access request that terminal is sent is received, wireless access request includes terminal
Mark and access pin;Access pin is verified, and after being verified, being returned to terminal allows access information;It receives
The first certification request that terminal is sent, the first certification request include random number and terminal iidentification;According to random number and in advance
The root key of storage determines the first authentication information;The second certification request is sent to server, the second certification request includes terminal
Mark, random number, wireless access point identification and the first authentication information, so that server is according to random number and wireless access point
It identifies after being authenticated to the first authentication information according to terminal iidentification to terminal return authentication as a result, authentication result represents wireless
Whether access point is legal.It realizes and the safety of wireless access point is authenticated, ensure the safety and conjunction of wireless access point
Method prevents terminal to be linked into illegal wireless access point, it is therefore prevented that illegal wireless access point can be in terminal
Data are stolen and are usurped, so as to give the problem of bringing economic loss using the user of the terminal.
Description of the drawings
Fig. 1 is the flow chart of wireless network access method that the embodiment of the present invention one provides;
Fig. 2 is the flow chart of wireless network access method provided by Embodiment 2 of the present invention;
Fig. 3 is the structure diagram of wireless access point that the embodiment of the present invention three provides;
Fig. 4 is the structure diagram of server that the embodiment of the present invention four provides.
Specific embodiment
Purpose, technical scheme and advantage to make the embodiment of the present invention are clearer, below in conjunction with the embodiment of the present invention
In attached drawing, the technical solution in the embodiment of the present invention is clearly and completely described, it is clear that described embodiment is
Part of the embodiment of the present invention, instead of all the embodiments.Based on the embodiments of the present invention, those of ordinary skill in the art
All other embodiments obtained without making creative work shall fall within the protection scope of the present invention.
Fig. 1 is the flow chart of wireless network access method that the embodiment of the present invention one provides, as shown in Figure 1, the present embodiment
Method include:
Step 101 receives the wireless access request that terminal is sent, and wireless access request includes terminal iidentification and accesses close
Code.
In the present embodiment, specifically, wireless access point receives taking for terminal transmission by a certain network communication protocol
The wireless access of band terminal iidentification and access pin request, for example, wireless access point can be by transmission control protocol/internet
Agreement (Transmission Control Protocol/Internet Protocol, abbreviation TCP/IP) receives terminal and sends
Wireless access request;Wireless access point can by Wireless Application Protocol (Wireless Application Protocol,
Abbreviation WAP) receive the wireless access request that terminal is sent.
Step 102 verifies access pin, and that after being verified being returned to terminal allows access information.
In the present embodiment, it specifically, the access pin during wireless access point asks wireless access is verified, is testing
After card access pin is correct, being returned to terminal allows access information, so as to which the terminal be allowed to be linked into the nothing of wireless access point
In gauze network.
Step 103 receives the first certification request that terminal is sent, and the first certification request includes random number and terminal mark
Know.
In the present embodiment, specifically, wireless access point receives the first certification request that terminal is sent, the first certification request
In include a random number and terminal iidentification.
Step 104, according to random number and pre-stored root key, determine the first authentication information.
In the present embodiment, specifically, wireless access point is according to the random number that receives and pre-stored wirelessly connects
The root key of access point goes to be calculated, and obtains the first authentication information.
Step 105 sends the second certification request to server, and the second certification request includes terminal iidentification, random number, nothing
Line access point identity and the first authentication information so that server according to random number and wireless access point identification to the first certification
Information be authenticated after according to terminal iidentification to terminal return authentication as a result, authentication result represent wireless access point whether close
Method.
In the present embodiment, specifically, wireless access point sends the second certification request to server, in the second certification request
Include wireless access point identification, the first authentication information and terminal iidentification and random number in the first certification request.So as to take
Business device can be authenticated the first authentication information to obtain authentication result, certification knot according to random number and wireless access point identification
Fruit represents whether wireless access point is legal wireless access point, specifically, if the certification of the first authentication information passes through,
To authentication result for wireless access point be legal wireless access point, if the certification of the first authentication information does not pass through, obtain
Authentication result for wireless access point be not legal wireless access point.Server can be sent out authentication result according to terminal iidentification
Give terminal so that terminal determines whether to be connected in the wireless network of wireless access point after receiving authentication result, specifically
For, terminal can be mobile phone, and terminal iidentification can be phone number, and server is according to phone number, by authentication result with short
The form of letter data packet is sent to mobile phone by short message service carrying platform, so that mobile phone is true according to authentication result is received
It is fixed whether to be connected in wireless access point, if it is legal wireless access that the authentication result that mobile phone receives, which is wireless access point,
Point, then mobile phone may be coupled in the wireless network of wireless access point, if the authentication result that mobile phone receives is wireless access point
It is not legal wireless access point, then mobile phone can be not connected in the wireless network of wireless access point.
After the present embodiment is verified by the access pin in the request of the wireless access that is sent to terminal, receive again eventually
Hold the first certification request sent, terminal iidentification further included in wireless access request, the first certification request include random number with
Terminal iidentification;According to random number and pre-stored root key, the first authentication information is determined;The second certification is sent to server
Request, so that random number and wireless access point identification of the server in the second certification request recognize the first authentication information
The backward terminal return authentication of card is as a result, authentication result represents whether wireless access point is legal.So as to be asked to wireless access
In access pin be proved to be successful after, the safety of wireless access point is authenticated, ensures the safety of wireless access point
And legitimacy, terminal is prevented to be linked into illegal wireless access point, it is therefore prevented that illegal wireless access point can be to terminal
In data stolen and usurped, so as to bring economic loss using the user of the terminal the problem of.
Further, on the basis of above-described embodiment, algorithm mark is further included in the first certification request, step 104
Specific embodiment, including:
According to random number and pre-stored root key, the first authentication information is determined, including:
It determines and the corresponding algorithm of algorithm mark;
Operation is carried out to random number and root key using algorithm, determines the first authentication information.
In the present embodiment, specifically, having prestored the algorithm mark of N kinds algorithm and N kind algorithms in wireless access point
The correspondence of knowledge, wherein, N is greater than 0 integer.Algorithm mark is also carried in first certification request, wireless access point is true
Determine and the corresponding algorithm of algorithm mark;Then, wireless access point use with the corresponding algorithm of algorithm mark, to random number with
The root key of the wireless access point stored in advance carries out operation, obtains the first authentication result.The N kinds stored in wireless access point are calculated
Method can be hash algorithm scheduling algorithm, and for the type of algorithm, the present invention is not specifically limited.
Further, on the basis of above-described embodiment, algorithm mark is further included in the second certification request, step 105
Specific embodiment, including:
To server send the second certification request so that server use with the algorithm corresponding algorithm of mark to random number with
And corresponding with wireless access point identification root key carries out operation and removes to determine the second authentication information, and in the first authentication information and the
The legal authentication result of mark wireless access point is returned to terminal according to terminal iidentification when two authentication informations are consistent;
Wherein, root key corresponding with wireless access point identification is deposited for server according to wireless access point identification in advance
It is determined in the wireless access point identification of storage and the correspondence of root key.
In the present embodiment, specifically, wireless access point is further comprised into the second certification request that server is sent
Algorithm mark in first certification request.Pair of N kinds algorithm algorithm mark corresponding with N kind algorithms has been prestored in server
It should be related to, wherein, N is greater than 0 integer, and server determines and the corresponding calculation of algorithm mark according to the algorithm mark received
Method;Wireless router mark and the correspondence of root key are also prestored in server, server is wireless according to what is received
Access point identity determines root key corresponding with wireless access point identification.Server may be used and the corresponding algorithm of algorithm mark
To random number and root key corresponding with wireless access point identification carries out operation, determines the second authentication information.Server judges
Whether the first authentication information is consistent with the second authentication information, if unanimously, server is according to terminal iidentification to terminal return authentication
As a result, the authentication result represents that wireless access point is legal;If inconsistent, server is according to terminal iidentification to terminal return authentication
As a result, the authentication result represents that wireless access point is illegal.
Present embodiment by according to using with the corresponding algorithm of algorithm mark to random number and with wireless access point mark
Know corresponding root key progress operation to go to determine the second authentication information, and in the first authentication information and consistent the second authentication information
The legal authentication result of mark wireless access point is returned to terminal, so as to reasonably demonstrate the legitimacy of wireless access point.
Further, on the basis of above-described embodiment, in step 102 before being verified to wireless access password,
It further includes:
Authentication request is sent to terminal according to terminal iidentification, authentication request includes wireless access point identification,
So that terminal inquires whether to wireless access point have sent wireless access according to wireless access point identification in request sends record
Request;
If the expression for receiving terminal transmission has had sent the authentication response of wireless access request, perform to nothing
The step of line access pin is verified.
In the present embodiment, specifically, wireless access point is after the wireless access request of terminal transmission is received, root
Terminal iidentification in being asked according to wireless access sends authentication request to terminal, includes wireless access in authentication request
Point identification.After terminal receives authentication request, whether once wireless to this inquired in the request transmission record of preservation
Access point is transmitted across wireless access request, is transmitted across wireless access request if inquiring to the wireless access point, terminal is to nothing
Line access point returns to authentication response, and authentication response represents to have had sent wireless access request.Wireless access point connects
The expression for receiving terminal transmission has had sent the authentication response of wireless access request, then can carry out wireless access password
The process verified.
Present embodiment by according to terminal iidentification to terminal send authentication request, so as to wireless access is asked into
Row verification so that terminal determines whether once to be transmitted across wireless access request to wireless access point, so as to ensure that terminal can connect
It is connected in the wireless access point for being transmitted across wireless access request, ensure that terminal actively can go to be connected to wireless access point
In.
Fig. 2 is the flow chart of wireless network access method provided by Embodiment 2 of the present invention, as shown in Fig. 2, the present embodiment
Method include:
Step 201 receives the second certification request that wireless access point is sent, wherein, the second certification request is wireless access
Random number and pre-stored root key of the point in the first certification request sent according to terminal determine the first authentication information
It sends later, the second certification request includes random number, wireless access point identification, the first authentication information and the first certification please
Terminal iidentification in asking.
In the present embodiment, specifically, wireless access point receives the first certification request that terminal is sent, the first certification request
In include random number and terminal iidentification, wireless access point determines that the first certification is believed according to random number and pre-stored root key
After breath, the second certification request is sent to server, the second certification request includes wireless access point identification, the first authentication information
And the first random number and terminal iidentification in certification request.Server receives the second certification request that wireless access point is sent.
Step 202, according to random number and wireless access point identification, the first authentication information is authenticated.
In the present embodiment, specifically, server is according to the random number and wireless access point identification received, to first
Authentication information is authenticated.
Step 203, according to terminal iidentification to terminal return authentication as a result, authentication result represent wireless access point whether close
Method.
In the present embodiment, specifically, server obtains authentication result after being authenticated to the first authentication information,
Authentication result represents whether the wireless access point is legal;Authentication result is returned to terminal by server, so that terminal is according to wireless
Whether access point is legal, it is determined whether is linked into the wireless network of wireless access point.For example, terminal can be mobile phone,
Terminal iidentification can be phone number;Server, can be according to mobile phone after the legal authentication result of wireless access point is obtained
Authentication result is sent to mobile phone, so that mobile phone by number in the form of note data packet by short message service carrying platform
Determine whether to be connected in wireless access point according to authentication result is received.
The second certification request that the present embodiment is sent by receiving wireless access point, wherein, the second certification request is wireless
Random number and pre-stored root key of the access point in the first certification request sent according to terminal determine the first certification
It is sent after information;Random number and wireless access point identification in the second certification request carry out the first authentication information
Certification, and to terminal return authentication as a result, authentication result represents whether wireless access point legal.So as to be asked to wireless access
In access pin be proved to be successful after, the safety of wireless access point is authenticated, ensures the safety of wireless access point
And legitimacy, terminal is prevented to be linked into illegal wireless access point, it is therefore prevented that illegal wireless access point can be to terminal
In data stolen and usurped, so as to bring economic loss using the user of the terminal the problem of.
Further, on the basis of above-described embodiment, algorithm mark is further included in the second certification request, algorithm is identified as
It is carried in first certification request, the specific embodiment of step 202, including:
According to wireless access point identification, in the correspondence of pre-stored wireless access point identification and root key, look into
Look for root key corresponding with wireless access point identification;
Using with the corresponding algorithm of algorithm mark to random number and root key corresponding with wireless access point identification carry out
Operation determines the second authentication information;
Judge whether the first authentication information is consistent with the second authentication information;
It is consistent with the second authentication information in the first authentication information, then it performs and wireless access is returned to terminal according to terminal iidentification
The step of putting legal authentication result.
In the present embodiment, specifically, having prestored N kinds algorithm algorithm mark corresponding with N kind algorithms in server
The correspondence of knowledge, wherein, N is greater than 0 integer;Wireless router mark and pair of root key are also prestored in server
It should be related to.First, server is close in pre-stored wireless access point identification and root according to the wireless access point identification received
In the correspondence of key, root key corresponding with wireless access point identification is searched;Then, server is identified according to algorithm, pre-
It is determined and the corresponding algorithm of algorithm mark in the correspondence of the N kinds algorithm first stored algorithm mark corresponding with N kind algorithms;Clothes
Be engaged in device use with the corresponding algorithm of algorithm mark to random number and root key corresponding with wireless access point identification progress operation,
Determine the second authentication information;Server judges whether the first authentication information is consistent with the second authentication information, if unanimously, server
According to terminal iidentification to terminal return authentication as a result, the authentication result represents that wireless access point is legal;If inconsistent, server
According to terminal iidentification to terminal return authentication as a result, the authentication result represents that wireless access point is illegal.
Present embodiment by using with the corresponding algorithm of algorithm mark to random number and with wireless access point identification pair
The root key answered carries out operation, determines the second authentication information, consistent with the second authentication information in the first authentication information, and terminal returns
The legal authentication result of wireless access point so that terminal can be linked into legal wireless access point, avoid terminal access
After into illegal wireless access point, after being damaged to terminal and bringing economic loss to the user using the terminal
Fruit.
Fig. 3 is the structure diagram of wireless access point that the embodiment of the present invention three provides, as shown in figure 3, the present embodiment
Wireless access point, including:
Wireless access request receiving module 31, for receiving the wireless access request of terminal transmission, in wireless access request
Including terminal iidentification and access pin;
Wireless access requests verification module 32, for being verified to access pin, and after being verified, is returned to terminal
Returning allows access information;
First certification request receiving module 33, for receiving the first certification request of terminal transmission, in the first certification request
Including random number and terminal iidentification;
First authentication module 34, for according to random number and pre-stored root key, determining the first authentication information;
Sending module 35, for server send the second certification request, the second certification request include terminal iidentification, with
Machine number, wireless access point identification and the first authentication information, so that server is according to random number and wireless access point identification pair
First authentication information be authenticated after according to terminal iidentification to terminal return authentication as a result, authentication result represent wireless access point
It is whether legal.
Further, on the basis of above-described embodiment, algorithm mark is further included in the first certification request;Correspondingly, the
One authentication module 34, is specifically used for:
It determines and the corresponding algorithm of algorithm mark;
Operation is carried out to random number and root key using algorithm, determines the first authentication information.
Further, on the basis of above-described embodiment, algorithm mark is further included in the second certification request;Correspondingly, hair
Module 35 is sent, is specifically used for:
To server send the second certification request so that server use with the algorithm corresponding algorithm of mark to random number with
And corresponding with wireless access point identification root key carries out operation and removes to determine the second authentication information, and in the first authentication information and the
The legal authentication result of mark wireless access point is returned to terminal according to terminal iidentification when two authentication informations are consistent;
Wherein, root key corresponding with wireless access point identification is deposited for server according to wireless access point identification in advance
It is determined in the wireless access point identification of storage and the correspondence of root key.
Further, on the basis of above-described embodiment, wireless access requests verification module 32 is additionally operable to:
Before being verified to access pin, authentication request, authentication are sent to terminal according to terminal iidentification
Request includes wireless access point identification so that terminal according to wireless access point identification request send record in inquire whether to
Wireless access point has sent wireless access request;
If the expression for receiving terminal transmission has had sent the authentication response of wireless access request, perform to nothing
The step of line access pin is verified.
The wireless access point of the present embodiment can perform the wireless network access method of the offer of the embodiment of the present invention one, realize
Principle is similar, and details are not described herein again.
After the present embodiment is verified by the access pin in the request of the wireless access that is sent to terminal, receive again eventually
Hold the first certification request sent, terminal iidentification further included in wireless access request, the first certification request include random number with
Terminal iidentification;According to random number and pre-stored root key, the first authentication information is determined;The second certification is sent to server
Request, so that random number and wireless access point identification of the server in the second certification request recognize the first authentication information
The backward terminal return authentication of card is as a result, authentication result represents whether wireless access point is legal.So as to be asked to wireless access
In access pin be proved to be successful after, the safety of wireless access point is authenticated, ensures the safety of wireless access point
And legitimacy, terminal is prevented to be linked into illegal wireless access point, it is therefore prevented that illegal wireless access point can be to terminal
In data stolen and usurped, so as to bring economic loss using the user of the terminal the problem of.
Fig. 4 is the structure diagram of server that the embodiment of the present invention four provides, as shown in figure 4, the service of the present embodiment
Device, including:
Second certification request receiving module 41, for receiving the second certification request of wireless access point transmission, wherein, second
Certification request is close for random number and pre-stored piece of the wireless access point in the first certification request sent according to terminal
Key determines what the first authentication information was sent later, and the second certification request includes random number, wireless access point identification, the first certification
Terminal iidentification in information and the first certification request;
Second authentication module 42, for according to random number and wireless access point identification, being authenticated to the first authentication information;
Return module 43, for according to terminal iidentification to terminal return authentication as a result, authentication result represent wireless access point
It is whether legal.
Further, on the basis of above-described embodiment, algorithm mark is further included in the second certification request, algorithm is identified as
It is carried in first certification request;Correspondingly, the second authentication module 42, is specifically used for:
According to wireless access point identification, in the correspondence of pre-stored wireless access point identification and root key, look into
Look for root key corresponding with wireless access point identification;
Using with the corresponding algorithm of algorithm mark to random number and root key corresponding with wireless access point identification carry out
Operation determines the second authentication information;
Judge whether the first authentication information is consistent with the second authentication information;
It is consistent with the second authentication information in the first authentication information, then it performs and wireless access is returned to terminal according to terminal iidentification
The step of putting legal authentication result.
The server of the present embodiment can perform wireless network access method provided by Embodiment 2 of the present invention, realization principle
Similar, details are not described herein again.
The second certification request that the present embodiment is sent by receiving wireless access point, wherein, the second certification request is wireless
Random number and pre-stored root key of the access point in the first certification request sent according to terminal determine the first certification
It is sent after information;Random number and wireless access point identification in the second certification request carry out the first authentication information
Certification, and to terminal return authentication as a result, authentication result represents whether wireless access point legal.So as to be asked to wireless access
In access pin be proved to be successful after, the safety of wireless access point is authenticated, ensures the safety of wireless access point
And legitimacy, terminal is prevented to be linked into illegal wireless access point, and then prevent illegal wireless access point can be to end
Data in end are stolen and are usurped, and avoid and bring economic loss to the user of using terminal.
One of ordinary skill in the art will appreciate that:Realizing all or part of step of above-mentioned each method embodiment can lead to
Program instruction is crossed to the hardware of pass to complete.Aforementioned program can be stored in a computer read/write memory medium.The journey
Sequence when being executed, performs the step of including above-mentioned each method embodiment;And aforementioned storage medium includes:ROM, RAM, magnetic disc or
The various media that can store program code such as person's CD.
Finally it should be noted that:The above embodiments are merely illustrative of the technical solutions of the present invention, rather than its limitations;Although
The present invention is described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that:It still may be used
To modify to the technical solution recorded in foregoing embodiments or carry out equivalent replacement to which part technical characteristic;
And these modification or replace, do not make to answer technical solution essence be detached from various embodiments of the present invention technical solution spirit and
Range.
Claims (12)
1. a kind of wireless network access method, which is characterized in that including:
Wireless access point receives the wireless access request that terminal is sent, and the wireless access request includes terminal iidentification and access
Password;
The wireless access point is verified the access pin, and after being verified, and allows to connect to terminal return
Enter information;
The wireless access point receives the first certification request that the terminal is sent, and first certification request includes random number
And terminal iidentification;
The wireless access point determines the first authentication information according to the random number and pre-stored root key;
The wireless access point sends the second certification request to server, and second certification request includes the terminal mark
Knowledge, the random number, wireless access point identification and first authentication information, so that the server is according to the random number
And root key corresponding with the wireless access point identification determines the second authentication information, and according to second authentication information pair
First authentication information be authenticated after according to the terminal iidentification to the terminal return authentication as a result, the certification knot
Fruit represents whether the wireless access point is legal;
Wherein, root key corresponding with the wireless access point identification is the server according to the wireless access point identification
It is determined in the correspondence of pre-stored wireless access point identification and root key.
2. according to the method described in claim 1, it is characterized in that, algorithm mark is further included in first certification request;
Correspondingly, it is described according to the random number and pre-stored root key, determine the first authentication information, including:
It determines and the corresponding algorithm of algorithm mark;
Operation is carried out to the random number and the root key using the algorithm, determines the first authentication information.
3. according to the method described in claim 2, it is characterized in that, the algorithm mark is further included in second certification request
Know;
Correspondingly, described send the second certification request to server, so that the server is according to the random number and the nothing
Line access point identity first authentication information is authenticated after according to the terminal iidentification to the terminal return authentication
As a result, including:
The second certification request is sent to the server, so that the server uses and the corresponding algorithm pair of algorithm mark
The random number and root key corresponding with the wireless access point identification carry out operation and remove to determine the second authentication information, and
Mark institute is returned to the terminal according to the terminal iidentification when first authentication information is consistent with second authentication information
State the legal authentication result of wireless access point;
Wherein, root key corresponding with the wireless access point identification is the server according to the wireless access point identification
It is determined in the correspondence of pre-stored wireless access point identification and root key.
4. according to any methods of claim 1-3, which is characterized in that described that the wireless access password is verified
Before, it further includes:
Authentication request is sent to the terminal according to the terminal iidentification, the authentication request includes described wireless
Access point identity, so that whether the terminal is inquired in request sends record to the nothing according to the wireless access point identification
Line access point has sent the wireless access request;
If the expression for receiving terminal transmission has had sent the authentication response of the wireless access request, perform to institute
State the step of wireless access password is verified.
5. a kind of wireless network access method, which is characterized in that including:
Server receives the second certification request that wireless access point is sent, wherein, second certification request wirelessly connects to be described
Random number and pre-stored root key of the access point in the first certification request sent according to terminal determine that the first certification is believed
What breath was sent later, second certification request includes the random number, wireless access point identification, first authentication information
And the terminal iidentification in first certification request;
The server determines that the second certification is believed according to the random number and root key corresponding with the wireless access point identification
Breath, and first authentication information is authenticated according to second authentication information;Wherein with the wireless access point identification
Corresponding root key, for the server according to the wireless access point identification in pre-stored wireless access point identification and root
It is determined in the correspondence of key;
The server is according to the terminal iidentification to the terminal return authentication as a result, the authentication result represents described wireless
Whether access point is legal.
6. according to the method described in claim 5, it is characterized in that, algorithm mark, institute are further included in second certification request
It states algorithm and is identified as what is carried in first certification request;
Correspondingly, it is described according to the random number and the wireless access point identification, first authentication information is authenticated,
Including:
According to the wireless access point identification, in the correspondence of pre-stored wireless access point identification and root key, look into
Look for root key corresponding with the wireless access point identification;
Using with the algorithm corresponding algorithm of mark to the random number and with corresponding of the wireless access point identification
Key carries out operation, determines the second authentication information;
Judge whether first authentication information and second authentication information are consistent;
It is consistent with second authentication information in first authentication information, then it performs according to the terminal iidentification to the terminal
The step of returning to the wireless access point legal authentication result.
7. a kind of wireless access point, which is characterized in that including:
Wireless access request receiving module for receiving the wireless access request of terminal transmission, is wrapped in the wireless access request
Include terminal iidentification and access pin;
Wireless access requests verification module, for being verified to the access pin, and after being verified, to the terminal
Returning allows access information;
First certification request receiving module, for receiving the first certification request that the terminal is sent, first certification request
Include random number and terminal iidentification;
First authentication module, for according to the random number and pre-stored root key, determining the first authentication information;
Sending module, for server send the second certification request, second certification request include the terminal iidentification,
The random number, wireless access point identification and first authentication information so that the server according to the random number with
And root key corresponding with the wireless access point identification determines the second authentication information, and according to second authentication information to institute
It states after the first authentication information is authenticated according to the terminal iidentification to the terminal return authentication as a result, the authentication result
Represent whether the wireless access point is legal;
Wherein, root key corresponding with the wireless access point identification is the server according to the wireless access point identification
It is determined in the correspondence of pre-stored wireless access point identification and root key.
8. wireless access point according to claim 7, which is characterized in that further include algorithm mark in first certification request
Know;
Correspondingly, first authentication module, is specifically used for:
It determines and the corresponding algorithm of algorithm mark;
Operation is carried out to the random number and the root key using the algorithm, determines the first authentication information.
9. wireless access point according to claim 8, which is characterized in that further include the calculation in second certification request
Method identifies;
Correspondingly, the sending module, is specifically used for:
The second certification request is sent to the server, so that the server uses and the corresponding algorithm pair of algorithm mark
The random number and root key corresponding with the wireless access point identification carry out operation and remove to determine the second authentication information, and
Mark institute is returned to the terminal according to the terminal iidentification when first authentication information is consistent with second authentication information
State the legal authentication result of wireless access point;
Wherein, root key corresponding with the wireless access point identification is the server according to the wireless access point identification
It is determined in the correspondence of pre-stored wireless access point identification and root key.
10. according to any wireless access point of claim 7-9, which is characterized in that the wireless access requests verification mould
Block is additionally operable to:
Before being verified to the access pin, authentication request is sent to the terminal according to the terminal iidentification,
The authentication request includes the wireless access point identification, so that the terminal exists according to the wireless access point identification
Request sends to inquire in record and whether has sent the wireless access to the wireless access point and ask;
If the expression for receiving terminal transmission has had sent the authentication response of the wireless access request, perform to institute
State the step of wireless access password is verified.
11. a kind of server, which is characterized in that including:
Second certification request receiving module, for receiving the second certification request of wireless access point transmission, wherein, described second recognizes
Card request is random number and pre-stored piece of the wireless access point in the first certification request sent according to terminal
Key determines what the first authentication information was sent later, and second certification request includes the random number, wireless access point mark
Know, the terminal iidentification in first authentication information and first certification request;
Second authentication module, for determining second according to the random number and root key corresponding with the wireless access point identification
Authentication information, and first authentication information is authenticated according to second authentication information;Wherein with the wireless access
The corresponding root key of point identification, for the server according to the wireless access point identification in pre-stored wireless access point mark
Know what is determined in the correspondence with root key;
Return module, for according to the terminal iidentification to the terminal return authentication as a result, the authentication result represent described in
Whether wireless access point is legal.
12. server according to claim 11, which is characterized in that further include algorithm mark in second certification request
Know, the algorithm is identified as what is carried in first certification request;
Correspondingly, second authentication module, is specifically used for:
According to the wireless access point identification, in the correspondence of pre-stored wireless access point identification and root key, look into
Look for root key corresponding with the wireless access point identification;
Using with the algorithm corresponding algorithm of mark to the random number and with corresponding of the wireless access point identification
Key carries out operation, determines the second authentication information;
Judge whether first authentication information and second authentication information are consistent;
It is consistent with second authentication information in first authentication information, then it performs according to the terminal iidentification to the terminal
The step of returning to the wireless access point legal authentication result.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510502758.XA CN105188055B (en) | 2015-08-14 | 2015-08-14 | wireless network access method, wireless access point and server |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510502758.XA CN105188055B (en) | 2015-08-14 | 2015-08-14 | wireless network access method, wireless access point and server |
Publications (2)
Publication Number | Publication Date |
---|---|
CN105188055A CN105188055A (en) | 2015-12-23 |
CN105188055B true CN105188055B (en) | 2018-06-12 |
Family
ID=54909845
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510502758.XA Active CN105188055B (en) | 2015-08-14 | 2015-08-14 | wireless network access method, wireless access point and server |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN105188055B (en) |
Families Citing this family (31)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105539219B (en) * | 2015-12-31 | 2018-11-06 | 宇龙计算机通信科技(深圳)有限公司 | A kind of condition detection method and device based on safety seat |
CN105743657A (en) * | 2016-04-07 | 2016-07-06 | 福州市鼓楼区智成商标事务所有限公司 | Method for preventing hot spot from being illegally used |
CN105657702A (en) * | 2016-04-07 | 2016-06-08 | 中国联合网络通信集团有限公司 | Authentication method, authentication system, authentication method of mobile terminal and mobile terminal |
CN105916148A (en) * | 2016-04-19 | 2016-08-31 | 石狮睿纺纺织品贸易有限公司 | Garment certified product verification method based on WIFI |
CN105871860A (en) * | 2016-04-19 | 2016-08-17 | 石狮睿纺纺织品贸易有限公司 | Method for quality product verification of shoes based on WIFI |
CN105761092A (en) * | 2016-04-19 | 2016-07-13 | 石狮睿纺纺织品贸易有限公司 | Method for performing clothing verification through server |
CN105743923A (en) * | 2016-04-19 | 2016-07-06 | 石狮睿纺纺织品贸易有限公司 | Method for verifying whether shoes are quality products or not by utilizing mobile phone |
CN105916146A (en) * | 2016-04-19 | 2016-08-31 | 石狮睿纺纺织品贸易有限公司 | Method for verifying whether garment product is certified product or not through cellphone |
CN105916147A (en) * | 2016-04-19 | 2016-08-31 | 石狮睿纺纺织品贸易有限公司 | Method for shoe verification through server |
CN105959941A (en) * | 2016-04-21 | 2016-09-21 | 林碧琴 | Method for providing access point on a high-speed train |
CN105959940A (en) * | 2016-04-21 | 2016-09-21 | 林碧琴 | Method for providing WIFI on high-speed train |
CN105848142A (en) * | 2016-04-21 | 2016-08-10 | 林碧琴 | Bus mobile WIFI authentication method |
CN105873032A (en) * | 2016-04-21 | 2016-08-17 | 林碧琴 | Bus mobile hotspot authentication method |
CN107360573B (en) * | 2016-05-10 | 2020-11-27 | 中兴通讯股份有限公司 | Terminal access method and device |
CN105873035A (en) * | 2016-05-19 | 2016-08-17 | 福州市协成智慧科技有限公司 | Safe AP (access point) information processing method |
CN106060804A (en) * | 2016-05-19 | 2016-10-26 | 福州市协成智慧科技有限公司 | Wireless distance triangulation location method |
CN105873034A (en) * | 2016-05-19 | 2016-08-17 | 徐美琴 | Safe hot spot information processing method |
CN105873036A (en) * | 2016-05-19 | 2016-08-17 | 郑建钦 | Safe AP (access point) information processing method |
CN105898739A (en) * | 2016-05-19 | 2016-08-24 | 郑建钦 | Method for preventing hot spot from being illegally simulated |
CN106101058A (en) * | 2016-05-19 | 2016-11-09 | 郑建钦 | A kind of hot information processing method based on Quick Response Code |
CN106028328A (en) * | 2016-05-19 | 2016-10-12 | 徐美琴 | NFC-based hotspot authentication method |
CN106330947A (en) * | 2016-09-06 | 2017-01-11 | 西安瀚炬网络科技有限公司 | Method and system for recognizing disguised WiFi and system working method |
CN106792667B (en) * | 2016-12-23 | 2020-12-18 | 北京光年无限科技有限公司 | Network access authentication method for robot and robot |
CN106714175B (en) * | 2016-12-30 | 2020-12-04 | 哈尔滨安天科技集团股份有限公司 | Verification method and system for anti-counterfeiting wifi access point |
CN107454595A (en) * | 2017-09-28 | 2017-12-08 | 上海盈联电信科技有限公司 | Authentication method for Commercial Complex wireless connection |
CN110324287B (en) * | 2018-03-31 | 2020-10-23 | 华为技术有限公司 | Access authentication method, device and server |
CN112702776B (en) * | 2020-12-15 | 2023-03-21 | 锐捷网络股份有限公司 | Method for realizing wireless terminal access to wireless local area network and wireless access point |
CN113316142B (en) * | 2021-05-21 | 2022-08-02 | 中国联合网络通信集团有限公司 | Wireless network access method and device |
CN113316139B (en) * | 2021-05-21 | 2023-03-21 | 中国联合网络通信集团有限公司 | Wireless network access method and wireless access point |
CN113347629A (en) * | 2021-05-21 | 2021-09-03 | 中国联合网络通信集团有限公司 | Method, access point and terminal for providing network access service |
CN113316149B (en) * | 2021-06-04 | 2023-05-12 | 广东电网有限责任公司 | Identity security authentication method, device, system, wireless access point and medium |
Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1549526A (en) * | 2003-05-16 | 2004-11-24 | 华为技术有限公司 | Method for realizing radio local area network authentication |
US7735114B2 (en) * | 2003-09-04 | 2010-06-08 | Foundry Networks, Inc. | Multiple tiered network security system, method and apparatus using dynamic user policy assignment |
CN101867929A (en) * | 2010-05-25 | 2010-10-20 | 北京星网锐捷网络技术有限公司 | Authentication method, system, authentication server and terminal equipment |
CN101951590A (en) * | 2010-09-03 | 2011-01-19 | 中兴通讯股份有限公司 | Authentication method, device and system |
CN101977383A (en) * | 2010-08-03 | 2011-02-16 | 北京星网锐捷网络技术有限公司 | Authentication processing method, system, client side and server for network access |
CN102843682A (en) * | 2012-08-20 | 2012-12-26 | 中国联合网络通信集团有限公司 | Access point authorizing method, device and system |
CN103716795A (en) * | 2012-10-09 | 2014-04-09 | 中兴通讯股份有限公司 | Wireless network safe access method, apparatus and system |
CN104010310A (en) * | 2014-05-21 | 2014-08-27 | 中国人民解放军信息工程大学 | Heterogeneous network unified authentication method based on physical layer safety |
-
2015
- 2015-08-14 CN CN201510502758.XA patent/CN105188055B/en active Active
Patent Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1549526A (en) * | 2003-05-16 | 2004-11-24 | 华为技术有限公司 | Method for realizing radio local area network authentication |
US7735114B2 (en) * | 2003-09-04 | 2010-06-08 | Foundry Networks, Inc. | Multiple tiered network security system, method and apparatus using dynamic user policy assignment |
CN101867929A (en) * | 2010-05-25 | 2010-10-20 | 北京星网锐捷网络技术有限公司 | Authentication method, system, authentication server and terminal equipment |
CN101977383A (en) * | 2010-08-03 | 2011-02-16 | 北京星网锐捷网络技术有限公司 | Authentication processing method, system, client side and server for network access |
CN101951590A (en) * | 2010-09-03 | 2011-01-19 | 中兴通讯股份有限公司 | Authentication method, device and system |
CN102843682A (en) * | 2012-08-20 | 2012-12-26 | 中国联合网络通信集团有限公司 | Access point authorizing method, device and system |
CN103716795A (en) * | 2012-10-09 | 2014-04-09 | 中兴通讯股份有限公司 | Wireless network safe access method, apparatus and system |
CN104010310A (en) * | 2014-05-21 | 2014-08-27 | 中国人民解放军信息工程大学 | Heterogeneous network unified authentication method based on physical layer safety |
Also Published As
Publication number | Publication date |
---|---|
CN105188055A (en) | 2015-12-23 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN105188055B (en) | wireless network access method, wireless access point and server | |
CN107733852B (en) | A kind of auth method and device, electronic equipment | |
CN104639562B (en) | A kind of system of pushing certification and the method for work of equipment | |
CN105101194B (en) | Terminal security authentication method, apparatus and system | |
CN109525604B (en) | Account number binding method and related equipment | |
CN105262588B (en) | Login method, account management server based on dynamic password and mobile terminal | |
CN102572815B (en) | Method, system and device for processing terminal application request | |
CN103974248B (en) | Terminal security guard method in ability open system, apparatus and system | |
CN103905194B (en) | Identity traceability authentication method and system | |
CN106162517A (en) | The management method of a kind of virtual SIM card and system | |
US20160173473A1 (en) | Method for authenticating a user, corresponding server, communications terminal and programs | |
CN108259164A (en) | The identity identifying method and equipment of a kind of internet of things equipment | |
CN108462710A (en) | Authentication authority method, device, certificate server and machine readable storage medium | |
CN106789841A (en) | Method for processing business, terminal, server and system | |
CN108243176A (en) | Data transmission method and device | |
CN107426235A (en) | Purview certification method, apparatus and system based on device-fingerprint | |
CN109729000B (en) | Instant messaging method and device | |
CN102984335B (en) | Dial the identity identifying method of landline telephone, equipment and system | |
US20230180010A1 (en) | Method for securely connecting vehicle and bluetooth key, and bluetooth module and bluetooth key | |
CN109714769A (en) | Information binding method, device, equipment and storage medium | |
CN107911398A (en) | Authentication method, device and the system of identity information | |
CN107819766A (en) | Safety certifying method, system and computer-readable recording medium | |
CN106911628A (en) | A kind of user registers the method and device of application software on the client | |
CN113438081B (en) | Authentication method, device and equipment | |
CN104009850B (en) | A kind of method for authenticating user identity and system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |