CN105208030A - Wireless network roaming method - Google Patents
Wireless network roaming method Download PDFInfo
- Publication number
- CN105208030A CN105208030A CN201510640831.XA CN201510640831A CN105208030A CN 105208030 A CN105208030 A CN 105208030A CN 201510640831 A CN201510640831 A CN 201510640831A CN 105208030 A CN105208030 A CN 105208030A
- Authority
- CN
- China
- Prior art keywords
- terminal
- authentication
- certificate server
- parameters
- wireless network
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
- H04L63/0838—Network architectures or network communication protocols for network security for authentication of entities using passwords using one-time-passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
Abstract
The embodiment of the invention discloses a wireless network roaming method. The method includes the steps that an AP is related to a terminal; the AP detects whether identity authentication records of the terminal exist in an authentication server or not according to a network request of the terminal; if the identity authentication records do not exist in the authentication server, the AP controls the terminal to carry out identity authentication on the authentication server, and otherwise, the AP responds to the network request of the terminal. By additionally arranging the authentication server, identity authentication of a terminal user is achieved, and accordingly safety of wireless network roaming and internet surfing is improved.
Description
Technical field
The embodiment of the present invention relates to wireless network application, particularly relates to a kind of wireless network roaming method.
Background technology
Along with the development of Internet technology, wireless network has quietly become the new lover of modernization fashion office, but individual access point (AccessPoint, AP) area coverage is limited, therefore two or more AP are often settled in the region (as: station) that some coverage rates are larger, can use the object of wireless network within reaching at the regional level.But some business need wireless terminal has complete locomotivity, as the roaming function that mobile phone is the same.Need like this to use multiple AP to form a roaming network.Roaming Design Mode between current AP comprises: wireless aps repeater mode, wireless client pattern, point-to-point bridge mode, and point-to-multipoint bridge mode etc.By arranging service set (ServiceSetIdentifier, SSID), certification, encryption mode, channel realizes AP internetwork roaming.
But these roaming mode at present, user needs by online password roaming.But online password exists the feature of easily stealing, the safety that the appearance of the similar software such as " omnipotent wireless network key " is surfed the Net to wireless network roaming simultaneously threatens.Therefore, a kind of innovation is needed to realize above demand.
Summary of the invention
The embodiment of the present invention provides a kind of wireless network roaming method, for improving the fail safe of wireless network roaming online.
Embodiments provide a kind of wireless network roaming method, this wireless network roaming method comprises:
AP is associated with terminal;
Described AP, according to the network request of terminal, detects the authentication record whether having described terminal in certificate server;
If there is not authentication record in described certificate server, then described AP control terminal carries out authentication to described certificate server, otherwise described AP responds the network request of described terminal.
Further, described AP control terminal carries out authentication to described certificate server and comprises:
Described AP sends authentication instruction to terminal, and described instruction comprises the address of certificate server;
Described certificate server receives the authentication request that described terminal sends, and provides certification page to described terminal;
Described certificate server receives the authentication information that user that described terminal gets fills in;
Described certificate server carries out certification to authentication information, and produces parameters for authentication and store;
Described parameters for authentication is passed to terminal by described certificate server;
Described AP receives the parameters for authentication that described terminal provides;
The parameters for authentication that described AP provides according to terminal is to certificate server request checking;
Described certificate server is tested to the parameters for authentication that terminal provides, and obtains and records tests result, returns to described AP;
Described AP judges whether inspection authentication result is authentication success, the if so, network request of then response terminal, otherwise tackles described network request.
Further, described authentication information comprises the name of user, phone and mailbox.
Further, described certificate server also comprises before described parameters for authentication is passed to terminal:
Phone in the authentication information that described certificate server provides according to terminal or mailbox send random verification code;
The identifying code that described certificate server receiving terminal returns, and according to described identifying code, terminal is verified immediately.
Further, described certificate server also comprises after carrying out certification to authentication information:
If authentification failure, then described certificate server returns corresponding failure page or prompting to the terminal of authentification failure, and wherein corresponding failure page is the certification page comprising error message item title.
The present invention, by increasing certificate server, realizes the authentication to terminal use, thus improves the fail safe of wireless network roaming online.
Accompanying drawing explanation
Fig. 1 is the flow chart of the wireless network roaming method that the embodiment of the present invention one provides;
Fig. 2 is the signaling process figure of the wireless network roaming method that the embodiment of the present invention two provides.
Embodiment
Below in conjunction with drawings and Examples, the present invention is described in further detail.Be understandable that, specific embodiment described herein is only for explaining the present invention, but not limitation of the invention.It also should be noted that, for convenience of description, illustrate only part related to the present invention in accompanying drawing but not entire infrastructure.
Embodiment one
Fig. 1 is the flow chart of the wireless network roaming method that the embodiment of the present invention one provides, the present embodiment is applicable to the situation of one or more AP, wherein more be applicable to terminal realize roaming scene when accessing in multiple AP, the method can coordinate execution jointly by AP, certificate server and terminal, specifically comprises the steps:
S110, AP are associated with terminal;
Wherein, AP is any one accessing points in network with unified certification server, can be wired connection also can be wireless connections between this accessing points and certificate server.Terminal can be any mobile radio terminal of connecting wireless network, thus realizes the scene that this programme is applicable to radio roaming between multiple AP.What AP and terminal were set up herein associate comprises AP and transmits IP address to terminal, and the network request that receiving terminal sends, be connected with the communication of setting up between AP with terminal.
S120, described AP, according to the network request of terminal, detect the authentication record whether having described terminal in certificate server;
Wherein, terminal unique identification is in a network included in the network request of terminal, AP can be identified in certificate server by this authentication record inquired about and whether there is this terminal, if existed, then illustrate that this terminal has carried out authentication at certificate server, otherwise this terminal does not carry out certification or authentification failure at certificate server.
If there is not authentication record in the described certificate server of S130, then described AP control terminal carries out authentication to described certificate server, otherwise described AP responds the network request of described terminal.
Wherein, the authentication record of terminal in certificate server can be approved jointly by multiple AP, also can be that each AP is all to the different identity authentication record in requisition for terminal.
For each AP all to the situation of the different identity authentication record in requisition for terminal: when terminal accesses an AP network first, one AP detects in connected certificate server, whether this terminal is by the accessible AP of certification, if the respective identity authentication record of this terminal do not detected, then an AP controls this terminal makes to correspond to authentication from an AP to certificate server, and this terminal carries out authentication to certificate server.Notify an AP after authentication success, the network request of an AP to this terminal responds.
When the access of this terminal connects the 2nd AP network of this certificate server, whether the 2nd AP detects in certificate server exists the authentication record that this terminal corresponds to the 2nd AP.If the authentication record corresponding to the 2nd AP do not detected, then the 2nd AP request needs control terminal to do to correspond to the authentication of the 2nd AP to certificate server equally.If the authentication record corresponding to the 2nd AP detected, the network request of the 2nd AP to terminal responds.By that analogy, when terminal roves multiple AP under same certificate server, at every turn when the authentication record of corresponding AP not detected, terminal all needs the authentication re-starting once complete corresponding AP.
Situation for the authentication record of terminal in certificate server can be approved jointly by multiple AP: during terminal request access the one AP network, an AP detects the authentication record that whether there is this terminal in connected certificate server.If an AP does not detect the authentication record of this terminal, then an AP controls this terminal and does authentication to certificate server, terminal carries out authentication to certificate server, notifies an AP after authentication success, and the network request of an AP to this terminal responds.
When terminal access connects the 2nd AP network of this certificate server, the 2nd AP detects the authentication record that whether there is this terminal on this certificate server.Because this terminal is successfully made authentication on certificate server, so preserve the authentication record of terminal within a certain period of time in certificate server.During this period, the 2nd AP can detect the authentication record of terminal on certificate server, and responds the network request of terminal.By that analogy, terminal can roam in be connected with same certificate server multiple AP between, and without the need to carrying out complete authentication to each AP, thus realize the wireless network roaming between multiple AP, improve fail safe and the roaming switch efficiency of wireless network roaming.As can be seen here, described method is more applicable to the roaming scence of multiple AP, so this case preferably this authentication recording mode.
Embodiment two
Fig. 2 is the signaling process figure of the wireless network roaming method that the embodiment of the present invention two provides, and the present embodiment is based on previous embodiment, and further provide a kind of specific implementation of authentication, namely authentication procedures comprises:
S131, described AP send authentication instruction to terminal, and described instruction comprises the address of certificate server;
This terminal receives AP instruction, and sends ID authentication request to the certificate server in instruction.
S132, described certificate server receive the authentication request that described terminal sends;
S133, described certificate server provide certification page to described terminal;
Terminal receives the certification page that this certificate server provides, and comprises the authentication information needing user to fill in certification page, the mode of input field can require that user inputs.Authentication information such as can comprise the information of the energy such as name, phone, the mailbox unique identification user of user, and object is identifying user identity, guarantees wireless network secure.After user fills in authentication information by terminal is complete, the authentication information that user fills in by terminal sends to this certificate server.
S134, described certificate server receive the authentication information that user that described terminal gets fills in;
S135, described certificate server carry out certification to authentication information, and produce parameters for authentication and store, and then described parameters for authentication are passed to terminal;
This certificate server can be mated with the information that user in network data base registers by authentication information user filled in, thus realizes certification.Can by multiple to the processing mode of matching result, wherein a kind of mode can be: if the match is successful, then generate the parameters for authentication of authentication success, and by this parameters for authentication stored in the first database, otherwise produce the parameters for authentication of authentification failure, and by this parameters for authentication stored in the second database.The optimal way of this case is: if the match is successful, then generate the parameters for authentication of authentication success, and preserves this parameters for authentication, otherwise directly enters next step.Described optimal way reduces the time of implementation of method, and saves memory space.
After this certificate server carries out certification to authentication information, can also comprise: if authentification failure, then this certificate server returns corresponding failure page or prompting to the terminal of authentification failure, and wherein corresponding failure page is the certification page comprising error message item title.Object facilitates user to the amendment of wrong fill message.
In order to improve the fail safe of network further, this certificate server can also comprise before parameters for authentication is passed to terminal: the phone in the authentication information that this certificate server provides according to terminal or mailbox send random verification code; The identifying code that this certificate server receiving terminal returns, and according to identifying code, terminal is verified immediately.
Terminal, after getting parameters for authentication, sends to AP.
S136, described AP receive the parameters for authentication that described terminal provides;
The parameters for authentication that S137, described AP provide according to terminal is to certificate server request checking;
S138, described certificate server are tested to the parameters for authentication that terminal provides, and obtain and records tests result, return to described AP;
Described certificate server is tested to the parameters for authentication that terminal provides, and wherein check system can be the corresponding coupling of the terminal parameters for authentication provided and the parameters for authentication of preserving in certificate server.If authentication success, then certificate server records tests result, as authentication record.If authentification failure, this certificate server not records tests result, or records tests result, but respectively different identification is carried out to different assay.A this case preferably records tests successfully checks authentication result, as authentication record, make its do not affect judge assay while saving certificate server memory space.Wherein, assay can be comprise any information of at least one terminal network uniquely identified.
S139, described AP judge whether inspection authentication result is authentication success, the if so, network request of then response terminal, otherwise tackle described network request.
The present invention is by increasing certificate server, realize the authentication to terminal use, simultaneously can also by the mailbox in user authentication information or phone, to send the form of random verification code, user identity is verified further, thus further improves the fail safe of wireless network roaming online.Further, this case can be made authentication record with the authentication record of terminal in certificate server by the mode that multiple AP approves jointly, without the need to carrying out complete authentication to each AP, thus improve the network switching efficiency of wireless network roaming.
Note, above are only preferred embodiment of the present invention and institute's application technology principle.Skilled person in the art will appreciate that and the invention is not restricted to specific embodiment described here, various obvious change can be carried out for a person skilled in the art, readjust and substitute and can not protection scope of the present invention be departed from.Therefore, although be described in further detail invention has been by above embodiment, the present invention is not limited only to above embodiment, when not departing from the present invention's design, can also comprise other Equivalent embodiments more, and scope of the present invention is determined by appended right.
Claims (5)
1. a wireless network roaming method, is characterized in that, comprising:
Accessing points AP is associated with terminal;
Described AP, according to the network request of terminal, detects the authentication record whether having described terminal in certificate server;
If there is not authentication record in described certificate server, then described AP control terminal carries out authentication to described certificate server, otherwise described AP responds the network request of described terminal.
2. method according to claim 1, is characterized in that, described AP control terminal carries out authentication to described certificate server and comprises:
Described AP sends authentication instruction to terminal, and described instruction comprises the address of certificate server;
Described certificate server receives the authentication request that described terminal sends, and provides certification page to described terminal;
Described certificate server receives the authentication information that user that described terminal gets fills in;
Described certificate server carries out certification to authentication information, and produces parameters for authentication and store;
Described parameters for authentication is passed to terminal by described certificate server;
Described AP receives the parameters for authentication that described terminal provides;
The parameters for authentication that described AP provides according to terminal is to certificate server request checking;
Described certificate server is tested to the parameters for authentication that terminal provides, and obtains and records tests result, returns to described AP;
Described AP judges whether inspection authentication result is authentication success, the if so, network request of then response terminal, otherwise tackles described network request.
3. wireless network roaming method according to claim 2, is characterized in that, described authentication information comprises the name of user, phone and mailbox.
4. wireless network roaming method according to claim 3, is characterized in that, described certificate server also comprises before described parameters for authentication is passed to terminal:
Phone in the authentication information that described certificate server provides according to terminal or mailbox send random verification code;
The identifying code that described certificate server receiving terminal returns, and according to described identifying code, terminal is verified immediately.
5. wireless network roaming method according to claim 2, is characterized in that, described certificate server also comprises after carrying out certification to authentication information:
If authentification failure, then described certificate server returns corresponding failure page or prompting to the terminal of authentification failure, and wherein corresponding failure page is the certification page comprising error message item title.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510640831.XA CN105208030A (en) | 2015-09-30 | 2015-09-30 | Wireless network roaming method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510640831.XA CN105208030A (en) | 2015-09-30 | 2015-09-30 | Wireless network roaming method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN105208030A true CN105208030A (en) | 2015-12-30 |
Family
ID=54955463
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510640831.XA Pending CN105208030A (en) | 2015-09-30 | 2015-09-30 | Wireless network roaming method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105208030A (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105939518A (en) * | 2016-06-30 | 2016-09-14 | 上海斐讯数据通信技术有限公司 | Access control method and network access equipment |
| CN106211225A (en) * | 2016-07-29 | 2016-12-07 | 沈阳林科信息技术有限公司 | A kind of method for distinguishing WIFI roaming fault |
| CN106850401A (en) * | 2017-01-11 | 2017-06-13 | 上海斐讯数据通信技术有限公司 | A kind of wireless authentication device, system and its authentication method |
| CN107360266A (en) * | 2017-06-16 | 2017-11-17 | 北京星网锐捷网络技术有限公司 | A kind of method and system that terminal STA roaming is realized in big double layer network |
| CN108135000A (en) * | 2018-03-05 | 2018-06-08 | 上海连尚网络科技有限公司 | A kind of authentication method and equipment |
| CN111163039A (en) * | 2018-11-08 | 2020-05-15 | 中兴通讯股份有限公司 | Authentication method, authentication server, authentication terminal and authentication equipment |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1564127A (en) * | 2004-03-26 | 2005-01-12 | 中兴通讯股份有限公司 | Access authenitcation method of radio local neet mobile terminal |
| CN103281692A (en) * | 2013-05-08 | 2013-09-04 | 杭州华三通信技术有限公司 | Fast roaming method and equipment between ACs (Alternating Currents) |
| CN103501495A (en) * | 2013-10-16 | 2014-01-08 | 苏州汉明科技有限公司 | Perception-free WLAN (Wireless Local Area Network) authentication method fusing Portal/Web authentication and MAC (Media Access Control) authentication |
| CN103747431A (en) * | 2013-12-19 | 2014-04-23 | 杭州华三通信技术有限公司 | Method and device for realizing rapid roaming based on neighbor detection |
-
2015
- 2015-09-30 CN CN201510640831.XA patent/CN105208030A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1564127A (en) * | 2004-03-26 | 2005-01-12 | 中兴通讯股份有限公司 | Access authenitcation method of radio local neet mobile terminal |
| CN103281692A (en) * | 2013-05-08 | 2013-09-04 | 杭州华三通信技术有限公司 | Fast roaming method and equipment between ACs (Alternating Currents) |
| CN103501495A (en) * | 2013-10-16 | 2014-01-08 | 苏州汉明科技有限公司 | Perception-free WLAN (Wireless Local Area Network) authentication method fusing Portal/Web authentication and MAC (Media Access Control) authentication |
| CN103747431A (en) * | 2013-12-19 | 2014-04-23 | 杭州华三通信技术有限公司 | Method and device for realizing rapid roaming based on neighbor detection |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105939518A (en) * | 2016-06-30 | 2016-09-14 | 上海斐讯数据通信技术有限公司 | Access control method and network access equipment |
| CN106211225A (en) * | 2016-07-29 | 2016-12-07 | 沈阳林科信息技术有限公司 | A kind of method for distinguishing WIFI roaming fault |
| CN106850401A (en) * | 2017-01-11 | 2017-06-13 | 上海斐讯数据通信技术有限公司 | A kind of wireless authentication device, system and its authentication method |
| CN107360266A (en) * | 2017-06-16 | 2017-11-17 | 北京星网锐捷网络技术有限公司 | A kind of method and system that terminal STA roaming is realized in big double layer network |
| CN107360266B (en) * | 2017-06-16 | 2020-06-16 | 北京星网锐捷网络技术有限公司 | Method and system for realizing terminal STA roaming in large two-layer network |
| CN108135000A (en) * | 2018-03-05 | 2018-06-08 | 上海连尚网络科技有限公司 | A kind of authentication method and equipment |
| CN108135000B (en) * | 2018-03-05 | 2021-09-10 | 上海尚往网络科技有限公司 | Authentication method and equipment |
| CN111163039A (en) * | 2018-11-08 | 2020-05-15 | 中兴通讯股份有限公司 | Authentication method, authentication server, authentication terminal and authentication equipment |
| CN111163039B (en) * | 2018-11-08 | 2023-03-10 | 中兴通讯股份有限公司 | Authentication method, authentication server, authentication terminal and authentication equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105208030A (en) | Wireless network roaming method | |
| US10251042B2 (en) | Activity-triggered provisioning of portable wireless networks | |
| AU2017301941B2 (en) | Activity-triggered provisioning of portable wireless networks | |
| US10645568B2 (en) | Carrier configuration processing method, device and system, and computer storage medium | |
| US11096051B2 (en) | Connection establishment method, device, and system | |
| US20180041893A1 (en) | Method and system of multi-terminal mapping to a virtual sim card | |
| JP6671527B2 (en) | Method and apparatus for a terminal device to discover another terminal device | |
| US11356841B2 (en) | Method and apparatus for handling remote profile management exception | |
| CN105282868B (en) | System and method for WiFi network to be temporarily added | |
| CN103874069B (en) | A kind of wireless terminal MAC authentication devices and method | |
| CN103369529B (en) | Identity identifying method, accessing points and access controller | |
| CN103841560A (en) | Method and equipment to enhance SIM card reliability | |
| US20130160094A1 (en) | OTA Bootstrap Method and System | |
| WO2018045983A1 (en) | Information processing method and device, and network system | |
| CN104519490A (en) | WIFI (wireless fidelity) connection method, WIFI connection device, mobile terminal and system | |
| CN105992204A (en) | Access authentication method of applications of mobile intelligent terminal and device | |
| CN105323222A (en) | Login verification method and login verification system | |
| CN105100022A (en) | Cipher processing method, server and system | |
| CN105939519A (en) | Authentication method and device | |
| CN105897771B (en) | Identity identifying method, certificate server and third-party platform | |
| CN105554845B (en) | A kind of method of access, router and terminal | |
| EP3523989B1 (en) | Iot device connectivity provisioning | |
| US20150256544A1 (en) | Method and Device for Gateway Managing Terminal | |
| CN112788738A (en) | Code number processing method and device for public and private network convergence system | |
| US10694380B2 (en) | Subscriber identity element for authenticating a communication device to a communication network |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20151230 |