CN105357242B - Access the method and system of WLAN, short message pushes platform, gate system - Google Patents
Access the method and system of WLAN, short message pushes platform, gate system Download PDFInfo
- Publication number
- CN105357242B CN105357242B CN201410418434.3A CN201410418434A CN105357242B CN 105357242 B CN105357242 B CN 105357242B CN 201410418434 A CN201410418434 A CN 201410418434A CN 105357242 B CN105357242 B CN 105357242B
- Authority
- CN
- China
- Prior art keywords
- url link
- short message
- wlan
- user
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Abstract
The embodiment of the invention discloses a kind of method and system for accessing WLAN, short messages to push platform, gate system, wherein, when method includes: that mobile phone terminal enters wlan network overlay area, short message push platform generates the URL link for carrying user identity Credential parameters and is sent to mobile phone terminal;When user sends access request to PORTAL by clicking URL link, PORTAL system carries out validation verification to the URL link, and short message push platform authenticates the user identity Credential parameters in the URL link;The authentication is passed, and PORTAL system obtains the online password of the user from RADIUS, constructs a certification request and is sent to BRAS, and phone number and online password including user authenticate certification request by BRAS request RADIUS.The embodiment of the present invention can simplify user and access the register of wlan network by mobile phone terminal, and avoid generating the dispute of WLAN expenses of surfing Internet.
Description
Technical field
The present invention relates to the communication technology, especially a kind of method and system for accessing WLAN, short message push platform,
Gate system.
Background technique
With the fast development of development of Mobile Internet technology, the overlay area of mobile network and network quality are constantly promoted, and are moved
Dynamic userbase also grows therewith.It is shown according to the annual statistics data that China Telecom announces, the movement of 2008 end of the year China Telecom
User is 21,970,000 families, and 2013 end of the year mobile subscribers reach 1.86 hundred million families, increase 746%.
While mobile subscriber size flourishes, CDMA (CDMA) network pressure is also increasingly prominent.Part quotient
There is the problem that access is difficult, online is slow, serious shadow in industry area, campus area and station airport grade height stream of people area, cdma network
It rings user and uses perception.In this regard, the WLAN based on IEEE 802.11b standard has been built in the business area that does by China Telecom
(Wireless Fidelity, WIFI) network, preferential by advertising and rate, guidance mobile subscriber uses wireless local area
Net (WLAN) network is shunted, and WIFI network is made to become effective supplement of cdma network.
Currently, mobile terminal (also referred to as are as follows: mobile phone terminal) user can access wlan network by the following two kinds scheme:
1, it is logged in by WLAN portal (PORTAL) page.User needs first to obtain password short message in the program, remembers short
Then password in letter inputs account and password in the PORTAL page, could access wlan network after initiating dial request.The party
Case the problem is that: user's login step is cumbersome, and operating process is complicated;
2, it is based on C+W unified certification scheme.After user accesses WIFI network by mobile phone terminal, report of user identification
The information of module (usim card) carries out authentication to the verifying of access net, authorization, book keeping operation (AN-AAA) system, if by recognizing
Card, then get through mobile phone terminal --- radio network gateway (WAG)-packet data serving node (PDSN)-internet Internet channel.
The program the problem is that: mobile phone terminal can in user's unaware automatic dialup, thus generate WLAN online
Expense is easy to cause the dispute complaint that user does not approve WLAN expenses of surfing Internet.
Summary of the invention
One technical problem to be solved by the embodiment of the invention is that: it is accessed for current user by above two scheme
Existing login step is cumbersome when wlan network, operating process challenge, or is easy to lead to the problem of WLAN expenses of surfing Internet dispute,
Method and system, short message the push platform, gate system of a kind of access WLAN are provided, pass through mobile phone end to simplify user
The register into wlan network is terminated, and avoids generating the dispute of WLAN expenses of surfing Internet.
A kind of method accessing WLAN (WLAN) provided in an embodiment of the present invention, comprising:
When mobile phone terminal enters wlan network overlay area, short message pushes platform and is based on the unified money of preset rules generation one
Source positions URL link;The URL link includes the user of portal the PORTAL system domain name and the mobilephone terminal user of WLAN
Identity documents parameter;
It includes the URL link and prompt information that short message, which pushes platform and sent by sms center to the mobile phone terminal,
Short message, the prompt information access wlan network by clicking the URL link for prompting user;
When Broadband Remote Access Server BRAS receives access request of the user by clicking the URL link transmission,
The access request is transmitted to PORTAL system, includes the URL link in the access request;
PORTAL system carries out validation verification to the URL link in the access request;
In response to the URL link by validation verification, PORTAL system request short message pushes platform to the URL chain
User identity Credential parameters in connecing are authenticated, and when the user identity Credential parameters pass through authentication, are received short message and are pushed away
The phone number for the mobilephone terminal user for sending platform to return;
PORTAL system obtains the mobile phone end according to the phone number, from remote customer dialing authentication system RADIUS
The online password of end subscriber;
PORTAL system constructs a certification request and is sent to the BRAS, includes the mobile phone in the certification request
The phone number and online password of terminal user;
The BRAS request RADIUS authenticates the phone number in the certification request and password of surfing the Internet, and in institute
It states phone number in certification request and when online password passes through certification, allows the mobile phone terminal access wlan network.
In another embodiment based on the above method of the present invention, the short message push platform is generated based on preset rules
Before one URL link, further includes:
When mobile phone terminal enters wlan network overlay area, location-based position is initiated more to mobile switch equipment MSC
New request, MSC update the location information of cell of the mobilephone terminal user, work as in the position updating request including mobile phone terminal
The new cell information advanced into;
Network management system monitors that the location information of cell of the mobilephone terminal user registration on MSC is updated, and inquires
The information of operator's WLAN hot spot data bank knows new cell deployment WLAN hot spot, then knows the mobilephone terminal user
Into the WLAN hot spot overlay area of operator, send a notification message to short message push platform, the notification message includes described
The phone number of mobilephone terminal user;
Short message pushes platform and calls RADIUS interface, and the service condition of mobilephone terminal user described in radius authentication is requested to be
It is no normal and whether there is WLAN service authority, and receive the verification result of RADIUS return;
According to the verification result that the RADIUS is returned, if the service condition of the mobilephone terminal user is normal and has
WLAN service authority executes the operation for generating a URL link.
In another embodiment based on the above method of the present invention, the short message push platform passes through sms center to institute
Stating short message of the mobile phone terminal transmission including the URL link and prompt information includes:
The short message pushes platform and sends request to sms center transmission short message, which sends in request including described
URL link, for identify the URL link be wap push WAP PUSH type parameter identification, the mobile phone
The phone number of terminal user and the prompt information;
Sms center sends the URL link and the prompt information including WAP PUSH type to the mobile phone terminal
Short message.
In another embodiment based on the above method of the present invention, the user identity Credential parameters include type identification
Flag parameter, user name username parameter and dynamic password id parameter;
Wherein, the flag parameter is used to carry the type identification of URL link;The username parameter is for carrying hand
The cryptographic calculation result of machine number;It is close that the id parameter is used to carry the dynamic that short message push platform is mobilephone terminal user distribution
Code.
In another embodiment based on the above method of the present invention, the type for the URL link that the flag parameter carries
It is identified as the number of 8 bit lengths;
Wherein 1-2 for short message push platform dynamic generation random verification code, 3-6 for URL link generation when
Between timestamp;The 7-8 default positions for MD5 (random verification code+key) calculated result, key are that short message pushes platform and institute
State the shared code key parameter of PORTAL system.
In another embodiment based on the above method of the present invention, MD5 (random verification code+key) calculated result
Default position be specially the 9th and 15 of the MD5 (random verification code+key) calculated result.
In another embodiment based on the above method of the present invention, the phone number of the username parameter carrying
Cryptographic calculation result is 11 bit digitals, is sequentially combined for the operation result of (the bits per inch value+n of phone number) %10, wherein n
The 1st of random verification code described in value or the 2nd.
In another embodiment based on the above method of the present invention, the dynamic password that the id parameter carries is 10 digits
Word, the dynamic password are that user generates at random by short message push platform, within default validity period effectively.
In another embodiment based on the above method of the present invention, PORTAL system is to the URL in the access request
Link carries out validation verification
Whether the URL link in access request described in the Portal system identification meets lattice as defined in the preset rules
Formula;
If meeting format as defined in the preset rules, 3-6 carryings of flag parameter in the URL link are read
Timestamp, and according to the timestamp and default validity period information, verify current time whether the dynamic password validity period
In range;
If reading 1-2 expressions of flag parameter in the URL link within the validity period of the dynamic password
Random verification code and the Portal system storage key, calculate MD5 (random verification code+storage key read),
And whether the default position for comparing calculated result is consistent with 7-8 of flag parameter in the URL link;
If 7-8 of flag parameter are consistent in the default position of calculated result and the URL link, in the access request
The URL link pass through validation verification;
Otherwise, if the URL link in the access request do not meet format as defined in the preset rules or it is current when
Carve flag parameter not within the validity period of the dynamic password or in the default position of calculated result and the URL link
7-8 it is inconsistent, the URL link in the access request does not pass through validation verification.
In another embodiment based on the above method of the present invention, if the URL link in the access request does not pass through
Validation verification, PORTAL system show the login homepage of the PORTAL system to user, so as to user by input account and
Password login accesses WLAN.
In another embodiment based on the above method of the present invention, after the short message push platform generates URL link, also
The authentication information for storing the mobilephone terminal user, including in phone number, the URL link username and id information,
The generation time of the username and id information and validity period information;
PORTAL system request short message push platform carries out authentication packet to the user identity Credential parameters in the URL link
It includes:
PORTAL system reads username and id information from the URL link in the access request and is sent to short message
Push platform;
The short message push platform compares username the and id information of PORTAL system transmission and the authentication information of storage
In username with id information it is whether consistent;
If the username and id in the authentication information of username and id information and storage that PORTAL system is sent believe
Breath is consistent, according in the authentication information the generation time and validity period information, judge the id currently whether effectively;
If the id is the currently active, the user identity Credential parameters return to institute by authentication, to the PORTAL system
State the phone number in authentication information;
Otherwise, if PORTAL system send username and id information and storage authentication information in username and
Id information is inconsistent or the id current invalid, the user identity Credential parameters do not pass through authentication.
In another embodiment based on the above method of the present invention, the BRAS request RADIUS is to the certification request
In phone number and online password carry out certification include:
BRAS sends the authentication request packet to RADIUS;
The WLAN business information of RADIUS mobilephone terminal user according to the pre-stored data is to the mobile phone in the certification request
Number and online password are authenticated, and the WLAN business information includes WLAN type of service mark, WLAN service condition, mobile phone
Number and online password;
RADIUS replys the phone number to BRAS and whether online password passes through the authentication result of certification;
The authentication result is transmitted to PORTAL system by BRAS;
PORTAL system shows the authentication result to user, so that the user accesses WLAN using the mobile phone terminal
Network.
A kind of short message provided in an embodiment of the present invention pushes platform, comprising:
Generation unit, for generating a URL based on preset rules when mobile phone terminal enters wlan network overlay area
Link;The URL link includes the PORTAL system domain name of WLAN and the user identity Credential parameters of the mobilephone terminal user;
Storage unit, for storing the authentication letter of the mobilephone terminal user generated when the generation unit generates URL link
Breath;
First transmission unit includes the URL link and prompt for being sent by sms center to the mobile phone terminal
The short message of information, the prompt information access wlan network by clicking the URL link for prompting user;And according to mirror
The instruction for weighing unit, the phone number of the mobilephone terminal user is returned to PORTAL system;
First receiving unit, for receive PORTAL system transmission to the user identity Credential parameters in URL link into
The authentication request of row authentication, includes user identity Credential parameters to be authenticated in the authentication request;
Authenticating unit, for according to authentication information stored in the storage unit to the user identity to be authenticated with
Card parameter is authenticated, and when the user identity Credential parameters wait authenticate pass through authentication, the first transmission unit of instruction to
PORTAL system returns to the phone number of the mobilephone terminal user.
In another embodiment based on said short message of the present invention push platform, first receiving unit is also used to
Receive the notice that network management system is sent when monitoring that the mobilephone terminal user enters the WLAN hot spot overlay area of operator
Message, the notification message include the phone number of the mobilephone terminal user;
The authenticating unit is also used to call RADIUS interface, requests the industry of mobilephone terminal user described in radius authentication
Whether business state is normal and whether has WLAN service authority, and receives the verification result of RADIUS return;
The generation unit, with specific reference to the verification result that the authenticating unit receives, if the mobilephone terminal user
Service condition it is normal and there is WLAN service authority, execute the operation for generating a URL link.
In another embodiment based on said short message of the present invention push platform, first transmission unit is specifically to short
Letter center transmission short message sends request, which sends in request is including the URL link, for identifying the URL link
The parameter identification of WAP PUSH type, the phone number of the mobilephone terminal user and the prompt information, so as to sms center
Send to the mobile phone terminal includes the URL link of WAP PUSH type and the short message of the prompt information.
In another embodiment based on said short message of the present invention push platform, the user identity Credential parameters include
Flag parameter, username parameter and id parameter;
Wherein, the flag parameter is used to carry the type identification of URL link;The username parameter is for carrying hand
The cryptographic calculation result of machine number;It is close that the id parameter is used to carry the dynamic that short message push platform is mobilephone terminal user distribution
Code.
In another embodiment based on said short message of the present invention push platform, the URL chain of the flag parameter carrying
The type identification connect is the number of 8 bit lengths;Wherein, the 1-2 random verification codes for short message push platform dynamic generation, the
3-6 generate the timestamp of time for URL link;The 7-8 default positions for MD5 (random verification code+key) calculated result,
Key is the code key parameter that short message pushes platform and the PORTAL system is shared;
The cryptographic calculation result for the phone number that the username parameter carries is 11 bit digitals, for (phone number
Bits per inch value+n) operation result of %10 sequentially combines, wherein the 1st of random verification code described in n value or the 2nd;
The dynamic password that the id parameter carries is 10 bit digitals, the dynamic password by short message push platform be user with
Machine generates, within default validity period effectively.
In another embodiment based on said short message of the present invention push platform, the MD5 (random verification code+key)
The default position of calculated result is specially the 9th and 15 of the MD5 (random verification code+key) calculated result.
In another embodiment based on said short message of the present invention push platform, the hand of the storage unit storage
The authentication information of machine terminal user specifically includes phone number, username the and id information in the URL link, described
The generation time of username and id information and validity period information;
User identity Credential parameters to be authenticated in the authentication request that first receiving unit receives specifically include
Username and id information;
The authenticating unit, specifically for username the and id information and storage list in the authentication request
Whether username with the id information in an authentication information stored in member is consistent;If consistent, believed according to an authentication
Generation time and validity period information in breath judge whether the id in the authentication request is currently effective;If effectively, the authentication
For user identity Credential parameters in request by authentication, the first transmission unit of instruction returns to described one to the PORTAL system
Phone number in authentication information;
Otherwise, if username and id information in the authentication request and authentication information stored in the storage unit
In username and id information it is whether inconsistent or the id current invalid, the user identity Credential parameters do not pass through
Authentication.
A kind of portal (PORTAL) system of WLAN (WLAN) provided in an embodiment of the present invention, comprising:
Second receiving unit includes URL link in the access request for receiving the access request of BRAS transmission, by
BRAS is sent when user clicks the URL link, and the URL link is generated by short message push platform based on preset rules, packet
Include the PORTAL system domain name of WLAN and the user identity Credential parameters of the mobilephone terminal user;And receive user's body
When part Credential parameters pass through authentication, short message pushes the phone number for the mobilephone terminal user that platform returns;
Authentication unit, for carrying out validation verification to the URL link in the access request;
Second transmission unit is tested in the URL link by validity for the verification result according to the authentication unit
When card, authentication request is sent to short message push platform, includes the user identity voucher ginseng in the URL link in the authentication request
Number;And certification request is sent to BRAS;
Acquiring unit, the phone number for being received according to second receiving unit obtain the hand from RADIUS
The online password of machine terminal user, and the phone number and the online password are sent to structural unit;
Structural unit, it is described to recognize for constructing a certification request and being sent to the BRAS by the second transmission unit
It include the phone number and online password of the mobilephone terminal user in card request, so that BRAS request RADIUS is to the certification
Phone number and online password in request are authenticated.
In another embodiment based on the above-mentioned PORTAL system of the present invention, the user identity Credential parameters include class
Type identifies flag parameter, user name username parameter and dynamic password id parameter;Wherein, the flag parameter is for carrying
The type identification of URL link;The username parameter is used for the cryptographic calculation result of carrying mobile phone number;The id parameter is used
It is the dynamic password that mobilephone terminal user distributes in carrying short message push platform;
The authentication unit is specifically used for:
Identify whether the URL link in the access request meets format as defined in the preset rules;
If meeting format as defined in the preset rules, 3-6 carryings of flag parameter in the URL link are read
Timestamp, and according to the timestamp and default validity period information, verify current time whether the dynamic password validity period
In range;
If reading 1-2 expressions of flag parameter in the URL link within the validity period of the dynamic password
Random verification code and the Portal system storage key, calculate MD5 (random verification code+storage key read),
And whether the default position for comparing calculated result is consistent with 7-8 of flag parameter in the URL link;
If 7-8 of flag parameter are consistent in the default position of calculated result and the URL link, in the access request
The URL link pass through validation verification;
Otherwise, if the URL link in the access request do not meet format as defined in the preset rules or it is current when
Carve flag parameter not within the validity period of the dynamic password or in the default position of calculated result and the URL link
7-8 it is inconsistent, the URL link in the access request does not pass through validation verification.
In another embodiment based on the above-mentioned PORTAL system of the present invention, further includes:
Display unit, for the verification result according to the authentication unit, if the URL link in the access request is not led to
Validation verification is crossed, the login homepage of the PORTAL system is shown to user, so that user passes through input account and password login
Access WLAN.
In another embodiment based on the above-mentioned PORTAL system of the present invention, the second transmission unit, specifically from the visit
It asks and reads username and id information in the URL link in request, and send authentication request to short message push platform, which asks
It include username the and id information read in asking.
In another embodiment based on the above-mentioned PORTAL system of the present invention, second receiving unit is also used to receive
Authentication result that BRAS is returned, that phone number in the certification request and online password are authenticated;
The display unit is also used to show the authentication result to user, so that the user is whole using the mobile phone
It terminates into wlan network.
A kind of system accessing WLAN (WLAN) provided in an embodiment of the present invention, comprising:
Short message pushes platform, for generating one based on preset rules when mobile phone terminal enters wlan network overlay area
URL link;The URL link includes the PORTAL system domain name of WLAN and the user identity voucher of the mobilephone terminal user
Parameter;The short message including the URL link and prompt information, the prompt letter are sent to the mobile phone terminal by sms center
Breath accesses wlan network by clicking the URL link for prompting user;And according to the request of PORTAL system to described
User identity Credential parameters in URL link are authenticated, and when the user identity Credential parameters pass through authentication, to described
PORTAL system returns to the phone number of the mobilephone terminal user;
Sms center, for sending the short message including the URL link and prompt information to the mobile phone terminal;
BRAS, for when receiving access request of the user by clicking the URL link transmission, the access to be asked
The PORTAL system that is transmitted to is sought, includes the URL link in the access request;And request RADIUS sends out PORTAL system
The phone number in certification request sent is authenticated with online password, and phone number and online in the certification request
When password passes through certification, allow the mobile phone terminal access wlan network;
PORTAL system, for carrying out validation verification to the URL link in the access request;In response to the URL
Link authenticates the user identity Credential parameters in the URL link by validation verification, request short message push platform,
And when the user identity Credential parameters pass through authentication, the hand for the mobilephone terminal user that short message push platform returns is received
Machine number;According to the phone number, the online password of the mobilephone terminal user is obtained from RADIUS;And construction one is recognized
Card request Concurrency gives the BRAS, includes the phone number of the mobilephone terminal user in the certification request and surfs the Internet close
Code;
RADIUS, for the WLAN business information of memory mobile phone terminal user, including WLAN type of service mark, WLAN industry
Business state, phone number and online password;Online password corresponding with the phone number is provided to PORTAL system;And root
According to storage WLAN business information in the certification request phone number and online password authenticate, and to the BRAS
Return authentication result.
In another embodiment based on above system of the present invention, further includes:
Mobile phone terminal, for initiating location-based location updating to MSC and asking when entering wlan network overlay area
It asks, includes the new cell information that mobile phone terminal is currently entering in the position updating request;
MSC, for updating the location information of cell of the mobilephone terminal user according to the position updating request received;
Network management system, the location information of cell for the mobilephone terminal user described on monitoring MSC registration have carried out more
Newly, the information for inquiring operator's WLAN hot spot data bank knows new cell deployment WLAN hot spot, then knows the mobile phone
Terminal user enters the WLAN hot spot overlay area of operator, sends a notification message to short message push platform, the notification message
Phone number including the mobilephone terminal user;
The short message pushes platform, is also used to call RADIUS interface, requests mobilephone terminal user described in radius authentication
Service condition it is whether normal and whether there is WLAN service authority, and receive the verification result of RADIUS return;According to institute
The verification result of RADIUS return is stated, if the service condition of the mobilephone terminal user is normal and has WLAN service authority, is held
The row operation for generating a URL link;
The RADIUS is also used to store the business state information of the mobilephone terminal user;And according to the short message
The request of platform is pushed, the business state information and WLAN business information of the mobilephone terminal user based on storage verify the hand
Whether the service condition of machine terminal user is normal and whether has WLAN service authority, and receives the verifying of RADIUS return
As a result.
In another embodiment based on above system of the present invention, the short message push platform is specially that the present invention is above-mentioned
The short message that any embodiment provides pushes platform;
The PORTAL system is specially the PORTAL system for the WLAN that any of the above-described embodiment of the present invention provides.
Method and system, short message push platform, door based on the access WLAN that the above embodiment of the present invention provides
Family system actively pushes a WAP PUSH class to user mobile phone terminal when mobile phone terminal enters wlan network overlay area
The short message of the URL link address of the carrying user identity Credential parameters of type, user, which clicks this URL link, can be realized auto dialing
Function of surfing the Net.In terms of existing technologies, the login step that mobilephone terminal user dials up on the telephone, operating process letter be can simplify
It is single, convenient Internet channel is provided for user;And the trigger condition of control dialing process is requested according to user, security performance is high,
Intuitive user's perception is provided, unnecessary expense is reduced and complains.
Below by drawings and examples, technical scheme of the present invention will be described in further detail.
Detailed description of the invention
The attached drawing for constituting part of specification describes the embodiment of the present invention, and together with description for explaining
The principle of the present invention.
The present invention can be more clearly understood according to following detailed description referring to attached drawing, in which:
Fig. 1 is the flow chart of method one embodiment of present invention access WLAN.
Fig. 2 is the flow chart for another embodiment that the method for the present invention accesses WLAN.
Fig. 3 is the structural schematic diagram that short message of the present invention pushes platform one embodiment.
Fig. 4 is the structural schematic diagram of PORTAL system one embodiment of WLAN of the present invention.
Fig. 5 is the structural schematic diagram of system one embodiment of present invention access WLAN.
Fig. 6 is the structural schematic diagram of another embodiment of the system of present invention access WLAN.
Specific embodiment
Carry out the various exemplary embodiments of detailed description of the present invention now with reference to attached drawing.It should also be noted that unless in addition having
Body explanation, the unlimited system of component and the positioned opposite of step, numerical expression and the numerical value otherwise illustrated in these embodiments is originally
The range of invention.
Simultaneously, it should be appreciated that for ease of description, the size of various pieces shown in attached drawing is not according to reality
Proportionate relationship draw.
Be to the description only actually of at least one exemplary embodiment below it is illustrative, never as to the present invention
And its application or any restrictions used.
Technology, method and apparatus known to person of ordinary skill in the relevant may be not discussed in detail, but suitable
In the case of, the technology, method and apparatus should be considered as part of specification.
It is shown here and discuss all examples in, any occurrence should be construed as merely illustratively, without
It is as limitation.Therefore, the other examples of exemplary embodiment can have different values.
It should also be noted that similar label and letter indicate similar terms in following attached drawing, therefore, once a certain Xiang Yi
It is defined in a attached drawing, then in subsequent attached drawing does not need that it is further discussed.
Fig. 1 is the flow chart of method one embodiment of present invention access WLAN.As shown in Figure 1, the embodiment accesses
The method of WLAN includes:
101, when mobile phone terminal enters wlan network overlay area, short message pushes platform and is based on one system of preset rules generation
One Resource orientation (URL) link.
The URL link includes portal (PORTAL) the system domain name of WLAN and the user identity voucher of the mobilephone terminal user
Parameter.
102, it includes above-mentioned URL link and prompt information that short message, which pushes platform and sent by sms center to mobile phone terminal,
Short message, prompt information therein can access wlan network by clicking the URL link for prompting user.
103, Broadband Remote Access Server (BRAS) receives the access request that user sends by clicking URL link
When, access request is transmitted to PORTAL system, includes the above-mentioned URL link clicked in the access request.
104, PORTAL systems carry out validation verification to the URL link in access request.
105, in response to URL link by validation verification, PORTAL system request short message pushes platform to the URL link
In user identity Credential parameters authenticated, and when user identity Credential parameters pass through authentication, receive short message and push platform
The phone number of the mobilephone terminal user returned.
106, PORTAL systems are obtained according to the phone number received from remote customer dialing authentication system (RADIUS)
The online password of the mobilephone terminal user.
107, PORTAL systems construct a certification request and are sent to BRAS, include the mobile phone terminal in the certification request
The phone number of user and the online password got.
108, BRAS request RADIUS authenticate the phone number in certification request and password of surfing the Internet, and in the certification
When phone number and online password in request pass through certification, the mobile phone terminal is allowed to access wlan network.
Method based on the access WLAN that the above embodiment of the present invention provides, enters wlan network in mobile phone terminal
When overlay area, the URL chain of the carrying user identity Credential parameters of a WAPPUSH type is actively pushed to user mobile phone terminal
It is grounded the short message of location, user, which clicks this URL link, can be realized automatic dialup function, simplify mobilephone terminal user dialing
The login step of online, operating process is simple, provides convenient Internet channel for user;And control dialing stream is requested according to user
The trigger condition of journey, security performance is high, can provide intuitive user's perception, reduce unnecessary expense and complain.
Fig. 2 is the flow chart for another embodiment that the method for the present invention accesses WLAN.As shown in Fig. 2, the embodiment accesses
The method of WLAN includes:
201, mobile phone terminal enter wlan network overlay area (such as enter have China Telecom's ChinaNet signal cover
Cdma network cell) when, location-based position updating request, the position updating request are initiated to mobile switch equipment (MSC)
In include the new cell information that is currently entering of the mobile phone terminal, for example, cell ID (CELL ID) information of new cell.
202, MSC update the location information of cell of the mobilephone terminal user, more by the subdistrict position of the mobilephone terminal user
The new cell information being newly currently entering for the mobile phone terminal.
203, network management system monitors that the location information of cell for having mobilephone terminal user to register on MSC is updated, and looks into
The information for asking operator's WLAN hot spot data bank, knows location information of cell updated new cell deployment WLAN hot spot,
Then know that the mobilephone terminal user enters the WLAN hot spot overlay area of operator, then sends notice to short message push platform and disappear
Breath, which includes the phone number of the mobilephone terminal user.Wherein, this is had recorded in operator's WLAN hot spot data bank
There is the WLAN hot spot for generating WLAN signal in operator in which cell deployment.
204, short message pushes platform and calls RADIUS interface, requests the service condition of the radius authentication mobilephone terminal user
Whether normal (that is: whether defaulting subscriber etc. causes subscriber card can not normal use to the mobilephone terminal user) and whether have
WLAN service authority (that is: the mobilephone terminal user is to open WLAN business), and receive the verification result of RADIUS return.
205, short message pushes platform and receives the verification result that RADIUS is returned, if the service condition of mobilephone terminal user is just
Often and there is WLAN service authority, executes 206 operation.
Otherwise, if the service condition of mobilephone terminal user is normal or without WLAN service authority, does not execute the present embodiment
Follow-up process.
206, short message pushes platform and is based on preset rules one URL link of generation, which includes the PORTAL of WLAN
The user identity Credential parameters of system domain name and the mobilephone terminal user.One format sample of URL link is as follows: https: //
Wlan.ct10000.com? flag=***&username=****&id=****.
207, short message pushes platform and sends short message transmission request to sms center, and it includes above-mentioned which, which sends in request,
URL link, for identify the URL link be wap push (WAP PUSH) type parameter identification, mobile phone terminal
The phone number and prompt information of user, prompt information therein can be connect for prompting user by clicking the URL link
Enter wlan network, such as may is that and " you is welcome to enter the hot spot region China Telecom ChinaNet.If surfed the Internet, your hand is opened
Is the WLAN of machine switched, and clicks link https: //wlan.ct10000.com? flag=***&username=****&id
=* * * * ".
208, sms center sends the phone number in request according to short message, and sending to mobile phone terminal includes WAP PUSH class
The URL link of type and the short message of prompt information.
TeleserviceId=65002 parameter is carried in short message, identifying the short message is WAP PUSH class short message, it is ensured that hand
After machine terminal receives the short message, ULR link can be recognized, is clicked directly on for user.
209, when user clicks the above-mentioned URL link access PORTAL that mobile phone terminal receives, it is logical that BRAS receives user
The access request that the above-mentioned URL link clicked and received is sent is crossed, which is transmitted to PORTAL system, which asks
It include the above-mentioned URL link clicked in asking.
URL link in the access request that 210, PORTAL system dockings receive carries out validation verification.
If the URL link executes 211 operation by validation verification.Otherwise, if the URL link does not pass through validity
Verifying, PORTAL system show the login homepage of the PORTAL system to user, it is desirable that user is stepped on by input account and password
Record logs in WLAN.Later, the follow-up process of the present embodiment is not executed.
211, PORTAL system request short messages push platform reflects to the user identity Credential parameters in the URL link
Power, and when user identity Credential parameters pass through authentication, receive the mobile phone for the mobilephone terminal user that short message push platform returns
Number.
If user identity Credential parameters do not pass through authentication, short message push platform does not return to phone number, does not also execute this reality
Apply the follow-up process of example.
For 212, PORTAL systems according to the phone number received, the online for obtaining the mobilephone terminal user from RADIUS is close
Code accesses the password of WALN.
213, PORTAL systems construct a certification request and are sent to BRAS, include the mobile phone terminal in the certification request
The phone number of user and the online password got.
214, BRAS send authentication request packet to RADIUS, request RADIUS to the mobile phone in the certification request received
Number and online password are authenticated.
The WLAN business information of 215, RADIUS mobilephone terminal users according to the pre-stored data is to the mobile phone in certification request
Number and online password are authenticated.
Wherein, the WLAN business information of RADIUS storage includes WLAN type of service mark, WLAN service condition, cell-phone number
Code and online password.WLAN type of service mark is WLAN business for mark business-type, and WLAN service condition includes whether
WLAN business is opened, the subscriber phone number and online password of WLAN business are opened.Open the WLAN industry of the user of WLAN business
Business information can be arranged when the user opens WLAN business by operator.
Whether 216, RADIUS pass through the authentication result of certification to BRAS answering mobile phone number and online password.
Authentication result is transmitted to PORTAL system by 217, BRAS, also, according to authentication result, if in the certification request
Phone number and online password allow the mobile phone terminal to access wlan network by certification;Otherwise, if hand in the certification request
Machine number and online password are unauthenticated, refuse mobile phone terminal access wlan network.
218, PORTAL systems show authentication result to user, if authentication result is by certification, user can be used
Mobile phone terminal accesses wlan network.
According to the present invention it is above-mentioned it is each access WLAN embodiment of the method a specific example rather than limit, user identity with
Card parameter can specifically include type identification (flag) parameter, user name (username) parameter and dynamic password (id) parameter,
To realize the high reliability and high confidentiality of the URL link.Wherein, flag parameter is used to carry the type identification of URL link,
It that is: is a URL link for identifying current information;Username parameter is used for the cryptographic calculation result of carrying mobile phone number;
Id parameter is used to carry the dynamic password that short message push platform is mobilephone terminal user distribution.
In a more specific example, the type identification for the URL link that flag parameter carries is the number of 8 bit lengths,
The wherein 1-2 random verification codes for short message push platform dynamic generation, 3-6 for expression, the URL link generates the time
Timestamp, format can be (HourDay);The 7-8 default positions for MD5 (random verification code+key) calculated result, example
Such as the 9th and 15, in addition it is also possible to other positions, 7-8 use the 9th He of MD5 (random verification code+key) calculated result
15, confidentiality with higher, it more difficult in being cracked;Key is the code key ginseng that short message pushes platform and PORTAL system is shared
Number is set in advance in short message push platform and PORTAL system.MD5 therein is Message Digest 5, MD5 (accidental validation
Code+key) it indicates to calculate random verification code+key using MD5.Shared code key parameter be short message push platform with
Docking shared parameter between PORTAL system can be used for carrying out safety verification to the interactive information between help, reduce other people
Risk of attacks.
In another more specific example, the cryptographic calculation result for the phone number that username parameter carries is 11
Number sequentially combines, wherein the 1st of n value random verification code for the operation result of (the bits per inch value+n of phone number) %10
Position or the 2nd.Wherein (the bits per inch value+n of phone number) %10 is indicated, is respectively added the bits per inch value of phone number with n,
If addition result is 1 digit, value 1 digit, if addition result is 2 digits, value is the addition result and 10
Difference.For example, n value is the 1st, n=7 of random verification code, it is when subscriber phone number is 15301858731, then (each
Phone number numerical value+n) %10 operation result be 82078525408.What Username parameter carried is the encryption of phone number
Operation result rather than direct carrying mobile phone number, can occur in plain text to avoid user name in URL link, to promote URL
It links, the security performance of WLAN service access.
In another more specific example, short message push platform is often that a mobilephone terminal user generates a pair
Username and id can store the generation of the phone number, username and id, username and id of the mobilephone terminal user
Time and validity period information are more than the time as defined in the validity period, this id generated failure.Such as the validity period of the id is 6
At a hour, user is receiving effective including logging in WLAN in 6 hours after the short message of URL link, and it is invalid to log in after 6 hours.
Correspondingly with above-mentioned specific example, another in the embodiment of the method for the above-mentioned each access WLAN of the present invention specifically shows
In example, in operation 104 or 210, PORTAL system, which carries out validation verification to the URL link in access request, can specifically pass through
As under type is realized:
Whether the URL link in Portal system identification access request meets format as defined in preset rules, for example, identification
Whether URL link is made of domain name, flag parameter, username parameter and id parameter, and whether parsing flag parameter meets URL chain
Connect typing rule;
If meeting format as defined in preset rules, the time of 3-6 carryings of flag parameter in the URL link is read
Stamp, and according to the timestamp and default validity period information, current time is verified whether within the validity period of dynamic password,
That is: the timestamp of 3-6 carryings of flag parameter is verified whether in (current time-validity period) range;
If reading the random of 1-2 expressions of flag parameter in the URL link within the validity period of dynamic password
The key of identifying code and the Portal system itself storage, calculates MD5 (random verification code+storage key read), and compare
It is whether consistent with 7-8 of flag parameter in the URL link compared with the default position of calculated result;
If 7-8 of flag parameter are consistent in the default position of calculated result and the URL link, determine in access request
The URL link pass through validation verification;
Otherwise, if the URL link in access request does not meet format or current time as defined in preset rules not dynamic
Within the scope of the validity period of the state password or default position of MD5 (random verification code+storage key read) calculated result with
In the URL link 7-8 of flag parameter it is inconsistent, then determine that the URL link in access request is not tested by validity
Card.
In another embodiment of the embodiment of the method for present invention access WLAN, it is a mobile phone end that short message, which pushes platform,
After end subscriber generates URL link, the authentication information of the mobilephone terminal user is also stored, including in phone number, URL link
The validity period information of the generation time and id of username and id information, username and id information.Correspondingly, in the implementation
In example, PORTAL system request short message push platform carries out authentication to the user identity Credential parameters in URL link and specifically includes:
PORTAL system reads username and id information from the URL link in access request and is sent to short message push
Platform;
Short message push platform compares username the and id information of PORTAL system transmission and the authentication information of itself storage
In username with id information it is whether consistent;
If PORTAL system send username and id information and itself storage authentication information in username and
Id information is consistent, according in the authentication information the generation time and validity period information, judge the id currently whether effectively;
If id is the currently active, by authentication, short message pushes platform and returns to mirror to PORTAL system user identity Credential parameters
Weigh the phone number in information;
Otherwise, if in the authentication information of username and id information and itself storage that PORTAL system is sent
Username and id information is inconsistent or id current invalid, user identity Credential parameters do not pass through authentication.
Those of ordinary skill in the art will appreciate that: realize that all or part of the steps of above method embodiment can pass through
The relevant hardware of program instruction is completed, and program above-mentioned can be stored in a computer readable storage medium, the program
When being executed, step including the steps of the foregoing method embodiments is executed;And storage medium above-mentioned includes: ROM, RAM, magnetic disk or light
The various media that can store program code such as disk.
Fig. 3 is the structural schematic diagram that short message of the present invention pushes platform one embodiment.The short message of the embodiment pushes platform
It can be used for realizing the corresponding function of short message push platform in the method for the above-mentioned each access WLAN of the present invention.As shown in Figure 3 comprising
Generation unit, storage unit, the first transmission unit, the first receiving unit and authenticating unit.Wherein:
Generation unit, for generating a URL based on preset rules when mobile phone terminal enters wlan network overlay area
Link, which includes the PORTAL system domain name of WLAN and the user identity Credential parameters of the mobilephone terminal user.
Storage unit, for storing the authentication information of the mobilephone terminal user generated when generation unit generates URL link, root
It can be realized according to the authentication information and the user identity Credential parameters in URL link are authenticated.
First transmission unit includes above-mentioned URL link and prompt information for being sent by sms center to mobile phone terminal
Short message, prompt information therein is for prompting user by clicking the i.e. accessible wlan network of the URL link;And according to mirror
The instruction for weighing unit returns to the phone number of mobilephone terminal user to PORTAL system.
First receiving unit, for receive PORTAL system transmission to the user identity Credential parameters in URL link into
The authentication request of row authentication, includes user identity Credential parameters to be authenticated in the authentication request.
Authenticating unit, for according to the authentication information stored in storage unit to the first receiving unit receive wait authenticate
User identity Credential parameters authenticated, and when the user identity Credential parameters wait authenticate pass through authentication, the first hair of instruction
The phone number for sending unit to return to mobilephone terminal user to PORTAL system.
In another embodiment of short message of the present invention push platform, the first receiving unit is also used to receive network management system and exists
It monitors the notification message sent when mobilephone terminal user enters the WLAN hot spot overlay area of operator, is wrapped in the notification message
Include the phone number of the mobilephone terminal user.Correspondingly, authenticating unit is also used to call RADIUS interface, requests radius authentication
Whether the service condition of the mobilephone terminal user is normal and whether has WLAN service authority, and receives RADIUS return
Verification result.The verification result that generation unit is received with specific reference to authenticating unit, if the service condition of mobilephone terminal user is just
Often and there is WLAN service authority, starts to execute the operation for generating URL link.
In the above-mentioned each short message push platform embodiment of the present invention, the first transmission unit passes through sms center to mobile phone terminal
When sending the short message including above-mentioned URL link and prompt information, specifically short message can be sent to sms center and send request, this is short
It includes URL link in request, for identifying the parameter identification, used for mobile phone terminal that the URL link is WAP PUSH type that letter, which is sent,
The phone number and prompt information at family, so as to sms center to mobile phone terminal send include WAP PUSH type URL link and
The short message of prompt information.
Specifically, user identity Credential parameters may include flag parameter, username parameter and id parameter.Wherein,
Flag parameter is used to carry the type identification of URL link, it may be assumed that for identifying current information as a URL link;Username ginseng
Number is used for the cryptographic calculation result of carrying mobile phone number;Id parameter is for carrying short message push platform as mobilephone terminal user distribution
Dynamic password.
Illustratively, the type identification for the URL link that flag parameter carries is the number of 8 bit lengths, wherein 1-2 are
Short message pushes the random verification code of platform dynamic generation, and 3-6 are to indicate that the URL link generates the timestamp of time;7-8
Position is the default position of MD5 (random verification code+key) calculated result, such as the 9th and 15, is in addition also possible to other positions;key
The code key parameter that platform is shared with PORTAL system is pushed for short message.The cryptographic calculation for the phone number that username parameter carries
As a result it is 11 bit digitals, is sequentially combined for the operation result of (the bits per inch value+n of phone number) %10, wherein n value is random
The 1st of identifying code or the 2nd.Id parameter carry dynamic password be 10 bit digitals, id by short message push platform be user with
Machine generates, within default validity period effectively.
In a specific example of said short message of the present invention push platform embodiment, the mobile phone terminal of storage unit storage
The authentication information of user specifically includes phone number, username and id information in URL link, username and id information
Generate time and validity period information.Correspondingly, the user identity to be authenticated in authentication request that the first receiving unit receives
Credential parameters specifically include username and id information.Authenticating unit is specifically used for comparing the username and id in authentication request
Whether username the and id information in an authentication information stored in information and storage unit is consistent;If consistent, according to one
Effectively whether generation time and validity period information in authentication information judge id in authentication request currently;If effectively, the mirror
For user identity Credential parameters in power request by authentication, the first transmission unit of instruction returns to an authentication letter to PORTAL system
Phone number in breath;Otherwise, if the authentication information stored in username and id information in authentication request and storage unit
In username and id information it is whether inconsistent, or with id current invalid, user identity Credential parameters do not pass through authentication.
Fig. 4 is the structural schematic diagram of PORTAL system one embodiment of WLAN of the present invention.The PORTAL system of the embodiment
System can be used for realizing the PORTAL system corresponding function in the method for the above-mentioned each access WLAN of the present invention.As shown in Figure 4 comprising
Second receiving unit, authentication unit, the second transmission unit, acquiring unit and structural unit.Wherein:
Second receiving unit includes URL link in the access request for receiving the access request of BRAS transmission, by
BRAS is sent when user clicks URL link, which is generated by short message push platform based on preset rules, including WLAN
PORTAL system domain name and mobilephone terminal user user identity Credential parameters;And it receives user identity Credential parameters and passes through
When authentication, short message pushes the phone number for the mobilephone terminal user that platform returns.
Authentication unit, the URL link in the access request for receiving to the second receiving unit carry out validation verification.
Second transmission unit, for the verification result according to authentication unit, when URL link passes through validation verification, to
Short message pushes platform and sends authentication request, includes the user identity Credential parameters in above-mentioned URL link in the authentication request;And
Certification request is sent to BRAS.
Acquiring unit, the phone number for being received according to the second receiving unit obtain used for mobile phone terminal from RADIUS
The online password at family, and the phone number and online password are sent to structural unit.
Structural unit, for constructing a certification request and being sent to BRAS by the second transmission unit, the certification request
In include acquiring unit send mobilephone terminal user phone number and online password, so as to BRAS request RADIUS this is recognized
Phone number and online password in card request are authenticated.
In a specific example, user identity Credential parameters may include flag parameter, username parameter and id ginseng
Number.Wherein, flag parameter is used to carry the type identification of URL link, it may be assumed that for identifying current information as a URL link;
Username parameter is used for the cryptographic calculation result of carrying mobile phone number;Id parameter is that mobile phone is whole for carrying short message push platform
The dynamic password of end subscriber distribution.Correspondingly, in the specific example, authentication unit is specifically used for the URL in identification access request
Whether link meets format as defined in preset rules;If meeting format as defined in preset rules, reads flag in the URL link and join
The timestamp of 3-6 several carryings, and according to the timestamp and default validity period information, whether current time is verified in dynamic
Within the scope of the validity period of password;If reading the 1-2 of flag parameter in the URL link within the validity period of dynamic password
The key for random verification code and Portal the system storage that position indicates, calculates the MD5 (random verification code+storage read
Key), and compare calculated result default position it is whether consistent with 7-8 of flag parameter in URL link;If calculated result
Unanimously, the URL link in access request passes through validation verification to 7-8 of flag parameter in default position and URL link;It is no
Then, if the URL link in access request does not meet not the having in dynamic password of format or current time as defined in preset rules
7-8 of within the scope of the effect phase or default position of calculated result and flag parameter in URL link are inconsistent, in access request
URL link do not pass through validation verification.
In another specific example, when the second transmission unit sends authentication request to short message push platform, specifically from visit
It asks and reads username and id information in the URL link in request, and send authentication request to short message push platform, which asks
It include username the and id information read in asking.
Further include display unit in another embodiment of the PORTAL system of WLAN of the present invention referring back to Fig. 4, uses
In the verification result according to authentication unit, if the URL link in access request does not pass through validation verification, showing to user should
The login homepage of PORTAL system, so that user accesses WLAN by input account and password login.
In a further embodiment, the second receiving unit be also used to receive BRAS return, to mobile phone in certification request
The authentication result that number and online password are authenticated.Correspondingly, display unit can also be used to show authentication result to user, with
Just user accesses wlan network using mobile phone terminal.
Fig. 5 is the structural schematic diagram of system one embodiment of present invention access WLAN.The system of the embodiment can be used for
Realize the embodiment of the method for the above-mentioned each access WLAN of the present invention.As shown in Figure 5 comprising short message push platform, sms center,
BRAS, PORTAL system and RADIUS.Wherein:
Short message pushes platform, for generating one based on preset rules when mobile phone terminal enters wlan network overlay area
URL link, which includes the PORTAL system domain name of WLAN and the user identity Credential parameters of mobilephone terminal user;
The short message including above-mentioned URL link and prompt information is sent to mobile phone terminal by sms center, prompt information therein is used for
User is prompted to can access wlan network by clicking the URL link;And according to the request of PORTAL system to the URL link
In user identity Credential parameters authenticated, and when user identity Credential parameters pass through authentication, returned to PORTAL system
The phone number of the mobilephone terminal user.Illustratively, short message push platform specifically can be short using any embodiment shown in Fig. 3
The structure of letter push platform is realized.
Sms center, for sending the short message including above-mentioned URL link and prompt information to mobile phone terminal.
BRAS, for when receiving access request of the user by clicking URL link transmission, which to be forwarded
PORTAL system is given, includes above-mentioned URL link in the access request;And the certification that request RADIUS sends PORTAL system
Phone number and online password in request are authenticated, and the phone number in certification request and online password pass through certification
When, allow mobile phone terminal to access wlan network.
PORTAL system, for carrying out validation verification to the URL link in the access request received;In response to this
URL link reflects to the user identity Credential parameters in the URL link by validation verification, request short message push platform
Power, and when user identity Credential parameters pass through authentication, receive the cell-phone number for the mobilephone terminal user that short message push platform returns
Code;According to the phone number received, the online password of the mobilephone terminal user is obtained from RADIUS;And one certification of construction
Request Concurrency gives BRAS, and the phone number of the mobilephone terminal user in the certification request including receiving is somebody's turn to do with what is got
The online password of mobilephone terminal user.Illustratively, PORTAL system specifically can be using any embodiment PORTAL shown in Fig. 4
The structure of system is realized.
RADIUS, for the WLAN business information of memory mobile phone terminal user, including WLAN type of service mark, WLAN industry
Business state, phone number and online password;Online password corresponding with phone number is provided to PORTAL system;And according to depositing
The WLAN business information of storage in certification request phone number and online password authenticate, and to BRAS return authentication knot
Fruit.
Fig. 6 is the structural schematic diagram of another embodiment of the system of present invention access WLAN.With embodiment phase shown in fig. 5
Than the present embodiment further includes mobile phone terminal, MSC and network management system.Wherein:
Mobile phone terminal, for initiating location-based location updating to MSC and asking when entering wlan network overlay area
It asks, includes the new cell information that mobile phone terminal is currently entering in the position updating request.
MSC, for updating the location information of cell of the mobilephone terminal user according to the position updating request received.
Network management system is updated for the location information of cell that mobilephone terminal user is registered on monitoring MSC, is looked into
The information for asking operator's WLAN hot spot data bank knows new cell deployment WLAN hot spot, then knows that the mobilephone terminal user enters
The WLAN hot spot overlay area of operator sends a notification message to short message push platform, includes the mobile phone terminal in notification message
The phone number of user.
Short message pushes platform, is also used to call RADIUS interface, requests the business of the radius authentication mobilephone terminal user
Whether state is normal and whether has WLAN service authority, and receives the verification result of RADIUS return;It is returned according to RADIUS
The verification result returned starts to execute generation one if the service condition of the mobilephone terminal user is normal and has WLAN service authority
The operation of URL link.
RADIUS is also used to the business state information of memory mobile phone terminal user;And asking for platform is pushed according to short message
It asks, the business state information and WLAN business information of the mobilephone terminal user based on storage verify the business of mobilephone terminal user
Whether state is normal and whether has WLAN service authority, and receives the verification result of RADIUS return.
Each embodiment in this specification is described in a progressive manner, the highlights of each of the examples are with its
The difference of its embodiment, the same or similar part cross-reference between each embodiment.It is real for equipment, system
For applying example, since it is substantially corresponding with embodiment of the method, so being described relatively simple, related place is referring to embodiment of the method
Part explanation.
Method, apparatus and system of the invention may be achieved in many ways.For example, software, hardware, firmware can be passed through
Or any combination of software, hardware, firmware realizes method, apparatus and system of the invention.The step of for the method
Said sequence merely to be illustrated, the step of method of the invention, is not limited to sequence described in detail above, unless with
Other way illustrates.In addition, in some embodiments, also the present invention can be embodied as to record journey in the recording medium
Sequence, these programs include for realizing machine readable instructions according to the method for the present invention.Thus, the present invention also covers storage and uses
In the recording medium for executing program according to the method for the present invention.
The embodiment of the present invention is with issuing the URL link for carrying user identity Credential parameters based on WAP PUSH type short message
Location, user, which clicks URL link, can be completed the implementation of automatic dialup, can simplify mobile phone user and dial up on the telephone step
Suddenly, dialing process is controlled according to user demand, on simplifying subscriber dialing process base, and provides intuitive WLAN and use
Perception, can preferably promote user experience in practical applications.
Description of the invention is given for the purpose of illustration and description, and is not exhaustively or will be of the invention
It is limited to disclosed form.Many modifications and variations are obvious for the ordinary skill in the art.It selects and retouches
It states embodiment and is to more preferably illustrate the principle of the present invention and practical application, and those skilled in the art is enable to manage
The solution present invention is to design various embodiments suitable for specific applications with various modifications.
Claims (27)
1. a kind of method for accessing WLAN (WLAN) characterized by comprising
When mobile phone terminal enters wlan network overlay area, it is fixed based on preset rules one unified resource of generation that short message pushes platform
Position URL link;The URL link includes the user identity of portal the PORTAL system domain name and the mobilephone terminal user of WLAN
Credential parameters;
It includes wap push WAP PUSH class that short message, which pushes platform and sent by sms center to the mobile phone terminal,
The URL link of type and the short message of prompt information, the prompt information are connect for prompting user by clicking the URL link
Enter wlan network;
When Broadband Remote Access Server BRAS receives access request of the user by clicking the URL link transmission, by institute
It states access request and is transmitted to PORTAL system, include the URL link in the access request;
PORTAL system carries out validation verification to the URL link in the access request;
In response to the URL link by validation verification, PORTAL system request short message pushes platform in the URL link
User identity Credential parameters authenticated, and when the user identity Credential parameters pass through authentication, it is flat to receive short message push
The phone number for the mobilephone terminal user that platform returns;
PORTAL system obtains described used for mobile phone terminal according to the phone number from remote customer dialing authentication system RADIUS
The online password at family;
PORTAL system constructs a certification request and is sent to the BRAS, includes the mobile phone terminal in the certification request
The phone number and online password of user;
The BRAS request RADIUS authenticates the phone number in the certification request and password of surfing the Internet, and recognizes described
When phone number and online password in card request pass through certification, allow the mobile phone terminal access wlan network.
2. the method according to claim 1, wherein short message push platform is based on preset rules and generates one
Before URL link, further includes:
When mobile phone terminal enters wlan network overlay area, location-based location updating is initiated to mobile switch equipment MSC and is asked
It asks, MSC updates the location information of cell of the mobilephone terminal user, includes mobile phone terminal in the position updating request when advance
The new cell information entered;
Network management system monitors that the location information of cell of the mobilephone terminal user registration on MSC is updated, inquiry operation
The information of quotient's WLAN hot spot data bank knows new cell deployment WLAN hot spot, then knows that the mobilephone terminal user enters
The WLAN hot spot overlay area of operator sends a notification message to short message push platform, and the notification message includes the mobile phone
The phone number of terminal user;
Short message pushes platform and calls RADIUS interface, whether just to request the service condition of mobilephone terminal user described in radius authentication
Often and whether there is WLAN service authority, and receives the verification result of RADIUS return;
According to the verification result that the RADIUS is returned, if the service condition of the mobilephone terminal user is normal and has WLAN
Service authority executes the operation for generating a URL link.
3. the method according to claim 1, wherein short message push platform passes through sms center to the hand
It includes the URL link of WAP PUSH type that machine terminal, which is sent, and the short message of prompt information includes:
The short message pushes platform and sends short message transmission request to sms center, and it includes the URL chain in request which, which sends,
It connects, for identifying the parameter identification, described used for mobile phone terminal that the URL link is wap push WAP PUSH type
The phone number at family and the prompt information;
Sms center to the mobile phone terminal send include WAP PUSH type the URL link and the prompt information it is short
Letter.
4. according to claim 1 to method described in 3 any one, which is characterized in that the user identity Credential parameters include
Type identification flag parameter, user name username parameter and dynamic password id parameter;
Wherein, the flag parameter is used to carry the type identification of URL link;The username parameter is used for carrying mobile phone number
The cryptographic calculation result of code;The id parameter is used to carry the dynamic password that short message push platform is mobilephone terminal user distribution.
5. according to the method described in claim 4, it is characterized in that, the type identification for the URL link that the flag parameter carries
For the number of 8 bit lengths;
The wherein 1-2 random verification codes for short message push platform dynamic generation, 3-6 generate the time for URL link
Timestamp;The 7-8 default positions for MD5 calculated result, wherein the calculating factor of random verification code and key as MD5, key
The code key parameter that platform is shared with the PORTAL system is pushed for short message.
6. according to the method described in claim 3, it is characterized in that, the default position of MD5 calculated result is specially that the MD5 is calculated
As a result the 9th and 15.
7. according to the method described in claim 5, it is characterized in that, the encryption for the phone number that the username parameter carries
Operation result is 11 bit digitals, is sequentially combined for the operation result of (the bits per inch value+n of phone number) %10, wherein n value
The 1st of the random verification code or the 2nd.
8. the method according to the description of claim 7 is characterized in that the id parameter carry dynamic password be 10 bit digitals,
The dynamic password is that user generates at random by short message push platform, within default validity period effectively.
9. according to the method described in claim 8, it is characterized in that, PORTAL system is to the URL link in the access request
Carrying out validation verification includes:
Whether the URL link in access request described in the PORTAL system identification meets format as defined in the preset rules;
If meeting format as defined in the preset rules, the time of 3-6 carryings of flag parameter in the URL link is read
Stamp, and according to the timestamp and default validity period information, verify current time whether the dynamic password validity period range
It is interior;
If within the validity period of the dynamic password, read 1-2 of flag parameter in URL link expressions with
The key of machine identifying code and PORTAL system storage, calculates MD5, wherein the random verification code and storage key read is made
For the calculating factor of MD5, and compare 7-8 of flag parameter in the default position and the URL link of calculated result whether one
It causes;
If 7-8 of flag parameter are consistent in the default position of calculated result and the URL link, the institute in the access request
It states URL link and passes through validation verification;
Otherwise, if the URL link in the access request does not meet format as defined in the preset rules or current time not
The of flag parameter within the validity period of the dynamic password or in the default position of calculated result and the URL link
7-8 inconsistent, and the URL link in the access request does not pass through validation verification.
10. according to the method described in claim 9, it is characterized in that, if the URL link in the access request does not pass through effectively
Property verifying, PORTAL system shows the login homepage of the PORTAL system to user, so that user passes through input account and password
Log in access WLAN.
11. according to the method described in claim 9, it is characterized in that, also being deposited after short message push platform generation URL link
The authentication information for storing up the mobilephone terminal user, including username the and id information in phone number, the URL link, institute
State generation time and the validity period information of username and id information;
PORTAL system request short message pushes platform and authenticate to the user identity Credential parameters in the URL link
PORTAL system reads username and id information from the URL link in the access request and is sent to short message push
Platform;
The short message push platform compares in username the and id information of PORTAL system transmission and the authentication information of storage
Whether username with id information is consistent;
If username the and id information one in the authentication information of username and id information and storage that PORTAL system is sent
Cause, according in the authentication information the generation time and validity period information, judge the id currently whether effectively;
If the id is the currently active, the user identity Credential parameters return to the mirror by authentication, to the PORTAL system
Weigh the phone number in information;
Otherwise, if username and id in the authentication information of username and id information and storage that PORTAL system is sent believe
The inconsistent or described id current invalid is ceased, the user identity Credential parameters do not pass through authentication.
12. according to the method described in claim 4, it is characterized in that, the BRAS requests RADIUS in the certification request
Phone number and online password carry out certification include:
BRAS sends the authentication request packet to RADIUS;
The WLAN business information of RADIUS mobilephone terminal user according to the pre-stored data is to the phone number in the certification request
It is authenticated with online password, the WLAN business information includes WLAN type of service mark, WLAN service condition, phone number
With online password;
RADIUS replys the phone number to BRAS and whether online password passes through the authentication result of certification;
The authentication result is transmitted to PORTAL system by BRAS;
PORTAL system shows the authentication result to user, so that the user accesses WLAN net using the mobile phone terminal
Network.
13. a kind of short message pushes platform characterized by comprising
Generation unit, for generating a URL chain based on preset rules when mobile phone terminal enters wlan network overlay area
It connects;The URL link includes the PORTAL system domain name of WLAN and the user identity Credential parameters of the mobilephone terminal user;
Storage unit, for storing the authentication information of the mobilephone terminal user generated when the generation unit generates URL link;
First transmission unit includes wap push WAP for being sent by sms center to the mobile phone terminal
The URL link of PUSH type and the short message of prompt information, the prompt information is for prompting user by clicking the URL
Link access wlan network;And the instruction according to authenticating unit, the hand of the mobilephone terminal user is returned to PORTAL system
Machine number;
First receiving unit, for receiving reflecting to the user identity Credential parameters in URL link for PORTAL system transmission
The authentication request of power includes user identity Credential parameters to be authenticated in the authentication request;
Authenticating unit, for being joined according to authentication information stored in the storage unit to the user identity voucher to be authenticated
Number is authenticated, and when the user identity Credential parameters wait authenticate pass through authentication, the first transmission unit of instruction to
PORTAL system returns to the phone number of the mobilephone terminal user.
14. short message according to claim 13 pushes platform, which is characterized in that first receiving unit is also used to connect
The notice that network management system is sent when monitoring that the mobilephone terminal user enters the WLAN hot spot overlay area of operator is received to disappear
Breath, the notification message includes the phone number of the mobilephone terminal user;
The authenticating unit is also used to call RADIUS interface, requests the business shape of mobilephone terminal user described in radius authentication
Whether state is normal and whether has WLAN service authority, and receives the verification result of RADIUS return;
The generation unit, with specific reference to the verification result that the authenticating unit receives, if the industry of the mobilephone terminal user
Business state is normal and has WLAN service authority, executes the operation for generating a URL link.
15. short message according to claim 13 pushes platform, which is characterized in that first transmission unit is specifically to short message
Center sends short message transmission request, and it includes the URL link in request, for identifying the URL link as WAP which, which sends,
The parameter identification of PUSH type, the phone number of the mobilephone terminal user and the prompt information, so that sms center is to institute
Stating mobile phone terminal and sending includes the URL link of WAP PUSH type and the short message of the prompt information.
16. according to claim 1 short message described in 3 to 15 any one push platform, which is characterized in that the user identity with
Demonstrate,proving parameter includes flag parameter, username parameter and id parameter;
Wherein, the flag parameter is used to carry the type identification of URL link;The username parameter is used for carrying mobile phone number
The cryptographic calculation result of code;The id parameter is used to carry the dynamic password that short message push platform is mobilephone terminal user distribution.
17. short message according to claim 16 pushes platform, which is characterized in that the URL link that the flag parameter carries
Type identification be 8 bit lengths number;Wherein, the 1-2 random verification codes for short message push platform dynamic generation, 3-
6 generate the timestamp of time for URL link;7-8 be MD5 calculated result default position, wherein random verification code and
The calculating factor of the key as MD5, key are the code key parameter that short message pushes platform and the PORTAL system is shared;
The cryptographic calculation result for the phone number that the username parameter carries is 11 bit digitals, is (every of phone number
Numerical value+n) operation result of %10 sequentially combines, wherein the 1st of random verification code described in n value or the 2nd;
The dynamic password that the id parameter carries is 10 bit digitals, and the dynamic password is that user gives birth at random by short message push platform
At within default validity period effectively.
18. short message according to claim 17 pushes platform, which is characterized in that the default position of the MD5 calculated result has
Body is the 9th and 15 of the MD5 calculated result.
19. short message according to claim 17 pushes platform, which is characterized in that the mobile phone of the storage unit storage
The authentication information of terminal user specifically includes phone number, username the and id information in the URL link, described
The generation time of username and id information and validity period information;
User identity Credential parameters to be authenticated in the authentication request that first receiving unit receives specifically include
Username and id information;
The authenticating unit, specifically in username the and id information and the storage unit in the authentication request
Whether username with the id information in one authentication information of storage is consistent;If consistent, according in an authentication information
The generation time and validity period information, judge id in the authentication request currently whether effectively;If effectively, the authentication request
In user identity Credential parameters by authentication, instruction the first transmission unit to the PORTAL system return it is described one authentication
Phone number in information;
Otherwise, if in username and id information in the authentication request and authentication information stored in the storage unit
Username and id information is inconsistent or the id current invalid, the user identity Credential parameters do not pass through authentication.
20. a kind of portal (PORTAL) system of WLAN (WLAN) characterized by comprising
Second receiving unit includes URL link in the access request, is existed by BRAS for receiving the access request of BRAS transmission
User sends when clicking the URL link, and the URL link is generated by short message push platform based on preset rules, and by short
Letter center will include that the URL link of wap push WAP PUSH type and the short message of prompt information are sent to hand
Machine terminal, the URL link include the PORTAL system domain name of WLAN and the user identity Credential parameters of mobilephone terminal user;With
And when receiving the user identity Credential parameters and passing through authentication, short message pushes the mobile phone for the mobilephone terminal user that platform returns
Number;
Authentication unit, for carrying out validation verification to the URL link in the access request;
Second transmission unit passes through validation verification in the URL link for the verification result according to the authentication unit
When, authentication request is sent to short message push platform, includes the user identity voucher ginseng in the URL link in the authentication request
Number;And certification request is sent to BRAS;
It is whole to obtain the mobile phone from RADIUS for acquiring unit, the phone number for being received according to second receiving unit
The online password of end subscriber, and the phone number and the online password are sent to structural unit;
Structural unit, for constructing a certification request and being sent to the BRAS by the second transmission unit, the certification is asked
Phone number and online password in asking including the mobilephone terminal user, so that BRAS request RADIUS is to the certification request
In phone number and online password authenticated.
21. system according to claim 20, which is characterized in that the user identity Credential parameters include type identification
Flag parameter, user name username parameter and dynamic password id parameter;Wherein, the flag parameter is for carrying URL link
Type identification;The username parameter is used for the cryptographic calculation result of carrying mobile phone number;The id parameter is for carrying
Short message pushes the dynamic password that platform is mobilephone terminal user distribution;
The authentication unit is specifically used for:
Identify whether the URL link in the access request meets format as defined in the preset rules;
If meeting format as defined in the preset rules, the time of 3-6 carryings of flag parameter in the URL link is read
Stamp, and according to the timestamp and default validity period information, verify current time whether the dynamic password validity period range
It is interior;
If within the validity period of the dynamic password, read 1-2 of flag parameter in URL link expressions with
The key of machine identifying code and PORTAL system storage, calculates MD5, wherein the key of the random verification code and storage that read
As the calculating factor of MD5, and compare calculated result default position and 7-8 of flag parameter in the URL link whether
Unanimously;
If 7-8 of flag parameter are consistent in the default position of calculated result and the URL link, the institute in the access request
It states URL link and passes through validation verification;
Otherwise, if the URL link in the access request does not meet format as defined in the preset rules or current time not
The of flag parameter within the validity period of the dynamic password or in the default position of calculated result and the URL link
7-8 inconsistent, and the URL link in the access request does not pass through validation verification.
22. system according to claim 21, which is characterized in that further include:
Display unit, for the verification result according to the authentication unit, if the URL link in the access request, which does not pass through, to be had
The verifying of effect property, the login homepage of the PORTAL system is shown to user, so that user passes through input account and password login access
WLAN。
23. system according to claim 22, which is characterized in that the second transmission unit, specifically from the access request
URL link in read username and id information, and send authentication request to short message push platform, include in the authentication request
Username the and id information read.
24. the system according to claim 22 or 23, which is characterized in that second receiving unit is also used to receive BRAS
Authentication result return, that phone number in the certification request and online password are authenticated;
The display unit is also used to show the authentication result to user, so that the user is connect using the mobile phone terminal
Enter wlan network.
25. a kind of system for accessing WLAN (WLAN) characterized by comprising
Short message pushes platform, for generating a URL based on preset rules when mobile phone terminal enters wlan network overlay area
Link;The URL link includes the PORTAL system domain name of WLAN and the user identity Credential parameters of the mobilephone terminal user;
By sms center to the mobile phone terminal send include wap push WAP PUSH type the URL link and
The short message of prompt information, the prompt information access wlan network by clicking the URL link for prompting user;And root
The user identity Credential parameters in the URL link are authenticated according to the request of PORTAL system, and in the user identity
When Credential parameters pass through authentication, the phone number of the mobilephone terminal user is returned to the PORTAL system;
Sms center, for including the URL link and prompt information of WAP PUSH type to mobile phone terminal transmission
Short message;
BRAS, for when receiving access request of the user by clicking the URL link transmission, the access request to be turned
PORTAL system is issued, includes the URL link in the access request;And RADIUS is requested to send PORTAL system
Phone number and online password in certification request are authenticated, and the phone number in the certification request and online password
When passing through certification, allow the mobile phone terminal access wlan network;
PORTAL system, for carrying out validation verification to the URL link in the access request;In response to the URL link
By validation verification, short message push platform is requested to authenticate the user identity Credential parameters in the URL link, and
When the user identity Credential parameters pass through authentication, the cell-phone number for the mobilephone terminal user that short message push platform returns is received
Code;According to the phone number, the online password of the mobilephone terminal user is obtained from RADIUS;And one certification of construction is asked
The BRAS is sought and be sent to, includes the phone number and online password of the mobilephone terminal user in the certification request;
RADIUS, for the WLAN business information of memory mobile phone terminal user, including WLAN type of service mark, WLAN business shape
State, phone number and online password;Online password corresponding with the phone number is provided to PORTAL system;And according to depositing
The WLAN business information of storage authenticates the phone number in the certification request and password of surfing the Internet, and returns to the BRAS
Authentication result.
26. system according to claim 25, which is characterized in that further include:
Mobile phone terminal, for initiating location-based position updating request, institute to MSC when entering wlan network overlay area
State the new cell information being currently entering in position updating request including mobile phone terminal;
MSC, for updating the location information of cell of the mobilephone terminal user according to the position updating request received;
Network management system, the location information of cell for the mobilephone terminal user described on monitoring MSC registration are updated, are looked into
The information for asking operator's WLAN hot spot data bank knows new cell deployment WLAN hot spot, then knows described used for mobile phone terminal
Family enters the WLAN hot spot overlay area of operator, sends a notification message to short message push platform, the notification message includes institute
State the phone number of mobilephone terminal user;
The short message pushes platform, is also used to call RADIUS interface, requests the industry of mobilephone terminal user described in radius authentication
Whether business state is normal and whether has WLAN service authority, and receives the verification result of RADIUS return;According to described
The verification result that RADIUS is returned executes if the service condition of the mobilephone terminal user is normal and has WLAN service authority
The operation for generating a URL link;
The RADIUS is also used to store the business state information of the mobilephone terminal user;And it is pushed according to the short message
It is whole to verify the mobile phone for the request of platform, the business state information and WLAN business information of the mobilephone terminal user based on storage
Whether the service condition of end subscriber is normal and whether has WLAN service authority, and receives the verification result of RADIUS return.
27. the system according to claim 25 or 26, which is characterized in that the short message push platform is specially claim
Short message described in 13 to 19 any one pushes platform;
The PORTAL system is specially the PORTAL system of WLAN described in claim 20 to 24 any one.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410418434.3A CN105357242B (en) | 2014-08-22 | 2014-08-22 | Access the method and system of WLAN, short message pushes platform, gate system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410418434.3A CN105357242B (en) | 2014-08-22 | 2014-08-22 | Access the method and system of WLAN, short message pushes platform, gate system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105357242A CN105357242A (en) | 2016-02-24 |
| CN105357242B true CN105357242B (en) | 2019-02-22 |
Family
ID=55333102
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410418434.3A Active CN105357242B (en) | 2014-08-22 | 2014-08-22 | Access the method and system of WLAN, short message pushes platform, gate system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105357242B (en) |
Families Citing this family (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108271152B (en) * | 2016-12-30 | 2021-01-15 | 中国电信股份有限公司 | WLAN authentication method, authentication platform and portal server |
| CN108334516B (en) * | 2017-01-20 | 2021-12-24 | 百度在线网络技术(北京)有限公司 | Information pushing method and device |
| CN106657154B (en) * | 2017-02-07 | 2021-05-18 | 中国联合网络通信集团有限公司 | Wireless access method, system, WiFi platform and operator number taking platform |
| CN106878032B (en) * | 2017-02-21 | 2020-02-11 | 新华三技术有限公司 | Authentication method and device |
| WO2019199282A1 (en) * | 2018-04-10 | 2019-10-17 | Visa International Service Association | Deep link authentication |
| CN108601060A (en) * | 2018-07-27 | 2018-09-28 | 努比亚技术有限公司 | Configuration method, mobile terminal and the storage medium of wireless network connection |
| CN110830413B (en) * | 2018-08-07 | 2023-09-26 | 京东科技控股股份有限公司 | Communication method, client, server, communication device and system |
| CN109246094B (en) * | 2018-08-27 | 2021-03-19 | 中国联合网络通信集团有限公司 | User terminal verification method, device and storage medium |
| CN110519405A (en) * | 2019-08-07 | 2019-11-29 | 彩讯科技股份有限公司 | A kind of short chain address operation access method, device, equipment and storage medium |
| CN113038399A (en) * | 2021-04-14 | 2021-06-25 | 广州讯鸿网络技术有限公司 | Method, electronic device and storage medium for quickly verifying user identity through 5G message |
| CN114039754B (en) * | 2021-10-28 | 2023-07-18 | 中国联合网络通信集团有限公司 | Security verification method and device |
| EP4231586A1 (en) * | 2022-02-16 | 2023-08-23 | Volvo Truck Corporation | A computer-implemented method for connecting a vehicle to a wireless local network of a workshop |
| CN114567902B (en) * | 2022-03-10 | 2023-12-08 | 北京中广瑞波科技股份有限公司 | Real network test system of user identity module |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1567859A (en) * | 2003-06-23 | 2005-01-19 | 华为技术有限公司 | A method of access authentication for WLAN |
| CN101662771A (en) * | 2009-10-14 | 2010-03-03 | 中国电信股份有限公司 | Method for realizing automatic certification of wireless access short message and system thereof |
| CN103701760A (en) * | 2012-09-28 | 2014-04-02 | 中国电信股份有限公司 | Wireless LAN (Local Area Network) Portal authentication method and system and Portal server |
| CN103812653A (en) * | 2012-11-15 | 2014-05-21 | 中国电信股份有限公司 | Method and system for automatically acquiring account information accessed into wireless network |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP4579742B2 (en) * | 2005-03-30 | 2010-11-10 | キヤノン株式会社 | Wireless terminal device, wireless communication method, and computer program |
-
2014
- 2014-08-22 CN CN201410418434.3A patent/CN105357242B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1567859A (en) * | 2003-06-23 | 2005-01-19 | 华为技术有限公司 | A method of access authentication for WLAN |
| CN101662771A (en) * | 2009-10-14 | 2010-03-03 | 中国电信股份有限公司 | Method for realizing automatic certification of wireless access short message and system thereof |
| CN103701760A (en) * | 2012-09-28 | 2014-04-02 | 中国电信股份有限公司 | Wireless LAN (Local Area Network) Portal authentication method and system and Portal server |
| CN103812653A (en) * | 2012-11-15 | 2014-05-21 | 中国电信股份有限公司 | Method and system for automatically acquiring account information accessed into wireless network |
Non-Patent Citations (2)
| Title |
|---|
| 基于WLAN 接入的DHCP+Web 认证关键技术分析;高波等;《电信科学》;20080515;32-36 |
| 用动态主机配置协议扩展字段的宽带接入认证;郑东栋等;《江苏通信》;20121015;48-49 |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105357242A (en) | 2016-02-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105357242B (en) | Access the method and system of WLAN, short message pushes platform, gate system | |
| US8386773B2 (en) | Verification methods and apparatus for use in providing application services to mobile communication devices | |
| JP4722056B2 (en) | Method and apparatus for personalization and identity management | |
| CN103597799B (en) | service access authentication method and system | |
| CN108476223B (en) | Method and apparatus for SIM-based authentication of non-SIM devices | |
| JP6411629B2 (en) | Terminal authentication method and apparatus used in mobile communication system | |
| AU2009350015A1 (en) | Hotspot network access system and method | |
| CN110213223A (en) | Business management method, device, system, computer equipment and storage medium | |
| CN102202306A (en) | Mobile security authentication terminal and method | |
| CN102217280A (en) | Method, system, and server for user service authentication | |
| CN107113613A (en) | Server, mobile terminal, real-name network authentication system and method | |
| US10230721B2 (en) | Authentication server, authentication system and method | |
| CN102420808B (en) | Method for realizing single signon on telecom on-line business hall | |
| CN101583102A (en) | Method for realizing one-time pad through wireless broadband access short message mode | |
| CN102299924A (en) | Information interaction and authentication methods between RADIUS server and 8.2.1x client and RADIUS system | |
| CN101969426B (en) | Distributed user authentication system and method | |
| CA2687020C (en) | Verification methods and apparatus for use in providing application services to mobile communication devices | |
| US20210090087A1 (en) | Methods for access point systems and payment systems therefor | |
| GB2547231A (en) | Apparatus, method and computer program product for use in authenticating a user | |
| JP4914725B2 (en) | Authentication system, authentication program | |
| CN113784354A (en) | Request conversion method and device based on gateway | |
| Su et al. | Research of single sign-on in mobile RFID middleware based on dynamic tokens and WMMP | |
| US11968531B2 (en) | Token, particularly OTP, based authentication system and method | |
| EP4109945A1 (en) | Token, particularly otp, based authentication system and method | |
| CN109962897A (en) | A kind of open platform certification, access method and its system based on two-dimensional code scanning |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |