CN105491093A - Terminal authentication method, network access methods, server, wireless access point and terminal - Google Patents
Terminal authentication method, network access methods, server, wireless access point and terminal Download PDFInfo
- Publication number
- CN105491093A CN105491093A CN201410484523.8A CN201410484523A CN105491093A CN 105491093 A CN105491093 A CN 105491093A CN 201410484523 A CN201410484523 A CN 201410484523A CN 105491093 A CN105491093 A CN 105491093A
- Authority
- CN
- China
- Prior art keywords
- terminal
- access point
- wap
- wireless access
- key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The invention provides a terminal authentication method, network access methods, a server, a wireless access point and a terminal. The terminal authentication method is applied to a cloud server and comprises the steps that the cloud server allocates a secret key used for access authentication of a plurality of wireless access points for the terminal, wherein the plurality of wireless access points are in a heterogeneous network; and the cloud server delivers the secret key to the terminal and the plurality of wireless access points, so as to enable the wireless access points to perform access authentication on the terminal according to the secret key of the terminal delivered by the cloud server and a secret key uploaded by the terminal. According to the method, the wireless access points of different network technologies of different operators are included in the cloud serverfor unified management, the cloud server forms a service secret key and delivers the service secret key to the terminal in a unified way, and secret key information is delivered to each wireless access point through a security channel, so as to perform user access authentication, so that every wireless access point included in and managed by the cloud server is not authenticated repeatedly by the terminal and can be used directly, thereby greatly improving the user service experience.
Description
Technical field
The present invention relates to communication network service technical field, a kind of method of particularly terminal authentication, access to netwoks, server, WAP (wireless access point) and terminal.
Background technology
At present, user is mainly contained by the mode of mobile (wireless) accessing terminal to network:
1) access mode of WiFi network: input authentication cipher key access network; Or login page certification portal, inputs user name, cryptographic acess network.
2) 2G/3G/4G cellular network: built-in SIM card, the authentication process following 3GPP standard is accessed and uses network.
The method of above-mentioned accesses network exists following not enough:
For the WiFi network of ownership different operators, need to re-start Web vector graphic request, the information such as user key, usemame/password that obtains logs in again, when moving to outside current WiFi coverage, need to search new wireless access way, and re-execute authentication operation, to continue accesses network.
When heterogeneous network coexists, user needs the available Radio Access Network (as WiFi, 3G, 4G etc.) understanding current location existence, then according to the concrete condition of oneself terminal (as, whether possess the rights of using of this network of access, how to obtain the necessary authentication information of this network of use etc.), manual mode interconnection network, brings great inconvenience to user.
Summary of the invention
The object of the present invention is to provide a kind of terminal authentication, the method for access to netwoks, server, WAP (wireless access point) and terminal, user is under any type of network, network tariff information according to network push carries out Web vector graphic, without the need to repeating certification, without the need to the input of duplicate customer name and password and register, greatly improving user network experience.
In order to achieve the above object, the embodiment of the present invention provides a kind of method of terminal authentication, is applied to cloud server, comprising:
Described cloud server is the key that terminal distribution can be used in multiple WAP (wireless access point) access authentication; Wherein, in the heterogeneous network that described multiple WAP (wireless access point) is in;
Described delivering key is given described terminal and described multiple WAP (wireless access point) by described cloud server, and the double secret key terminal that the key of the described terminal that described WAP (wireless access point) is issued based on described cloud server and terminal are uploaded carries out access authentication.
Wherein, described cloud server is that the step that terminal distribution can be used in the key of multiple WAP (wireless access point) access authentication comprises:
The register of described cloud server response terminal, obtains the Termination ID of described terminal;
Described cloud server is the unique key that can be used in multiple WAP (wireless access point) access authentication of each terminal distribution according to described Termination ID.
Wherein, described delivering key comprises to the step of described terminal and described multiple WAP (wireless access point) by described cloud server:
Described cloud server is by the Termination ID of described terminal and the unique key corresponding with described Termination ID, preset passage by one and be handed down to described terminal and described multiple WAP (wireless access point), make described terminal and described multiple WAP (wireless access point) preserve the key of described Termination ID and correspondence respectively.
The above embodiment of the present invention also provides a kind of access method of heterogeneous network, is applied to WAP (wireless access point), comprising:
Described WAP (wireless access point) receives the key for multiple WAP (wireless access point) access authentication of the terminal that cloud server issues;
The access network request of described WAP (wireless access point) response terminal, utilize terminal described in described double secret key to carry out access authentication, the terminal that certification is passed through conducts interviews to described WAP (wireless access point).
Wherein, the access network request of described WAP (wireless access point) response terminal, utilize terminal described in described double secret key to carry out access authentication, the terminal that certification is passed through comprises the step that described WAP (wireless access point) carries out access to netwoks:
The pre-access request that multiple WAP (wireless access point) sends according to terminal, pushes the access information corresponding with the network service of this WAP (wireless access point) to described terminal;
The access information that described WAP (wireless access point) is selected according to described terminal, determines object access point;
Described object access point utilizes terminal described in described double secret key to carry out access authentication, and the terminal that certification is passed through carries out access to netwoks to described object access point.
Wherein, the step that described object access point utilizes terminal described in described double secret key to carry out access authentication comprises:
Described object access point receives the Termination ID being stored in terminal local and the key corresponding with described Termination ID that described terminal uploads;
Described object access point, according to the Termination ID of described terminal, obtains the key of the described terminal that the described cloud server corresponding with described Termination ID issues;
Described object access point is according to described Termination ID, the key of described terminal issued by the described cloud server corresponding with described Termination ID and the key of the described terminal local of reception contrast, if the key that described cloud server issues and the key agreement that described terminal is uploaded, then certification is passed through.
Wherein, the access information that the network service of described WAP (wireless access point) is corresponding is tariff information.
The embodiment of the present invention also provides a kind of access method of heterogeneous network, is applied to terminal, comprising:
Described terminal receives the key that can be used in multiple WAP (wireless access point) access authentication that cloud server issues, and wherein, described multiple WAP (wireless access point) is in heterogeneous network;
Described terminal is according to the accessible network in the described heterogeneous network detected, the WAP (wireless access point) corresponding to described accessible network sends access network request, described in the double secret key of the described terminal making described WAP (wireless access point) that described cloud server can be utilized to issue, terminal carries out access authentication, and the terminal that certification is passed through conducts interviews to described WAP (wireless access point).
Wherein, described terminal is according to the accessible network in the described heterogeneous network detected, the WAP (wireless access point) corresponding to described accessible network sends access network request, and the step that terminal described in the double secret key of the described terminal making described WAP (wireless access point) that described cloud server can be utilized to issue carries out access authentication comprises:
Described terminal is according to the accessible network in the described heterogeneous network detected, the WAP (wireless access point) corresponding to described accessible network sends pre-access request;
The access information corresponding with the network service of this WAP (wireless access point) that described terminal pushes according to described WAP (wireless access point), selects an access information, makes described WAP (wireless access point) respond described access information determination object access point;
Described terminal uploads the Termination ID and the key corresponding with described Termination ID that are stored in terminal local to described object access point, the double secret key terminal corresponding with described Termination ID that the key corresponding with described Termination ID that described WAP (wireless access point) is issued based on described cloud server and terminal are uploaded carries out access authentication.
The embodiment of the present invention also provides a kind of cloud server, comprising:
Distribution module, for can be used in the key of multiple WAP (wireless access point) access authentication for terminal distribution; Wherein, described multiple WAP (wireless access point) is in heterogeneous network;
Issue module, for giving described terminal and described multiple WAP (wireless access point) by described delivering key, the double secret key terminal that the key of the described terminal that described WAP (wireless access point) is issued based on described cloud server and terminal are uploaded carries out access authentication.
Wherein, described distribution module comprises:
Acquisition module, for the register of response terminal, obtains the Termination ID of described terminal;
Distribution sub module, for according to described Termination ID being the unique key that can be used in multiple WAP (wireless access point) access authentication of each terminal distribution.
Wherein, issue module described in comprise:
Issue submodule, for by the Termination ID of described terminal and the unique key corresponding with described Termination ID, preset passage by one and be handed down to described terminal and described multiple WAP (wireless access point), make described terminal and described multiple WAP (wireless access point) preserve the key of described Termination ID and correspondence respectively.
The embodiment of the present invention also provides a kind of WAP (wireless access point), comprising:
First receiver module, for receiving the key for multiple WAP (wireless access point) access authentication of the terminal that cloud server issues;
First authentication module, for the access network request of response terminal, utilize terminal described in described double secret key to carry out access authentication, the terminal that certification is passed through conducts interviews to described WAP (wireless access point).
Wherein, described first authentication module comprises:
Pushing module, for the pre-access request sent according to terminal, pushes the access information corresponding with the network service of this WAP (wireless access point) to described terminal;
Determination module, for the access information selected according to described terminal, determines object access point;
First authentication sub module, utilize terminal described in described double secret key to carry out access authentication for described object access point, the terminal that certification is passed through carries out access to netwoks to described object access point.
Wherein, described first authentication sub module comprises:
Receiving element, receives for described object access point the Termination ID being stored in terminal local and the key corresponding with described Termination ID that described terminal uploads;
Acquiring unit, for described object access point according to the Termination ID of described terminal, obtains the key of the described terminal that the described cloud server corresponding with described Termination ID issues;
Authentication ' unit, for described object access point according to described Termination ID, the key of described terminal issued by the described cloud server corresponding with described Termination ID and the key of the described terminal local of reception contrast, if the key that described cloud server issues and the key agreement that described terminal is uploaded, then certification is passed through.
The embodiment of the present invention also provides a kind of terminal, comprising:
Second receiver module, for receiving the key that can be used in multiple WAP (wireless access point) access authentication that cloud server issues, wherein, described multiple WAP (wireless access point) is in heterogeneous network;
Second authentication module, for the accessible network in the described heterogeneous network that basis detects, the WAP (wireless access point) corresponding to described accessible network sends access network request, described in the double secret key of the described terminal making described WAP (wireless access point) that described cloud server can be utilized to issue, terminal carries out access authentication, and the terminal that certification is passed through conducts interviews to described WAP (wireless access point).
Wherein, described second authentication module comprises:
Sending module, for according to the accessible network in the described heterogeneous network detected, to the WAP (wireless access point) transmission pre-access request that described accessible network is corresponding;
Select module, for the access information corresponding with the network service of this WAP (wireless access point) pushed according to described WAP (wireless access point), select an access information, make described WAP (wireless access point) respond described access information determination object access point;
Upper transmission module, for uploading the Termination ID and the key corresponding with described Termination ID that are stored in terminal local to described object access point, the double secret key terminal corresponding with described Termination ID that the key corresponding with described Termination ID that described WAP (wireless access point) is issued based on described cloud server and terminal are uploaded carries out access authentication.
Technique scheme of the present invention at least has following beneficial effect:
In the access method of the heterogeneous network of the embodiment of the present invention, cloud server unified management is all included in by the WAP (wireless access point) of the heterogeneous networks technology standard by different operators, the unified service key that formed of cloud server is to terminal, and issue key information to each WAP (wireless access point) by escape way, carry out access authentication of user; Make every WAP (wireless access point) including cloud service management in, terminal, all without the need to repeating certification, can directly use, and greatly improves customer service and experiences.
Accompanying drawing explanation
Fig. 1 represents the basic step schematic diagram of the method for terminal authentication in the embodiment of the present invention;
Fig. 2 represents the basic step schematic diagram of the access method of heterogeneous network in the embodiment of the present invention in WAP (wireless access point) side;
Fig. 3 represents the basic step schematic diagram of the access method of heterogeneous network in the embodiment of the present invention in end side
Fig. 4 represents the concrete implementation step flow chart of the access method of heterogeneous network in the embodiment of the present invention;
Fig. 5 represents the composition structural representation of cloud server in the embodiment of the present invention;
Fig. 6 represents the composition structural representation of WAP (wireless access point) in the embodiment of the present invention;
Fig. 7 represents the composition structural representation of terminal in the embodiment of the present invention.
Embodiment
For making the technical problem to be solved in the present invention, technical scheme and advantage clearly, be described in detail below in conjunction with the accompanying drawings and the specific embodiments.
The present invention is directed in prior art the network belonging to different operators, need to re-start Web vector graphic request, again the problem bringing inconvenience greatly to user is logged in, there is provided in a kind of access method of heterogeneous network, the same management of cloud server is all included in by the WAP (wireless access point) of the heterogeneous networks technology standard by different operators, the same formation service key of cloud server to terminal, and issues key information to each WAP (wireless access point) by escape way, carries out access authentication of user; Make every WAP (wireless access point) including cloud service management in, terminal, all without the need to repeating certification, can directly use, and greatly improves customer service and experiences.
As shown in Figure 1, the embodiment of the present invention provides a kind of method of terminal authentication, is applied to a cloud server, comprises:
Step 10, described cloud server is the key that terminal distribution can be used in multiple WAP (wireless access point) access authentication; Wherein, described multiple WAP (wireless access point) is in heterogeneous network;
Step 11, described delivering key is given described terminal and described multiple WAP (wireless access point) by described cloud server, and the double secret key terminal that the key of the described terminal that described WAP (wireless access point) is issued based on described cloud server and terminal are uploaded carries out access authentication.
In the above embodiment of the present invention, the WAP (wireless access point) of the heterogeneous networks technology standard of the same management different operators of described cloud server, as the AP etc. of the base station of the 2G cellular network of movement/UNICOM/telecommunications, the base station of the 3G of movement/UNICOM/telecommunications, the base station of the 4G cellular network of movement/UNICOM/telecommunications or the WiFi network of movement/UNICOM/telecommunications.So-called heterogeneous network refers to that two or more wireless communication systems have employed different access technologies, or adopts identical wireless access technology but belong to multiple networks of different cellular carriers.The setting of this cloud server can WAP (wireless access point) in unified management heterogeneous network, facilitates the management of heterogeneous networks.
Concrete, in step 10 and step 11, based on the unified management of cloud server, integrated and the authentication mechanism of unified various heterogeneous wireless network, forms unified certification key, for customer access network, without the need to repeatedly handover network or logging in network, improve Consumer's Experience.
In the above embodiment of the present invention, step 10 comprises:
Step 101, the register of described cloud server response terminal, obtains the Termination ID of described terminal;
Step 102, described cloud server is the unique key that can be used in multiple WAP (wireless access point) access authentication of each terminal distribution according to described Termination ID.
Concrete, each terminal all has a unique Termination ID, then, in embody rule of the present invention, according to the key that Termination ID gives each terminal distribution unique, then the key that each Termination ID is corresponding unique, ensure that uniqueness and the fail safe of key; This key is used for multiple WAP (wireless access point) and carries out access authentication to described terminal.Wherein, this key arranges rule to be not described in detail at this, and all keys that can reach authentication requesting are all applicable in embodiments of the present invention.
In the above embodiment of the present invention, step 11 comprises:
Step 111, described cloud server is by the Termination ID of described terminal and the unique key corresponding with described Termination ID, preset passage by one and be handed down to described terminal and described multiple WAP (wireless access point), make described terminal and described multiple WAP (wireless access point) preserve the key of described Termination ID and correspondence respectively.
In the embodiment of the present invention, Termination ID and unique delivering key corresponding to this Termination ID are referred to the escape way communicated between cloud server with terminal to default passage during terminal by cloud server; Termination ID and unique delivering key corresponding to this Termination ID refer to the escape way communicated between cloud server with WAP (wireless access point) to default passage during multiple WAP (wireless access point) by cloud server; In embody rule of the present invention, user terminal is set up by a default client and cloud server and is contacted, simultaneously because terminal is originally with regard in store Termination ID, then cloud server is under terminal during photos and sending messages, can only issue the key corresponding with Termination ID, terminal preserves this key in this locality, because terminal only has a Termination ID, then only there is a terminal key, namely Termination ID and described key are one-to-one relationship.
Concrete, be preserve in pairs when described WAP (wireless access point) preserves described Termination ID and key corresponding to this Termination ID, the key that namely a Termination ID is corresponding unique; Because a WAP (wireless access point) can access multiple terminal, then must preserve the Termination ID of multiple terminal and the key corresponding with this Termination ID, for the ease of management, a memory headroom can be reserved in WAP (wireless access point), the Termination ID of multiple terminal and the key corresponding with this Termination ID are formed cipher key store, be stored in its reserved memory headroom, be convenient to subsequent calls.
In order to better realize above-mentioned purpose, as shown in Figure 2, the embodiment of the present invention also provides a kind of access method of heterogeneous network, is applied to WAP (wireless access point), comprising:
Step 20, described WAP (wireless access point) receives the key for multiple WAP (wireless access point) access authentication of the terminal that cloud server issues;
Step 21, the access network request of described WAP (wireless access point) response terminal, utilize terminal described in described double secret key to carry out access authentication, the terminal that certification is passed through conducts interviews to described WAP (wireless access point).
In the above embodiment of the present invention, the key of multiple terminals that cloud server issues in step 20, wherein the plurality of terminal specifically refers to be provided with the client that communicates with described cloud server and terminal in logging status, the access method of heterogeneous network provided by the invention is applicable to all terminals being provided with above-mentioned client, and applicability is wide.
In the above embodiment of the present invention, step 21 comprises:
Step 211, the pre-access request that multiple WAP (wireless access point) sends according to terminal, pushes the access information corresponding with the network service of this WAP (wireless access point) to described terminal;
Step 212, the access information that described WAP (wireless access point) is selected according to described terminal, determines object access point;
Step 213, described object access point utilizes terminal described in described double secret key to carry out access authentication, and the terminal that certification is passed through carries out access to netwoks to described object access point.
In the embodiment of the present invention, the pre-access request that multiple WAP (wireless access point) sends according to terminal, the access information corresponding with the network service of this WAP (wireless access point) is pushed to described terminal, as expenses standard information etc., the WAP (wireless access point) that the tariff information that user terminal selecting oneself needs is corresponding, i.e. object access point, then subsequent step 213 is by the access authentication of the complete paired terminal of object access point, the terminal that certification is passed through carries out access to netwoks to described object access point, simultaneously when this terminal to select same object access point next time without the need to again carrying out authentication, direct addressable network, substantially increase Consumer's Experience.
Concrete, in the above embodiment of the present invention, step 213 comprises:
Step 2131, described object access point receives the Termination ID being stored in terminal local and the key corresponding with described Termination ID that described terminal uploads;
Step 2132, described object access point, according to the Termination ID of described terminal, obtains the key of the described terminal that the described cloud server corresponding with described Termination ID issues;
Step 2133, described object access point is according to described Termination ID, the key of described terminal issued by the described cloud server corresponding with described Termination ID and the key of the described terminal local of reception contrast, if the key that described cloud server issues and the key agreement that described terminal is uploaded, then certification is passed through.
In the embodiment of the present invention, step 2131 to step 2133 specifically describes object access point and utilizes terminal key to carry out the process of access authentication to terminal; Have due to a Termination ID and only have a key, if the then key agreement uploaded of the key that issues of described cloud server and described terminal, then certification is passed through; Otherwise certification is not passed through, forbid that its terminal carries out access to netwoks to this WAP (wireless access point).
In order to better realize above-mentioned purpose, as shown in Figure 3, the embodiment of the present invention also provides a kind of access method of heterogeneous network, is applied to a terminal, comprises:
Step 30, described terminal receives the key that can be used in multiple WAP (wireless access point) access authentication that a cloud server issues, and wherein, described multiple WAP (wireless access point) is in heterogeneous network;
Step 31, described terminal is according to the accessible network in the described heterogeneous network detected, the WAP (wireless access point) corresponding to described accessible network sends access network request, described in the double secret key of the described terminal making described WAP (wireless access point) that described cloud server can be utilized to issue, terminal carries out access authentication, and the terminal that certification is passed through conducts interviews to described WAP (wireless access point).
In the above embodiment of the present invention, terminal described in step 30 preserves the key that for multiple WAP (wireless access point) this terminal carried out to access authentication corresponding with this terminal in this locality; In step 31, terminal first need detect the accessible network in described heterogeneous network, such as heterogeneous network comprises 3G and the 4G network of movement, 3G and the 4G network of UNICOM, one terminal is mobile subscriber, then in this heterogeneous network, the accessible network of terminal is 3G and the 4G network of movement.A terminal can support multiple network formats form simultaneously, in this citing that differs.Terminal sends access network request, then WAP (wireless access point) carries out access authentication based on described double secret key terminal, and the terminal that certification is passed through conducts interviews to described WAP (wireless access point).
In the above embodiment of the present invention, step 31 comprises:
Step 311, described terminal is according to the accessible network in the described heterogeneous network detected, the WAP (wireless access point) corresponding to described accessible network sends pre-access request;
Step 312, described terminal responds the access information corresponding with the network service of this WAP (wireless access point) of described pre-access request propelling movement according to described WAP (wireless access point), select an access information, make described WAP (wireless access point) respond described access information determination object access point;
Step 313, described terminal uploads the Termination ID and the key corresponding with described Termination ID that are stored in terminal local to described object access point, the double secret key terminal corresponding with described Termination ID that the key corresponding with described Termination ID that described WAP (wireless access point) is issued based on described cloud server and terminal are uploaded carries out access authentication.
In the embodiment of the present invention, terminal sends pre-access request to the WAP (wireless access point) that accessible network is corresponding, described WAP (wireless access point) responds described pre-access request pushes access information from network service to described terminal, this access information specifically refers to the tariff information of this network, terminal selects corresponding rate, WAP (wireless access point) determination object access point; Then step 313 is the information interaction between terminal and object access point, namely terminal sends to object access point and is stored in the Termination ID of terminal local and the key of correspondence, and the double secret key terminal corresponding with described Termination ID that the key corresponding with described Termination ID that described WAP (wireless access point) is issued based on described cloud server and terminal are uploaded carries out access authentication; Its concrete verification process is described in detail in wireless connections point side, in this no longer repeated description.
Below in conjunction with Fig. 4, the access method of the heterogeneous network of the embodiment of the present invention is described specifically:
Step s1: first user terminal installs client, and log in cloud server;
Step s2: this user terminal of cloud server record ID, and distribute key to user terminal;
Step s3: user terminal preserves this key in this locality;
Step s4: this key is also kept at cloud server simultaneously;
Step s5: key is published to each WAP (wireless access point) by escape way by cloud server;
Step s6: each WAP (wireless access point), preserves and forms the cipher key store of each equipment;
Step s7: user terminal wireless front end finds accessible network, and sends pre-access request;
Step s8: wireless network propelling movement (also initiating by cloud server) network service access information (e.g., expenses standard etc.);
Step s9: user terminal selecting also confirms rate, sends access network request;
Step s10: wireless network side, based on cipher key store, carries out certification to user, and starts charging;
Step s11: user uses network, and in the wireless device of all ownership cloud service management, without the need to reminding user access again, till new WAP (wireless access point) or rate variation occur.
In order to better realize above-mentioned purpose, as shown in Figure 5, the embodiment of the present invention also provides a kind of cloud server, comprising:
Distribution module 50, for can be used in the key of multiple WAP (wireless access point) access authentication for terminal distribution; Wherein, in the heterogeneous network that described multiple WAP (wireless access point) is in;
Issue module 51, for giving described terminal and described multiple WAP (wireless access point) by described delivering key, the double secret key terminal that the key of the described terminal that described WAP (wireless access point) is issued based on described cloud server and terminal are uploaded carries out access authentication.
In the above embodiment of the present invention, described distribution module 50 comprises:
Acquisition module, for the register of response terminal, obtains the Termination ID of described terminal;
Distribution sub module, for according to described Termination ID being the unique key that can be used in multiple WAP (wireless access point) access authentication of each terminal distribution.
In the above embodiment of the present invention, described in issue module 51 and comprise:
Issue submodule, for by the Termination ID of described terminal and the unique key corresponding with described Termination ID, preset passage by one and be handed down to described terminal and described multiple WAP (wireless access point), make described terminal and described multiple WAP (wireless access point) preserve the key of described Termination ID and correspondence respectively.
The cloud server that the embodiment of the present invention provides is the cloud server corresponding with the method for above-mentioned terminal authentication, then all embodiments of the method for above-mentioned terminal authentication and beneficial effect thereof are all applicable to this cloud server.
In order to better realize above-mentioned purpose, as shown in Figure 6, the embodiment of the present invention also provides a kind of WAP (wireless access point), comprising:
First receiver module 60, for receiving the key for multiple WAP (wireless access point) access authentication of the terminal that cloud server issues;
First authentication module 61, for the access network request of response terminal, utilize terminal described in described double secret key to carry out access authentication, the terminal that certification is passed through conducts interviews to described WAP (wireless access point).
In the above embodiment of the present invention, described first authentication module 61 comprises:
Pushing module, for the pre-access request sent according to terminal, pushes the access information corresponding with the network service of this WAP (wireless access point) to described terminal;
Determination module, for the access information selected according to described terminal, determines object access point;
First authentication sub module, utilize terminal described in described double secret key to carry out access authentication for described object access point, the terminal that certification is passed through carries out access to netwoks to described object access point.
In the above embodiment of the present invention, described first authentication sub module comprises:
Receiving element, receives for described object access point the Termination ID being stored in terminal local and the key corresponding with described Termination ID that described terminal uploads;
Acquiring unit, for described object access point according to the Termination ID of described terminal, obtains the key of the described terminal that the described cloud server corresponding with described Termination ID issues;
Authentication ' unit, for described object access point according to described Termination ID, the key of described terminal issued by the described cloud server corresponding with described Termination ID and the key of the described terminal local of reception contrast, if the key that described cloud server issues and the key agreement that described terminal is uploaded, then certification is passed through.
The WAP (wireless access point) that the embodiment of the present invention provides is the WAP (wireless access point) corresponding with the access method of above-mentioned heterogeneous network, then all embodiments of the access method of above-mentioned heterogeneous network and beneficial effect thereof are all applicable to this WAP (wireless access point).
In order to better realize above-mentioned purpose, as shown in Figure 7, the embodiment of the present invention also provides a kind of terminal,
Comprise:
Second receiver module 70, for receiving the key that can be used in multiple WAP (wireless access point) access authentication that a cloud server issues, wherein, described multiple WAP (wireless access point) is in heterogeneous network;
Second authentication module 71, for the accessible network in the described heterogeneous network that basis detects, the WAP (wireless access point) corresponding to described accessible network sends access network request, described in the double secret key of the described terminal making described WAP (wireless access point) that described cloud server can be utilized to issue, terminal carries out access authentication, and the terminal that certification is passed through conducts interviews to described WAP (wireless access point).
In the above embodiment of the present invention, described second authentication module 71 comprises:
Sending module, for according to the accessible network in the described heterogeneous network detected, to the WAP (wireless access point) transmission pre-access request that described accessible network is corresponding;
Select module, for the access information corresponding with the network service of this WAP (wireless access point) pushed according to described WAP (wireless access point), select an access information, make described WAP (wireless access point) respond described access information determination object access point;
Upper transmission module, for uploading the Termination ID and the key corresponding with described Termination ID that are stored in terminal local to described object access point, the double secret key terminal corresponding with described Termination ID that the key corresponding with described Termination ID that described WAP (wireless access point) is issued based on described cloud server and terminal are uploaded carries out access authentication.
In the access method of the heterogeneous network of the embodiment of the present invention, the same management of cloud server is all included in by the WAP (wireless access point) of the heterogeneous networks technology standard by different operators, the same formation service key of cloud server is to terminal, and issue key information to each WAP (wireless access point) by escape way, carry out access authentication of user; Make every WAP (wireless access point) including cloud service management in, terminal, all without the need to repeating certification, can directly use, and greatly improves customer service and experiences.
The terminal that the embodiment of the present invention provides is the terminal corresponding with the access method of above-mentioned heterogeneous network, then all embodiments of the access method of above-mentioned heterogeneous network and beneficial effect thereof are all applicable to this terminal.
The above is the preferred embodiment of the present invention; it should be pointed out that for those skilled in the art, under the prerequisite not departing from principle of the present invention; can also make some improvements and modifications, these improvements and modifications also should be considered as protection scope of the present invention.
Claims (17)
1. a method for terminal authentication, is applied to cloud server, it is characterized in that, comprising:
Described cloud server is the key that terminal distribution can be used in multiple WAP (wireless access point) access authentication; Wherein, described multiple WAP (wireless access point) is in heterogeneous network;
Described delivering key is given described terminal and described multiple WAP (wireless access point) by described cloud server, and the double secret key terminal that the key of the described terminal that described WAP (wireless access point) is issued based on described cloud server and terminal are uploaded carries out access authentication.
2. the method for terminal authentication according to claim 1, is characterized in that, described cloud server is that the step that terminal distribution can be used in the key of multiple WAP (wireless access point) access authentication comprises:
The register of described cloud server response terminal, obtains the Termination ID of described terminal;
Described cloud server is the unique key that can be used in multiple WAP (wireless access point) access authentication of each terminal distribution according to described Termination ID.
3. the method for terminal authentication according to claim 2, is characterized in that, described delivering key comprises to the step of described terminal and described multiple WAP (wireless access point) by described cloud server:
Described cloud server is by the Termination ID of described terminal and the unique key corresponding with described Termination ID, preset passage by one and be handed down to described terminal and described multiple WAP (wireless access point), make described terminal and described multiple WAP (wireless access point) preserve the key of described Termination ID and correspondence respectively.
4. an access method for heterogeneous network, is applied to WAP (wireless access point), it is characterized in that, comprising:
Described WAP (wireless access point) receives the key for multiple WAP (wireless access point) access authentication of the terminal that cloud server issues;
The access network request of described WAP (wireless access point) response terminal, utilize terminal described in described double secret key to carry out access authentication, the terminal that certification is passed through conducts interviews to described WAP (wireless access point).
5. the access method of heterogeneous network according to claim 4, it is characterized in that, the access network request of described WAP (wireless access point) response terminal, utilize terminal described in described double secret key to carry out access authentication, the terminal that certification is passed through comprises the step that described WAP (wireless access point) carries out access to netwoks:
The pre-access request that multiple WAP (wireless access point) sends according to terminal, pushes the access information corresponding with the network service of this WAP (wireless access point) to described terminal;
The access information that described WAP (wireless access point) is selected according to described terminal, determines object access point;
Described object access point utilizes terminal described in described double secret key to carry out access authentication, and the terminal that certification is passed through carries out access to netwoks to described object access point.
6. the access method of heterogeneous network according to claim 5, is characterized in that, the step that described object access point utilizes terminal described in described double secret key to carry out access authentication comprises:
Described object access point receives the Termination ID being stored in terminal local and the key corresponding with described Termination ID that described terminal uploads;
Described object access point, according to the Termination ID of described terminal, obtains the key of the described terminal that the described cloud server corresponding with described Termination ID issues;
Described object access point is according to described Termination ID, the key of described terminal issued by the described cloud server corresponding with described Termination ID and the key of the described terminal local of reception contrast, if the key that described cloud server issues and the key agreement that described terminal is uploaded, then certification is passed through.
7. the access method of heterogeneous network according to claim 5, is characterized in that, the access information that the network service of described WAP (wireless access point) is corresponding is tariff information.
8. an access method for heterogeneous network, is applied to terminal, it is characterized in that, comprising:
Described terminal receives the key that can be used in multiple WAP (wireless access point) access authentication that cloud server issues, and wherein, described multiple WAP (wireless access point) is in heterogeneous network;
Described terminal is according to the accessible network in the described heterogeneous network detected, the WAP (wireless access point) corresponding to described accessible network sends access network request, described in the double secret key of the described terminal making described WAP (wireless access point) that described cloud server can be utilized to issue, terminal carries out access authentication, and the terminal that certification is passed through conducts interviews to described WAP (wireless access point).
9. the authentication method of terminal according to claim 8, it is characterized in that, described terminal is according to the accessible network in the described heterogeneous network detected, the WAP (wireless access point) corresponding to described accessible network sends access network request, and the step that terminal described in the double secret key of the described terminal making described WAP (wireless access point) that described cloud server can be utilized to issue carries out access authentication comprises:
Described terminal is according to the accessible network in the described heterogeneous network detected, the WAP (wireless access point) corresponding to described accessible network sends pre-access request;
The access information corresponding with the network service of this WAP (wireless access point) that described terminal pushes according to described WAP (wireless access point), selects an access information, makes described WAP (wireless access point) respond described access information determination object access point;
Described terminal uploads the Termination ID and the key corresponding with described Termination ID that are stored in terminal local to described object access point, the double secret key terminal corresponding with described Termination ID that the key corresponding with described Termination ID that described WAP (wireless access point) is issued based on described cloud server and terminal are uploaded carries out access authentication.
10. a cloud server, is characterized in that, comprising:
Distribution module, for can be used in the key of multiple WAP (wireless access point) access authentication for terminal distribution; Wherein, described multiple WAP (wireless access point) is in heterogeneous network;
Issue module, for giving described terminal and described multiple WAP (wireless access point) by described delivering key, the double secret key terminal that the key of the described terminal that described WAP (wireless access point) is issued based on described cloud server and terminal are uploaded carries out access authentication.
11. cloud servers according to claim 10, is characterized in that, described distribution module comprises:
Acquisition module, for the register of response terminal, obtains the Termination ID of described terminal;
Distribution sub module, for according to described Termination ID being the unique key that can be used in multiple WAP (wireless access point) access authentication of each terminal distribution.
12. cloud servers according to claim 10, is characterized in that, described in issue module and comprise:
Issue submodule, for by the Termination ID of described terminal and the unique key corresponding with described Termination ID, preset passage by one and be handed down to described terminal and described multiple WAP (wireless access point), make described terminal and described multiple WAP (wireless access point) preserve the key of described Termination ID and correspondence respectively.
13. 1 kinds of WAP (wireless access point), is characterized in that, comprising:
First receiver module, for receiving the key for multiple WAP (wireless access point) access authentication of the terminal that cloud server issues;
First authentication module, for the access network request of response terminal, utilize terminal described in described double secret key to carry out access authentication, the terminal that certification is passed through conducts interviews to described WAP (wireless access point).
14. WAP (wireless access point) according to claim 13, is characterized in that, described first authentication module comprises:
Pushing module, for the pre-access request sent according to terminal, pushes the access information corresponding with the network service of this WAP (wireless access point) to described terminal;
Determination module, for the access information selected according to described terminal, determines object access point;
First authentication sub module, utilize terminal described in described double secret key to carry out access authentication for described object access point, the terminal that certification is passed through carries out access to netwoks to described object access point.
15. WAP (wireless access point) according to claim 14, is characterized in that, described first authentication sub module comprises:
Receiving element, receives for described object access point the Termination ID being stored in terminal local and the key corresponding with described Termination ID that described terminal uploads;
Acquiring unit, for described object access point according to the Termination ID of described terminal, obtains the key of the described terminal that the described cloud server corresponding with described Termination ID issues;
Authentication ' unit, for described object access point according to described Termination ID, the key of described terminal issued by the described cloud server corresponding with described Termination ID and the key of the described terminal local of reception contrast, if the key that described cloud server issues and the key agreement that described terminal is uploaded, then certification is passed through.
16. 1 kinds of terminals, is characterized in that, comprising:
Second receiver module, for receiving the key that can be used in multiple WAP (wireless access point) access authentication that cloud server issues, wherein, described multiple WAP (wireless access point) is in heterogeneous network;
Second authentication module, for the accessible network in the described heterogeneous network that basis detects, the WAP (wireless access point) corresponding to described accessible network sends access network request, described in the double secret key of the described terminal making described WAP (wireless access point) that described cloud server can be utilized to issue, terminal carries out access authentication, and the terminal that certification is passed through conducts interviews to described WAP (wireless access point).
17. terminals according to claim 16, is characterized in that, described second authentication module comprises:
Sending module, for according to the accessible network in the described heterogeneous network detected, to the WAP (wireless access point) transmission pre-access request that described accessible network is corresponding;
Select module, for the access information corresponding with the network service of this WAP (wireless access point) pushed according to described WAP (wireless access point), select an access information, make described WAP (wireless access point) respond described access information determination object access point;
Upper transmission module, for uploading the Termination ID and the key corresponding with described Termination ID that are stored in terminal local to described object access point, the double secret key terminal corresponding with described Termination ID that the key corresponding with described Termination ID that described WAP (wireless access point) is issued based on described cloud server and terminal are uploaded carries out access authentication.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410484523.8A CN105491093B (en) | 2014-09-19 | 2014-09-19 | Method, server, wireless access point and the terminal that terminal authentication, network access |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410484523.8A CN105491093B (en) | 2014-09-19 | 2014-09-19 | Method, server, wireless access point and the terminal that terminal authentication, network access |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105491093A true CN105491093A (en) | 2016-04-13 |
| CN105491093B CN105491093B (en) | 2019-06-25 |
Family
ID=55677803
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410484523.8A Active CN105491093B (en) | 2014-09-19 | 2014-09-19 | Method, server, wireless access point and the terminal that terminal authentication, network access |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105491093B (en) |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105915353A (en) * | 2016-04-15 | 2016-08-31 | 临沂神行通网络技术有限公司 | Commercial wifi advertisement marketing billing system and billing method thereof |
| CN106302552A (en) * | 2016-10-31 | 2017-01-04 | 四川安慧智城科技有限公司 | A kind of processing method that can effectively supervise router and system safety under large scale deployment |
| CN109728901A (en) * | 2017-10-31 | 2019-05-07 | 中国电信股份有限公司 | Digital signature authentication method, device and system |
| CN109819446A (en) * | 2019-03-14 | 2019-05-28 | 湖南大学 | The space access authentication method and software definition edge calculations system of mobile Internet of Things |
| CN110087330A (en) * | 2019-04-25 | 2019-08-02 | 新华三技术有限公司 | Wireless network connection method for building up, radio reception device and server |
| CN106685911B (en) * | 2016-07-29 | 2020-12-04 | 腾讯科技(深圳)有限公司 | Data processing method, authentication server and client |
| CN112399370A (en) * | 2019-08-02 | 2021-02-23 | 华为技术有限公司 | Internet of vehicles safety communication method |
| CN114040383A (en) * | 2021-11-25 | 2022-02-11 | 广东电网有限责任公司广州供电局 | WAPI (wireless LAN authentication and privacy infrastructure) secure network control method, device and equipment based on 5G node |
| WO2022127434A1 (en) * | 2020-12-15 | 2022-06-23 | 腾讯科技(深圳)有限公司 | Wireless local area network authentication method and apparatus, and electronic device and storage medium |
Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101568108A (en) * | 2008-04-21 | 2009-10-28 | 华为技术有限公司 | Switching method and equipment between heteroid systems |
| US20110090896A1 (en) * | 2009-10-15 | 2011-04-21 | Bob Bradley | Methods for synchronizing data in a network |
| CN102256251A (en) * | 2011-07-11 | 2011-11-23 | 上海天朗电子技术有限公司 | Wireless broadband mobile terminal access method |
| CN102685750A (en) * | 2012-06-12 | 2012-09-19 | 刘梦阳 | Method for accessing wireless network, equipment and wireless network system |
| US20130297990A1 (en) * | 2012-03-30 | 2013-11-07 | California Institute Of Technology | Distributed reed-solomon codes for simple multiple access networks |
| CN103402201A (en) * | 2013-08-01 | 2013-11-20 | 广州大学 | Pre-authentication-based authentication method for WiFi-WiMAX (wireless fidelity-worldwide interoperability for microwave access) heterogeneous wireless network |
| US20140086177A1 (en) * | 2012-09-27 | 2014-03-27 | Interdigital Patent Holding, Inc. | End-to-end architecture, api framework, discovery, and access in a virtualized network |
| CN103747503A (en) * | 2013-12-10 | 2014-04-23 | 北京智谷睿拓技术服务有限公司 | Wireless network accessing method and accessing apparatus |
| CN103796206A (en) * | 2013-03-28 | 2014-05-14 | 深圳光启创新技术有限公司 | Roaming method and communication system applied to traffic system |
-
2014
- 2014-09-19 CN CN201410484523.8A patent/CN105491093B/en active Active
Patent Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101568108A (en) * | 2008-04-21 | 2009-10-28 | 华为技术有限公司 | Switching method and equipment between heteroid systems |
| US20110090896A1 (en) * | 2009-10-15 | 2011-04-21 | Bob Bradley | Methods for synchronizing data in a network |
| CN102256251A (en) * | 2011-07-11 | 2011-11-23 | 上海天朗电子技术有限公司 | Wireless broadband mobile terminal access method |
| US20130297990A1 (en) * | 2012-03-30 | 2013-11-07 | California Institute Of Technology | Distributed reed-solomon codes for simple multiple access networks |
| CN102685750A (en) * | 2012-06-12 | 2012-09-19 | 刘梦阳 | Method for accessing wireless network, equipment and wireless network system |
| US20140086177A1 (en) * | 2012-09-27 | 2014-03-27 | Interdigital Patent Holding, Inc. | End-to-end architecture, api framework, discovery, and access in a virtualized network |
| CN103796206A (en) * | 2013-03-28 | 2014-05-14 | 深圳光启创新技术有限公司 | Roaming method and communication system applied to traffic system |
| CN103402201A (en) * | 2013-08-01 | 2013-11-20 | 广州大学 | Pre-authentication-based authentication method for WiFi-WiMAX (wireless fidelity-worldwide interoperability for microwave access) heterogeneous wireless network |
| CN103747503A (en) * | 2013-12-10 | 2014-04-23 | 北京智谷睿拓技术服务有限公司 | Wireless network accessing method and accessing apparatus |
Cited By (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105915353A (en) * | 2016-04-15 | 2016-08-31 | 临沂神行通网络技术有限公司 | Commercial wifi advertisement marketing billing system and billing method thereof |
| CN106685911B (en) * | 2016-07-29 | 2020-12-04 | 腾讯科技(深圳)有限公司 | Data processing method, authentication server and client |
| CN106302552A (en) * | 2016-10-31 | 2017-01-04 | 四川安慧智城科技有限公司 | A kind of processing method that can effectively supervise router and system safety under large scale deployment |
| CN109728901A (en) * | 2017-10-31 | 2019-05-07 | 中国电信股份有限公司 | Digital signature authentication method, device and system |
| CN109728901B (en) * | 2017-10-31 | 2022-04-08 | 中国电信股份有限公司 | Digital signature authentication method, device and system |
| CN109819446A (en) * | 2019-03-14 | 2019-05-28 | 湖南大学 | The space access authentication method and software definition edge calculations system of mobile Internet of Things |
| CN109819446B (en) * | 2019-03-14 | 2021-07-06 | 湖南大学 | Space access authentication method and software defined edge computing system of mobile internet of things |
| CN110087330A (en) * | 2019-04-25 | 2019-08-02 | 新华三技术有限公司 | Wireless network connection method for building up, radio reception device and server |
| CN112399370A (en) * | 2019-08-02 | 2021-02-23 | 华为技术有限公司 | Internet of vehicles safety communication method |
| CN112399370B (en) * | 2019-08-02 | 2022-07-22 | 华为云计算技术有限公司 | Internet of vehicles safety communication method |
| WO2022127434A1 (en) * | 2020-12-15 | 2022-06-23 | 腾讯科技(深圳)有限公司 | Wireless local area network authentication method and apparatus, and electronic device and storage medium |
| CN114040383A (en) * | 2021-11-25 | 2022-02-11 | 广东电网有限责任公司广州供电局 | WAPI (wireless LAN authentication and privacy infrastructure) secure network control method, device and equipment based on 5G node |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105491093B (en) | 2019-06-25 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105491093A (en) | Terminal authentication method, network access methods, server, wireless access point and terminal | |
| CN107529160B (en) | VoWiFi network access method and system, terminal and wireless access point equipment | |
| CN102111766B (en) | Network accessing method, device and system | |
| CN107979835B (en) | eSIM card and management method thereof | |
| CN103249045A (en) | Identification method, device and system | |
| US8655729B2 (en) | Using a first network to control access to a second network | |
| CN111262865B (en) | Method, device and system for making access control strategy | |
| CN104104516A (en) | Portal authentication method and device | |
| CN102223231B (en) | M2M terminal authentication system and authentication method | |
| CN107889194B (en) | Obtain, provide method, equipment and the medium of wireless access point access information | |
| CN104144463A (en) | Wi-fi network access method and system | |
| CN101662768B (en) | Authenticating method and equipment based on user identification module of personal handy phone system | |
| CN102143492B (en) | Method for establishing virtual private network (VPN) connection, mobile terminal and server | |
| EP3675541A1 (en) | Authentication method and device | |
| EP3284232B1 (en) | Wireless communications | |
| CN104660405A (en) | Business equipment authentication method and equipment | |
| CN103297224A (en) | Encryption key information distribution method and related device | |
| CN105813072A (en) | Terminal authentication method, system and cloud server | |
| CN104378836A (en) | Method and device for establishing convenient wireless connection | |
| CN102843683B (en) | Wireless local area network (WLAN) access method, WLAN access device and WLAN access system | |
| CN103281692A (en) | Fast roaming method and equipment between ACs (Alternating Currents) | |
| CN104750723A (en) | File sharing method, system, browser and server | |
| CN113302895B (en) | Method and apparatus for authenticating a group of wireless communication devices | |
| CN107277935B (en) | Bluetooth communication method, device and application system and equipment thereof | |
| CN112135253B (en) | Network connection method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |