CN105744555B - A kind of terminal maintenance method, maintenance device and NM server - Google Patents

A kind of terminal maintenance method, maintenance device and NM server Download PDF

Info

Publication number
CN105744555B
CN105744555B CN201410767645.8A CN201410767645A CN105744555B CN 105744555 B CN105744555 B CN 105744555B CN 201410767645 A CN201410767645 A CN 201410767645A CN 105744555 B CN105744555 B CN 105744555B
Authority
CN
China
Prior art keywords
terminal
maintenance device
server
mark
connection
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201410767645.8A
Other languages
Chinese (zh)
Other versions
CN105744555A (en
Inventor
杨宇
程金松
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Priority to CN201410767645.8A priority Critical patent/CN105744555B/en
Publication of CN105744555A publication Critical patent/CN105744555A/en
Application granted granted Critical
Publication of CN105744555B publication Critical patent/CN105744555B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Abstract

The embodiment of the invention discloses a kind of terminal maintenance method, maintenance device and NM servers, wherein the described method includes: maintenance device sends connection certification request to NM server, so that the NM server verifies the legitimacy of the maintenance device;When verification result is legal, the mark of first terminal is sent to the NM server by the maintenance device, so that the maintenance device is arranged to the connection management permission of the first terminal in the NM server;The maintenance device is attached and manages control to the first terminal based on set connection management permission.Using the present invention, maintenance process can be made to become more convenient, and save the time.

Description

A kind of terminal maintenance method, maintenance device and NM server
Technical field
The present invention relates to field of communication technology more particularly to a kind of terminal maintenance methods, maintenance device and network manager service Device.
Background technique
Due to the mobility of mobile terminal, so the physical location of mobile terminal can often change, or even can be in the whole world It is moved in range, such as: smart phone, car-mounted terminal, Shipborne terminal, this will bring greatly tired to the maintenance of mobile terminal It is difficult.Conventional maintenance method is frequently necessary to maintenance personnel's on-site maintenance or returns factory repair after removing, when maintenance personnel's distance is tieed up When the live distant or faulty equipment of shield is distant from producer, maintenance duration will be all greatly increased, so that maintenance process is inadequate It is convenient, not enough save the time.
Summary of the invention
The embodiment of the present invention provides a kind of terminal maintenance method, maintenance device and NM server, can make to safeguard Journey becomes more convenient, and saves the time.
First aspect present invention provides a kind of terminal maintenance method, comprising:
Maintenance device sends connection certification request to NM server, so that the NM server verifies the maintenance dress The legitimacy set;
When verification result is legal, the mark of first terminal is sent to the NM server by the maintenance device, So that the maintenance device is arranged to the connection management permission of the first terminal in the NM server;
The maintenance device is attached and manages control to the first terminal based on set connection management permission.
In the first possible implementation, the maintenance device is based on set connection management permission to described One terminal is attached and manages control, comprising:
The maintenance device receives the Connecting quantity for the first terminal that the NM server is sent, and according to described Connecting quantity sends connection request to the first terminal;
The maintenance device receives the connection response that the first terminal returns, to establish the connection with the first terminal Relationship;
The maintenance device sends management control command to the first terminal, so that the first terminal responds the pipe Manage control command.
With reference to first aspect or the first possible implementation of first aspect, in second of possible implementation In, further includes:
The maintenance device generates mass-sending administration order, and obtains the mark of multiple second terminals;
The mark of the multiple second terminal and mass-sending administration order are sent to the network management and taken by the maintenance device Business device, so that the mass-sending administration order is sent to the multiple second terminal by the NM server, to the multiple Second terminal is managed control.
Second aspect of the present invention provides a kind of terminal maintenance method, comprising:
NM server receives the connection certification request that maintenance device is sent, and verifies institute according to the connection certification request State the legitimacy of maintenance device;
When verification result is legal, the NM server receives the mark for the first terminal that the maintenance device is sent Know,
And the maintenance device is arranged to the connection management permission of the first terminal according to the mark of the first terminal, So that the maintenance device is attached and manages control to the first terminal based on set connection management permission.
In the first possible implementation, described that the maintenance device pair is arranged according to the mark of the first terminal The connection management permission of the first terminal, so that the maintenance device is based on set connection management permission to described first Terminal is attached and manages control, comprising:
The NM server sends security policy information to the first terminal according to the mark of the first terminal, with Make the first terminal that the maintenance device be arranged according to the security policy information to weigh the connection management of the first terminal Limit;
The NM server obtains the Connecting quantity of the first terminal according to the mark of the first terminal;
The NM server sends the Connecting quantity of the first terminal to the maintenance device, so that the maintenance fills It sets and is established a connection according to the Connecting quantity and the first terminal, and based on the connection management permission to described first Terminal is managed control;
Wherein, the security policy information includes the mark and the connection management permission of the maintenance device.
In conjunction with the possible implementation of the first of second aspect or second aspect, in second of possible implementation In, further includes:
The NM server receives the mark of mass-sending administration order and multiple second terminals that the maintenance device is sent Know;
The NM server to it is described mass-sending administration order and the multiple second terminal mark validity into Row verifying;
It is described when the mark for verifying the mass-sending administration order and the multiple second terminal all has validity The mass-sending administration order is sent to the multiple second terminal by NM server, to carry out pipe to the multiple second terminal Reason control.
Third aspect present invention provides a kind of maintenance device, comprising:
Sending module is authenticated, for sending connection certification request to NM server, so that the NM server is verified The legitimacy of the maintenance device;
Sending module is identified, for the mark of first terminal being sent to the network management and is taken when verification result being legal Business device, so that the maintenance device is arranged to the connection management permission of the first terminal in the NM server;
Connection management module, for the first terminal to be attached and managed based on set connection management permission Control.
In the first possible implementation, the connection management module includes:
Connection unit, for receiving the Connecting quantity for the first terminal that the NM server is sent, and according to institute It states Connecting quantity and sends connection request to the first terminal;
The connection unit is also used to receive the connection response that the first terminal returns, to establish with described first eventually The connection relationship at end;
Management control unit, for sending management control command to the first terminal, so that the first terminal responds The management control command.
In conjunction with the possible implementation of the first of the third aspect or the third aspect, in second of possible implementation In, further includes:
It generates and obtains module, for generating mass-sending administration order, and obtain the mark of multiple second terminals;
Command sending module is mass-sended, for the mark of the multiple second terminal and mass-sending administration order to be sent to institute NM server is stated, so that the mass-sending administration order is sent to the multiple second terminal by the NM server, with right The multiple second terminal is managed control.
Fourth aspect present invention provides a kind of NM server, comprising:
Receiving module is authenticated, is asked for receiving the connection certification request of maintenance device transmission, and according to connection certification Seek the legitimacy for verifying the maintenance device;
Receiving module is identified, for receiving the first terminal that the maintenance device is sent when verification result is legal Mark;
The maintenance device is arranged to the company of the first terminal for the mark according to the first terminal in setup module Administration authority is connect, so that the maintenance device is attached and is managed to the first terminal based on set connection management permission Reason control.
In the first possible implementation, the setup module includes:
Policy information transmission unit, for sending security policy information to described first according to the mark of the first terminal Terminal, so that connection of the maintenance device to the first terminal is arranged according to the security policy information in the first terminal Administration authority;
Connecting quantity acquiring unit, the connection for obtaining the first terminal for the mark according to the first terminal are joined Number;
Connecting quantity transmission unit, for sending the Connecting quantity of the first terminal to the maintenance device, so that institute It states maintenance device to be established a connection according to the Connecting quantity and the first terminal, and is based on the connection management permission pair The first terminal is managed control;
Wherein, the security policy information includes the mark and the connection management permission of the maintenance device.
In conjunction with the possible implementation of the first of fourth aspect or fourth aspect, in second of possible implementation In, further includes:
Command id receiving module, for receiving the mass-sending administration order and multiple second of the maintenance device transmission eventually The mark at end;
Validation verification module, for the effective of the mark to the mass-sending administration order and the multiple second terminal Property is verified;
Command sending module, for equal when verifying the mark for mass-sending administration order and the multiple second terminal When with validity, the mass-sending administration order is sent to the multiple second terminal, with to the multiple second terminal into Row management control.
Therefore maintenance device is authenticated by NM server, and after certification passes through, it can be by safeguarding people Member by maintenance device is managed control to first terminal, and maintenance personnel is made to no longer need to maintenance scene safeguard, also without Factory repair is returned again after first terminal need to being removed, so that maintenance process be made to become more convenient, and saves the time.
Detailed description of the invention
In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, to embodiment or will show below There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this Some embodiments of invention for those of ordinary skill in the art without creative efforts, can be with It obtains other drawings based on these drawings.
Fig. 1 is a kind of flow diagram of terminal maintenance method provided in an embodiment of the present invention;
Fig. 2 is the flow diagram of another terminal maintenance method provided in an embodiment of the present invention;
Fig. 3 is a kind of time diagram of terminal maintenance method provided in an embodiment of the present invention;
Fig. 4 is the time diagram of another terminal maintenance method provided in an embodiment of the present invention;
Fig. 5 is a kind of structural schematic diagram of maintenance device provided in an embodiment of the present invention;
Fig. 6 is a kind of structural schematic diagram of connection management module provided in an embodiment of the present invention;
Fig. 7 is a kind of structural schematic diagram of NM server provided in an embodiment of the present invention;
Fig. 8 is a kind of structural schematic diagram of setup module provided in an embodiment of the present invention;
Fig. 9 is the structural schematic diagram of another maintenance device provided in an embodiment of the present invention;
Figure 10 is the structural schematic diagram of another NM server provided in an embodiment of the present invention;
Figure 11 is a kind of structural schematic diagram of terminal maintenance system provided in an embodiment of the present invention.
Specific embodiment
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete Site preparation description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based on Embodiment in the present invention, it is obtained by those of ordinary skill in the art without making creative efforts every other Embodiment shall fall within the protection scope of the present invention.
The maintenance device involved by the embodiment of the present invention can be terminal used in maintenance personnel, it can use In the terminal of maintenance;NM server involved by the embodiment of the present invention can be the back-stage management service of a certain Terminal Type Device for example, the car-mounted terminal of a certain type may be coupled to the same NM server, and is managed collectively by NM server The mark of each car-mounted terminal, location information etc.;The first terminal involved by the embodiment of the present invention and described more The terminal that a second terminal all can be need to be maintained, the first terminal and the multiple second terminal be with it is described The terminal that NM server has connection relationship and is managed by the NM server.
It referring to Figure 1, is a kind of flow diagram of terminal maintenance method provided in an embodiment of the present invention, the method can To include:
S101, maintenance device send connection certification request to NM server, so that described in NM server verifying The legitimacy of maintenance device;
Specifically, the maintenance device can remotely connect the NM server of certain system by internet, in the dimension Before protection unit and the NM server establish a connection, the maintenance device can first send connection certification request to institute State NM server, the connection certification request carries the mark of the maintenance device, and the mark of the maintenance device can be with Equipment Serial Number, user account including the maintenance device etc., the NM server can be according to the maintenance devices Identity verification described in maintenance device legitimacy, that is, verify the legitimacy of the corresponding user of the maintenance device.Optionally, may be used It include multiple in the legal terminal list with legitimacy to store legal terminal list in the NM server in advance Maintenance device mark.The NM server can detecte the connection when verifying the legitimacy of the maintenance device The entrained maintenance device identifies whether that there are in the legal terminal list in certification request, and if it exists, then authenticates Pass through, otherwise authentification failure.Wherein, when the NM server, which verifies the maintenance device, has legitimacy, the net Pipe server can establish a connection with the maintenance device, allow the maintenance device that the NM server is added The mobile network at place.Wherein, the NM server can use common any authentication techniques, and the present invention does not do this It limits.
S102, when verification result is legal, the mark of first terminal is sent to the network management and taken by the maintenance device Business device, so that the maintenance device is arranged to the connection management permission of the first terminal in the NM server;
Specifically, illustrate that the maintenance device has a legitimacy when verification result is legal, the maintenance device can be with It is successfully established connection relationship with the NM server, is sent at this point, the maintenance device can receive the NM server Online terminal list, the online terminal list may include multiple having connection relationship with the NM server and being in The mark of the terminal of presence, for example, if the NM server is the background server in certain vehicle netbios, institute The mark for stating multiple terminals in online terminal list can be the mark of multiple car-mounted terminals being currently running.The maintenance dress It sets described in receiving after line terminal list, the maintenance device can obtain and the network manager service from online terminal list Device has the mark of the first terminal of connection relationship.Maintenance personnel can also input what needs were maintained on the maintenance device The information of terminal, at this point, the maintenance device can be obtained from the information for the terminal that the needs that maintenance personnel inputs are maintained The mark of the first terminal.The mark of first terminal can be sequence number or IMSI (International Mobile Subscriber Identification Number, international mobile subscriber identity) or media access control (Media Access Control, abbreviation MAC) address etc..
The maintenance device can send out the mark of the first terminal after the mark for getting the first terminal It send to the NM server.After the NM server receives the mark of the first terminal, the NM server Security policy information can be sent to the first terminal, the first terminal is received and respond the maintenance dress Set the connection request and management control command of transmission, that is, institute can be arranged according to the security policy information in the first terminal Maintenance device is stated to the connection management permission of the first terminal.The security policy information may include the maintenance device Mark and the connection management permission, the security policy information can be based on accesses control list (Access Control List, abbreviation ACL) or the customized command format of system, realize the maintenance device to the first terminal Connection management permission.
S103, the maintenance device are attached and are managed to the first terminal based on set connection management permission Control;
Specifically, the maintenance device can receive the connection ginseng for the first terminal that the NM server is sent Number, generates and sends connection request to the first terminal further according to the Connecting quantity.The Connecting quantity is by the net For pipe server according to accessed by the mark of the first terminal, the Connecting quantity may include the ground of the first terminal The mobile communication information such as location, port, IMSI number.
The maintenance device receives the connection response that the first terminal returns again, to establish the company with the first terminal Connect relationship.Wherein, the connection type of the maintenance device and the first terminal may include: that Telnet (assist by remote terminal View), containment agreement (Secure Shell, abbreviation SSH), Web (internet) or other modes.The connection response is by institute It is generated based on the connection management permission to state first terminal.
After the maintenance device and the first terminal establish connection relationship, the maintenance device can send management Control command is to the first terminal with the maintenance device with connection relationship, so that the first terminal is according to the connecting tube It manages permission and responds the management control command, the maintenance device obtains and shows that the first terminal controls the management and orders The command response message of order, the command response message may include the fault message, configuration information, log of the first terminal Information etc..
Optionally, when the NM server detects that the maintenance device actively exits or exception exits the network management clothes Be engaged in mobile network where device when, the NM server can send the order for cancelling security policy information to described the One terminal, so that the first terminal can cancel the maintenance device to the connection management permission of the first terminal, to prevent Only illegal control of the other users to the first terminal.Wherein, the case where exception exits may include: when the maintenance When the duration that device is not managed control to the first terminal is more than preset duration threshold value, the NM server control The maintenance device exits the mobile network where the NM server.
The method provided in an embodiment of the present invention not only may include the maintenance described in above-mentioned S101 to S103 For device to the point-to-point monitor model of the first terminal, the method can also include following maintenance device to multiple the The point-to-multipoint monitor model of two terminals.Specifically, the method also includes:
The maintenance device generates mass-sending administration order, and obtains the mark of multiple second terminals;
The mark of the multiple second terminal and mass-sending administration order are sent to the network management and taken by the maintenance device Business device, so that the mass-sending administration order is sent to the multiple second terminal by the NM server, to the multiple Second terminal is managed control;
Specifically, mass-sending administration order can be generated in the maintenance device, the mass-sending administration order can be multicast side The management control command that formula is sent, the more parts of management control commands that can also be sent with mode of unicast.The maintenance device obtains institute The mode for stating the mark of multiple second terminals is identical as the mode for the mark that the maintenance device obtains the first terminal;It can be with It is obtained from the online terminal list that the NM server provides, the end that can also be maintained from the needs that maintenance personnel inputs The mark that the multiple second terminal is obtained in the information at end, is not discussed here.
The maintenance device, can be by the multiple second terminal after the mark for getting the multiple second terminal Mark and mass-sending administration order be sent to the NM server together.The NM server verifies the multiple When the mark of two terminals and the mass-sending administration order all have validity, the NM server can be to the multiple Two terminals send the mass-sending administration order, so that each second terminal is parsed and rung to the mass-sending administration order respectively Answer command operation.
Further, the maintenance device can also receive and show that each second terminal responds the mass-sending administration order The command response result returned.The command response result may include fault message, configuration information, log information etc..
The point-to-point monitor model is suitable for detecting the terminal that some needs is maintained, reconfigure Operation, the point-to-multipoint monitor model are suitable for carrying out identical configuration, detection to multiple terminals for needing to be maintained Deng operation.
Therefore maintenance device is authenticated by NM server, and after certification passes through, it can be by safeguarding people Member by maintenance device is managed control to first terminal, and maintenance personnel is made to no longer need to maintenance scene safeguard, also without Factory repair is returned again after first terminal need to being removed, so that maintenance process be made to become more convenient, and saves the time;Meanwhile Maintenance personnel can control first terminal without the device password and address for knowing first terminal, and maintenance personnel Assistance without network administrator can control first terminal, to further improve maintenance efficiency;The dimension Protection unit can also carry out identical attended operation to multiple second terminals simultaneously by the NM server, and this mode is more It is to effectively improve maintenance efficiency.
Fig. 2 is referred to again, is the flow diagram of another terminal maintenance method provided in an embodiment of the present invention, the side Method may include:
S201, NM server receive the connection certification request that maintenance device is sent, and according to the connection certification request Verify the legitimacy of the maintenance device;
Specifically, the maintenance device can remotely connect the NM server of certain system by internet, in the dimension Before protection unit and the NM server establish a connection, the NM server can receive what maintenance device was sent to Connect certification request, the connection certification request carries the mark of the maintenance device, and the mark of the maintenance device can be with Equipment Serial Number, user account including maintenance device etc., the NM server can be according to the marks of the maintenance device Know the legitimacy for verifying the maintenance device, that is, verifies the legitimacy of the corresponding user of the maintenance device.It is alternatively possible to pre- Legal terminal list is first stored in the NM server, includes multiple dimensions with legitimacy in the legal terminal list The mark of protection unit.The NM server can detecte the connection certification when verifying the legitimacy of the maintenance device The entrained maintenance device identifies whether that there are in the legal terminal list in request, and if it exists, then certification passes through, Otherwise authentification failure.Wherein, when the NM server, which verifies the maintenance device, has legitimacy, the network manager service Device can establish a connection with the maintenance device, and the maintenance device is added where the NM server Mobile network.Wherein, the NM server can use common any authentication techniques, and which is not limited by the present invention.
S202, when verification result is legal, the NM server receives the maintenance device that the maintenance device is sent Mark;
Specifically, the maintenance device is successfully built with the NM server when the maintenance device has legitimacy Vertical connection relationship, at this point, to can receive the maintenance device getting with the network manager service utensil for the NM server There is the mark of the first terminal of connection relationship.The NM server is in the first terminal for receiving the maintenance device transmission Mark before, the NM server can first send online terminal list to the maintenance device, the online terminal column Table may include the mark of multiple terminals for having connection relationship with the NM server and being online, for example, if The NM server is the background server in certain vehicle netbios, then multiple terminals in the online terminal list Mark can be the mark of multiple car-mounted terminals being currently running.The maintenance device receive it is described after line terminal list, The maintenance device can obtain the first terminal for having connection relationship with the NM server from online terminal list Mark.Maintenance personnel can also input the information for needing the terminal being maintained on the maintenance device, at this point, the maintenance fills Set the mark that the first terminal can be obtained from the information for the terminal that the needs that maintenance personnel inputs are maintained.First terminal Mark can be sequence number or IMSI or media access control address etc..The maintenance device is getting described first eventually After the mark at end, the NM server can receive the mark for the first terminal that the maintenance device is sent.
S203 is arranged the maintenance device according to the mark of the first terminal and weighs to the connection management of the first terminal Limit, so that the maintenance device is attached and manages control to the first terminal based on set connection management permission;
Specifically, be legal in verification result, and after the NM server receives the mark of the first terminal, The NM server can send security policy information to the first terminal, so that institute according to the mark of the first terminal Stating first terminal can receive and respond connection request and management control command that the maintenance device is sent, that is, described first The maintenance device is arranged to the connection management permission of the first terminal according to the security policy information in terminal.The safety Policy information includes the mark and the connection management permission of the maintenance device, and the security policy information, which can be, to be based on Accesses control list or the customized command format of system realize that the maintenance device weighs the connection management of the first terminal Limit.
For the NM server while sending the security policy information, the NM server can also be according to institute The mark for stating first terminal obtains the Connecting quantity of the first terminal, and sends the Connecting quantity of the first terminal described in Maintenance device, so that the maintenance device is based on the connection management permission and according to the Connecting quantity and the first terminal It establishes a connection, the Connecting quantity may include the mobile communication such as the address, port, IMSI number of first terminal letter Breath.After the maintenance device and the first terminal establish connection relationship, the maintenance device can send management control The first terminal that there is connection relationship with the maintenance device is ordered, so that the first terminal is weighed according to the connection management Limit responds the management control command.
Optionally, when the NM server detects that the maintenance device actively exits or exception exits the network management clothes Be engaged in mobile network where device when, i.e., when the connection for detecting the maintenance device and the first terminal disconnects, the net Pipe server can cancel the set maintenance device to the connection management permission of the first terminal.Cancel the connection The detailed process of administration authority can be with are as follows: the NM server can send the order for cancelling security policy information to institute First terminal is stated, so that the first terminal can cancel the maintenance device to the connection management permission of the first terminal, To prevent illegal control of the other users to the first terminal.Wherein, the case where exception exits may include: when described When the duration that maintenance device is not managed control to the first terminal is more than preset duration threshold value, the NM server It controls the maintenance device and exits mobile network where the NM server.
The method provided in an embodiment of the present invention not only may include the maintenance described in above-mentioned S201 to S203 For device to the point-to-point monitor model of the first terminal, the method can also include following maintenance device to multiple the The point-to-multipoint monitor model of two terminals.Specifically, the method also includes: the NM server receives the maintenance The mark of mass-sending administration order and multiple second terminals that device is sent;
The NM server to it is described mass-sending administration order and the multiple second terminal mark validity into Row verifying;
It is described when the mark for verifying the mass-sending administration order and the multiple second terminal all has validity The mass-sending administration order is sent to the multiple second terminal by NM server, to carry out pipe to the multiple second terminal Reason control;
Specifically, the NM server can receive the mass-sending administration order that the maintenance device is sent and multiple the The mark of two terminals, the management control command that the mass-sending administration order can send for multicast mode, can also be with mode of unicast The more parts of management control commands sent.Wherein, the maintenance device obtains mode and the institute of the mark of the multiple second terminal The mode for stating the mark that maintenance device obtains the first terminal is identical;The online terminal that can be provided from the NM server It is obtained in list, the multiple second terminal can also be obtained from the information for the terminal that the needs that maintenance personnel inputs are maintained Mark, be not discussed here.
The NM server receives the mass-sending administration order that the maintenance device is sent and multiple second terminals After mark, the validity of the mark of the mass-sending administration order and the multiple second terminal can be verified;When Verify the mass-sending administration order and when the mark of the multiple second terminal all has validity, the NM server The mass-sending administration order can be sent to the multiple second terminal, so that each second terminal respectively manages the mass-sending Order parse and response command operation.
Further, the NM server can also receive each second terminal response institute in the multiple second terminal The command response that is returned of mass-sending administration order is stated as a result, the NM server sends institute for each command response result again Maintenance device is stated, so that the maintenance device can show each command response result.The command response result can be with Including fault message, configuration information, log information etc..
The point-to-point monitor model is suitable for detecting the terminal that some needs is maintained, reconfigure Operation, the point-to-multipoint monitor model are suitable for carrying out identical configuration, detection to multiple terminals for needing to be maintained Deng operation.
Therefore maintenance device is authenticated by NM server, and after certification passes through, it can be by safeguarding people Member by maintenance device is managed control to first terminal, and maintenance personnel is made to no longer need to maintenance scene safeguard, also without Factory repair is returned again after first terminal need to being removed, so that maintenance process be made to become more convenient, and saves the time;Meanwhile Maintenance personnel can control first terminal without the device password and address for knowing first terminal, and maintenance personnel Assistance without network administrator can control first terminal, to further improve maintenance efficiency;The dimension Protection unit can also carry out identical attended operation to multiple second terminals simultaneously by the NM server, and this mode is more It is to effectively improve maintenance efficiency.
Fig. 3 is referred to, is a kind of time diagram of terminal maintenance method provided in an embodiment of the present invention, the present invention is implemented Example illustrates the detailed process of terminal maintenance method, the method from maintenance device side, first terminal side, NM server side jointly May include:
S301, the maintenance device send connection certification request to the NM server;
S302, the NM server send authentication response and pass through message to the maintenance device;
Specifically, can send authentication response when the NM server is by certification to the maintenance device and pass through Message is to the maintenance device, to inform that the maintenance device certification has passed through, meanwhile, the NM server can with it is described Maintenance device establishes a connection.
S303, the maintenance device send online terminal list request to the NM server;
S304, the NM server send online terminal list to the maintenance according to the online terminal list request Device;
Wherein, the online terminal list may include multiple and the NM server has connection relationship and is in The mark of the terminal of linear state.
S305, the maintenance device obtain the mark of first terminal from online terminal list or input information;
S306, the mark that the maintenance device will acquire the first terminal are sent to the NM server;
Security policy information is sent to described first according to the mark of the first terminal by S307, the NM server Terminal;
Wherein, the security policy information includes the mark and the connection management permission of the maintenance device.
Connection management permission is arranged according to the security policy information in S308, the first terminal;
Specifically, the maintenance device is arranged to the first terminal according to the security policy information in the first terminal Connection management permission, the first terminal is received and responds connection request and management that the maintenance device is sent Control command.
S309, the NM server send the Connecting quantity of first terminal to the maintenance device;
Specifically, the NM server is first joined according to the connection that the mark of the first terminal obtains the first terminal Number, then the maintenance device is sent by the Connecting quantity of the first terminal.The Connecting quantity may include described first The mobile communication information such as address, port, IMSI number of terminal.S309 step and S307 step may be performed simultaneously.
S310, the maintenance device generates connection request according to the Connecting quantity of the first terminal, and sends the company Request is connect to the first terminal;
S311, the first terminal be based on the connection management permission connection request is responded, with it is described Maintenance device establishes a connection;
S312, the maintenance device are managed control to the first terminal;
Specifically, the maintenance device can send management control command to the maintenance device, so that described first is whole End responds the management control command according to the connection management permission.
S313, the maintenance device transmission exit request to the NM server;
S314, the NM server send removal security policy information to the first terminal;
Specifically, the NM server can when the NM server detects that the maintenance device will exit connection To send removal security policy information to the first terminal.
S315, the first terminal cancel connection management permission according to the removal security policy information;
Specifically, the first terminal can delete the security policy information according to the removal security policy information, To cancel the maintenance device to the connection management permission of the first terminal.
S316, the NM server respond the request of exiting of the maintenance device, to disconnect and the maintenance The connection of device.
Fig. 4 is referred to, is a kind of time diagram of terminal maintenance method provided in an embodiment of the present invention, the present invention is implemented Example illustrates the detailed process of terminal maintenance method, this hair from maintenance device side, multiple second terminal sides, NM server side jointly Bright embodiment by taking two second terminals as an example, the method may include:
S401, the maintenance device send connection certification request to the NM server;
S402, the NM server send authentication response and pass through message to the maintenance device;
Specifically, can send authentication response when the NM server is by certification to the maintenance device and pass through Message is to the maintenance device, to inform that the maintenance device certification has passed through, meanwhile, the NM server can with it is described Maintenance device establishes a connection.
S403, the maintenance device send online terminal list request to the NM server;
S404, the NM server send online terminal list to the maintenance according to the online terminal list request Device;
Wherein, the online terminal list may include multiple and the NM server has connection relationship and is in The mark of the terminal of linear state.
S405, the maintenance device obtain the mark of multiple second terminals from online terminal list or input information;
S406, the maintenance device sends the mark of the multiple second terminal and mass-sending administration order takes to the network management Business device;
The mass-sending administration order is sent to second terminal by S407, the NM server;
The mass-sending administration order is sent to second terminal by S408, the NM server;
Specifically, S407 and S408 are performed simultaneously, wherein the quantity of the multiple second terminal is 2, the net Pipe server is when verifying selected two second terminals and mass-sending administration order is with validity, the network manager service The mass-sending administration order is respectively sent to two second terminals by device.
S409, second terminal feedback command response results to the NM server;
S410, second terminal feedback command response results to the NM server;
Specifically, S409 step and S410 step are that two second terminals respectively ring the mass-sending administration order It answers, to obtain command response as a result, corresponding command response result is sent to the network manager service respectively by two second terminals Device.
Each command response result is fed back to the maintenance device by S411, the NM server;
S412, the maintenance device transmission exit request to the NM server;
S413, the NM server respond the request of exiting of the maintenance device, to disconnect and the maintenance The connection of device.
Optionally, any moment after step S404 can also be synchronized and be executed in above-mentioned Fig. 3 corresponding embodiment S305-S316;Similarly, any moment after the step S304 in above-mentioned Fig. 3 corresponding embodiment, can also synchronize execution S405-S413。
Fig. 5 is referred to, is a kind of structural schematic diagram of maintenance device provided in an embodiment of the present invention, the maintenance device 1 It may include: certification sending module 11, mark sending module 12, connection management module 13;
The certification sending module 11, for sending connection certification request to NM server, so that the network manager service Device verifies the legitimacy of the maintenance device 1;
Specifically, the maintenance device 1 can remotely connect the NM server of certain system by internet, in the dimension Before protection unit 1 and the NM server establish a connection, the certification sending module 11 can first send connection certification The NM server is requested, the connection certification request carries the mark of the maintenance device 1, the maintenance device 1 Mark may include equipment Serial Number, user account of maintenance device 1 etc., the NM server can be according to the dimension The legitimacy of maintenance device 1 described in the identity verification of protection unit 1 verifies the legitimacy of the corresponding user of the maintenance device 1. It include multiple in the legal terminal list it is alternatively possible to store legal terminal list in the NM server in advance The mark of maintenance device 1 with legitimacy.The NM server, can be with when verifying the legitimacy of the maintenance device 1 Identifying whether there are in the legal terminal list for the maintenance device 1 entrained in the connection certification request is detected, If it exists, then certification passes through, otherwise authentification failure.Wherein, has conjunction when the NM server verifies the maintenance device 1 When method, the NM server can establish a connection with the maintenance device 1, and the maintenance device 1 is added Enter the mobile network where the NM server.Wherein, the NM server can use common any certification skill Art, which is not limited by the present invention.
The mark sending module 12, for the mark of first terminal being sent to described when verification result is legal NM server, so that the maintenance device 1 is arranged to the connection management permission of the first terminal in the NM server;
Specifically, illustrating that the maintenance device 1 has legitimacy, the maintenance device 1 can when verification result is legal To be successfully established connection relationship with the NM server, at this point, the mark sending module 12 can receive the network management clothes The online terminal list that business device is sent, the online terminal list may include multiple and the NM server has connection pass The mark of terminal for being and being online, for example, if the NM server is the backstage clothes in certain vehicle netbios Business device, then the mark of multiple terminals in the online terminal list can be the mark of multiple car-mounted terminals being currently running. The mark sending module 12 receives described after line terminal list, and the mark sending module 12 can be arranged from online terminal The mark for the first terminal that there is connection relationship with the NM server is obtained in table.Maintenance personnel can also be in the maintenance The information for the terminal that input needs to be maintained on device 1, at this point, what the mark sending module 12 can be inputted from maintenance personnel The mark of the first terminal is obtained in the information for the terminal for needing to be maintained.The mark of first terminal can be sequence number, or IMSI or media access control address etc..
The mark sending module 12, can be by the first terminal after the mark for getting the first terminal Mark is sent to the NM server.After the NM server receives the mark of the first terminal, the network management Security policy information can be sent to the first terminal by server, and the first terminal is received and is responded described The connection request and management control command that maintenance device 1 is sent, that is, the first terminal can be according to the security policy information The maintenance device 1 is set to the connection management permission of the first terminal.The security policy information may include the dimension The mark of protection unit 1 and the connection management permission, the security policy information can be based on accesses control list or be It unites customized command format, realizes the maintenance device to the connection management permission of the first terminal.
The connection management module 13, for being attached based on set connection management permission to the first terminal It is controlled with management;
Specifically, the connection management module 13 can receive the company for the first terminal that the NM server is sent Parameter is connect, generates and sends connection request to the first terminal further according to the Connecting quantity.The Connecting quantity is by institute NM server is stated according to accessed by the mark of the first terminal, the Connecting quantity may include the first terminal The mobile communication information such as address, port, IMSI number.
The connection management module 13 receives the connection response that the first terminal returns again, to establish with described first eventually The connection relationship at end.Wherein, the connection type of the maintenance device 1 and the first terminal may include: Telnet, containment Agreement, Web or other modes.The connection response is generated based on the connection management permission by the first terminal.
After the connection management module 13 and the first terminal establish connection relationship, the connection management module 13 Management control command can be sent to the first terminal with the maintenance device 1 with connection relationship, so that the first terminal The management control command is responded according to the connection management permission, the connection management module 13 obtains and shows described first For terminal to the command response message of the management control command, the command response message may include the event of the first terminal Hinder information, configuration information, log information etc..
Optionally, when the NM server detects that 1 active of maintenance device is exited or exception exits the network management When mobile network where server, the NM server can send the order for cancelling security policy information to described First terminal, so that the first terminal can cancel the maintenance device 1 to the connection management permission of the first terminal, with Prevent illegal control of the other users to the first terminal.Wherein, the case where exception exits may include: when the dimension When the duration that protection unit 1 is not managed control to the first terminal is more than preset duration threshold value, the NM server It controls the maintenance device 1 and exits mobile network where the NM server.
Further, the maintenance device 1 can also include: and generate to obtain module 14, mass-sending command sending module 15;
The generation obtains module 14, for generating mass-sending administration order, and obtains the mark of multiple second terminals;
Specifically, the generation, which obtains module 14, can be generated mass-sending administration order, the mass-sending administration order can be The management control command that multicast mode is sent, the more parts of management control commands that can also be sent with mode of unicast.The generation obtains Module 14 obtains the mode of the mark of the multiple second terminal and the maintenance device 1 obtains the mark of the first terminal Mode is identical;It can obtain, can also be inputted from maintenance personnel from the online terminal list that the NM server provides The mark that the multiple second terminal is obtained in the information for the terminal for needing to be maintained, is not discussed here.
The mass-sending command sending module 15, for sending out the mark of the multiple second terminal and mass-sending administration order It send to the NM server, so that the mass-sending administration order is sent to the multiple second eventually by the NM server End, to be managed control to the multiple second terminal;
Specifically, the generation obtains module 14 after the mark for getting the multiple second terminal, the mass-sending The mark of the multiple second terminal and mass-sending administration order can be sent to the network management by command sending module 15 together Server.The NM server verifies the mark of the multiple second terminal and the mass-sending administration order has all had When effect property, the NM server can send the mass-sending administration order to the multiple second terminal, so that each second Terminal parse to the mass-sending administration order respectively and response command operates.
Further, the maintenance device 1 can also receive and show that each second terminal responds the mass-sending management life Enable returned command response result.The command response result may include fault message, configuration information, log information etc. Deng.
Further, then Fig. 6 is referred to, is a kind of structural representation of connection management module 13 provided in an embodiment of the present invention Figure, the connection management module 13 may include:
Connection unit 131, the Connecting quantity of the first terminal for receiving the NM server transmission, and according to The Connecting quantity sends connection request to the first terminal;
Wherein, the Connecting quantity be as the NM server according to accessed by the mark of the first terminal, The Connecting quantity may include the mobile communication such as address, port, IMSI number of first terminal information.
The connection unit 131 is also used to receive the connection response that the first terminal returns, to establish and described first The connection relationship of terminal;
Management control unit 132, for sending management control command to the first terminal, so that the first terminal is rung Answer the management control command;
Specifically, the management control unit 132, which can send management control command, has company to the maintenance device 1 The first terminal of relationship is connect, so that the first terminal responds the management control command, institute according to the connection management permission Stating management control unit 132 can also obtain and show that the first terminal responds the order that the management control command is returned Response results, the command response result may include fault message, configuration information, log information etc..
Therefore maintenance device 1 is authenticated by NM server, and after certification passes through, it can be by safeguarding Personnel are managed control to first terminal by maintenance device 1, and maintenance personnel is made to no longer need to maintenance scene safeguard, Without returning factory repair again after removing first terminal, so that maintenance process be made to become more convenient, and the time is saved;Together When, maintenance personnel can control first terminal without the device password and address for knowing first terminal, and safeguard Personnel can control first terminal without the assistance of network administrator, to further improve maintenance efficiency;Institute Identical attended operation can also be carried out to multiple second terminals simultaneously by the NM server by stating maintenance device 1, this Mode is even more to effectively improve maintenance efficiency.
Fig. 7 is referred to, is a kind of structural schematic diagram of NM server provided in an embodiment of the present invention, the network manager service Device 2 may include: certification receiving module 21, mark receiving module 22, setup module 23;
The certification receiving module 21, for receiving the connection certification request of maintenance device transmission, and according to the connection Certification request verifies the legitimacy of the maintenance device;
Specifically, the maintenance device can remotely connect the NM server 2 of certain system by internet, in the dimension Before protection unit and the NM server 2 establish a connection, the certification receiving module 21 can receive maintenance device hair The connection certification request being sent to, the connection certification request carry the mark of the maintenance device, the mark of the maintenance device Knowledge may include the equipment Serial Number of maintenance device, user account etc., and the certification receiving module 21 can be according to the dimension The legitimacy of maintenance device described in the identity verification of protection unit verifies the legitimacy of the corresponding user of the maintenance device.It can Selection of land can store legal terminal list in the NM server 2 in advance, include multiple tools in the legal terminal list There is the mark of the maintenance device of legitimacy.The certification receiving module 21, can be with when verifying the legitimacy of the maintenance device Identifying whether there are in the legal terminal list for the maintenance device entrained in the connection certification request is detected, if In the presence of then certification passes through, otherwise authentification failure.Wherein, have when the certification receiving module 21 verifies the maintenance device When legitimacy, the NM server 2 can establish a connection with the maintenance device, and the maintenance device is added Enter the mobile network where the NM server 2.Wherein, the NM server 2 can use common any certification Technology, which is not limited by the present invention.
The mark receiving module 22, for receiving the maintenance device is sent first when verification result is legal The mark of terminal;
Specifically, the maintenance device is successfully built with the NM server 2 when the maintenance device has legitimacy Vertical connection relationship, at this point, to can receive the maintenance device getting with the network manager service for the mark receiving module 22 Device 2 has the mark of the first terminal of connection relationship.The mark receiving module 22 is in the institute for receiving the maintenance device transmission Before the mark for stating first terminal, the mark receiving module 22 can first send online terminal list to the maintenance device, The online terminal list may include multiple terminals for having connection relationship with the NM server 2 and being online Mark, for example, if the NM server 2 is the background server 2 in certain vehicle netbios, the online terminal column The mark of multiple terminals in table can be the mark of multiple car-mounted terminals being currently running.The maintenance device receives described After line terminal list, the maintenance device can be obtained from online terminal list has connection with the NM server 2 The mark of the first terminal of relationship.Maintenance personnel can also input the letter for needing the terminal being maintained on the maintenance device Breath, at this point, the maintenance device can obtain described first from the information for the terminal that the needs that maintenance personnel inputs are maintained The mark of terminal.The mark of first terminal can be sequence number or IMSI or media access control address etc..The maintenance dress It sets after the mark for getting the first terminal, the mark receiving module 22 can receive what the maintenance device was sent The mark of the first terminal.
The setup module 23, it is whole to described first for the maintenance device to be arranged according to the mark of the first terminal The connection management permission at end, so that the maintenance device connects the first terminal based on set connection management permission Connect and manage control;
Specifically, being legal in verification result, and the mark receiving module 22 receives the mark of the first terminal Later, the setup module 23 can send security policy information to the first terminal according to the mark of the first terminal, The first terminal is received and responds connection request and management control command that the maintenance device is sent, that is, institute State the connection management permission that the maintenance device is arranged to the first terminal according to the security policy information in first terminal.Institute State the mark and the connection management permission that security policy information includes the maintenance device, the security policy information can be with It is that connection of the maintenance device to the first terminal is realized based on accesses control list or the customized command format of system Administration authority.
For the setup module 23 while sending the security policy information, the setup module 23 can also be according to institute The mark for stating first terminal obtains the Connecting quantity of the first terminal, and sends the Connecting quantity of the first terminal described in Maintenance device, so that the maintenance device is based on the connection management permission and according to the Connecting quantity and the first terminal It establishes a connection, the Connecting quantity may include the mobile communication such as the address, port, IMSI number of first terminal letter Breath.After the maintenance device and the first terminal establish connection relationship, the maintenance device can send management control The first terminal that there is connection relationship with the maintenance device is ordered, so that the first terminal is weighed according to the connection management Limit responds the management control command.
Optionally, when the NM server 2 detects that the maintenance device actively exits or exception exits the network management It is when the mobile network at 2 place of server, i.e., described when the connection for detecting the maintenance device and the first terminal disconnects Setup module 23 can cancel the set maintenance device to the connection management permission of the first terminal.Cancel the company The detailed process for connecing administration authority can be with are as follows: the setup module 23 can send the order for cancelling security policy information to The first terminal, so that the first terminal can cancel the maintenance device and weigh to the connection management of the first terminal Limit, to prevent illegal control of the other users to the first terminal.Wherein, the case where exception exits may include: to work as When the duration that the maintenance device is not managed control to the first terminal is more than preset duration threshold value, the network management clothes Business device 2 controls the mobile network that the maintenance device exits 2 place of NM server.
Further, the NM server 2 can also include: command id receiving module 24, validation verification module 25, command sending module 26;
The command id receiving module 24, for receiving mass-sending administration order that the maintenance device is sent and multiple The mark of second terminal;
Specifically, the command id receiving module 24 can receive the mass-sending administration order that the maintenance device is sent with And the mark of multiple second terminals, the management control command that the mass-sending administration order can send for multicast mode can also be with The more parts of management control commands that mode of unicast is sent.Wherein, the maintenance device obtains the mark of the multiple second terminal Mode is identical as the mode for the mark that the maintenance device obtains the first terminal;It can be provided from the NM server 2 Online terminal list in obtain, can also be obtained from the information of terminal that the needs that maintenance personnel inputs are maintained described more The mark of a second terminal, is not discussed here.
The validation verification module 25, for the mark to the mass-sending administration order and the multiple second terminal Validity verified;
The command sending module 26, for when verifying the mass-sending administration order and the multiple second terminal When mark all has validity, the mass-sending administration order is sent to the multiple second terminal, to the multiple second Terminal is managed control;
Specifically, the command id receiving module 24 receive the mass-sending administration order that the maintenance device is sent and After the mark of multiple second terminals, the validation verification module 25 can be to the mass-sending administration order and the multiple The validity of the mark of second terminal is verified;When the validation verification module 25 verify the mass-sending administration order with And the mark of the multiple second terminal, when all having validity, the command sending module 26 can be to the multiple second eventually End sends the mass-sending administration order, so that each second terminal respectively parses the mass-sending administration order and responds life Enable operation.
Further, the NM server 2 can also receive each second terminal response in the multiple second terminal The command response that the mass-sending administration order is returned is as a result, the NM server 2 again sends each command response result To the maintenance device, so that the maintenance device can show each command response result.The command response result It may include fault message, configuration information, log information etc..
Further, then Fig. 8 is referred to, is a kind of structural schematic diagram of setup module 23 provided in an embodiment of the present invention, The setup module 23 may include:
Policy information transmission unit 231, for sending security policy information described according to the mark of the first terminal First terminal, so that the maintenance device is arranged to the first terminal according to the security policy information in the first terminal Connection management permission;
Wherein, the security policy information includes the mark and the connection management permission of the maintenance device, described Security policy information can be measured acl rule or the customized command format of system.
Connecting quantity acquiring unit 232 obtains the connection of the first terminal for the mark according to the first terminal Parameter;
Wherein, the Connecting quantity may include the mobile communication such as the address, port, IMSI number of first terminal letter Breath.
Connecting quantity transmission unit 233, for sending the Connecting quantity of the first terminal to the maintenance device, so that The maintenance device establishes a connection according to the Connecting quantity and the first terminal, and is based on the connection management permission Control is managed to the first terminal.
Therefore maintenance device is authenticated by NM server 2, and after certification passes through, it can be by safeguarding Personnel are managed control to first terminal by maintenance device, and maintenance personnel is made to no longer need to maintenance scene safeguard, Without returning factory repair again after removing first terminal, so that maintenance process be made to become more convenient, and the time is saved;Together When, maintenance personnel can control first terminal without the device password and address for knowing first terminal, and safeguard Personnel can control first terminal without the assistance of network administrator, to further improve maintenance efficiency;Institute Identical attended operation can also be carried out to multiple second terminals simultaneously by the NM server 2 by stating maintenance device, this Mode is even more to effectively improve maintenance efficiency.
Fig. 9 is referred to, is the structural schematic diagram of another maintenance device provided in an embodiment of the present invention, the maintenance device 1000 may include processor 1001, communication interface 1002 and the (processor 1001 in maintenance device 1000 of memory 1003 Quantity can be to be one or more, in Fig. 9 by taking a processor 1001 as an example).In some embodiments of the present invention, processor 1001, communication interface 1002 can be connected with memory 1003 by communication bus or other modes, wherein Fig. 9 is to pass through communication For bus connection.
Wherein, the communication interface 1002, for being communicated with NM server and first terminal;
The memory 1003 is for storing program;Specifically, program may include program code, said program code packet Include computer operation instruction.Memory 1003 may include random access memory (random access memory, abbreviation RAM), it is also possible to further include nonvolatile memory (non-volatile memory), for example, at least a magnetic disk storage.
The processor 1001 is for executing described program, to realize terminal maintenance method provided in an embodiment of the present invention, Include:
Connection certification request is sent to NM server, so that the NM server verifies the legal of the maintenance device Property;
When verification result is legal, the mark of first terminal is sent to the NM server, so that the network management The maintenance device is arranged to the connection management permission of the first terminal in server;
The first terminal is attached and is managed control based on set connection management permission.
Wherein, described the first terminal to be attached and managed control based on set connection management permission, tool Body includes:
The Connecting quantity for the first terminal that the NM server is sent is received, and is sent according to the Connecting quantity Connection request is to the first terminal;
The connection response that the first terminal returns is received, to establish the connection relationship with the first terminal;
Management control command is sent to the first terminal, so that the first terminal responds the management control command.
Further, the method also includes:
Mass-sending administration order is generated, and obtains the mark of multiple second terminals;
The mark of the multiple second terminal and mass-sending administration order are sent to the NM server, so that described The mass-sending administration order is sent to the multiple second terminal by NM server, to carry out pipe to the multiple second terminal Reason control.
Above-mentioned processor 1001 can be general processor, including central processing unit (Central Processing Unit, abbreviation CPU), network processing unit (Network Processor, abbreviation NP) etc.;It can also be digital signal processor (DSP), specific integrated circuit (ASIC), field programmable gate array (FPGA) or other programmable logic device, discrete gate Or transistor logic, discrete hardware components.
Therefore maintenance device 1000 is authenticated by NM server, and after certification passes through, it can be by tieing up Shield personnel are managed control to first terminal by maintenance device 1000, and maintenance personnel is made to no longer need to maintenance scene tie up Shield, without returning factory repair again after removing first terminal, so that maintenance process be made to become more convenient, and when saving Between;Meanwhile maintenance personnel can control first terminal without the device password and address for knowing first terminal, and Maintenance personnel can control first terminal without the assistance of network administrator, to further improve maintenance effect Rate;The maintenance device 1000 can also carry out identical maintenance to multiple second terminals simultaneously by the NM server and grasp Make, this mode is even more to effectively improve maintenance efficiency.
Referring to Figure 10, it is the structural schematic diagram of another NM server provided in an embodiment of the present invention, the network management Server 2000 may include processor 2001, communication interface 2002 and the (processing in NM server 2000 of memory 2003 The quantity of device 2001 can be to be one or more, in Figure 10 by taking a processor 2001 as an example).Some embodiments of the present invention In, processor 2001, communication interface 2002 and memory 2003 can be connected by communication bus or other modes, wherein Figure 10 For being connected by communication bus.
Wherein, the communication interface 2002, for being led to maintenance device, first terminal and multiple second terminals Letter;
The memory 2003 is for storing program;Specifically, program may include program code, said program code packet Include computer operation instruction.Memory 2003 may include RAM, it is also possible to and it further include nonvolatile memory, for example, at least one A magnetic disk storage.
The processor 2001 is for executing described program, to realize terminal maintenance method provided in an embodiment of the present invention, Include:
The connection certification request that maintenance device is sent is received, and the maintenance device is verified according to the connection certification request Legitimacy;
When verification result is legal, the mark for the first terminal that the maintenance device is sent is received,
And the maintenance device is arranged to the connection management permission of the first terminal according to the mark of the first terminal, So that the maintenance device is attached and manages control to the first terminal based on set connection management permission.
Wherein, the maintenance device is arranged to the connecting tube of the first terminal in the mark according to the first terminal Permission is managed, so that the maintenance device is attached and manages control to the first terminal based on set connection management permission System, comprising:
Security policy information is sent to the first terminal, so that the first terminal according to the mark of the first terminal The maintenance device is set to the connection management permission of the first terminal according to the security policy information;
The Connecting quantity of the first terminal is obtained according to the mark of the first terminal;
The Connecting quantity of the first terminal is sent to the maintenance device, so that the maintenance device is according to the connection Parameter establishes a connection with the first terminal, and is managed control to the first terminal based on the connection management permission System;
Wherein, the security policy information includes the mark and the connection management permission of the maintenance device.
Further, the method also includes:
Receive the mark of mass-sending administration order and multiple second terminals that the maintenance device is sent;
The validity of the mark of the mass-sending administration order and the multiple second terminal is verified;
When the mark for verifying the mass-sending administration order and the multiple second terminal all has validity, by institute It states mass-sending administration order and is sent to the multiple second terminal, to be managed control to the multiple second terminal.
Above-mentioned processor 2001 can be general processor, including central processing unit, network processing unit etc.;It can also be Digital signal processor (DSP), specific integrated circuit (ASIC), field programmable gate array (FPGA) or other programmable patrol Collect device, discrete gate or transistor logic, discrete hardware components.
Therefore maintenance device is authenticated by NM server 2000, and after certification passes through, it can be by tieing up Shield personnel are managed control to first terminal by maintenance device, and maintenance personnel is made to no longer need to maintenance scene safeguard, Without factory repair is returned again after removing first terminal, so that maintenance process be made to become more convenient, and the time is saved;Together When, maintenance personnel can control first terminal without the device password and address for knowing first terminal, and safeguard Personnel can control first terminal without the assistance of network administrator, to further improve maintenance efficiency;Institute Identical attended operation can also be carried out to multiple second terminals simultaneously by the NM server 2000 by stating maintenance device, this Kind mode is even more to effectively improve maintenance efficiency.
Referring to Figure 11, it is a kind of structural schematic diagram of terminal maintenance system provided in an embodiment of the present invention, the system It may include maintenance device, NM server, first terminal and multiple second terminals, the maintenance device can pass through interconnection Net and the NM server and the first terminal communicate to connect, and the NM server can pass through internet and described the One terminal and the communication connection of the multiple second terminal.Structure, function and Fig. 5 of the maintenance device in the system are retouched Structure, the function for the maintenance device 1 stated are identical;Net described in the structure of NM server in the system, function and Fig. 7 Structure, the function of pipe server 2 are identical;The embodiment of the present invention does not repeat.Alternatively, the maintenance device in the system Structure, function are identical as the structure, function of maintenance device 1000 described in Fig. 9;The knot of NM server in the system Structure, function are identical as the structure, function of NM server 2000 described in Figure 10;The embodiment of the present invention does not repeat.
Wherein, the security policy information that the first terminal in the system can be sent according to the NM server The maintenance device is set to the connection management permission of the first terminal, allows the maintenance device whole to described first End is attached and manages control.The multiple second terminal in the system can receive the NM server forwarding Administration order is mass-sended, and the mass-sending administration order is responded, the maintenance device is taken by the network management Business device is managed control to the multiple second terminal.
Those of ordinary skill in the art will appreciate that realizing all or part of the process in above-described embodiment method, being can be with Relevant hardware is instructed to complete by computer program, the program can be stored in a computer-readable storage medium In, the program is when being executed, it may include such as the process of the embodiment of above-mentioned each method.Wherein, the storage medium can be magnetic Dish, CD, read-only memory (Read-Only Memory, abbreviation ROM) or RAM etc..
The above disclosure is only the preferred embodiments of the present invention, cannot limit the right model of the present invention with this certainly It encloses, therefore equivalent changes made in accordance with the claims of the present invention, is still within the scope of the present invention.

Claims (8)

1. a kind of terminal maintenance method characterized by comprising
Maintenance device sends connection certification request to NM server, so that the NM server verifies the maintenance device Legitimacy;
When verification result is legal, the mark of first terminal is sent to the NM server by the maintenance device, so that The maintenance device is arranged to the connection management permission of the first terminal in the NM server;
The maintenance device is attached and manages control to the first terminal based on set connection management permission;
The maintenance device generates mass-sending administration order, and obtains the mark of multiple second terminals;The multiple second terminal is equal For mobile terminal;
The mark of the multiple second terminal and mass-sending administration order are sent to the NM server by the maintenance device, So that the mass-sending administration order is sent to the second terminal by the NM server, with to the multiple second terminal into Row management control.
2. the method as described in claim 1, which is characterized in that the maintenance device is based on set connection management permission pair The first terminal is attached and manages control, comprising:
The maintenance device receives the Connecting quantity for the first terminal that the NM server is sent, and according to the connection Parameter sends connection request to the first terminal;
The maintenance device receives the connection response that the first terminal returns, to establish the connection pass with the first terminal System;
The maintenance device sends management control command to the first terminal, so that the first terminal responds the management control System order.
3. a kind of terminal maintenance method characterized by comprising
NM server receives the connection certification request that maintenance device is sent, and verifies the dimension according to the connection certification request The legitimacy of protection unit;
When verification result is legal, the NM server receives the mark for the first terminal that the maintenance device is sent,
And the maintenance device is arranged to the connection management permission of the first terminal according to the mark of the first terminal, so that The maintenance device is attached and manages control to the first terminal based on set connection management permission;
The NM server receives the mark of mass-sending administration order and multiple second terminals that the maintenance device is sent;Institute Stating multiple second terminals is mobile terminal;
The NM server tests the validity of the mark of the mass-sending administration order and the multiple second terminal Card;
When the mark for verifying the mass-sending administration order and the multiple second terminal all has validity, the network management The mass-sending administration order is sent to the multiple second terminal by server, to be managed control to the multiple second terminal System.
4. method as claimed in claim 3, which is characterized in that described that the maintenance is arranged according to the mark of the first terminal Device is to the connection management permission of the first terminal, so that the maintenance device is based on set connection management permission to institute It states first terminal and is attached and manages control, comprising:
The NM server sends security policy information to the first terminal, so that institute according to the mark of the first terminal State the connection management permission that the maintenance device is arranged to the first terminal according to the security policy information in first terminal;
The NM server obtains the Connecting quantity of the first terminal according to the mark of the first terminal;
The NM server sends the Connecting quantity of the first terminal to the maintenance device, so that the maintenance device root It establishes a connection according to the Connecting quantity and the first terminal, and based on the connection management permission to the first terminal It is managed control;
Wherein, the security policy information includes the mark and the connection management permission of the maintenance device.
5. a kind of maintenance device characterized by comprising
Sending module is authenticated, for sending connection certification request to NM server, so that described in NM server verifying The legitimacy of maintenance device;
Sending module is identified, for when verification result is legal, the mark of first terminal to be sent to the NM server, So that the maintenance device is arranged to the connection management permission of the first terminal in the NM server;
Connection management module, for the first terminal being attached and being managed control based on set connection management permission System;
It generates and obtains module, for generating mass-sending administration order, and obtain the mark of multiple second terminals;The multiple second eventually End is mobile terminal;
Command sending module is mass-sended, for the mark of the multiple second terminal and mass-sending administration order to be sent to the net Pipe server, so that the mass-sending administration order is sent to the multiple second terminal by the NM server, to described Multiple second terminals are managed control.
6. device as claimed in claim 5, which is characterized in that the connection management module includes:
Connection unit, for receiving the Connecting quantity for the first terminal that the NM server is sent, and according to the company It connects parameter and sends connection request to the first terminal;
The connection unit is also used to receive the connection response that the first terminal returns, to establish and the first terminal Connection relationship;
Management control unit, for sending management control command to the first terminal, so that described in first terminal response Manage control command.
7. a kind of NM server characterized by comprising
Receiving module is authenticated, for receiving the connection certification request of maintenance device transmission, and is tested according to the connection certification request Demonstrate,prove the legitimacy of the maintenance device;
Receiving module is identified, for receiving the mark for the first terminal that the maintenance device is sent when verification result is legal;
The maintenance device is arranged to the connecting tube of the first terminal for the mark according to the first terminal in setup module Permission is managed, so that the maintenance device is attached and manages control to the first terminal based on set connection management permission System;
Command id receiving module, for receiving mass-sending administration order that the maintenance device is sent and multiple second terminals Mark;The multiple second terminal is mobile terminal;
Validation verification module, for it is described mass-sending administration order and the multiple second terminal mark validity into Row verifying;
Command sending module, for being all had when the mark for verifying the mass-sending administration order and the multiple second terminal When validity, the mass-sending administration order is sent to the multiple second terminal, to carry out pipe to the multiple second terminal Reason control.
8. server as claimed in claim 7, which is characterized in that the setup module includes:
Policy information transmission unit, it is whole to described first for sending security policy information according to the mark of the first terminal End, so that the maintenance device is arranged to the connecting tube of the first terminal according to the security policy information in the first terminal Manage permission;
Connecting quantity acquiring unit obtains the Connecting quantity of the first terminal for the mark according to the first terminal;
Connecting quantity transmission unit, for sending the Connecting quantity of the first terminal to the maintenance device, so that the dimension Protection unit establishes a connection according to the Connecting quantity and the first terminal, and based on the connection management permission to described First terminal is managed control;
Wherein, the security policy information includes the mark and the connection management permission of the maintenance device.
CN201410767645.8A 2014-12-12 2014-12-12 A kind of terminal maintenance method, maintenance device and NM server Active CN105744555B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201410767645.8A CN105744555B (en) 2014-12-12 2014-12-12 A kind of terminal maintenance method, maintenance device and NM server

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201410767645.8A CN105744555B (en) 2014-12-12 2014-12-12 A kind of terminal maintenance method, maintenance device and NM server

Publications (2)

Publication Number Publication Date
CN105744555A CN105744555A (en) 2016-07-06
CN105744555B true CN105744555B (en) 2019-05-28

Family

ID=56241379

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201410767645.8A Active CN105744555B (en) 2014-12-12 2014-12-12 A kind of terminal maintenance method, maintenance device and NM server

Country Status (1)

Country Link
CN (1) CN105744555B (en)

Families Citing this family (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107480511A (en) * 2016-11-02 2017-12-15 深圳市波普安创技术有限公司 The maintenance tamper resistant systems and its method of information safety devices
CN108376290B (en) * 2018-02-07 2021-05-11 深圳怡化电脑股份有限公司 Financial self-service equipment maintenance control method and device and server
CN108682087B (en) * 2018-05-04 2021-02-02 深圳怡化电脑股份有限公司 Method and system for maintaining fault of terminal equipment and computer readable storage medium
CN108650122A (en) * 2018-05-08 2018-10-12 普联技术有限公司 Network management and computer storage media, network controller
CN108632090B (en) * 2018-05-08 2021-09-10 普联技术有限公司 Network management method and system
CN109194729B (en) * 2018-08-24 2021-07-09 国广东方网络(北京)有限公司 Information communication system and method
CN111709538B (en) * 2020-05-25 2023-11-24 中国商用飞机有限责任公司 System and method for authenticating ground maintenance equipment of an aircraft

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1866874A (en) * 2006-03-28 2006-11-22 华为技术有限公司 Terminal device maintaining method and system
CN1866848A (en) * 2005-05-18 2006-11-22 上海华为技术有限公司 Method for realizing configuration of service frame data
CN101018155A (en) * 2007-02-08 2007-08-15 华为技术有限公司 Network element management method, system and network element
CN103974308A (en) * 2013-02-01 2014-08-06 中兴通讯股份有限公司 Base station maintenance equipment, method, device and system, mobile terminal and base station

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI334714B (en) * 2006-12-10 2010-12-11 Cameo Communications Inc Discovery method for network devices

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1866848A (en) * 2005-05-18 2006-11-22 上海华为技术有限公司 Method for realizing configuration of service frame data
CN1866874A (en) * 2006-03-28 2006-11-22 华为技术有限公司 Terminal device maintaining method and system
CN101018155A (en) * 2007-02-08 2007-08-15 华为技术有限公司 Network element management method, system and network element
CN103974308A (en) * 2013-02-01 2014-08-06 中兴通讯股份有限公司 Base station maintenance equipment, method, device and system, mobile terminal and base station

Also Published As

Publication number Publication date
CN105744555A (en) 2016-07-06

Similar Documents

Publication Publication Date Title
CN105744555B (en) A kind of terminal maintenance method, maintenance device and NM server
CN108881232B (en) Sign-on access method, apparatus, storage medium and the processor of operation system
CN104883267B (en) network configuration access method and device
CN102271133B (en) Authentication method, device and system
CN104780069B (en) A kind of key-course towards SDN and data Layer communication port self-configuration method and its system
CN107493280A (en) Method, intelligent gateway and the certificate server of user authentication
WO2018036198A1 (en) Control method and apparatus for smart household, home gateway, and mobile terminal
CN111324672A (en) Block chain safety processing system and method
CN110072236A (en) Equipment connection method, equipment and system
US9401905B1 (en) Transferring soft token authentication capabilities to a new device
CN104811433A (en) Distributed IoT (Internet of Things) solution scheme of C/S configuration
CN103647788B (en) A kind of node security authentication method in intelligent grid
CN109104475A (en) Connect restoration methods, apparatus and system
CN108900484A (en) A kind of generation method and device of access authority information
CN108429820A (en) A kind of communication means of internet of things application layer, system and terminal device
CN108024243A (en) A kind of eSIM is caught in Network Communication method and its system
CN105392137A (en) Household WIFI embezzlement preventing method, wireless router and terminal equipment
CN105592459B (en) Safety certification device based on wireless communication
CN105792095A (en) Secret key negotiation method and system for MTC (Machine Type Communication) packet communication and network entity
CN109981312A (en) Smart machine configuration method, apparatus and system
CN109302397A (en) A kind of network safety managing method, platform and computer readable storage medium
CN106537962B (en) Wireless network configuration, access and access method, device and equipment
CN104917750B (en) A kind of key-course towards SDN and data Layer communication port self-configuration method and its system
CN105391720A (en) User terminal login method and device
CN106878020A (en) Network system, the authentication method of the network equipment and device

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant