Detailed description of the invention
Understandable for enabling the above-mentioned purpose of the present invention, feature and advantage to become apparent from, real with concrete below in conjunction with the accompanying drawings
The present invention is further detailed explanation to execute mode.
One of core idea of the embodiment of the present invention is, proposes a kind of wireless roaming method and device, to promote quickly
Roaming success rate and Consumer's Experience.
With reference to Fig. 1, it is shown that the flow chart of a kind of wireless roaming method embodiment of the present invention, the method is applied to AP,
Specifically may include steps of:
Step 101, receives the association request that STA sends.
In this step, this association request is probably STA from another AP (that is, belonging to the AP under same AC with this AP)
Send when roaming into this AP, it is also possible to send when STA reaches the standard grade again after this AP rolls off the production line, it is also possible to STA accesses first
Send during this AP (any AP of the most not associated mistake).
Step 102, if carrying associated key mark in association request, it is determined that STA is roaming STA, and will association
Key identification mates with locally stored associated key, this associated key be designated STA according at least to self with associated
An AP when being associated the associated key of distribution generate.
Concrete, after AP receives the association request of STA, this association request can be detected.If be detected that association
Request carries associated key mark (PMKID), then may determine that this STA is for roaming STA.Then, AP is by association request
The associated key mark carried is mated with locally stored associated key.Here, locally stored for AP associated key is
It is linked into the associated key (PMK) that the terminal success of this AP is distributed when this AP side completes wireless authentication.
Wherein, associated key is designated STA and is accessing before this AP, and the arbitrary AP under managing with the AC belonging to this AP is carried out
During association, the associated key of distribution is generated.If it is to say, association request carries associated key mark, then should
The AP under AC management belonging to STA with AP associated.If association request is not carried associated key mark, then this STA
AP under not managing with the AC belonging to AP associated, and is above-mentioned described STA and accesses the situation of AP first.
Step 103, if the match is successful, then allows STA to carry out fast roaming.
Concrete, if the associated key mark carried in association request and at least one associated key of storage in AP
Be made into merit, then permission STA is carried out fast roaming by this AP, i.e. AP utilizes this associated key that the match is successful and STA to carry out quickly
4-Way Handshake process in roaming, so that STA completes fast roaming.
Step 104, if it fails to match, then other AP managed to the AC belonging to AP sends and carries associated key mark
Matching request so that other AP by associated key mark the associated key locally stored with other AP mate.
Concrete, if the associated key mark carried in association request all mates mistake with the associated key of storage in AP
Lose, then this AP is by sending matching request to other AP of affiliated AC management, can include associated key mark in this matching request
Know, the address information (such as MAC Address) of STA and Basic Service Set Identification (Basic Service Set Identifier,
BSSID).Wherein, BSSID refers to the BSSID of the AP accessed when STA generates associated key mark.
After other AP receives this matching request, extract associated key therein mark, and by this associated key mark with
Locally stored associated key mark is mated, follow-up can be according further to the indication feedback matching result of matching request.
Such as, this matching request may indicate that receiving the AP of this matching request is required to feed back matching result (no matter matching result is into
Merit or failure), it is also possible to instruction only by matching result be successful AP feedback, in this case, receive this matching request and
Matching result is that failed AP is without feeding back matching result.
Step 105, if receive in Preset Time other AP send the match is successful response, then allow STA carry out
Fast roaming.
Concrete, above-mentioned the match is successful response can carry and identify with the associated key in association request that the match is successful
Associated key.So, AP can utilize the 4-Way Handshake mistake that this associated key that the match is successful and STA carry out in fast roaming
Journey, so that STA completes fast roaming.
Further, in embodiments of the present invention, this wireless roaming method can further include:
If AP do not receive in Preset Time other AP send the match is successful response, it is determined that this STA not with AP institute
Any AP under the AC management belonged to carried out association, and notified that STA re-starts wireless authentication, and concrete identifying procedure is existing
Technology, is not described in detail in this.
In a preferred embodiment of the invention, in above-mentioned steps 102, associated key is identified with locally stored by AP
Associated key mark carry out the process mated, may include that
AP, based on locally stored each associated key, all generates the associated key mark of correspondence.Wherein, AP generates each
The generating mode that the generating mode of associated key mark generates associated key mark with STA is identical.
Then, AP judge generate associated key mark in whether exist with association request in carry associated key mark
Identical associated key mark.
If it is present determine that the match is successful, otherwise, it determines it fails to match.
In another preferred embodiment of the present invention, association request also carries the address information of STA (such as,
MAC Address) and BSSID, in this case, associated key is designated STA and closes with the AP associated according to self
During connection, the associated key of distribution, the address information of STA and BSSID generate, and such as, STA utilizes hash algorithm generation etc..Phase
Answering, associated key mark is carried out the process mated by AP with locally stored associated key mark, may include that
AP is based on locally stored each associated key, and the address information carried in association request and BSSID, and it is right to generate
The associated key mark answered.Wherein, AP generates generating mode and the STA generation associated key mark of each associated key mark
Generating mode is identical.
Then, AP judge generate associated key mark in whether exist with association request in carry associated key mark
Identical associated key mark.
If it is present determine that the match is successful, otherwise, it determines it fails to match.
In another preferred embodiment of the present invention, association request carries the address information (example of STA equally
As, MAC Address) and BSSID, associated key is designated distribution when STA is associated with the AP associated according to self
Associated key, the address information of STA and BSSID generate.Unlike the embodiments above: AP locally stored have with often
Address information that individual associated key is corresponding and BSSID.AP is during coupling associated key, by locally stored each association
Key and address information corresponding to each associated key and BSSID all generate the associated key mark of correspondence.Wherein, AP generates
The generating mode that the generating mode of associated key mark generates associated key mark with STA is identical.Then, AP utilizes the pass generated
Connection key identification compares one by one with the associated key mark carried in association request, if in the associated key mark generated not
There is the associated key mark that the associated key mark carried with association request is identical, the most directly judge that it fails to match.
If the associated key mark generated exists the associated key mark that the associated key mark corresponding with STA is identical,
The address that then AP will carry in the locally stored address information corresponding with this associated key mark and BSSID and association request
Information and BSSID are further compared, if the most identical, it is determined that the match is successful, if any one therein not phase
With, it is determined that it fails to match.
It should be noted that in embodiments of the present invention, after other AP receives matching request, associated key is identified and it
Associated key locally stored for its AP carries out the concrete matching process mated, identical with the matching process that above-mentioned AP performs.
Additionally, in above-mentioned steps 104, AP can directly by the communication port that pre-builds between other AP to it
Its AP sends the matching request carrying associated key mark;Associated key mark can also be carried to other AP transmission by AC
Matching request, i.e. AP first sends the matching request carrying associated key mark to its affiliated AC, the most again by this AC to it
Its AP forwards this matching request.
The wireless roaming method of the present invention can be applicable to STA and roamed into the scene of another AP by an AP, it is also possible to should
Again the scene of AP is accessed for STA.In order to be better understood from the wireless roaming method of the present invention, below with STA by an AP
The embodiment roaming into another AP is described in detail.It should be noted that disconnect at STA Yu AP and again access the reality of AP
Execute the step in example identical with the step in the present embodiment, do not repeat them here.
With reference to Fig. 2, it is shown that the network connection diagram of the embodiment of the present invention.In fig. 2:
AC with AP1-AP4 is communicatively coupled, and AC manages AP1-AP4.
In one embodiment of the invention, between AP1-AP4, all foundation has communication port, to transmit message.Concrete,
Path Setup process between AP needs to carry out mutual authentication, only in the case of authentication successfully, between AP
Communication port can be successfully established.It is specific as follows that communication port sets up process: with the Path Setup process between AP1 and AP2
As a example by, AP1 sends ID authentication request to AP2, and AP2 responds this ID authentication request, and returns authentication response to AP1,
AP1 receives this authentication response, determines and carries out authentication success with AP2, AP1 Yu AP2 sets up communication port.
In another embodiment of the present invention, the transmission of message can also be carried out between AP1-AP4 by AC, illustrate
Bright: AP1 needs when other AP sends message, can send needing the message sent to AC, then be forwarded to other by AC
AP。
It addition, in the present invention, password between AP1-AP4, can also be consulted, for the letter of transmission between AP1-AP4
Breath is encrypted and deciphers.AP1-AP4 can utilize the lane negotiation password set up each other, it is also possible to consults close by AC transfer
Code.
Assume that STA carries out wireless authentication (such as, 802.1X certification) first in AP1 side, and acquisition is recognized after the authentication has been successful
The associated key (PMK1) of card server distribution, utilizes this PMK with AP1 to realize associating.
In the present invention, STA and AP1 side all stores PMK1.
STA can be calculated by hash algorithm based on PMK1 or MAC Address based on PMK1, STA and the BSSID of AP1
Go out associated key mark (PMK1ID), and this PMK1ID is carried out locally stored, in order to use during follow-up roaming.AP1 can be only
Storage PMK1, it is also possible to except storing in addition to PMK1, also stores PMK1ID (by AP1 MAC Address based on PMK1, STA and AP1
BSSID calculates, and algorithm is with STA side), the MAC Address of STA and the BSSID of AP1, the content of the latter's storage can be with row
Sheet form embodies, in order to AP1 follow-up auxiliary STA fast roaming.
Assume that STA is moved because of certain reason, move to the wireless signal of AP2 from the wireless signal coverage of AP1
Under coverage, and STA wants to realize the fast roaming from AP1 to AP2, and now, STA can send to AP2 and carry
The association request of PMK1ID.
After AP2 receives this association request, this association request can be detected, find this association request carries
PMK1ID, i.e. carry associated key mark, assert STA for roaming STA, in this case, AP2 can by PMK1ID with this
The associated key of ground storage mates.
In a kind of matching way, this association request is only carried PMK1ID, AP2 and is detecting that this association request carries
After associated key mark, corresponding associated key can be generated based on locally stored all associated keys by hash algorithm
Mark;Then, it is judged that whether the associated key mark of generation exists PMK1ID, and when being judged as YES, determines that the match is successful,
When being judged as NO, determine that it fails to match.In this matching way, if as a example by STA only associated AP1, AP2 herein
Matching result is that it fails to match;If rolled off the production line at AP1 with STA, utilize not only PMK1 as a example by AP2 rolls off the production line but also reaches the standard grade, herein
Joining result is that the match is successful.
In another kind of matching way, except carrying PMK1ID in this association request, also carry MAC Address and the AP1 of STA
BSSID.AP2 is after detecting that this association request carries associated key mark, and AP2 is close based on locally stored each association
The MAC Address carried in key and this association request and BSSID, generate corresponding associated key by hash algorithm and identify;Then,
Judge whether the associated key generated mark exists PMK1ID, and when being judged as YES, determine that the match is successful, be judged as NO
Time, determine that it fails to match.In this matching way, if as a example by STA only associated AP1, the matching result of AP2 is herein
It fails to match;If rolled off the production line at AP1 with STA, utilizing not only PMK1 as a example by AP2 rolls off the production line but also reaches the standard grade, matching result herein is
It is made into merit.
In another matching way, except carrying PMK1ID in this association request, also carry MAC Address and the AP1 of STA
BSSID.AP2 is after detecting that this association request carries associated key mark, it is judged that locally stored each associated key
Whether there is PMK1ID in corresponding associated key mark, the associated key mark that the most each associated key is corresponding is by AP2
Based on each associated key, the MAC Address of STA that each associated key is corresponding and corresponding BSSID, generated by hash algorithm
's;AP2 can be generated in advance storage to this locality, it is also possible to generates after receiving this association request.
When being judged as NO, determine that it fails to match, if as a example by STA only associated AP1, the matching result of AP2 herein
It is that it fails to match;When being judged as YES, continue the locally stored MAC Address corresponding with PMK1ID and BSSID, with this pass
The MAC Address and the BSSID that carry in connection request compare one by one;If the most identical, it is determined that the match is successful, if with
STA rolls off the production line at AP1, not only utilizes PMK1 as a example by AP2 rolls off the production line but also reaches the standard grade, and matching result herein is that the match is successful;If at least
One differs, it is determined that it fails to match, if STA is hacked, it is possible that this situation.This matching way can carry
The safety of high wireless access.
No matter use which kind of matching way above-mentioned, when matching result is that the match is successful, it is allowed to STA carries out fast roaming.
That is, STA utilizes PMK1 with AP2 to realize quickly associating.
When matching result is that it fails to match, the coupling that AP2 carries PMK1ID to AP1, AP3 and AP4 transmission respectively is asked
Ask.This matching request is the request after AP2 uses the password consulted to be encrypted, and AP2 can use the logical of foundation in advance
Letter passage sends this matching request, it would however also be possible to employ this matching request of AC transfer.
After AP1, AP3 and AP4 receive this matching request, no matter it is which AP, all uses identical with the matching way of AP2
PMK1ID is mated by matching way with the most locally stored associated key.
If as a example by STA only associated AP1, then, follow-up AP2 can receive in certain period of time AP1 send
Joining success response, in this case, AP2 can response be decrypted to the match is successful, obtains PMK1, it is allowed to STA is carried out quickly
Roaming, i.e. STA can use PMK1 quickly to associate with AP2.
If because of certain reason (such as AP1 fault), AP2 (can be according to practical situation or empirical value in certain period of time
Arrange) response that do not receives that the match is successful, then refuse the association request of STA, and notify that STA re-starts wireless authentication.
In sum, the technical scheme in the embodiment of the present invention, by managing associated key dispersion storage to same AC
Under AP on, thus the associated key mark carried in AP detects the local association request not existing and sending with STA is mutually
During the associated key joined, it is possible to get associated key from the AP associated with this STA, thus substantially increase the utilization of resources
Rate and fast roaming success rate, improve Consumer's Experience effectively.
On the basis of above-described embodiment, present invention also offers a kind of radio roaming device, be applied on AP.
With reference to Fig. 3, it is shown that one of structured flowchart of the present invention a kind of radio roaming device embodiment, specifically can include
Such as lower module:
Receiver module 31, for receiving the association request that terminal STA sends.
Matching module 32, during for carrying associated key mark in association request, determines that STA is roaming STA, and will
Associated key mark mate with locally stored associated key, associated key be designated STA according at least to self with associate
When the AP crossed is associated, the associated key of distribution generates.
First permissions module 33, for when the matching result of matching module 32 is that the match is successful, it is allowed to STA is carried out quickly
Roaming.
Sending module 34, for when the matching result of matching module 32 is that it fails to match, to the Access Control belonging to AP
Other AP of device AC management sends the matching request carrying associated key mark, so that associated key is identified and it by other AP
Associated key locally stored for its AP mates.
Optionally, in a preferred embodiment of the invention, sending module 34 can be further used for:
Sent to other AP that the AC belonging to AP manages by the communication port set up with other AP and carry associated key
The matching request of mark, or,
Carried the matching request of associated key mark to other AP transmission that the AC belonging to AP manages by AC.
With continued reference to Fig. 3, radio roaming device also includes the second permissions module 35, for receiving it in Preset Time
During response that its AP sends that the match is successful, it is allowed to STA carries out fast roaming.
With reference to Fig. 4, in a preferred embodiment of the invention, on the basis of Fig. 3, radio roaming device also includes:
Notification module 36, for do not receive in Preset Time other AP send the match is successful response time, notify STA
Re-start wireless authentication.
With reference to Fig. 5, in a preferred embodiment of the invention, on the basis of Fig. 3, matching module 32 specifically includes:
First generates submodule 51, for according to locally stored each associated key, generating corresponding associated key mark
Knowing, wherein, it is identical with the generating mode of STA generation associated key mark that AP generates the generating mode of each associated key mark.
First judges submodule 52, for judging whether the associated key generated mark exists associated key mark, and
When being judged as YES, it is determined that the match is successful.When being judged as NO, it is determined that it fails to match.
With reference to Fig. 6, in a preferred embodiment of the invention, on the basis of Fig. 3, matching module 32 can also wrap
Include:
Second generates submodule 61, for according to the STA's carried in locally stored each associated key, association request
Address information and BSSID, generate corresponding associated key mark, and wherein, AP generates the generating mode of each associated key mark
The generating mode generating associated key mark with STA is identical.
Second judges submodule 62, for judging whether to exist in the associated key generated mark associated key mark.And
When being judged as YES, it is determined that the match is successful, when being judged as NO, it is determined that it fails to match.
With reference to Fig. 7, in a preferred embodiment of the invention, on the basis of Fig. 3, matching module 32 can also wrap
Include:
3rd judges submodule 71, for judging that the associated key that locally stored each associated key is corresponding in identifying is
The no associated key that exists identifies, and when being judged as NO, it is determined that it fails to match, and wherein, the association that each associated key is corresponding is close
Key is designated what AP generated according to each associated key, the address information of STA that each associated key is corresponding and BSSID, and AP is raw
The generating mode that the generating mode becoming each associated key to identify generates associated key mark with STA is identical.
Comparison sub-module 74, for when the 3rd judges the judged result of submodule 73 as being, by locally stored with pass
The address information carried in associated key, address information and BSSID, with association request that connection key identification is corresponding and BSSID
Compare one by one., and compare whole identical time, determine that the match is successful, when comparing at least one and differing, determine
It fails to match.
In sum, the radio roaming device in the embodiment of the present invention, by by associated key dispersion storage to same AC
On AP under Guan Li, thus the associated key mark carried in AP detects the local association request not existing and sending with STA
During the associated key matched, it is possible to get associated key from the AP associated with this STA, thus substantially increase resource
Utilization rate and fast roaming success rate, improve Consumer's Experience effectively.
For device embodiment, due to itself and embodiment of the method basic simlarity, so describe is fairly simple, relevant
Part sees the part of embodiment of the method and illustrates.
Each embodiment in this specification all uses the mode gone forward one by one to describe, what each embodiment stressed is with
The difference of other embodiments, between each embodiment, identical similar part sees mutually.
Those skilled in the art are it should be appreciated that the embodiment of the embodiment of the present invention can be provided as method, device or calculate
Machine program product.Therefore, the embodiment of the present invention can use complete hardware embodiment, complete software implementation or combine software and
The form of the embodiment of hardware aspect.And, the embodiment of the present invention can use one or more wherein include computer can
With in the computer-usable storage medium (including but not limited to disk memory, CD-ROM, optical memory etc.) of program code
The form of the computer program implemented.
The embodiment of the present invention is with reference to method, terminal unit (system) and computer program according to embodiments of the present invention
The flow chart of product and/or block diagram describe.It should be understood that can be by computer program instructions flowchart and/or block diagram
In each flow process and/or the flow process in square frame and flow chart and/or block diagram and/or the combination of square frame.These can be provided
Computer program instructions sets to general purpose computer, special-purpose computer, Embedded Processor or other programmable data processing terminals
Standby processor is to produce a machine so that held by the processor of computer or other programmable data processing terminal equipment
The instruction of row produces for realizing in one flow process of flow chart or multiple flow process and/or one square frame of block diagram or multiple square frame
The device of the function specified.
These computer program instructions may be alternatively stored in and can guide computer or other programmable data processing terminal equipment
In the computer-readable memory worked in a specific way so that the instruction being stored in this computer-readable memory produces bag
Including the manufacture of command device, this command device realizes in one flow process of flow chart or multiple flow process and/or one side of block diagram
The function specified in frame or multiple square frame.
These computer program instructions also can be loaded on computer or other programmable data processing terminal equipment so that
On computer or other programmable terminal equipment, execution sequence of operations step is to produce computer implemented process, thus
The instruction performed on computer or other programmable terminal equipment provides for realizing in one flow process of flow chart or multiple flow process
And/or the step of the function specified in one square frame of block diagram or multiple square frame.
Although having been described for the preferred embodiment of the embodiment of the present invention, but those skilled in the art once knowing base
This creativeness concept, then can make other change and amendment to these embodiments.So, claims are intended to be construed to
The all changes including preferred embodiment and falling into range of embodiment of the invention and amendment.
Finally, in addition it is also necessary to explanation, in this article, the relational terms of such as first and second or the like be used merely to by
One entity or operation separate with another entity or operating space, and not necessarily require or imply these entities or operation
Between exist any this reality relation or order.And, term " includes ", " comprising " or its any other variant meaning
Containing comprising of nonexcludability, so that include that the process of a series of key element, method, article or terminal unit not only wrap
Include those key elements, but also include other key elements being not expressly set out, or also include for this process, method, article
Or the key element that terminal unit is intrinsic.In the case of there is no more restriction, by wanting that statement " including ... " limits
Element, it is not excluded that there is also other identical element in including the process of described key element, method, article or terminal unit.
Above to a kind of wireless roaming method provided by the present invention and device, it is described in detail, used herein
Principle and the embodiment of the present invention are set forth by specific case, and the explanation of above example is only intended to help to understand
The method of the present invention and core concept thereof;Simultaneously for one of ordinary skill in the art, according to the thought of the present invention, at tool
All will change on body embodiment and range of application, in sum, this specification content should not be construed as the present invention
Restriction.