CN106385397B - Method and device for access control and type configuration of network access equipment - Google Patents
Method and device for access control and type configuration of network access equipment Download PDFInfo
- Publication number
- CN106385397B CN106385397B CN201510466740.9A CN201510466740A CN106385397B CN 106385397 B CN106385397 B CN 106385397B CN 201510466740 A CN201510466740 A CN 201510466740A CN 106385397 B CN106385397 B CN 106385397B
- Authority
- CN
- China
- Prior art keywords
- access
- equipment
- identifier
- public
- network access
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
- H04L67/025—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP] for remote control or remote monitoring of applications
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Telephonic Communication Services (AREA)
Abstract
The invention relates to a method and a device for controlling access and configuring types of network access equipment, wherein the method for controlling access of the network access equipment comprises the following steps: receiving a device public request carrying a device identifier corresponding to the first user identifier; the first user identification and the equipment identification have an equipment binding relationship; configuring the device type corresponding to the device identification from a default private device type to a public device type according to the device publicizing request; receiving a first equipment access request carrying an equipment identifier; detecting the equipment type corresponding to the equipment identification carried by the first equipment access request; and when the public equipment type is detected, allowing access to the network access equipment corresponding to the equipment identification. The method and the device for controlling the access and the type configuration of the network access equipment can ensure that more users can use the network access equipment on the premise of ensuring the safety. The user can conveniently make the network access device public, and the operation convenience is improved.
Description
Technical Field
The invention relates to the technical field of internet, in particular to a method and a device for access control and type configuration of network access equipment.
Background
The Internet of things is an important component of a new generation of information technology, and The English name of The Internet of things is 'The Internet of things', which means The Internet with connected objects. The core and foundation of the internet of things is still the internet, which is an extended and expanded network on the basis of the internet, and the internet of things enables the internet based on the user terminal to be extended and expanded to the information exchange and communication between the user terminal and the goods and between the goods.
At present, equipment manufacturers can implant network modules into equipment such as sockets, cameras, air conditioners, refrigerators, watches and the like to manufacture network access equipment. The network access equipment can be accessed to the open platform by the access equipment, and the user can remotely control the network access equipment by the user terminal by accessing the user terminal to the open platform by the access equipment.
However, in order to ensure the security of the network access device, the network access device is bound to the actual owner of the network access device, and the access of the user to the network access device needs to be strictly authenticated, which results in that the scope of the user accessing the network access device is strictly limited, and the strict authentication also causes inconvenience to the user accessing the network access device.
Disclosure of Invention
Based on this, it is necessary to provide a method and an apparatus for controlling access to a network access device and configuring types of the network access device, aiming at the problem that the scope of users accessing the network access device is strictly limited at present.
A network access device access control method, the method comprising:
receiving a device public request carrying a device identifier corresponding to the first user identifier; the first user identification and the equipment identification have equipment binding relation;
configuring the device type corresponding to the device identification from a default private device type to a public device type according to the device publicizing request;
receiving a first equipment access request carrying the equipment identification;
detecting the device type corresponding to the device identification carried by the first device access request;
and when the public equipment type is detected, allowing access to the network access equipment corresponding to the equipment identification.
A network access device access control apparatus, the apparatus comprising:
the device publicizing request receiving module is used for receiving a device publicizing request which corresponds to the first user identifier and carries the device identifier; the first user identification and the equipment identification have equipment binding relation;
a public configuration module, configured to configure, according to the device public request, a device type corresponding to the device identifier from a default private device type to a public device type;
a first device access request receiving module, configured to receive a first device access request carrying the device identifier;
the detection module is used for detecting the equipment type corresponding to the equipment identifier carried by the first equipment access request;
and the decision module is used for allowing the access to the network access equipment corresponding to the equipment identification when the public equipment type is detected.
According to the method and the device for controlling the access of the network access equipment, the first user identification and the equipment identification have the equipment binding relationship, and the user has the management authority for the network access equipment corresponding to the equipment identification. The device type corresponding to the device identification is defaulted to be a private device type, and the user is allowed to have private access. When receiving a device publicizing request carrying a device identifier corresponding to a first user identifier, indicating that a user wishes to disclose a network access device of the device identifier, at this time, configuring a device type corresponding to the device identifier as a public device type. When a first device access request sent by other users is received, the first device access request can be allowed according to the public device type of the network access device. Therefore, the default of the network access equipment is the private equipment type, and the safety of the network access equipment can be ensured; the network access equipment is changed into a public equipment type under the equipment public request of the user, so that the access right of the network access equipment is public under the authorization of the equipment owner, and more users can use the network access equipment on the premise of ensuring the safety.
A method of network access device type configuration, the method comprising:
the method comprises the steps that a network access device configuration page of the instant messaging application is configured, and a corresponding network access device public control is drawn according to a device identifier which has a device binding relationship with a first user identifier;
detecting the operation of the network access equipment commonization control, and triggering an equipment commonization request which corresponds to the first user identification and carries the equipment identification;
and sending the equipment publicizing request to an equipment access open platform, so that the equipment access open platform configures the equipment type corresponding to the equipment identification from a default private equipment type to a public equipment type.
An apparatus for network access device type configuration, the apparatus comprising:
the network access equipment configuration page management module is used for configuring a page of the network access equipment of the instant messaging application and drawing a corresponding network access equipment commonization control according to the equipment identification which has an equipment binding relationship with the first user identification;
the device publicizing request triggering module is used for detecting the operation on the network access device publicizing control and triggering a device publicizing request which corresponds to the first user identifier and carries the device identifier;
and the equipment publicizing request sending module is used for sending the equipment publicizing request to an equipment access open platform, so that the equipment access open platform configures the equipment type corresponding to the equipment identifier from a default private equipment type to a public equipment type.
According to the method and the device for configuring the type of the network access equipment, the user can configure the type of the network access equipment by using the instant messaging application. The network access equipment configuration page provided by the instant messaging application can show the network access equipment information and the network access equipment commonization control. When the operation of the user on the network access equipment commonization control is detected, an equipment commonization request which corresponds to the first user identification and carries the equipment identification can be triggered and sent to the equipment access open platform. And the equipment access open platform configures the network access equipment from a default private equipment type to a public equipment type according to the equipment public request. Therefore, the user can convert the owned network access equipment into the public equipment type by one key through the instant messaging application, so that the user can conveniently make the network access equipment public, and the operation convenience is improved.
Drawings
FIG. 1 is an environmental diagram of an Internet of things communication system in one embodiment;
FIG. 2 is a schematic diagram illustrating an internal structure of an embodiment of an open platform for device access;
FIG. 3 is a diagram illustrating an internal structure of a user terminal according to an embodiment;
FIG. 4 is a diagram illustrating an internal architecture of a network access device in one embodiment;
fig. 5 is a flowchart illustrating a method for controlling access to a network access device according to an embodiment;
FIG. 6 is a flowchart illustrating the steps of processing a second device access request in one embodiment;
FIG. 7 is a flowchart illustrating the steps of processing a third device access request in one embodiment;
fig. 8 is a flowchart illustrating a method for configuring a type of a network access device according to an embodiment;
FIG. 9 is a diagram of a contacts page of the instant messaging application in one embodiment;
FIG. 10 is a diagram of a message session page corresponding to a device identifier in one embodiment;
FIG. 11 is a diagram illustrating a device details page corresponding to a device identifier, in accordance with an embodiment;
fig. 12 is a flowchart illustrating a method for configuring a type of a network access device according to an embodiment;
fig. 13 is a block diagram showing the structure of an access control apparatus of a network access device according to an embodiment;
FIG. 14 is a block diagram of the structure of a decision module in one embodiment;
fig. 15 is a block diagram showing the structure of an access control apparatus of a network access device in another embodiment;
fig. 16 is a block diagram showing the structure of an access control apparatus of a network access device in a further embodiment;
fig. 17 is a block diagram showing the configuration of the network access device type configuration apparatus in one embodiment;
fig. 18 is a block diagram of a configuration apparatus for network access device type configuration in another embodiment.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
As shown in fig. 1, in one embodiment, an internet of things communication system 100 is provided and includes a device access open platform 102, a user terminal 104 and a network access device 106. The user terminal 104 in fig. 1 includes 104(1), 104(2) … … 104(n), where the corresponding users are user 1 and user 2 … …, and n is greater than or equal to 1; the network access device 106 includes 106(1), 106(2), 106(3), 106(4) … … 106(m), where m is greater than or equal to 1.
The device access open platform 102 includes one or more physical servers, and is a third-party platform that provides access services for the network access devices 106 of various manufacturers and provides an interface for the user terminal 104 to interact with the network access devices 106. The user terminal 104 is a terminal having a data processing function and directly operated by a user, and includes a computer, a mobile terminal, and the like, and the mobile terminal includes a mobile phone, a tablet computer, a PDA (personal digital assistant), and the like. The network access device 106 is a device that has a network access function and can be remotely controlled, and includes a watch, a socket, a camera, an air conditioner, a refrigerator, and the like that have a network access function.
As shown in fig. 2, in one embodiment, the device access open platform 102 includes a processor, a non-volatile storage medium, an internal memory, and a network interface. The processor has a computing function and a function of controlling the operation of the entire device access open platform 102, and is configured to execute a network access device access control method. Non-volatile storage media include magnetic storage media, optical storage media, and flash memory storage media. The nonvolatile storage medium stores an operating system and a network access device access control device, and the network access device access control device has a functional module for realizing a network access device access control method. The internal memory is used for providing cache for the operating system and the network access equipment access control device. The network interface is for connecting to a network.
As shown in fig. 3, in one embodiment, a user terminal 104 is provided that includes a processor, a non-volatile storage medium, an internal memory, a network interface, a display screen, and an input device connected by a system bus. Wherein the processor has a computing function and a function of controlling the operation of the entire user terminal 104, the processor being configured to perform a network access device type configuration method. Non-volatile storage media include magnetic storage media, optical storage media, and flash memory storage media. The nonvolatile storage medium stores an operating system and a network access device type configuration device, and the network access device type configuration device has a functional module for realizing a network access device type configuration method. The internal memory is used to provide a cache for the operating system and the network access device type configuration means. The display may be a liquid crystal display or an electronic ink display. The input device comprises a touch pad, a track ball, a mouse and a touch layer overlapped with the display screen, wherein the display screen and the touch layer form the touch screen. The network interface is used for connecting to a network.
As shown in fig. 4, in one embodiment, the network access device 106 is different from the user terminal 104, and is connected to the device access open platform 102 through a network directly or through a gateway; the network access device 106 may connect with the gateway through Zigbee (a short-range, low-power wireless communication technology), Z-wave (a radio frequency-based, low-power, network-adapted short-range wireless communication technology), BLE (a low-power bluetooth technology). In one embodiment, the network access device 106 includes a control chip and a work function module. The network access device 106 may be a network camera, a smart tv, a printer, a smart light bulb, a smart switch, etc. The working function module of the network camera at least has the function of capturing images, and the working function module of the intelligent television at least has the functions of receiving television program signals and playing television programs, and so on.
As shown in fig. 5, in an embodiment, a network access device access control method is provided, and this embodiment is illustrated by applying the method to the device access open platform 102 in fig. 1 and fig. 2. The method specifically comprises the following steps:
In particular, the first subscriber identity is used to uniquely identify the owner of the network access device, where the first subscriber identity is distinguished from a second subscriber identity, described below, that uniquely identifies the corresponding network access device. The first user identification and the device identification have a device binding relationship and represent the management authority of the user to the network access device. The user can establish the device binding relationship on the device access open platform in advance.
The device access open platform receives a device commonization request sent by a user terminal corresponding to the first user identifier, the device commonization request carries the device identifier, and the device commonization request is used for requesting the device access open platform to change the device type of the network access device corresponding to the device identifier, so that the access right to the network access device is disclosed in a limited way or completely.
Specifically, the device access open platform represents the public attribute of the network access device by recording the corresponding relationship between the device identifier and the device type. The device type includes a private device type and a public device type, the network access device of the private device type requires authorization corresponding to the first user identifier having a device binding relationship with the device identifier when accessing, and the network access device of the public device type can be accessed by other users in a limited or complete open manner.
Any network access device on the device access open platform is initialized to be corresponding to the default record of the corresponding device identifier as a private device type, and thus the network access device is initialized to be the private device type after being produced, and after a user performs binding operation to generate a device binding relationship, the user has management authority for the network access device.
In one embodiment, step 504 includes: according to the equipment commonization request, verifying whether a first user identifier corresponding to the equipment commonization request and a carried equipment identifier have an equipment binding relationship; if the device type has the device binding relationship, configuring the device type corresponding to the device identification from a default private device type to a public device type; and if the device does not have the device binding relationship, rejecting the device commonization request.
Specifically, the device access open platform receives a first device access request carrying a device identifier, where the first device access request is distinguished from second and third device access requests described below. The first device access request is an access request to a network access device of a common device type, and the first device access request can be an access request initiated by any user.
The device access request here may be a request to control the network access device, a request to send a message to the network access device, a request to pull information stored on the network access device, and so on. The request for controlling the network access equipment comprises a request for controlling the opening, closing and working states of the network access equipment, and the message sent by the request for sending the message comprises a text message, an image message, a video message and a combination thereof.
Specifically, after receiving any device access request, the device access open platform detects a device type corresponding to a device identifier carried by the device access request.
Specifically, after the device access open platform configures the device type corresponding to the device identifier as the public device type according to the device publicizing request, the device access open platform detects that the device type corresponding to the device identifier carried in the first device access request is the public device type, and at this time, the device access open platform may directly allow access to the network access device corresponding to the device identifier.
After the device access open platform allows access to the network access device corresponding to the device identifier, the device access open platform forwards the first device access request to the network access device corresponding to the device identifier carried in the first device access request, further receives a device access result fed back by the network access device, and returns the device access result to the user terminal initiating the first device access request.
In an embodiment, after allowing access to the network access device corresponding to the device identifier, the device access open platform may send a notification of allowing access to the user terminal that initiated the first device access request and the network access device corresponding to the device identifier, respectively, so that the user terminal and the network access device may directly establish a connection for communication after receiving the notification of allowing access.
In the method for controlling access to the network access device, if the first user identifier and the device identifier have a device binding relationship, the user has a management right for the network access device corresponding to the device identifier. The device type corresponding to the device identification is defaulted to be a private device type, and the user is allowed to have private access. When receiving a device publicizing request carrying a device identifier corresponding to a first user identifier, indicating that a user wishes to disclose a network access device of the device identifier, at this time, configuring a device type corresponding to the device identifier as a public device type. When receiving a first device access request sent by other users, the network access device corresponding to the access device identification can be allowed according to the public device type of the network access device. Therefore, the default of the network access equipment is the private equipment type, and the safety of the network access equipment can be ensured; the network access equipment is changed into a public equipment type under the equipment public request of the user, so that the access right of the network access equipment is public under the authorization of the equipment owner, and more users can use the network access equipment on the premise of ensuring the safety.
In one embodiment, after receiving a device personalization request carrying a device identifier corresponding to a first user identifier, a device access open platform configures a device type corresponding to the device identifier as a private device type. The equipment access open platform can be specifically verified according to the first user identifier, and after the verification is passed, the equipment type corresponding to the equipment identifier is configured into a private equipment type according to the equipment personalization request.
In one embodiment, the network access device access control method further includes: configuring a public access mode corresponding to the equipment identifier according to the equipment public request; step 510 includes: and when the public equipment type is detected, determining whether to allow access to the network access equipment corresponding to the equipment identification according to the public access mode corresponding to the equipment identification.
In particular, the public access mode is a mode in which the network access device is accessed by the public of the non-restricted device owner. In one embodiment, the public access mode includes at least one of a full public access mode, a limited white list access mode, a limited black list access mode, and a password authentication access mode.
The completely open access mode means that any user can access the network access equipment without limit; the time-limited public authority access mode means that other users, not the equipment owner, can access the network access equipment within a preset time limit range; the limited white list access mode means that other users in a preset white list, which are not the owner of the device, can access the network access device; the limited blacklist access mode means that a user in a preset blacklist cannot access the network access equipment; the password authentication access mode means that other users, not the device owner, need to provide a preset password to access the network access device.
The device publicizing request may specify a public access mode, so that after receiving the device publicizing request, the device access open platform may configure the public access mode corresponding to the device identifier as the public access mode specified by the device publicizing request according to the device publicizing request. The device access open platform can also directly configure the public access mode corresponding to the device identifier as a default public access mode according to the device public request. The user can also change the public access mode on the device access open platform.
When the device access open platform detects that the device identification corresponds to the public device type, whether the network access device corresponding to the device identification is allowed to be accessed is determined according to the public access mode corresponding to the device identification. And if the network access equipment corresponding to the equipment identifier is allowed to be accessed, forwarding the first equipment access request to the network access equipment corresponding to the equipment identifier carried by the first equipment access request, further receiving an equipment access result fed back by the network access equipment, and returning the equipment access result to the user terminal initiating the first equipment access request. If the network access device corresponding to the access device identifier is not allowed, that is, the network access device corresponding to the access device identifier is denied, feedback information of the denial request can be returned to the user terminal initiating the first device access request.
In one embodiment, the step of determining whether to allow access to the network access device corresponding to the device identifier according to the public access mode corresponding to the device identifier includes: and when the public access mode corresponding to the equipment identification is a complete public authority access mode, directly allowing the network access equipment corresponding to the equipment identification to be accessed.
Specifically, when the device access open platform detects that the device identifier corresponds to the public device type, and the public access mode corresponding to the device identifier is a fully public access mode, which indicates that the user gives all users access to the network access device when the network access device is made public, the device access open platform may directly allow the access to the network access device corresponding to the device identifier.
In one embodiment, the step of determining whether to allow access to the network access device corresponding to the device identifier according to the public access mode corresponding to the device identifier includes: when the public access mode corresponding to the equipment identifier is a time-limited public authority access mode, judging whether the current time is within a preset time limit range; if yes, allowing the access equipment to identify the corresponding network access equipment; and if not, the network access equipment corresponding to the equipment identification is refused to be accessed.
Specifically, when the device access open platform detects that the device identifier corresponds to the public device type and the public access mode corresponding to the device identifier is the time-limited public access mode, the device access open platform indicates that the network access device allows other users other than the device owner to access the network access device within a corresponding preset time limit range. The preset time limit ranges, for example, from 9 am to 6 pm of each day, or for example, saturday and sunday of each week, etc.
In one embodiment, the step of determining whether to allow access to the network access device corresponding to the device identifier according to the public access mode corresponding to the device identifier includes: when the public access mode corresponding to the equipment identifier is a limited white list access mode, judging whether a second user identifier carried by the first equipment access request is in a preset white list, and if so, allowing access to the network access equipment corresponding to the equipment identifier; and if not, the network access equipment corresponding to the equipment identification is refused to be accessed.
Specifically, the second user identifier is distinguished from the first user identifier, and when the device access open platform detects that the device identifier corresponds to the public device type, the device access open platform acquires the second user identifier carried by the first device access request, and then judges whether the acquired second user identifier is in a preset white list. The preset white list is generated by user editing and comprises user identifications corresponding to users allowed to access the network access equipment. Therefore, the device access open platform can determine whether to allow or deny access to the network access device corresponding to the device identifier according to the preset white list.
In one embodiment, the step of determining whether to allow access to the network access device corresponding to the device identifier according to the public access mode corresponding to the device identifier includes: when the public access mode corresponding to the equipment identifier is a limited blacklist access mode, judging whether a second user identifier carried by the first equipment access request is in a preset blacklist, and if so, refusing to access the network access equipment corresponding to the equipment identifier; and if not, allowing the access equipment to identify the corresponding network access equipment.
Specifically, the second user identifier is distinguished from the first user identifier, and when the device access open platform detects that the device identifier corresponds to the public device type, the device access open platform acquires the second user identifier carried by the first device access request, and then judges whether the acquired second user identifier is in a preset blacklist. The preset blacklist is generated by editing the user and comprises a user identifier corresponding to the user which is not allowed to access the network access equipment. Therefore, the device access open platform can determine whether to allow or deny access to the network access device corresponding to the device identifier according to the preset blacklist.
In one embodiment, the step of determining whether to allow access to the network access device corresponding to the device identifier according to the public access mode corresponding to the device identifier includes: when the public access mode corresponding to the equipment identifier is a password verification access mode, acquiring an input password corresponding to the first equipment access request and a preset password corresponding to the equipment identifier; comparing whether the input password is consistent with a preset password or not; if the network access equipment is consistent with the network access equipment, the network access equipment corresponding to the access equipment identifier is allowed to access; and if not, rejecting the network access equipment corresponding to the access equipment identification.
Specifically, when the device access open platform detects that the device identifier corresponds to the public device type and the public access mode corresponding to the device identifier is a password authentication access mode, a password input instruction can be returned to the user terminal initiating the first device access request, so that the user terminal displays a password input box according to the password input instruction, obtains characters input in the password input box as an input password, and sends the input password to the device access open platform. And the equipment access open platform compares whether the input password is consistent with the preset password or not, so that whether the network access equipment corresponding to the equipment identification is allowed or refused to be accessed is determined according to the comparison result. The device access open platform can also directly extract the input password from the first device access request, and then compares whether the input password is consistent with the preset password.
In the embodiments, the device access open platform can provide a plurality of public access modes for users to select, so that the users can control whether the network access device is completely open or is accessed by other users with limited open authority, and the users can manage the network access device conveniently.
As shown in fig. 6, in an embodiment, step 502 further includes a step of processing the access request of the second device, and specifically includes the following steps:
In particular, the second device access request is a device access request for a user to access a network access device of the private device type. And the equipment access open platform receives a second equipment access request which is sent by a user terminal corresponding to the first user identifier and carries the first user identifier and the equipment identifier.
And after receiving the second equipment access request, the equipment access open platform detects the equipment type corresponding to the equipment identifier carried by the second equipment access request, and if the private equipment type is detected, the equipment access open platform verifies the second equipment access request according to the first user identifier.
The device access open platform verifies the second device access request according to the first user identifier, specifically, a login credential corresponding to the first user identifier in the second device access request can be obtained, and validity verification is performed on the login credential. The validity verification includes verifying whether the current time is within a valid login time range represented by the login credential, verifying whether the login credential is a first user-identified login credential, and the like. The device access open platform can also verify the device binding relationship between the first user identifier and the device identifier.
Specifically, after the second device access request is verified, the device access open platform may directly allow the network access device corresponding to the access device identifier, forward the second device access request to the network access device corresponding to the device identifier carried in the second device access request, and feed back the device access result fed back by the network access device to the user terminal initiating the second device access request. After the verification of the second device access request fails, the device access open platform may send feedback information of a request rejection to the user terminal initiating the second device access request.
In this embodiment, the owner of the network access device can freely access the network access device of the private device type, and the device access open platform can allow the user to access the network access device after verifying the second device access request according to the first user identifier, thereby ensuring the security of accessing the network access device.
As shown in fig. 7, in an embodiment, step 502 further includes a step of processing a third device access request, specifically including the following steps:
In particular, the third device access request is a device access request by another user other than the device owner to access the private device type of network access device. And the equipment access open platform receives a third equipment access request which is initiated by the user terminal corresponding to the second user identification and carries the second user identification and the equipment identification.
Specifically, after receiving a third device access request, the device access open platform detects a device type corresponding to a device identifier carried by the third device access request, and if a private device type is detected, obtains a first user identifier having a device binding relationship with the device identifier.
Specifically, the authorization request is a request for authorization of the device owner, and the authorization result is a result of whether the device owner is authorized according to the feedback of the authorization request. The device is accessed to the open platform to generate an authorization application and send the authorization application to the user terminal corresponding to the first user identification, and an authorization result fed back by the user terminal corresponding to the first user identification is received.
The authorization application can carry the device identifier and the second user identifier, so that after the user terminal corresponding to the first user identifier receives the authorization application, the network access device information corresponding to the device identifier and the user information corresponding to the second user identifier are displayed, and the control for confirming authorization and the control for rejecting authorization are displayed. The network access equipment information comprises information such as equipment name, equipment model and equipment function introduction, and the user information comprises information such as user name, user level, user login place and whether the owner of the equipment is in friend relationship.
When detecting the operation of the user on the control for confirming the authorization, the user terminal corresponding to the first user identifier triggers an authorization result for confirming the authorization and sends the authorization result to the equipment access open platform; when detecting the operation of the user on the control for rejecting the authorization, the user terminal corresponding to the first user identifier triggers an authorization result for rejecting the authorization and sends the authorization result to the device access open platform.
Specifically, the authorization result includes a confirmation authorization and a denial authorization. After receiving an authorization result representing that authorization is confirmed, the equipment access open platform allows access to the network access equipment corresponding to the equipment identifier; and after the device access open platform receives an authorization result indicating that authorization is refused, refusing to access the network access device corresponding to the device identifier.
In one embodiment, the device access open platform may directly deny access to the network access device corresponding to the device identifier if the corresponding authorization result is not received after the authorization application is issued for more than a preset time. Wherein the preset time period may be 5 seconds or 10 seconds, for example.
In this embodiment, when other users other than the device owner attempt to access the network access device, the device access open platform may apply for authorization from the device owner to ensure the access security of the network access device.
As shown in fig. 8, in an embodiment, a method for configuring a network access device type is provided, and this embodiment is illustrated by applying the method to the user terminal 104 in fig. 1 and fig. 3. The method specifically comprises the following steps:
step 802, configuring a page for the network access device of the instant messaging application, and drawing a corresponding network access device commonization control according to the device identifier having the device binding relationship with the first user identifier.
The first user identification and the device identification have a device binding relationship and represent the management authority of the user to the network access device. The user can establish the device binding relationship on the device access open platform in advance. The user corresponding to the first user identification logs in the instant messaging application on the user terminal, the user terminal obtains and displays corresponding network access equipment information according to the equipment identification which has equipment binding relation with the currently logged first user identification in the instant messaging application, and draws a network access equipment public control corresponding to the equipment identification on a network access equipment configuration page.
Wherein the network access device configuration page is a page provided by the instant messaging application for configuring the network access device. The network access equipment information is used for directly providing the detail information of the corresponding network access equipment for the user, and can provide a basis for whether the user publicizes the network access equipment, and the network access equipment information comprises information such as equipment name, equipment model and equipment function introduction. The network access equipment commonization control corresponding to the equipment identifier is a switch control for triggering an equipment commonization request. The switch control is a control having on and off functions, such as a checkbox or a slider.
For example, referring to fig. 9, a user terminal corresponding to a first user identifier displays a contact page of an instant messaging application, and may display, under the category of "my device", network access device information corresponding to a device identifier having a device binding relationship with the first user identifier, such as information shown in fig. 9, such as "my television" and "my camera". If the user clicks the corresponding network access device information, for example, clicks "my camera", then, correspondingly, the user terminal detects an operation on the displayed network access device information, and triggers a message session page corresponding to the device identifier corresponding to the operation, as shown in fig. 10.
A user terminal corresponding to a first user identifier displays a message editing page 1001 on a message session page, where the message editing page 1001 may serve as a network access device configuration page, and a network access device commonization control component 1002 corresponding to the device identifier is displayed in the network access device configuration page.
Alternatively, the user terminal corresponding to the first user identifier may display the device details control on the message session page, and after detecting the operation on the device details control, enter the device details page as shown in fig. 11, where the device details page may serve as a network access device configuration page, and display the network access device commonization control 1101 corresponding to the device identifier
Specifically, after detecting an operation on the network access device commonization control, such as clicking, sliding, or double-clicking, a user terminal corresponding to the first user identifier may directly trigger a device commonization request carrying the device identifier and corresponding to the first user identifier.
Step 806, sending the device publicizing request to the device access open platform, so that the device access open platform configures the device type corresponding to the device identifier from the default private device type to the public device type.
Specifically, the user terminal corresponding to the first user identifier sends the device commonization request to the device access open platform. The device access open platform receives a device commonization request sent by a user terminal corresponding to the first user identifier, the device commonization request carries the device identifier, and the device commonization request is used for requesting the device access open platform to change the device type of the network access device corresponding to the device identifier, so that the access right to the network access device is disclosed in a limited way or completely.
And the device access open platform represents the public attribute of the network access device by recording the corresponding relation between the device identification and the device type. The device type includes a private device type and a public device type, the network access device of the private device type requires authorization corresponding to the first user identifier having a device binding relationship with the device identifier when accessing, and the network access device of the public device type can be accessed by other users in a limited or complete open manner.
Any network access device on the device access open platform is initialized to be corresponding to the default record of the corresponding device identifier as a private device type, and thus the network access device is initialized to be the private device type after being produced, and after a user performs binding operation to generate a device binding relationship, the user has management authority for the network access device.
In one embodiment, the device access open platform verifies whether a first user identifier corresponding to the device publicizing request and a carried device identifier have a device binding relationship according to the device publicizing request; if the device type has the device binding relationship, configuring the device type corresponding to the device identification from a default private device type to a public device type; and if the device does not have the device binding relationship, rejecting the device commonization request.
According to the network access equipment type configuration method, the user can configure the equipment type of the network access equipment by using the instant messaging application. The network access equipment configuration page provided by the instant messaging application can show the network access equipment information and the network access equipment commonization control. When the operation of the user on the network access equipment commonization control is detected, an equipment commonization request which corresponds to the first user identification and carries the equipment identification can be triggered and sent to the equipment access open platform. And the equipment access open platform configures the network access equipment from a default private equipment type to a public equipment type according to the equipment public request. Therefore, the user can convert the owned network access equipment into the public equipment type by one key through the instant messaging application, so that the user can conveniently make the network access equipment public, and the operation convenience is improved.
In one embodiment, after detecting the second operation on the network access device commonization control, the user terminal corresponding to the first user identifier triggers a device privatization request carrying the device identifier and corresponding to the first user identifier. The user terminal sends the device personalization request to the device access open platform, so that the device access open platform configures the device type corresponding to the device identifier into the private device type after receiving the device personalization request which is corresponding to the first user identifier and carries the device identifier. The equipment access open platform can be specifically verified according to the first user identifier, and after the verification is passed, the equipment type corresponding to the equipment identifier is configured into a private equipment type according to the equipment personalization request.
As shown in fig. 12, in an embodiment, a method for configuring a type of a network access device specifically includes the following steps:
Specifically, referring to fig. 11, the user terminal corresponding to the first user identifier may detect an operation on the network access device commonization control after the network access device configuration page shows the network access device commonization control. And after detecting the operation on the public control of the network access equipment, the user terminal displays the selectable public access mode, and further detects the selection operation on the selectable public access mode so as to trigger a public access mode configuration instruction.
The public access mode configuration instruction is an instruction for configuring a public access mode and related information. Specifically, the public access mode configuration instruction includes a designation of a full public access mode or a limited public access mode. If the access mode is limited public authority, a limited public authority access mode, a limited white list access mode, a limited black list access mode or a password verification access mode can be specified, and a corresponding preset time limit range, a preset white list, a preset black list or a preset password also needs to be specified.
In particular, the public access mode is a mode in which the network access device is accessed by the public of the non-restricted device owner. In one embodiment, the public access mode includes at least one of a full public access mode, a limited white list access mode, a limited black list access mode, and a password authentication access mode.
The completely open access mode means that any user can access the network access equipment without limit; the time-limited public authority access mode means that other users, not the equipment owner, can access the network access equipment within a preset time limit range; the limited white list access mode means that other users in a preset white list, which are not the owner of the device, can access the network access device; the limited blacklist access mode means that a user in a preset blacklist cannot access the network access equipment; the password authentication access mode means that other users, not the device owner, need to provide a preset password to access the network access device.
And step 1208, sending the device publicizing request to the device access open platform, enabling the device access open platform to configure the device type corresponding to the device identifier from the default private device type to the public device type, and configuring the public access mode corresponding to the device identifier according to the device publicizing request.
The device publicizing request may specify a public access mode, so that after receiving the device publicizing request, the device access open platform may configure the public access mode corresponding to the device identifier as the public access mode specified by the device publicizing request according to the device publicizing request. The device access open platform can also directly configure the public access mode corresponding to the device identifier as a default public access mode according to the device public request. The user can also change the public access mode on the device access open platform.
In the embodiment, the device access open platform can provide various public access modes for users to select, so that the users can control whether the network access device is completely open or is accessed by other users with limited open authority, and the users can conveniently manage the network access device.
In one embodiment, the network access device type configuration method further includes: sending an equipment access request carrying an equipment identifier to an equipment access open platform, so that when the equipment access open platform detects that the equipment type corresponding to the equipment identifier is a public equipment type, determining whether to allow access to network access equipment corresponding to the equipment identifier according to a public access mode corresponding to the equipment identifier; and receiving the device access result fed back by the device access open platform.
Specifically, the device access request here is a first device access request in the network access device access control method. The device access open platform receives a device access request carrying a device identifier, wherein the device access request is an access request to a network access device of a public device type, and the device access request can be an access request initiated by any user.
The device access request here may be a request to control the network access device, a request to send a message to the network access device, a request to pull information stored on the network access device, and so on. The request for controlling the network access equipment comprises a request for controlling the opening, closing and working states of the network access equipment, and the message sent by the request for sending the message comprises a text message, an image message, a video message and a combination thereof.
After receiving any device access request, the device access open platform detects the device type corresponding to the device identifier carried by the device access request. And when the public equipment type is detected, directly allowing the access equipment to identify the corresponding network access equipment. And after the device access open platform allows the access to the network access device corresponding to the device identifier, forwarding the device access request to the network access device corresponding to the device identifier carried by the device access request, further receiving a device access result fed back by the network access device, and returning the device access result to the user terminal initiating the device access request.
In this embodiment, the network access device is changed to the public device type under the device publicizing request of the user, so that the access right of the network access device is publicized under the authorization of the device owner, and more users can use the network access device on the premise of ensuring the security.
In an embodiment, the user terminal corresponding to the first user identifier may further send a second device access request carrying the first user identifier and the device identifier to the device access open platform, so that when the device access open platform detects that the device identifier carried in the second device access request corresponds to the private device type, the second device access request is verified according to the first user identifier; determining whether to allow the network access equipment corresponding to the equipment identification to be accessed according to the verification result; and receiving a device access result corresponding to the second device access request fed back by the device access open platform.
The principle of the network access device type configuration method and the network access device access control method is described below with a specific application scenario. The method comprises the following specific steps:
referring to fig. 1 and 9, the user 1 logs in the instant messaging application at the user terminal 104(1), and the user 2 also logs in the instant messaging application at the user terminal 104 (2). If the first user identifier of the user 1 and the second user identifier of the user 2 have a social friend relationship, or the user 1 shares the network camera with the user 2 in advance, the user 2 may send, to the device access open platform through the user terminal 104(2), a third device access request carrying the second user identifier, which corresponds to the device identifier of the network camera. When the device access open platform detects that the device identifier corresponds to the private device type, an authorization application is generated and sent to the user terminal 104 (1). After the user terminal 104(1) performs the authorization confirmation, the user 1 returns the authorization result of the authorization confirmation to the user terminal 104 (2). The user terminal 104(2) allows the access device to identify the corresponding network access device after receiving the authorization result.
The user 1 may see "my device" in the contact page of the user terminal 104(1), and after clicking, the user terminal 104(1) may display information of all network access devices bound by the current user, specifically, "my television" and "my camera" in fig. 9, where the corresponding network access devices are a television and a network camera. The user 1 clicks on my camera to enter the message session page of the webcam as shown in fig. 10.
The first user identification of the user 1 and the equipment identification of the network camera have a binding relationship, so that the user 1 has the authority of privately accessing the network camera, and the user 1 can interact with the my camera in the message session page. The user 1 clicks a network access device commonization control displayed in a message editing page of the message session page, further triggers a device commonization request which corresponds to the first user identifier and carries the device identifier, and sends the device commonization request to the device access open platform. Or the user 1 may click on the device details control in the message session page to enter the device details page, and further trigger a device commonization request carrying the device identifier corresponding to the first user identifier and send the device commonization request to the device access open platform.
The device access open platform receives a device publicizing request sent by a user terminal 104(1) corresponding to the first user identifier, and configures the device type corresponding to the device identifier from a default private device type to a public device type according to the device publicizing request. The equipment access open platform receives a first equipment access request carrying equipment identification, detects the equipment type corresponding to the equipment identification carried by the first equipment access request, and allows access to the network access equipment corresponding to the equipment identification when the public equipment type is detected. After the device access open platform allows access to the network access device corresponding to the device identifier, the device access open platform forwards the first device access request to the network access device corresponding to the device identifier carried in the first device access request, and further receives a device access result fed back by the network access device, and returns the device access result to the user terminal 104(1) initiating the first device access request.
As shown in fig. 13, in an embodiment, a network access device access control apparatus 1300 is provided, which has functional modules for implementing the network access device access control methods of the foregoing embodiments. The network access device access control apparatus 1300 includes: a device publicizing request receiving module 1301, a publicizing configuration module 1302, a first device access request receiving module 1303, a detecting module 1304, and a deciding module 1305.
A device commonization request receiving module 1301, configured to receive a device commonization request carrying a device identifier corresponding to the first user identifier. The first user identification and the device identification have a device binding relationship.
A public configuration module 1302, configured to configure, according to the device public request, a device type corresponding to the device identifier from a default private device type to a public device type.
The first device access request receiving module 1303 is configured to receive a first device access request carrying a device identifier.
The detecting module 1304 is configured to detect a device type corresponding to the device identifier carried in the first device access request.
The decision module 1305 is configured to, when the public device type is detected, allow the access device to identify the corresponding network access device.
In an embodiment, the public configuration module 1302 is further configured to configure a public access manner corresponding to the device identifier according to the device public request.
The decision module 1305 is further configured to determine, when the public device type is detected, whether to allow the access to the network access device corresponding to the device identifier according to a public access manner corresponding to the device identifier.
As shown in fig. 14, in an embodiment, the decision module 1305 includes at least one of a full public authority access mode processing module 1305a, a limited time public authority access mode processing module 1305b, a limited white list access mode processing module 1305c, a limited black list access mode processing module 1305d, and a password verification access mode processing module 1305 e.
The full disclosure authority access mode processing module 1305a is configured to directly allow the access device to access the network access device corresponding to the device identifier when the public access mode corresponding to the device identifier is the full disclosure authority access mode.
The time-limited public access manner processing module 1305b is configured to, when the public access manner corresponding to the device identifier is the time-limited public access manner, determine whether the current time is within a preset time limit range; if yes, allowing the access equipment to identify the corresponding network access equipment; and if not, the network access equipment corresponding to the equipment identification is refused to be accessed.
The limited white list access mode processing module 1305c is configured to, when the public access mode corresponding to the device identifier is a limited white list access mode, determine whether a second user identifier carried by the first device access request is in a preset white list, and if so, allow access to the network access device corresponding to the device identifier; and if not, the network access equipment corresponding to the equipment identification is refused to be accessed.
The limited blacklist access mode processing module 1305d is configured to, when the public access mode corresponding to the device identifier is a limited blacklist access mode, determine whether a second user identifier carried by the first device access request is in a preset blacklist, and if so, deny access to the network access device corresponding to the device identifier; and if not, allowing the access equipment to identify the corresponding network access equipment.
The password authentication access mode processing module 1305e is configured to, when the public access mode corresponding to the device identifier is a password authentication access mode, obtain an input password corresponding to the first device access request and a preset password corresponding to the device identifier; comparing whether the input password is consistent with a preset password or not; if the network access equipment is consistent with the network access equipment, the network access equipment corresponding to the access equipment identifier is allowed to access; and if not, rejecting the network access equipment corresponding to the access equipment identification.
As shown in fig. 15, in an embodiment, the network access device access control apparatus 1300 further includes: a second device access request receiving module 1306 and a second device access request verifying module 1307.
A second device access request receiving module 1306, configured to receive a second device access request carrying the first user identifier and the device identifier.
The detecting module 1304 is configured to detect a device type corresponding to the device identifier carried in the second device access request.
The second device access request verifying module 1307 is configured to verify the second device access request according to the first user identifier when detecting that the device identifier carried in the second device access request corresponds to the private device type.
The decision module 1305 is further configured to allow the access device to identify the corresponding network access device after the second device access request is verified.
As shown in fig. 16, in an embodiment, the network access device access control apparatus 1300 further includes: a third device access request receiving module 1308, a first subscriber identity obtaining module 1309, and an authorization application module 1310.
A third device access request receiving module 1308, configured to receive a third device access request carrying the second user identifier and the device identifier.
The detecting module 1304 is configured to detect a device type corresponding to the device identifier carried in the third device access request.
A first user identifier obtaining module 1309, configured to obtain a first user identifier having a device binding relationship with a device identifier when detecting that the device identifier carried in the third device access request corresponds to the private device type;
the authorization application module 1310 is configured to generate an authorization application, send the authorization application to a user terminal corresponding to the first user identifier, and receive an authorization result fed back by the user terminal.
The decision module 1305 is further configured to determine whether to allow the access device to identify the network access device corresponding to the access device according to the authorization result.
In the network access device access control apparatus 1300, if the first user identifier and the device identifier have a device binding relationship, the user has a management right for the network access device corresponding to the device identifier. The device type corresponding to the device identification is defaulted to be a private device type, and the user is allowed to have private access. When receiving a device publicizing request carrying a device identifier corresponding to a first user identifier, indicating that a user wishes to disclose a network access device of the device identifier, at this time, configuring a device type corresponding to the device identifier as a public device type. When a first device access request sent by other users is received, the first device access request can be allowed according to the public device type of the network access device. Therefore, the default of the network access equipment is the private equipment type, and the safety of the network access equipment can be ensured; the network access equipment is changed into a public equipment type under the equipment public request of the user, so that the access right of the network access equipment is public under the authorization of the equipment owner, and more users can use the network access equipment on the premise of ensuring the safety.
As shown in fig. 17, in an embodiment, a network access device type configuration apparatus 1700 is provided, which has functional modules for implementing the network access device type configuration methods in the foregoing embodiments. The network access device type configuration apparatus 1700 includes:
the network access device configuration page management module 1701 is configured to draw a corresponding network access device commonization control according to the device identifier having the device binding relationship with the first user identifier, on the network access device configuration page of the instant messaging application.
An apparatus commonization request triggering module 1702, configured to detect an operation on a network access apparatus commonization control, and trigger an apparatus commonization request carrying an apparatus identifier corresponding to the first user identifier.
An apparatus publicizing request sending module 1703, configured to send an apparatus publicizing request to the apparatus access open platform, so that the apparatus access open platform configures an apparatus type corresponding to the apparatus identifier from a default private apparatus type to a public apparatus type.
In one embodiment, the device commonization request triggering module 1702 is further configured to detect an operation on a network access device commonization control and obtain a public access mode configuration instruction; generating an equipment commonization request carrying an equipment identifier corresponding to the first user identifier according to the public access mode specified by the public access mode configuration instruction; the public access mode comprises at least one of a complete public access mode, a limited time public access mode, a limited white list access mode, a limited black list access mode and a password verification access mode.
The device publicizing request sending module 1703 is further configured to send a device publicizing request to the device access open platform, so that the device access open platform configures the device type corresponding to the device identifier from the default private device type to the public device type, and configures the public access mode corresponding to the device identifier according to the device publicizing request.
As shown in fig. 18, in one embodiment, the network access device type configuration apparatus 1700 further includes: a device access request sending module 1704 and a device access result receiving module 1705.
A device access request sending module 1704, configured to send a device access request carrying a device identifier to the device access open platform, so that when the device access open platform detects that the device type corresponding to the device identifier is a public device type, it determines whether to allow access to a network access device corresponding to the device identifier according to a public access manner corresponding to the device identifier.
And an equipment access result receiving module 1705, configured to receive an equipment access result corresponding to the equipment access request, where the equipment access result is fed back by accessing the open platform.
In an embodiment, the device access request sending module 1704 is further configured to send a second device access request carrying the first user identifier and the device identifier to the device access open platform, so that the device access open platform verifies the second device access request according to the first user identifier when detecting that the device identifier carried in the second device access request corresponds to the private device type; and determining whether to allow the network access equipment corresponding to the access equipment identification according to the verification result.
The device access result receiving module 1705 is further configured to receive a device access result corresponding to the second device access request, where the device access result is fed back by the device access open platform.
In the network access device type configuration apparatus 1700, the user may configure the device type of the network access device by using the instant messaging application. The network access equipment configuration page provided by the instant messaging application can show the network access equipment information and the network access equipment commonization control. When the operation of the user on the network access equipment commonization control is detected, an equipment commonization request which corresponds to the first user identification and carries the equipment identification can be triggered and sent to the equipment access open platform. And the equipment access open platform configures the network access equipment from a default private equipment type to a public equipment type according to the equipment public request. Therefore, the user can convert the owned network access equipment into the public equipment type by one key through the instant messaging application, so that the user can conveniently make the network access equipment public, and the operation convenience is improved.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by a computer program, which can be stored in a computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. The storage medium may be a non-volatile storage medium such as a magnetic disk, an optical disk, a Read-Only Memory (ROM), or a Random Access Memory (RAM).
The technical features of the embodiments described above may be arbitrarily combined, and for the sake of brevity, all possible combinations of the technical features in the embodiments described above are not described, but should be considered as being within the scope of the present specification as long as there is no contradiction between the combinations of the technical features.
The above-mentioned embodiments only express several embodiments of the present invention, and the description thereof is more specific and detailed, but not construed as limiting the scope of the invention. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the inventive concept, which falls within the scope of the present invention. Therefore, the protection scope of the present patent shall be subject to the appended claims.
Claims (24)
1. A network access device access control method, the method comprising:
receiving a third equipment access request which is sent by the instant messaging application and carries a second user identifier and an equipment identifier;
when detecting that the device identifier carried by the third device access request corresponds to the private device type, acquiring a first user identifier having a device binding relationship with the device identifier; the first user identification and the second user identification have a social friend relationship;
generating an authorization application, sending the authorization application to a user terminal corresponding to the first user identifier, and receiving an authorization result fed back by the user terminal;
determining whether to allow a second user identifier to access the network access equipment corresponding to the equipment identifier according to the authorization result;
receiving an equipment commonization request which is triggered by an information session page corresponding to an equipment identifier in the instant messaging application and corresponds to a first user identifier and carries the equipment identifier; the network access equipment corresponding to the equipment identifier is initialized to be a private equipment type after being produced, and after the equipment binding relation is generated through binding operation with a first user identifier, the first user identifier has the management authority on the network access equipment;
configuring the device type corresponding to the device identification from a default private device type to a public device type according to the device publicizing request;
receiving a first equipment access request carrying the equipment identification;
detecting the device type corresponding to the device identification carried by the first device access request;
and when the public equipment type is detected, allowing access to the network access equipment corresponding to the equipment identification.
2. The method of claim 1, further comprising:
configuring a public access mode corresponding to the equipment identifier according to the equipment public request;
when the public device type is detected, allowing access to the network access device corresponding to the device identifier, including:
and when the public equipment type is detected, determining whether to allow access to the network access equipment corresponding to the equipment identification according to the public access mode corresponding to the equipment identification.
3. The method of claim 2, wherein the determining whether to allow access to the network access device corresponding to the device identifier according to the public access mode corresponding to the device identifier comprises:
and when the public access mode corresponding to the equipment identification is a complete public authority access mode, directly allowing access to the network access equipment corresponding to the equipment identification.
4. The method of claim 2, wherein the determining whether to allow access to the network access device corresponding to the device identifier according to the public access mode corresponding to the device identifier comprises:
when the public access mode corresponding to the equipment identifier is a time-limited public authority access mode, judging whether the current time is within a preset time limit range; if yes, allowing access to the network access equipment corresponding to the equipment identification; and if not, refusing to access the network access equipment corresponding to the equipment identification.
5. The method of claim 2, wherein the determining whether to allow access to the network access device corresponding to the device identifier according to the public access mode corresponding to the device identifier comprises:
when the public access mode corresponding to the equipment identifier is a limited white list access mode, judging whether a second user identifier carried by the first equipment access request is in a preset white list, and if so, allowing access to the network access equipment corresponding to the equipment identifier; and if not, refusing to access the network access equipment corresponding to the equipment identification.
6. The method of claim 2, wherein the determining whether to allow access to the network access device corresponding to the device identifier according to the public access mode corresponding to the device identifier comprises:
when the public access mode corresponding to the equipment identifier is a limited blacklist access mode, judging whether a second user identifier carried by the first equipment access request is in a preset blacklist, and if so, refusing to access the network access equipment corresponding to the equipment identifier; and if not, allowing to access the network access equipment corresponding to the equipment identification.
7. The method of claim 2, wherein the determining whether to allow access to the network access device corresponding to the device identifier according to the public access mode corresponding to the device identifier comprises:
when the public access mode corresponding to the equipment identifier is a password verification access mode, acquiring an input password corresponding to the first equipment access request and a preset password corresponding to the equipment identifier; comparing whether the input password is consistent with the preset password; if the network access equipment is consistent with the equipment identifier, the network access equipment corresponding to the equipment identifier is allowed to be accessed; and if not, denying access to the network access equipment corresponding to the equipment identification.
8. The method of claim 1, wherein before receiving the device commonization request, which is triggered by a message session page corresponding to a device identifier in the instant messaging application and corresponds to a first user identifier and carries the device identifier, the method further comprises:
receiving a second equipment access request carrying a first user identifier and an equipment identifier;
when detecting that the equipment identification carried by the second equipment access request corresponds to the private equipment type, verifying the second equipment access request according to the first user identification;
and after the second equipment access request is verified, allowing access to the network access equipment corresponding to the equipment identification.
9. A method of network access device type configuration, the method comprising:
a network access device configuration page provided by a session message page corresponding to a device identifier in an instant messaging application draws a corresponding network access device commonization control according to the device identifier having a device binding relationship with a first user identifier; the network access equipment corresponding to the equipment identifier is initialized to be a private equipment type after being produced, and after the equipment binding relation is generated through binding operation with a first user identifier, the first user identifier has the management authority on the network access equipment;
detecting the operation of the network access equipment commonization control, and triggering an equipment commonization request which corresponds to the first user identification and carries the equipment identification;
sending the equipment publicizing request to an equipment access open platform, and enabling the equipment access open platform to configure the equipment type corresponding to the equipment identifier from a default private equipment type to a public equipment type;
before the detecting the operation on the network access device commonization control and triggering a device commonization request carrying a device identifier corresponding to the first user identifier, the method further includes:
receiving an authorization application; the authorization application is generated by triggering a third device access request which is sent by the instant messaging application and carries a second user identifier and a device identifier, the device identifier carried by the third device access request corresponds to a private device type, and the first user identifier and the second user identifier have a social friend relationship;
responding to the authorization application to feed back an authorization result; and the fed back authorization result is used for determining whether the second user identification is allowed to access the network access equipment corresponding to the equipment identification.
10. The method of claim 9, wherein the detecting the operation on the network access device commonization control and triggering a device commonization request carrying a device identifier corresponding to a first user identifier comprises:
detecting the operation of a public control of the network access equipment and acquiring a public access mode configuration instruction;
generating an equipment commonization request carrying an equipment identifier corresponding to the first user identifier according to the public access mode specified by the public access mode configuration instruction; the public access mode comprises at least one of a complete public authority access mode, a limited time public authority access mode, a limited white list access mode, a limited black list access mode and a password verification access mode;
the method further comprises the following steps:
and the equipment access open platform configures a public access mode corresponding to the equipment identifier according to the equipment public request.
11. The method of claim 9, further comprising:
sending an equipment access request carrying the equipment identifier to the equipment access open platform, so that when the equipment access open platform detects that the equipment type corresponding to the equipment identifier is a public equipment type, whether the network access equipment corresponding to the equipment identifier is allowed to be accessed is determined according to a public access mode corresponding to the equipment identifier;
and receiving a device access result fed back by the device access open platform.
12. An apparatus for network access device access control, the apparatus comprising:
a third device access request receiving module, configured to receive a third device access request that is sent by the instant messaging application and carries the second user identifier and the device identifier;
a first user identifier obtaining module, configured to obtain a first user identifier having a device binding relationship with the device identifier when detecting that the device identifier carried in the third device access request corresponds to the private device type; the first user identification and the second user identification have a social friend relationship;
the authorization application module is used for generating an authorization application, sending the authorization application to a user terminal corresponding to the first user identifier, and receiving an authorization result fed back by the user terminal;
a decision module, configured to determine whether to allow a second user identifier to access a network access device corresponding to the device identifier according to the authorization result;
the device publicizing request receiving module is used for receiving a device publicizing request which is triggered by a message session page corresponding to a device identifier in the instant messaging application and corresponds to a first user identifier and carries the device identifier; the network access equipment corresponding to the equipment identifier is initialized to be a private equipment type after being produced, and after the equipment binding relation is generated through binding operation with a first user identifier, the first user identifier has the management authority on the network access equipment;
a public configuration module, configured to configure, according to the device public request, a device type corresponding to the device identifier from a default private device type to a public device type;
a first device access request receiving module, configured to receive a first device access request carrying the device identifier;
the detection module is used for detecting the equipment type corresponding to the equipment identifier carried by the first equipment access request;
the decision module is further configured to allow access to the network access device corresponding to the device identifier when the common device type is detected.
13. The apparatus according to claim 12, wherein the commonization configuration module is further configured to configure a public access manner corresponding to the device identifier according to the device commonization request; and the decision module is also used for determining whether to allow the access to the network access equipment corresponding to the equipment identification according to the public access mode corresponding to the equipment identification when the public equipment type is detected.
14. The apparatus of claim 13, wherein the decision module comprises:
and the complete public authority access mode processing module is used for directly allowing the access to the network access equipment corresponding to the equipment identifier when the public access mode corresponding to the equipment identifier is the complete public authority access mode.
15. The apparatus of claim 13, wherein the decision module further comprises:
the time-limited public authority access mode processing module is used for judging whether the current time is within a preset time limit range or not when the public access mode corresponding to the equipment identifier is the time-limited public authority access mode; if yes, allowing access to the network access equipment corresponding to the equipment identification; and if not, refusing to access the network access equipment corresponding to the equipment identification.
16. The apparatus of claim 13, wherein the decision module further comprises:
a limited white list access mode processing module, configured to, when the public access mode corresponding to the device identifier is a limited white list access mode, determine whether a second user identifier carried by the first device access request is in a preset white list, and if so, allow access to a network access device corresponding to the device identifier; and if not, refusing to access the network access equipment corresponding to the equipment identification.
17. The apparatus of claim 13, wherein the decision module further comprises:
the limited blacklist access mode processing module is used for judging whether a second user identifier carried by the first equipment access request is in a preset blacklist or not when the public access mode corresponding to the equipment identifier is a limited blacklist access mode, and if so, denying access to the network access equipment corresponding to the equipment identifier; and if not, allowing to access the network access equipment corresponding to the equipment identification.
18. The apparatus of claim 13, wherein the decision module further comprises:
a password authentication access mode processing module, configured to, when the public access mode corresponding to the device identifier is a password authentication access mode, obtain an input password corresponding to the first device access request and a preset password corresponding to the device identifier; comparing whether the input password is consistent with the preset password; if the network access equipment is consistent with the equipment identifier, the network access equipment corresponding to the equipment identifier is allowed to be accessed; and if not, denying access to the network access equipment corresponding to the equipment identification.
19. The apparatus of claim 12, further comprising:
a second device access request receiving module, configured to receive a second device access request carrying the first user identifier and the device identifier;
the detection module is further configured to detect a device type corresponding to the device identifier carried by the second device access request;
the second device access request verification module is used for verifying the second device access request according to the first user identifier when detecting that the device identifier carried by the second device access request corresponds to the private device type;
the decision module is further configured to allow access to the network access device corresponding to the device identifier after the second device access request is verified.
20. An apparatus for network access device type configuration, the apparatus comprising:
the network access equipment configuration page management module is used for drawing a corresponding network access equipment commonization control according to the equipment identifier which has equipment binding relation with the first user identifier, wherein the network access equipment configuration page is provided by a session message page corresponding to the equipment identifier in the instant messaging application; the network access equipment corresponding to the equipment identifier is initialized to be a private equipment type after being produced, and after the equipment binding relation is generated through binding operation with a first user identifier, the first user identifier has the management authority on the network access equipment;
a receiving model for receiving an authorization application; the authorization application is generated by triggering a third device access request which is sent by the instant messaging application and carries a second user identifier and a device identifier, the device identifier carried by the third device access request corresponds to a private device type, and the first user identifier and the second user identifier have a social friend relationship;
a feedback module, configured to feed back an authorization result in response to the authorization application; the fed back authorization result is used for determining whether the second user identification is allowed to access the network access equipment corresponding to the equipment identification;
the device publicizing request triggering module is used for detecting the operation on the network access device publicizing control and triggering a device publicizing request which corresponds to the first user identifier and carries the device identifier;
and the equipment publicizing request sending module is used for sending the equipment publicizing request to an equipment access open platform, so that the equipment access open platform configures the equipment type corresponding to the equipment identifier from a default private equipment type to a public equipment type.
21. The apparatus according to claim 20, wherein the device-commonization-request triggering module is further configured to detect an operation on a network access device-commonization control and obtain a public access mode configuration instruction; generating an equipment commonization request carrying an equipment identifier corresponding to the first user identifier according to the public access mode specified by the public access mode configuration instruction; the public access mode comprises at least one of a complete public authority access mode, a limited time public authority access mode, a limited white list access mode, a limited black list access mode and a password verification access mode;
the device publicization request sending module is further used for the device access open platform to configure a public access mode corresponding to the device identifier according to the device publicization request.
22. The apparatus of claim 20, further comprising:
a device access request sending module, configured to send a device access request carrying the device identifier to the device access open platform, so that when the device access open platform detects that the device type corresponding to the device identifier is a public device type, the device access open platform determines whether to allow access to the network access device corresponding to the device identifier according to a public access manner corresponding to the device identifier;
and the equipment access result receiving module is used for receiving the equipment access result fed back by the equipment access open platform.
23. A computer-readable storage medium, storing a computer program which, when executed by a processor, causes the processor to carry out the steps of the method according to any one of claims 1 to 11.
24. A computer device comprising a memory and a processor, the memory storing a computer program that, when executed by the processor, causes the processor to perform the steps of the method according to any one of claims 1 to 11.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510466740.9A CN106385397B (en) | 2015-07-31 | 2015-07-31 | Method and device for access control and type configuration of network access equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510466740.9A CN106385397B (en) | 2015-07-31 | 2015-07-31 | Method and device for access control and type configuration of network access equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106385397A CN106385397A (en) | 2017-02-08 |
| CN106385397B true CN106385397B (en) | 2020-09-01 |
Family
ID=57916368
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510466740.9A Active CN106385397B (en) | 2015-07-31 | 2015-07-31 | Method and device for access control and type configuration of network access equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106385397B (en) |
Families Citing this family (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108462713B (en) * | 2018-03-22 | 2021-07-02 | 北京可信华泰信息技术有限公司 | Method and system for client to perform credibility verification |
| CN113169970B (en) * | 2019-06-14 | 2023-10-27 | Oppo广东移动通信有限公司 | Access control method, device and storage medium |
| CN112351059B (en) * | 2020-07-30 | 2021-09-10 | 中兴通讯股份有限公司 | Request processing method and device, electronic equipment and computer-readable storage medium |
| CN114466249B (en) * | 2022-04-13 | 2022-09-20 | 荣耀终端有限公司 | Data request processing method, device and storage medium |
| CN115065719B (en) * | 2022-06-09 | 2023-07-14 | 深圳创维数字技术有限公司 | Equipment interactive access method and device, electronic equipment and readable storage medium |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101079730A (en) * | 2006-05-25 | 2007-11-28 | 中国移动通信集团公司 | Remote control system and control method of information appliance |
| CN103729590A (en) * | 2013-12-27 | 2014-04-16 | 四川长虹电器股份有限公司 | Method, device and system for setting equipment access right |
| CN104243250A (en) * | 2014-08-18 | 2014-12-24 | 小米科技有限责任公司 | Access authorization method, device and equipment based on intelligent housing system |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9405594B2 (en) * | 2008-11-03 | 2016-08-02 | Samsung Electronics Co., Ltd. | Method and apparatus for controlling access to resources in remote user interface service |
| CN103607372B (en) * | 2013-08-19 | 2016-12-28 | 深信服网络科技(深圳)有限公司 | The authentication method of network insertion and device |
-
2015
- 2015-07-31 CN CN201510466740.9A patent/CN106385397B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101079730A (en) * | 2006-05-25 | 2007-11-28 | 中国移动通信集团公司 | Remote control system and control method of information appliance |
| CN103729590A (en) * | 2013-12-27 | 2014-04-16 | 四川长虹电器股份有限公司 | Method, device and system for setting equipment access right |
| CN104243250A (en) * | 2014-08-18 | 2014-12-24 | 小米科技有限责任公司 | Access authorization method, device and equipment based on intelligent housing system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN106385397A (en) | 2017-02-08 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20200304999A1 (en) | Integrated physical and logical security management via a portable device | |
| CN110121873B (en) | Access token management method, terminal and server | |
| CN106992989B (en) | Sharing authorization method of smart home, server and readable storage medium | |
| US10498723B2 (en) | Method, and apparatus for authenticating access | |
| CN113272805B (en) | Proximity-based unlocking of public computing devices | |
| CN106385397B (en) | Method and device for access control and type configuration of network access equipment | |
| US9754097B2 (en) | Method for peer to peer mobile context authentication | |
| WO2017140240A1 (en) | Guest authentication method and system | |
| CN104641669B (en) | The device and method of control switching for the electronic access client in the case where not requiring network to access | |
| EP3864541B1 (en) | Progressive access to data and device functionality | |
| CN106211359B (en) | Method and device for enabling device to obtain service | |
| CN106209800B (en) | Equipment Authority sharing method and apparatus | |
| CN105791309B (en) | A kind of method, apparatus and system executing business processing | |
| CN105744595B (en) | Access method, apparatus, system and the storage medium of WLAN | |
| CN103248657B (en) | Web Publishing facility information method and facility information sharing method thereof | |
| CN108811179B (en) | Wireless network connection method, device and storage medium | |
| CN103945380A (en) | Method and system for network login authentication based on graphic code | |
| JP2011525656A (en) | Improved biometric authentication and identification | |
| US20150089635A1 (en) | System for correlation of independent authentication mechanisms | |
| EP3915284A1 (en) | Mobile device tools for authenticated smart vehicle pairing and wireless routing configuration and methods of use | |
| US10531051B2 (en) | Method and apparatus for managing provisioning of an imaging system | |
| CN113572718A (en) | Login method, login device, electronic equipment and storage medium | |
| CN107230060A (en) | The method and apparatus that a kind of account is reported the loss | |
| CN114760112B (en) | Wireless local area network-oriented intelligent home equipment networking method, system, equipment and storage medium | |
| US20180115896A1 (en) | Seamless unique user identification and management |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |