CN109688580A - Access device matches connection method and access device - Google Patents

Access device matches connection method and access device Download PDF

Info

Publication number
CN109688580A
CN109688580A CN201710969501.4A CN201710969501A CN109688580A CN 109688580 A CN109688580 A CN 109688580A CN 201710969501 A CN201710969501 A CN 201710969501A CN 109688580 A CN109688580 A CN 109688580A
Authority
CN
China
Prior art keywords
access device
authentication
access
information
request
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
CN201710969501.4A
Other languages
Chinese (zh)
Inventor
谭细金
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Priority to CN201710969501.4A priority Critical patent/CN109688580A/en
Priority to PCT/CN2018/086305 priority patent/WO2019076041A1/en
Publication of CN109688580A publication Critical patent/CN109688580A/en
Withdrawn legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W48/00Access restriction; Network selection; Access point selection
    • H04W48/08Access restriction or access information delivery, e.g. discovery data delivery
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W48/00Access restriction; Network selection; Access point selection
    • H04W48/16Discovering, processing access restriction or access information

Abstract

The embodiment of the present application provides a kind of pairing connection method of access device and access device, this method comprises: the first access device, which receives the second access device, detects that the authentication request sent after first access device, the authentication request include: the identification information and authentication information of second access device;Second access device is authenticated according to the authentication information;Authentication Response is sent to second access device after authenticating successfully;Receive the network insertion request that second access device is sent;Access response is sent to second access device.The embodiment of the present application realizes entire authentication and access network process is completed by the first access device and the second access device interactive information, participates in without artificial, improves access efficiency and user experience, while also improving the safety of group network process.

Description

Access device matches connection method and access device
Technical field
This application involves wireless communication field more particularly to a kind of pairing connection method of access device and access devices.
Background technique
Wireless Fidelity (Wireless Fidelity, WIFI) technology is a kind of Radio Transmission Technology, due to its access can Mobility and convenience are now widely used for the network insertion in the places such as family, office.With increasing, mutually for mobile device The continuous diversification of networking service, user are higher and higher to WIFI bandwidth, the demand of rate.Generally, user can be in room Access device is disposed, provides WIFI signal by the access device, the terminal of user can connect and connecting the access device To network.But WIFI signal can have loss, such as the brick wall decaying across stifled 24 centimetres of (cm) thickness in transmission process About 25db (relative ratio of characterization power), 15 meters of space propagation (m), decay about 70db.As it can be seen that in larger space range It is interior, if only single access device can not accomplish that WIFI signal is completely covered.
In order to realize that WIFI signal better covers, multiple access device networkings are generally used, Lai Shixian larger space Full rate covering.Networking between access device and access device is realized firstly the need of effective certification between access device Pairing, in the prior art, the general recognition button completion for pressing two access devices within a preset time by user are effectively recognized Card, or identification code is inputted in access device to complete effectively to authenticate.
As it can be seen that access device is completed in the mode that effectively authenticates in the prior art, user's operation is cumbersome, under efficiency.
Summary of the invention
The application provides a kind of pairing connection method of access device and access device, sets for solving access in the prior art In the standby mode for completing effectively to authenticate, user's operation is cumbersome, the problem under efficiency.
In a first aspect, the application provides a kind of access device pairing connection method, comprising:
First access device receives the second access device and detects the authentication request sent after first access device, institute State the identification information and authentication information that authentication request includes: second access device;
First access device authenticates second access device according to the authentication information;
First access device is after authenticating successfully according to the identification information of second access device to described second Access device sends Authentication Response;
First access device receives the network insertion request that second access device is sent;
First access device sends access response to second access device.
In a kind of possible design method, the authentication request further include: uniqueness certificate parameter;
The method also includes:
The uniqueness of first access device authentication request according to the uniqueness Verification.
In a kind of possible design method, the uniqueness certificate parameter includes: random number, and/or, timestamp.
In a kind of possible design method, the authentication information includes: the agreement content after default private key encryption;
First access device authenticates second access device according to the authentication information, comprising:
First access device is decrypted the authentication information using default public key, the information after obtaining decryption;
First access device judges whether the information after the decryption and the agreement content are identical.
In a kind of possible design method, the agreement content include: in the authentication request except the authentication information with Outer information.
Second aspect, the application provide a kind of access device pairing connection method, comprising:
After first access device detects the second access device, the second access device of Xiang Suoshu sends authentication request, described Authentication request includes: the identification information and authentication information of first access device;
First access device receives second access device and is sent out according to the identification information of first access device The Authentication Response sent, the Authentication Response are used to indicate second access device and are authenticated successfully according to the authentication information;
First access device sends network insertion request to second access device;
First access device receives the access response that second access device is sent, and has been responded according to the access At network connection.
In a kind of possible design method, the authentication request further include: uniqueness certificate parameter.
In a kind of possible design method, the uniqueness certificate parameter includes: random number, and/or, timestamp.
In a kind of possible design method, the authentication information includes: the agreement content after default private key encryption.
In a kind of possible design method, the agreement content include: in the authentication request except the authentication information with Outer information.
The third aspect, the application provide a kind of access device, the equipment include for execute above-mentioned first aspect and The module or means (means) of method provided by the various implementations of first aspect.
Fourth aspect, the application provide a kind of access device, the equipment include for execute above-mentioned second aspect and The module or means (means) of method provided by the various implementations of second aspect.
5th aspect, the application provide a kind of access device, and the equipment includes processor and memory, and memory is used for Program is stored, processor calls the program of memory storage, the method to execute the offer of the application first aspect.
6th aspect, the application provide a kind of access device, and the equipment includes processor and memory, and memory is used for Program is stored, processor calls the program of memory storage, the method to execute the offer of the application second aspect.
7th aspect, the application provide a kind of access device, at least including the method for executing the above first aspect One processing element (or chip).
Eighth aspect, the application provide a kind of access device, at least including the method for executing the above second aspect One processing element (or chip).
9th aspect, the application provide a kind of computer storage medium, including program, and described program is for executing above the The method of one side.
Tenth aspect, the application provide a kind of computer storage medium, including program, and described program is for executing above the The method of two aspects.
In access device pairing connection method provided by the present application and access device, the first access device receives the second access The authentication request that equipment is sent after detecting first access device, the authentication request include: the mark of the second access device Information and authentication information, the first access device authenticate the second access device according to above-mentioned authentication information, the first access Equipment after authenticating successfully to the second access device send Authentication Response, and then the first access device after authenticating successfully to second Access device sends Authentication Response, and access can be initiated after the completion of authentication so that the second access device is accessed network.It realizes Entire authentication and access network process are completed by the first access device and the second access device interactive information, are participated in, are mentioned without artificial High access efficiency and user experience, while also improving the safety of group network process.
Detailed description of the invention
Fig. 1 is a kind of architectures of communication networks schematic diagram;
Fig. 2 is that the access device that one embodiment of the application provides matches connection method flow diagram;
Fig. 3 is that the access device that one embodiment of the application provides matches authentication request structural schematic diagram in connection method;
Fig. 4 is that the access device that another embodiment of the application provides matches authentication request structural schematic diagram in connection method;
Fig. 5 is that the access device that one embodiment of the application provides matches authentication request structural schematic diagram in connection method;
Fig. 6 is the access device structural schematic diagram that one embodiment of the application provides;
Fig. 7 is the access device structural schematic diagram that another embodiment of the application provides;
Fig. 8 is the access device structural schematic diagram that the application another embodiment provides.
Specific embodiment
Fig. 1 is a kind of architectures of communication networks schematic diagram.As shown in Figure 1, include multiple access devices 01 in the communication network, It include a main access device in this multiple access device 01, main access device can connect the network of the offers such as operator, Its access device can access network by accessing main access device or other access devices for having accessed network, i.e., Multiple access devices 01 are subjected to networking.
Above-mentioned access device is properly termed as access point (Access Point, AP).
Each access device 01 can access one or more terminals 02, provide network for terminal 02.
Multiple access devices 01 can be deployed in each position of large space, or be deployed in each room of office building Between, each room of home dwelling etc., more comprehensively to realize the network coverage.
In the application, terminal (terminal device) include but is not limited to mobile station (MS, Mobile Station), Mobile terminal (Mobile Terminal), mobile phone (Mobile Telephone), mobile phone (handset) and portable equipment (portable equipment) etc., the terminal can be through wireless access network (RAN, Radio Access Network) and one Or multiple cores net is communicated, for example, terminal can be mobile phone (or being " honeycomb " phone), have wireless communication function Can computer etc., terminal can also be portable, pocket, hand-held, built-in computer or vehicle-mounted mobile device Or equipment.
For in the prior art, group network process needs other access devices to be matched with main access device, i.e. verifying has Effect property, this needs user to input information or complete by lower button in the process, i.e., must have manual operation, and process is cumbersome, And safety is not high.For these problems, the application proposes a kind of new access device pairing connection method.
Fig. 2 is that the access device that provides of one embodiment of the application matches connection method flow diagram, in the present embodiment, the One access device is main access device or the access device for having passed through other access devices access network, the second access device It needs to access network by the first access device of access.Here the first access device and the second access device can be identical Entity device.
As shown in Fig. 2, this method comprises:
S201, the first access device receive the authentication that the second access device is sent after detecting the first access device and ask It asks, which includes: the identification information and authentication information of the second access device.
The identification information of second access device connects for identifying the second access device, the media that can be the second access device Enter control (Media Access Control, MAC) address, sequence number of the second access device etc., this is not restricted.So as to The second access device is identified in the first access device, and obtains associated address information for subsequent interaction.
Authentication information can be some information that the first access device and the second access device have been made an appointment, or factory Preceding configured some information, for allowing the validity of opposite side device authentication oneself, the first access device will confirm the second access Equipment is effective and credible, just will do it subsequent access procedure.
During specific implementation, it can be the first access device and unidirectionally the second access device authenticated, be also possible to Both sides authenticate, i.e. the authentication request that the second access device also receives the transmission of the first access device reflects to the first equipment Power, both sides enter back into subsequent access procedure after all the authentication is passed.
It should be noted that the second access device can detect the signal of other access devices in signal cover, After detecting the first access device, authentication request is sent automatically, without artificial triggering.
S202, the first access device authenticate the second access device according to above-mentioned authentication information.
S203, the first access device are sent according to the identification information of the second equipment to the second access device after authenticating successfully Authentication Response.
S204, the second access device send network insertion request to the first access device.
S205, the first access device send access response to the second access device.
Optionally, the first access device sends access response to the second access device according to the identification information of the second equipment.
In the present embodiment, the first access device is to the second access device after the authentication is passed, it is thus identified that the second access device Validity, and Authentication Response is sent to the second access device.Both sides can enter access procedure later, such as access procedure can To complete to authenticate using Wi-Fi protection setting (Wi-Fi protected setup, WPS) identifying procedure to access, the application With no restriction.Specifically, the first access device and the second access device obtain account by cryptographic key exchanging safety and complete network Access.
After second access device completes access, so that it may be connected to network, provide network clothes for the terminal in coverage area Business.
In the present embodiment, the first access device receives the second access device and detects the authentication sent after the first access device Request, which includes: the identification information and authentication information of the second access device, and the first access device is according to above-mentioned Authentication information authenticates the second access device, and the first access device sends to the second access device after authenticating successfully and authenticates Response, so the first access device after authenticate successfully to the second access device transmission Authentication Response, after the completion of authentication Access is initiated so that the second access device is accessed network.Entire authentication and access network process are realized by the first access device and the Two access device interactive information are completed, and are participated in without artificial, are improved access efficiency and user experience, while also improving networking The safety of process.
Optionally, above-mentioned authentication request can also include: uniqueness certificate parameter.Correspondingly, the above method can also wrap It includes: according to the uniqueness of the above-mentioned authentication request of uniqueness Verification.
The interaction of first access device and the second access device is all to hand over before the key for formally obtaining data encryption in plain text Mutually, such third party is easy to forge the report of interaction between the first access device and the second access device by message capturing Text, in order to avoid attack can carry uniqueness certificate parameter in the message.The uniqueness carried in the authentication request sent out every time Certificate parameter is all different, if the first access device has received identical uniqueness certificate parameter, can refuse the second access and set Standby access, or attack recognition is carried out to judge whether authentication request is attacked.
Optionally, above-mentioned uniqueness certificate parameter may include: random number, and/or, timestamp.
Random number, timestamp are all different at any time, random number and/or timestamp are embedded in authentication request, really The uniqueness of each transmission is protected.
On the basis of the above embodiments, optionally, authentication information may include: in the agreement after default private key encryption Hold.
Correspondingly, above-mentioned first access device authenticates the second access device according to above-mentioned authentication information, can be with are as follows: First access device is decrypted authentication information using default public key, the information after obtaining decryption, and then the first access device Whether the information and agreement content after judging decryption are identical.
It should be noted that above-mentioned public key and private key are a pair of secret keys, one for encrypting, another is for decrypting.This Encrypted in embodiment using private key, only corresponding public key can decrypt content therein, if the content of decryption with As making an appointment, then the first access device determines that the second access device is effective, it can access.
Optionally, which includes: the information in authentication request in addition to authentication information.It, can i.e. in authentication request To carry in authentication request the Information Statistics private key encryption other than authentication information, when the first access device uses After authentication information is decrypted in default public key, compares the information decrypted and whether other information is consistent, if unanimously It just authenticates successfully, determines that the second access device is effective, can access, if inconsistent, with regard to failed authentication, do not allow the second access Equipment access.
Fig. 3 is that the access device that one embodiment of the application provides matches authentication request structural schematic diagram in connection method.Fig. 4 Authentication request structural schematic diagram in connection method is matched for the access device that another embodiment of the application provides.
It optionally, can simultaneously include uniqueness certificate parameter and authentication information in authentication request, the first access device is received Both authentication information had been authenticated after to authentication request, uniqueness is also judged according to uniqueness certificate parameter, had all been met in the two When allow again the second access device access network.
As shown in figure 3, authentication request may include: the identification information of the second access device, uniqueness certificate parameter, make by oneself Adopted text and authentication information.Wherein customized text is one section of reserved space, and following expansible, the application is with no restriction.
Authentication information include after default private key encryption " identification information of the second access device+uniqueness certificate parameter+from Define text ".In order to economize on resources, " identification information+uniqueness of the second access device can also be calculated using hash algorithm The cryptographic Hash of certificate parameter+customized text ", authentication information include the " mark of the second access device after default private key encryption The cryptographic Hash of information+uniqueness certificate parameter+customized text ".
Fig. 4 using the MAC Address that the identification information of the second access device is the second access device, uniqueness certificate parameter as when Between stab for.Authentication information may include " MAC Address+timestamp of the second access device+customized after default private key encryption Text ", alternatively, authentication information may include after default private key encryption " MAC Address of the second access device+timestamp+is made by oneself Adopted text " cryptographic Hash, the application is with no restriction.
Fig. 5 is that the access device that one embodiment of the application provides matches authentication request structural schematic diagram in connection method, with Above-described embodiment is corresponding, and the first access device can also be used as access side.It should be noted that the second access device and first Access device is the same, can become access side or request access side.
As shown in figure 5, this method comprises:
S501, the first access device, which detect, sends authentication request, the mirror to the second access device after the second access device Power request includes: the identification information and authentication information of the first access device.
The identification information of first access device can be the sequence of the MAC Address of the first access device, the first access device Number etc., this is not restricted.
After first access device detects the second access device in signal cover, it can access and set from trend second Preparation send authentication request, is not necessarily to artificial trigger action.
S502, the first access device receive the authentication that the second access device is sent according to the identification information of the first access device Response.The Authentication Response is used to indicate second access device and is authenticated successfully according to authentication information.
S503, the first access device send network insertion request to the second access device.
S504, the first access device receive the access response that the second access device is sent, and are responded according to the access and complete net Network connection.
Further, the second access device is to the first access device after the authentication is passed, it is thus identified that the first access device has Effect property, and Authentication Response is sent to the first access device.Both sides can enter access procedure later, such as access procedure can be with WPS identifying procedure is used to complete certification to access, the application is with no restriction.Specifically, the first access device and the second access Equipment obtains account by cryptographic key exchanging safety and completes network insertion.
In the present embodiment, after the first access device detects the second access device, authentication is sent to the second access device and is asked It asks, which includes: the identification information and authentication information of the first access device, after the second access device authenticates successfully Authentication Response is sent to the first access device, and then the first access device sends network insertion request to the second access device, and After receiving the access response of the second access device transmission, is responded according to the access and complete network connection.Realize entire authentication And access network process is completed by the first access device and the second access device interactive information, is participated in without artificial, is improved access Efficiency and user experience.
Similarly with previous embodiment, authentication request can also include: uniqueness certificate parameter.Uniqueness certificate parameter can To be random number, and/or, timestamp.
Second access device receives the uniqueness after authentication request also according to the above-mentioned authentication request of uniqueness Verification.Often The uniqueness certificate parameter carried in the authentication request of secondary hair is all different, if the second access device has received identical uniqueness Certificate parameter can refuse the access of the first access device, or carry out attack recognition to judge whether authentication request is attacked.
Optionally, authentication information includes: the agreement content after default private key encryption.The agreement content includes: the authentication Information in request in addition to the authentication information.It can be found in shown in Fig. 3, Fig. 4.
The present embodiment specific embodiment is similar with Fig. 2-embodiment illustrated in fig. 4, reference can be made to previous embodiment, herein no longer It repeats.
Fig. 6 is the access device structural schematic diagram that one embodiment of the application provides, as shown in fig. 6, the equipment includes: to receive Module 601, authentication module 602 and sending module 603, in which:
Receiving module 601 detects that the authentication sent after first access device is asked for receiving the second access device It asks, the authentication request includes: the identification information and authentication information of second access device.
Authentication module 602, for being authenticated according to the authentication information to second access device.
Sending module 603, for being accessed according to the identification information of the second access device to described second after authenticating successfully Equipment sends Authentication Response.
Further, receiving module 601 are also used to receive the network insertion request that second access device is sent.Hair Module 603 is sent, is also used to send access response to second access device.
In a kind of possible embodiment, the authentication request further include: uniqueness certificate parameter.Correspondingly, mould is authenticated Block 602 is also used to the uniqueness of the authentication request according to the uniqueness Verification.
Optionally, the uniqueness certificate parameter includes: random number, and/or, timestamp.
In another possible embodiment, the authentication information includes: the agreement content after default private key encryption.
Correspondingly, authentication module 602 obtain solution specifically for the authentication information is decrypted using default public key Information after close;Whether the information and the agreement content after judging the decryption are identical.
Optionally, the agreement content includes: the information in the authentication request in addition to the authentication information.
Fig. 7 is the access device structural schematic diagram that another embodiment of the application provides, as shown in fig. 7, the equipment includes: hair Send module 701 and receiving module 702, in which:
Sending module 701, for after detecting the second access device, the second access device of Xiang Suoshu to send authentication and asks It asks, the authentication request includes: the identification information and authentication information of first access device.
Receiving module 702 is sent according to the identification information of the first access device for receiving second access device Authentication Response, the Authentication Response are used to indicate second access device and are authenticated successfully according to the authentication information.
Sending module 701 is also used to send network insertion request to second access device.
Receiving module 702 is also used to receive the access response that second access device is sent, is responded according to the access Complete network connection.
Optionally, the authentication request further include: uniqueness certificate parameter.
In a kind of possible embodiment, uniqueness certificate parameter includes: random number, and/or, timestamp.
In another embodiment, the authentication information includes: the agreement content after default private key encryption.
Optionally, the agreement content includes: the information in the authentication request in addition to the authentication information.
Above equipment is for executing preceding method embodiment, and it is similar that the realization principle and technical effect are similar, and details are not described herein.
It should be noted that it should be understood that the modules of the above equipment division be only a kind of logic function division, It can completely or partially be integrated on a physical entity in actual implementation, it can also be physically separate.And these modules can be with All realized by way of processing element calls with software;It can also all realize in the form of hardware;It can also part mould Block realizes that part of module passes through formal implementation of hardware by way of processing element calls software.For example, authentication module can be with For the processing element individually set up, it also can integrate and realized in some chip of above equipment, in addition it is also possible to program The form of code is stored in the memory of above equipment, is called by some processing element of above equipment and is executed the above mirror Weigh the function of module.The realization of other modules is similar therewith.Furthermore these modules completely or partially can integrate together, can also With independent realization.Processing element described here can be a kind of integrated circuit, the processing capacity with signal.In the process of realization In, each step of the above method or the above modules can by the integrated logic circuit of the hardware in processor elements or The instruction of software form is completed.
For example, the above module can be arranged to implement one or more integrated circuits of above method, such as: One or more specific integrated circuits (Application Specific Integrated Circuit, ASIC), or, one Or multi-microprocessor (Digital Signal Processor, DSP), or, one or more field programmable gate array (Field Programmable Gate Array, FPGA) etc..For another example, when some above module dispatches journey by processing element When the form of sequence code is realized, which can be general processor, such as central processing unit (Central Processing Unit, CPU) or it is other can be with the processor of caller code.For another example, these modules can integrate one It rises, is realized in the form of system on chip (system-on-a-chip, SOC).
Fig. 8 is the access device structural schematic diagram that the application another embodiment provides, as shown in figure 8, the equipment includes: to deposit Reservoir 10 and processor 11.
Memory 10 can be independent physical unit, can be connect by bus with processor 11.Memory 10, processing Device 11 also can integrate together, pass through hardware realization etc..
Memory 10 realizes above method embodiment or Fig. 6-embodiment illustrated in fig. 7 modules journey for storing Sequence, processor 11 call the program, execute the operation of above method embodiment.
Optionally, when above-described embodiment access device pairing connection method in some or all of pass through software realization When, access device can also only include processor.Memory for storing program is located at except access device, and processor passes through Circuit/electric wire is connect with memory, for reading and executing the program stored in memory.
Processor can be central processing unit (Central Processing Unit, CPU), network processing unit The combination of (Network Processor, NP) or CPU and NP.
Processor can further include hardware chip.Above-mentioned hardware chip can be specific integrated circuit (Application-specific Integrated Circuit, ASIC), programmable logic device (Programmable Logic Device, PLD) or combinations thereof.Above-mentioned PLD can be Complex Programmable Logic Devices (Complex Programmable Logic Device, CPLD), field programmable gate array (Field-programmable Gate Array, FPGA), Universal Array Logic (Generic Array Logic, GAL) or any combination thereof.
Memory may include volatile memory (volatile memory), such as random access memory (Random-Access Memory, RAM);Memory also may include nonvolatile memory (non-volatile ), such as flash memory (flash memory), hard disk (Hard Disk Drive, HDD) or solid state hard disk memory (Solid-State Drive, SSD);Memory can also include the combination of the memory of mentioned kind.
The embodiment of the present application also provides a kind of computer storage mediums, are stored with computer program, the computer program For executing access device pairing connection method provided by the above embodiment.
The embodiment of the present application also provides a kind of computer program products comprising instruction, when it runs on computers When, so that computer executes access device provided by the above embodiment and matches connection method.
It should be understood by those skilled in the art that, embodiments herein can provide as method, system or computer program Product.Therefore, complete hardware embodiment, complete software embodiment or reality combining software and hardware aspects can be used in the application Apply the form of example.Moreover, it wherein includes the computer of computer usable program code that the application, which can be used in one or more, The computer program implemented in usable storage medium (including but not limited to magnetic disk storage, CD-ROM, optical memory etc.) produces The form of product.
The application is referring to method, the process of equipment (system) and computer program product according to the embodiment of the present application Figure and/or block diagram describe.It should be understood that every one stream in flowchart and/or the block diagram can be realized by computer program instructions The combination of process and/or box in journey and/or box and flowchart and/or the block diagram.It can provide these computer programs Instruct the processor of general purpose computer, special purpose computer, Embedded Processor or other programmable data processing devices to produce A raw machine, so that being generated by the instruction that computer or the processor of other programmable data processing devices execute for real The device for the function of being specified in present one or more flows of the flowchart and/or one or more blocks of the block diagram.
These computer program instructions, which may also be stored in, is able to guide computer or other programmable data processing devices with spy Determine in the computer-readable memory that mode works, so that it includes referring to that instruction stored in the computer readable memory, which generates, Enable the manufacture of device, the command device realize in one box of one or more flows of the flowchart and/or block diagram or The function of being specified in multiple boxes.
These computer program instructions also can be loaded onto a computer or other programmable data processing device, so that counting Series of operation steps are executed on calculation machine or other programmable devices to generate computer implemented processing, thus in computer or The instruction executed on other programmable devices is provided for realizing in one or more flows of the flowchart and/or block diagram one The step of function of being specified in a box or multiple boxes.

Claims (20)

1. a kind of access device matches connection method characterized by comprising
First access device receives the second access device and detects the authentication request sent after first access device, the mirror Power request includes: the identification information and authentication information of second access device;
First access device authenticates second access device according to the authentication information;
First access device is accessed according to the identification information of second access device to described second after authenticating successfully Equipment sends Authentication Response;
First access device receives the network insertion request that second access device is sent;
First access device sends access response to second access device.
2. the method according to claim 1, wherein the authentication request further include: uniqueness certificate parameter;
The method also includes:
The uniqueness of first access device authentication request according to the uniqueness Verification.
3. according to the method described in claim 2, it is characterized in that, the uniqueness certificate parameter includes: random number, and/or, Timestamp.
4. method according to claim 1-3, which is characterized in that the authentication information includes: that default private key adds Agreement content after close;
First access device authenticates second access device according to the authentication information, comprising:
First access device is decrypted the authentication information using default public key, the information after obtaining decryption;
First access device judges whether the information after the decryption and the agreement content are identical.
5. according to the method described in claim 4, it is characterized in that, the agreement content includes: in the authentication request except institute State the information other than authentication information.
6. a kind of access device matches connection method characterized by comprising
After first access device detects the second access device, the second access device of Xiang Suoshu sends authentication request, the authentication Request includes: the identification information and authentication information of first access device;
First access device receives what second access device was sent according to the identification information of first access device Authentication Response, the Authentication Response are used to indicate second access device and are authenticated successfully according to the authentication information;
First access device sends network insertion request to second access device;
First access device receives the access response that second access device is sent, and is responded according to the access and completes net Network connection.
7. according to the method described in claim 6, it is characterized in that, the authentication request further include: uniqueness certificate parameter.
8. the method according to the description of claim 7 is characterized in that the uniqueness certificate parameter includes: random number, and/or, Timestamp.
9. according to the described in any item methods of claim 6-8, which is characterized in that the authentication information includes: that default private key adds Agreement content after close.
10. according to the method described in claim 9, it is characterized in that, the agreement content includes: in the authentication request except institute State the information other than authentication information.
11. a kind of access device characterized by comprising
Receiving module detects the authentication request sent after first access device for receiving the second access device, described Authentication request includes: the identification information and authentication information of second access device;
Authentication module, for being authenticated according to the authentication information to second access device;
Sending module, for after authenticating successfully according to the identification information of second access device to second access device Send Authentication Response;
The receiving module is also used to receive the network insertion request that second access device is sent;
The sending module is also used to send access response to second access device.
12. access device according to claim 11, which is characterized in that the authentication request further include: uniqueness verifying Parameter;
The authentication module is also used to the uniqueness of the authentication request according to the uniqueness Verification.
13. access device according to claim 12, which is characterized in that the uniqueness certificate parameter includes: random number, And/or timestamp.
14. the described in any item access devices of 1-13 according to claim 1, which is characterized in that the authentication information includes: default Agreement content after private key encryption;
The authentication module, specifically for the authentication information is decrypted using default public key, the information after obtaining decryption; Whether the information and the agreement content after judging the decryption are identical.
15. access device according to claim 14, which is characterized in that the agreement content includes: the authentication request In information in addition to the authentication information.
16. a kind of access device characterized by comprising
Sending module, for after detecting the second access device, the second access device of Xiang Suoshu to send authentication request, the mirror Power request includes: the identification information and authentication information of first access device;
Receiving module, the authentication sent for receiving second access device according to the identification information of first access device Response, the Authentication Response are used to indicate second access device and are authenticated successfully according to the authentication information;
The sending module is also used to send network insertion request to second access device;
The receiving module is also used to receive the access response that second access device is sent, has been responded according to the access At network connection.
17. access device according to claim 16, which is characterized in that the authentication request further include: uniqueness verifying Parameter.
18. access device according to claim 17, which is characterized in that the uniqueness certificate parameter includes: random number, And/or timestamp.
19. the described in any item access devices of 6-18 according to claim 1, which is characterized in that the authentication information includes: default Agreement content after private key encryption.
20. access device according to claim 19, which is characterized in that the agreement content includes: the authentication request In information in addition to the authentication information.
CN201710969501.4A 2017-10-18 2017-10-18 Access device matches connection method and access device Withdrawn CN109688580A (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201710969501.4A CN109688580A (en) 2017-10-18 2017-10-18 Access device matches connection method and access device
PCT/CN2018/086305 WO2019076041A1 (en) 2017-10-18 2018-05-10 Method for paired connection of access devices, and access devices

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710969501.4A CN109688580A (en) 2017-10-18 2017-10-18 Access device matches connection method and access device

Publications (1)

Publication Number Publication Date
CN109688580A true CN109688580A (en) 2019-04-26

Family

ID=66174285

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710969501.4A Withdrawn CN109688580A (en) 2017-10-18 2017-10-18 Access device matches connection method and access device

Country Status (2)

Country Link
CN (1) CN109688580A (en)
WO (1) WO2019076041A1 (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101621796A (en) * 2009-07-22 2010-01-06 中兴通讯股份有限公司 Method and device for access point automatic alignment in wireless distribution system
CN101645814A (en) * 2008-08-04 2010-02-10 上海华为技术有限公司 Method, equipment and system for enabling access points to access mobile core network
CN102685745A (en) * 2012-04-23 2012-09-19 深圳市江波龙电子有限公司 Wireless access point (AP) equipment authentication method and system
CN104519517A (en) * 2013-09-30 2015-04-15 深圳市群云网络有限公司 Method and system for automatically configuring wireless access points AP in wireless local area networks
US20170265081A1 (en) * 2016-03-14 2017-09-14 Fujitsu Limited Wireless communication device, wireless communication method, and computer readable storage medium

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101645814A (en) * 2008-08-04 2010-02-10 上海华为技术有限公司 Method, equipment and system for enabling access points to access mobile core network
CN101621796A (en) * 2009-07-22 2010-01-06 中兴通讯股份有限公司 Method and device for access point automatic alignment in wireless distribution system
CN102685745A (en) * 2012-04-23 2012-09-19 深圳市江波龙电子有限公司 Wireless access point (AP) equipment authentication method and system
CN104519517A (en) * 2013-09-30 2015-04-15 深圳市群云网络有限公司 Method and system for automatically configuring wireless access points AP in wireless local area networks
US20170265081A1 (en) * 2016-03-14 2017-09-14 Fujitsu Limited Wireless communication device, wireless communication method, and computer readable storage medium

Also Published As

Publication number Publication date
WO2019076041A1 (en) 2019-04-25

Similar Documents

Publication Publication Date Title
CN109462476B (en) Key agreement method, device, terminal and computer readable storage medium
RU2663972C1 (en) Security assurance at connection between communication device and network device
EP3057351B1 (en) Access method, system, and device of terminal, and computer storage medium
WO2017114123A1 (en) Key configuration method and key management center, and network element
EP3661241B1 (en) Method and device for protecting privacy
CN111669276A (en) Network verification method, device and system
CN105634737B (en) Data transmission method, terminal and system
JP2012530311A5 (en)
CN107425961A (en) The system and method for performing link establishment and certification
CN104935758A (en) Calling method, calling device and system
CN104125567B (en) Home eNodeB accesses method for authenticating, device and the Home eNodeB of network side
CN109413645A (en) The method and apparatus of access authentication
JP6752013B2 (en) Hearing devices with service modes and related methods
CN108683690A (en) Method for authenticating, user equipment, authentication device, authentication server and storage medium
CN109076058B (en) Authentication method and device for mobile network
CN105790942A (en) Method and system for secure call and terminals
CN105376059A (en) Method and system for performing application signature based on electronic key
CN109639644A (en) Authority checking method, apparatus, storage medium and electronic equipment
CN112602290B (en) Identity authentication method and device and readable storage medium
CN112994873B (en) Certificate application method and equipment
CN112672342A (en) Data transmission method, device, equipment, system and storage medium
CN103368735A (en) Authentication method, device and system of accessing application into intelligent card
CN113766496B (en) Cross-platform binding method and system for intelligent equipment and related equipment
KR20180021838A (en) A method for replacing at least one authentication parameter for authenticating a secure element,
CN106537962B (en) Wireless network configuration, access and access method, device and equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WW01 Invention patent application withdrawn after publication
WW01 Invention patent application withdrawn after publication

Application publication date: 20190426