CN109688580A - Access device matches connection method and access device - Google Patents
Access device matches connection method and access device Download PDFInfo
- Publication number
- CN109688580A CN109688580A CN201710969501.4A CN201710969501A CN109688580A CN 109688580 A CN109688580 A CN 109688580A CN 201710969501 A CN201710969501 A CN 201710969501A CN 109688580 A CN109688580 A CN 109688580A
- Authority
- CN
- China
- Prior art keywords
- access device
- authentication
- access
- information
- request
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/02—Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W48/00—Access restriction; Network selection; Access point selection
- H04W48/08—Access restriction or access information delivery, e.g. discovery data delivery
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W48/00—Access restriction; Network selection; Access point selection
- H04W48/16—Discovering, processing access restriction or access information
Abstract
The embodiment of the present application provides a kind of pairing connection method of access device and access device, this method comprises: the first access device, which receives the second access device, detects that the authentication request sent after first access device, the authentication request include: the identification information and authentication information of second access device;Second access device is authenticated according to the authentication information;Authentication Response is sent to second access device after authenticating successfully;Receive the network insertion request that second access device is sent;Access response is sent to second access device.The embodiment of the present application realizes entire authentication and access network process is completed by the first access device and the second access device interactive information, participates in without artificial, improves access efficiency and user experience, while also improving the safety of group network process.
Description
Technical field
This application involves wireless communication field more particularly to a kind of pairing connection method of access device and access devices.
Background technique
Wireless Fidelity (Wireless Fidelity, WIFI) technology is a kind of Radio Transmission Technology, due to its access can
Mobility and convenience are now widely used for the network insertion in the places such as family, office.With increasing, mutually for mobile device
The continuous diversification of networking service, user are higher and higher to WIFI bandwidth, the demand of rate.Generally, user can be in room
Access device is disposed, provides WIFI signal by the access device, the terminal of user can connect and connecting the access device
To network.But WIFI signal can have loss, such as the brick wall decaying across stifled 24 centimetres of (cm) thickness in transmission process
About 25db (relative ratio of characterization power), 15 meters of space propagation (m), decay about 70db.As it can be seen that in larger space range
It is interior, if only single access device can not accomplish that WIFI signal is completely covered.
In order to realize that WIFI signal better covers, multiple access device networkings are generally used, Lai Shixian larger space
Full rate covering.Networking between access device and access device is realized firstly the need of effective certification between access device
Pairing, in the prior art, the general recognition button completion for pressing two access devices within a preset time by user are effectively recognized
Card, or identification code is inputted in access device to complete effectively to authenticate.
As it can be seen that access device is completed in the mode that effectively authenticates in the prior art, user's operation is cumbersome, under efficiency.
Summary of the invention
The application provides a kind of pairing connection method of access device and access device, sets for solving access in the prior art
In the standby mode for completing effectively to authenticate, user's operation is cumbersome, the problem under efficiency.
In a first aspect, the application provides a kind of access device pairing connection method, comprising:
First access device receives the second access device and detects the authentication request sent after first access device, institute
State the identification information and authentication information that authentication request includes: second access device;
First access device authenticates second access device according to the authentication information;
First access device is after authenticating successfully according to the identification information of second access device to described second
Access device sends Authentication Response;
First access device receives the network insertion request that second access device is sent;
First access device sends access response to second access device.
In a kind of possible design method, the authentication request further include: uniqueness certificate parameter;
The method also includes:
The uniqueness of first access device authentication request according to the uniqueness Verification.
In a kind of possible design method, the uniqueness certificate parameter includes: random number, and/or, timestamp.
In a kind of possible design method, the authentication information includes: the agreement content after default private key encryption;
First access device authenticates second access device according to the authentication information, comprising:
First access device is decrypted the authentication information using default public key, the information after obtaining decryption;
First access device judges whether the information after the decryption and the agreement content are identical.
In a kind of possible design method, the agreement content include: in the authentication request except the authentication information with
Outer information.
Second aspect, the application provide a kind of access device pairing connection method, comprising:
After first access device detects the second access device, the second access device of Xiang Suoshu sends authentication request, described
Authentication request includes: the identification information and authentication information of first access device;
First access device receives second access device and is sent out according to the identification information of first access device
The Authentication Response sent, the Authentication Response are used to indicate second access device and are authenticated successfully according to the authentication information;
First access device sends network insertion request to second access device;
First access device receives the access response that second access device is sent, and has been responded according to the access
At network connection.
In a kind of possible design method, the authentication request further include: uniqueness certificate parameter.
In a kind of possible design method, the uniqueness certificate parameter includes: random number, and/or, timestamp.
In a kind of possible design method, the authentication information includes: the agreement content after default private key encryption.
In a kind of possible design method, the agreement content include: in the authentication request except the authentication information with
Outer information.
The third aspect, the application provide a kind of access device, the equipment include for execute above-mentioned first aspect and
The module or means (means) of method provided by the various implementations of first aspect.
Fourth aspect, the application provide a kind of access device, the equipment include for execute above-mentioned second aspect and
The module or means (means) of method provided by the various implementations of second aspect.
5th aspect, the application provide a kind of access device, and the equipment includes processor and memory, and memory is used for
Program is stored, processor calls the program of memory storage, the method to execute the offer of the application first aspect.
6th aspect, the application provide a kind of access device, and the equipment includes processor and memory, and memory is used for
Program is stored, processor calls the program of memory storage, the method to execute the offer of the application second aspect.
7th aspect, the application provide a kind of access device, at least including the method for executing the above first aspect
One processing element (or chip).
Eighth aspect, the application provide a kind of access device, at least including the method for executing the above second aspect
One processing element (or chip).
9th aspect, the application provide a kind of computer storage medium, including program, and described program is for executing above the
The method of one side.
Tenth aspect, the application provide a kind of computer storage medium, including program, and described program is for executing above the
The method of two aspects.
In access device pairing connection method provided by the present application and access device, the first access device receives the second access
The authentication request that equipment is sent after detecting first access device, the authentication request include: the mark of the second access device
Information and authentication information, the first access device authenticate the second access device according to above-mentioned authentication information, the first access
Equipment after authenticating successfully to the second access device send Authentication Response, and then the first access device after authenticating successfully to second
Access device sends Authentication Response, and access can be initiated after the completion of authentication so that the second access device is accessed network.It realizes
Entire authentication and access network process are completed by the first access device and the second access device interactive information, are participated in, are mentioned without artificial
High access efficiency and user experience, while also improving the safety of group network process.
Detailed description of the invention
Fig. 1 is a kind of architectures of communication networks schematic diagram;
Fig. 2 is that the access device that one embodiment of the application provides matches connection method flow diagram;
Fig. 3 is that the access device that one embodiment of the application provides matches authentication request structural schematic diagram in connection method;
Fig. 4 is that the access device that another embodiment of the application provides matches authentication request structural schematic diagram in connection method;
Fig. 5 is that the access device that one embodiment of the application provides matches authentication request structural schematic diagram in connection method;
Fig. 6 is the access device structural schematic diagram that one embodiment of the application provides;
Fig. 7 is the access device structural schematic diagram that another embodiment of the application provides;
Fig. 8 is the access device structural schematic diagram that the application another embodiment provides.
Specific embodiment
Fig. 1 is a kind of architectures of communication networks schematic diagram.As shown in Figure 1, include multiple access devices 01 in the communication network,
It include a main access device in this multiple access device 01, main access device can connect the network of the offers such as operator,
Its access device can access network by accessing main access device or other access devices for having accessed network, i.e.,
Multiple access devices 01 are subjected to networking.
Above-mentioned access device is properly termed as access point (Access Point, AP).
Each access device 01 can access one or more terminals 02, provide network for terminal 02.
Multiple access devices 01 can be deployed in each position of large space, or be deployed in each room of office building
Between, each room of home dwelling etc., more comprehensively to realize the network coverage.
In the application, terminal (terminal device) include but is not limited to mobile station (MS, Mobile Station),
Mobile terminal (Mobile Terminal), mobile phone (Mobile Telephone), mobile phone (handset) and portable equipment
(portable equipment) etc., the terminal can be through wireless access network (RAN, Radio Access Network) and one
Or multiple cores net is communicated, for example, terminal can be mobile phone (or being " honeycomb " phone), have wireless communication function
Can computer etc., terminal can also be portable, pocket, hand-held, built-in computer or vehicle-mounted mobile device
Or equipment.
For in the prior art, group network process needs other access devices to be matched with main access device, i.e. verifying has
Effect property, this needs user to input information or complete by lower button in the process, i.e., must have manual operation, and process is cumbersome,
And safety is not high.For these problems, the application proposes a kind of new access device pairing connection method.
Fig. 2 is that the access device that provides of one embodiment of the application matches connection method flow diagram, in the present embodiment, the
One access device is main access device or the access device for having passed through other access devices access network, the second access device
It needs to access network by the first access device of access.Here the first access device and the second access device can be identical
Entity device.
As shown in Fig. 2, this method comprises:
S201, the first access device receive the authentication that the second access device is sent after detecting the first access device and ask
It asks, which includes: the identification information and authentication information of the second access device.
The identification information of second access device connects for identifying the second access device, the media that can be the second access device
Enter control (Media Access Control, MAC) address, sequence number of the second access device etc., this is not restricted.So as to
The second access device is identified in the first access device, and obtains associated address information for subsequent interaction.
Authentication information can be some information that the first access device and the second access device have been made an appointment, or factory
Preceding configured some information, for allowing the validity of opposite side device authentication oneself, the first access device will confirm the second access
Equipment is effective and credible, just will do it subsequent access procedure.
During specific implementation, it can be the first access device and unidirectionally the second access device authenticated, be also possible to
Both sides authenticate, i.e. the authentication request that the second access device also receives the transmission of the first access device reflects to the first equipment
Power, both sides enter back into subsequent access procedure after all the authentication is passed.
It should be noted that the second access device can detect the signal of other access devices in signal cover,
After detecting the first access device, authentication request is sent automatically, without artificial triggering.
S202, the first access device authenticate the second access device according to above-mentioned authentication information.
S203, the first access device are sent according to the identification information of the second equipment to the second access device after authenticating successfully
Authentication Response.
S204, the second access device send network insertion request to the first access device.
S205, the first access device send access response to the second access device.
Optionally, the first access device sends access response to the second access device according to the identification information of the second equipment.
In the present embodiment, the first access device is to the second access device after the authentication is passed, it is thus identified that the second access device
Validity, and Authentication Response is sent to the second access device.Both sides can enter access procedure later, such as access procedure can
To complete to authenticate using Wi-Fi protection setting (Wi-Fi protected setup, WPS) identifying procedure to access, the application
With no restriction.Specifically, the first access device and the second access device obtain account by cryptographic key exchanging safety and complete network
Access.
After second access device completes access, so that it may be connected to network, provide network clothes for the terminal in coverage area
Business.
In the present embodiment, the first access device receives the second access device and detects the authentication sent after the first access device
Request, which includes: the identification information and authentication information of the second access device, and the first access device is according to above-mentioned
Authentication information authenticates the second access device, and the first access device sends to the second access device after authenticating successfully and authenticates
Response, so the first access device after authenticate successfully to the second access device transmission Authentication Response, after the completion of authentication
Access is initiated so that the second access device is accessed network.Entire authentication and access network process are realized by the first access device and the
Two access device interactive information are completed, and are participated in without artificial, are improved access efficiency and user experience, while also improving networking
The safety of process.
Optionally, above-mentioned authentication request can also include: uniqueness certificate parameter.Correspondingly, the above method can also wrap
It includes: according to the uniqueness of the above-mentioned authentication request of uniqueness Verification.
The interaction of first access device and the second access device is all to hand over before the key for formally obtaining data encryption in plain text
Mutually, such third party is easy to forge the report of interaction between the first access device and the second access device by message capturing
Text, in order to avoid attack can carry uniqueness certificate parameter in the message.The uniqueness carried in the authentication request sent out every time
Certificate parameter is all different, if the first access device has received identical uniqueness certificate parameter, can refuse the second access and set
Standby access, or attack recognition is carried out to judge whether authentication request is attacked.
Optionally, above-mentioned uniqueness certificate parameter may include: random number, and/or, timestamp.
Random number, timestamp are all different at any time, random number and/or timestamp are embedded in authentication request, really
The uniqueness of each transmission is protected.
On the basis of the above embodiments, optionally, authentication information may include: in the agreement after default private key encryption
Hold.
Correspondingly, above-mentioned first access device authenticates the second access device according to above-mentioned authentication information, can be with are as follows:
First access device is decrypted authentication information using default public key, the information after obtaining decryption, and then the first access device
Whether the information and agreement content after judging decryption are identical.
It should be noted that above-mentioned public key and private key are a pair of secret keys, one for encrypting, another is for decrypting.This
Encrypted in embodiment using private key, only corresponding public key can decrypt content therein, if the content of decryption with
As making an appointment, then the first access device determines that the second access device is effective, it can access.
Optionally, which includes: the information in authentication request in addition to authentication information.It, can i.e. in authentication request
To carry in authentication request the Information Statistics private key encryption other than authentication information, when the first access device uses
After authentication information is decrypted in default public key, compares the information decrypted and whether other information is consistent, if unanimously
It just authenticates successfully, determines that the second access device is effective, can access, if inconsistent, with regard to failed authentication, do not allow the second access
Equipment access.
Fig. 3 is that the access device that one embodiment of the application provides matches authentication request structural schematic diagram in connection method.Fig. 4
Authentication request structural schematic diagram in connection method is matched for the access device that another embodiment of the application provides.
It optionally, can simultaneously include uniqueness certificate parameter and authentication information in authentication request, the first access device is received
Both authentication information had been authenticated after to authentication request, uniqueness is also judged according to uniqueness certificate parameter, had all been met in the two
When allow again the second access device access network.
As shown in figure 3, authentication request may include: the identification information of the second access device, uniqueness certificate parameter, make by oneself
Adopted text and authentication information.Wherein customized text is one section of reserved space, and following expansible, the application is with no restriction.
Authentication information include after default private key encryption " identification information of the second access device+uniqueness certificate parameter+from
Define text ".In order to economize on resources, " identification information+uniqueness of the second access device can also be calculated using hash algorithm
The cryptographic Hash of certificate parameter+customized text ", authentication information include the " mark of the second access device after default private key encryption
The cryptographic Hash of information+uniqueness certificate parameter+customized text ".
Fig. 4 using the MAC Address that the identification information of the second access device is the second access device, uniqueness certificate parameter as when
Between stab for.Authentication information may include " MAC Address+timestamp of the second access device+customized after default private key encryption
Text ", alternatively, authentication information may include after default private key encryption " MAC Address of the second access device+timestamp+is made by oneself
Adopted text " cryptographic Hash, the application is with no restriction.
Fig. 5 is that the access device that one embodiment of the application provides matches authentication request structural schematic diagram in connection method, with
Above-described embodiment is corresponding, and the first access device can also be used as access side.It should be noted that the second access device and first
Access device is the same, can become access side or request access side.
As shown in figure 5, this method comprises:
S501, the first access device, which detect, sends authentication request, the mirror to the second access device after the second access device
Power request includes: the identification information and authentication information of the first access device.
The identification information of first access device can be the sequence of the MAC Address of the first access device, the first access device
Number etc., this is not restricted.
After first access device detects the second access device in signal cover, it can access and set from trend second
Preparation send authentication request, is not necessarily to artificial trigger action.
S502, the first access device receive the authentication that the second access device is sent according to the identification information of the first access device
Response.The Authentication Response is used to indicate second access device and is authenticated successfully according to authentication information.
S503, the first access device send network insertion request to the second access device.
S504, the first access device receive the access response that the second access device is sent, and are responded according to the access and complete net
Network connection.
Further, the second access device is to the first access device after the authentication is passed, it is thus identified that the first access device has
Effect property, and Authentication Response is sent to the first access device.Both sides can enter access procedure later, such as access procedure can be with
WPS identifying procedure is used to complete certification to access, the application is with no restriction.Specifically, the first access device and the second access
Equipment obtains account by cryptographic key exchanging safety and completes network insertion.
In the present embodiment, after the first access device detects the second access device, authentication is sent to the second access device and is asked
It asks, which includes: the identification information and authentication information of the first access device, after the second access device authenticates successfully
Authentication Response is sent to the first access device, and then the first access device sends network insertion request to the second access device, and
After receiving the access response of the second access device transmission, is responded according to the access and complete network connection.Realize entire authentication
And access network process is completed by the first access device and the second access device interactive information, is participated in without artificial, is improved access
Efficiency and user experience.
Similarly with previous embodiment, authentication request can also include: uniqueness certificate parameter.Uniqueness certificate parameter can
To be random number, and/or, timestamp.
Second access device receives the uniqueness after authentication request also according to the above-mentioned authentication request of uniqueness Verification.Often
The uniqueness certificate parameter carried in the authentication request of secondary hair is all different, if the second access device has received identical uniqueness
Certificate parameter can refuse the access of the first access device, or carry out attack recognition to judge whether authentication request is attacked.
Optionally, authentication information includes: the agreement content after default private key encryption.The agreement content includes: the authentication
Information in request in addition to the authentication information.It can be found in shown in Fig. 3, Fig. 4.
The present embodiment specific embodiment is similar with Fig. 2-embodiment illustrated in fig. 4, reference can be made to previous embodiment, herein no longer
It repeats.
Fig. 6 is the access device structural schematic diagram that one embodiment of the application provides, as shown in fig. 6, the equipment includes: to receive
Module 601, authentication module 602 and sending module 603, in which:
Receiving module 601 detects that the authentication sent after first access device is asked for receiving the second access device
It asks, the authentication request includes: the identification information and authentication information of second access device.
Authentication module 602, for being authenticated according to the authentication information to second access device.
Sending module 603, for being accessed according to the identification information of the second access device to described second after authenticating successfully
Equipment sends Authentication Response.
Further, receiving module 601 are also used to receive the network insertion request that second access device is sent.Hair
Module 603 is sent, is also used to send access response to second access device.
In a kind of possible embodiment, the authentication request further include: uniqueness certificate parameter.Correspondingly, mould is authenticated
Block 602 is also used to the uniqueness of the authentication request according to the uniqueness Verification.
Optionally, the uniqueness certificate parameter includes: random number, and/or, timestamp.
In another possible embodiment, the authentication information includes: the agreement content after default private key encryption.
Correspondingly, authentication module 602 obtain solution specifically for the authentication information is decrypted using default public key
Information after close;Whether the information and the agreement content after judging the decryption are identical.
Optionally, the agreement content includes: the information in the authentication request in addition to the authentication information.
Fig. 7 is the access device structural schematic diagram that another embodiment of the application provides, as shown in fig. 7, the equipment includes: hair
Send module 701 and receiving module 702, in which:
Sending module 701, for after detecting the second access device, the second access device of Xiang Suoshu to send authentication and asks
It asks, the authentication request includes: the identification information and authentication information of first access device.
Receiving module 702 is sent according to the identification information of the first access device for receiving second access device
Authentication Response, the Authentication Response are used to indicate second access device and are authenticated successfully according to the authentication information.
Sending module 701 is also used to send network insertion request to second access device.
Receiving module 702 is also used to receive the access response that second access device is sent, is responded according to the access
Complete network connection.
Optionally, the authentication request further include: uniqueness certificate parameter.
In a kind of possible embodiment, uniqueness certificate parameter includes: random number, and/or, timestamp.
In another embodiment, the authentication information includes: the agreement content after default private key encryption.
Optionally, the agreement content includes: the information in the authentication request in addition to the authentication information.
Above equipment is for executing preceding method embodiment, and it is similar that the realization principle and technical effect are similar, and details are not described herein.
It should be noted that it should be understood that the modules of the above equipment division be only a kind of logic function division,
It can completely or partially be integrated on a physical entity in actual implementation, it can also be physically separate.And these modules can be with
All realized by way of processing element calls with software;It can also all realize in the form of hardware;It can also part mould
Block realizes that part of module passes through formal implementation of hardware by way of processing element calls software.For example, authentication module can be with
For the processing element individually set up, it also can integrate and realized in some chip of above equipment, in addition it is also possible to program
The form of code is stored in the memory of above equipment, is called by some processing element of above equipment and is executed the above mirror
Weigh the function of module.The realization of other modules is similar therewith.Furthermore these modules completely or partially can integrate together, can also
With independent realization.Processing element described here can be a kind of integrated circuit, the processing capacity with signal.In the process of realization
In, each step of the above method or the above modules can by the integrated logic circuit of the hardware in processor elements or
The instruction of software form is completed.
For example, the above module can be arranged to implement one or more integrated circuits of above method, such as:
One or more specific integrated circuits (Application Specific Integrated Circuit, ASIC), or, one
Or multi-microprocessor (Digital Signal Processor, DSP), or, one or more field programmable gate array
(Field Programmable Gate Array, FPGA) etc..For another example, when some above module dispatches journey by processing element
When the form of sequence code is realized, which can be general processor, such as central processing unit (Central
Processing Unit, CPU) or it is other can be with the processor of caller code.For another example, these modules can integrate one
It rises, is realized in the form of system on chip (system-on-a-chip, SOC).
Fig. 8 is the access device structural schematic diagram that the application another embodiment provides, as shown in figure 8, the equipment includes: to deposit
Reservoir 10 and processor 11.
Memory 10 can be independent physical unit, can be connect by bus with processor 11.Memory 10, processing
Device 11 also can integrate together, pass through hardware realization etc..
Memory 10 realizes above method embodiment or Fig. 6-embodiment illustrated in fig. 7 modules journey for storing
Sequence, processor 11 call the program, execute the operation of above method embodiment.
Optionally, when above-described embodiment access device pairing connection method in some or all of pass through software realization
When, access device can also only include processor.Memory for storing program is located at except access device, and processor passes through
Circuit/electric wire is connect with memory, for reading and executing the program stored in memory.
Processor can be central processing unit (Central Processing Unit, CPU), network processing unit
The combination of (Network Processor, NP) or CPU and NP.
Processor can further include hardware chip.Above-mentioned hardware chip can be specific integrated circuit
(Application-specific Integrated Circuit, ASIC), programmable logic device (Programmable
Logic Device, PLD) or combinations thereof.Above-mentioned PLD can be Complex Programmable Logic Devices (Complex
Programmable Logic Device, CPLD), field programmable gate array (Field-programmable Gate
Array, FPGA), Universal Array Logic (Generic Array Logic, GAL) or any combination thereof.
Memory may include volatile memory (volatile memory), such as random access memory
(Random-Access Memory, RAM);Memory also may include nonvolatile memory (non-volatile
), such as flash memory (flash memory), hard disk (Hard Disk Drive, HDD) or solid state hard disk memory
(Solid-State Drive, SSD);Memory can also include the combination of the memory of mentioned kind.
The embodiment of the present application also provides a kind of computer storage mediums, are stored with computer program, the computer program
For executing access device pairing connection method provided by the above embodiment.
The embodiment of the present application also provides a kind of computer program products comprising instruction, when it runs on computers
When, so that computer executes access device provided by the above embodiment and matches connection method.
It should be understood by those skilled in the art that, embodiments herein can provide as method, system or computer program
Product.Therefore, complete hardware embodiment, complete software embodiment or reality combining software and hardware aspects can be used in the application
Apply the form of example.Moreover, it wherein includes the computer of computer usable program code that the application, which can be used in one or more,
The computer program implemented in usable storage medium (including but not limited to magnetic disk storage, CD-ROM, optical memory etc.) produces
The form of product.
The application is referring to method, the process of equipment (system) and computer program product according to the embodiment of the present application
Figure and/or block diagram describe.It should be understood that every one stream in flowchart and/or the block diagram can be realized by computer program instructions
The combination of process and/or box in journey and/or box and flowchart and/or the block diagram.It can provide these computer programs
Instruct the processor of general purpose computer, special purpose computer, Embedded Processor or other programmable data processing devices to produce
A raw machine, so that being generated by the instruction that computer or the processor of other programmable data processing devices execute for real
The device for the function of being specified in present one or more flows of the flowchart and/or one or more blocks of the block diagram.
These computer program instructions, which may also be stored in, is able to guide computer or other programmable data processing devices with spy
Determine in the computer-readable memory that mode works, so that it includes referring to that instruction stored in the computer readable memory, which generates,
Enable the manufacture of device, the command device realize in one box of one or more flows of the flowchart and/or block diagram or
The function of being specified in multiple boxes.
These computer program instructions also can be loaded onto a computer or other programmable data processing device, so that counting
Series of operation steps are executed on calculation machine or other programmable devices to generate computer implemented processing, thus in computer or
The instruction executed on other programmable devices is provided for realizing in one or more flows of the flowchart and/or block diagram one
The step of function of being specified in a box or multiple boxes.
Claims (20)
1. a kind of access device matches connection method characterized by comprising
First access device receives the second access device and detects the authentication request sent after first access device, the mirror
Power request includes: the identification information and authentication information of second access device;
First access device authenticates second access device according to the authentication information;
First access device is accessed according to the identification information of second access device to described second after authenticating successfully
Equipment sends Authentication Response;
First access device receives the network insertion request that second access device is sent;
First access device sends access response to second access device.
2. the method according to claim 1, wherein the authentication request further include: uniqueness certificate parameter;
The method also includes:
The uniqueness of first access device authentication request according to the uniqueness Verification.
3. according to the method described in claim 2, it is characterized in that, the uniqueness certificate parameter includes: random number, and/or,
Timestamp.
4. method according to claim 1-3, which is characterized in that the authentication information includes: that default private key adds
Agreement content after close;
First access device authenticates second access device according to the authentication information, comprising:
First access device is decrypted the authentication information using default public key, the information after obtaining decryption;
First access device judges whether the information after the decryption and the agreement content are identical.
5. according to the method described in claim 4, it is characterized in that, the agreement content includes: in the authentication request except institute
State the information other than authentication information.
6. a kind of access device matches connection method characterized by comprising
After first access device detects the second access device, the second access device of Xiang Suoshu sends authentication request, the authentication
Request includes: the identification information and authentication information of first access device;
First access device receives what second access device was sent according to the identification information of first access device
Authentication Response, the Authentication Response are used to indicate second access device and are authenticated successfully according to the authentication information;
First access device sends network insertion request to second access device;
First access device receives the access response that second access device is sent, and is responded according to the access and completes net
Network connection.
7. according to the method described in claim 6, it is characterized in that, the authentication request further include: uniqueness certificate parameter.
8. the method according to the description of claim 7 is characterized in that the uniqueness certificate parameter includes: random number, and/or,
Timestamp.
9. according to the described in any item methods of claim 6-8, which is characterized in that the authentication information includes: that default private key adds
Agreement content after close.
10. according to the method described in claim 9, it is characterized in that, the agreement content includes: in the authentication request except institute
State the information other than authentication information.
11. a kind of access device characterized by comprising
Receiving module detects the authentication request sent after first access device for receiving the second access device, described
Authentication request includes: the identification information and authentication information of second access device;
Authentication module, for being authenticated according to the authentication information to second access device;
Sending module, for after authenticating successfully according to the identification information of second access device to second access device
Send Authentication Response;
The receiving module is also used to receive the network insertion request that second access device is sent;
The sending module is also used to send access response to second access device.
12. access device according to claim 11, which is characterized in that the authentication request further include: uniqueness verifying
Parameter;
The authentication module is also used to the uniqueness of the authentication request according to the uniqueness Verification.
13. access device according to claim 12, which is characterized in that the uniqueness certificate parameter includes: random number,
And/or timestamp.
14. the described in any item access devices of 1-13 according to claim 1, which is characterized in that the authentication information includes: default
Agreement content after private key encryption;
The authentication module, specifically for the authentication information is decrypted using default public key, the information after obtaining decryption;
Whether the information and the agreement content after judging the decryption are identical.
15. access device according to claim 14, which is characterized in that the agreement content includes: the authentication request
In information in addition to the authentication information.
16. a kind of access device characterized by comprising
Sending module, for after detecting the second access device, the second access device of Xiang Suoshu to send authentication request, the mirror
Power request includes: the identification information and authentication information of first access device;
Receiving module, the authentication sent for receiving second access device according to the identification information of first access device
Response, the Authentication Response are used to indicate second access device and are authenticated successfully according to the authentication information;
The sending module is also used to send network insertion request to second access device;
The receiving module is also used to receive the access response that second access device is sent, has been responded according to the access
At network connection.
17. access device according to claim 16, which is characterized in that the authentication request further include: uniqueness verifying
Parameter.
18. access device according to claim 17, which is characterized in that the uniqueness certificate parameter includes: random number,
And/or timestamp.
19. the described in any item access devices of 6-18 according to claim 1, which is characterized in that the authentication information includes: default
Agreement content after private key encryption.
20. access device according to claim 19, which is characterized in that the agreement content includes: the authentication request
In information in addition to the authentication information.
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710969501.4A CN109688580A (en) | 2017-10-18 | 2017-10-18 | Access device matches connection method and access device |
PCT/CN2018/086305 WO2019076041A1 (en) | 2017-10-18 | 2018-05-10 | Method for paired connection of access devices, and access devices |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710969501.4A CN109688580A (en) | 2017-10-18 | 2017-10-18 | Access device matches connection method and access device |
Publications (1)
Publication Number | Publication Date |
---|---|
CN109688580A true CN109688580A (en) | 2019-04-26 |
Family
ID=66174285
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710969501.4A Withdrawn CN109688580A (en) | 2017-10-18 | 2017-10-18 | Access device matches connection method and access device |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN109688580A (en) |
WO (1) | WO2019076041A1 (en) |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101621796A (en) * | 2009-07-22 | 2010-01-06 | 中兴通讯股份有限公司 | Method and device for access point automatic alignment in wireless distribution system |
CN101645814A (en) * | 2008-08-04 | 2010-02-10 | 上海华为技术有限公司 | Method, equipment and system for enabling access points to access mobile core network |
CN102685745A (en) * | 2012-04-23 | 2012-09-19 | 深圳市江波龙电子有限公司 | Wireless access point (AP) equipment authentication method and system |
CN104519517A (en) * | 2013-09-30 | 2015-04-15 | 深圳市群云网络有限公司 | Method and system for automatically configuring wireless access points AP in wireless local area networks |
US20170265081A1 (en) * | 2016-03-14 | 2017-09-14 | Fujitsu Limited | Wireless communication device, wireless communication method, and computer readable storage medium |
-
2017
- 2017-10-18 CN CN201710969501.4A patent/CN109688580A/en not_active Withdrawn
-
2018
- 2018-05-10 WO PCT/CN2018/086305 patent/WO2019076041A1/en active Application Filing
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101645814A (en) * | 2008-08-04 | 2010-02-10 | 上海华为技术有限公司 | Method, equipment and system for enabling access points to access mobile core network |
CN101621796A (en) * | 2009-07-22 | 2010-01-06 | 中兴通讯股份有限公司 | Method and device for access point automatic alignment in wireless distribution system |
CN102685745A (en) * | 2012-04-23 | 2012-09-19 | 深圳市江波龙电子有限公司 | Wireless access point (AP) equipment authentication method and system |
CN104519517A (en) * | 2013-09-30 | 2015-04-15 | 深圳市群云网络有限公司 | Method and system for automatically configuring wireless access points AP in wireless local area networks |
US20170265081A1 (en) * | 2016-03-14 | 2017-09-14 | Fujitsu Limited | Wireless communication device, wireless communication method, and computer readable storage medium |
Also Published As
Publication number | Publication date |
---|---|
WO2019076041A1 (en) | 2019-04-25 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109462476B (en) | Key agreement method, device, terminal and computer readable storage medium | |
RU2663972C1 (en) | Security assurance at connection between communication device and network device | |
EP3057351B1 (en) | Access method, system, and device of terminal, and computer storage medium | |
WO2017114123A1 (en) | Key configuration method and key management center, and network element | |
EP3661241B1 (en) | Method and device for protecting privacy | |
CN111669276A (en) | Network verification method, device and system | |
CN105634737B (en) | Data transmission method, terminal and system | |
JP2012530311A5 (en) | ||
CN107425961A (en) | The system and method for performing link establishment and certification | |
CN104935758A (en) | Calling method, calling device and system | |
CN104125567B (en) | Home eNodeB accesses method for authenticating, device and the Home eNodeB of network side | |
CN109413645A (en) | The method and apparatus of access authentication | |
JP6752013B2 (en) | Hearing devices with service modes and related methods | |
CN108683690A (en) | Method for authenticating, user equipment, authentication device, authentication server and storage medium | |
CN109076058B (en) | Authentication method and device for mobile network | |
CN105790942A (en) | Method and system for secure call and terminals | |
CN105376059A (en) | Method and system for performing application signature based on electronic key | |
CN109639644A (en) | Authority checking method, apparatus, storage medium and electronic equipment | |
CN112602290B (en) | Identity authentication method and device and readable storage medium | |
CN112994873B (en) | Certificate application method and equipment | |
CN112672342A (en) | Data transmission method, device, equipment, system and storage medium | |
CN103368735A (en) | Authentication method, device and system of accessing application into intelligent card | |
CN113766496B (en) | Cross-platform binding method and system for intelligent equipment and related equipment | |
KR20180021838A (en) | A method for replacing at least one authentication parameter for authenticating a secure element, | |
CN106537962B (en) | Wireless network configuration, access and access method, device and equipment |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
WW01 | Invention patent application withdrawn after publication | ||
WW01 | Invention patent application withdrawn after publication |
Application publication date: 20190426 |