CN112929188B - Device connection method, system, apparatus and computer readable storage medium - Google Patents

Device connection method, system, apparatus and computer readable storage medium Download PDF

Info

Publication number
CN112929188B
CN112929188B CN201911230592.5A CN201911230592A CN112929188B CN 112929188 B CN112929188 B CN 112929188B CN 201911230592 A CN201911230592 A CN 201911230592A CN 112929188 B CN112929188 B CN 112929188B
Authority
CN
China
Prior art keywords
equipment
access
management
authentication
address
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201911230592.5A
Other languages
Chinese (zh)
Other versions
CN112929188A (en
Inventor
赵国永
霍晓莉
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Telecom Corp Ltd
Original Assignee
China Telecom Corp Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Telecom Corp Ltd filed Critical China Telecom Corp Ltd
Priority to CN201911230592.5A priority Critical patent/CN112929188B/en
Publication of CN112929188A publication Critical patent/CN112929188A/en
Application granted granted Critical
Publication of CN112929188B publication Critical patent/CN112929188B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0803Configuration setting
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0803Configuration setting
    • H04L41/0806Configuration setting for initial configuration or provisioning, e.g. plug-and-play
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0876Aspects of the degree of configuration automation
    • H04L41/0886Fully automatic configuration
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0889Techniques to speed-up the configuration process
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/50Address allocation
    • H04L61/5007Internet protocol [IP] addresses
    • H04L61/5014Internet protocol [IP] addresses using dynamic host configuration protocol [DHCP] or bootstrap protocol [BOOTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Automation & Control Theory (AREA)
  • Small-Scale Networks (AREA)

Abstract

The disclosure provides a device connection method, a system, a device and a computer readable storage medium, and relates to the technical field of device management. The equipment connection method comprises the following steps: the access equipment sends a dynamic host configuration protocol request to the management and control equipment; the management and control equipment sends a dynamic host configuration protocol response to the access equipment; the access equipment sends an access message to the management and control equipment by using the IP address of the management and control equipment; the management and control equipment authenticates the access equipment by utilizing the pre-configured registration information and the manufacturer identification, the equipment model and the equipment unique identification; under the condition that authentication is successful, the management and control equipment queries pre-configured authentication information by using the authentication identifier and the manufacturer identifier to obtain a user name and a password; the management and control equipment is connected with the access equipment by using the IP address and the service port of the access equipment. The method and the device realize automatic discovery, automatic authentication and automatic authentication of the access equipment, can rapidly and automatically configure the access equipment, and can improve the safety of equipment access.

Description

Device connection method, system, apparatus and computer readable storage medium
Technical Field
The present disclosure relates to the field of device management technologies, and in particular, to a device connection method, system, apparatus, and computer-readable storage medium.
Background
In the conventional manner, the client device at the client side needs to be manually configured on the network management system or on site by the network management personnel, so that the client device can be managed. At present, in the field of optical transmission, an automatic discovery mechanism for devices is generally managed by adopting an IP scanning or a simple network management protocol, and even if access devices can be discovered, the device authentication link is also lacked.
The TR069 protocol is a complete home gateway device management protocol, although the problem of device discovery can be solved. If a device implements the protocol only for the purpose of implementing automatic discovery of the device, the development cost is greatly increased, and the management direction of the TR069 protocol is that the device actively connects to a management device as a client.
Although the RFC8071 protocol is adopted, the problem of device discovery can be solved, the protocol has high requirements on access devices and management and control devices in implementation and has high development complexity. Meanwhile, in order to realize the automatic discovery of the access equipment, a YANG model is introduced again, and the authentication information is substituted into the YANG model; in order to realize secure connection, a certificate key file or a main key and the like are also started, so that a manufacturer is difficult to implement the technical scheme.
Disclosure of Invention
The technical problem solved by the present disclosure is how to configure the access device quickly and automatically, and at the same time, improve the security of device access.
According to an aspect of an embodiment of the present disclosure, there is provided a device connection method including: the access equipment sends a dynamic host configuration protocol request to the management and control equipment; the management and control equipment sends a dynamic host configuration protocol response to the access equipment, wherein the dynamic host configuration protocol response comprises an IP address of the access equipment and an IP address of the management and control equipment; the access equipment sends an access message to the management and control equipment by using the IP address of the management and control equipment, wherein the access message comprises the IP address, the service port, the manufacturer identification, the equipment model, the equipment unique identification and the authentication identification of the access equipment; the management and control equipment authenticates the access equipment by utilizing the pre-configured registration information and the manufacturer identification, the equipment model and the equipment unique identification; under the condition that authentication is successful, the management and control equipment queries pre-configured authentication information by using the authentication identifier and the manufacturer identifier to obtain a user name and a password; the management and control equipment is connected with the access equipment by using the IP address and the service port of the access equipment.
In some embodiments, the IP address of the policing device is carried in the dhcp answer via dhcp options.
In some embodiments, the device connection method further comprises: the management and control equipment is configured with registration information in advance, and the registration information comprises a manufacturer identifier, an equipment model and an equipment unique identifier of factory-delivered access equipment; the management and control equipment is configured with authentication information in advance, and the authentication information comprises an authentication identifier, a manufacturer identifier, a user name and a password.
In some embodiments, the device connection method further comprises: the management and control equipment monitors the access message so as to authenticate the access equipment by using the access message after monitoring the access message.
In some embodiments, the device connection method further comprises: and the management and control equipment sends an access refusing message to the access equipment under the condition of authentication failure.
According to another aspect of the embodiments of the present disclosure, there is provided an apparatus connection system, including an access apparatus and a management and control apparatus; wherein the access device is configured to: sending a dynamic host configuration protocol request to the management and control equipment; the policing device is configured to: sending a dynamic host configuration protocol response to the access equipment, wherein the dynamic host configuration protocol response comprises an IP address of the access equipment and an IP address of the management and control equipment; the access device is further configured to: sending an access message to the management and control equipment by using the IP address of the management and control equipment, wherein the access message comprises the IP address, the service port, the manufacturer identifier, the equipment model, the equipment unique identifier and the authentication identifier of the access equipment; the policing device is further configured to: authenticating the access equipment by using the pre-configured registration information and the manufacturer identification, the equipment model and the equipment unique identification; under the condition of successful authentication, inquiring pre-configured authentication information by using the authentication identifier and the manufacturer identifier to obtain a user name and a password; and connecting the access equipment by using the IP address and the service port of the access equipment.
In some embodiments, the IP address of the policing device is carried in the dhcp answer via dhcp options.
In some embodiments, the regulating device is further configured to: pre-configuring registration information, wherein the registration information comprises a manufacturer identifier, an equipment model and an equipment unique identifier of factory-delivered access equipment; and configuring authentication information in advance, wherein the authentication information comprises an authentication identifier, a manufacturer identifier, a user name and a password.
In some embodiments, the regulating device is further configured to: and monitoring the access message so as to authenticate the access equipment by using the access message after monitoring the access message.
In some embodiments, the regulating device is further configured to: and in case of authentication failure, sending a message of refusing access to the access equipment.
According to still another aspect of the embodiments of the present disclosure, there is provided a device connecting apparatus including: a memory; and a processor coupled to the memory, the processor configured to perform the aforementioned device connection method based on instructions stored in the memory.
According to still another aspect of the embodiments of the present disclosure, there is provided a computer-readable storage medium, wherein the computer-readable storage medium stores computer instructions, and the instructions, when executed by a processor, implement the aforementioned device connection method.
The method and the device realize automatic discovery, automatic authentication and automatic authentication of the access equipment, can rapidly and automatically configure the access equipment, and can improve the safety of equipment access.
Other features of the present disclosure and advantages thereof will become apparent from the following detailed description of exemplary embodiments thereof, which proceeds with reference to the accompanying drawings.
Drawings
In order to more clearly illustrate the embodiments of the present disclosure or the technical solutions in the prior art, the drawings used in the embodiments or the description of the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present disclosure, and for those skilled in the art, other drawings may be obtained according to the drawings without inventive labor.
Fig. 1 illustrates a flow diagram of a device connection method of some embodiments of the present disclosure.
Fig. 2 illustrates a schematic structural diagram of a device connection system according to some embodiments of the present disclosure.
Fig. 3 shows a call relationship between modules in an application example of the device connection system.
Fig. 4 shows a schematic structural diagram of a device connection apparatus according to some embodiments of the present disclosure.
Detailed Description
The technical solutions in the embodiments of the present disclosure will be clearly and completely described below with reference to the drawings in the embodiments of the present disclosure, and it is obvious that the described embodiments are only a part of the embodiments of the present disclosure, and not all of the embodiments. The following description of at least one exemplary embodiment is merely illustrative in nature and is in no way intended to limit the disclosure, its application, or uses. All other embodiments, which can be derived by a person skilled in the art from the embodiments disclosed herein without making any creative effort, shall fall within the protection scope of the present disclosure.
The inventors have summarized the technical drawbacks of the related art: (1) equipment access is realized through IP address scanning or broadcasting, and the efficiency and the safety are low; (2) the extra heavyweight protocol is introduced for support, so that the development workload of a management and control party and a manufacturer is increased, and the burden of access equipment is increased; (3) the part of the method lacks a link of authentication and signing, and the safety is low; (4) the connection direction between the access device and the management and control device leads the related technology to be applicable to partial application scenarios.
Some embodiments of the disclosed device connection method are first described in conjunction with fig. 1.
Fig. 1 illustrates a flow diagram of a device connection method of some embodiments of the present disclosure. As shown in fig. 1, the present embodiment includes steps S102 to S112.
In step S102, the access device sends a dhcp request to the policing device.
The access device may be, for example, an access-type optical transport network device. After the access equipment is powered on, the IP address and DNS information of the access equipment can be acquired through a dynamic host configuration protocol.
In step S104, the management and control device sends a dhcp reply to the access device, where the dhcp reply includes an IP address of the access device and an IP address of the management and control device.
In some embodiments, the IP address of the policing device is carried in the dynamic host configuration protocol reply by a dynamic host configuration protocol Option (DHCP Option).
In step S106, the access device sends an access packet to the management and control device by using the IP address of the management and control device, where the access packet includes the IP address of the access device, the service port, the manufacturer identifier, the device model, the device unique identifier, and the authentication identifier.
The message fields in the access message may be, for example, as shown in table 3.
TABLE 3
Figure BDA0002303437890000051
An example of an access packet is as follows:
192.168.1.101#830#huawei#1800I#F9C7A5E6E7A8#A1。
in step S108, the management and control device authenticates the access device with the manufacturer identifier, the device model, and the device unique identifier using the pre-configured registration information.
The registration information may be specifically shown in table 1, for example.
TABLE 1
Figure BDA0002303437890000052
During authentication, the management and control equipment analyzes the access message, verifies whether the unique identifier of the equipment has registration in the registration information, and further verifies whether the manufacturer identifier is matched and the equipment model is matched.
In case the authentication fails, step S110 is performed. In step S110, the policing device sends a rejection message to the access device.
In case the authentication is successful, step S112 is performed. In step S112, the management and control device queries the pre-configured authentication information by using the authentication identifier and the manufacturer identifier, and obtains a user name and a password.
The authentication information may be specifically shown in table 2, for example. The management and control system presets authentication information agreed with each manufacturer, and each manufacturer is different.
TABLE 2
Authentication mark Manufacturer identification User name Cipher code
A1 Huawei User name 1 Code 1
A2 FiberHome User name 2 Cipher 2
For example, the management and control device authenticates and discovers a legal access device, and exchanges an authentication user name HuaweiUser1 and a password HuaweiPwd1 with an authentication identifier a1 and a manufacturer identifier Huawei in an access message.
In step S114, the management and control device connects the access device using the IP address and the service port of the access device.
If the connection is successful, the access equipment is marked to be legal, and if the connection is failed, the management and control equipment can send out alarm information.
In the conventional device access method, the configuration work of the client side access device is complicated, the management of the access device can be realized only by manually configuring the access device side and the management and control device side through a network management system or network management personnel, and the method is low in efficiency and easy to make mistakes. In addition, when the equipment is old or needs to be replaced when the equipment is failed, the access equipment often needs to be reconfigured, so that the maintenance cost of an operator is increased.
In comparison, the embodiment can realize automatic discovery, automatic authentication and automatic authentication after the access device is powered on, can quickly and automatically configure the access device, can also realize automatic recovery of services, can remove the complex steps of manual configuration, and saves a large amount of labor cost.
Meanwhile, the embodiment utilizes the TCP protocol originally supported by the equipment end, the message is simple and clear, and the control equipment and the manufacturer can realize the control without adopting an additional protocol, so the implementation is easy. The authentication information adopts the authentication identification to replace a plaintext password form, so that the plaintext password can be prevented from being intercepted and utilized, and the safety and the reliability of equipment access are improved.
In addition, in subsequent service management, different configuration parameters can be issued according to different equipment types and matched with the service template, so that service opening can be completed more efficiently and conveniently, and labor cost is further saved.
In some embodiments, the device connection method in this embodiment further includes step S105. In step S105, the management and control device monitors the access packet, so as to authenticate the access device by using the access packet after monitoring the access packet.
In some embodiments, the device connection method in this embodiment further includes step S101.
In step S101, the management and control device configures registration information in advance, where the registration information includes a manufacturer identifier, a device model, and a device unique identifier of a factory-delivered access device; the management and control equipment is configured with authentication information in advance, and the authentication information comprises an authentication identifier, a manufacturer identifier, a user name and a password.
It will be understood by those skilled in the art that the present disclosure may be applied to the management of optical transport network wavelength division devices in the field of optical transmission, not only to the management of optical transport network devices, but also to the management of other devices requiring additional authentication information. The netconf protocol can be adopted in the method, other protocols can also be adopted in the method, the method is suitable for all the access devices to serve as protocol servers, and the management and control device serves as a management protocol of the client.
Some embodiments of the disclosed device connection system are described below in conjunction with fig. 2.
Fig. 2 illustrates a schematic structural diagram of a device connection system according to some embodiments of the present disclosure. As shown in fig. 2, the device connection system 20 in the present embodiment includes an access device 201 and a management device 202. Wherein the access device 201 is configured to: sending a dynamic host configuration protocol request to the policing device 201; the policing device 201 is configured to: sending a dynamic host configuration protocol response to the access device 201, where the dynamic host configuration protocol response includes an IP address of the access device 201 and an IP address of the management and control device 201; the access device 201 is further configured to: sending an access message to the management and control device 201 by using the IP address of the management and control device 201, where the access message includes the IP address, the service port, the manufacturer identifier, the device model, the device unique identifier, and the authentication identifier of the access device 201; the policing device 201 is further configured to: authenticating the access equipment 201 by using the pre-configured registration information and the manufacturer identification, the equipment model and the equipment unique identification; under the condition of successful authentication, inquiring pre-configured authentication information by using the authentication identifier and the manufacturer identifier to obtain a user name and a password; the access device 201 is connected using the IP address and service port of the access device 201.
In some embodiments, the IP address of the policing device 201 is carried in the dhcp reply by dhcp option.
In some embodiments, the policing device 201 is further configured to: pre-configuring registration information, wherein the registration information includes a manufacturer identifier, an equipment model and an equipment unique identifier of the factory-delivered access equipment 201; and configuring authentication information in advance, wherein the authentication information comprises an authentication identifier, a manufacturer identifier, a user name and a password.
In some embodiments, the policing device 201 is further configured to: and monitoring the access message so as to authenticate the access device 201 by using the access message after monitoring the access message.
In some embodiments, the policing device 201 is further configured to: in case of authentication failure, a denial of access message is sent to the access device 201.
The embodiment can realize automatic discovery, automatic authentication and automatic authentication after the access equipment is powered on, can quickly and automatically configure the access equipment, can also realize automatic recovery of services, can remove the complicated steps of manual configuration, and saves a large amount of labor cost.
Meanwhile, the embodiment utilizes the TCP protocol originally supported by the equipment end, the message is simple and clear, and the control equipment and the manufacturer can realize the control without adopting an additional protocol, so the implementation is easy. The authentication information adopts an authentication identifier instead of a plaintext password form, so that the plaintext password can be prevented from being intercepted and utilized, and the safety and the reliability of equipment access are improved.
An example of the application of the device connection system is shown below.
The equipment connecting system comprises a management and control equipment and an access equipment. The access device may include an addressing module, an information sending module, and a Protocol interaction module, and the management and control device may include a DHCP (Dynamic Host Configuration Protocol) module, a monitoring module, an authorization module, and a device management module. FIG. 3 shows the call relationship between modules:
(1) the addressing module acquires an IP of the access equipment and an IP address of the management and control equipment through the DHCP module;
(2) the information sending module organizes the access message according to a preset standard and sends the access message to the monitoring module;
(3) the monitoring module submits the access message to the signing module for validity judgment;
(4) the signing module submits the related information to the equipment management module under the condition that the equipment is legal;
(5) the device management module realizes the connection and management of the device.
Some embodiments of the apparatus attachment devices of the present disclosure are described below in conjunction with fig. 4.
Fig. 4 shows a schematic structural diagram of a device connection apparatus according to some embodiments of the present disclosure. As shown in fig. 4, the device connecting apparatus 40 of this embodiment includes: a memory 410 and a processor 420 coupled to the memory 410, the processor 420 configured to perform the device connection method of any of the foregoing embodiments based on instructions stored in the memory 410.
Memory 410 may include, for example, system memory, fixed non-volatile storage media, and the like. The system memory stores, for example, an operating system, an application program, a Boot Loader (Boot Loader), and other programs.
The device connection apparatus 40 may further include an input-output interface 430, a network interface 440, a storage interface 450, and the like. These interfaces 430, 440, 450 and the connection between the memory 410 and the processor 420 may be, for example, via a bus 460. The input/output interface 430 provides a connection interface for input/output devices such as a display, a mouse, a keyboard, and a touch screen. The network interface 440 provides a connection interface for various networking devices. The storage interface 450 provides a connection interface for external storage devices such as an SD card and a usb disk.
The present disclosure also includes a computer readable storage medium having stored thereon computer instructions that, when executed by a processor, implement the device connection method in any of the foregoing embodiments.
The present disclosure is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the disclosure. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The above description is only exemplary of the present disclosure and is not intended to limit the present disclosure, so that any modification, equivalent replacement, or improvement made within the spirit and principle of the present disclosure should be included in the scope of the present disclosure.

Claims (12)

1. A device connection method, comprising:
the access equipment sends a dynamic host configuration protocol request to the management and control equipment;
the management and control equipment sends a dynamic host configuration protocol response to the access equipment, wherein the dynamic host configuration protocol response comprises an IP address of the access equipment and an IP address of the management and control equipment;
the access equipment sends an access message to the management and control equipment by using the IP address of the management and control equipment, wherein the access message comprises the IP address, the service port, the manufacturer identification, the equipment model, the equipment unique identification and the authentication identification of the access equipment;
the management and control equipment authenticates the access equipment by using the pre-configured registration information, the manufacturer identification, the equipment model and the equipment unique identification;
under the condition that authentication is successful, the management and control equipment queries pre-configured authentication information by using the authentication identifier and the manufacturer identifier to obtain a user name and a password;
the management and control equipment is connected with the access equipment by using the IP address and the service port of the access equipment.
2. The device connection method according to claim 1, wherein the dhcp reply carries an IP address of the policing device through a dhcp option.
3. The device connecting method according to claim 1, further comprising:
the management and control equipment is configured with registration information in advance, wherein the registration information comprises a manufacturer identifier, an equipment model and an equipment unique identifier of factory-delivered access equipment;
the management and control equipment is configured with authentication information in advance, and the authentication information comprises an authentication identifier, a manufacturer identifier, a user name and a password.
4. The device connecting method according to claim 1, further comprising:
the management and control equipment monitors the access message so as to authenticate the access equipment by using the access message after monitoring the access message.
5. The device connecting method according to claim 1, further comprising:
and the management and control equipment sends an access refusing message to the access equipment under the condition of authentication failure.
6. An equipment connecting system comprises access equipment and management and control equipment; wherein, the first and the second end of the pipe are connected with each other,
the access device is configured to: sending a dynamic host configuration protocol request to the management and control equipment;
the policing device is configured to: sending a dynamic host configuration protocol response to the access equipment, wherein the dynamic host configuration protocol response comprises an IP address of the access equipment and an IP address of the management and control equipment;
the access device is further configured to: sending an access message to the management and control equipment by using the IP address of the management and control equipment, wherein the access message comprises the IP address, the service port, the manufacturer identification, the equipment model, the equipment unique identification and the authentication identification of the access equipment;
the policing device is further configured to: authenticating the access equipment by using the pre-configured registration information and the manufacturer identification, the equipment model and the equipment unique identification; under the condition of successful authentication, inquiring pre-configured authentication information by using the authentication identifier and the manufacturer identifier to obtain a user name and a password; and connecting the access equipment by using the IP address and the service port of the access equipment.
7. The device connection system according to claim 6, wherein the dhcp reply carries the IP address of the policing device through dhcp options.
8. The device connection system of claim 6, wherein the governing device is further configured to: pre-configuring registration information, wherein the registration information comprises a manufacturer identifier, an equipment model and an equipment unique identifier of factory-leaving access equipment; and configuring authentication information in advance, wherein the authentication information comprises an authentication identifier, a manufacturer identifier, a user name and a password.
9. The device connection system of claim 6, wherein the governing device is further configured to: and monitoring the access message so as to authenticate the access equipment by using the access message after monitoring the access message.
10. The device connection system of claim 6, wherein the governing device is further configured to: and in case of authentication failure, sending a message of refusing access to the access equipment.
11. A device connecting apparatus comprising:
a memory; and
a processor coupled to the memory, the processor configured to perform the device connection method of any of claims 1-5 based on instructions stored in the memory.
12. A computer-readable storage medium, wherein the computer-readable storage medium stores computer instructions which, when executed by a processor, implement the device connection method of any one of claims 1 to 5.
CN201911230592.5A 2019-12-05 2019-12-05 Device connection method, system, apparatus and computer readable storage medium Active CN112929188B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911230592.5A CN112929188B (en) 2019-12-05 2019-12-05 Device connection method, system, apparatus and computer readable storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911230592.5A CN112929188B (en) 2019-12-05 2019-12-05 Device connection method, system, apparatus and computer readable storage medium

Publications (2)

Publication Number Publication Date
CN112929188A CN112929188A (en) 2021-06-08
CN112929188B true CN112929188B (en) 2022-06-14

Family

ID=76160861

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911230592.5A Active CN112929188B (en) 2019-12-05 2019-12-05 Device connection method, system, apparatus and computer readable storage medium

Country Status (1)

Country Link
CN (1) CN112929188B (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113259910B (en) * 2021-06-30 2022-07-05 智道网联科技(北京)有限公司 Activation method and device for vehicle-mounted networking equipment
CN114640578A (en) * 2022-03-15 2022-06-17 中国电信股份有限公司 Automatic configuration method, device and system of equipment
CN114697774B (en) * 2022-04-11 2023-10-03 中国电信股份有限公司 Port management method and device, computer readable storage medium and electronic equipment
CN115941777A (en) * 2022-11-25 2023-04-07 深圳市信锐网科技术有限公司 Equipment online use method, export management equipment, target equipment and related device

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101815091A (en) * 2010-03-12 2010-08-25 薛明 Cipher providing equipment, cipher authentication system and cipher authentication method
CN102204307A (en) * 2011-06-15 2011-09-28 华为技术有限公司 Wlan authentication method based on MAC address and device thereof
JP2012033145A (en) * 2010-06-29 2012-02-16 On Site:Kk Server device, and computer system and login method thereof
CN105591748A (en) * 2015-09-21 2016-05-18 杭州华三通信技术有限公司 Authentication method and device
CN107026813A (en) * 2016-01-29 2017-08-08 中国电信股份有限公司 Access authentication method, system and the portal server of WiFi network
CN107135205A (en) * 2017-04-14 2017-09-05 天地融科技股份有限公司 A kind of method for network access and system
CN108462710A (en) * 2018-03-20 2018-08-28 新华三技术有限公司 Authentication authority method, device, certificate server and machine readable storage medium

Family Cites Families (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR100667333B1 (en) * 2004-12-16 2007-01-12 삼성전자주식회사 System and method for authentication of a device and a user in the home network
CN101478576B (en) * 2008-01-03 2012-02-15 华为技术有限公司 Method, apparatus and system for selecting service network
CN102571811A (en) * 2012-02-09 2012-07-11 神州数码网络(北京)有限公司 User access authority control system and method thereof
CN103812651B (en) * 2012-11-13 2018-06-22 深圳市腾讯计算机系统有限公司 Method of password authentication, apparatus and system
CN103812841A (en) * 2012-11-14 2014-05-21 华为技术有限公司 Bypass authentication method, device and system
EP2743857A1 (en) * 2012-12-13 2014-06-18 Gemalto SA Methof for allowing establishment of a secure session between a device and a server
CN104283848B (en) * 2013-07-03 2018-02-09 新华三技术有限公司 Terminal access method and device
CN103442328B (en) * 2013-09-02 2016-03-09 北京鹏通高科科技有限公司 A kind of method for controlling quality of service of internet-of-things terminal and system
CN104580116B (en) * 2013-10-25 2018-09-14 新华三技术有限公司 A kind of management method and equipment of security strategy
CN107819728B (en) * 2016-09-12 2021-02-12 华为技术有限公司 Network authentication method and related device
CN106954212A (en) * 2017-03-02 2017-07-14 上海斐讯数据通信技术有限公司 A kind of portal authentication method and system
CN107438113A (en) * 2017-07-04 2017-12-05 上海斐讯数据通信技术有限公司 A kind of method and system redirected by DHCP
US11647386B2 (en) * 2017-10-17 2023-05-09 Comcast Cable Communications, Llc Device based credentials
US20190305955A1 (en) * 2018-03-27 2019-10-03 Ca, Inc. Push notification authentication
CN110401952B (en) * 2018-04-25 2021-02-26 华为技术有限公司 Authentication method and related equipment
CN109361669B (en) * 2018-10-19 2022-03-18 深圳数粉科技有限公司 Identity authentication method, device and equipment of communication equipment

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101815091A (en) * 2010-03-12 2010-08-25 薛明 Cipher providing equipment, cipher authentication system and cipher authentication method
JP2012033145A (en) * 2010-06-29 2012-02-16 On Site:Kk Server device, and computer system and login method thereof
CN102204307A (en) * 2011-06-15 2011-09-28 华为技术有限公司 Wlan authentication method based on MAC address and device thereof
CN105591748A (en) * 2015-09-21 2016-05-18 杭州华三通信技术有限公司 Authentication method and device
CN107026813A (en) * 2016-01-29 2017-08-08 中国电信股份有限公司 Access authentication method, system and the portal server of WiFi network
CN107135205A (en) * 2017-04-14 2017-09-05 天地融科技股份有限公司 A kind of method for network access and system
CN108462710A (en) * 2018-03-20 2018-08-28 新华三技术有限公司 Authentication authority method, device, certificate server and machine readable storage medium

Also Published As

Publication number Publication date
CN112929188A (en) 2021-06-08

Similar Documents

Publication Publication Date Title
CN112929188B (en) Device connection method, system, apparatus and computer readable storage medium
US10749858B2 (en) Secure login information
EP2258098B1 (en) Credential generation method for communications devices and device management servers
US7792939B2 (en) Method and system for obtaining secure shell host key of managed device
US8195944B2 (en) Automated method for securely establishing simple network management protocol version 3 (SNMPv3) authentication and privacy keys
CN100492991C (en) Network element management method, system and network element
JP2006085719A (en) Setting information distribution device, authentication setting transfer device, method, program, medium and setting information receiving program
EP2986042B1 (en) Client, server, and remote authentication dial in user service capability negotiation method and system
CN101340287A (en) Network access verifying method, system and apparatus
US9064098B2 (en) Method, apparatus and system for software management
CN109104475A (en) Connect restoration methods, apparatus and system
EP3119056B1 (en) Machine to machine virtual private network
US9485217B2 (en) Method for configuring network nodes of a telecommunications network, telecommunications network, program and computer program product
JP3746782B2 (en) Network system
CN112929387A (en) Broadband network multiple authentication and encryption method applied to intelligent community
CN113014592A (en) Automatic registration system and method for Internet of things equipment
CN112333214A (en) Safe user authentication method and system for Internet of things equipment management
US20190124074A1 (en) System and method for communicating with a service processor
CN112840602B (en) Method and control system for monitoring a plurality of devices in an SNMP-based network
CN115136634A (en) Apparatus and method for zero configuration deployment in a communication network
CN113660283A (en) Validity authentication method and device
IL308275A (en) Communication method for IoT nodes or IoT devices in a local network

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant