CN114553502B - Network authentication method and electronic equipment - Google Patents
Network authentication method and electronic equipment Download PDFInfo
- Publication number
- CN114553502B CN114553502B CN202210112451.9A CN202210112451A CN114553502B CN 114553502 B CN114553502 B CN 114553502B CN 202210112451 A CN202210112451 A CN 202210112451A CN 114553502 B CN114553502 B CN 114553502B
- Authority
- CN
- China
- Prior art keywords
- authentication certificate
- authentication
- electronic equipment
- local area
- administrator
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 46
- 230000008569 process Effects 0.000 claims description 7
- 230000004044 response Effects 0.000 claims description 4
- 238000012795 verification Methods 0.000 claims description 3
- 238000010586 diagram Methods 0.000 description 8
- 238000004590 computer program Methods 0.000 description 6
- 230000006870 function Effects 0.000 description 5
- 238000012986 modification Methods 0.000 description 4
- 230000004048 modification Effects 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 2
- 238000010276 construction Methods 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000003672 processing method Methods 0.000 description 1
- 230000001681 protective effect Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/2801—Broadband local area networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The application discloses a network authentication method and electronic equipment, wherein the network authentication method is applied to the electronic equipment and comprises the steps of determining whether a first authentication certificate exists in a current local area network or not through a basic input output system of the electronic equipment, wherein the first authentication certificate is used for authenticating whether the current local area network is credible or not; if so, determining whether the first authentication certificate is matched with the second authentication certificate; wherein the second authentication certificate is stored in the electronic device; and under the condition that the first authentication certificate is matched with the second authentication certificate, controlling the electronic equipment to access the current local area network and starting an operating system of the electronic equipment. According to the network authentication method, manual operation is not needed, the problem that data is lost or leaked due to omission of an administrator is avoided, the administrator is not needed to manage the electronic equipment one by one, the efficiency of accessing the electronic equipment into the current local area network is greatly improved, and time and labor are saved.
Description
Technical Field
The present disclosure relates to the field of network security technologies, and in particular, to a network authentication method and an electronic device.
Background
With the digitization of information, more and more information is stored on electronic devices, and thus, users have increasingly high demands on network security. In general, a user builds up his own safe and controllable local area network, but in order to prevent important service data on the local area network from being lost or revealed, the user often needs to manage or control whether some computers can be connected to the local area network or the internet by a manual mode, such as a professional administrator.
However, the management or control is performed manually, so that the operation is complex, time and labor are consumed, the efficiency is low, and the data is easy to be lost or leaked due to the omission of an administrator.
Disclosure of Invention
An object of the embodiments of the present application is to provide a network authentication method and an electronic device, which can avoid the problem of data loss or leakage caused by omission of an administrator, and improve the efficiency of accessing the electronic device into a current local area network, thereby saving time and labor.
In a first aspect, an embodiment of the present application provides a network authentication method, which is applied to an electronic device, and includes:
determining whether a first authentication certificate exists in the current local area network or not through a basic input/output system of the electronic equipment, wherein the first authentication certificate is used for authenticating whether the current local area network is trusted or not;
if so, determining whether the first authentication certificate is matched with the second authentication certificate; wherein the second authentication credential is stored in the electronic device;
and under the condition that the first authentication certificate is matched with the second authentication certificate, controlling the electronic equipment to access the current local area network and starting an operating system of the electronic equipment.
In a possible implementation manner, the determining whether the first authentication certificate and the second authentication certificate match includes:
determining whether the second authentication certificate exists on an on-board network card of the electronic equipment;
if so, authenticating the first authentication certificate and the second authentication certificate to determine whether the first authentication certificate and the second authentication certificate are matched.
In one possible implementation manner, the network authentication method further includes:
if the second authentication certificate does not exist on the on-board network card, determining whether the second authentication certificate injected by the administrator is received or not in a preset time period;
and if the second authentication certificate injected by the administrator is received within the preset time period, storing the second authentication certificate into the on-board network card.
In one possible implementation manner, the network authentication method further includes:
and stopping starting the operating system of the electronic equipment if the second authentication certificate injected by the administrator is not received within the preset time period.
In one possible implementation manner, the network authentication method further includes:
and stopping starting the operating system of the electronic equipment if the first authentication certificate does not exist in the current local area network.
In one possible implementation, if the electronic device authenticates for the first time;
before determining whether the first authentication certificate exists in the current local area network, the method further comprises:
in the process of starting in response to the starting instruction, determining whether an administrator password is received;
if the administrator password is received, verifying the administrator password;
and under the condition that the administrator password passes verification, displaying an authentication interface, wherein the administrator executes preset operation on the authentication interface to start authentication.
In one possible implementation manner, the network authentication method further includes:
and stopping starting the operating system of the electronic equipment under the condition that the administrator password is not verified.
In a second aspect, embodiments of the present application further provide an electronic device, including:
the first determining module is configured to determine whether a first authentication certificate exists in the current local area network through a basic input output system of the electronic equipment, wherein the first authentication certificate is used for authenticating whether the current local area network is trusted or not;
a second determination module configured to determine if the first authentication credential and the second authentication credential match if present; wherein the second authentication credential is stored in the electronic device;
and the control module is configured to control the electronic equipment to be accessed to the current local area network and start an operating system of the electronic equipment under the condition that the first authentication certificate is matched with the second authentication certificate.
In one possible implementation manner, the second determining module is specifically configured to:
determining whether the second authentication certificate exists on an on-board network card of the electronic equipment;
if so, authenticating the first authentication certificate and the second authentication certificate to determine whether the first authentication certificate and the second authentication certificate are matched.
In one possible implementation, the second determining module is further configured to:
if the second authentication certificate does not exist on the on-board network card, determining whether the second authentication certificate injected by the administrator is received or not in a preset time period;
and if the second authentication certificate injected by the administrator is received within the preset time period, storing the second authentication certificate into the on-board network card.
According to the network authentication method, the security of the current local area network is automatically determined through the first authentication certificate of the current local area network and the second authentication certificate stored in the electronic equipment, whether the electronic equipment is controlled to be accessed to the current local area network is further determined, manual operation is not needed, the problem that data is lost or leaked due to omission of an administrator is avoided, the administrator is not needed to manage the electronic equipment one by one, the efficiency of accessing the electronic equipment to the current local area network is greatly improved, and time and labor are saved.
Drawings
In order to more clearly illustrate the technical solutions of the present application or the prior art, the drawings used in the embodiments or the description of the prior art will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments described in the present application, and other drawings can be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 shows a flow chart of a network authentication method provided by the present application;
FIG. 2 is a flow chart of a method for determining whether a first authentication credential matches a second authentication credential in a network authentication method provided herein;
FIG. 3 is a schematic diagram of an electronic device according to the present application;
fig. 4 shows a schematic structural diagram of another electronic device provided in the present application.
Detailed Description
Various aspects and features of the present application are described herein with reference to the accompanying drawings.
It should be understood that various modifications may be made to the embodiments of the application herein. Therefore, the above description should not be taken as limiting, but merely as exemplification of the embodiments. Other modifications within the scope and spirit of this application will occur to those skilled in the art.
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments of the application and, together with a general description of the application given above and the detailed description of the embodiments given below, serve to explain the principles of the application.
These and other characteristics of the present application will become apparent from the following description of a preferred form of embodiment, given as a non-limiting example, with reference to the accompanying drawings.
It should also be understood that, although the present application has been described with reference to some specific examples, a person skilled in the art can certainly realize many other equivalent forms of the present application, all of which are within the protective scope as defined in the present application.
The foregoing and other aspects, features, and advantages of the present application will become more apparent in light of the following detailed description when taken in conjunction with the accompanying drawings.
Specific embodiments of the present application will be described hereinafter with reference to the accompanying drawings; however, it is to be understood that the disclosed embodiments are merely exemplary of the application, which can be embodied in various forms. Well-known and/or repeated functions and constructions are not described in detail to avoid obscuring the application with unnecessary or excessive detail. Therefore, specific structural and functional details disclosed herein are not intended to be limiting, but merely serve as a basis for the claims and as a representative basis for teaching one skilled in the art to variously employ the present application in virtually any appropriately detailed structure.
The specification may use the word "in one embodiment," "in another embodiment," "in yet another embodiment," or "in other embodiments," which may each refer to one or more of the same or different embodiments as per the application.
The network authentication method provided by the embodiment of the invention can avoid the problem of data loss or leakage caused by the omission of an administrator, and improves the efficiency of accessing the electronic equipment into the current local area network, thereby saving time and labor. For the convenience of understanding the present application, a detailed description of a network authentication method provided in the present application is first provided.
In practical application, the network authentication method in the embodiment of the application is applied to the electronic device, and an execution subject of the network authentication method is a processor of the electronic device. As shown in fig. 1, a flowchart of a processing method provided in an embodiment of the present application is shown, where specific steps include S101 to S103.
S101, determining whether a first authentication certificate exists in the current local area network or not through a basic input and output system of the electronic equipment, wherein the first authentication certificate is used for authenticating whether the current local area network is trusted or not.
In a specific implementation, when an electronic device such as a computer is started, a basic input/output system is started first, and then an operating system is started after the basic input/output system is operated.
Based on the first authentication certificate, when the user starts the electronic equipment and the basic input output system of the electronic equipment operates, whether the first authentication certificate exists in the current local area network or not is determined through the basic input output system of the electronic equipment.
The first authentication certificate is preconfigured by an administrator corresponding to the current local area network, and one or more first authentication certificates may be stored in the current local area network, and of course, the first authentication certificate may not exist in the initially newly-built local area network. Here, the first authentication certificate is used for the electronic device to authenticate whether the current local area network is trusted or not, which is equivalent to whether the current local area network authenticates the electronic device to be trusted or not.
S102, if so, determining whether the first authentication certificate is matched with the second authentication certificate; wherein the second authentication certificate is stored in the electronic device.
In a specific implementation, in case it is determined that the first authentication certificate exists in the current local area network, it is further determined whether the first authentication certificate matches the second authentication certificate. Wherein the second authentication certificate is pre-stored in the electronic device for the administrator.
And, the second authentication certificate can be mutually matched with the first authentication certificate, optionally the first authentication certificate and the second authentication certificate are generated in pairs, such as symmetric keys, asymmetric keys, hash values, etc.
Optionally, referring to the method flow shown in fig. 2, it is determined whether the first authentication certificate and the second authentication certificate match, wherein the specific steps include S201-S205.
S201, determining whether a second authentication certificate exists on an on-board network card of the electronic device.
S202, if a second authentication certificate exists on the on-board network card, authenticating the first authentication certificate and the second authentication certificate to determine whether the first authentication certificate is matched with the second authentication certificate.
And S203, if the second authentication certificate does not exist on the on-board network card, determining whether the second authentication certificate injected by the administrator is received within a preset time period.
S204, if the second authentication certificate injected by the administrator is received within the preset time period, the second authentication certificate is stored in the on-board network card.
S205, if the second authentication certificate injected by the administrator is not received within the preset time period, stopping starting the operating system of the electronic device.
In a specific implementation, the second authentication certificate is stored on an on-board network card of the electronic device, and there may be an electronic device that does not store the second authentication certificate, for example, in a case where the electronic device is used for the first time, or in a case where the electronic device is used as a security device for the first time, or the like, there may be no second authentication certificate stored on the on-board network card thereof. Therefore, when determining whether the first authentication certificate is matched with the second authentication certificate, determining whether the second authentication certificate exists on the on-board network card of the electronic device.
Under the condition that a second authentication certificate exists on the on-board network card, authenticating the first authentication certificate and the second authentication certificate to determine whether the first authentication certificate is matched with the second authentication certificate, for example, calculating the first authentication certificate and the second authentication certificate according to a first preset encryption algorithm, and determining whether a preset result is obtained; or, calculating the second authentication certificate according to a second preset encryption algorithm, and determining whether the calculated result is identical to the first authentication certificate or not.
In the case that the second authentication certificate does not exist on the on-board network card, that is, the electronic device is not a current electronic device with a trusted local area network. At this time, it may be further determined whether the second authentication certificate injected by the administrator is received within a preset period of time, that is, whether the procedure of configuring the second authentication certificate for the electronic device for the administrator is currently determined.
Optionally, a prompt may be generated and presented to make the administrator aware that the second authentication credential is not present on the electronic device, thereby making the administrator determine whether to inject the second authentication credential. Further, whether the second authentication certificate injected by the administrator is received or not is monitored in real time, if the second authentication certificate injected by the administrator is received within a preset time period, that is, the current process is a process that the administrator configures the second authentication certificate for the electronic device, and at this time, the second authentication certificate is stored in the on-board network card, so that the electronic device is used as a trusted device of the current local area network.
If the second authentication certificate injected by the administrator is not received within the preset time period, the electronic equipment is indicated not to belong to the trusted equipment of the current local area network, so that the starting of the operating system of the electronic equipment is stopped, namely the electronic equipment is not accessed into the current local area network.
It should be noted that, in the case that the first authentication certificate does not exist in the current lan, the current lan is not trusted in the electronic device, and therefore, the starting of the operating system of the electronic device is stopped.
And S103, controlling the electronic equipment to access the current local area network and starting an operating system of the electronic equipment under the condition that the first authentication certificate is matched with the second authentication certificate.
Further, in the case that the first authentication certificate is matched with the second authentication certificate, that is, the electronic device belongs to a trusted device of the current local area network, and the current local area network is trusted to the electronic device, the current local area network controls the electronic device to access the current local area network and starts an operating system of the electronic device.
If the electronic device performs authentication for the first time, before determining whether the first authentication certificate exists in the current local area network, the local area network authentication option can be displayed and the administrator is prompted to input the administrator password in the process of responding to the startup instruction, that is, in the process of starting the basic input/output system, in response to the preset operation performed by the administrator, such as clicking a target key.
And in the target time period, determining whether an administrator password is received, and if the administrator password is received, verifying the administrator password, wherein the administrator password is preset by an administrator, and the basic input output system determines whether the received administrator password is consistent with the administrator password stored by the basic input output system.
In the case that the administrator password is verified, an authentication interface is displayed, and the authentication interface can comprise the first authentication certificate and/or the second authentication certificate, so that the administrator can confirm, update and the like the first authentication certificate and/or the second authentication certificate. The administrator executes preset operation on the authentication interface to start authentication; in the case where the administrator password is not authenticated, it means that the current operation is not an operation of the administrator, that is, the stop starts the operating system of the electronic device.
Under the condition that the first authentication certificate is not matched with the second authentication certificate, detection prompt information can be generated and transmitted to an administrator, so that the administrator can confirm whether update exists in the first authentication certificate and/or the second authentication certificate, the situation that authentication is not passed due to update non-synchronization is avoided, and the user experience is greatly improved.
According to the network authentication method, the security of the current local area network is automatically determined through the first authentication certificate of the current local area network and the second authentication certificate stored in the electronic equipment, whether the electronic equipment is controlled to be accessed to the current local area network is further determined, manual operation is not needed, the problem that data is lost or leaked due to omission of an administrator is avoided, the administrator is not needed to manage the electronic equipment one by one, the efficiency of accessing the electronic equipment to the current local area network is greatly improved, and time and labor are saved.
Based on the same inventive concept, the second aspect of the present application further provides an electronic device corresponding to the network authentication method, and since the principle of solving the problem by the device in the present application is similar to that of the network authentication method described in the present application, the implementation of the device may refer to the implementation of the method, and the repetition is omitted.
Fig. 3 shows a schematic diagram of an electronic device provided in an embodiment of the present application, specifically including:
a first determining module 301, configured to determine, by using a basic input output system of the electronic device, whether a first authentication certificate exists in the current local area network, where the first authentication certificate is used to authenticate whether the current local area network is trusted;
a second determination module 302 configured to determine if the first authentication credential and the second authentication credential, if present, match; wherein the second authentication credential is stored in the electronic device;
and the control module 303 is configured to control the electronic device to access the current local area network and start an operating system of the electronic device if the first authentication certificate is matched with the second authentication certificate.
In yet another embodiment, the second determining module 302 is specifically configured to:
determining whether the second authentication certificate exists on an on-board network card of the electronic equipment;
if so, authenticating the first authentication certificate and the second authentication certificate to determine whether the first authentication certificate and the second authentication certificate are matched.
In yet another embodiment, the second determination module 302 is further configured to:
if the second authentication certificate does not exist on the on-board network card, determining whether the second authentication certificate injected by the administrator is received or not in a preset time period;
and if the second authentication certificate injected by the administrator is received within the preset time period, storing the second authentication certificate into the on-board network card.
In yet another embodiment, the electronic device further includes a first stopping module 304 configured to:
and stopping starting the operating system of the electronic equipment if the second authentication certificate injected by the administrator is not received within the preset time period.
In yet another embodiment, the electronic device further comprises a second stopping module 305 configured to:
and stopping starting the operating system of the electronic equipment if the first authentication certificate does not exist in the current local area network.
In yet another embodiment, the electronic device further comprises a presentation module 306 configured to:
in the process of starting in response to the starting instruction, determining whether an administrator password is received;
if the administrator password is received, verifying the administrator password;
and under the condition that the administrator password passes verification, displaying an authentication interface, wherein the administrator executes preset operation on the authentication interface to start authentication.
In yet another embodiment, the electronic device further comprises a third stopping module 307 configured to:
and stopping starting the operating system of the electronic equipment under the condition that the administrator password is not verified.
According to the method and the device for controlling the access of the electronic equipment, the security of the current local area network is automatically determined through the first authentication certificate of the current local area network and the second authentication certificate stored in the electronic equipment, whether the electronic equipment is controlled to be accessed to the current local area network is further determined, manual operation is not needed, the problem that data are lost or leaked due to omission of an administrator is avoided, the administrator is not needed to manage the electronic equipment one by one, the efficiency of accessing the electronic equipment to the current local area network is greatly improved, and time and labor are saved.
The embodiment of the application also provides a storage medium, which is a computer readable medium and stores a computer program, and when the computer program is executed by a processor, the method provided by any embodiment of the application is implemented, including the following steps S11-S13:
s11, determining whether a first authentication certificate exists in the current local area network or not through a basic input output system of the electronic equipment, wherein the first authentication certificate is used for authenticating whether the current local area network is trusted or not;
s12, if so, determining whether the first authentication certificate is matched with the second authentication certificate; wherein the second authentication credential is stored in the electronic device;
and S13, controlling the electronic equipment to be accessed into the current local area network and starting an operating system of the electronic equipment under the condition that the first authentication certificate is matched with the second authentication certificate.
The embodiment of the present application further provides another electronic device, where the schematic structural diagram of the electronic device may at least include a memory 401 and a processor 402, where the memory 401 stores a computer program, and the processor 402 implements the method provided in any embodiment of the present application when executing the computer program on the memory 401 as shown in fig. 4. Exemplary, electronic device computer program steps are as follows S21-S23:
s21, determining whether a first authentication certificate exists in the current local area network or not through a basic input output system of the electronic equipment, wherein the first authentication certificate is used for authenticating whether the current local area network is trusted or not;
s22, if so, determining whether the first authentication certificate is matched with the second authentication certificate; wherein the second authentication credential is stored in the electronic device;
s23, controlling the electronic equipment to be accessed into the current local area network and starting an operating system of the electronic equipment under the condition that the first authentication certificate is matched with the second authentication certificate.
Alternatively, in the present embodiment, the storage medium may include, but is not limited to: a U-disk, a Read-Only Memory (ROM), a random access Memory (RAM, random Access Memory), a removable hard disk, a magnetic disk, or an optical disk, or other various media capable of storing program codes. Optionally, in this embodiment, the processor performs the method steps described in the above embodiment according to the program code stored in the storage medium. Alternatively, specific examples in this embodiment may refer to examples described in the foregoing embodiments and optional implementations, and this embodiment is not described herein. It will be appreciated by those skilled in the art that the modules or steps of the application described above may be implemented in a general purpose computing device, they may be centralized on a single computing device, or distributed across a network of computing devices, or they may alternatively be implemented in program code executable by computing devices, such that they may be stored in a memory device for execution by the computing devices and, in some cases, the steps shown or described may be performed in a different order than what is shown or described, or they may be implemented as individual integrated circuit modules, or as individual integrated circuit modules. Thus, the present application is not limited to any specific combination of hardware and software.
The flowcharts and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present application. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The foregoing description is only of the preferred embodiments of the present application and is presented as a description of the principles of the technology being utilized. It will be appreciated by those skilled in the art that the scope of the disclosure referred to in this application is not limited to the specific combination of features described above, but encompasses other embodiments in which features described above or their equivalents may be combined in any way without departing from the spirit of the disclosure. Such as the above-described features and technical features having similar functions (but not limited to) disclosed in the present application are replaced with each other.
Moreover, although operations are depicted in a particular order, this should not be understood as requiring that such operations be performed in the particular order shown or in sequential order. In certain circumstances, multitasking and parallel processing may be advantageous. Likewise, while several specific implementation details are included in the above discussion, these should not be construed as limiting the scope of the present application. Certain features that are described in the context of separate embodiments can also be implemented in combination in a single embodiment. Conversely, various features that are described in the context of a single embodiment can also be implemented in multiple embodiments separately or in any suitable subcombination.
Although the subject matter has been described in language specific to structural features and/or methodological acts, it is to be understood that the subject matter defined in the appended claims is not necessarily limited to the specific features or acts described above. Rather, the specific features and acts described above are example forms of implementing the claims.
The above embodiments are only exemplary embodiments of the present application and are not intended to limit the present application, the scope of which is defined by the claims. Various modifications and equivalent arrangements may be made to the present application by those skilled in the art, which modifications and equivalents are also considered to be within the scope of the present application.
Claims (8)
1. A network authentication method is applied to electronic equipment and comprises the following steps:
determining whether a first authentication certificate exists in the current local area network or not through a basic input/output system of the electronic equipment, wherein the first authentication certificate is used for authenticating whether the current local area network is trusted or not;
if so, determining whether the first authentication certificate is matched with the second authentication certificate; the second authentication certificate is stored on an on-board network card of the electronic equipment;
controlling the electronic equipment to access the current local area network and starting an operating system of the electronic equipment under the condition that the first authentication certificate is matched with the second authentication certificate;
the determining whether the first authentication credential matches a second authentication credential includes:
determining whether the second authentication certificate exists on an on-board network card of the electronic equipment;
if the second authentication certificate does not exist on the on-board network card, determining whether the second authentication certificate injected by the administrator is received or not in a preset time period;
and if the second authentication certificate injected by the administrator is received within the preset time period, storing the second authentication certificate into the on-board network card.
2. The network authentication method of claim 1, the determining whether the first authentication credential and the second authentication credential match comprising:
determining whether the second authentication certificate exists on an on-board network card of the electronic equipment;
if so, authenticating the first authentication certificate and the second authentication certificate to determine whether the first authentication certificate and the second authentication certificate are matched.
3. The network authentication method of claim 1, further comprising:
and stopping starting the operating system of the electronic equipment if the second authentication certificate injected by the administrator is not received within the preset time period.
4. The network authentication method of claim 1, further comprising:
and stopping starting the operating system of the electronic equipment if the first authentication certificate does not exist in the current local area network.
5. The network authentication method of claim 1, if the electronic device authenticates for the first time;
before determining whether the first authentication certificate exists in the current local area network, the method further comprises:
in the process of starting in response to the starting instruction, determining whether an administrator password is received;
if the administrator password is received, verifying the administrator password;
and under the condition that the administrator password passes verification, displaying an authentication interface, wherein the administrator executes preset operation on the authentication interface to start authentication.
6. The network authentication method of claim 5, further comprising:
and stopping starting the operating system of the electronic equipment under the condition that the administrator password is not verified.
7. An electronic device, comprising:
the first determining module is configured to determine whether a first authentication certificate exists in the current local area network through a basic input output system of the electronic equipment, wherein the first authentication certificate is used for authenticating whether the current local area network is trusted or not;
a second determination module configured to determine if the first authentication credential and the second authentication credential match if present; the second authentication certificate is stored on an on-board network card of the electronic equipment;
the control module is configured to control the electronic equipment to be accessed to the current local area network and start an operating system of the electronic equipment under the condition that the first authentication certificate is matched with the second authentication certificate;
the second determining module is specifically configured to:
determining whether the second authentication certificate exists on an on-board network card of the electronic equipment;
if the second authentication certificate does not exist on the on-board network card, determining whether the second authentication certificate injected by the administrator is received or not in a preset time period;
and if the second authentication certificate injected by the administrator is received within the preset time period, storing the second authentication certificate into the on-board network card.
8. The electronic device of claim 7, the second determination module is specifically configured to:
determining whether the second authentication certificate exists on an on-board network card of the electronic equipment;
if so, authenticating the first authentication certificate and the second authentication certificate to determine whether the first authentication certificate and the second authentication certificate are matched.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210112451.9A CN114553502B (en) | 2022-01-29 | 2022-01-29 | Network authentication method and electronic equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210112451.9A CN114553502B (en) | 2022-01-29 | 2022-01-29 | Network authentication method and electronic equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114553502A CN114553502A (en) | 2022-05-27 |
| CN114553502B true CN114553502B (en) | 2024-03-29 |
Family
ID=81673671
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210112451.9A Active CN114553502B (en) | 2022-01-29 | 2022-01-29 | Network authentication method and electronic equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114553502B (en) |
Citations (18)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1399490A (en) * | 2002-08-15 | 2003-02-26 | 西安西电捷通无线网络通信有限公司 | Safe access method of mobile terminal to radio local area network |
| JP2005346630A (en) * | 2004-06-07 | 2005-12-15 | Dainippon Printing Co Ltd | Authentication system, authentication method, authentication program, or the like |
| JP2007074393A (en) * | 2005-09-07 | 2007-03-22 | Ntt Docomo Inc | System for constructing secure ad hoc network |
| WO2007128134A1 (en) * | 2006-05-09 | 2007-11-15 | Travelnet Technologies Inc. | Secure wireless guest access |
| WO2009093485A1 (en) * | 2008-01-24 | 2009-07-30 | Konica Minolta Holdings, Inc. | Network system concerning authentication using electronic certificate, authentication server device, and authentication method |
| CN101621803A (en) * | 2009-08-11 | 2010-01-06 | 中兴通讯股份有限公司 | Method and device for managing wireless LAN authentication and privacy infrastructure (WAPI) certificate |
| CN101848218A (en) * | 2010-05-14 | 2010-09-29 | 山东泰信电子有限公司 | Method for secure access of Internet television terminal to Internet |
| CN104603743A (en) * | 2012-06-27 | 2015-05-06 | J2全球有限公司 | Facilitating network login |
| CN105578464A (en) * | 2015-07-31 | 2016-05-11 | 宇龙计算机通信科技(深圳)有限公司 | Enhanced WLAN certificate authentication method, device and system |
| CN106330828A (en) * | 2015-06-25 | 2017-01-11 | 联芯科技有限公司 | Method for network secure access, terminal device and authentication server |
| CN107040928A (en) * | 2017-06-12 | 2017-08-11 | 迈普通信技术股份有限公司 | Illegal WIFI detection methods, terminal, aaa server and system |
| CN108111516A (en) * | 2017-12-26 | 2018-06-01 | 珠海市君天电子科技有限公司 | Based on WLAN safety communicating method, device and electronic equipment |
| CN108200036A (en) * | 2017-12-28 | 2018-06-22 | 江苏翰诺信息科技发展有限公司 | A kind of method of network TV terminal secure access internet |
| CN111125665A (en) * | 2019-12-04 | 2020-05-08 | 中国联合网络通信集团有限公司 | Authentication method and device |
| CN112363800A (en) * | 2020-11-10 | 2021-02-12 | 海光信息技术股份有限公司 | Network card memory access method, security processor, network card and electronic equipment |
| CN112491886A (en) * | 2020-11-27 | 2021-03-12 | 北京明朝万达科技股份有限公司 | Security control method, system, device and storage medium based on network system |
| WO2021068619A1 (en) * | 2019-10-12 | 2021-04-15 | 平安国际智慧城市科技股份有限公司 | Certificate authentication management method, apparatus and device, and computer-readable storage medium |
| CN113158168A (en) * | 2021-03-25 | 2021-07-23 | 联想(北京)有限公司 | Authentication method and electronic equipment |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR20050064119A (en) * | 2003-12-23 | 2005-06-29 | 한국전자통신연구원 | Server certification validation method for authentication of extensible authentication protocol for internet access on user terminal |
| KR20070025366A (en) * | 2005-09-01 | 2007-03-08 | 삼성전자주식회사 | System and method of security on wireless lan system |
-
2022
- 2022-01-29 CN CN202210112451.9A patent/CN114553502B/en active Active
Patent Citations (18)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1399490A (en) * | 2002-08-15 | 2003-02-26 | 西安西电捷通无线网络通信有限公司 | Safe access method of mobile terminal to radio local area network |
| JP2005346630A (en) * | 2004-06-07 | 2005-12-15 | Dainippon Printing Co Ltd | Authentication system, authentication method, authentication program, or the like |
| JP2007074393A (en) * | 2005-09-07 | 2007-03-22 | Ntt Docomo Inc | System for constructing secure ad hoc network |
| WO2007128134A1 (en) * | 2006-05-09 | 2007-11-15 | Travelnet Technologies Inc. | Secure wireless guest access |
| WO2009093485A1 (en) * | 2008-01-24 | 2009-07-30 | Konica Minolta Holdings, Inc. | Network system concerning authentication using electronic certificate, authentication server device, and authentication method |
| CN101621803A (en) * | 2009-08-11 | 2010-01-06 | 中兴通讯股份有限公司 | Method and device for managing wireless LAN authentication and privacy infrastructure (WAPI) certificate |
| CN101848218A (en) * | 2010-05-14 | 2010-09-29 | 山东泰信电子有限公司 | Method for secure access of Internet television terminal to Internet |
| CN104603743A (en) * | 2012-06-27 | 2015-05-06 | J2全球有限公司 | Facilitating network login |
| CN106330828A (en) * | 2015-06-25 | 2017-01-11 | 联芯科技有限公司 | Method for network secure access, terminal device and authentication server |
| CN105578464A (en) * | 2015-07-31 | 2016-05-11 | 宇龙计算机通信科技(深圳)有限公司 | Enhanced WLAN certificate authentication method, device and system |
| CN107040928A (en) * | 2017-06-12 | 2017-08-11 | 迈普通信技术股份有限公司 | Illegal WIFI detection methods, terminal, aaa server and system |
| CN108111516A (en) * | 2017-12-26 | 2018-06-01 | 珠海市君天电子科技有限公司 | Based on WLAN safety communicating method, device and electronic equipment |
| CN108200036A (en) * | 2017-12-28 | 2018-06-22 | 江苏翰诺信息科技发展有限公司 | A kind of method of network TV terminal secure access internet |
| WO2021068619A1 (en) * | 2019-10-12 | 2021-04-15 | 平安国际智慧城市科技股份有限公司 | Certificate authentication management method, apparatus and device, and computer-readable storage medium |
| CN111125665A (en) * | 2019-12-04 | 2020-05-08 | 中国联合网络通信集团有限公司 | Authentication method and device |
| CN112363800A (en) * | 2020-11-10 | 2021-02-12 | 海光信息技术股份有限公司 | Network card memory access method, security processor, network card and electronic equipment |
| CN112491886A (en) * | 2020-11-27 | 2021-03-12 | 北京明朝万达科技股份有限公司 | Security control method, system, device and storage medium based on network system |
| CN113158168A (en) * | 2021-03-25 | 2021-07-23 | 联想(北京)有限公司 | Authentication method and electronic equipment |
Non-Patent Citations (1)
| Title |
|---|
| 一种分布式无线局域网接入系统;李安怀;荆继武;;计算机工程与设计(01);全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114553502A (en) | 2022-05-27 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10097544B2 (en) | Protection and verification of user authentication credentials against server compromise | |
| US8590017B2 (en) | Partial authentication for access to incremental data | |
| US9736131B2 (en) | Secure login for subscriber devices | |
| EP3232634B1 (en) | Identity authentication method and device | |
| US10255425B2 (en) | Secure authentication protocol systems and methods | |
| US8874922B2 (en) | Systems and methods for multi-layered authentication/verification of trusted platform updates | |
| US20160197919A1 (en) | Real identity authentication | |
| US20130318576A1 (en) | Method, device, and system for managing user authentication | |
| US20090235345A1 (en) | Authentication system, authentication server apparatus, user apparatus and application server apparatus | |
| US9954834B2 (en) | Method of operating a computing device, computing device and computer program | |
| US10216937B2 (en) | Secure BIOS password method in server computer | |
| JP2016526201A (en) | User and device authentication in enterprise systems | |
| CN111444499B (en) | User identity authentication method and system | |
| EP4322464A1 (en) | Information transmission method, storage medium and electronic device | |
| US10554652B2 (en) | Partial one-time password | |
| US11146552B1 (en) | Decentralized application authentication | |
| US20170201528A1 (en) | Method for providing trusted service based on secure area and apparatus using the same | |
| US11616780B2 (en) | Security protection against threats to network identity providers | |
| CN106130968B (en) | A kind of identity identifying method and system | |
| CN114553502B (en) | Network authentication method and electronic equipment | |
| WO2022206203A1 (en) | Connection resilient multi-factor authentication | |
| CN107787494B (en) | Recovery of login across reboots | |
| CN112769565B (en) | Method, device, computing equipment and medium for upgrading cryptographic algorithm | |
| CN113078999A (en) | Password security encryption storage mode | |
| EP2966586A1 (en) | System and method for managing application passwords |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |