CN115038082A - Safety internet access control system and method for optical communication equipment - Google Patents
Safety internet access control system and method for optical communication equipment Download PDFInfo
- Publication number
- CN115038082A CN115038082A CN202210644796.9A CN202210644796A CN115038082A CN 115038082 A CN115038082 A CN 115038082A CN 202210644796 A CN202210644796 A CN 202210644796A CN 115038082 A CN115038082 A CN 115038082A
- Authority
- CN
- China
- Prior art keywords
- equipment
- internet
- wifi signal
- signal strength
- white list
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000004891 communication Methods 0.000 title claims abstract description 24
- 238000000034 method Methods 0.000 title claims abstract description 17
- 230000003287 optical effect Effects 0.000 title claims abstract description 15
- 238000001514 detection method Methods 0.000 claims abstract description 25
- 238000012545 processing Methods 0.000 claims abstract description 15
- 238000012423 maintenance Methods 0.000 claims abstract description 11
- 230000001939 inductive effect Effects 0.000 claims description 4
- 230000000694 effects Effects 0.000 abstract description 5
- 230000005540 biological transmission Effects 0.000 description 3
- 230000006870 function Effects 0.000 description 3
- 238000013459 approach Methods 0.000 description 2
- 230000019771 cognition Effects 0.000 description 2
- 230000007547 defect Effects 0.000 description 2
- 230000009545 invasion Effects 0.000 description 2
- 238000012544 monitoring process Methods 0.000 description 2
- 230000002093 peripheral effect Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/08—Access security
- H04W12/088—Access security using filters or firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/101—Access control lists [ACL]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04Q—SELECTING
- H04Q11/00—Selecting arrangements for multiplex systems
- H04Q11/0001—Selecting arrangements for multiplex systems using optical switching
- H04Q11/0062—Network aspects
- H04Q11/0067—Provisions for optical access or distribution networks, e.g. Gigabit Ethernet Passive Optical Network (GE-PON), ATM-based Passive Optical Network (A-PON), PON-Ring
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/60—Context-dependent security
- H04W12/63—Location-dependent; Proximity-dependent
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/60—Context-dependent security
- H04W12/69—Identity-dependent
- H04W12/71—Hardware identity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W48/00—Access restriction; Network selection; Access point selection
- H04W48/08—Access restriction or access information delivery, e.g. discovery data delivery
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W84/00—Network topologies
- H04W84/02—Hierarchically pre-organised networks, e.g. paging networks, cellular networks, WLAN [Wireless Local Area Network] or WLL [Wireless Local Loop]
- H04W84/10—Small scale networks; Flat hierarchical networks
- H04W84/12—WLAN [Wireless Local Area Networks]
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/70—Reducing energy consumption in communication networks in wireless communication networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Small-Scale Networks (AREA)
Abstract
The invention discloses a safe internet access control system and method of optical communication equipment, relating to the technical field of network safety, the system comprises a detection module, a control module and a management module, wherein the detection module acquires the WiFiMAC address and WiFi signal intensity of the internet access equipment in real time, the control module sets a WiFiMAC address white list of the internet access equipment and a WiFi signal intensity value required by non-white list equipment authentication, by presetting the WiFi signal intensity value and taking the intensity value as a comparison threshold value for authentication processing, and the preset WiFi signal strength value carries the identity information of the PON gateway, and authentication processing is carried out based on the WiFi signal strength of the internet access equipment, whether the internet access equipment is accessed to the internet is controlled, operation and maintenance managers or users of the PON gateway in the management module inquire an MAC address white list and a WiFi signal strength value required by equipment authentication through a remote login system. The invention relates to a safe internet access control system and method of optical communication equipment, which have good protection effect.
Description
Technical Field
The invention relates to the technical field of network security, in particular to a system and a method for controlling the safe internet access of optical communication equipment.
Background
The communication device refers to all electronic devices used in the network information transmission process, for example: switches, bridges, repeaters, routers, gateways, etc., are also important for network security between communication devices, which generally refers to the security of computer networks and, in fact, may also refer to the security of computer communication networks. The computer communication network is a system which interconnects a plurality of computers with independent functions through communication equipment and transmission media and realizes information transmission and exchange among the computers under the support of communication software. The computer network is a system that connects a plurality of independent computer systems, terminals, and data devices, which are relatively dispersed geographically, by a communication means for the purpose of sharing resources, and performs data exchange under the control of a protocol. The fundamental purpose of computer networks is resource sharing, and communication networks are the way to implement network resource sharing, so that computer networks are secure, and corresponding computer communication networks must also be secure, and information exchange and resource sharing should be implemented for network users. Hereinafter, network security refers to both computer network security and computer communication network security.
When the mobile device is connected with the wireless WiFi, when a new internet access device is connected into the PON gateway, identity identification is required, when WiFi signals are unstable or the distance is large, the connection signals are often weak, the use is very inconvenient, users cannot be reminded in time, the protection effect is poor, the network is easily rubbed by others, and the network is easily attacked illegally by hackers, and protection is required layer by layer, various interception can be carried out to realize safe internet access, so that a new solution is necessary to be provided.
The existing PON gateway authentication system has the defects of inconvenient use, incapability of reminding a user in time, poor protection effect, easiness in being rubbed by others, easiness in being illegally attacked by hackers, and capability of realizing safe internet surfing by various interception, and therefore, a safe internet surfing control system and a safe internet surfing control method of optical communication equipment are provided.
Disclosure of Invention
The invention mainly aims to provide a system and a method for controlling the safe internet access of optical communication equipment, which can effectively solve the defects that the existing PON gateway authentication system in the background art is very inconvenient to use, cannot remind a user in time, has poor protection effect, is easy to be rubbed by others and is easy to be illegally attacked by hackers.
In order to achieve the purpose, the invention adopts the technical scheme that: a safe internet access control system of optical communication equipment comprises a detection module, a control module and a management module, wherein the detection module acquires a WiFi MAC address and a WiFi signal strength of internet access equipment in real time, the control module sets a WiFi MAC address white list of the internet access equipment and a WiFi signal strength value required by non-white list equipment authentication, carries out authentication processing by using the strength value as a comparison threshold value through presetting a WiFi signal strength value, carries identity information of a PON gateway of the PON and carries out authentication processing based on the WiFi signal strength of the internet access equipment to control whether the internet access equipment is accessed to the internet, if the signal strength value of the internet access equipment is greater than the presetting WiFi signal strength value, the internet access equipment is allowed to be networked, the MAC address of the internet access equipment is stored in the MAC address white list, and if the signal strength value of the internet access equipment is less than the presetting WiFi signal strength value, the network equipment is not allowed to be networked and is continuously monitored, an operation and maintenance manager or a user of a PON gateway in the management module remotely logs in a system to inquire an MAC address white list and a WiFi signal intensity value required by equipment authentication, and modifies and adjusts the MAC address white list and the WiFi signal intensity value required by equipment authentication, because the closer the equipment is to the PON gateway, the higher the signal intensity value of the network equipment is, the larger the signal intensity value of the network equipment is, the traditional password verification mode is changed, and any equipment can pass the network authentication only by being close enough to the PON gateway, so that the potential safety hazards of network rubbing, hacker intrusion and the like are fundamentally avoided through the limitation of physical positions, and the safe network access can be realized without layer-by-layer protection and various interception.
The control system is composed of four parts, namely an embedded microprocessor, peripheral hardware equipment, an embedded operating system and an application program of a user, and is used for realizing functions of controlling, monitoring or managing other equipment.
Preferably, when the PON gateway is started, an initial inducing program is started synchronously, and the control system program automatically acquires the PON gateway self-starting permission, so that once the PON gateway is started, the control system runs immediately, an illegal user is guaranteed to utilize the PON gateway to start and invade the PON gateway through a time leak instantly, and the use safety of the PON gateway is improved.
Preferably, the control system further comprises a prompting unit, wherein if the WiFi signal strength is not enough in the prompting unit, a prompting signal is sent to the mobile device, the prompting signal includes pop-up alarm information and prompts that the user needs to be close to the PON gateway, so as to prompt the user, reduce the original cognition of the user on the inherent password authentication of the PON gateway, and make the system more convenient for various users to use.
Preferably, the white list is an SQL database, the WiFi MAC address of the device that allows access to the internet is stored in the white list database, and meanwhile, real-time security protection is performed on the white list database through misuse detection, so that security protection on the WiFi MAC address white list is improved, an illegal user is effectively prevented from directly invading the WiFi MAC address white list, the illegal user is prevented from adding the own MAC address into the MAC address white list, connection and invasion are realized, and the use security of the system is further improved.
A safe internet access control method of optical communication equipment comprises the following steps:
s1: when the PON gateway is started or restarted, the control system is automatically loaded;
s2: when the internet-surfing equipment is wirelessly connected with the PON gateway, the detection module scans and acquires a WiFi MAC address of the internet-surfing equipment and sends the WiFi MAC address to the control module;
s3, the control module performs analysis processing according to the white list: if the WiFi MAC address belongs to the white list of the internet access devices, directly allowing access to the internet, and if the WiFi MAC address does not belong to the white list of the internet access devices, sending the WiFi MAC address of the internet access devices to the detection module;
s4, the detection module searches and acquires the WiFi signal intensity of the internet access equipment and provides the WiFi signal intensity for the control module to carry out authentication;
s5, the control module carries out authentication processing according to the WiFi signal intensity of the internet equipment acquired by the detection module, the WiFi signal intensity of the internet equipment reaches or exceeds a preset signal intensity value, the internet equipment is allowed to be safely accessed to the internet through equipment authentication, the MAC address is added into a white list, the equipment does not need to be authenticated to directly access the internet when surfing next time, and if the WiFi signal intensity of the internet equipment is not enough, a prompt signal pops up on a screen of the prompt unit to prompt a user to enable the internet equipment to approach to the PON gateway;
s6, if the internet access equipment cannot pass the authentication due to insufficient signal strength, the control module adds the internet access equipment to a list of equipment to be authenticated, periodically searches again to obtain the current WiFi signal strength of the equipment and re-authenticates, and passes the equipment authentication if the new signal strength reaches or exceeds the preset WiFi signal strength value; if the signal intensity is still insufficient, information reminding is continuously popped up;
s7, the network access equipment which does not pass the authentication is shut down or is far away from the PON gateway, so that the PON gateway cannot interrupt the wireless connection of the network access equipment, the control module deletes the network access equipment from the list of the equipment to be authenticated, and the authentication of the network access equipment is finished;
and S8, allowing operation and maintenance personnel or users to remotely log in the control system by the management module, and inquiring the WiFi signal strength value required by the authentication of the MAC address white list and non-white list equipment.
Preferably, the preset WiFi signal strength value in step S5 is a comparison threshold, an operation and maintenance person or a user remotely logs in the control system and adjusts the preset WiFi signal strength value of the PON gateway, and a user automatically adjusts and controls the preset WiFi signal strength value according to the size of the room area, so that the PON gateway is more convenient to use and more accurate in connection, for example, the room size is 10m away from the PON gateway, and the preset WiFi signal strength value of the PON gateway in the room is set according to the signal strength value 10m away from the PON gateway, thereby ensuring that all internet access devices in the room can connect to the PON gateway.
Preferably, the wifi MAC address of the internet access device is an ethernet physical layer address, and the same internet access device has a unique wifi MAC address and cannot be changed, so that the user is prevented from changing the wifi MAC address into a MAC address in a white list, and the security of the system use is further improved.
Compared with the prior art, the invention has the following beneficial effects:
in the invention, a safe internet access control system is arranged, a detection module, a control module and a management module are arranged in the control system, the detection module acquires a WiFi MAC address and a WiFi signal strength of internet access equipment in real time, the control module sets a WiFi MAC address white list of the internet access equipment and a WiFi signal strength value required by non-white list equipment authentication, authentication processing is carried out by using the preset WiFi signal strength value as a comparison threshold value through the preset WiFi signal strength value, the preset WiFi signal strength value carries identity information of a gateway of the PON, authentication processing is carried out based on the WiFi signal strength of the internet access equipment to control whether the internet access equipment is accessed to the internet, if the signal strength value of the internet access equipment is greater than the preset WiFi signal strength value, the internet access equipment is allowed to be networked, the MAC address of the internet access equipment is stored in the MAC address white list, and if the signal strength value of the internet access equipment is less than the preset WiFi signal strength value, the network access equipment is not allowed to be networked and is continuously monitored, an operation and maintenance manager or a user of a PON gateway in a management module inquires an MAC address white list and a WiFi signal intensity value required by equipment authentication through a remote login system, and modifies and adjusts the MAC address white list and the WiFi signal intensity value required by equipment authentication, and the signal intensity value of the network access equipment is larger as the equipment is closer to the PON gateway.
Drawings
Fig. 1 is a flowchart of a secure internet access control method of an optical communication device according to the present invention;
FIG. 2 is an enlarged view of a portion of FIG. 1A;
FIG. 3 is an enlarged view of a portion of FIG. 1 at B according to the present invention;
fig. 4 is a system block diagram of a secure internet access control system of an optical communication device according to the present invention.
Detailed Description
In order to make the technical means, the creation characteristics, the achievement purposes and the effects of the invention easy to understand, the invention is further described with the specific embodiments.
In the description of the present invention, it should be noted that the terms "upper", "lower", "inner", "outer", "front", "rear", "both ends", "one end", "the other end", and the like indicate orientations or positional relationships based on orientations or positional relationships shown in the drawings, and are only for convenience of description and simplification of description, but do not indicate or imply that the device or element referred to must have a specific orientation, be configured in a specific orientation, and operate, and thus, should not be construed as limiting the present invention. Furthermore, the terms "first," "second," and the like are used for descriptive purposes only and are not to be construed as indicating or implying relative importance.
In the description of the present invention, it is to be noted that, unless otherwise explicitly specified or limited, the terms "mounted," "disposed," "connected," and the like are to be construed broadly, such as "connected," which may be fixedly connected, detachably connected, or integrally connected; can be mechanically or electrically connected; they may be connected directly or indirectly through intervening media, or they may be interconnected between two elements. The specific meanings of the above terms in the present invention can be understood in specific cases to those skilled in the art.
Referring to fig. 1-4, the present invention is a secure internet access control system for an optical communication device, the control system includes a detection module, a control module and a management module, the detection module obtains a WiFi MAC address and a WiFi signal strength of an internet access device in real time, the control module sets a WiFi MAC address white list of the internet access device and a WiFi signal strength value required for non-white list device authentication, performs authentication processing by presetting the WiFi signal strength value and using the strength value as a comparison threshold, and the preset WiFi signal strength value carries identity information of a PON gateway itself and performs authentication processing based on the WiFi signal strength of the internet access device to control whether the internet access device accesses the internet, if the internet access device signal strength value is greater than the preset WiFi signal strength value, the internet access device is allowed to be networked, and the MAC address of the internet access device is stored in the MAC address white list, if the signal intensity value of the internet equipment is smaller than the preset WiFi signal intensity value, the internet equipment is not allowed to be networked and is continuously monitored, operation and maintenance management personnel or users of a PON gateway in a management module inquire an MAC address white list and a WiFi signal intensity value required by equipment authentication through a remote login system, and modify and adjust the MAC address white list and the WiFi signal intensity value required by equipment authentication.
The control system is composed of four parts, namely an embedded microprocessor, peripheral hardware equipment, an embedded operating system and an application program of a user, and is used for realizing the functions of controlling, monitoring or managing other equipment.
The method comprises the steps that when the PON gateway is started, an initial inducing program is started synchronously, a control system is started synchronously, the control system program automatically acquires the PON gateway self-starting authority, the control system is guaranteed to run immediately once the PON gateway is started, an illegal user is guaranteed to utilize the PON gateway to start and invade the PON gateway through time holes instantly, and the use safety of the PON gateway is improved.
The control system further comprises a prompting unit, if the WiFi signal strength is insufficient in the prompting unit, a prompting signal is sent to the mobile device, the prompting signal comprises popup alarm information and prompts that a user needs to be close to the PON gateway, the user is reminded, the original cognition of the user on the inherent password authentication of the PON gateway is reduced, and the system is more convenient for various users to use.
The white list is an SQL (structured query language) database, WiFi MAC addresses of devices which are allowed to access to the Internet are stored in the white list database, real-time safety protection is conducted on the white list database through misuse detection, safety protection on the WiFi MAC address white list is improved, illegal users are effectively prevented from directly invading the WiFi MAC address white list, the fact that the illegal users add MAC addresses to the MAC address white list is avoided, connection and invasion are achieved, and use safety of the system is further improved.
A safe internet access control method of optical communication equipment comprises the following steps:
s1: when the PON gateway is started or restarted, the control system is automatically loaded;
s2: when the internet-surfing equipment is wirelessly connected with the PON gateway, the detection module scans and acquires a WiFi MAC address of the internet-surfing equipment and sends the WiFi MAC address to the control module;
s3, the control module performs analysis processing according to the white list: if the WiFi MAC address belongs to the white list of the internet access equipment, directly allowing access to the internet, and if the WiFi MAC address does not belong to the white list of the internet access equipment, sending the WiFi MAC address of the internet access equipment to the detection module;
s4, the detection module searches and acquires the WiFi signal intensity of the internet access equipment and provides the WiFi signal intensity for the control module to authenticate;
s5, the control module carries out authentication processing according to the WiFi signal strength of the internet equipment acquired by the detection module, the WiFi signal strength of the internet equipment reaches or exceeds a preset signal strength value, the internet equipment is allowed to be safely accessed to the internet through equipment authentication, the MAC address is added into a white list, the equipment does not need to be authenticated to directly access the internet when surfing next time, and if the WiFi signal strength of the internet equipment is not enough, a prompting signal pops up on a screen of a prompting unit to prompt a user to enable the internet equipment to approach to a PON gateway;
s6, if the internet equipment cannot pass the authentication due to insufficient signal strength, the control module adds the internet equipment to a list of equipment to be authenticated, periodically searches again to obtain the current WiFi signal strength of the equipment and re-authenticates the equipment, and if the new signal strength reaches or exceeds a preset WiFi signal strength value, the equipment passes the authentication; if the signal intensity is still insufficient, information reminding is continuously popped up;
s7, the network access equipment which does not pass the authentication is shut down or is far away from the PON gateway, so that the PON gateway cannot interrupt the wireless connection of the network access equipment, the control module deletes the network access equipment from the list of the equipment to be authenticated, and the authentication of the network access equipment is finished;
and S8, allowing operation and maintenance personnel or users to remotely log in the control system by the management module, and inquiring the WiFi signal strength value required by the authentication of the MAC address white list and non-white list equipment.
Wherein, the WiFi signal intensity value that predetermines in step S5 is the contrast threshold value, operation and maintenance personnel or user long-range login this control system and adjust the predetermined WiFi signal intensity value size of this PON gateway, and user' S self-regulation according to the regional size in room regulates and control predetermined WiFi signal intensity value size for more convenient to use, it is more accurate to connect, for example, room size is apart from PON gateway 10m, according to the signal intensity value size apart from PON gateway 10m, set for the predetermined WiFi signal intensity value size of PON gateway in this room, guarantee that this PON gateway can be connected to whole online equipment in this room.
The WiFiMAC address of the internet equipment is an Ethernet physical layer address, and the same internet equipment has a unique WiFiMAC address which cannot be changed, so that a user is prevented from changing the WiFiMAC address into an MAC address in a white list, and the use safety of the system is further improved.
The foregoing shows and describes the general principles and broad features of the present invention and advantages thereof. It will be understood by those skilled in the art that the present invention is not limited to the embodiments described above, which are described in the specification and illustrated only to illustrate the principle of the present invention, but that various changes and modifications may be made therein without departing from the spirit and scope of the present invention, which fall within the scope of the invention as claimed. The scope of the invention is defined by the appended claims and equivalents thereof.
Claims (8)
1. The utility model provides a safe online control system of optical communication equipment which characterized in that: the control system comprises a detection module, a control module and a management module, wherein the detection module acquires a WiFi MAC address and a WiFi signal strength of the Internet access equipment in real time, the control module sets a WiFiMAC address white list of the Internet access equipment and a WiFi signal strength value required by non-white list equipment authentication, carries out authentication processing based on the WiFi signal strength of the Internet access equipment and controls whether the Internet access equipment is accessed to the Internet, and an operation and maintenance manager or a user of a PON gateway in the management module remotely logs in the system to inquire the MAC address white list and the WiFi signal strength value required by equipment authentication and modify and adjust the MAC address white list and the WiFi signal strength value required by equipment authentication.
2. The system of claim 1, wherein the system comprises: the control system writes an embedded program into a code, the embedded program is installed in a CPU inside the PON gateway, and the program is provided with an initial inducing program which acquires the self-starting authority of the PON gateway in advance.
3. The system of claim 2, wherein the system comprises: and synchronously starting an initial inducing program and synchronously starting the control system when the PON gateway is started.
4. The system of claim 1, wherein the system comprises: the control system further comprises a prompting unit, if the WiFi signal strength is not enough in the prompting unit, a prompting signal is sent to the mobile device, and the prompting signal comprises pop-up alarm information and prompts a user to be close to the PON gateway.
5. The system of claim 1, wherein the system comprises: the white list is an SQL database, WiFi MAC addresses of devices which are allowed to access to the Internet are stored in the white list database, and meanwhile real-time safety protection is conducted on the white list database through misuse detection.
6. A safe internet access control method of optical communication equipment is characterized in that: the method comprises the following steps:
s1: when the PON gateway is started or restarted, a control system is automatically loaded, and the control system is the control system in any one of claims 1-4;
s2: when the internet-surfing equipment is wirelessly connected with the PON gateway, the detection module scans and acquires a WiFi MAC address of the internet-surfing equipment and sends the WiFi MAC address to the control module;
s3, the control module performs analysis processing according to the white list: if the WiFi MAC address belongs to the white list of the internet access devices, directly allowing access to the internet, and if the WiFi MAC address does not belong to the white list of the internet access devices, sending the WiFi MAC address of the internet access devices to the detection module;
s4, the detection module searches and acquires the WiFi signal intensity of the internet equipment and provides the WiFi signal intensity for the control module to authenticate;
s5, the control module carries out authentication processing according to the WiFi signal intensity of the internet equipment acquired by the detection module, the WiFi signal intensity of the internet equipment reaches or exceeds a preset signal intensity value, safe access to internet is allowed through equipment authentication, the MAC address is added into a white list, the equipment does not need authentication to directly surf the internet when surfing the internet next time, and if the WiFi signal intensity of the internet equipment is not enough, a prompting signal pops up on a screen of the prompting unit to prompt a user to enable the internet equipment to be close to the PON gateway;
s6, if the internet access equipment cannot pass the authentication due to insufficient signal strength, the control module adds the internet access equipment to a list of equipment to be authenticated, periodically searches again to obtain the current WiFi signal strength of the equipment and re-authenticates, and passes the equipment authentication if the new signal strength reaches or exceeds the preset WiFi signal strength value; if the signal intensity is still insufficient, information reminding is continuously popped up;
s7, the network access equipment which does not pass the authentication is shut down or is far away from the PON gateway, so that the PON gateway cannot interrupt the wireless connection of the network access equipment, the control module deletes the network access equipment from the list of the equipment to be authenticated, and the authentication of the network access equipment is finished;
and S8, allowing operation and maintenance personnel or users to remotely log in the control system by the management module, and inquiring the WiFi signal strength value required by the authentication of the MAC address white list and non-white list equipment.
7. The method according to claim 5, wherein the method comprises: in step S5, when the preset WiFi signal strength value is the comparison threshold, the operation and maintenance personnel or the user remotely logs in the control system and adjusts the preset WiFi signal strength value of the PON gateway.
8. The method according to claim 6, wherein the method comprises: the WiFiMAC address of the internet-surfing equipment is an Ethernet physical layer address, and the same internet-surfing equipment has a unique WiFiMAC address and cannot be changed.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210644796.9A CN115038082A (en) | 2022-06-08 | 2022-06-08 | Safety internet access control system and method for optical communication equipment |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210644796.9A CN115038082A (en) | 2022-06-08 | 2022-06-08 | Safety internet access control system and method for optical communication equipment |
Publications (1)
Publication Number | Publication Date |
---|---|
CN115038082A true CN115038082A (en) | 2022-09-09 |
Family
ID=83123165
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202210644796.9A Pending CN115038082A (en) | 2022-06-08 | 2022-06-08 | Safety internet access control system and method for optical communication equipment |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN115038082A (en) |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2013198130A (en) * | 2012-03-22 | 2013-09-30 | Fujitsu Fip Corp | Authentication device and authentication method |
WO2016101729A1 (en) * | 2014-12-26 | 2016-06-30 | 北京奇虎科技有限公司 | Wireless network access method, device and system |
US20160227591A1 (en) * | 2015-02-04 | 2016-08-04 | Jiransoft Co., Ltd. | Wireless lan connection method using signal strength |
WO2016184380A1 (en) * | 2015-05-19 | 2016-11-24 | 中兴通讯股份有限公司 | Processing method and device for network access |
-
2022
- 2022-06-08 CN CN202210644796.9A patent/CN115038082A/en active Pending
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2013198130A (en) * | 2012-03-22 | 2013-09-30 | Fujitsu Fip Corp | Authentication device and authentication method |
WO2016101729A1 (en) * | 2014-12-26 | 2016-06-30 | 北京奇虎科技有限公司 | Wireless network access method, device and system |
US20160227591A1 (en) * | 2015-02-04 | 2016-08-04 | Jiransoft Co., Ltd. | Wireless lan connection method using signal strength |
WO2016184380A1 (en) * | 2015-05-19 | 2016-11-24 | 中兴通讯股份有限公司 | Processing method and device for network access |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN110035048B (en) | Method for controlling access to an in-vehicle wireless network | |
US20170169698A1 (en) | Integrated physical and logical security management via a portable device | |
US7817994B2 (en) | Secure control of wireless sensor network via the internet | |
CN113572738A (en) | Zero trust network architecture and construction method | |
US20040064727A1 (en) | Method and apparatus for enforcing network security policies | |
CN104754582B (en) | Safeguard the client and method of BYOD safety | |
KR20080065299A (en) | Unified network and physical premises access control server | |
CN109496411B (en) | Method and system for improving network security | |
KR102010488B1 (en) | SYSTEM AND METHOD FOR SECURE IoT TERMINAL REMOTE ACCESS AND IP ADDRESS ALLOTING METHOD | |
JP2008500632A (en) | Network system and method for providing an ad hoc access environment | |
CN103442097A (en) | System and method for controlling WiFi terminal access authority by home gateway | |
US10068077B2 (en) | False alarm avoidance | |
US20180248892A1 (en) | Location-Based Continuous Two-Factor Authentication | |
US8103756B2 (en) | Network access device capability alert mechanism | |
US20210243188A1 (en) | Methods and apparatus for authenticating devices | |
US11683312B2 (en) | Client device authentication to a secure network | |
CN106685843B (en) | Method for safely strengthening router | |
CN104702562A (en) | Terminal fusion service access method, terminal fusion service access system, and terminal | |
CN106102066A (en) | A kind of wireless network secure certification devices and methods therefor, a kind of router | |
CN110598388A (en) | Method for controlling login access of authority system | |
CN115038082A (en) | Safety internet access control system and method for optical communication equipment | |
CN106488449A (en) | A kind of management method of Wireless Telecom Equipment and Wireless Telecom Equipment | |
GB2582617A (en) | A computing device, method and system for controlling the accessibility of data | |
US20100005181A1 (en) | Method and system for controlling a terminal access and terminal for controlling an access | |
CN202940842U (en) | Access control system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20220909 |