CN116506850A

CN116506850A - Network access method, device, wireless station, target server and storage medium

Info

Publication number: CN116506850A
Application number: CN202310763149.4A
Authority: CN
Inventors: 潘毅明
Original assignee: China Telecom Corp Ltd
Current assignee: China Telecom Corp Ltd
Priority date: 2023-06-27
Filing date: 2023-06-27
Publication date: 2023-07-28
Anticipated expiration: 2043-06-27
Also published as: CN116506850B

Abstract

The present disclosure relates to the field of communications technologies, and in particular, to a network access method, a device, a wireless station, a target server, and a storage medium. The method comprises the following steps: obtaining access information of a target wireless access point through scanning, wherein the access information comprises second access information of a plaintext local area network and first target access information of an encrypted local area network; accessing a plaintext local area network based on the second access information, and sending a query request to a target server through the plaintext local area network, wherein the query request carries first target access information; and the receiving target server inquires the channel password of the encrypted local area network based on the first target access information, and accesses the encrypted local area network according to the received channel password and the first target access information. The method and the device can improve the security of network access.

Description

Network access method, device, wireless station, target server and storage medium

Technical Field

The present disclosure relates to the field of communications technologies, and in particular, to a network access method, a device, a wireless station, a target server, and a storage medium.

Background

In the WLAN (Wireless Local Area Network) network of public hotspots, in order to facilitate all users to access, wireless channel plaintext transmission is generally adopted, and then authentication is performed on the users through a PORTAL page to ensure the security of the users.

Since any user can access the WLAN network, although other web pages cannot be browsed without authentication, interaction data of other users can be intercepted, and the security is low, so that improvement is needed.

Disclosure of Invention

In view of the foregoing, it is desirable to provide a network access method, a device, a wireless station, a target server, and a storage medium that can improve network access security.

In a first aspect, the present application provides a network access method, including:

accessing an encrypted local area network corresponding to the first target access information based on the first target access information corresponding to the acquired target wireless access point;

if the access fails, acquiring second access information corresponding to the target wireless access point, accessing a plaintext local area network corresponding to the second access information based on the second access information, and sending a query request to a target server through the plaintext local area network, wherein the query request carries the first target access information;

and if the inquiry is successful, receiving the channel password of the encrypted local area network inquired by the target server based on the first target access information, and accessing the encrypted local area network according to the received channel password and the first target access information.

In one embodiment, the query request further carries target identification information of the wireless station, where the target identification information is used for the target server to perform identity verification on the wireless station, and if verification passes, a target encryption key corresponding to the target identification information is determined, and the channel password is encrypted based on the target encryption key.

In one embodiment, the target identification information is a login user name of an application installed in the wireless station, and the target encryption key is a login password corresponding to the login user name.

In one embodiment, the accessing the encrypted lan according to the received channel password and the first target access information includes:

obtaining a decryption key corresponding to the target identification information;

decrypting the received channel password according to the decryption key;

and accessing the encrypted local area network according to the decrypted channel password and the first target access information.

In one embodiment, the target identification information is a login user name of an application installed in the wireless station, and the decryption key is a login password corresponding to the login user name.

In one embodiment, before the accessing the plaintext local area network based on the second access information, the method further comprises:

inquiring whether a channel password of the encrypted local area network is locally stored or not according to the first target access information;

correspondingly, the accessing the plaintext local area network based on the second access information includes:

and if the channel password of the encrypted local area network is not stored locally, executing the step of accessing the plaintext local area network based on the second access information.

In one embodiment, the method further comprises:

if the channel password of the encrypted local area network is stored locally, accessing the encrypted local area network based on the locally stored channel password of the encrypted local area network and the first target access information.

In one embodiment, the method further comprises:

and if the encrypted local area network is not successfully accessed based on the locally stored channel password of the encrypted local area network and the first target access information, returning to execute the step of accessing the plaintext local area network based on the second access information.

In one embodiment, after the accessing the encrypted lan according to the received channel password and the first target access information, the method further includes:

Correspondingly storing the received channel password and the first target access information to the wireless station; or alternatively, the process may be performed,

and updating the channel password locally stored by the wireless station based on the corresponding relation between the received channel password and the first target access information.

In one embodiment, the plaintext local area network is configured with a white list of access addresses, the white list of access addresses including the address of the target server.

In a second aspect, the present application further provides a network access device, including:

the scanning module is used for accessing an encrypted local area network corresponding to the first target access information based on the first target access information corresponding to the acquired target wireless access point;

the query module is used for acquiring second access information corresponding to the target wireless access point if the access fails, accessing a plaintext local area network corresponding to the second access information based on the second access information, and sending a query request to a target server through the plaintext local area network, wherein the query request carries the first target access information;

and the access module is used for receiving the channel password of the encrypted local area network which is queried by the target server based on the first target access information if the query is successful, and accessing the encrypted local area network according to the received channel password and the first target access information.

In a third aspect, the present application provides a network access method, including:

receiving an inquiry request sent by a wireless station through a plaintext local area network, wherein the inquiry request carries first target access information of an encrypted local area network, the inquiry request is sent after the wireless station acquires access information of a target wireless access point through scanning, and the access information also comprises the first target access information after the wireless station accesses the plaintext local area network according to second access information of the plaintext local area network in the access information;

and inquiring a channel password of the encrypted local area network based on the first target access information, and sending the channel password to the wireless station.

In one embodiment, the determining, according to the target identification information, a target encryption key corresponding to the target identification information includes:

inquiring a key database according to the target identification information, wherein a plurality of groups of corresponding relations between the identification information and the encryption key are stored in the key database;

and determining the target encryption key according to the query result.

In one embodiment, the querying the target channel password of the encrypted lan based on the first target access information includes:

Determining target identification information of the wireless station according to the first target access information;

inquiring the target encryption key of a key database according to the target identification information of the wireless station;

and inquiring the encrypted target channel password corresponding to the encrypted local area network according to the target encryption key.

In a fourth aspect, the present application further provides a network access device, including:

the wireless station comprises a receiving module, a receiving module and a transmitting module, wherein the receiving module is used for receiving an inquiry request sent by a wireless station through a plaintext local area network, the inquiry request carries first target access information of an encrypted local area network, the inquiry request is that the wireless station obtains access information of a target wireless access point through scanning, the access information is sent after the wireless station accesses the plaintext local area network according to second access information of the plaintext local area network in the access information, and the access information also comprises the first target access information;

and the return module is used for inquiring the channel password of the encrypted local area network based on the first target access information and sending the channel password to the wireless station.

In a fifth aspect, the present application also provides a wireless station, including a transmitter, a processor, and a receiver;

the processor is used for accessing an encrypted local area network corresponding to the first target access information based on the first target access information corresponding to the acquired target wireless access point;

the transmitter is configured to acquire second access information corresponding to the target wireless access point if access fails, access a plaintext local area network corresponding to the second access information based on the second access information, and send a query request to a target server through the plaintext local area network, where the query request carries the first target access information;

the receiver is configured to receive, if the query is successful, a channel password of the encrypted local area network queried by the target server based on the first target access information;

the processor is used for accessing the encrypted local area network according to the received channel password and the first target access information.

In a sixth aspect, the present application also provides a computer readable storage medium having stored thereon a computer program which when executed by a processor performs the steps of:

In a seventh aspect, the present application also provides a computer program product comprising a computer program which, when executed by a processor, performs the steps of:

In an eighth aspect, the present application further provides a target server, including a transmitter, a receiver, and a processor;

the receiver is configured to receive an inquiry request sent by a wireless station through a plaintext local area network, where the inquiry request carries first target access information of an encrypted local area network, where the inquiry request is sent after the wireless station obtains access information of a target wireless access point through scanning, and the access information is sent after the wireless station accesses the plaintext local area network according to second access information of the plaintext local area network in the access information, where the access information further includes the first target access information;

The processor is used for inquiring the channel password of the encrypted local area network based on the first target access information;

the transmitter is configured to send the channel code to the wireless station.

In a ninth aspect, the present application also provides a computer readable storage medium having stored thereon a computer program which when executed by a processor performs the steps of:

In a tenth aspect, the present application also provides a computer program product comprising a computer program which, when executed by a processor, performs the steps of:

According to the network access method, the device, the wireless station, the target server and the storage medium, after the wireless station fails to execute the access action of the encrypted local area network corresponding to the first target access information, as the first target access information and the second access information corresponding to the same target wireless access point are associated, the wireless station can automatically acquire the second access information associated with the first target wireless access point, access the plaintext local area network corresponding to the target wireless access point based on the second access information, and then acquire the channel password of the encrypted local area network corresponding to the first target access information, which is obtained by inquiring the target server, through the plaintext local area network, the channel password is used for encrypting the data transmitted in the channel, so that when the wireless station accesses the encrypted local area network through the channel password, the wireless station and the service data generated by the target wireless access point in the encrypted local area network can be encrypted through the channel password, and compared with the public WLAN network of the target wireless access point, the security of the data transmission between the wireless access point and the target wireless access point is improved.

Drawings

FIG. 1 is an application environment diagram of a network access method in one embodiment;

FIG. 2 is a flow chart of a network access method in one embodiment;

FIG. 3 is a flow chart illustrating a decryption process for an encrypted channel code in one embodiment;

FIG. 4 is a flow diagram of accessing a plaintext local area network based on second access information according to an embodiment;

fig. 5 is a flow chart of a network access method in another embodiment;

FIG. 6 is a flow diagram of a return encrypted channel password in one embodiment;

FIG. 7 is an interactive signaling diagram of a network access method in one embodiment;

FIG. 8 is a block diagram of a network access device in one embodiment;

FIG. 9 is an internal block diagram of a wireless station in one embodiment;

FIG. 10 is a block diagram of a network access device in one embodiment;

FIG. 11 is a diagram of the internal architecture of a target server in one embodiment.

Detailed Description

In order to make the objects, technical solutions and advantages of the present application more apparent, the present application will be further described in detail with reference to the accompanying drawings and examples. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the present application.

WLAN (wireless local area network) is a network system that is formed by interconnecting computer devices through a wireless communication technology, and thus, the WLAN technology is popular in the market due to the advantages of wireless, high-speed access comparable to wire, low cost, and the like.

The network access method provided by the embodiment of the invention can be applied to a wireless local area network as shown in fig. 1, wherein a plurality of basic service sets (BSS, english: basic Service Set) can be provided in the wireless local area network, network nodes in the basic service sets are wireless stations (STA, for short), and the stations comprise wireless stations (AP, access point, for short) of access points and stations (None Access Point Station, non-AP STA, for short) of Non-access points. Each basic service set may include an AP and a plurality of Non-AP STAs associated with the AP.

An Access Point class station (AP, english) is also called a wireless Access Point or a hotspot. The AP is an access point for mobile users to enter a wired network, and is mainly deployed in families, buildings and parks, and typically has a coverage radius of several tens meters to hundreds meters, although it may also be deployed outdoors. The AP acts as a bridge connecting the wired network and the wireless network, and is mainly used to connect the wireless network clients together and then access the wireless network to the ethernet. The standard currently adopted by the AP is the IEEE (English: instituteof Electrical and Electronics Engineers, chinese: institute of Electrical and electronics Engineers) 802.11 series. Specifically, the AP may be a terminal device or a network device with a Wi-Fi (english: wireless Fidelity, chinese: wireless fidelity) chip. Optionally, the AP may be a device supporting an 802.11ax standard, and further optionally, the AP may be a device supporting multiple WLAN standards such as 802.11ac, 802.11n, 802.11g, 802.11b, and 802.11 a. In this embodiment, a target server is further configured in the AP, where the target server is configured to store access information and a channel password of each encrypted network corresponding to the AP.

The STA is typically a client in a WLAN. The STA may be mobile or fixed, and is the most basic component of a wireless local area network. The AP is an access point for mobile users to enter a wired network, and is mainly deployed in families, buildings and parks, and typically has a coverage radius of several tens meters to hundreds meters, although it may also be deployed outdoors. The AP acts as a bridge connecting the wired network and the wireless network, and is mainly used to connect the wireless network clients together and then access the wireless network to the ethernet. In particular, the AP may be a terminal device or a network device with a Wi-Fi chip. Optionally, the AP may be a device supporting an 802.11ax standard, and further optionally, the AP may be a device supporting multiple WLAN standards such as 802.11ac, 802.11n, 802.11g, 802.11b, and 802.11 a.

Fig. 1 is a system diagram of a typical WLAN deployment scenario, including an AP and 3 STAs, the AP communicating with STA1, STA2 and STA3, respectively. In this system, STAs may be classified as primary STAs or secondary STAs by the AP. The method comprises the steps that a primary STA sends a message to an AP, so that the AP obtains the uplink data length of the primary STA, and a secondary STA obtains the uplink data length of the primary STA through detecting the message of the primary STA and aligns uplink data sent by the secondary STA with uplink data sent by the primary STA. It should be noted that the number of secondary STAs may be one or more.

In one embodiment, as shown in fig. 2, a network access method is provided, and the method is applied to any wireless station in fig. 1 for illustration, and includes the following steps:

s201, based on the obtained first target access information corresponding to the target wireless access point, accessing an encrypted local area network corresponding to the first target access information.

It is understood that in a WLAN network, one AP provides access services to a plurality of STAs. The STA discovers the presence of the AP before using the services provided by the AP. For example, there are two frequency bands of the WLAN network, one is a 2.4G frequency band and one is a 5G frequency band. Each frequency band is in turn divided into several channels, such as channel 1, channel 2, channel 3, channel 4, channel 5, channel 6, etc. Wireless communication between the STA and the AP is performed on one of the channels. When a STA finds an AP, it usually scans channels until it finds the target AP.

Specifically, the STA periodically scans surrounding wireless channels by using a scanning device to obtain access information of each wireless access point, and since one wireless access point has a certain coverage area, a plurality of wireless access points are often obtained by the wireless station through the scanning of the wireless channels, that is, the scanning result may be a plurality of wireless access points. In one implementation, a plurality of wireless access points may form a wireless access point list, and the wireless access point displays the obtained wireless access point list (including access information of the wireless access points) to a user, and determines a target wireless access point according to user selection; in another implementation, the scanning device automatically determines a target wireless access point from a plurality of wireless access points. After the target wireless access point is determined, wireless connection is performed with the target wireless access point through a corresponding wireless channel according to the access information of the target wireless access point.

Optionally, the access information of the wireless access point may include: at least one of identification information of the wireless access point, type information of the wireless access point, channel bandwidth information of the wireless access point, signal strength of the wireless access point, encryption type of the wireless access point, local historical connection success rate, local historical connection waiting time and local historical connection times.

Wherein, the identification information of the wireless access point can comprise service set identification (Service Set Identifier, SSID) and the like, and the wireless access user identifies different wireless access points through different SSID; it will be appreciated that SSID technology may divide a wireless lan into several sub-networks requiring different authentications, each of which requires independent authentication, and only authenticated users may enter the corresponding sub-network, preventing unauthorized users from entering the network.

Accordingly, the licensed access of the wireless access point may be set to two modes of using a password and not using a password, that is, one wireless access point is configured with a plurality of different SSIDs, and the plurality of different SSIDs may be divided into two types: public SSID and SSID for communication, the sub-network corresponding to the public SSID is not configured with a secret key, and the secret key is used as a plaintext local area network of the wireless access point; the sub-network configuration key or the unpublished key corresponding to the SSID for communication is used as the encrypted local area network of the wireless access point.

The encryption local area network encrypts the channel through a channel password, and the channel password can encrypt the uplink and downlink data of a corresponding channel in the encryption local area network. The corresponding encryption types of the wireless access points based on the corresponding channel passwords can be WPA-PSK/WPA2-PSK, WPA/WPA2, WEP and the like, and different encryption types can have different effects on the connection efficiency of the wireless access points. For example, WPA-PSK is an encryption and decryption method of a predefined security key, and after a four-step handshake process of WPA-PSK, frame propagation (message) between a wireless station and a target wireless access point is transmitted in an encryption manner.

Specifically, for a plaintext local area network, after a user opens a wireless local area network function in an STA, the STA scans the public SSID (as second access information of the plaintext local area network), that is, a first connection between the STA and the wireless access point can be established through the plaintext local area network; for the encrypted lan, after a user opens a wireless lan function in the STA, the user needs to acquire first access information (i.e., SSID for communication) corresponding to the encrypted lan and a channel password corresponding to the encrypted lan, and establish a second connection between the STA and the wireless access point through a channel of the encrypted lan.

In this embodiment, the STA selects one piece of first access information from the scanned multiple pieces of first access information as the first target access information, and automatically accesses the encrypted lan corresponding to the first target access information.

Therefore, the second access information can be a public SSID corresponding to the plaintext local area network, and the first access information can be a communication SSID corresponding to the encrypted local area network; further, the second access information and the first access information may further include, in addition to the corresponding SSID: frequency band, MAC address, signal strength, etc.

S202, if the access fails, obtaining second access information corresponding to the target wireless access point, accessing a plaintext local area network corresponding to the second access information based on the second access information, and sending a query request to the target server through the plaintext local area network, wherein the query request carries the first target access information.

Specifically, if the wireless station fails to access the encrypted local area network corresponding to the first target access information, determining that the wireless station fails to access, at this time, the wireless station communicates with the target wireless access point to obtain second access information corresponding to the target wireless access point, and accesses the plaintext local area network of the target wireless access point according to the second access information.

The plaintext local area network of the target wireless access point is configured with an access address white list, and the access address white list comprises the address of the target server; therefore, through the plaintext local area network, the target server on the network side (i.e., the target server corresponding to the target wireless access point) can be accessed, and the target server stores the first target access information of the encrypted local area network corresponding to each wireless station and the channel password of the encrypted local area network corresponding to each wireless station.

Specifically, in the target server, the channel password of the encrypted local area network corresponding to the first target access information can be searched according to the query request and the first target access information corresponding to the target wireless station.

Further, the target server stores a permission information table, and the permission information table stores authorized (legal) identity information corresponding to a wireless station capable of accessing the encrypted local area network corresponding to the target server, for example, a terminal ID of the wireless station, a user name corresponding to the wireless station, and the like.

Correspondingly, if the wireless station belongs to the authorized wireless station in the authority information table, the wireless station is indicated to have the authority, the channel password corresponding to the first target access information can be inquired in the target server according to the authority, and the target server returns the information of 'successful inquiry' to the wireless station; otherwise, if the wireless station does not belong to the authorized wireless station in the authority information table, the wireless station is not authorized to inquire the channel password corresponding to the first target access information in the target server, and the target server returns the information of 'inquiry failure' to the wireless station.

And S203, if the inquiry is successful, receiving the channel password of the encrypted local area network inquired by the target server based on the first target access information, and accessing the encrypted local area network according to the received channel password and the first target access information.

Specifically, after receiving the channel password of the encrypted local area network queried by the target server based on the first target access information, the STA can access the corresponding encrypted local area network through the channel password and the first target access information.

In the network access method, after the wireless station fails to execute the access action of the encrypted local area network corresponding to the first target access information, because the first target access information and the second access information corresponding to the same target wireless access point are associated, the wireless station can automatically acquire the second access information associated with the first target wireless access point, access the plaintext local area network corresponding to the target wireless access point based on the second access information, and acquire the channel password of the encrypted local area network corresponding to the first target access information obtained by inquiring the target server through the plaintext local area network, wherein the channel password is used for encrypting the data transmitted in the channel, so when the wireless station accesses the encrypted local area network through the channel password, the wireless station and the service data generated by the target wireless access point in the encrypted local area network can be encrypted through the channel password, and compared with the public WLAN network of the target wireless access point, the security of the data transmitted between the wireless access point and the target wireless access point is improved.

In one embodiment, in order to safely and conveniently send the channel password in the encrypted local area network to a legal user (wireless station), the query request in the embodiment also carries target identification information of the wireless station, the target identification information is used for the target server to perform identity verification on the wireless station, if the verification is passed, a target encryption key corresponding to the target identification information is determined, and the channel password is encrypted based on the target encryption key.

The target identification information is a login user name of an application installed in the wireless station or an MAC address of a terminal; in this embodiment, the target encryption key is a login password corresponding to the login user name.

It can be understood that, in S203 above, the target server corresponding to the target wireless access point stores the permission information table, and the permission information table stores the authorized (legal) identification information corresponding to the wireless station capable of accessing the encrypted local area network corresponding to the target wireless access point, so that after receiving the query request, the target server can perform identity verification on the wireless station according to the permission information table and the target identification information of the wireless station, and if the target identification information of the wireless station is consistent with the identification information of the authorized wireless station in the permission information table, the identity verification of the wireless station passes, otherwise, the verification does not pass.

Alternatively, the application installed in the wireless station may be a wireless access point auto-scan application.

In this embodiment, for each wireless station, the target server may encrypt the channel passwords of the encrypted local area network independently, thereby improving access security.

Accordingly, based on the above encryption process for the channel password, as shown in fig. 3, this embodiment provides an alternative way to access to the encrypted lan according to the received channel password and the first target access information, that is, provides a way to refine S203. The specific implementation process can comprise the following steps:

s301, obtaining a decryption key corresponding to the target identification information.

Wherein the decryption key is a login password of an application installed in the wireless station.

Optionally, the encryption mode of the channel password in this embodiment may be an encryption symmetric algorithm; the symmetric encryption adopts symmetric passwords, namely the encryption mode using the same key is adopted for encryption and decryption.

S302, decrypting the received channel password according to the decryption key.

S303, accessing the encrypted local area network according to the decrypted channel password and the first target access information.

Specifically, the wireless station determines an encrypted local area network to be accessed according to the first target access information, and then accesses the encrypted local area network according to a channel password corresponding to the encrypted local area network.

In this embodiment, each wireless station decrypts the encrypted channel code based on the respective decryption key, and only the legitimate wireless station can decrypt the channel code to access to the encrypted lan corresponding to the first target access information, and the channel code is transmitted in the plaintext lan through encryption, so that if a thief cannot obtain the decryption code corresponding to the channel code, the thief cannot obtain the channel code.

It can be understood that the wireless station accesses the encrypted local area network of the wireless access point through the corresponding channel password, and at this time, the wireless station can automatically store the information such as the name (i.e. the first target access information) of the encrypted local area network corresponding to the wireless access point, the channel password, and the like; if the information such as the name and the password of the wireless access point is not changed, when the user equipment approaches the wireless access point which is connected in a history way again, the wireless station can be automatically connected with the wireless access point. The process of automatically storing the channel passwords can facilitate the wireless station to skip the step of sending the query request to the target server and directly access the encrypted local area network of the corresponding wireless station.

Thus, in one embodiment, after accessing the encrypted local area network according to the received channel code and the first target access information, the method further comprises: correspondingly storing the received channel password and the first target access information to the wireless station; or updating the channel password locally stored by the wireless station based on the corresponding relation between the received channel password and the first target access information.

Optionally, the received channel password and the first target access information may be stored in a local password table corresponding to the local wireless station; furthermore, the local password table can be updated based on the received corresponding relation update of the channel password and the first target access information.

In this case, before accessing the plaintext local area network based on the second access information, the method further comprises:

inquiring whether the local is stored with the channel password of the encrypted local area network according to the first target access information;

correspondingly, as shown in fig. 4, an alternative manner of accessing the plaintext local area network based on the second access information is provided, that is, the refinement process of S202 may specifically include:

s401, if the channel password of the encrypted local area network is not stored locally, executing the step of accessing the plaintext local area network based on the second access information.

And S402, if the channel password of the encrypted local area network is locally stored, accessing the encrypted local area network based on the locally stored channel password of the encrypted local area network and the first target access information.

Specifically, if the encrypted local area network is not successfully accessed based on the locally stored channel password of the encrypted local area network and the first target access information, the step of accessing the plaintext local area network based on the second access information is performed in a returning mode.

It can be understood that if the encrypted lan is not successfully accessed based on the locally stored channel password of the encrypted lan and the first target access information, the channel password of the encrypted lan is described, and/or the first target access information is changed, which corresponds to that the encrypted lan corresponding to the first target access information is an unconnected encrypted lan, and the step of accessing the plaintext lan based on the second access information is performed in a return manner.

In this embodiment, the channel password of the encrypted lan and the first target access information are changed, and in this embodiment, the encrypted lan and the second access information may be automatically accessed, so as to improve the adaptability of the network access method.

As shown in fig. 5, the present embodiment provides a network access method, which is applied to the target server in fig. 1, and the method includes:

s501, receiving an inquiry request sent by a wireless station through a plaintext local area network, wherein the inquiry request carries first target access information of an encrypted local area network.

The query request is sent after the wireless station obtains access information of the target wireless access point through scanning, and the access information further comprises first target access information after the wireless station accesses the plaintext local area network according to second access information of the plaintext local area network in the access information.

Specifically, the wireless station accesses a plaintext local area network through the second access information, and the plaintext local area network accesses the target server through a preset access address white list.

S502, inquiring the channel password of the encrypted local area network based on the first target access information, and sending the channel password to the wireless station.

The target server stores first target access information of the encrypted local area network corresponding to each wireless station and channel passwords of the encrypted local area network corresponding to each wireless station; thus, the channel code of the encrypted local area network can be queried based on the first target access information and transmitted to the wireless station.

According to the network access method, the first target access information and the channel passwords of each encrypted local area network are stored, and when any wireless station meeting the access requirement wants to access the encrypted local area network through the plaintext local area network, the channel passwords of the encrypted local area network are sent to the wireless station according to the corresponding inquiry request, so that the wireless station can automatically access the encrypted local area network.

As shown in fig. 6, the query request also carries target identification information of the wireless station; the present embodiment provides an alternative way of sending the channel code to the wireless station, i.e. a way of refining S502. The specific implementation process can comprise the following steps:

S601, determining a target encryption key corresponding to the target identification information according to the target identification information.

The target identification information is a login user name of an application installed in the wireless station, and the target encryption key is a login password corresponding to the login user name.

Specifically, a key database is queried according to target identification information, and a plurality of groups of corresponding relations between the identification information and the encryption key are stored in the key database; and determining the target encryption key according to the query result.

S602, encrypting the channel password by using the target encryption key.

Optionally, in this embodiment, a symmetric encryption manner is adopted, and the channel password is encrypted by using the target encryption key.

And S603, the encrypted channel password is sent to the wireless station.

In this embodiment, each wireless station encrypts the encrypted channel password based on the respective encryption key, so that only the legal wireless station can access the encrypted local area network in the corresponding decryption process, thereby improving the access security of the encrypted local area network.

In one embodiment, an alternative example of a method for implementing network access by wireless station and target server interaction is provided. In combination with the signaling interaction flow diagram of the network access method shown in fig. 7, the method can be specifically implemented by the following steps:

S1001, accessing an encrypted local area network corresponding to the first target access information based on the obtained first target access information corresponding to the target wireless access point.

The access information comprises second access information of a plaintext local area network and first target access information of an encrypted local area network.

S1002, if the access fails, obtaining second access information corresponding to the target wireless access point, and accessing a plaintext local area network corresponding to the second access information based on the second access information.

S1003, the wireless station sends a query request to the target server through the plaintext local area network.

The query request carries first target access information.

S1004, the target server receives the query request sent by the wireless station through the plaintext local area network.

The query request carries first target access information of the encrypted local area network. The query request is sent after the wireless station obtains access information of the target wireless access point through scanning, and the access information further comprises first target access information after the wireless station accesses the plaintext local area network according to second access information of the plaintext local area network in the access information.

S1005, the target server queries the channel password of the encrypted lan based on the first target access information.

S1006, the channel password is sent to the wireless station.

S1007, the wireless station receives the channel code of the encrypted local area network queried by the target server based on the first target access information.

S1008, the wireless station acquires a decryption key corresponding to the target identification information.

S1009, the wireless station decrypts the received channel code according to the decryption key.

S1010, the wireless station accesses the encrypted local area network according to the decrypted channel password and the first target access information, and accesses the encrypted local area network according to the received channel password and the first target access information.

The specific process of S1001 to S1010 may refer to the description of the foregoing method embodiment, and its implementation principle and technical effect are similar, and are not repeated herein.

It should be understood that, although the steps in the flowcharts related to the above embodiments are sequentially shown as indicated by arrows, these steps are not necessarily sequentially performed in the order indicated by the arrows. The steps are not strictly limited to the order of execution unless explicitly recited herein, and the steps may be executed in other orders. Moreover, at least some of the steps in the flowcharts described in the above embodiments may include a plurality of steps or a plurality of stages, which are not necessarily performed at the same time, but may be performed at different times, and the order of the steps or stages is not necessarily performed sequentially, but may be performed alternately or alternately with at least some of the other steps or stages.

Based on the same inventive concept, the embodiment of the application also provides a network access device for realizing the above-mentioned network access method. The implementation of the solution provided by the device is similar to the implementation described in the above method, so the specific limitation in one or more embodiments of the network access device provided below may refer to the limitation of the network access method hereinabove, and will not be repeated herein.

In one embodiment, as shown in fig. 8, there is provided a network access device 1 including: a scanning module 11, a querying module 12 and an access module 13, wherein:

the scanning module 11 is configured to access an encrypted local area network corresponding to the first target access information based on the obtained first target access information corresponding to the target wireless access point;

the query module 12 is configured to obtain second access information corresponding to the target wireless access point if the access fails, access a plaintext local area network corresponding to the second access information based on the second access information, and send a query request to the target server through the plaintext local area network, where the query request carries the first target access information;

and the access module 13 is configured to, if the inquiry is successful, receive the channel password of the encrypted local area network inquired by the target server based on the first target access information, and access the encrypted local area network according to the received channel password and the first target access information.

In one embodiment, the query request further carries target identification information of the wireless station, the target identification information is used for the target server to perform identity verification on the wireless station, if verification is passed, a target encryption key corresponding to the target identification information is determined, and the channel password is encrypted based on the target encryption key.

In one embodiment, the access module 13 is further configured to: obtaining a decryption key corresponding to the target identification information;

decrypting the received channel password according to the decryption key;

In one embodiment, the network access device further comprises an alignment module 14, the alignment module 14 being configured to:

Correspondingly, the query module 12 is further configured to:

In one embodiment, the access module 13 is further configured to:

if the channel password of the encrypted local area network is stored locally, accessing the encrypted local area network based on the channel password of the encrypted local area network stored locally and the first target access information.

In one embodiment, the access module 13 is further configured to: and if the encrypted local area network is not successfully accessed based on the channel password of the locally stored encrypted local area network and the first target access information, returning to execute the step of accessing the plaintext local area network based on the second access information.

In one embodiment, the network access device further comprises a storage module 15, the storage module 15 being configured to:

In one embodiment, a wireless station is provided, see fig. 9. Fig. 9 is a schematic structural diagram of a terminal device according to an embodiment of the present invention. The terminal device 700 shown in fig. 9 includes: at least one processor 701, memory 702, at least one network interface 704, and a user interface 703. The various components in terminal device 700 are coupled together by a bus system 705. It is appreciated that the bus system 705 is used to enable connected communications between these components. The bus system 705 includes a power bus, a control bus, and a status signal bus in addition to the data bus. But for clarity of illustration, the various buses are labeled as bus system 705 in fig. 9. In addition, in embodiments of the present invention that also include a transceiver 706, the transceiver 706 may be a plurality of elements, including a transmitter 35 and a receiver 31, providing a means for communicating with various other apparatus over a transmission medium.

The user interface 703 may include, among other things, a display, a keyboard, or a pointing device (e.g., a mouse, a trackball), a touch pad, or a touch screen, etc.

It is to be appreciated that memory 702 in embodiments of the invention may be volatile memory or non-volatile memory, or may include both volatile and non-volatile memory. The nonvolatile Memory may be a Read-Only Memory (ROM), a programmable Read-Only Memory (ProgrammableROM, PROM), an Erasable programmable Read-Only Memory (EPROM), an electrically Erasable programmable Read-Only Memory (ElectricallyEPROM, EEPROM), or a Flash Memory (Flash Memory). The volatile memory may be random access memory (Random Access Memory, RAM) which acts as an external cache. By way of example, and not limitation, many forms of RAM are available, such as Static RAM (SRAM), dynamic random access memory (DynamicRAM, DRAM), synchronous Dynamic Random Access Memory (SDRAM), double data Rate Synchronous dynamic random access memory (DDR SDRAM), enhanced SDRAM (ESDRAM), synchronous link dynamic random access memory (SynchlinkDRAM, SLDRAM), and Direct memory bus RAM (DRRAM). The memory 702 of the systems and methods described in embodiments of the present invention is intended to comprise, without being limited to, these and any other suitable types of memory.

In some implementations, the memory 702 stores the following elements, executable modules or data structures, or a subset thereof, or an extended set thereof: an operating system 7021 and application programs 7022.

The operating system 7021 contains various system programs, such as a framework layer, a core library layer, a driver layer, and the like, for implementing various basic services and processing hardware-based tasks. The application programs 7022 include various application programs such as a Media Player (Media Player), a Browser (Browser), and the like for realizing various application services. A program for implementing the method of the embodiment of the present invention may be contained in the application program 7022.

In the embodiment of the present invention, the program or the instruction stored in the memory 702 is called, specifically, the program or the instruction may be stored in the application program 7022, where the processor is configured to access, based on the obtained first target access information corresponding to the target wireless access point, an encrypted local area network corresponding to the first target access information; the transmitter is used for acquiring second access information corresponding to the target wireless access point if the access fails, accessing a plaintext local area network corresponding to the second access information based on the second access information, and transmitting a query request to the target server through the plaintext local area network, wherein the query request carries the first target access information; the receiver is used for receiving the channel password of the encrypted local area network inquired by the target server based on the first target access information if the inquiry is successful; and the processor is used for accessing the encrypted local area network according to the received channel password and the first target access information. Some or all of the methods disclosed in the embodiments of the present invention may also be applied to the processor 701, or implemented by the processor 701 in conjunction with other elements (e.g., a transceiver). The processor 701 may be an integrated circuit chip having signal processing capabilities. In implementation, the steps of the above method may be performed by integrated logic circuits of hardware in the processor 701 or by instructions in the form of software. The processor 701 described above may be a general purpose processor, a digital signal processor (DigitalSignal Processor, DSP), an application specific integrated circuit (Application Specific Integrated Circuit, ASIC), a field programmable gate array (Field ProgrammableGate Array, FPGA) or other programmable logic device, discrete gate or transistor logic device, discrete hardware components. The disclosed methods, steps, and logic blocks in the embodiments of the present invention may be implemented or performed. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like. The steps of the method disclosed in connection with the embodiments of the present invention may be embodied directly in the execution of a hardware decoding processor, or in the execution of a combination of hardware and software modules in a decoding processor. The software modules may be located in a random access memory, flash memory, read only memory, programmable read only memory, or electrically erasable programmable memory, registers, etc. as well known in the art. The storage medium is located in a memory 702, and the processor 701 reads information in the memory 702 and performs the steps of the method in combination with its hardware.

It is to be understood that the embodiments of the invention described herein may be implemented in hardware, software, firmware, middleware, microcode, or a combination thereof. For a hardware implementation, the processing units may be implemented within one or more application specific integrated circuits (Application Specific Integrated Circuits, ASIC), digital signal processors (DigitalSignal Processing, DSP), digital signal processing devices (DSP devices, DSPD), programmable logic devices (Programmable Logic Device, PLD), field programmable gate arrays (FieldProgrammable Gate Array, FPGA), general purpose processors, controllers, microcontrollers, microprocessors, other electronic units for performing the functions of the application, or a combination thereof.

For a software implementation, the techniques of embodiments of the present invention may be implemented with modules (e.g., procedures, functions, and so on) that perform the functions of embodiments of the present invention. The software codes may be stored in memory and executed by the processor 701. The memory may be implemented within the processor 701 or external to the processor 701.

In one embodiment, the processor 701 is specifically configured to: obtaining a decryption key corresponding to the target identification information; decrypting the received channel password according to the decryption key; and accessing the encrypted local area network according to the decrypted channel password and the first target access information.

In one embodiment, the processor 701 is specifically configured to: inquiring whether the local is stored with the channel password of the encrypted local area network according to the first target access information; correspondingly, accessing the plaintext local area network based on the second access information comprises:

In one embodiment, the processor 701 is specifically configured to: if the channel password of the encrypted local area network is stored locally, accessing the encrypted local area network based on the channel password of the encrypted local area network stored locally and the first target access information.

In one embodiment, the processor 701 is specifically configured to: and if the encrypted local area network is not successfully accessed based on the channel password of the locally stored encrypted local area network and the first target access information, returning to execute the step of accessing the plaintext local area network based on the second access information.

In one embodiment, the processor 701 is specifically configured to: correspondingly storing the received channel password and the first target access information to the wireless station; or alternatively, the process may be performed,

In one embodiment, a computer readable storage medium is provided having a computer program stored thereon, which when executed by a processor, performs the steps of:

based on the obtained first target access information corresponding to the target wireless access point, accessing an encrypted local area network corresponding to the first target access information;

if the access fails, acquiring second access information corresponding to the target wireless access point, accessing a plaintext local area network corresponding to the second access information based on the second access information, and sending a query request to a target server through the plaintext local area network, wherein the query request carries first target access information;

If the inquiry is successful, the receiving target server inquires the channel password of the encrypted local area network based on the first target access information, and accesses the encrypted local area network according to the received channel password and the first target access information.

In one embodiment, the logic for accessing the encrypted local area network by the computer program according to the received channel password and the first target access information is executed by the processor, and specifically implements the steps of: obtaining a decryption key corresponding to the target identification information; decrypting the received channel password according to the decryption key; and accessing the encrypted local area network according to the decrypted channel password and the first target access information.

In one embodiment, the computer program when executed by the processor further performs the steps of: inquiring whether the local is stored with the channel password of the encrypted local area network according to the first target access information; correspondingly, when the logic of the computer program accessing the plaintext local area network based on the second access information is executed by the processor, the following steps are specifically implemented: and if the channel password of the encrypted local area network is not stored locally, executing the step of accessing the plaintext local area network based on the second access information.

In one embodiment, the computer program when executed by the processor further performs the steps of: if the channel password of the encrypted local area network is stored locally, accessing the encrypted local area network based on the channel password of the encrypted local area network stored locally and the first target access information.

In one embodiment, the computer program when executed by the processor further performs the steps of: and if the encrypted local area network is not successfully accessed based on the channel password of the locally stored encrypted local area network and the first target access information, returning to execute the step of accessing the plaintext local area network based on the second access information.

In one embodiment, the computer program when executed by the processor further performs the steps of: correspondingly storing the received channel password and the first target access information to the wireless station; or updating the channel password locally stored by the wireless station based on the corresponding relation between the received channel password and the first target access information.

In one embodiment, a computer program product is provided comprising a computer program which, when executed by a processor, performs the steps of:

In one embodiment, as shown in fig. 10, there is provided a network access device 2 including: a receiving module 21 and a returning module 22, wherein:

the receiving module 21 is configured to receive an inquiry request sent by a wireless station through a plaintext local area network, where the inquiry request carries first target access information of an encrypted local area network, where the inquiry request is that the wireless station obtains access information of a target wireless access point through scanning, and the access information is sent after the wireless station accesses the plaintext local area network according to second access information of the plaintext local area network in the access information, and the access information further includes the first target access information;

and a return module 22, configured to query the channel code of the encrypted local area network based on the first target access information, and send the channel code to the wireless station.

In one embodiment, the query request also carries target identification information of the wireless station, and the return module 22 includes: an encryption sub-module for: determining a target encryption key corresponding to the target identification information according to the target identification information;

encrypting the channel password by using the target encryption key;

and sending the encrypted channel password to the wireless station.

In one embodiment, the encryption sub-module is further to: inquiring a key database according to the target identification information, wherein a plurality of groups of corresponding relations between the identification information and the encryption key are stored in the key database;

And determining the target encryption key according to the query result.

In one embodiment, the return module 22 includes: a query sub-module for: determining target identification information of the wireless station according to the first target access information;

inquiring a target encryption key of a key database according to target identification information of the wireless station;

Fig. 11 is a schematic structural diagram of a target server according to an embodiment of the present invention. The target server 800 shown in fig. 11 includes: at least one processor 801, memory 802, at least one network interface 804. The various components in the target server 800 are coupled together by a bus system 805. It is appreciated that the bus system 805 is used to enable connected communications between these components. The bus system 805 includes a power bus, a control bus, and a status signal bus in addition to the data bus. But for clarity of illustration, the various buses are labeled as bus system 805 in fig. 11. In addition, in embodiments of the present invention, a transceiver 806 is also included, which may be a plurality of elements, i.e., including a transmitter and a receiver, providing a means for communicating with various other apparatus over a transmission medium.

It will be appreciated that the memory 802 in embodiments of the invention can be either volatile memory or nonvolatile memory, or can include both volatile and nonvolatile memory. The nonvolatile Memory may be a Read-Only Memory (ROM), a programmable Read-Only Memory (ProgrammableROM, PROM), an Erasable programmable Read-Only Memory (EPROM), an electrically Erasable programmable Read-Only Memory (ElectricallyEPROM, EEPROM), or a Flash Memory (Flash Memory). The volatile memory may be random access memory (Random Access Memory, RAM) which acts as an external cache. By way of example, and not limitation, many forms of RAM are available, such as Static RAM (SRAM), dynamic random access memory (DynamicRAM, DRAM), synchronous Dynamic Random Access Memory (SDRAM), double Data Rate Synchronous Dynamic Random Access Memory (DDRSDRAM), enhanced SDRAM (ESDRAM), synchronous link dynamic random access memory (SynchlinkDRAM, SLDRAM), and direct memory bus RAM (DRRAM). The memory 802 of the systems and methods described in embodiments of the present invention is intended to comprise, without being limited to, these and any other suitable types of memory.

In some implementations, the memory 802 stores the following elements, executable modules or data structures, or a subset thereof, or an extended set thereof: operating system 8021. The operating system 8021 includes various system programs, such as a framework layer, a core library layer, a driver layer, and the like, for implementing various basic services and processing hardware-based tasks.

In the embodiment of the present invention, by calling a program or an instruction stored in the memory 802, the transceiver is configured to receive an inquiry request sent by a wireless station through a plaintext local area network, where the inquiry request carries first target access information of an encrypted local area network, where the inquiry request is sent by the wireless station after the wireless station obtains access information of a target wireless access point through scanning, and the access information further includes the first target access information according to second access information of the plaintext local area network in the access information after the wireless station accesses the plaintext local area network;

a processor configured to query a channel password of the encrypted local area network based on the first target access information;

and a transmitter for transmitting the channel code to the wireless station.

Some or all of the methods disclosed in the embodiments of the present invention may also be applied to the processor 801, or implemented by the processor 801 in conjunction with other elements (e.g., a transceiver). The processor 801 may be an integrated circuit chip with signal processing capabilities. In implementation, the steps of the above method may be performed by integrated logic circuitry in hardware in the processor 801 or by instructions in software. The processor 801 described above may be a general purpose processor, digital signal processor (Digital Signal Processor, DSP), application specific integrated circuit (ApplicationSpecific Integrated Circuit, ASIC), field programmable gate array (Field Programmable Gate Array, FPGA) or other programmable logic device, discrete gate or transistor logic device, discrete hardware components. The disclosed methods, steps, and logic blocks in the embodiments of the present invention may be implemented or performed. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like. The steps of the method disclosed in connection with the embodiments of the present invention may be embodied directly in the execution of a hardware decoding processor, or in the execution of a combination of hardware and software modules in a decoding processor. The software modules may be located in a random access memory, flash memory, read only memory, programmable read only memory, or electrically erasable programmable memory, registers, etc. as well known in the art. The storage medium is located in a memory 802, and the processor 801 reads information in the memory 802 and, in combination with its hardware, performs the steps of the above method.

For a software implementation, the techniques of embodiments of the present invention may be implemented with modules (e.g., procedures, functions, and so on) that perform the functions of embodiments of the present invention. The software codes may be stored in a memory and executed by the processor 801. The memory may be implemented within the processor 801 or external to the processor 801.

In one embodiment, the query request further carries target identification information of the wireless station, and in one embodiment, the transmitter is specifically configured to: determining a target encryption key corresponding to the target identification information according to the target identification information; encrypting the channel password by using the target encryption key; and sending the encrypted channel password to the wireless station.

In one embodiment, the processor 807 is specifically configured to: inquiring a key database according to the target identification information, wherein a plurality of groups of corresponding relations between the identification information and the encryption key are stored in the key database; and determining the target encryption key according to the query result.

receiving an inquiry request sent by a wireless station through a plaintext local area network, wherein the inquiry request carries first target access information of an encrypted local area network, the inquiry request is that the wireless station acquires access information of a target wireless access point through scanning, and the access information is sent after the wireless station accesses the plaintext local area network according to second access information of the plaintext local area network in the access information, and the access information also comprises the first target access information;

and inquiring the channel password of the encrypted local area network based on the first target access information, and sending the channel password to the wireless station.

In one embodiment, the query request further carries target identification information of the wireless station, and when the logic of the computer program for transmitting the channel code to the wireless station is executed by the processor, the following steps are specifically implemented: determining a target encryption key corresponding to the target identification information according to the target identification information; encrypting the channel password by using the target encryption key; and sending the encrypted channel password to the wireless station.

In one embodiment, the logic of the computer program for determining the target encryption key corresponding to the target identification information according to the target identification information is executed by the processor, and specifically implements the following steps: inquiring a key database according to the target identification information, wherein a plurality of groups of corresponding relations between the identification information and the encryption key are stored in the key database; and determining the target encryption key according to the query result.

The user information (including but not limited to user equipment information, user personal information, etc.) and the data (including but not limited to data for analysis, stored data, presented data, etc.) are information and data authorized by the user or sufficiently authorized by each party.

Those skilled in the art will appreciate that implementing all or part of the above-described methods in accordance with the embodiments may be accomplished by way of a computer program stored on a non-transitory computer readable storage medium, which when executed may comprise the steps of the embodiments of the methods described above. Any reference to memory, database, or other medium used in the various embodiments provided herein may include at least one of non-volatile and volatile memory. The nonvolatile Memory may include Read-Only Memory (ROM), magnetic tape, floppy disk, flash Memory, optical Memory, high density embedded nonvolatile Memory, resistive random access Memory (ReRAM), magnetic random access Memory (MagnetoresistiveRandom Access Memory, MRAM), ferroelectric Memory (Ferroelectric Random Access Memory, FRAM), phase change Memory (PhaseChange Memory, PCM), graphene Memory, and the like. Volatile memory can include random access memory (Random Access Memory, RAM) or external cache memory, and the like. By way of illustration, and not limitation, RAM can be in the form of a variety of forms, such as static random access memory (StaticRandom Access Memory, SRAM) or dynamic random access memory (Dynamic Random Access Memory, DRAM), and the like. The databases referred to in the various embodiments provided herein may include at least one of relational databases and non-relational databases. The non-relational database may include, but is not limited to, a blockchain-based distributed database, and the like. The processors referred to in the embodiments provided herein may be general purpose processors, central processing units, graphics processors, digital signal processors, programmable logic units, quantum computing-based data processing logic units, etc., without being limited thereto.

The technical features of the above embodiments may be arbitrarily combined, and all possible combinations of the technical features in the above embodiments are not described for brevity of description, however, as long as there is no contradiction between the combinations of the technical features, they should be considered as the scope of the description.

The foregoing examples represent only a few embodiments of the present application, which are described in more detail and are not thereby to be construed as limiting the scope of the present application. It should be noted that it would be apparent to those skilled in the art that various modifications and improvements could be made without departing from the spirit of the present application, which would be within the scope of the present application. Accordingly, the scope of protection of the present application shall be subject to the appended claims.

Claims

1. A network access method for use in a wireless station, the method comprising:

2. The method of claim 1, wherein the query request further carries target identification information of the wireless station, the target identification information being used for authentication of the wireless station by the target server, and if the authentication is passed, determining a target encryption key corresponding to the target identification information, and encrypting the channel password based on the target encryption key.

3. The method according to claim 2, wherein the target identification information is a login user name of an application installed in the wireless station, and the target encryption key is a login password corresponding to the login user name.

4. The method of claim 2, wherein said accessing the encrypted local area network based on the received channel password and the first target access information comprises:

Decrypting the received channel password according to the decryption key;

5. The method of claim 4, wherein the target identification information is a login user name of an application installed in the wireless station, and the decryption key is a login password corresponding to the login user name.

6. The method according to any one of claims 1 to 5, wherein prior to said accessing said plain-text local area network based on said second access information, said method further comprises:

7. The method of claim 6, wherein the method further comprises:

8. The method of claim 6, wherein the method further comprises:

9. The method according to any of claims 1-5, wherein after said accessing the encrypted local area network according to the received channel password and the first target access information, the method further comprises:

10. The method according to any one of claims 1 to 5, wherein the plaintext local area network is configured with a white list of access addresses, the white list of access addresses comprising the address of the target server.

11. A network access method for use in a target server, the method comprising:

12. The method of claim 11, wherein the query request further carries target identification information of the wireless station, and wherein the sending the channel code to the wireless station comprises:

determining a target encryption key corresponding to the target identification information according to the target identification information;

encrypting the channel password with the target encryption key;

and sending the encrypted channel password to the wireless station.

13. The method of claim 12, wherein the determining a target encryption key corresponding to the target identification information based on the target identification information comprises:

and determining the target encryption key according to the query result.

14. The method of claim 12, wherein the target identification information is a login user name of an application installed in the wireless station, and the target encryption key is a login password corresponding to the login user name.

15. A network access device, the device comprising:

16. A network access device, the device comprising:

17. A wireless station comprising a transmitter, a processor, and a receiver;

18. A target server, comprising a transmitter, a receiver and a processor;

the transmitter is configured to send the channel code to the wireless station.

19. A computer readable storage medium, on which a computer program is stored, characterized in that the computer program, when being executed by a processor, implements the steps of the method of any of claims 1 to 14.

20. A computer program product comprising a computer program, characterized in that the computer program, when being executed by a processor, implements the steps of the method of any one of claims 1 to 14.