201208331 六、發明說明: 【發明所屬之技術領域】 [0001] 本發明涉及一種網路接入設備及其接入網路的方,去 [先前技術] [0002]201208331 VI. Description of the Invention: [Technical Field] [0001] The present invention relates to a network access device and a party for accessing the network, [Prior Art] [0002]
Pro- 目前,用戶廣泛採用PPPoE (point to PQint tocol over Ethernet,乙太網點對點協定)的方气 入網路(例如網際網路)。網路管理者(例如網路服務 提供商)需要為用戶分配上網帳號及密碼,用戶使用、 配得到的上網帳號和密碼進行網路連锋。隨著i網_ 的增加,網路管理者分配上網帳號及密碼的卫作1 增加。同時,用戶在接入網路時需要輪入上網帳號及密 碼,一方面增加了用戶操作,另一方面還可能出現上網 帳號及密碼被偷窺而盜用的情況。 【發明内容】 [0003] 鑒於以上内容,有必要提供一 種網路接人設備及其接入Pro- Currently, PPPoE (point to PQint tocol over Ethernet) is widely used by users (such as the Internet). The network administrator (such as the network service provider) needs to assign the user an online account number and password, and the network account and password used by the user to perform the network connection. With the increase of i-network _, the network administrator's allocation of Internet account and password is increased. At the same time, users need to turn in the Internet account and password when accessing the network. On the one hand, the user operation is increased, and on the other hand, the Internet account and password may be stolen and stolen. SUMMARY OF THE INVENTION [0003] In view of the above, it is necessary to provide a network access device and its access
網路的方法,能夠自動生成上網帳號及密竭„ " 路0 用以接入網 [0004] —種網路接入設備’該網路接入設備包括:讀取模組 用於讀取網路接入設備的物理位址;帳號生成模組,用 於根據讀取的物理位址生成上網帳號;密碼生成模組, 用於根據讀取的物理位址生成上網密碼;及驗證模組, 用於將生成的上網帳號及密碼發送給接入伺服器進行用 戶驗證,以確定是否將網路接入設備接入網路。 [0005] 一種網路接入设備接入網路的方法,該方法包括步驟: 讀取網路接入設備的物理位址;根據讀取的物理位址生 099125822 表單編號A0101 第3頁/共14頁 0992045310-0 201208331 成上網帳號;根據讀取的物理位址生成上網密碼;及將 生成的上網帳號及密碼發送給接入伺服器進行用戶驗證 ,以確定是否將網路接入設備接入網路。 [0006] 本發明由網路接入設備根據其物理位址自動生成上網帳 號及密碼並使用該上網帳號及密碼進行網路連接,省卻 了為用戶分配上網帳號及密碼的工作,並且簡化了用戶 上網的操作。 【實施方式】 [〇〇叫參閱圖1所示’係本發明網路接入設備較佳實施例的運行 環境示意圖。所述網路接入設備10連接用戶終端u及接 入伺服器12,接入伺服器12還連接網路1 3 (例如網際網 路)。網路接入設備10向接入伺服器12請求接入網路13 ’使得用戶終端11能夠享受網路13提供的服務。在本實 施例中’網路接入設備10採用PPPoE (p〇int t〇 point protocol over Ethernet,乙太網點對點協定)的方 式向接入祠服器1 2請求接八網路1 3。所述網路接入設備 1〇可以是缓線數據機(cable modem)或非對稱數位用 戶線路數據機(asymmetrical digital subscriber line modem,ADSL modem)。所述用戶終端η可以是 電腦、手機或個人數位助理。 [0008] 099125822 參閱圖2所示,係圖1中網路接入設備1〇的示意圖。所述 網路接入設備10包括讀取模組2〇〇、帳號生成模組21〇、 搶碼生成模組2 20、驗證模組230及儲存器240。 所述讀取模組200用於讀取網路接入設備1〇的物理位址。 在本實施例中’網路接入設備1〇的物理位址預先儲存在 表單編號A0101 第4頁/共14頁 0992045310-0 [0009] 201208331 儲存器240 (例如快閃記憶體)中,讀取模組200從儲存 器240讀取網路接入設備1〇的物理位址。讀取模組2〇〇可 以在網路接入設備1 〇啟動後立即讀取網路接入設備1 〇的 物理位址。 [⑻ 10] ο [0011] ο [0012] 099125822 所述帳號生成模組210用於根據讀取的物理位址生成上網 帳號。在本實施例中’帳號生成模組210將讀取的物理位 址與特定字串進行組合以生成上網帳號。例如,在讀取 的物理位址之後加上電子郵箱尾碼,生成電子郵箱形式 的上網帳號。舉例來說’讀取的物理位址為 99-22-1 1-05-00-24 ’帳號生成模組21〇根據該物理位 址生成的上網帳號為 " gg-22-ll-05-00-24@vendor.com.cn。又如,在讀取 的物理位址之前加上特定字串以生成上網帳號。 所述密碼生成模組220用於根據讀取的物理位址生成上網 密瑀。在本實施例中,密碼生成模組220運用散列演算法 對讀取的物理位址進行散列運算得到一個固定長度的散 列值(即資訊摘要)’以該散列值作為上網密碼。透過 散列運算生成的散列值具有不可偽造性,保證了上網密 瑀的安全。所述散列演算法可以是SHA-1 (Secure HaSh Algorithm-l ’安全散列演算法_丨)或肋5 ( Message-digest Algorithm 5,消息摘要演算法5) 〇 所述驗證模組230用於將生成的上網帳號及密碼發送給接 入伺服器12進行用戶驗證,以確定是否將網路接入設備 0接入網路13。在本實施例中,接入伺服器12儲存有所 表單.編號删1 第5頁/共14頁 0992045310-0 201208331 有的合法上網帳號,接人飼服器12判斷收到的上網帳號 是否存在於合法上網帳號中。若收到的上網帳號存在於 合法上網帳號中,則接入伺服器12根據收到的上網帳號 採用與密碼生成模組22D同樣的演算法生成上網密碼,並 判斷自身生成的上網密碼與收到的上網密瑪是否一致.。 若自身生成的上網密碼與收到的上網密碼一致,則該接 收的上網帳號及岔碼通過用戶驗證,接入伺服器12將網 路接入设備10接入網路13。若收到的上網帳號不存在於 合法上網帳號令,或者接入伺服器12自身生成的上網密 碼與收到的上網密碼不一致,則所述接收的上網帳號及 密碼未通過用戶驗證,接入伺服器12不會將網路接入設 備10接入網路13。接入伺服器12還可以對通過用戶驗證 的網路接入設備10進行業務授權,使得用戶可以享受網 路13提供的指定服務。 [0013] [0014] [0015] [0016] 參閱圖3所示,係本發明網路接入設備接入網路的方法較 佳實施例的流程圖。 步驟S301,開啟網路接入設儀1〇ι 步驟S302,讀取模組200讀取網路接入設備1〇的物理位 址。在本實施例中,網路接入設備1〇的物理位址預先儲 存在儲存器240 (例如快閃記憶體)中,讀取模組2〇〇從 儲存器2 4 0讀取網路接入設備1 〇的物理位址。 步驟S303,帳號生成模組21〇根據讀取的物理位址生成上 網帳號。在本實施例中,帳號生成模組21〇將讀取的物理 位址與特定字串進行組合以生成上網帳號。例如,在讀 099125822 表單編號A0101 第6頁/共14頁 0992045310-0 201208331 取的物理位址之後加上電子郵箱尾碼,生成電子郵箱形 式的上網帳號。舉例來說,讀取的物理位址為 99-22-1 1-05-00-24,帳號生成模組210根據該物理位 址生成的上網帳號為 99-22-ll-05-00-24@vendor. com. cn。又如,在讀取 的物理位址之前加上特定字串以生成上網帳號。 [0017] Ο 步驟S304,密碼生成模組220根據讀取的物理位址生成上 網密碼。在本實施例中,密碼生成模組220運用散列演算 法對讀取的物理位址進行散列運算得到一個固定長度的 散列值(即資訊摘要),以該散列值作為上網密碼。透 過散列運算生成的散列值具有不可偽造性,保證了上網 密碼的安全。所述散列演算法可以是SHA-1 ( Secure Hash Algorithm-1,安全散列演算法-1)或MD5 (The network method can automatically generate an online account and exhaustive „ "路0 for access network [0004] - a network access device's network access device includes: a reading module for reading The physical address of the network access device; the account generation module is configured to generate an online account according to the read physical address; the password generating module is configured to generate an online password according to the read physical address; and the verification module And sending the generated online account and password to the access server for user authentication to determine whether to access the network access device to the network. [0005] A method for accessing a network by a network access device The method includes the steps of: reading a physical address of the network access device; generating a 099125822 form number A0101 according to the read physical address, page 3/14 pages 0992045310-0 201208331 into an online account; according to the read physical The address generates an online password; and the generated online account and password are sent to the access server for user authentication to determine whether to access the network access device to the network. [0006] The present invention is based on the network access device. Physical position Automatically generate an online account and password and use the Internet account and password for network connection, eliminating the task of assigning an online account and password to the user, and simplifying the operation of the user's Internet access. [Embodiment] [How to refer to Figure 1 A schematic diagram of an operating environment of a preferred embodiment of the network access device of the present invention. The network access device 10 is connected to the user terminal u and the access server 12, and the access server 12 is also connected to the network 13 ( For example, the Internet. The network access device 10 requests the access server 12 to access the network 13' so that the user terminal 11 can enjoy the services provided by the network 13. In the present embodiment, the network access device 10 The method of PPPoE (p〇int t〇point protocol over Ethernet) is used to request the access server 1 2 to connect to the network 13. The network access device 1 can be a slow line. A cable modem or an asymmetrical digital subscriber line modem (ADSL modem). The user terminal η may be a computer, a mobile phone or a personal digital assistant. [0008] 099125822 Referring to FIG. 2, it is a schematic diagram of a network access device 1 in FIG. 1. The network access device 10 includes a reading module 2, an account generating module 21, and a grab code generating module 2. 20. The verification module 230 and the storage unit 240. The reading module 200 is configured to read the physical address of the network access device 1 . In the embodiment, the physical location of the network access device 1 The address is pre-stored in the form number A0101, page 4 / 14 pages 0992045310-0 [0009] 201208331 in the memory 240 (for example, flash memory), the reading module 200 reads the network access device 1 from the storage 240 The physical address of the device. The reading module 2 can read the physical address of the network access device 1 immediately after the network access device 1 starts. [(8) 10] ο [0012] 099125822 The account generation module 210 is configured to generate an online account according to the read physical address. In this embodiment, the account generation module 210 combines the read physical address with a specific string to generate an online account. For example, by adding the e-mail end code after the physical address of the read, an online account in the form of an e-mail address is generated. For example, the physical address of the read is 99-22-1 1-05-00-24. The account generation module 21 generates an Internet account based on the physical address as " gg-22-ll-05- 00-24@vendor.com.cn. As another example, a specific string is added before the read physical address to generate an online account. The password generating module 220 is configured to generate an Internet password according to the read physical address. In this embodiment, the password generation module 220 hashes the read physical address by using a hash algorithm to obtain a fixed-length hash value (ie, a message digest), and uses the hash value as the password. The hash value generated by the hash operation is unforgeable, which ensures the security of the Internet. The hash algorithm may be SHA-1 (Secure HaSh Algorithm-l 'Secure Hash Algorithm_丨) or rib 5 (Message-digest Algorithm 5), and the verification module 230 is used by the verification module 230. The generated online account and password are sent to the access server 12 for user authentication to determine whether the network access device 0 is connected to the network 13. In this embodiment, the access server 12 stores a form. The number is deleted 1 page 5 / 14 pages 0992045310-0 201208331 Some legal Internet accounts, the receiving server 12 determines whether the received online account exists In a legal online account. If the received online account exists in the legal online account, the access server 12 generates an online password according to the received online account using the same algorithm as the password generating module 22D, and determines the online password generated and received by the access server. Is the Internet Mimma consistent? If the online password generated by the user is consistent with the received Internet password, the received Internet account and weight are authenticated by the user, and the access server 12 connects the network access device 10 to the network 13. If the received online account does not exist in the legal online account, or the access password generated by the access server 12 itself is inconsistent with the received online password, the received online account and password are not authenticated by the user, and the access server is accessed. The device 12 does not access the network access device 10 to the network 13. The access server 12 can also authorize the network access device 10 authenticated by the user so that the user can enjoy the designated service provided by the network 13. [0016] Referring to FIG. 3, it is a flowchart of a preferred embodiment of a method for accessing a network access device of the present invention. Step S301, the network access device is turned on. Step S302, the reading module 200 reads the physical address of the network access device. In this embodiment, the physical address of the network access device 1 is pre-stored in the storage 240 (for example, a flash memory), and the reading module 2 reads the network connection from the storage device 240. Enter the physical address of device 1. In step S303, the account generation module 21 generates an online account according to the read physical address. In this embodiment, the account generation module 21 combines the read physical address with a specific string to generate an online account. For example, after reading 099125822 Form No. A0101 Page 6 of 14 0992045310-0 201208331 The physical address is taken and the e-mail end code is added to generate an e-mail account. For example, the physical address of the read is 99-22-1 1-05-00-24, and the account generated by the account generation module 210 according to the physical address is 99-22-ll-05-00-24. @vendor. com. cn. As another example, a specific string is added before the read physical address to generate an online account. [0017] Ο Step S304, the password generation module 220 generates an online password according to the read physical address. In this embodiment, the password generation module 220 hashes the read physical address by using a hash algorithm to obtain a fixed-length hash value (ie, an information digest), and uses the hash value as the online password. The hash value generated by the hash operation is unforgeable, which ensures the security of the password. The hash algorithm may be SHA-1 (Secure Hash Algorithm-1) or MD5 (
Message-digest Algorithm 5,消息摘要演算法5) 〇Message-digest Algorithm 5, message digest algorithm 5) 〇
[0018] G 步驟S305,驗證模組230將生成的上網帳號及密碼發送給 接入伺服器12進行用戶驗證,以確定是否將網路接入設 備10接入網路13。在本實施例中,接入伺服器12儲存有 所有的合法上網帳號,接入伺服器12判斷收到的上網帳 號是否存在於合法上網帳號中。若收到的上網帳號存在 於合法上網帳號中,則接入伺服器12根據收到的上網帳 號採用與密碼生成模組220同樣的演算法生成上網密碼, 並判斷自身生成的上網密碼與收到的上網密碼是否一致 。若自身生成的上網密碼與收到的上網密碼一致,則該 接收的上網帳號及密碼通過用戶驗證,接入伺服器12將 099125822 表單編號A0101 第7頁/共14頁 0992045310-0 201208331 網路接入設備10接入網路13。若收到的上網帳號不存在 於合法上網帳號中,或者接入伺服器12自身生成的上網 密碼與收到的上網密碼不一致,則所述接收的上網帳號 及密碼未通過用戶驗證,接入伺服器12不會將網路接入 設備1〇接入網路13。接入伺服器12還可以對通過用戶驗 證的網路接入設備10進行業務授權,使得用戶可以享受 網路13提供的指定服務。 [0019] 本發明根據網路接入設備1 0的物理位址生成上網帳號及 密碼,由於網路接入設備10的物理位址的唯一性,網路 接入設備10生成唯一的上網帳號及密碼,保證了該上網 帳號及密碼的有效性。 [0020] 綜上所述,本發明符合發明專利要件,爰依法提出專利 申請。惟,以上所述者僅為本發明之較佳實施例,本發 明之範圍並不以上述實施例為限,舉凡熟悉本案技藝之 人士援依本發明之精神所作之等效修飾或變化,皆應涵 蓋於以下申請專利範圍内。 【圖式簡單說明】 [0021] 圖1係本發明網路接入設備較佳實施例的運行環境示意圖 〇 [0022] 圖2係圖1中網路接入設備的示意圖。 [0023] 圖3係本發明網路接入設備網路接入網路的方法較佳實施 例的流程圖。 【主要元件符號說明】 [0024] 網路接入設備:10 099125822 表單編號A0101 第8頁/共i4頁 0992045310-0 201208331 [0025] [0026] [0027] [0028] [0029] [0030] [0031] ❹ [0032] 用戶終端:11 接入伺服器:12 網路:13 讀取模組:200 帳號生成模組:210 密碼生成模組:220 驗證模組:230 儲存器:240 〇 099125822 表單編號Α0101 第9頁/共14頁 0992045310-0[0018] In step S305, the verification module 230 sends the generated online account number and password to the access server 12 for user verification to determine whether to access the network access device 10 to the network 13. In this embodiment, the access server 12 stores all the legal Internet accounts, and the access server 12 determines whether the received Internet account exists in the legal Internet account. If the received online account exists in the legal online account, the access server 12 generates an online password according to the received online account using the same algorithm as the password generating module 220, and determines the online password generated and received by the access server. Is the password for the Internet consistent? If the online password generated by itself is consistent with the received Internet password, the received online account and password are authenticated by the user, and the access server 12 will connect the 099125822 form number A0101 page 7 / 14 pages 0992045310-0 201208331 The incoming device 10 is connected to the network 13. If the received Internet account does not exist in the legal Internet account, or the Internet access password generated by the access server 12 itself is inconsistent with the received Internet password, the received Internet account and password are not authenticated by the user, and the access server is accessed. The device 12 does not connect the network access device 1 to the network 13. The access server 12 can also authorize the network access device 10 authenticated by the user so that the user can enjoy the specified service provided by the network 13. [0019] The present invention generates an online account and a password according to the physical address of the network access device 10. The network access device 10 generates a unique online account and the uniqueness of the physical address of the network access device 10. The password guarantees the validity of the online account and password. [0020] In summary, the present invention complies with the requirements of the invention patent, and submits a patent application according to law. The above is only the preferred embodiment of the present invention, and the scope of the present invention is not limited to the above-described embodiments, and equivalent modifications or variations made by those skilled in the art in light of the spirit of the present invention are It should be covered by the following patent application. BRIEF DESCRIPTION OF THE DRAWINGS [0021] FIG. 1 is a schematic diagram of an operating environment of a network access device according to a preferred embodiment of the present invention. [0022] FIG. 2 is a schematic diagram of a network access device in FIG. 3 is a flow chart of a preferred embodiment of a method for accessing a network access network of a network access device of the present invention. [Main component symbol description] [0024] Network access device: 10 099125822 Form number A0101 Page 8 / total i4 page 0992045310-0 201208331 [0025] [0027] [0029] [0030] 0031] ❹ [0032] User terminal: 11 Access server: 12 Network: 13 Read module: 200 Account generation module: 210 Password generation module: 220 Authentication module: 230 Storage: 240 〇 099125822 Form No.Α0101 Page 9/14 pages 0992045310-0