WO2012155672A1 - 对EoC终端进行远程认证的方法、EoC设备和系统 - Google Patents

对EoC终端进行远程认证的方法、EoC设备和系统 Download PDF

Info

Publication number
WO2012155672A1
WO2012155672A1 PCT/CN2012/072855 CN2012072855W WO2012155672A1 WO 2012155672 A1 WO2012155672 A1 WO 2012155672A1 CN 2012072855 W CN2012072855 W CN 2012072855W WO 2012155672 A1 WO2012155672 A1 WO 2012155672A1
Authority
WO
WIPO (PCT)
Prior art keywords
eoc
terminal
protocol server
management protocol
authentication
Prior art date
Application number
PCT/CN2012/072855
Other languages
English (en)
French (fr)
Inventor
陈澎
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2012155672A1 publication Critical patent/WO2012155672A1/zh

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities

Definitions

  • the invention relates to a logic application network technology, in particular to a method for remotely authenticating an EoC (Ethernet over Coax) terminal, an EoC device and a system.
  • EoC Electronic over Coax
  • Ethernet data through EoC technology ie Ethernet data transmission over coaxial cable, simultaneous transmission of TV signals and broadband network signals on a coaxial cable, coaxial broadband access audio video (Audio Video) technology process, using HomePlug power line International standards proposed by the Technology Alliance.
  • Every device that uses this technology should include CM functions for discovering devices that use the same technology and form a logical application network (AVL, AV Logical Network).
  • AAVLN topology network one and only one device exists as a master device (CCo, Central Coordinator), and the master device is responsible for managing and coordinating other slave devices and maintaining the entire network topology.
  • CCo Central Coordinator
  • the master device is the EoC headend, and the other slave devices are EoC terminals.
  • beacon technology is used to send reliable beacon broadcast messages to notify neighbors of their own existence.
  • each device also listens to beacon packets of other devices, belonging to the same AVLN.
  • the device shares a Network Membership Key (NMK).
  • the NMK is used to identify that the devices that own the NMK belong to the same network.
  • Each device monitors the beacon packets from other devices in the same AVLN network.
  • a discovered device list (DSL, Discovered Station List) maintains a discovered network list (DNL, Discovered Networks List) for the monitored beacon packets that do not belong to the AVLN.
  • DSL Discovered Station List
  • DNS Discovered Networks List
  • the EoC headend can refer to the EoC in the DNL according to the local whitelist system.
  • the terminal performs legality authentication, and determines whether the EoC terminal can communicate with the EoC headend and other EoC terminals according to the authentication result.
  • the EoC terminal is connected to the EoC head end.
  • This is a very cumbersome task for the administrator or the operator, which reduces the work efficiency.
  • the object of the present invention is to provide a method, an EoC device and a system for remotely authenticating an EoC terminal, which solves the problem of low work efficiency in the case of a large network or a complicated network.
  • an embodiment of the present invention provides a method for remotely authenticating an EoC terminal in a network, where the method includes: after the EoC head end detects that an EoC terminal is online for the first time, generates an authentication request table; The head end sends the EoC terminal to the simple network management protocol server for the first time to send the alarm information; when the simple network management protocol server authenticates the EoC terminal according to the alarm information, the EoC head end receives the simple network management protocol.
  • the server sets the authentication request table to the feedback information of the legal status of the authority; the EoC head end performs the opening operation of the EoC terminal according to the feedback information.
  • the method further includes: when the simple network management protocol server authenticates the EoC terminal according to the alarm information, and the authentication result is invalid, the EoC head end receives the simple network management protocol server to The authentication request table is set as feedback information for the illegal status of the permission.
  • the EoC head end receives the setting of the authentication request table by the simple network management protocol server through an information management library interface.
  • the alarm information includes a MAC address of the EoC terminal.
  • the method further includes: the EoC head end is periodically terminated to each of the EoC ends Inquiring about the list of discovered devices maintained by the EoC terminal and/or the case where other network lists have been found, and storing the registration of the EoC terminal in the list of discovered devices on the EoC headend and/or in the list of other discovered networks.
  • the registration information is used when the EoC head end generates the authentication request table and the alarm information corresponding to the EoC terminal.
  • the present invention also provides an EoC device for remotely authenticating an EoC terminal in a network.
  • the EoC device is used as an EoC headend in the network, and the EoC device includes: a detecting unit, configured to detect that an EoC terminal is online for the first time. And generating an authentication request table; the alarm unit is configured to send, to the simple network management protocol server, the alarm information that the EoC terminal is online for the first time; and the authentication management unit is configured to detect, according to the alarm information, the simple network management protocol server
  • the simple network management protocol server receives the feedback information that the authentication request table is set to the legal status of the authority; the terminal opening unit is connected to the authentication management unit, and is configured to receive at the authentication management unit. After the simple network management protocol server sets the authentication request table to the feedback information of the legal authority status, the simple operation of the EoC terminal is performed.
  • the authentication management unit is further configured to: when the simple network management protocol server authenticates the EoC terminal according to the alarm information, and the authentication result is invalid, receive the simple network management protocol server to The authentication request table is set as feedback information for the illegal status of the permission.
  • the EoC device further includes a terminal registration information management unit, configured to periodically query each EoC terminal for a list of discovered devices that are maintained by each of them and/or a case where other network lists have been found, and at the head end of the EoC.
  • the registration information of the EoC terminal is stored in the device list and/or the other network list is found. The registration information is used when the EoC head end generates the authentication request table and the alarm information.
  • the present invention also provides a system for remotely authenticating an EoC terminal in a network, the system comprising an EoC headend, a simple network management protocol server, and an EoC terminal; the EoC headend
  • the detecting unit is configured to: after detecting that one of the EoC terminals is online for the first time, generate an authentication request table; and the alarm unit is configured to send, to the simple network management protocol server, the alarm information that the EoC terminal is online for the first time;
  • a unit configured to: when the simple network management protocol server authenticates the EoC terminal according to the alarm information, receive the feedback information that the simple network management protocol server sets the authentication request table to a legal status;
  • the unit is connected to the authentication management unit, and is configured to perform the opening operation on the EoC terminal after the authentication management unit receives the feedback information that the simple network management protocol server sets the authentication request table to the legal authority status.
  • a simple network management protocol server configured to store authentication information of the EoC terminal, and authenticate the EoC
  • the EoC headend further includes: an authentication management unit, configured to: when the simple network management protocol server authenticates the EoC terminal according to the alarm information, and the authentication result is illegal, receiving the The simple network management protocol server sets the authentication request table as feedback information of an unauthorized status.
  • an authentication management unit configured to: when the simple network management protocol server authenticates the EoC terminal according to the alarm information, and the authentication result is illegal, receiving the The simple network management protocol server sets the authentication request table as feedback information of an unauthorized status.
  • the beneficial effects of the above technical solution of the present invention are as follows:
  • the EoC head end automatically generates an authentication request table, and automatically sends an alarm message to the Simple Network Management Protocol Server (SNMP Server), and the SNMP server authenticates itself.
  • the authentication request table located in the EoC headend is modified, and the entire authentication process does not require an administrator intervention operation, and the EoC head end is fully automated for each EoC terminal authentication, thereby improving work efficiency.
  • FIG. 1 is a schematic flow chart of a method for remotely authenticating an EoC terminal in a network according to an embodiment of the present invention
  • FIG. 2 is a schematic structural diagram of an EoC device according to an embodiment of the present invention.
  • FIG. 3 is a schematic structural diagram of a system for remotely authenticating an EoC terminal in a network according to an embodiment of the present invention. detailed description
  • the administrator in the actual network planning, can remotely control and manage the EoC headend through the SNMP protocol to implement remote authentication of the EoC terminal by the EoC headend.
  • An embodiment of the present invention provides a method for remotely authenticating an EoC terminal in a network. As shown in FIG. 1, the method includes:
  • Step 101 After detecting that an EoC terminal is online for the first time, the EoC headend generates an authentication request table.
  • Step 102 The EoC headend sends an alarm message that the EoC terminal goes online for the first time to the Simple Network Management Protocol (SNMP) server.
  • SNMP Simple Network Management Protocol
  • Step 103 When the SNMP server authenticates the EoC terminal according to the alarm information, the EoC head end receives feedback information that the SNMP server sets the authentication request table to a permission normal state;
  • Step 104 The EoC head end performs an opening operation on the EoC terminal according to the feedback information.
  • the EoC head end automatically generates an authentication request table, and automatically sends an alarm message to the SNMP server, and the SNMP server automatically modifies the authentication request located in the EoC head end after the authentication is legal. Table, the entire authentication process does not require administrator intervention, and the EoC headend is fully automated for each EoC terminal certification, improving work efficiency.
  • the SNMP server when the SNMP server authenticates the EoC terminal according to the alarm information, it is possible that the authentication result indicates that it is illegal, that is, when the SNMP server detects the EoC terminal according to the alarm information, and the authentication result is obtained.
  • the EoC head end receives feedback information that the SNMP server sets the authentication request table to an unauthorized state. among them, When the authentication result is invalid, the EoC headend performs the shutdown operation on the EoC terminal.
  • the EoC headend receives the setting of the authentication request table by the SNMP server through an information management library interface.
  • the alarm information includes: a MAC address of the EoC terminal, and may further include other identification information about the EoC terminal.
  • the SNMP server After receiving the alarm information, the SNMP server checks whether the EoC terminal is legal according to the identification information such as the MAC address in the alarm information.
  • the EoC headend periodically queries each EoC terminal for a list of discovered devices that they maintain and/or a list of other network discoveries, and a list of discovered devices at the EoC headend and
  • the registration information of the EoC terminal is stored in the other network list.
  • the registration information is used by the EoC head end to generate the authentication request table and the alarm information.
  • the EoC headend also maintains the topology of the entire network based on the aggregated information.
  • the EoC headend reports the EoC terminal registration request information through the alarm mechanism of the management information base (MIB) interface, and the SNMP server sends the authorization information of the EoC terminal through the MIB standard interface.
  • MIB management information base
  • the process of remotely authenticating an EoC terminal in a network includes:
  • the EoC headend detected an EoC terminal coming online for the first time.
  • the EoC headend obtains the registration information of the EoC terminal through its network device list; specifically, the registration information of the EoC terminal may be obtained from the discovered device list and/or the discovered other network list.
  • the EoC headend locally generates an authentication request table for the EoC terminal.
  • the EoC headend sends an alarm message to the SNMP server for the first time that the EoC terminal goes online.
  • the SNMP server accesses the authentication request table located at the head end of the EoC through the MIB interface, and includes: when the SNMP server authenticates the EoC terminal according to the alarm information, the SNMP server sets the authentication request table to a permission legal state; when the SNMP server is configured according to the SNMP server The alarm When the information is authenticated by the EoC terminal, and the authentication result is invalid, the SNMP server sets the authentication request table to an unauthorized state.
  • the EoC head end When the authentication result is legal, the EoC head end performs the opening operation of the EoC terminal; when the authentication result is invalid, the EoC head end performs the closing operation on the EoC terminal.
  • MIB is a database that represents a set of manageable objects of a device or service.
  • Each host managed by the SNMP server must have an MIB that describes the manageable objects on that host. All MIBs must be defined with a precise organizational structure.
  • the SNMP server connects to other agents, it uses the information in the MIB to identify how the information on the agent is organized.
  • An embodiment of the present invention provides an EoC device that performs remote authentication on an EoC terminal in a network.
  • the EoC device is used as an EoC head end in the network. As shown in FIG. 2, the EoC device includes:
  • the detecting unit 201 is configured to generate an authentication request table after detecting that an EoC terminal is online for the first time;
  • the alarm unit 202 is configured to send, to the SNMP server, the alarm information that the EoC terminal is online for the first time;
  • the authentication management unit 203 is configured to: when the SNMP server detects that the EoC terminal is legal according to the alarm information, receive the feedback information that the SNMP server sets the authentication request table to a legal status of the authority;
  • the terminal opening unit 204 is connected to the authentication management unit 203, and configured to receive, by the authentication management unit 203, the SNMP server to set the authentication request table to a rights legal status. After that, the EoC terminal is turned on.
  • the EoC device may further include: an authentication management unit 203, configured to: when the SNMP server detects the EoC terminal according to the alarm information, and the authentication result is invalid, the receiving the SNMP server sets the authentication request table as a permission. Feedback information for illegal status.
  • an authentication management unit 203 configured to: when the SNMP server detects the EoC terminal according to the alarm information, and the authentication result is invalid, the receiving the SNMP server sets the authentication request table as a permission. Feedback information for illegal status.
  • a terminal registration information management unit configured to periodically query each EoC terminal for a list of discovered devices that they maintain and/or a list of other network lists that have been discovered, and a list of discovered devices at the EoC headend and/or discovered
  • the registration information of the EoC terminal is stored in the other network list; the registration information is used when the EoC head end generates the authentication request table and the alarm information.
  • the EoC headend automatically generates an authentication request table, and automatically sends an alarm request message to the SNMP server. After the authentication is legal, the SNMP server automatically modifies the authentication request table located in the EoC headend. The entire authentication process does not need to be performed. The administrator's intervention operation realized the full automation of the EoC headend for each EoC terminal authentication, and improved the work efficiency.
  • the embodiment of the present invention provides a system for remotely authenticating an EoC terminal in a network.
  • the system includes an EoC headend, an SNMP server, and an EoC terminal.
  • the EoC headend includes: a detecting unit. After detecting that the EoC terminal is online for the first time, generating an authentication request table, and the alarm unit is configured to send, to the SNMP server, the alarm information that the EoC terminal is online for the first time;
  • An authentication management unit configured to: when the SNMP server authenticates the EoC terminal according to the alarm information, receive feedback information that the SNMP server sets the authentication request table to a permission normal state;
  • a terminal opening unit configured to be connected to the authentication management unit, configured to perform an opening operation on the EoC terminal after the authentication management unit receives the feedback information that the SNMP server sets the authentication request table to a legal status
  • the SNMP server is connected to the EoC terminal, and is configured to store the authentication information of the EoC terminal, and authenticate the EoC terminal according to the alarm information.
  • the EoC headend may further include: an authentication management unit, configured to: when the SNMP server detects the EoC terminal according to the alarm information, and the authentication result is invalid, the receiving the SNMP server sets the authentication request table to Feedback information about the illegal status of the permission.
  • the technical solution provided by the embodiment of the present invention has the beneficial effects that the authentication information of each EoC terminal is configured on the SNMP server, and the EoC headend sends an SNMP alarm mechanism to the SNMP server after detecting that the EoC terminal is online for the first time.
  • the EoC terminal is online for the first time.
  • the SNMP server modifies the authentication request table located in the EoC headend. The entire authentication process does not require administrator intervention.
  • the EoC headend authenticates each EoC terminal. All of the automation, improve the efficiency, can free the administrator from this tedious work.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Small-Scale Networks (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Description

对 EoC终端进行远程认证的方法、 EoC设备和系统 技术领域
本发明涉及逻辑应用网络技术, 特别是指一种对同轴电缆传输(EoC, Ethernet over Coax )终端进行远程认证的方法、 EoC设备和系统。 背景技术
应用以太数据通过 EoC技术即以太数据通过同轴电缆传输, 在一个同 轴电缆上同时传输电视信号及宽带网络信号, 同轴宽带接入音频视频 ( Audio Video )技术过程中,采用的是 HomePlug电力线技术联盟提出的国 际标准。 每一个采用该技术的设备都应包含 CM功能, 用于发现周边采用 同样技术的设备并构成逻辑应用网络( AVLN, AV Logical Network )。 在一 个 AVLN 拓朴网络中, 有且只有一个设备作为主设备 ( CCo , Central Coordinator )存在, 主设备负责管理协调其它从设备, 并维护整个网络拓朴 结构。
对于 EoC网络而言, 主设备是 EoC头端, 其它的从设备是 EoC终端。 在各个设备上电之初, 会利用信标帧 (beacon )技术发送可靠的 beacon广 播报文通知周边设备自身的存在; 同时每个设备也都监听其它设备的 beacon报文, 属于同一个 AVLN的设备共享一个网络隶属关键字 ( NMK, Network Membership Key ), NMK用于标识拥有该 NMK的设备属于同一个 网络; 每个设备监听到的来自于同一个 AVLN网络内其他设备的 beacon报 文后维护一个已发现设备列表( DSL, Discovered Station List ), 对于监听到 的不属于自身所在 AVLN的 beacon报文, 则维护一个已发现其他网络列表 ( DNL, Discovered Networks List )。
现有技术中, EoC头端可以根据本地的白名单系统对 DNL 中的 EoC 终端进行合法性认证, 并根据认证结果确定该 EoC终端是否可以和 EoC头 端以及其他 EoC终端通讯。
发明人发现现有技术存在如下问题: 管理员必须事先确切知道每个
EoC终端是连接在哪一个 EoC头端下, 在网络规模较大或者组网比较复杂 的情况下, 这对管理员或者操作者而言是一件非常繁瑣的工作, 降低了工 作效率。 发明内容
本发明的目的在于提供一种对 EoC终端进行远程认证的方法、 EoC设 备和系统, 解决在网络规模较大或者组网比较复杂的情况下工作效率低的 问题。
为解决上述技术问题, 本发明的实施例提供一种在网络中对 EoC终端 进行远程认证的方法, 所述方法包括: EoC头端检测到一个 EoC终端首次 上线后, 生成一个认证请求表; EoC 头端向简单网络管理协议服务器发送 所述 EoC终端首次上线的告警信息; EoC头端在所述简单网络管理协议服 务器根据所述告警信息认证所述 EoC终端合法时, 接收所述简单网络管理 协议服务器对所述认证请求表设置为权限合法状态的反馈信息; EoC 头端 根据所述反馈信息对所述 EoC终端进行开通操作。
优选的, 所述方法还包括: 当所述简单网络管理协议服务器根据所述 告警信息认证所述 EoC终端, 且认证结果为不合法时, EoC头端接收所述 简单网络管理协议服务器对所述认证请求表设置为权限不合法状态的反馈 信息。
优选的, 所述 EoC头端通过信息管理库接口接收所述简单网络管理协 议服务器对所述认证请求表的设置。
优选的, 所述告警信息中包括所述 EoC终端的 MAC地址。
优选的, 所述方法还包括: 所述 EoC头端定期的向每一个所述 EoC终 端问询该 EoC 终端维护的已发现设备列表和 /或已发现其他网络列表的情 况, 并在所述 EoC头端的已发现设备列表和 /或已发现其他网络列表中存放 所述 EoC终端的注册信息; 所述注册信息用于所述 EoC头端生成与该 EoC 终端对应的所述认证请求表和所述告警信息时使用。
本发明还提供了一种在网络中对 EoC终端进行远程认证的 EoC设备, 所述 EoC设备在网络中作为 EoC头端, 所述 EoC设备包括: 检测单元, 用 于检测到一个 EoC终端首次上线后, 生成一个认证请求表; 告警单元, 用 于向简单网络管理协议服务器发送所述 EoC终端首次上线的告警信息; 认 证管理单元, 用于当简单网络管理协议服务器根据所述告警信息检测到所 述 EoC终端合法时, 接收所述简单网络管理协议服务器对所述认证请求表 设置为权限合法状态的反馈信息; 终端开通单元, 与所述认证管理单元连 接, 用于在所述认证管理单元接收所述简单网络管理协议服务器对所述认 证请求表设置为权限合法状态的反馈信息后, 对所述 EoC终端进行开通操 作。
优选的, 所述认证管理单元, 还用于当所述简单网络管理协议服务器 根据所述告警信息认证所述 EoC终端, 且认证结果为不合法时, 接收所述 简单网络管理协议服务器对所述认证请求表设置为权限不合法状态的反馈 信息。
优选的, 所述 EoC设备还包括终端注册信息管理单元, 用于定期向各 个 EoC终端问询它们各自维护的已发现设备列表和 /或已发现其他网络列表 的情况, 并在所述 EoC头端的已发现设备列表和 /或已发现其他网络列表中 存放所述 EoC终端的注册信息; 所述注册信息用于所述 EoC头端生成所述 认证请求表和所述告警信息时使用。
本发明还提供了一种在网络中对 EoC终端进行远程认证的系统, 所述 系统包括 EoC头端、 简单网络管理协议服务器和 EoC终端; 所述 EoC头端 包括: 检测单元, 用于检测到一个所述 EoC终端首次上线后, 生成一个认 证请求表; 告警单元, 用于向所述简单网络管理协议服务器发送所述 EoC 终端首次上线的告警信息; 认证管理单元, 用于当所述简单网络管理协议 服务器根据所述告警信息认证所述 EoC终端合法时, 接收所述简单网络管 理协议服务器对所述认证请求表设置为权限合法状态的反馈信息; 终端开 通单元, 与所述认证管理单元连接, 用于在所述认证管理单元接收所述简 单网络管理协议服务器对所述认证请求表设置为权限合法状态的反馈信息 后, 对所述 EoC终端进行开通操作; 简单网络管理协议服务器, 用于存放 所述 EoC终端的认证信息,并根据所述告警信息对所述 EoC终端进行认证。
所述的系统中, 所述 EoC头端还包括: 认证管理单元, 还用于当上述 简单网络管理协议服务器根据所述告警信息认证所述 EoC终端 , 且认证结 果为不合法时, 接收所述简单网络管理协议服务器对所述认证请求表设置 为权限不合法状态的反馈信息。
本发明的上述技术方案的有益效果如下: 由 EoC头端自动生成认证请 求表, 并自动向简单网络管理协议服务器( SNMP Server, Simple Network Management Protocol Server )发送告警信息, SNMP服务器在认证合法后自 行修改设置位于 EoC头端中的所述认证请求表, 整个认证过程不需要管理 员的干预操作, 实现了 EoC头端对于各个 EoC终端认证的全部自动化, 提 高了工作效率。 附图说明
图 1为本发明实施例网络中对 EoC终端进行远程认证的方法流程示意 图;
图 2为本发明实施例 EoC设备的组成结构示意图;
图 3为本发明实施例网络中对 EoC终端进行远程认证的系统的组成结 构示意图。 具体实施方式
为使本发明要解决的技术问题、 技术方案和优点更加清楚, 下面将结 合附图及具体实施例进行详细描述。
本发明实施例, 通过远程认证的技术, 在实际的网络规划中, 管理员 可以通过 SNMP协议实现对 EoC头端的远程控制和管理,以实现 EoC头端 对 EoC终端远程认证。
本发明实施例提供一种在网络中对 EoC终端进行远程认证的方法, 如 图 1所示, 所述方法包括:
步驟 101 , EoC头端检测到一个 EoC终端首次上线后, 生成一个认证 请求表;
步驟 102, 所述 EoC 头端向简单网络管理协议(SNMP )服务器发送 EoC终端首次上线的告警信息;
步驟 103, EoC头端在所述 SNMP服务器根据所述告警信息认证所述 EoC终端合法时, 接收所述 SNMP服务器对所述认证请求表设置为权限合 法状态的反馈信息;
步驟 104, EoC头端根据所述反馈信息对所述 EoC终端进行开通操作。 应用本发明的上述实施例所提供的技术手段, 由 EoC头端自动生成认 证请求表, 自动向 SNMP服务器发送告警信息, SNMP服务器在认证合法 后自行修改设置位于 EoC头端中的所述认证请求表, 整个认证过程不需要 管理员的干预操作,实现了 EoC头端对于各个 EoC终端认证的全部自动化, 提高了工作效率。
在一个优选实施例中,当 SNMP服务器根据所述告警信息认证所述 EoC 终端时, 有可能认证结果表明其不合法, 即, 当 SNMP服务器根据所述告 警信息检测所述 EoC 终端, 且认证结果为不合法时, EoC 头端接收所述 SNMP服务器对所述认证请求表设置为权限不合法状态的反馈信息。 其中, 认证结果为不合法时, EoC头端对所述 EoC终端进行关闭操作。
EoC头端通过信息管理库接口接收所述 SNMP服务器对所述认证请求 表的设置。
在一个优选实施例中, 所述告警信息中包括: 所述 EoC终端的 MAC 地址, 还可以包括关于 EoC终端的其他识别信息。 SNMP服务器在收到该 告警信息后, 根据所述告警信息中的 MAC地址等识别信息检查所述 EoC 终端是否合法。
在一个优选实施例中, 所述 EoC头端定期向各个 EoC终端问询它们各 自维护的已发现设备列表和 /或已发现其他网络列表的情况, 并在所述 EoC 头端的已发现设备列表和 /或已发现其他网络列表中存放所述 EoC终端的注 册信息; 所述注册信息供 EoC头端生成所述认证请求表和所述告警信息时 使用。 EoC头端还会根据汇总的信息维护整个网络的拓朴结构。
在一个应用场景中, EoC 头端通过管理信息库(MIB )接口的告警机 制上报 EoC终端注册请求信息, SNMP服务器通过 MIB标准接口下发 EoC 终端的授权信息。
该应用场景下, 在网络中对 EoC终端进行远程认证的过程包括:
EoC头端检测到一个 EoC终端首次上线。
EoC头端通过其网络设备列表获取所述 EoC终端的注册信息;具体地, 可以从已发现设备列表和 /或已发现其他网络列表中获取所述 EoC终端的注 册信息。
EoC头端在本地生成关于所述 EoC终端的认证请求表。
EoC头端向 SNMP服务器发送所述 EoC终端首次上线的告警信息。
SNMP服务器通过 MIB接口访问位于 EoC头端的认证请求表, 包括: 当 SNMP服务器根据所述告警信息认证所述 EoC终端合法时, SNMP服务 器将所述认证请求表设置为权限合法状态; 当 SNMP服务器根据所述告警 信息认证所述 EoC终端, 且认证结果为不合法时, SNMP服务器将所述认 证请求表设置为权限不合法状态。
认证结果为合法时, EoC头端对所述 EoC终端进行开通操作; 认证结 果为不合法时, EoC头端对所述 EoC终端进行关闭操作。
其中, MIB是一个数据库, 代表了某个设备或服务的一套可管理对象。 由 SNMP服务器管理的每台主机必须有一个 MIB, MIB描述了该主机上的 可管理对象。 所有的 MIB必须用精确的组织结构定义, SNMP服务器在与 其他代理连接时, 使用 MIB中的信息识别该代理上的信息是如何组织的。
本领域普通技术人员可以理解上述方法中的全部或部分步驟可通过程 序来指令相关硬件完成, 所述程序可以存贮与计算机可读存储介质中, 如 只读存储器、 磁盘或光盘等; 可选得, 上述实施例的全部或者部分步驟也 可以使用一个或者多个集成电路来实现。 本发明不限制与任何形式的硬件 和软件的结合。
本发明实施例提供一种在网络中对 EoC终端进行远程认证的 EoC设 备, 所述 EoC设备在网络中作为 EoC头端, 如图 2所示, 所述 EoC设备包 括:
检测单元 201 , 用于检测到一个 EoC终端首次上线后, 生成一个认证 请求表;
告警单元 202, 用于向 SNMP服务器发送所述 EoC终端首次上线的告 警信息;
认证管理单元 203, 用于当 SNMP服务器根据所述告警信息检测到所 述 EoC终端合法时, 接收所述 SNMP服务器对所述认证请求表设置为权限 合法状态的反馈信息;
终端开通单元 204, 与所述认证管理单元 203连接, 用于在所述认证管 理单元 203接收所述 SNMP服务器对所述认证请求表设置为权限合法状态 后, 对所述 EoC终端进行开通操作。
上述 EoC设备还可以包括: 认证管理单元 203 , 用于当 SNMP服务器 根据所述告警信息检测所述 EoC终端, 且认证结果为不合法时, 接收所述 SNMP服务器对所述认证请求表设置为权限不合法状态的反馈信息。
终端注册信息管理单元, 用于定期向各个 EoC终端问询它们各自维护 的已发现设备列表和 /或已发现其他网络列表的情况, 并在所述 EoC头端的 已发现设备列表和 /或已发现其他网络列表中存放所述 EoC 终端的注册信 息; 注册信息供 EoC头端生成认证请求表以及告警信息时使用。
应用所提供的技术手段, EoC头端自动生成认证请求表, 自动向 SNMP 服务器发送告警信息, SNMP服务器在认证合法后自行修改设置位于 EoC 头端中的所述认证请求表, 整个认证过程不需要管理员的干预操作, 实现 了 EoC头端对于各个 EoC终端认证的全部自动化, 提高了工作效率。
本发明实施例提供一种在网络中对 EoC终端进行远程认证的系统, 如 图 3所示, 所述系统包括 EoC头端、 SNMP服务器和 EoC终端; 其中, 所述 EoC头端包括: 检测单元, 用于检测到一个所述 EoC终端首次上 线后, 生成一个认证请求表; 告警单元, 用于向所述 SNMP服务器发送所 述 EoC终端首次上线的告警信息;
认证管理单元, 用于当所述 SNMP服务器根据所述告警信息认证所述 EoC终端合法时, 接收所述 SNMP服务器对所述认证请求表设置为权限合 法状态的反馈信息;
终端开通单元, 与所述认证管理单元连接, 用于在所述认证管理单元 接收所述 SNMP服务器对所述认证请求表设置为权限合法状态的反馈信息 后, 对所述 EoC终端进行开通操作;
SNMP服务器, 与 EoC头端连接, 用于存放 EoC终端的认证信息, 并 根据所述告警信息对所述 EoC终端进行认证。 上述 EoC头端还可以包括: 认证管理单元, 还用于当所述 SNMP服务 器根据所述告警信息检测 EoC 终端, 且认证结果为不合法时, 接收所述 SNMP服务器对所述认证请求表设置为权限不合法状态的反馈信息。
本发明实施例提供的技术方案的有益效果在于, 各个 EoC终端的认证 信息配置在 SNMP服务器上, 由 EoC头端借助 SNMP告警机制, 在检测 到 EoC终端首次上线后通过 SNMP告警机制向 SNMP服务器发送 EoC终 端首次上线的告警信息, SNMP服务器在认证合法后自行修改设置位于 EoC 头端中的所述认证请求表, 整个认证过程不需要管理员的干预操作, 实现 了 EoC头端对于各个 EoC终端认证的全部自动化, 提高了工作效率, 可以 将管理员从这个繁瑣的工作解脱出来。
以上所述是本发明的优选实施方式, 应当指出, 对于本技术领域的普 通技术人员来说, 在不脱离本发明所述原理的前提下, 还可以作出若干改 进和润饰, 这些改进和润饰也应视为本发明的保护范围。

Claims

权利要求书
1. 一种在网络中对同轴电缆传输 EoC终端进行远程认证的方法, 其特 征在于, 所述方法包括:
EoC头端检测到一个 EoC终端首次上线后, 生成一个认证请求表; EoC头端向简单网络管理协议服务器发送所述 EoC终端首次上线的告 警信息;
EoC 头端在所述简单网络管理协议服务器根据所述告警信息认证所述 EoC 终端合法时, 接收所述简单网络管理协议服务器对所述认证请求表设 置为权限合法状态的反馈信息;
EoC头端根据所述反馈信息对所述 EoC终端进行开通操作。
2. 根据权利要求 1所述的方法, 其特征在于, 所述方法还包括: 当所 述简单网络管理协议服务器根据所述告警信息认证所述 EoC终端 , 且认证 结果为不合法时, EoC 头端接收所述简单网络管理协议服务器对所述认证 请求表设置为权限不合法状态的反馈信息。
3. 根据权利要求 1或 2所述的方法, 其特征在于, 所述 EoC头端通过 信息管理库接口接收所述简单网络管理协议服务器对所述认证请求表的设 置。
4.根据权利要求 1所述的方法, 其特征在于, 所述告警信息中包括所 述 EoC终端的 MAC地址。
5.根据权利要求 1所述的方法, 其特征在于, 所述方法还包括: 所述 EoC头端定期向每一个所述 EoC终端问询该 EoC终端维护的已发现设备列 表和 /或已发现其他网络列表的情况, 并在所述 EoC头端的已发现设备列表 和 /或已发现其他网络列表中存放所述 EoC终端的注册信息; 所述注册信息 用于所述 EoC头端生成与该 EoC终端对应的所述认证请求表和所述告警信 息时使用。
6. 一种在网络中对 EoC终端进行远程认证的 EoC设备 , 其特征在于 , 所述 EoC设备在网络中作为 EoC头端, 所述 EoC设备包括:
检测单元, 用于检测到一个 EoC终端首次上线后, 生成一个认证请求 表;
告警单元, 用于向简单网络管理协议服务器发送所述 EoC终端首次上 线的告警信息;
认证管理单元, 用于当所述简单网络管理协议服务器根据所述告警信 息检测到所述 EoC终端合法时 , 接收所述简单网络管理协议服务器对所述 认证请求表设置为权限合法状态的反馈信息;
终端开通单元, 与所述认证管理单元连接, 用于在所述认证管理单元 接收所述简单网络管理协议服务器对所述认证请求表设置为权限合法状态 的反馈信息后, 对所述 EoC终端进行开通操作。
7. 根据权利要求 6所述的 EoC设备, 其特征在于,
所述认证管理单元, 还用于当所述简单网络管理协议服务器根据所述 告警信息认证所述 EoC终端, 且认证结果为不合法时, 接收所述简单网络 管理协议服务器对所述认证请求表设置为权限不合法状态的反馈信息。
8. 根据权利要求 6所述的 EoC设备,其特征在于, 所述 EoC设备还包 括: 终端注册信息管理单元, 用于定期向各个 EoC终端问询它们各自维护 的已发现设备列表和 /或已发现其他网络列表的情况, 并在所述 EoC头端的 已发现设备列表和 /或已发现其他网络列表中存放所述 EoC 终端的注册信 息; 所述注册信息用于所述 EoC头端生成所述认证请求表和所述告警信息 时使用。
9. 一种在网络中对 EoC终端进行远程认证的系统, 其特征在于, 所述 系统包括 EoC头端、 简单网络管理协议服务器和 EoC终端;
所述 EoC头端包括: 检测单元, 用于检测到一个所述 EoC终端首次上线后, 生成一个认证 请求表;
告警单元, 用于向所述简单网络管理协议服务器发送所述 EoC终端首 次上线的告警信息;
认证管理单元, 用于当上述简单网络管理协议服务器根据所述告警信 息认证所述 EoC终端合法时, 接收所述简单网络管理协议服务器对所述认 证请求表设置为权限合法状态的反馈信息;
终端开通单元, 与所述认证管理单元连接, 用于在所述认证管理单元 接收所述简单网络管理协议服务器对所述认证请求表设置为权限合法状态 的反馈信息后, 对所述 EoC终端进行开通操作;
简单网络管理协议服务器, 用于存放所述 EoC终端的认证信息, 并根 据所述告警信息对所述 EoC终端进行认证。
10. 根据权利要求 9所述的系统, 其特征在于, 所述 EoC头端还包括: 认证管理单元, 还用于当所述简单网络管理协议服务器根据所述告警 信息认证所述 EoC终端, 且认证结果为不合法时, 接收所述简单网络管理 协议服务器对所述认证请求表设置为权限不合法状态的反馈信息。
PCT/CN2012/072855 2011-08-01 2012-03-22 对EoC终端进行远程认证的方法、EoC设备和系统 WO2012155672A1 (zh)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201110218362.4 2011-08-01
CN2011102183624A CN102263642A (zh) 2011-08-01 2011-08-01 对EoC终端进行远程认证的方法、EoC设备和系统

Publications (1)

Publication Number Publication Date
WO2012155672A1 true WO2012155672A1 (zh) 2012-11-22

Family

ID=45010115

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2012/072855 WO2012155672A1 (zh) 2011-08-01 2012-03-22 对EoC终端进行远程认证的方法、EoC设备和系统

Country Status (2)

Country Link
CN (1) CN102263642A (zh)
WO (1) WO2012155672A1 (zh)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107733872A (zh) * 2017-09-18 2018-02-23 北京小米移动软件有限公司 信息打印方法及装置

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102263642A (zh) * 2011-08-01 2011-11-30 中兴通讯股份有限公司 对EoC终端进行远程认证的方法、EoC设备和系统
CN103475631A (zh) * 2012-06-08 2013-12-25 上海斐讯数据通信技术有限公司 Eoc终端的认证系统及认证方法
CN102724074B (zh) * 2012-06-20 2015-01-07 江苏亿通高科技股份有限公司 一种判断eoc局端设备异常重启的方法

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101123537A (zh) * 2007-09-25 2008-02-13 杭州华三通信技术有限公司 配置同轴电缆承载以太网终端的方法、系统及管理服务器
CN101827003A (zh) * 2010-04-19 2010-09-08 杭州华三通信技术有限公司 Cpe的管理方法和设备
CN102137074A (zh) * 2010-01-22 2011-07-27 杭州华三通信技术有限公司 终端认证方法和装置、以及同轴以太网终端
CN102263642A (zh) * 2011-08-01 2011-11-30 中兴通讯股份有限公司 对EoC终端进行远程认证的方法、EoC设备和系统

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101882960B (zh) * 2009-05-05 2014-07-23 上海傲蓝通信技术有限公司 一种点对多点的双向化光纤同轴混合全业务宽带接入系统
CN102075540B (zh) * 2011-01-26 2015-07-29 上海中兴思秸通讯有限公司 一种同轴以太网系统中的白名单配置方法及装置

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101123537A (zh) * 2007-09-25 2008-02-13 杭州华三通信技术有限公司 配置同轴电缆承载以太网终端的方法、系统及管理服务器
CN102137074A (zh) * 2010-01-22 2011-07-27 杭州华三通信技术有限公司 终端认证方法和装置、以及同轴以太网终端
CN101827003A (zh) * 2010-04-19 2010-09-08 杭州华三通信技术有限公司 Cpe的管理方法和设备
CN102263642A (zh) * 2011-08-01 2011-11-30 中兴通讯股份有限公司 对EoC终端进行远程认证的方法、EoC设备和系统

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107733872A (zh) * 2017-09-18 2018-02-23 北京小米移动软件有限公司 信息打印方法及装置

Also Published As

Publication number Publication date
CN102263642A (zh) 2011-11-30

Similar Documents

Publication Publication Date Title
US9917845B2 (en) Link discovery method and apparatus
US7707276B2 (en) Remote configuration and management via electronic mail
KR102293116B1 (ko) 제어기와 액세서리 사이의 통신을 위한 균일한 통신 프로토콜
US20110167269A1 (en) Network device authentication
JP3845086B2 (ja) 制御されたマルチキャストのシステム及び実行方法
JP6884818B2 (ja) Vxlan実装方法、ネットワークデバイス、および通信システム
CN105338023B (zh) 一种智能设备控制的方法、装置及系统
US20110274029A1 (en) Wireless Range Extender
WO2011144174A1 (zh) 配置接入设备的方法、装置及系统
US8863249B2 (en) Push button configuration of multimedia over coax alliance (MoCA) devices
CN113556274B (zh) 终端接入认证的方法、装置、系统、控制器及设备
CN102142995A (zh) 自动发现同轴宽带接入头终端的方法、管理方法及系统
WO2010115337A1 (zh) 配置访问权限的方法、控制点、设备及通信系统
CN105162787A (zh) 外网终端访问厂商设备或内网终端的方法和装置
WO2009089771A1 (fr) Procédé et système de gestion de réseau, terminal et serveur de configuration automatique
US12068882B2 (en) Method and apparatus for providing a high security mode in a network
WO2012155672A1 (zh) 对EoC终端进行远程认证的方法、EoC设备和系统
CN115412319B (zh) 一种基于策略随行的网络权限控制方法、设备及介质
US8495371B2 (en) Network device authentication
CN102904759A (zh) 广电网络增强型eoc终端管理系统及方法
WO2016062113A1 (zh) 检测无线网络接入安全的方法及终端
US8302155B2 (en) UPnP apparatus and method for providing remote access service
US20200145824A1 (en) Localized Multi-Factor Network Authentication
CN101388796B (zh) 信息发送处理方法、通信设备与通信系统
JP2010063000A (ja) 無線lanネットワーク装置

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 12785485

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 12785485

Country of ref document: EP

Kind code of ref document: A1