WO2013143265A1 - Internet access method and device - Google Patents

Internet access method and device Download PDF

Info

Publication number
WO2013143265A1
WO2013143265A1 PCT/CN2012/082047 CN2012082047W WO2013143265A1 WO 2013143265 A1 WO2013143265 A1 WO 2013143265A1 CN 2012082047 W CN2012082047 W CN 2012082047W WO 2013143265 A1 WO2013143265 A1 WO 2013143265A1
Authority
WO
WIPO (PCT)
Prior art keywords
access
access device
internet
authentication
network
Prior art date
Application number
PCT/CN2012/082047
Other languages
French (fr)
Chinese (zh)
Inventor
林霖
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Publication of WO2013143265A1 publication Critical patent/WO2013143265A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/2854Wide area networks, e.g. public data networks
    • H04L12/2856Access arrangements, e.g. Internet access
    • H04L12/2869Operational details of access network equipments
    • H04L12/2898Subscriber equipments
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities

Definitions

  • the present invention relates to the field of communications, and in particular, to an Internet access method and device.
  • mainstream personal Internet (Internet) network access methods are mainly divided into two categories: wired and wireless.
  • the main representatives of the wired access mode are ADSL (Asymmetric Digital Subscriber Line), residential LAN, and light access.
  • the advantages of wired access are high speed, high bandwidth, and relatively low cost.
  • the wireless access modes mainly include GPRS (General Packet Radio Service), 3G (3rd-generation, third-generation mobile communication technology), and WLAN (Wireless Local Area Networks).
  • the advantage of wireless access is that mobility is better, and the disadvantages are low speed, low bandwidth, and relatively high cost.
  • the wired access method cannot be moved and the mobility is poor. Even if a wireless router is deployed at the access point, for the network owner, the range of motion is limited to just a few tens of meters from where the access point is located. Moreover, the network owner usually encrypts the wireless network to prevent other people within the coverage of the wireless router from occupying their own network access resources for free, and the mobiles temporarily moving to the area cannot use it. In addition, for some fixed personnel who have network access requirements but have low network bandwidth and time requirements, if they have wired access services, the price is high and the procedures are cumbersome.
  • the wireless access mode has a low rate, a low bandwidth, and a relatively high cost. And the mobility of the wireless access mode can only be achieved at the provincial and national levels. At the same time, due to the different rates of mobile access operators around the world, different procedures and different regulations, wireless mobile access is almost unavailable or expensive.
  • the Internet access method and device provided by the embodiments of the present invention can realize high access quality and low charging rate network access of a mobile user's access device anywhere in the world.
  • an Internet network access method including:
  • the access device issues an Internet access capability leaseable identifier and an access capability parameter
  • the access device establishes a local area network connection with the access device, and allocates an untrusted network local area network IP address to the access device;
  • the access device performs online authentication authentication on the access device through the network server, and accesses the access device to the Internet after the online authentication is authenticated.
  • Another method of accessing the Internet including:
  • the access device accepts the Internet access authentication of the network server through the access device, and accesses the Internet through the access device after the online authentication is authenticated.
  • an access device including:
  • An information publishing unit configured to be used by an access device to issue an Internet access capability leaseable identifier and an access capability parameter
  • An information receiving unit configured to receive a request for accessing the Internet access capability sent by the access device
  • a first local area network connection unit configured to establish, by the access device, a local area network connection with the access device, and allocate an untrusted network local area network IP address to the access device;
  • a first authentication unit configured to: use, by the access server, the access device by using a network server The online authentication is authenticated, and the access device is connected to the Internet after the online authentication is authenticated.
  • Provide an access device including:
  • An information search unit configured to access an Internet access capability rentable identifier and an access capability parameter issued by the device search access device;
  • An information sending unit configured to send, to the access device, a request to rent the Internet access capability
  • a second local area network connecting unit configured to establish a local area network connection with the access device, and accept an untrusted network local area network IP address allocated by the access device;
  • the second authentication unit is configured to receive, by the access device, the Internet authentication of the network server by using the access device, and access the Internet by using the access device after the online authentication is authenticated.
  • the Internet access method and device provided by the embodiments of the present invention enable the access device of the mobile user to fully utilize the local access device to realize network access with high access quality and low charging rate through the third-party network server on a global scale.
  • FIG. 1 is a schematic structural diagram of an application system of an Internet access method and device according to an embodiment of the present invention
  • FIG. 2 is a schematic flowchart of an Internet access method according to an embodiment of the present invention.
  • FIG. 3 is a schematic flowchart of a method for accessing an Internet according to another embodiment of the present invention
  • FIG. 4 is a schematic structural diagram of an access device according to an embodiment of the present invention
  • FIG. 5 is a schematic structural diagram of a first authentication unit according to an embodiment of the present disclosure.
  • FIG. 6 is a schematic structural diagram of an access device according to another embodiment of the present disclosure.
  • FIG. 7 is a schematic structural diagram of an access device according to another embodiment of the present invention.
  • FIG. 8 is a schematic structural diagram of an access device according to an embodiment of the present disclosure.
  • FIG. 9 is a schematic structural diagram of a second authentication unit according to an embodiment of the present disclosure
  • FIG. 10 is a schematic structural diagram of an access device according to another embodiment of the present invention.
  • FIG. 1 is a schematic structural diagram of an application system of an Internet access method and device according to an embodiment of the present invention.
  • the Internet access method and device provided by the embodiments of the present invention are applicable not only to the system, but also provided herein.
  • the system is only exemplary.
  • the system includes: an access device 4 of user A and an access device 1 provided by user A, the access device 4 of user A can access the Internet through the access device 1, and the access device 2 of user B is a temporary leased access to the Internet access capability.
  • the access device 2 can perform online authentication authentication through the access device 1 and the network server 3, and can access the Internet through the access device 1 in the case of online authentication.
  • the following is a specific implementation method provided by the practice of the present invention.
  • the present invention is an Internet network access method provided by an embodiment, including the following steps:
  • the access device issues an Internet access capability leaseable identifier and an access capability parameter.
  • the access capability parameters include: at least one of remaining bandwidth, average network access delay, average jitter, and average packet loss rate.
  • the access device searches for an Internet access capability issued by the access device, and the lease identifier and the access capability parameter.
  • the access device sends a request for renting an Internet access capability to the selected access device according to the leaseable identifier and the access capability parameter.
  • the access device receives a request for accessing the Internet access capability sent by the access device.
  • the access device establishes a local area network connection with the access device, and allocates an untrusted network local area network IP address to the access device. 5106. The access device accepts an untrusted network local area network IP address allocated by the access device.
  • the access device performs online authentication authentication on the access device through the network server, and accesses the access device to the Internet after authenticating the Internet.
  • the Internet access method provided by the embodiment of the present invention can implement network access of a mobile user's access device with high access quality and low charging rate on a global scale.
  • the access device provides the Internet connection device provided by the local network user A or the Internet connection device that is provided by the network server system operator that provides the lease access capability in a fixed area; and if it is the access device provided by the local network user A, User A is required to sign a network server system operator that provides lease access capability, so that the access device provided by the user can provide a paid network connection to other access devices.
  • the user B accessing the device may choose to establish a local area network connection between the access device used by the access device and the access device by using a wired or wireless manner, where the access device may be
  • an access device provided by user A is used as an example for an access terminal device such as a laptop computer, a palmtop computer, or a mobile phone.
  • the access device issues an Internet access capability leaseable identifier and an access capability parameter.
  • the access device may advertise the Internet access capability leaseable identifier and the access capability parameter in the wireless network signal; or the access device may publish the Internet access in the wired network signal that establishes a wired connection therebetween.
  • the capability can lease the identifier and the access capability parameters. Only the access device and the access device need to be wired first.
  • the user accessing the device needs to first find a wired access device capable of providing Internet access capability lease.
  • the inbound device can be set by the operator specifically at the designated location, and the user accessing the device can find such an access device according to the indication identifier provided by the operator.
  • the access device is not limited, as long as it can provide Internet access for the access device, for example:
  • the access device can be a wired or wireless network access device such as a router or a cat.
  • the accessing device searches for an Internet access capability issued by the access device, and the lease identifier is And access capability parameters.
  • the access device sends a request for renting an Internet access capability to the selected access device according to the rentable identifier and the access capability parameter.
  • the foregoing access capability parameters include: at least one of remaining bandwidth, network access average delay, average jitter, and average packet loss rate; at this time, if the access device is wirelessly searchable within a range that can be searched At the same time, multiple access devices release the leaseable identifier and access parameters, and the access device can select the access device with the best network condition according to the access capability parameter.
  • the access device receives the lease request sent by the access device, and establishes a local area network connection with the access device.
  • the access device allocates an untrusted network local area network IP address to the access device.
  • the access device allocates an untrusted network local area network IP address to the access device; specifically, for the wireless network, the access device may first allocate an untrusted IP address to the access device, and also The untrusted network local area network IP address or the trusted network local area network IP address may be allocated to the access device according to the user name and password authentication result of the access device accessing the access device; wherein, the access device and the access trusted to access the untrusted network are trusted.
  • the access device of the network prohibits the exchange of information. In this way, the topology of the trusted network and the Internet access device are invisible to the untrusted network, and the information security of the access device provider is ensured.
  • the information security of the access device provider is also ensured, and the access device provider is provided.
  • the network that can be provided by the access device can be divided into a trusted network and an untrusted network according to the network port, so that the access device can allocate access to the access device of the untrusted network port that is preset before the access device is accessed. Trusting the network local area network IP address; or, assigning a trusted network local area network IP address to the access device that accesses the pre-set trusted network port; wherein, the device accessing the untrusted network and the device prohibiting information accessing the trusted network exchange.
  • the access device sends an internet access request to the access device.
  • the access device receives an Internet access request sent by the access device, and determines whether the access device has the right to access the Internet.
  • the access device When the access device does not have the right to access the Internet, the access device initiates an authentication request to the network server.
  • the authentication request carries the identity of the access device provider and the access capability that can be rented.
  • the access capability that can be leased here is the access capability of the access device according to the network bandwidth and/or the local user's online time; the exemplary: to ensure the access device provider
  • the access device can open a leaseable access capability only to the user B access device; for example, the user A user has a fixed partitioning capability for opening the access device according to its own access capability and its own Internet access requirements: For example, if user A is a monthly 4M bandwidth user, it can evaluate that he or she can use the 2M bandwidth to access the Internet. You can specify up to 2M bandwidth for temporary temporary lease on "User A's access device”. Security processing, "User A access device" According to the user's instructions, all devices in the untrusted area can only provide a total access capacity of 2M bandwidth.
  • the access device receives an authentication page sent by the network server according to the authentication request.
  • the access device forwards the authentication page to the access device.
  • the access device receives the authentication page forwarded by the access device, and generates the authentication information according to the prompt of the authentication page.
  • the authentication page contains available leaseable access capabilities and their corresponding rental fees as well as interface information requiring the user to enter a username and password.
  • user B needs to subscribe to the user with the network server operator, that is, the network server stores the account information of user B.
  • the access device sends the authentication information to the access device.
  • the access device forwards the authentication information to the network server.
  • the information contained in the authentication information corresponds to the information in the authentication page, where the authentication information includes at least the Internet access capability selected by the user for renting.
  • the network server authenticates the Internet access authentication of the access device according to the authentication information.
  • S215. Receive an indication of open Internet access sent by the network server, and according to the indication, access the access device to the Internet.
  • the access device accesses the access device to the Internet according to the access capability included in the open indication of the access device according to the indication in S215.
  • the access device accesses the Internet through the access device.
  • the network server also forwards a prompt page through the access device to inform the access device that Internet access can be started.
  • S201 S216 is for a fixed network server operation system.
  • the following steps may be used to select the network operation server before S206:
  • the access device sends a list of network servers it supports to the access device.
  • the device is configured to receive a list of supported network servers sent by the access device, and send the selected network server identifier to the access device.
  • the access device receives the selected network server identifier sent by the access device.
  • the user B may only sign a contract with the operator of the network server operation system supporting the lease access capability or the access of the user B.
  • the device only supports a network server operating system that supports lease access.
  • User B also includes the following billing process after accessing the Internet through its access device:
  • S301 Report the Internet access traffic or duration of the access device to the network server, so that the network server describes the access device for charging, and calculates the rebate for the access device.
  • the charging scheme for user B can use the "operator of the network server supporting the lease access capability" to periodically perform fee settlement, and collect the Internet access fee M1 from the user B. And according to user B, the network opened by user A is used, and a certain fee M2 is returned to user A, and M2 ⁇ M1. Under this scheme, User B only needs to pay M1 to temporarily rent to meet the required access capability, which is less than the cost of using the local access carrier, and is convenient and fast, and can be used regardless of where it is moved. Account authentication, billing.
  • User B also includes the following process of disconnecting Internet access after accessing the Internet through its access device:
  • the access device receives a message sent by the network server to terminate Internet access of the access device, and terminates Internet access of the access device according to the message.
  • the access device may actively send a terminating Internet access request to the network server, and then the network server sends a message to the access device to terminate the Internet access of the access device.
  • the network server automatically sends a message to the access device to terminate the Internet access of the access device; for the above two situations, the network server stops the access to the accessed device. Billing and rebate for access devices.
  • the method provided here is for a terminal access device that can display an authentication page to interact with a user, and for an access device that cannot display an authentication page, for example, a VOIP (voice over internet protocol) phone can be pre-defined.
  • a VOIP voice over internet protocol
  • the supported network server identifier, access capability, maximum rate, user name and password are automatically connected to the local access device and then the Internet access authentication process is performed according to the customized parameters, thereby implementing network access, and the implementation process is suitable.
  • the methods provided by the embodiments of the present invention are the same, and are not described herein again.
  • the access device of user B may be in the wireless signal. Look for the next access device (for example, the access device of user A'). Perform network access again according to the above procedure.
  • an access device 1 includes: a first local area information issuing unit 10, an information receiving unit 20, a first local area network connecting unit 30, and a first authentication unit 40, where:
  • the information issuance slip 10 is used for the access device to publish the Internet access capability leaseable identifier and the access capability parameter;
  • the information receiving unit 20 is configured to receive a request for accessing the Internet access capability sent by the access device;
  • the first local area network connecting unit 30 is configured to establish a local area network connection between the access device and the access device, and allocate an untrusted network local area network IP address to the access device;
  • the first authentication unit 40 is configured to perform access authentication authentication on the access device by using the network server, and access the device to the Internet after authenticating through the Internet.
  • the access device provided by the embodiment of the present invention enables the access device of the mobile user to fully utilize the local access device to achieve high access quality through the third-party network server on a global scale. Volume, low rate network access.
  • the information publishing unit 10 is further configured to: the access device publishes an Internet access capability leaseable identifier and an access capability parameter in the wireless network signal.
  • the first authentication unit 40 includes:
  • the access request receiving subunit 41 is configured to receive, by the access device, an Internet access request sent by the access device;
  • the permission determining sub-unit 42 is configured to determine whether the access device has the right to access the Internet, and initiate an authentication request to the network server when the access device does not have the right to access the Internet;
  • the page forwarding sub-unit 43 is configured to receive an authentication page sent by the network server according to the authentication request, and forward the authentication page to the access device;
  • the data forwarding sub-unit 44 is configured to receive the authentication information returned by the access device according to the authentication page, and forward the authentication information to the network server;
  • the network connection sub-unit 45 is configured to receive an indication of the open Internet access sent by the network server, and access the access device to the Internet according to the indication.
  • the access device 1 shown in FIG. 6 further includes:
  • the network allocating unit 50 is configured to send, by the access device, a list of network servers supported by the access device to the access device, and receive the selected network server identifier sent by the access device.
  • the access device 1 shown in FIG. 7 further includes:
  • the flow rate reporting unit 60 is configured to report the Internet access traffic or duration of the access device to the network server, so that the network server charges the access device and calculates the rebate for the access device.
  • the permission stopping unit 70 is configured to receive, by the access device, a message of the Internet access sent by the network server to terminate the access device, and terminate the Internet access of the access device according to the message.
  • the access device 2 provided by the embodiment of the present invention includes:
  • An information search unit 100 configured to access an Internet access capability leaseable identifier and an access capability parameter issued by the device search access device;
  • the information sending unit 200 is configured to send a request for renting an Internet access capability to the access device;
  • a second local area network connecting unit 300 configured to establish a local area network connection with the access device, and connect The untrusted network LAN IP address assigned by the access device;
  • the second authentication unit 400 is configured to: the access device accepts the online authentication of the network server by using the access device, and accesses the Internet through the access device after the online authentication is authenticated.
  • the access device provided by the embodiment of the present invention enables the mobile user to fully utilize the local access device to realize network access with high access quality and low charging rate through the third-party network server on a global scale.
  • the second authentication unit 400 includes:
  • An access request sending subunit 401 configured to: access the device to send an internet access request to the access device;
  • the page receiving subunit 402 is configured to receive an authentication page forwarded by the access device when the access device does not have the right to access the Internet;
  • the data sending sub-unit 403 is configured to generate authentication information according to the prompt of the authentication page, and send the authentication information to the access device, so that the access device forwards the authentication information to the network server, and accepts the Internet access of the network server.
  • the network access subunit 404 is configured to access the Internet through the access device.
  • the access device 2 further includes:
  • the network selection unit 500 is configured to receive a list of supported network servers sent by the access device, and send the selected network server identifier to the access device.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

Provided are an Internet access method and device, which relate to the field of communications and can achieve network access with a high access quality and a low charge rate of access devices of mobile users within the global range. The method comprises: an access device distributing an Internet access capability rentable identifier and an access capability parameter; a visit device searching for the Internet access capability rentable identifier and the access capability parameter which are distributed by the access device, and sending to a selected access device a request for renting Internet access capability; the access device receiving the request for renting Internet access capability sent by the visit device, establishing a local area network connection with the visit device, and allocating a local area network IP address of a non-trusted network to the visit device; and the access device performing online authentication and authorization on the visit device through a network server, and accessing the visit device in the Internet after the online authentication and authorization. The embodiments of the present invention are applied to network access.

Description

一种因特网接入方法及设备 技术领域  Internet access method and device
本发明涉及通讯领域, 尤其涉及一种因特网接入方法及设备。  The present invention relates to the field of communications, and in particular, to an Internet access method and device.
背景技术  Background technique
目前主流的个人 Internet (因特网)网络接入方式主要分为两类: 有 线类和无线类。其中,有线类接入方式的主要代表有 ADSL ( Asymmetric Digital Subscriber Line , 非对称数字用户环路) 、 小区局域网、 光线接 入为主。 有线类接入的优点是速率高, 带宽高, 费用相对较低。 无线类 的接入方式主要有 GPRS ( General Packet Radio Service , 通用分组无线 服务)、 3G( 3rd-generation,第三代移动通信技术)、 WLAN (Wireless Local Area Networks , 无线局域网络)等。 无线接入的优点是移动性较好, 缺点 是速率低, 带宽低, 费用相对较高。  At present, mainstream personal Internet (Internet) network access methods are mainly divided into two categories: wired and wireless. Among them, the main representatives of the wired access mode are ADSL (Asymmetric Digital Subscriber Line), residential LAN, and light access. The advantages of wired access are high speed, high bandwidth, and relatively low cost. The wireless access modes mainly include GPRS (General Packet Radio Service), 3G (3rd-generation, third-generation mobile communication technology), and WLAN (Wireless Local Area Networks). The advantage of wireless access is that mobility is better, and the disadvantages are low speed, low bandwidth, and relatively high cost.
但随着 Internet 网络的普及和人员移动的加剧, 为移动人员提供高 质、 低价的网络接入方式的迫切性越来越紧迫。  However, with the popularity of Internet networks and the intensification of personnel mobility, the urgency to provide mobile users with high-quality, low-cost network access methods is becoming more and more urgent.
有线类接入方式无法移动, 移动性差。 即使在接入点部署了无线路 由器, 对于网络所有者来说, 移动范围也只局限于接入点所在的几十米 附近。 而且网络所有者通常会对无线网络加密, 用于防止无线路由器覆 盖范围内的其他人员无偿占用自己网络接入资源, 临时移动到该区域的 移动者也无法使用。 此外, 对于一些有网络接入需求但对网络带宽、 时 间要求低的固定人员, 如果办理有线接入服务, 价格高、 且手续繁瑣。  The wired access method cannot be moved and the mobility is poor. Even if a wireless router is deployed at the access point, for the network owner, the range of motion is limited to just a few tens of meters from where the access point is located. Moreover, the network owner usually encrypts the wireless network to prevent other people within the coverage of the wireless router from occupying their own network access resources for free, and the mobiles temporarily moving to the area cannot use it. In addition, for some fixed personnel who have network access requirements but have low network bandwidth and time requirements, if they have wired access services, the price is high and the procedures are cumbersome.
无线类的接入方式速率低, 带宽低, 费用相对较高。 且无线接入方 式的移动性较好的也只能做到省级、 国家级。 同时由于在全球范围内, 各地的移动接入运营商费率不同, 手续不同, 规定不同, 无线移动接入 几乎不可用或费用高的难以承受。  The wireless access mode has a low rate, a low bandwidth, and a relatively high cost. And the mobility of the wireless access mode can only be achieved at the provincial and national levels. At the same time, due to the different rates of mobile access operators around the world, different procedures and different regulations, wireless mobile access is almost unavailable or expensive.
总体而言, 综合当前的各种接入方式, 没有一个能在全球范围内都 能给移动者提供使用方便, 高接入质量、 收费低的网络接入方式; 给低 接入要求的人员提供更便宜、 更简单的接入方式。 发明内容 In general, none of the current various access methods can provide mobile users with convenient access, high access quality and low-cost network access methods, and low-access requirements. Cheaper, simpler access methods. Summary of the invention
本发明的实施例提供的因特网接入方法及设备, 能够实现移动用户的访 问设备在全球范围内的任一地方的高接入质量、 低收费率的网络接入。  The Internet access method and device provided by the embodiments of the present invention can realize high access quality and low charging rate network access of a mobile user's access device anywhere in the world.
为达到上述目的, 本发明的实施例釆用如下技术方案:  In order to achieve the above object, embodiments of the present invention use the following technical solutions:
一方面, 提供一种因特网网络接入方法, 包括:  In one aspect, an Internet network access method is provided, including:
接入设备发布因特网接入能力可租用标识以及接入能力参数;  The access device issues an Internet access capability leaseable identifier and an access capability parameter;
接收访问设备发送的租用所述因特网接入能力的请求;  Receiving a request sent by the access device to lease the Internet access capability;
所述接入设备与所述访问设备建立局域网连接, 并为所述访问设备分配 不可信任网络局域网 IP地址;  The access device establishes a local area network connection with the access device, and allocates an untrusted network local area network IP address to the access device;
所述接入设备通过网络服务器对所述访问设备进行上网鉴权认证, 并在 通过所述上网鉴权认证后将所述访问设备接入因特网。  The access device performs online authentication authentication on the access device through the network server, and accesses the access device to the Internet after the online authentication is authenticated.
提供另一种因特网网络接入方法, 包括:  Another method of accessing the Internet is provided, including:
访问设备搜索接入设备发布的因特网接入能力可租用标识以及接入能力 参数;  Accessing the Internet access capability published by the device search access device, the lease identifier and the access capability parameter;
根据所述可租用标识以及接入能力参数向选择的所述接入设备发送租用 所述因特网接入能力的请求;  Sending a request for renting the Internet access capability to the selected access device according to the rentable identifier and an access capability parameter;
与所述接入设备建立局域网连接, 并接受所述接入设备分配的不可信任 网络局域网 IP地址;  Establishing a local area network connection with the access device, and accepting an untrusted network local area network IP address allocated by the access device;
所述访问设备通过所述接入设备接受网络服务器的上网鉴权认证, 并在 通过所述上网鉴权认证后通过所述接入设备接入因特网。  The access device accepts the Internet access authentication of the network server through the access device, and accesses the Internet through the access device after the online authentication is authenticated.
另一方面, 提供一种接入设备, 包括:  In another aspect, an access device is provided, including:
信息发布单元, 用于接入设备发布因特网接入能力可租用标识以及接入 能力参数;  An information publishing unit, configured to be used by an access device to issue an Internet access capability leaseable identifier and an access capability parameter;
信息接收单元, 用于接收访问设备发送的租用所述因特网接入能力的请 求;  An information receiving unit, configured to receive a request for accessing the Internet access capability sent by the access device;
第一局域网连接单元, 用于所述接入设备与所述访问设备建立局域网连 接, 并为所述访问设备分配不可信任网络局域网 IP地址;  a first local area network connection unit, configured to establish, by the access device, a local area network connection with the access device, and allocate an untrusted network local area network IP address to the access device;
第一认证单元, 用于所述接入设备通过网络服务器对所述访问设备进行 上网鉴权认证, 并在通过所述上网鉴权认证后将所述访问设备接入因特网。 提供一种访问设备, 包括: a first authentication unit, configured to: use, by the access server, the access device by using a network server The online authentication is authenticated, and the access device is connected to the Internet after the online authentication is authenticated. Provide an access device, including:
信息搜索单元, 用于访问设备搜索接入设备发布的因特网接入能力可租 用标识以及接入能力参数;  An information search unit, configured to access an Internet access capability rentable identifier and an access capability parameter issued by the device search access device;
信息发送单元, 用于向所述接入设备发送租用所述因特网接入能力的请 求;  An information sending unit, configured to send, to the access device, a request to rent the Internet access capability;
第二局域网连接单元, 用于与所述接入设备建立局域网连接, 并接受所 述接入设备分配的不可信任网络局域网 IP地址;  a second local area network connecting unit, configured to establish a local area network connection with the access device, and accept an untrusted network local area network IP address allocated by the access device;
第二认证单元, 用于所述访问设备通过所述接入设备接受网络服务器的 上网鉴权认证,并在通过所述上网鉴权认证后通过所述接入设备接入因特网。  The second authentication unit is configured to receive, by the access device, the Internet authentication of the network server by using the access device, and access the Internet by using the access device after the online authentication is authenticated.
本发明实施例提供的因特网接入方法及设备, 能够使得移动用户的访问 设备在全球范围内充分利用当地接入设备通过第三方网络服务器实现高接入 质量、 低收费率的网络接入。  The Internet access method and device provided by the embodiments of the present invention enable the access device of the mobile user to fully utilize the local access device to realize network access with high access quality and low charging rate through the third-party network server on a global scale.
附图说明 DRAWINGS
为了更清楚地说明本发明实施例或现有技术中的技术方案, 下面将对实 施例或现有技术描述中所需要使用的附图作简单地介绍, 显而易见地, 下面 描述中的附图仅仅是本发明的一些实施例, 对于本领域普通技术人员来讲, 在不付出创造性劳动的前提下, 还可以根据这些附图获得其他的附图。  In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the embodiments or the description of the prior art will be briefly described below. Obviously, the drawings in the following description are only It is a certain embodiment of the present invention, and other drawings can be obtained from those skilled in the art without any creative work.
图 1为本发明实施例提供的一种因特网接入方法和设备的应用系统结构 示意图;  1 is a schematic structural diagram of an application system of an Internet access method and device according to an embodiment of the present invention;
图 2为本发明实施例提供的一种因特网接入方法流程示意图;  2 is a schematic flowchart of an Internet access method according to an embodiment of the present invention;
图 3为本发明另一实施例提供的一种因特网接入方法流程示意图; 图 4为本发明实施例提供的一种接入设备结构示意图;  FIG. 3 is a schematic flowchart of a method for accessing an Internet according to another embodiment of the present invention; FIG. 4 is a schematic structural diagram of an access device according to an embodiment of the present invention;
图 5为本发明实施例提供的一种第一认证单元结构示意图;  FIG. 5 is a schematic structural diagram of a first authentication unit according to an embodiment of the present disclosure;
图 6为本发明另一实施例提供的一种接入设备结构示意图;  FIG. 6 is a schematic structural diagram of an access device according to another embodiment of the present disclosure;
图 7为本发明又一实施例提供的一种接入设备结构示意图;  FIG. 7 is a schematic structural diagram of an access device according to another embodiment of the present invention;
图 8为本发明实施例提供的一种访问设备结构示意图;  FIG. 8 is a schematic structural diagram of an access device according to an embodiment of the present disclosure;
图 9为本发明实施例提供的一种第二认证单元结构示意图; 图 10为本发明另一实施例提供的一种访问设备结构示意图。 FIG. 9 is a schematic structural diagram of a second authentication unit according to an embodiment of the present disclosure; FIG. 10 is a schematic structural diagram of an access device according to another embodiment of the present invention.
具体实施方式 detailed description
下面将结合本发明实施例中的附图, 对本发明实施例中的技术方案 进行清楚、 完整地描述, 显然, 所描述的实施例仅仅是本发明一部分实 施例, 而不是全部的实施例。 基于本发明中的实施例, 本领域普通技术 人员在没有做出创造性劳动前提下所获得的所有其他实施例, 都属于本 发明保护的范围。  The technical solutions in the embodiments of the present invention are clearly and completely described in the following with reference to the accompanying drawings in the embodiments of the present invention. It is obvious that the described embodiments are only a part of the embodiments of the present invention, but not all embodiments. All other embodiments obtained by a person of ordinary skill in the art based on the embodiments of the present invention without creative efforts are within the scope of the present invention.
如图 1所示, 为本发明实施例提供的一种因特网接入方法和设备的 应用系统结构示意图, 当然本发明实施例提供的因特网接入方法和设备 不仅可以应用于该系统, 这里提供的系统只是示例性的。  FIG. 1 is a schematic structural diagram of an application system of an Internet access method and device according to an embodiment of the present invention. The Internet access method and device provided by the embodiments of the present invention are applicable not only to the system, but also provided herein. The system is only exemplary.
该系统包括: 用户 A的访问设备 4以及用户 A提供的接入设备 1 , 用户 A的访问设备 4可以通过接入设备 1访问因特网,用户 B的访问设 备 2为临时租用因特网接入能力的访问设备, 访问设备 2可以通过接入 设备 1与网络服务器 3进行上网鉴权认证, 并在通过上网鉴权认证的情 况下可以通过接入设备 1接入因特网。 以下为本发明实施提供的具体实 施方法。  The system includes: an access device 4 of user A and an access device 1 provided by user A, the access device 4 of user A can access the Internet through the access device 1, and the access device 2 of user B is a temporary leased access to the Internet access capability. The access device 2 can perform online authentication authentication through the access device 1 and the network server 3, and can access the Internet through the access device 1 in the case of online authentication. The following is a specific implementation method provided by the practice of the present invention.
如图 2所示, 本发明是实施例提供的因特网网络接入方法, 包括如 下步骤:  As shown in FIG. 2, the present invention is an Internet network access method provided by an embodiment, including the following steps:
5101、 接入设备发布因特网接入能力可租用标识以及接入能力参 数。  5101. The access device issues an Internet access capability leaseable identifier and an access capability parameter.
这里接入能力参数包括: 剩余带宽、 网络接入平均时延、 平均抖动 以及平均丟包率中的至少一个。  Here, the access capability parameters include: at least one of remaining bandwidth, average network access delay, average jitter, and average packet loss rate.
5102、 访问设备搜索接入设备发布的因特网接入能力可租用标识以 及接入能力参数。  5102. The access device searches for an Internet access capability issued by the access device, and the lease identifier and the access capability parameter.
5103、 访问设备根据可租用标识以及接入能力参数向选择的接入设 备发送租用因特网接入能力的请求。  5103. The access device sends a request for renting an Internet access capability to the selected access device according to the leaseable identifier and the access capability parameter.
5104、 接入设备接收访问设备发送的租用因特网接入能力的请求。 5104. The access device receives a request for accessing the Internet access capability sent by the access device.
5105、 接入设备与访问设备建立局域网连接, 并为访问设备分配不 可信任网络局域网 IP地址。 5106、 访问设备接受接入设备分配的不可信任网络局域网 IP地址。5105. The access device establishes a local area network connection with the access device, and allocates an untrusted network local area network IP address to the access device. 5106. The access device accepts an untrusted network local area network IP address allocated by the access device.
5107、 接入设备通过网络服务器对访问设备进行上网鉴权认证, 并 在通过上网鉴权认证后将访问设备接入因特网。 5107. The access device performs online authentication authentication on the access device through the network server, and accesses the access device to the Internet after authenticating the Internet.
本发明实施例所提供的因特网网络接入方法, 能够实现移动用户的 访问设备在全球范围内的高接入质量、 低收费率的网络接入。  The Internet access method provided by the embodiment of the present invention can implement network access of a mobile user's access device with high access quality and low charging rate on a global scale.
结合图 3 (附图 3 中只给示了各步骤的关键词汇, 各步骤的具体内 容以说明书中为准) , 本发明另一实施例提供了一种因特网接入方法的 具体实施方式如下:  The specific embodiment of the Internet access method is as follows:
首先,接入设备为本地网络用户 A提供的上网连接设备或者提供租 用接入能力的网络服务器系统运营商在固定区域专门设置的上网连接 设备; 并且如果是本地网络用户 A提供的接入设备, 则需用户 A与提供 租用接入能力的网络服务器系统运营商签约, 以使得其提供的接入设备 可以为其他访问设备提供有偿网络连接。 当上网连接设备为同时支持有 线和无线接入方式的设备时, 访问设备的用户 B可以选择通过有线或无 线的方式使得其使用的访问设备与接入设备建立局域网的连接, 这里访 问设备可以是手提电脑、 掌上电脑或手机等上网终端设备, 以下以用户 A提供的接入设备为例进行说明。  First, the access device provides the Internet connection device provided by the local network user A or the Internet connection device that is provided by the network server system operator that provides the lease access capability in a fixed area; and if it is the access device provided by the local network user A, User A is required to sign a network server system operator that provides lease access capability, so that the access device provided by the user can provide a paid network connection to other access devices. When the Internet access device is a device that supports both wired and wireless access modes, the user B accessing the device may choose to establish a local area network connection between the access device used by the access device and the access device by using a wired or wireless manner, where the access device may be For example, an access device provided by user A is used as an example for an access terminal device such as a laptop computer, a palmtop computer, or a mobile phone.
5201、 接入设备发布因特网接入能力可租用标识以及接入能力参 数。  5201. The access device issues an Internet access capability leaseable identifier and an access capability parameter.
当然, 这里可以是接入设备在无线网络信号中发布因特网接入能力 可租用标识以及接入能力参数; 也可以是接入设备在和其之间建立有线 连接的有线网络信号中发布因特网接入能力可租用标识以及接入能力 参数, 只是需要访问设备和接入设备需首先进行有线连接, 当然这里访 问设备的使用者需首先找到能够提供因特网接入能力租用的有线接入 设备, 这种接入设备可以是运营商专门在指定场所设置的, 访问设备的 使用者可以根据运营商提供的指示标识找到这样的接入设备。 此外, 这 里对接入设备不做限定, 只要是可以为访问设备提供因特网接入的设备 均可, 例如: 这个接入设备可以为路由器、 猫等有线或无线网络接入设 备。  Of course, the access device may advertise the Internet access capability leaseable identifier and the access capability parameter in the wireless network signal; or the access device may publish the Internet access in the wired network signal that establishes a wired connection therebetween. The capability can lease the identifier and the access capability parameters. Only the access device and the access device need to be wired first. Of course, the user accessing the device needs to first find a wired access device capable of providing Internet access capability lease. The inbound device can be set by the operator specifically at the designated location, and the user accessing the device can find such an access device according to the indication identifier provided by the operator. In addition, the access device is not limited, as long as it can provide Internet access for the access device, for example: The access device can be a wired or wireless network access device such as a router or a cat.
5202、 访问设备搜索接入设备发布的因特网接入能力可租用标识以 及接入能力参数。 5202. The accessing device searches for an Internet access capability issued by the access device, and the lease identifier is And access capability parameters.
S203、 访问设备根据可租用标识以及接入能力参数向选择的接入设 备发送租用因特网接入能力的请求。  S203. The access device sends a request for renting an Internet access capability to the selected access device according to the rentable identifier and the access capability parameter.
需要说明, 上述接入能力参数包括: 剩余带宽、 网络接入平均时延、 平均抖动以及平均丟包率中的至少一个; 这时, 如果在访问设备为通过 无线方式在可以搜索到的范围内同时有多个接入设备向外发布可租用 标识以及接入参数, 则访问设备可以根据接入能力参数选择使用网络状 况最优的接入设备。  It should be noted that the foregoing access capability parameters include: at least one of remaining bandwidth, network access average delay, average jitter, and average packet loss rate; at this time, if the access device is wirelessly searchable within a range that can be searched At the same time, multiple access devices release the leaseable identifier and access parameters, and the access device can select the access device with the best network condition according to the access capability parameter.
S204、 接入设备接收访问设备发送的租用请求, 并与访问设备建立 局域网连接。  S204. The access device receives the lease request sent by the access device, and establishes a local area network connection with the access device.
S205、 接入设备为访问设备分配不可信任网络局域网 IP地址。  S205. The access device allocates an untrusted network local area network IP address to the access device.
这里, 为了确保接入设备提供者的上网安全, 接入设备为访问设备 分配不可信任网络局域网 IP地址; 具体的, 对于无线网络, 接入设备可 首先为访问设备分配不可信任 IP地址,同时还可以根据访问设备接入接 入设备以后的用户名和密码认证结果, 为访问设备分配不可信任网络局 域网 IP地址或可信任网络局域网 IP地址; 其中, 接入不可信任网络的 访问设备和接入可信任网络的访问设备禁止信息交换。 这样可信任网络 的拓朴、 上网设备对不可信任网络不可见, 接入设备提供者的信息安全 得到保证; 对于有线网络同样的为了保证接入设备提供者的信息安全, 接入设备的提供者可以预先将接入设备可提供的网络按网口划分可信 任网络和不可信任网络, 这样接入设备在有访问设备接入时便可为接入 预先设置的不可信任网口的访问设备分配不可信任网络局域网 IP地址; 或, 为接入预先设置的可信任网口的访问设备分配可信任网络局域网 IP 地址; 其中, 接入不可信任网络的设备和接入所述可信任网络的设备禁 止信息交换。  Here, in order to ensure the access security of the access device provider, the access device allocates an untrusted network local area network IP address to the access device; specifically, for the wireless network, the access device may first allocate an untrusted IP address to the access device, and also The untrusted network local area network IP address or the trusted network local area network IP address may be allocated to the access device according to the user name and password authentication result of the access device accessing the access device; wherein, the access device and the access trusted to access the untrusted network are trusted. The access device of the network prohibits the exchange of information. In this way, the topology of the trusted network and the Internet access device are invisible to the untrusted network, and the information security of the access device provider is ensured. For the wired network, the information security of the access device provider is also ensured, and the access device provider is provided. The network that can be provided by the access device can be divided into a trusted network and an untrusted network according to the network port, so that the access device can allocate access to the access device of the untrusted network port that is preset before the access device is accessed. Trusting the network local area network IP address; or, assigning a trusted network local area network IP address to the access device that accesses the pre-set trusted network port; wherein, the device accessing the untrusted network and the device prohibiting information accessing the trusted network exchange.
5206、 访问设备向接入设备发送因特网访问请求。  5206. The access device sends an internet access request to the access device.
5207、 接入设备接收访问设备发送的因特网访问请求; 判断访问设 备是否具备上网权限。  5207. The access device receives an Internet access request sent by the access device, and determines whether the access device has the right to access the Internet.
5208、 在访问设备不具备上网权限时, 接入设备向网络服务器发起 鉴权请求。 当然这里, 鉴权请求携带接入设备提供者的标识及可租用的接入能 力。这里可租用的接入能力为接入设备根据网络带宽和 /或本地用户上网 时间为访问设备划分的上网能力; 示例性的: 为了保证接入设备提供者5208. When the access device does not have the right to access the Internet, the access device initiates an authentication request to the network server. Of course, the authentication request carries the identity of the access device provider and the access capability that can be rented. The access capability that can be leased here is the access capability of the access device according to the network bandwidth and/or the local user's online time; the exemplary: to ensure the access device provider
A的上网质量, 接入设备可以只对用户 B访问设备开放一个可租用的接 入能力; 例如用户 A用户根据自身接入能力和自身的上网需求, 固定划 分部分能力用于对访问设备开放: 如用户 A为包月 4M带宽用户, 其评 估自己日常使用 2M带宽上网即可, 则可在 "用户 A的接入设备" 上指 定最多有 2M带宽可用于对外临时租用; 此外亦可针对局域网连接时的 安全处理, "用户 A接入设备" 根据用户指示, 对不可信任区域所有设 备最多只提供 2M带宽的总接入能力, 当不可信任区域所有设备使用带 宽不足 2M时, "用户 A接入设备" 支持剩余的能力可供信任区域设备 使用; 用户 A可以通过 "接入设备" 根据自身习惯指定对外临时租用策 略: 例如用户 A在工作时间 9:00-18:00、 休息时间 24:00-7:00不上网, 此时所有 4M带宽都可以对外临时租用,其余时间段则只允许最多有 2M 带宽对外临时租用。 For the access quality of A, the access device can open a leaseable access capability only to the user B access device; for example, the user A user has a fixed partitioning capability for opening the access device according to its own access capability and its own Internet access requirements: For example, if user A is a monthly 4M bandwidth user, it can evaluate that he or she can use the 2M bandwidth to access the Internet. You can specify up to 2M bandwidth for temporary temporary lease on "User A's access device". Security processing, "User A access device" According to the user's instructions, all devices in the untrusted area can only provide a total access capacity of 2M bandwidth. When all devices in the untrusted area use less than 2M bandwidth, "User A accesses the device." "Support the remaining capabilities for the trusted zone device; User A can specify the external temporary lease policy according to its own habits through the "access device": For example, user A is working 9:00-18:00, rest time 24:00- 7:00 does not access the Internet. At this time, all 4M bandwidths can be temporarily rented out. For the rest of the time, only up to 2 are allowed. M bandwidth is temporarily rented externally.
S209、 接入设备接收网络服务器根据鉴权请求发送的鉴权页面。 S209. The access device receives an authentication page sent by the network server according to the authentication request.
5210、 接入设备转发鉴权页面至访问设备。 5210. The access device forwards the authentication page to the access device.
5211、 访问设备接收接入设备转发的鉴权页面; 根据鉴权页面的提 示生成鉴权信息。  The access device receives the authentication page forwarded by the access device, and generates the authentication information according to the prompt of the authentication page.
这里需要说明, 鉴权页面包含可供选择的可租用的接入能力及其对 应的租用费用以及要求用户输入用户名和密码的界面信息。 当然用户 B 需为与网络服务器运营商签约用户, 即网络服务器存有用户 B的账户信 息。  It should be noted here that the authentication page contains available leaseable access capabilities and their corresponding rental fees as well as interface information requiring the user to enter a username and password. Of course, user B needs to subscribe to the user with the network server operator, that is, the network server stores the account information of user B.
5212、 访问设备将鉴权信息发送至接入设备。  5212. The access device sends the authentication information to the access device.
5213、 接入设备将鉴权信息转发至网络服务器。  5213. The access device forwards the authentication information to the network server.
当然, 此处鉴权信息中包含的信息与鉴权页面的中的信息是相对 应, 其中, 鉴权信息中至少包含用户选择租用的因特网接入能力。  Of course, the information contained in the authentication information corresponds to the information in the authentication page, where the authentication information includes at least the Internet access capability selected by the user for renting.
S214、 网络服务器根据鉴权信息通过对访问设备的上网鉴权认证。 S214. The network server authenticates the Internet access authentication of the access device according to the authentication information.
S215、 接收网络服务器发送的开放上网权限的指示, 根据该指示, 将访问设备接入因特网。 当然接入设备是根据 S215 中的指示, 为访问设备开放指示中包含 的接入能力, 将访问设备接入因特网。 S215. Receive an indication of open Internet access sent by the network server, and according to the indication, access the access device to the Internet. Of course, the access device accesses the access device to the Internet according to the access capability included in the open indication of the access device according to the indication in S215.
S216、 访问设备通过接入设备接入因特网。  S216. The access device accesses the Internet through the access device.
同时, 网络服务器还通过接入设备转发一个提示页面告知访问设备 可以开始因特网访问。  At the same time, the network server also forwards a prompt page through the access device to inform the access device that Internet access can be started.
至此完成对用户 B 的访问设备的上网鉴权和因特网接入。 以上 S201 S216为针对固定的网络服务器运营系统, 当然可选的, 在本地网 络支持多个租用接入能力的网络服务器运营系统时, 在 S206 之前还可 以通过以下步骤进行网络运营服务器的选择:  This completes the online authentication and Internet access to the access device of User B. The above S201 S216 is for a fixed network server operation system. Of course, when the local network supports multiple network access operation systems with lease access capabilities, the following steps may be used to select the network operation server before S206:
S206a、 接入设备将其支持的网络服务器的列表发送至访问设备。 S206a. The access device sends a list of network servers it supports to the access device.
S206b、 用于接收接入设备发送的其支持的网络服务器的列表, 并 发送选定的网络服务器标识至接入设备。 S206b. The device is configured to receive a list of supported network servers sent by the access device, and send the selected network server identifier to the access device.
S206c、 接入设备接收访问设备发送的选定的网络服务器标识。 这样便可以应对在本地网络存在多个支持租用接入能力的网络服 务器运营系统的情况下, 可能用户 B只和某个支持租用接入能力的网络 服务器运营系统的运营商签约或用户 B的访问设备只支持某个支持租用 接入能力的网络服务器运营系统的情况。  S206c. The access device receives the selected network server identifier sent by the access device. In this way, in the case that there are multiple network server operation systems supporting the lease access capability in the local network, the user B may only sign a contract with the operator of the network server operation system supporting the lease access capability or the access of the user B. The device only supports a network server operating system that supports lease access.
此外, 用户 B通过其访问设备接入因特网后还包括以下计费流程: In addition, User B also includes the following billing process after accessing the Internet through its access device:
S301、 向网络服务器上报访问设备的上网流量或时长, 以便网络服 务器述访问设备进行计费, 并计算对接入设备的返利。 S301. Report the Internet access traffic or duration of the access device to the network server, so that the network server describes the access device for charging, and calculates the rebate for the access device.
这里针对用户 B的计费方案可以釆用 "支持租用接入能力的网络服 务器的运营商" 定期进行费用结算, 从用户 B处收取上网费用 Ml。 并 根据用户 B使用了用户 A开放的网络, 向用户 A返回一定的费用 M2 , 且 M2 < M1。 在这种方案下, 用户 B只需要付费 Ml即可临时租用到满 足需要的接入能力, 该费用少于使用当地接入运营商的费用, 而且方便 快捷, 无论移动到哪里, 都可以使用相同的账号认证、 计费。  Here, the charging scheme for user B can use the "operator of the network server supporting the lease access capability" to periodically perform fee settlement, and collect the Internet access fee M1 from the user B. And according to user B, the network opened by user A is used, and a certain fee M2 is returned to user A, and M2 < M1. Under this scheme, User B only needs to pay M1 to temporarily rent to meet the required access capability, which is less than the cost of using the local access carrier, and is convenient and fast, and can be used regardless of where it is moved. Account authentication, billing.
另外, 用户 B通过其访问设备接入因特网后还包括以下断开因特网 接入的流程:  In addition, User B also includes the following process of disconnecting Internet access after accessing the Internet through its access device:
S401、 接入设备接收网络服务器发送的终止访问设备的因特网接入 的消息, 并根据消息终止访问设备的因特网接入。 关于步骤 S401 可以为接入设备主动发送终止因特网接入请求至网 络服务器, 然后有网络服务器向接入设备发送终止访问设备的因特网接 入的消息。 当然在例如用户 B的账户租约到期的情况时也可以是由网络 服务器自动向接入设备发送终止访问设备的因特网接入的消息; 针对以 上两种情况网络服务器均会停止对访问设备进行上网计费和对接入设 备返利。 S401. The access device receives a message sent by the network server to terminate Internet access of the access device, and terminates Internet access of the access device according to the message. Regarding step S401, the access device may actively send a terminating Internet access request to the network server, and then the network server sends a message to the access device to terminate the Internet access of the access device. Of course, when the account lease of the user B expires, for example, the network server automatically sends a message to the access device to terminate the Internet access of the access device; for the above two situations, the network server stops the access to the accessed device. Billing and rebate for access devices.
此外, 这里提供的方法是针对可以展示鉴权页面与用户进行互动的 终端访问设备, 针对无法展示鉴权页面的访问设备, 例如 VOIP ( voice over internet protocol, 模拟声音讯号数字化) 话机可以预先制定其支持 的网络服务器标识、 接入能力、 最大费率、 用户名和密码在和本地提供 的接入设备建立局域网连接后, 自动根据定制的参数进行上网鉴权过 程, 从而实现网络访问, 其实现流程适合本发明实施例提供的方法相同 的这里不再赘述。  In addition, the method provided here is for a terminal access device that can display an authentication page to interact with a user, and for an access device that cannot display an authentication page, for example, a VOIP (voice over internet protocol) phone can be pre-defined. The supported network server identifier, access capability, maximum rate, user name and password are automatically connected to the local access device and then the Internet access authentication process is performed according to the customized parameters, thereby implementing network access, and the implementation process is suitable. The methods provided by the embodiments of the present invention are the same, and are not described herein again.
针对通过无线局域网建立的网络连接, 用户 B在进行网络访问过程 中, 若用户 A提供的接入设备突然不可用时(例如用户 A关闭其接入设 备) , 则用户 B的访问设备可以在无线信号中寻找下一个接入设备(例 如用户 A'的接入设备) 再次按照上述流程进行网络访问。  For the network connection established through the WLAN, during the network access process, if the access device provided by user A is suddenly unavailable (for example, user A turns off its access device), the access device of user B may be in the wireless signal. Look for the next access device (for example, the access device of user A'). Perform network access again according to the above procedure.
如图 4所示, 为本发明实施例提供的接入设备 1 , 包括: 第一局域 信息发布单元 10、 信息接收单元 20、 第一局域网连接单元 30和第一认 证单元 40 , 其中:  As shown in FIG. 4, an access device 1 according to an embodiment of the present invention includes: a first local area information issuing unit 10, an information receiving unit 20, a first local area network connecting unit 30, and a first authentication unit 40, where:
信息发布单 10 ,用于接入设备发布因特网接入能力可租用标识以及 接入能力参数;  The information issuance slip 10 is used for the access device to publish the Internet access capability leaseable identifier and the access capability parameter;
信息接收单元 20 ,用于接收访问设备发送的租用因特网接入能力的 请求;  The information receiving unit 20 is configured to receive a request for accessing the Internet access capability sent by the access device;
第一局域网连接单元 30 , 用于接入设备与访问设备建立局域网连 接, 并为访问设备分配不可信任网络局域网 IP地址;  The first local area network connecting unit 30 is configured to establish a local area network connection between the access device and the access device, and allocate an untrusted network local area network IP address to the access device;
第一认证单元 40 ,用于接入设备通过网络服务器对访问设备进行上 网鉴权认证, 并在通过上网鉴权认证后将访问设备接入因特网。  The first authentication unit 40 is configured to perform access authentication authentication on the access device by using the network server, and access the device to the Internet after authenticating through the Internet.
本发明实施例提供的接入设备, 能够使得移动用户的访问设备在全 球范围内充分利用当地接入设备通过第三方网络服务器实现高接入质 量、 低收费率的网络接入。 The access device provided by the embodiment of the present invention enables the access device of the mobile user to fully utilize the local access device to achieve high access quality through the third-party network server on a global scale. Volume, low rate network access.
可选的, 信息发布单元 10 还用于接入设备在无线网络信号中发布 因特网接入能力可租用标识以及接入能力参数。  Optionally, the information publishing unit 10 is further configured to: the access device publishes an Internet access capability leaseable identifier and an access capability parameter in the wireless network signal.
进一步可选的, 如图 5所示, 第一认证单元 40包括:  Further, as shown in FIG. 5, the first authentication unit 40 includes:
访问请求接收子单元 41 ,用于接入设备接收访问设备发送的因特网 访问请求;  The access request receiving subunit 41 is configured to receive, by the access device, an Internet access request sent by the access device;
权限判定子单元 42 , 用于判断访问设备是否具备上网权限, 在访问 设备不具备上网权限时, 向网络服务器发起鉴权请求;  The permission determining sub-unit 42 is configured to determine whether the access device has the right to access the Internet, and initiate an authentication request to the network server when the access device does not have the right to access the Internet;
页面转发子单元 43 ,用于接收网络服务器根据鉴权请求发送的鉴权 页面, 并转发鉴权页面至访问设备;  The page forwarding sub-unit 43 is configured to receive an authentication page sent by the network server according to the authentication request, and forward the authentication page to the access device;
数据转发子单元 44 ,用于接收访问设备根据鉴权页面返回的鉴权信 息, 并转发鉴权信息至网络服务器;  The data forwarding sub-unit 44 is configured to receive the authentication information returned by the access device according to the authentication page, and forward the authentication information to the network server;
网络连接子单元 45 ,用于接收网络服务器发送的开放上网权限的指 示, 根据该指示, 将访问设备接入因特网。  The network connection sub-unit 45 is configured to receive an indication of the open Internet access sent by the network server, and access the access device to the Internet according to the indication.
可选的, 如图 6所示接入设备 1还包括:  Optionally, the access device 1 shown in FIG. 6 further includes:
网络分配单元 50 ,用于接入设备将其支持的网络服务器的列表发送 至访问设备, 并接收访问设备发送的选定的网络服务器标识。  The network allocating unit 50 is configured to send, by the access device, a list of network servers supported by the access device to the access device, and receive the selected network server identifier sent by the access device.
可选的, 如图 7所示接入设备 1还包括:  Optionally, the access device 1 shown in FIG. 7 further includes:
流量计时上报单元 60 ,用于向网络服务器上报访问设备的上网流量 或时长, 以便网络服务器对访问设备进行计费, 并计算对接入设备的返 利。  The flow rate reporting unit 60 is configured to report the Internet access traffic or duration of the access device to the network server, so that the network server charges the access device and calculates the rebate for the access device.
权限停止单元 70 ,用于接入设备接收网络服务器发送的终止访问设 备的因特网接入的消息, 并根据该消息终止访问设备的因特网接入。  The permission stopping unit 70 is configured to receive, by the access device, a message of the Internet access sent by the network server to terminate the access device, and terminate the Internet access of the access device according to the message.
如图 8所示, 为本发明实施例提供的访问设备 2 , 包括:  As shown in FIG. 8, the access device 2 provided by the embodiment of the present invention includes:
信息搜索单元 100 , 用于访问设备搜索接入设备发布的因特网接入 能力可租用标识以及接入能力参数;  An information search unit 100, configured to access an Internet access capability leaseable identifier and an access capability parameter issued by the device search access device;
信息发送单元 200 , 用于向接入设备发送租用因特网接入能力的请 求;  The information sending unit 200 is configured to send a request for renting an Internet access capability to the access device;
第二局域网连接单元 300 , 用于与接入设备建立局域网连接, 并接 受接入设备分配的不可信任网络局域网 IP地址; a second local area network connecting unit 300, configured to establish a local area network connection with the access device, and connect The untrusted network LAN IP address assigned by the access device;
第二认证单元 400 , 用于访问设备通过接入设备接受网络服务器的 上网鉴权认证, 并在通过上网鉴权认证后通过接入设备接入因特网。  The second authentication unit 400 is configured to: the access device accepts the online authentication of the network server by using the access device, and accesses the Internet through the access device after the online authentication is authenticated.
本发明实施例提供的访问设备, 能够使得移动用户在全球范围内充 分利用当地接入设备通过第三方网络服务器实现高接入质量、 低收费率 的网络接入。  The access device provided by the embodiment of the present invention enables the mobile user to fully utilize the local access device to realize network access with high access quality and low charging rate through the third-party network server on a global scale.
进一步的, 如图 9所示, 所述第二认证单元 400包括:  Further, as shown in FIG. 9, the second authentication unit 400 includes:
访问请求发送子单元 401 , 用于访问设备向接入设备发送因特网访 问请求;  An access request sending subunit 401, configured to: access the device to send an internet access request to the access device;
页面接收子单元 402 , 用于在访问设备不具备上网权限时, 接收接 入设备转发的鉴权页面;  The page receiving subunit 402 is configured to receive an authentication page forwarded by the access device when the access device does not have the right to access the Internet;
数据发送子单元 403 , 用于根据鉴权页面的提示生成鉴权信息, 并 将鉴权信息发送至接入设备, 以使接入设备将鉴权信息转发至网络服务 器, 接受网络服务器的上网鉴权认证;  The data sending sub-unit 403 is configured to generate authentication information according to the prompt of the authentication page, and send the authentication information to the access device, so that the access device forwards the authentication information to the network server, and accepts the Internet access of the network server. Right certification
网络接入子单元 404 , 用于通过接入设备接入因特网。  The network access subunit 404 is configured to access the Internet through the access device.
可选的, 如图 10所示, 访问设备 2还包括:  Optionally, as shown in FIG. 10, the access device 2 further includes:
网络选择单元 500 , 用于接收接入设备发送的其支持的网络服务器 的列表, 并发送选定的网络服务器标识至接入设备。  The network selection unit 500 is configured to receive a list of supported network servers sent by the access device, and send the selected network server identifier to the access device.
本领域普通技术人员可以理解: 实现上述方法实施例的全部或部分 步骤可以通过程序指令相关的硬件来完成, 前述的程序可以存储于一计 算机可读取存储介质中, 该程序在执行时, 执行包括上述方法实施例的 步骤; 而前述的存储介质包括: ROM、 RAM, 磁碟或者光盘等各种可以 存储程序代码的介质。  A person skilled in the art can understand that all or part of the steps of implementing the above method embodiments may be completed by using hardware related to program instructions, and the foregoing program may be stored in a computer readable storage medium, and the program is executed when executed. The foregoing steps include the steps of the foregoing method embodiments; and the foregoing storage medium includes: a medium that can store program codes, such as a ROM, a RAM, a magnetic disk, or an optical disk.
以上所述,仅为本发明的具体实施方式, 但本发明的保护范围并不局限于 此, 任何熟悉本技术领域的技术人员在本发明揭露的技术范围内, 可轻易 想到变化或替换, 都应涵盖在本发明的保护范围之内。 因此, 本发明的保 护范围应以所述权利要求的保护范围为准。 The above is only a specific embodiment of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can easily think of changes or substitutions within the technical scope of the present invention. It should be covered by the scope of the present invention. Accordingly, the scope of the invention should be determined by the scope of the appended claims.

Claims

权 利 要 求 书 Claim
1、 一种因特网接入方法, 其特征在于, 包括: An Internet access method, comprising:
接入设备发布因特网接入能力可租用标识以及接入能力参数; 接收访问设备发送的租用所述因特网接入能力的请求;  The access device issues an Internet access capability leaseable identifier and an access capability parameter; receiving a request sent by the access device to lease the Internet access capability;
所述接入设备与所述访问设备建立局域网连接, 并为所述访问设备 分配不可信任网络局域网 IP地址;  The access device establishes a local area network connection with the access device, and allocates an untrusted network local area network IP address to the access device;
所述接入设备通过网络服务器对所述访问设备进行上网鉴权认证, 并在通过所述上网鉴权认证后将所述访问设备接入因特网。  The access device performs online authentication authentication on the access device through the network server, and accesses the access device to the Internet after passing the online authentication.
2、 根据权利要求 1所述的方法, 其特征在于, 所述接入设备在无线 网络信号中发布所述因特网接入能力可租用标识以及所述接入能力参 数。  2. The method according to claim 1, wherein the access device issues the Internet access capability rentable identifier and the access capability parameter in a wireless network signal.
3、 根据权利要求 1或 2所述的方法, 其特征在于, 所述接入设备通 过网络服务器对所述访问设备进行上网鉴权认证, 并在通过所述上网鉴 权认证后将所述访问设备接入因特网, 包括:  The method according to claim 1 or 2, wherein the access device performs online authentication authentication on the access device through a network server, and the access is obtained after the online authentication is authenticated. The device is connected to the Internet, including:
所述接入设备接收所述访问设备发送的因特网访问请求;  Receiving, by the access device, an Internet access request sent by the access device;
判断所述访问设备是否具备上网权限, 在所述访问设备不具备所述 上网权限时, 向所述网络服务器发起鉴权请求;  Determining whether the access device has the right to access the Internet, and when the access device does not have the access permission, initiate an authentication request to the network server;
接收所述网络服务器根据所述鉴权请求发送的鉴权页面, 并转发所 述鉴权页面至所述访问设备;  Receiving an authentication page sent by the network server according to the authentication request, and forwarding the authentication page to the access device;
接收所述访问设备根据所述鉴权页面返回的鉴权信息, 并转发所述 鉴权信息至所述网络服务器;  Receiving, by the access device, the authentication information returned according to the authentication page, and forwarding the authentication information to the network server;
当所述网络服务器根据所述鉴权信息通过对所述访问设备的上网鉴 权认证后, 接收所述网络服务器发送的开放上网权限的指示, 根据所述 指示, 将所述访问设备接入因特网。  After the network server authenticates the access authentication of the access device according to the authentication information, receiving an indication of the open Internet access right sent by the network server, and accessing the access device to the Internet according to the indication .
4、 根据权利要求 3所述的方法, 其特征在于, 所述鉴权请求携带所 述接入设备提供者的标识及可租用的接入能力。  The method according to claim 3, wherein the authentication request carries an identifier of the access device provider and an access capability that can be rented.
5、 根据权利要求 4所述的方法, 其特征在于, 所述开放上网权限的 指示中包括对所述访问设备开放的接入能力;  The method according to claim 4, wherein the indication of the open access right includes an access capability open to the access device;
其中, 根据所述指示, 将所述访问设备接入因特网, 具体为: 为所 述访问设备开放所述指示中包含的接入能力, 将所述访问设备接入因特 网。 The access device is connected to the Internet according to the indication, specifically: opening, for the access device, an access capability included in the indication, and accessing the access device to the Internet.
6、 根据权利要求 4或 5所述的方法, 其特征在于, 所述可租用的接 入能力为所述接入设备根据网络带宽和 /或本地用户上网时间为所述访问 设备划分的上网能力。 The method according to claim 4 or 5, wherein the leaseable access capability is an access capability of the access device according to a network bandwidth and/or a local user access time. .
7、 根据权利要求 1~6任一项所述的方法, 其特征在于, 所述接入能 力参数包括:  The method according to any one of claims 1 to 6, wherein the access capability parameter comprises:
剩余带宽、 网络接入平均时延、 平均抖动以及平均丟包率中的至少 一个。  At least one of remaining bandwidth, average network access delay, average jitter, and average packet loss rate.
8、 根据权利要求 1~7任一项所述的方法, 其特征在于, 所述接入设 备通过网络服务器对所述访问设备进行上网鉴权认证前, 还包括:  The method according to any one of claims 1 to 7, wherein before the access device performs online authentication and authentication on the access device by using the network server, the method further includes:
所述接入设备将其支持的网络服务器的列表发送至所述访问设备, 并接收所述访问设备发送的选定的所述网络服务器标识。  The access device sends a list of network servers it supports to the access device, and receives the selected network server identifier sent by the access device.
9、 根据权利要求 1~8任一项所述的方法, 其特征在于, 还包括: 向所述网络服务器上报所述访问设备的上网流量或时长, 以便所述 网络服务器对所述访问设备进行计费, 并计算对所述接入设备的返利。  The method according to any one of claims 1 to 8, further comprising: reporting, to the network server, the Internet traffic or duration of the access device, so that the network server performs the access device Billing, and calculating the rebate for the access device.
10、 根据权利要求 9所述的方法, 其特征在于, 还包括:  10. The method according to claim 9, further comprising:
所述接入设备接收所述网络服务器发送的终止所述访问设备的因特 网接入的消息, 并根据所述消息终止所述访问设备的因特网接入。  The access device receives a message sent by the network server to terminate the Internet access of the access device, and terminates Internet access of the access device according to the message.
11、 一种因特网接入方法, 其特征在于, 包括:  11. An Internet access method, comprising:
访问设备搜索接入设备发布的因特网接入能力可租用标识以及接入 能力参数;  The access device searches for the Internet access capability advertised by the access device and the access capability parameter;
根据所述可租用标识以及接入能力参数向选择的所述接入设备发送 租用所述因特网接入能力的请求;  Sending a request for renting the Internet access capability to the selected access device according to the rentable identifier and an access capability parameter;
与所述接入设备建立局域网连接, 并接受所述接入设备分配的不可 信任网络局域网 IP地址;  Establishing a local area network connection with the access device, and accepting an untrusted network local area network IP address allocated by the access device;
所述访问设备通过所述接入设备接受网络服务器的上网鉴权认证, 并在通过所述上网鉴权认证后通过所述接入设备接入因特网。  The access device receives the Internet access authentication of the network server through the access device, and accesses the Internet through the access device after the online authentication is authenticated.
12、 根据权利要求 11所述的方法, 其特征在于, 所述访问设备通过 所述接入设备接受网络服务器的上网鉴权认证, 并在通过所述上网鉴权 认证后通过所述接入设备接入因特网, 包括:  The method according to claim 11, wherein the access device accepts the network authentication authentication of the network server by using the access device, and passes the access device after passing the online authentication authentication. Access to the Internet, including:
所述访问设备向所述接入设备发送因特网访问请求;  The access device sends an internet access request to the access device;
在所述访问设备不具备上网权限时, 接收所述接入设备转发的鉴权 页面; Receiving the authentication forwarded by the access device when the access device does not have the right to access the Internet Page
根据所述鉴权页面的提示生成鉴权信息, 并将所述鉴权信息发送至 所述接入设备, 以使所述接入设备将所述鉴权信息转发至所述网络服务 器, 接受所述网络服务器的上网鉴权认证;  Generating authentication information according to the prompt of the authentication page, and sending the authentication information to the access device, so that the access device forwards the authentication information to the network server, accepting The online authentication of the network server;
通过所述接入设备接入因特网。  Accessing the Internet through the access device.
13、 根据权利要求 12所述的方法, 其特征在于, 所述鉴权页面包含 可供选择的可租用的接入能力及其对应的租用费用以及要求用户输入用 户名和密码的界面信息。  13. The method according to claim 12, wherein the authentication page includes an optional rentable access capability and a corresponding lease fee and interface information requiring the user to input a username and password.
14、 根据权利要求 13所述的方法, 其特征在于, 所述鉴权信息中包 含用户选择租用的因特网接入能力。  The method according to claim 13, wherein the authentication information includes an Internet access capability selected by the user to rent.
15、 根据权利要求 11~14任一项所述的方法, 其特征在于, 所述访 问设备通过所述接入设备接受网络服务器的上网鉴权认证前, 还包括: 接收所述接入设备发送的其支持的网络服务器的列表, 并发送选定 的所述网络服务器标识至所述接入设备。  The method according to any one of claims 11 to 14, wherein before the access device accepts the online authentication of the network server by the access device, the method further includes: receiving, sending, by the access device, a list of supported network servers, and transmitting the selected network server identifier to the access device.
16、 一种接入设备, 其特征在于, 包括:  16. An access device, comprising:
信息发布单元, 用于接入设备发布因特网接入能力可租用标识以及 接入能力参数;  An information issuing unit, configured to be used by an access device to issue an Internet access capability leaseable identifier and an access capability parameter;
信息接收单元, 用于接收访问设备发送的租用所述因特网接入能力 的请求;  An information receiving unit, configured to receive a request sent by the access device to lease the Internet access capability;
第一局域网连接单元, 用于所述接入设备与所述访问设备建立局域 网连接, 并为所述访问设备分配不可信任网络局域网 IP地址;  a first local area network connection unit, configured to establish a local area network connection with the access device, and allocate an untrusted network local area network IP address to the access device;
第一认证单元, 用于所述接入设备通过网络服务器对所述访问设备 进行上网鉴权认证, 并在通过所述上网鉴权认证后将所述访问设备接入 因特网。  The first authentication unit is configured to perform the online authentication on the access device by using the network server, and access the access device to the Internet after the online authentication is authenticated.
17、 根据权利要求 16所述的设备, 其特征在于, 所述信息发布单元 还用于所述接入设备在无线网络信号中发布所述因特网接入能力可租用 标识以及所述接入能力参数。  The device according to claim 16, wherein the information issuing unit is further configured to: the access device publish the Internet access capability rentable identifier and the access capability parameter in a wireless network signal .
18、 根据权利要求 16或 17所述的设备, 其特征在于, 所述第一认 证单元包括:  The device according to claim 16 or 17, wherein the first authentication unit comprises:
访问请求接收子单元, 用于所述接入设备接收所述访问设备发送的 因特网访问请求; 权限判定子单元, 用于判断所述访问设备是否具备上网权限, 在所 述访问设备不具备所述上网权限时, 向所述网络服务器发起鉴权请求; 页面转发子单元, 用于接收所述网络服务器根据所述鉴权请求发送 的鉴权页面, 并转发所述鉴权页面至所述访问设备; An access request receiving subunit, configured to receive, by the access device, an Internet access request sent by the access device; a permission determining subunit, configured to determine whether the access device has the right to access the Internet, and when the access device does not have the access permission, initiate an authentication request to the network server; and the page forwarding subunit is configured to receive the And the network server sends an authentication page according to the authentication request, and forwards the authentication page to the access device;
数据转发子单元, 用于接收所述访问设备根据所述鉴权页面返回的 鉴权信息, 并转发所述鉴权信息至所述网络服务器;  a data forwarding subunit, configured to receive authentication information returned by the access device according to the authentication page, and forward the authentication information to the network server;
网络连接子单元, 用于接收所述网络服务器发送的开放上网权限的 指示, 根据所述指示, 将所述访问设备接入因特网。  And a network connection subunit, configured to receive an indication of the open Internet access sent by the network server, and access the access device to the Internet according to the indication.
19、 根据权利要求 16~18任一项所述的设备, 其特征在于, 还包括: 网络分配单元, 用于所述接入设备将其支持的网络服务器的列表发 送至所述访问设备, 并接收所述访问设备发送的选定的所述网络服务器 标识。  The device according to any one of claims 16 to 18, further comprising: a network allocation unit, configured to send, by the access device, a list of network servers supported by the access device to the access device, and Receiving the selected network server identifier sent by the access device.
20、 根据权利要求 16~19任一项所述的设备, 其特征在于, 还包括: 流量计时上报单元, 用于向所述网络服务器上报所述访问设备的上 网流量或时长, 以便所述网络服务器对所述访问设备进行计费, 并计算 对所述接入设备的返利。  The device according to any one of claims 16 to 19, further comprising: a flow rate reporting unit, configured to report the internet traffic or duration of the access device to the network server, so that the network The server charges the access device and calculates a rebate for the access device.
21、 根据权利要求 16~20任一项所述的设备, 其特征在于, 还包括: 权限停止单元, 用于所述接入设备接收所述网络服务器发送的终止 所述访问设备的因特网接入的消息, 并根据所述消息终止所述访问设备 的因特网接入。  The device according to any one of claims 16 to 20, further comprising: a permission stopping unit, configured to receive, by the access device, an Internet access sent by the network server to terminate the access device And terminate the Internet access of the access device based on the message.
22、 一种访问设备, 其特征在于, 包括:  22. An access device, comprising:
信息搜索单元, 用于访问设备搜索接入设备发布的因特网接入能力 可租用标识以及接入能力参数;  An information search unit, configured to access an Internet access capability published by the device search access device, a leaseable identifier, and an access capability parameter;
信息发送单元, 用于根据所述可租用标识以及接入能力参数向选择 的所述接入设备发送租用所述因特网接入能力的请求;  And an information sending unit, configured to send, according to the rentable identifier and the access capability parameter, a request for renting the Internet access capability to the selected access device;
第二局域网连接单元, 用于与所述接入设备建立局域网连接, 并接 受所述接入设备分配的不可信任网络局域网 IP地址;  a second local area network connecting unit, configured to establish a local area network connection with the access device, and accept an untrusted network local area network IP address allocated by the access device;
第二认证单元, 用于所述访问设备通过所述接入设备接受网络服务 器的上网鉴权认证, 并在通过所述上网鉴权认证后通过所述接入设备接 入因特网。  And a second authentication unit, configured to receive the online authentication of the network server by the access device, and access the Internet through the access device after the online authentication is authenticated.
23、 根据权利要求 22所述的设备, 其特征在于, 所述第二认证单元 包括: The device according to claim 22, wherein the second authentication unit Includes:
访问请求发送子单元, 用于所述访问设备向所述接入设备发送因特 网访问请求;  An access request sending subunit, configured to send, by the access device, an Internet access request to the access device;
页面接收子单元, 用于在所述访问设备不具备上网权限时, 接收所 述接入设备转发的鉴权页面;  a page receiving subunit, configured to receive an authentication page forwarded by the access device when the access device does not have the right to access the Internet;
数据发送子单元, 用于根据所述鉴权页面的提示生成鉴权信息, 并 将所述鉴权信息发送至所述接入设备, 以使所述接入设备将所述鉴权信 息转发至所述网络服务器, 接受所述网络服务器的上网鉴权认证;  a data sending subunit, configured to generate authentication information according to the prompt of the authentication page, and send the authentication information to the access device, so that the access device forwards the authentication information to The network server accepts online authentication of the network server;
网络接入子单元, 用于通过所述接入设备接入因特网。  a network access subunit, configured to access the Internet through the access device.
24、 根据权利要求 22或 23所述的访问设备, 其特征在于, 还包括: 网络选择单元,用于接收所述接入设备发送的其支持的网络服务器的 列表, 并发送选定的所述网络服务器标识至所述接入设备。  The access device according to claim 22 or 23, further comprising: a network selecting unit, configured to receive a list of network servers supported by the access device, and send the selected The network server identifies to the access device.
PCT/CN2012/082047 2012-03-26 2012-09-26 Internet access method and device WO2013143265A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201210082944.9A CN102611708B (en) 2012-03-26 2012-03-26 A kind of Internet access method and equipment
CN201210082944.9 2012-03-26

Publications (1)

Publication Number Publication Date
WO2013143265A1 true WO2013143265A1 (en) 2013-10-03

Family

ID=46528861

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2012/082047 WO2013143265A1 (en) 2012-03-26 2012-09-26 Internet access method and device

Country Status (2)

Country Link
CN (1) CN102611708B (en)
WO (1) WO2013143265A1 (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102611708B (en) * 2012-03-26 2016-03-30 华为技术有限公司 A kind of Internet access method and equipment
CN103763102B (en) * 2013-12-31 2018-09-28 上海斐讯数据通信技术有限公司 A kind of wifi safety management systems and management method based on message push
CN104378382A (en) * 2014-11-28 2015-02-25 上海斐讯数据通信技术有限公司 Multiple client wireless authentication system and authentication method thereof
CN104363155B (en) * 2014-12-04 2018-06-22 上海理工大学 Method for connecting network and its equipment

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101335647A (en) * 2008-07-24 2008-12-31 中兴通讯股份有限公司 Family network access method and family network management system
CN101521878A (en) * 2008-02-26 2009-09-02 张泽华 Method for realizing the public wireless broadband network access and wireless network access equipment
CN102611708A (en) * 2012-03-26 2012-07-25 华为技术有限公司 Internet access method and equipment

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101415223A (en) * 2008-12-09 2009-04-22 深圳华为通信技术有限公司 Wireless access control equipment and control method and system
CN101742506A (en) * 2009-11-11 2010-06-16 中兴通讯股份有限公司 Method and device for network access
CN101730268B (en) * 2009-11-27 2012-09-05 中国电信股份有限公司 Femto gateway and method and system for mobile terminal to access network resources
CN102238548A (en) * 2011-08-09 2011-11-09 陈佳阳 Wireless router with internal and external network separation architecture and method for sharing wireless network based on same

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101521878A (en) * 2008-02-26 2009-09-02 张泽华 Method for realizing the public wireless broadband network access and wireless network access equipment
CN101335647A (en) * 2008-07-24 2008-12-31 中兴通讯股份有限公司 Family network access method and family network management system
CN102611708A (en) * 2012-03-26 2012-07-25 华为技术有限公司 Internet access method and equipment

Also Published As

Publication number Publication date
CN102611708B (en) 2016-03-30
CN102611708A (en) 2012-07-25

Similar Documents

Publication Publication Date Title
RU2517684C2 (en) Access point, server and system for distributing unlimited number of virtual ieee 802,11 wireless networks through heterogeneous infrastructure
EP1926248B1 (en) Charging method, system, charging client and charging processing unit
EP2643996B1 (en) Automatic remote access to ieee 802.11 networks
CN101730268B (en) Femto gateway and method and system for mobile terminal to access network resources
US9042343B2 (en) Method, apparatus and system for redirecting data traffic
EP1884129A1 (en) Dynamic dual - mode service access control, location - based billing, and e911 mechanisms
EP2179628A2 (en) Heterogeneous wireless ad hoc network
EP2534889B1 (en) Method and apparatus for redirecting data traffic
KR20130029894A (en) Web redirect authentication method and apparatus of wifi roaming based on ac-ap association
WO2007051414A1 (en) A method for selecting?switching the charging mode and the device thereof
JP2004186749A (en) Wireless lan communication method and system
TW201026121A (en) Position-based control of access to alternative communication networks
WO2013174153A1 (en) Charging method and device
US20170223542A1 (en) Resource sharing method and resource sharing system
JP2006005445A (en) Network connection system and network connection method
WO2009046666A1 (en) Addressing method of policy decision function entity, network element and network system
KR20130029893A (en) Charging method and apparatus of wifi roaming based on ac-ap association
WO2013143265A1 (en) Internet access method and device
WO2012089029A1 (en) Charging method and access device
KR100610865B1 (en) Method and system for providing wireless LAN service using wireless communication network
KR101504895B1 (en) Separable charge system for byod service and separable charge method for data service
JP2004312088A (en) Router and network system
CN108462962B (en) Method and device for connecting access point
KR20040028090A (en) Method for providing private network service and public network service by wireless lan network
WO2024032554A1 (en) Terminal device authentication method and system, and related device

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 12873073

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 12873073

Country of ref document: EP

Kind code of ref document: A1