WO2013167020A2 - Wireless network access security verification method, system and terminal - Google Patents

Wireless network access security verification method, system and terminal Download PDF

Info

Publication number
WO2013167020A2
WO2013167020A2 PCT/CN2013/078846 CN2013078846W WO2013167020A2 WO 2013167020 A2 WO2013167020 A2 WO 2013167020A2 CN 2013078846 W CN2013078846 W CN 2013078846W WO 2013167020 A2 WO2013167020 A2 WO 2013167020A2
Authority
WO
WIPO (PCT)
Prior art keywords
digital certificate
access point
verification
point device
terminal
Prior art date
Application number
PCT/CN2013/078846
Other languages
French (fr)
Chinese (zh)
Other versions
WO2013167020A3 (en
Inventor
蒋敏
潘磊
向锋
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2013167020A2 publication Critical patent/WO2013167020A2/en
Publication of WO2013167020A3 publication Critical patent/WO2013167020A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/068Authentication using credential vaults, e.g. password manager applications or one time password [OTP] applications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/069Authentication using certificates or pre-shared keys

Definitions

  • the present invention relates to a wireless network technology, and in particular, to a security verification method, system, and terminal for wireless network access. Background technique
  • Wi-Fi Wireless Fidelity
  • the main purpose of the embodiments of the present invention is to provide an antenna for wireless network access.
  • Fully validated methods, systems and terminals ensure that users can use a secure and reliable public wireless network to enhance the user experience.
  • the embodiment of the invention provides a security verification method for wireless network access, the method includes: when the terminal connects to the wireless access point device, downloading the digital certificate, and verifying whether the digital certificate is complete and valid, if the verification result is complete and valid , the terminal displays the digital certificate content and the verification pass information; otherwise, the terminal displays the verification failure message.
  • the verification digital certificate is complete and valid. If the verification result is complete and valid, the method further includes:
  • the location of the terminal itself and the location of the device deployed in the digital certificate for deploying the wireless access point device are searched through the Global Positioning System (GPS) function supported by the terminal;
  • GPS Global Positioning System
  • the terminal Calculating the distance between the location of the terminal itself and the location where the wireless access point device is deployed, and determining whether the distance is less than a maximum threshold. If the result of the determination is yes, the terminal displays the digital certificate content and the verification pass information; otherwise, the terminal displays the verification. Pass the information.
  • the verifying whether the digital certificate is complete and valid comprises: determining whether the digital certificate includes a name of the wireless access point device, whether the purpose of providing the wireless access point device, and whether the wireless access point device is deployed position.
  • the method before the terminal is connected to the wireless access point device, the method further includes: importing the digital certificate into the wireless access point device, and the digital certificate is included in the wireless signal sent by the wireless access point device.
  • the embodiment of the present invention further provides a security verification system for wireless network access, where the system includes: a terminal and a wireless access point device;
  • the terminal is configured to download a digital certificate when the wireless access point device is connected, verify whether the digital certificate is complete and valid, and display the digital certificate content when the verification result is complete and valid. And verifying the passing information; displaying the verification failing information in the result of the verification being incomplete; the wireless access point device configured to send the wireless signal including the digital certificate to the terminal.
  • the terminal is further configured to: after verifying that the digital certificate is complete and valid, search for the location of the terminal itself and the location of the device for deploying the wireless access point recorded in the digital certificate by using the GPS function supported by the terminal; The distance between the location and the location where the wireless access point device is deployed is determined to determine whether the distance is less than a maximum threshold. When the determination result is yes, the digital certificate content and the verification pass information are displayed; otherwise, the verification fails the information.
  • the terminal includes: a connection verification module and a display module; wherein the connection verification module is configured to download a digital certificate when the wireless access point device is connected, and verify whether the digital certificate is complete and valid, and the verification result is Send to the display module;
  • the display module is configured to display digital certificate content and risk certificate passing information when the verification result is complete and valid; configured to display a risk certificate failing to pass the letter in the above solution when the risk certificate result is incomplete and valid,
  • the method further includes: a search module and a calculation comparison module; wherein, the search module is configured to support the digital certificate after being validated by itself
  • the GPS function searches its location and the location of the wireless access point device recorded in the digital certificate
  • the calculating and comparing module is configured to calculate a distance between the location of the wireless access point device and the location of the wireless access point device, and determine whether the distance is less than a maximum threshold, and send the determination result to the display module;
  • the display module is further configured to: when the determination result is yes, display the digital certificate content and the verification pass information; when the determination result is no, the verification failure message is displayed.
  • the embodiment of the present invention further provides a terminal, where the terminal includes: a connection verification module and a display module;
  • connection verification module is configured to download a digital certificate when connecting to the wireless access point device, And verifying whether the digital certificate is complete and valid, and sending the verification result to the display module;
  • the display module is configured to display the digital certificate content and the risk certificate passing information when the verification result is complete and valid; configured to be incomplete in the risk certificate result
  • the terminal further includes: a search module and a calculation comparison module; wherein the search module is configured to support the digital certificate after being validated by itself
  • the GPS function searches its location and the location of the wireless access point device recorded in the digital certificate
  • the calculating and comparing module is configured to calculate a distance between the location of the wireless access point device and the location of the wireless access point device, and determine whether the distance is less than a maximum threshold, and send the determination result to the display module;
  • the display module is further configured to: when the determination result is yes, display the digital certificate content and the verification pass information; when the determination result is no, the verification failure message is displayed.
  • the method, system and terminal for verifying the security of the wireless network access verify whether the digital certificate provided by the wireless access point device provider is complete and valid, and after the digital certificate to be verified is complete and valid, the wireless access point is described.
  • the device is safe and reliable.
  • the GPS function supported by the terminal searches for the location of the terminal itself and the location of the device that deploys the wireless access point recorded in the digital certificate, and calculates the location of the terminal itself and the location where the wireless access point device is deployed.
  • the technical solution provided by the embodiment of the invention can ensure that the user uses a safe and reliable public wireless network, avoids loss of the user's private information and property, and improves the user experience.
  • FIG. 1 is a schematic flowchart of a security verification method for wireless network access according to a first embodiment of the present invention
  • FIG. 2 is a schematic structural diagram of a security verification system for wireless network access according to a first embodiment of the present invention
  • FIG. 3 is a schematic flowchart of a method for security verification of wireless network access according to a second embodiment of the present invention. detailed description
  • FIG. 1 is a schematic flowchart of a method for security verification of wireless network access according to a first embodiment of the present invention. As shown in FIG. 1, the method includes the following steps:
  • Step 101 The terminal connects to the wireless access point device, and downloads the digital certificate
  • the digital certificate is applied by the unit or individual providing the wireless access point device to the digital certificate issuing unit, and provides the information required for applying for the digital certificate, and the digital certificate issuing unit verifies that the provided information is correct. , produced and awarded for the unit or individual;
  • the information required for the application for the digital certificate specifically includes: a name of the application unit or individual, a name of the wireless access point device, a purpose of providing the wireless access point device, a location where the wireless access point device is deployed, and the like;
  • the digital certificate is imported into the wireless access point device by the administrator of the wireless access point device, and is included in the wireless signal transmitted by the wireless access point device.
  • Step 102 Determine whether the digital certificate is complete and valid, if the result of the determination is yes, go to step 103; otherwise, go to step 106;
  • the digital certificate may be determined to be complete and valid according to the content of the digital certificate, specifically: determining whether the digital certificate includes the name of the wireless access point device, whether the purpose of providing the wireless access point device, and whether the wireless device is deployed The location of the access point device, etc., if it contains such information, it is complete and valid;
  • the content of the digital certificate includes: a name of the wireless access point device, a purpose of providing the wireless access point device, and a location where the wireless access point device is deployed.
  • Steps 103 to 104 searching for the location of the terminal itself and the location of the device for deploying the wireless access point recorded in the digital certificate by using the GPS function supported by the terminal; and determining the location between the location of the wireless access point device and the location of the terminal itself. Whether the distance is less than the maximum threshold, if the result of the determination is yes, go to step 105; otherwise, go to step 106;
  • determining whether the distance between the location of the wireless access point device and the location of the terminal is less than a maximum threshold specifically includes:
  • the terminal searches for the specific location where it is located through the GPS function; the terminal determines the location of the device that deploys the wireless access point recorded in the digital certificate through the GPS function; calculates the specific location where the user is located and deploys the wireless access Determining the distance of the location of the device and determining whether the distance is less than the maximum threshold. If the result of the determination is yes, the location information of the device for deploying the wireless access point recorded in the digital certificate is true information, and the security verification is performed; otherwise, The location information of the device that is deployed in the digital certificate and deployed to the wireless access point device is false information, and the security verification is not passed.
  • Step 105 The terminal displays the content of the digital certificate, and the verification is passed;
  • Step 106 The terminal displays that the insurance certificate has not passed.
  • FIG. 2 is a schematic structural diagram of a security verification system for a wireless network access according to a first embodiment of the present invention.
  • the system includes: a terminal 21 and a wireless access point device 22; wherein, the terminal 21, When the wireless access point device 22 is connected, the digital certificate is downloaded, the digital certificate is verified to be complete and valid, and when the verification result is complete and valid, the digital certificate content and the verification pass information are displayed; the verification result is incomplete and valid.
  • the wireless access point device 22 is configured to send the wireless signal including the digital certificate to the terminal 21, and the terminal 21 is further configured to verify that the digital certificate is fully valid, and Under the premise that the terminal 21 supports the GPS function, the GPS function is used to search for the location of the wireless access point device recorded in the location and the digital certificate; and calculate the distance between the location of the terminal and the location where the wireless access point device is deployed. And determining whether the distance is less than the maximum threshold, and when the judgment result is yes, displaying the digital certificate content and the verification passing information; otherwise, displaying the verification failure information.
  • the terminal 21 includes: a connection verification module 211 and a display module 212;
  • the connection verification module 211 is configured to download a digital certificate when the wireless access point device is connected, and verify whether the digital certificate is complete and valid, and send the verification result to the display module 212.
  • the display module 212 is configured to verify the result. When it is complete and valid, the digital certificate content and the risk certificate passing information are displayed; configured to display the risk certificate failing information when the risk certificate result is incomplete and valid.
  • the terminal 21 further includes: a search module 213 and a calculation comparison module 214;
  • the search module 213 is configured to search for a location of the wireless access point device and a location of the wireless access point device recorded in the digital certificate by using the GPS function;
  • the calculation comparison module 214 is configured to calculate the distance between the location of the wireless access point device and the location of the wireless access point device, and determine whether the distance is less than the maximum threshold, and send the determination result to the display module 212;
  • the display module 212 is further configured to display the digital certificate content and the verification pass information when the determination result is yes; when the determination result is no, the verification failure message is displayed.
  • FIG. 3 is a schematic flowchart of a method for security verification of wireless network access according to a second embodiment of the present invention.
  • the wireless access network is a Wi-Fi network
  • the terminal supports the GPS function as an example, and further the second embodiment of the present invention is further provided. Detailed explanation. As shown in Figure 3, the following steps are included:
  • Steps 301 to 302 Search for a list of available Wi-Fi access point names, and select one of them.
  • the Wi-Fi access point device is connected, and determines whether the Wi-Fi access point device supports digital certificate verification. If the result of the determination is yes, go to step 303, otherwise, go to step 308;
  • the Wi-Fi access point name list may include a Wi-Fi access point device name, whether a password is required for connection, and whether digital certificate verification is supported, etc.; specifically, for Wi-Fi connection supporting digital certificate verification
  • the entry device name can be prioritized and displayed with a highlighted icon;
  • the Wi-Fi access point device when selecting one of the Wi-Fi access point devices to connect, if the Wi-Fi access point device requires a password for verification, the corresponding password is input to complete the verification; otherwise, the process directly proceeds to the next process. .
  • Step 303 Determine whether the digital certificate is complete and valid. If the result of the determination is yes, go to step 304; otherwise, go to step 308;
  • the determining whether the digital certificate is completely valid specifically includes: determining whether the digital certificate includes a Wi-Fi access point device name, whether the purpose of providing the Wi-Fi access point device is included, and whether the Wi-Fi connection is deployed The location of the entry device, etc.
  • the digital certificate content includes: a Wi-Fi access point device name, a purpose of providing the Wi-Fi access point device, and a location of the Wi-Fi access point device.
  • Steps 304 to 305 Search for the location of the terminal and the location of the Wi-Fi access point device recorded in the digital certificate by using the GPS function, and determine the location between the location of the Wi-Fi access point device and the location of the terminal. Whether the distance is less than the maximum threshold, if the result of the determination is yes, go to step 306; otherwise, go to step 308;
  • the location information is the real information, and the security verification is performed; otherwise, the location information of the device for deploying the Wi-Fi access point recorded in the digital certificate is false information, and the security verification is not passed;
  • a typical Wi-Fi signal has a receiving radius of about 95 meters, and in general, more than 95 meters.
  • the terminal will not be able to receive the wireless signal from the Wi-Fi access point Wi-Fi; considering the location of the terminal itself and the location of the Wi-Fi access point device recorded in the digital certificate by the GPS function
  • the distance deviation is set to a maximum threshold of 200 meters. If the distance between the location of the Wi-Fi access point device and the location of the terminal is less than 200 meters, the location of the Wi-Fi access point device recorded in the digital certificate is recorded.
  • the information is the real information, and the security verification is performed; otherwise, the location information of the device deployed in the digital certificate and deployed by the Wi-Fi access point device is false information, and the security verification is not passed.
  • Step 308 Determine whether to continue to connect to the Wi-Fi network, if the result of the determination is yes, go to step 306: Otherwise, go to step 309;
  • the user can select whether to continue to connect to the Wi-Fi network. If the user chooses to connect to the Wi-Fi network, the step 307 is performed: the terminal can access the Wi-Fi network to perform the Internet access service; otherwise, step 309 is performed: End the current Wi-Fi network connection.
  • the embodiment of the invention verifies whether the digital certificate of the wireless access point device is complete and valid, and further determines whether the wireless access point device is safe and reliable, and ensures that the user uses a safe and reliable public wireless network to avoid loss of the user's private information and property. , enhance the user experience.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

Disclosed is a wireless network access security verification method. The method comprises: when connecting to a wireless access point device, a terminal downloading a digital certificate and verifying whether the digital certificate is complete and valid, and if the verification result is that it is complete and valid, the terminal displaying the contents of the digital certificate and information that the verification is passed; otherwise the terminal displaying the information that the verification has failed. Also disclosed are a wireless network access security verification system and terminal. The technical solution of the embodiments of the present invention can be applied to ensure that a user uses a secure and reliable common wireless network, to avoid the loss of the private information about and the property of the user, and to improve the user experience.

Description

一种无线网络接入的安全验证方法、 系统及终端 技术领域  Security verification method, system and terminal for wireless network access
本发明涉及无线网络技术, 具体涉及一种无线网络接入的安全验证方 法、 系统及终端。 背景技术  The present invention relates to a wireless network technology, and in particular, to a security verification method, system, and terminal for wireless network access. Background technique
2004年 7月,美国费城首次提出建设基于无线保真( Wireless Fidelity, Wi-Fi )技术的无线网格(Mesh ) 网络, 也叫 "无线费城计划", 随后这股 无线城市建设浪潮开始席卷全球, 截至 2006年 12月已有 400多个城市开 始或计划建设无线宽带城域网以满足公共接入、 公共安全和公共服务的需 要, 而现在这一数量已经达到 600个。 如今, 这股浪潮早已到达中国大陆, 北京、 天津、 上海、 广州等城市均正在建设类似项目。  In July 2004, Philadelphia, the United States, first proposed the construction of a wireless mesh (Mesh) network based on Wireless Fidelity (Wi-Fi) technology, also known as the "Wireless Philadelphia Plan," and this wave of wireless city construction began to sweep the world. As of December 2006, more than 400 cities have started or plan to build wireless broadband metropolitan area networks to meet the needs of public access, public safety and public services, and now this number has reached 600. Today, this wave has already reached mainland China, and similar projects are being built in cities such as Beijing, Tianjin, Shanghai and Guangzhou.
人们在无线网络覆盖的区域中可以通过手机、 上网本等设备随时随地 通过身边的无线网络接入点接入到互联网上, 实现上网、 购物、 看电视、 新闻等活动。 但目前人们搜索到可用的无线网络接入点时, 只知道接入点 的名称及是否需要接入密码等信息, 用户无法判定该无线网络是否安全可 信。 目前, 在中国上海、 广州等城市已经发现犯罪分子在公共场所架设无 线网络接入点, 免费提供无线上网服务, 在后台利用网络监控软件, 分析 用户的银行账号、 密码, 游戏账号、 密码等等, 从事犯罪的行为。 目前, 对无线网络的安全验证方案还没有实现, 可见, 提供一种无线网络的安全 验证方案是十分必要的。 发明内容  In the area covered by the wireless network, people can access the Internet through the wireless network access points around them through mobile phones, netbooks, etc., to achieve Internet, shopping, watching TV, news and other activities. However, when people search for available wireless network access points, they only know the name of the access point and whether they need access to the password. The user cannot determine whether the wireless network is secure or not. At present, in Shanghai, Guangzhou and other cities in China, criminals have been found to set up wireless network access points in public places, provide free wireless Internet access services, use network monitoring software in the background, analyze users' bank accounts, passwords, game accounts, passwords, etc. , engaging in criminal acts. At present, the security verification scheme for wireless networks has not been implemented. It can be seen that it is necessary to provide a security verification scheme for wireless networks. Summary of the invention
有鉴于此, 本发明实施例的主要目的在于提供一种无线网络接入的安 全验证方法、 系统及终端, 确保用户能够使用安全可靠的公共无线网络, 提升用户的体验。 In view of this, the main purpose of the embodiments of the present invention is to provide an antenna for wireless network access. Fully validated methods, systems and terminals ensure that users can use a secure and reliable public wireless network to enhance the user experience.
为达到上述目的, 本发明实施例的技术方案是这样实现的:  To achieve the above objective, the technical solution of the embodiment of the present invention is implemented as follows:
本发明实施例提供了一种无线网络接入的安全验证方法, 该方法包括: 终端在连接无线接入点设备时, 下载数字证书, 并验证数字证书是否 完整有效, 若验证的结果为完整有效, 则终端显示数字证书内容和验证通 过信息; 否则, 终端显示验证未通过信息。  The embodiment of the invention provides a security verification method for wireless network access, the method includes: when the terminal connects to the wireless access point device, downloading the digital certificate, and verifying whether the digital certificate is complete and valid, if the verification result is complete and valid , the terminal displays the digital certificate content and the verification pass information; otherwise, the terminal displays the verification failure message.
上述方案中, 所述验证数字证书是否完整有效, 若验证的结果为完整 有效后, 该方法还包括:  In the above solution, the verification digital certificate is complete and valid. If the verification result is complete and valid, the method further includes:
通过终端支持的全球定位系统( Global Positioning System, GPS )功能 搜寻终端自身所在位置以及数字证书中记录的部署该无线接入点设备的位 置;  The location of the terminal itself and the location of the device deployed in the digital certificate for deploying the wireless access point device are searched through the Global Positioning System (GPS) function supported by the terminal;
计算终端自身所在位置与部署该无线接入点设备的位置的距离并判断 该距离是否小于最大阈值, 若判断的结果为是, 则终端显示数字证书内容 和验证通过信息; 否则, 终端显示验证未通过信息。  Calculating the distance between the location of the terminal itself and the location where the wireless access point device is deployed, and determining whether the distance is less than a maximum threshold. If the result of the determination is yes, the terminal displays the digital certificate content and the verification pass information; otherwise, the terminal displays the verification. Pass the information.
上述方案中, 所述验证数字证书是否完整有效包括: 判断该数字证书 是否包括无线接入点设备的名称、 是否包括提供该无线接入点设备的目的 以及是否包括部署该无线接入点设备的位置。  In the foregoing solution, the verifying whether the digital certificate is complete and valid comprises: determining whether the digital certificate includes a name of the wireless access point device, whether the purpose of providing the wireless access point device, and whether the wireless access point device is deployed position.
上述方案中, 所述终端连接无线接入点设备之前, 该方法还包括: 将 数字证书导入无线接入点设备, 且该数字证书包含在无线接入点设备发送 的无线信号中。  In the foregoing solution, before the terminal is connected to the wireless access point device, the method further includes: importing the digital certificate into the wireless access point device, and the digital certificate is included in the wireless signal sent by the wireless access point device.
本发明实施例还提供了一种无线网络接入的安全验证系统, 该系统包 括: 终端和无线接入点设备; 其中,  The embodiment of the present invention further provides a security verification system for wireless network access, where the system includes: a terminal and a wireless access point device;
所述终端, 配置为在连接无线接入点设备时, 下载数字证书, 验证数 字证书是否完整有效, 并在验证的结果为完整有效时, 显示数字证书内容 和验证通过信息; 在验证的结果为不完整有效, 显示验证未通过信息; 所述无线接入点设备, 配置为向终端发送包含数字证书的无线信号。 上述方案中, 所述终端, 还配置为在验证数字证书完整有效后, 通过 终端自身支持的 GPS功能搜寻终端自身所在位置以及数字证书中记录的部 署该无线接入点设备的位置; 计算自身所在位置与部署该无线接入点设备 的位置的距离并判断该距离是否小于最大阈值, 在判断结果为是时, 显示 数字证书内容和验证通过信息; 否则, 显示验证未通过信息。 The terminal is configured to download a digital certificate when the wireless access point device is connected, verify whether the digital certificate is complete and valid, and display the digital certificate content when the verification result is complete and valid. And verifying the passing information; displaying the verification failing information in the result of the verification being incomplete; the wireless access point device configured to send the wireless signal including the digital certificate to the terminal. In the above solution, the terminal is further configured to: after verifying that the digital certificate is complete and valid, search for the location of the terminal itself and the location of the device for deploying the wireless access point recorded in the digital certificate by using the GPS function supported by the terminal; The distance between the location and the location where the wireless access point device is deployed is determined to determine whether the distance is less than a maximum threshold. When the determination result is yes, the digital certificate content and the verification pass information are displayed; otherwise, the verification fails the information.
上述方案中, 所述终端包括: 连接验证模块和显示模块; 其中, 所述连接验证模块, 配置为在连接无线接入点设备时, 下载数字证书, 并验证数字证书是否完整有效, 将验证结果送给显示模块;  In the above solution, the terminal includes: a connection verification module and a display module; wherein the connection verification module is configured to download a digital certificate when the wireless access point device is connected, and verify whether the digital certificate is complete and valid, and the verification result is Send to the display module;
所述显示模块, 配置为在验证结果为完整有效时, 显示数字证书内容 和险证通过信息; 配置为在险证结果为不完整有效时, 显示险证未通过信 上述方案中, 所述终端还包括: 搜索模块和计算比较模块; 其中, 所述搜索模块, 配置为在验证数字证书完整有效后, 通过自身支持的 The display module is configured to display digital certificate content and risk certificate passing information when the verification result is complete and valid; configured to display a risk certificate failing to pass the letter in the above solution when the risk certificate result is incomplete and valid, The method further includes: a search module and a calculation comparison module; wherein, the search module is configured to support the digital certificate after being validated by itself
GPS 功能搜索自身所在位置以及数字证书中记录的部署该无线接入点设备 的位置; The GPS function searches its location and the location of the wireless access point device recorded in the digital certificate;
所述计算比较模块, 配置为计算自身所在位置与部署该无线接入点设 备的位置的距离并判断该距离是否小于最大阈值, 将判断结果发送给显示 模块;  The calculating and comparing module is configured to calculate a distance between the location of the wireless access point device and the location of the wireless access point device, and determine whether the distance is less than a maximum threshold, and send the determination result to the display module;
相应的, 所述显示模块, 还配置为在判断结果为是时, 显示数字证书 内容和验证通过信息; 在判断结果为否时, 显示验证未通过信息。  Correspondingly, the display module is further configured to: when the determination result is yes, display the digital certificate content and the verification pass information; when the determination result is no, the verification failure message is displayed.
本发明实施例还提供了一种终端, 该终端包括: 连接验证模块和显示 模块; 其中,  The embodiment of the present invention further provides a terminal, where the terminal includes: a connection verification module and a display module;
所述连接验证模块, 配置为在连接无线接入点设备时, 下载数字证书, 并验证数字证书是否完整有效, 将验证结果发送给显示模块; 所述显示模块, 配置为在验证结果为完整有效时, 显示数字证书内容 和险证通过信息; 配置为在险证结果为不完整有效时, 显示险证未通过信 上述方案中, 所述终端还包括: 搜索模块和计算比较模块; 其中, 所述搜索模块, 配置为在验证数字证书完整有效后, 通过自身支持的The connection verification module is configured to download a digital certificate when connecting to the wireless access point device, And verifying whether the digital certificate is complete and valid, and sending the verification result to the display module; the display module is configured to display the digital certificate content and the risk certificate passing information when the verification result is complete and valid; configured to be incomplete in the risk certificate result When the validity of the certificate is not passed, the terminal further includes: a search module and a calculation comparison module; wherein the search module is configured to support the digital certificate after being validated by itself
GPS 功能搜索自身所在位置以及数字证书中记录的部署该无线接入点设备 的位置; The GPS function searches its location and the location of the wireless access point device recorded in the digital certificate;
所述计算比较模块, 配置为计算自身所在位置与部署该无线接入点设 备的位置的距离并判断该距离是否小于最大阈值, 将判断结果发送给显示 模块;  The calculating and comparing module is configured to calculate a distance between the location of the wireless access point device and the location of the wireless access point device, and determine whether the distance is less than a maximum threshold, and send the determination result to the display module;
相应的, 所述显示模块, 还配置为在判断结果为是时, 显示数字证书 内容和验证通过信息; 在判断结果为否时, 显示验证未通过信息。  Correspondingly, the display module is further configured to: when the determination result is yes, display the digital certificate content and the verification pass information; when the determination result is no, the verification failure message is displayed.
本发明实施例提供的无线网络接入的安全验证方法、 系统及终端, 通 过验证无线接入点设备提供者提供的数字证书是否完整有效, 待验证数字 证书完整有效后, 说明该无线接入点设备安全可靠; 进一步的, 通过终端 支持的 GPS功能搜寻终端自身所在位置以及数字证书中记录的部署该无线 接入点设备的位置, 计算终端自身所在位置与部署该无线接入点设备的位 置的距离并判断该距离是否小于最大阈值, 若判断的结果为是, 说明数字 证书中记录的部署该无线接入点设备的位置为真实信息, 则当前无线接入 点设备是安全可靠的; 否则, 说明数字证书中记录的部署该无线接入点设 备的位置为虚假信息, 则当前无线接入点设备是不安全的。 通过本发明实 施例提供的技术方案, 能够确保用户使用安全可靠的公共无线网络, 避免 用户的私人信息及财产遭受损失, 提升用户的体验。 附图说明 The method, system and terminal for verifying the security of the wireless network access provided by the embodiment of the present invention verify whether the digital certificate provided by the wireless access point device provider is complete and valid, and after the digital certificate to be verified is complete and valid, the wireless access point is described. The device is safe and reliable. Further, the GPS function supported by the terminal searches for the location of the terminal itself and the location of the device that deploys the wireless access point recorded in the digital certificate, and calculates the location of the terminal itself and the location where the wireless access point device is deployed. If the distance is greater than the maximum threshold, if the result of the determination is yes, indicating that the location of the device for deploying the wireless access point recorded in the digital certificate is real information, the current wireless access point device is safe and reliable; otherwise, The location of the wireless access point device recorded in the digital certificate is false information, and the current wireless access point device is not secure. The technical solution provided by the embodiment of the invention can ensure that the user uses a safe and reliable public wireless network, avoids loss of the user's private information and property, and improves the user experience. DRAWINGS
图 1为本发明第一实施例无线网络接入的安全验证方法的流程示意图; 图 2为本发明第一实施例无线网络接入的安全验证系统的组成架构示 意图;  1 is a schematic flowchart of a security verification method for wireless network access according to a first embodiment of the present invention; FIG. 2 is a schematic structural diagram of a security verification system for wireless network access according to a first embodiment of the present invention;
图 3 为本发明第二实施例提供的无线网络接入的安全验证方法的流程 示意图。 具体实施方式  FIG. 3 is a schematic flowchart of a method for security verification of wireless network access according to a second embodiment of the present invention. detailed description
下面结合附图及具体实施例对本发明实施例再作进一步详细的说明。 图 1为本发明第一实施例无线网络接入的安全验证方法的流程示意图, 如图 1所示, 包括以下步驟:  The embodiments of the present invention will be further described in detail below with reference to the accompanying drawings and specific embodiments. FIG. 1 is a schematic flowchart of a method for security verification of wireless network access according to a first embodiment of the present invention. As shown in FIG. 1, the method includes the following steps:
步驟 101 : 终端连接无线接入点设备, 下载数字证书;  Step 101: The terminal connects to the wireless access point device, and downloads the digital certificate;
这里, 所述数字证书由提供无线接入点设备的单位或个人, 向数字证 书发证单位申请, 并提供申请数字证书所需要信息, 由数字证书发证单位 在验证所提供的信息正确无误后, 为单位或个人制作并颁发;  Here, the digital certificate is applied by the unit or individual providing the wireless access point device to the digital certificate issuing unit, and provides the information required for applying for the digital certificate, and the digital certificate issuing unit verifies that the provided information is correct. , produced and awarded for the unit or individual;
所述申请数字证书所需要的信息具体包括: 申请单位或个人的名称、 无线接入点设备名称、 提供该无线接入点设备的目的、 部署该无线接入点 设备的位置等;  The information required for the application for the digital certificate specifically includes: a name of the application unit or individual, a name of the wireless access point device, a purpose of providing the wireless access point device, a location where the wireless access point device is deployed, and the like;
这里, 所述数字证书由无线接入点设备的管理人员导入无线接入点设 备中, 且包含在无线接入点设备发送的无线信号中。  Here, the digital certificate is imported into the wireless access point device by the administrator of the wireless access point device, and is included in the wireless signal transmitted by the wireless access point device.
步驟 102: 判断数字证书是否完整有效, 若判断的结果为是, 执行步驟 103; 否则, 执行步驟 106;  Step 102: Determine whether the digital certificate is complete and valid, if the result of the determination is yes, go to step 103; otherwise, go to step 106;
这里, 可根据数字证书的内容判断该数字证书是否完整有效, 具体为: 判断该数字证书是否包括无线接入点设备的名称、 是否包括提供该无线接 入点设备的目的以及是否包括部署该无线接入点设备的位置等, 如果包含 这些信息, 则为完整有效; 其中, 所述数字证书内容包括: 无线接入点设备名称、 提供该无线接 入点设备的目的、 部署该无线接入点设备的位置等信息。 Here, the digital certificate may be determined to be complete and valid according to the content of the digital certificate, specifically: determining whether the digital certificate includes the name of the wireless access point device, whether the purpose of providing the wireless access point device, and whether the wireless device is deployed The location of the access point device, etc., if it contains such information, it is complete and valid; The content of the digital certificate includes: a name of the wireless access point device, a purpose of providing the wireless access point device, and a location where the wireless access point device is deployed.
步驟 103~步驟 104: 通过终端支持的 GPS功能搜寻终端自身所在位置 以及数字证书中记录的部署该无线接入点设备的位置; 并判断无线接入点 设备的位置与终端自身的位置之间的距离是否小于最大阈值, 若判断的结 果为是, 执行步驟 105; 否则, 执行步驟 106;  Steps 103 to 104: searching for the location of the terminal itself and the location of the device for deploying the wireless access point recorded in the digital certificate by using the GPS function supported by the terminal; and determining the location between the location of the wireless access point device and the location of the terminal itself. Whether the distance is less than the maximum threshold, if the result of the determination is yes, go to step 105; otherwise, go to step 106;
这里, 判断无线接入点设备的位置与终端的位置之间的距离是否小于 最大阈值具体包括:  Here, determining whether the distance between the location of the wireless access point device and the location of the terminal is less than a maximum threshold specifically includes:
若终端支持 GPS功能,则终端通过 GPS功能搜寻自身所在的具体位置; 终端通过 GPS功能确定数字证书中记录的部署该无线接入点设备的位置; 计算自身所在的具体位置与部署该无线接入点设备的位置的距离并判断该 距离是否小于最大阈值, 若判断的结果为是, 则说明数字证书中记录的部 署该无线接入点设备的位置信息为真实信息, 通过安全验证; 否则, 则说 明数字证书中记录的部署该无线接入点设备的位置信息为虚假信息, 未通 过安全验证。  If the terminal supports the GPS function, the terminal searches for the specific location where it is located through the GPS function; the terminal determines the location of the device that deploys the wireless access point recorded in the digital certificate through the GPS function; calculates the specific location where the user is located and deploys the wireless access Determining the distance of the location of the device and determining whether the distance is less than the maximum threshold. If the result of the determination is yes, the location information of the device for deploying the wireless access point recorded in the digital certificate is true information, and the security verification is performed; otherwise, The location information of the device that is deployed in the digital certificate and deployed to the wireless access point device is false information, and the security verification is not passed.
步驟 105: 终端显示数字证书内容, 验证通过;  Step 105: The terminal displays the content of the digital certificate, and the verification is passed;
步驟 106: 终端显示险证未通过。  Step 106: The terminal displays that the insurance certificate has not passed.
图 2为本发明第一实施例无线网络接入的安全验证系统的组成架构示 意图, 如图 2所示, 所述系统包括: 终端 21和无线接入点设备 22; 其中, 所述终端 21 , 配置为在连接无线接入点设备 22时, 下载数字证书, 验 证数字证书是否完整有效, 并在验证的结果为完整有效时, 显示数字证书 内容和验证通过信息; 在验证的结果为不完整有效, 显示验证未通过信息; 所述无线接入点设备 22,配置为向终端 21发送包含数字证书的无线信 进一步的, 所述终端 21 , 还配置为在验证数字证书完整有效后, 且在 所述终端 21支持 GPS功能的前提下, 通过 GPS功能搜寻自身所在位置以 及数字证书中记录的部署该无线接入点设备的位置; 计算自身所在位置与 部署该无线接入点设备的位置的距离并判断该距离是否小于最大阈值, 在 判断结果为是时, 显示数字证书内容和验证通过信息; 否则, 显示验证未 通过信息。 2 is a schematic structural diagram of a security verification system for a wireless network access according to a first embodiment of the present invention. As shown in FIG. 2, the system includes: a terminal 21 and a wireless access point device 22; wherein, the terminal 21, When the wireless access point device 22 is connected, the digital certificate is downloaded, the digital certificate is verified to be complete and valid, and when the verification result is complete and valid, the digital certificate content and the verification pass information are displayed; the verification result is incomplete and valid. The wireless access point device 22 is configured to send the wireless signal including the digital certificate to the terminal 21, and the terminal 21 is further configured to verify that the digital certificate is fully valid, and Under the premise that the terminal 21 supports the GPS function, the GPS function is used to search for the location of the wireless access point device recorded in the location and the digital certificate; and calculate the distance between the location of the terminal and the location where the wireless access point device is deployed. And determining whether the distance is less than the maximum threshold, and when the judgment result is yes, displaying the digital certificate content and the verification passing information; otherwise, displaying the verification failure information.
进一步的, 所述终端 21包括: 连接验证模块 211和显示模块 212; 其 中,  Further, the terminal 21 includes: a connection verification module 211 and a display module 212;
所述连接验证模块 211 , 配置为在连接无线接入点设备时, 下载数字证 书, 并验证数字证书是否完整有效, 将验证结果发送给显示模块 212; 所述显示模块 212, 配置为在验证结果为完整有效时,显示数字证书内 容和险证通过信息; 配置为在险证结果为不完整有效时, 显示险证未通过 信息。  The connection verification module 211 is configured to download a digital certificate when the wireless access point device is connected, and verify whether the digital certificate is complete and valid, and send the verification result to the display module 212. The display module 212 is configured to verify the result. When it is complete and valid, the digital certificate content and the risk certificate passing information are displayed; configured to display the risk certificate failing information when the risk certificate result is incomplete and valid.
进一步的, 所述终端 21还包括: 搜索模块 213和计算比较模块 214; 其中,  Further, the terminal 21 further includes: a search module 213 and a calculation comparison module 214;
所述搜索模块 213 , 配置为通过 GPS功能搜索自身所在位置以及数字 证书中记录的部署该无线接入点设备的位置;  The search module 213 is configured to search for a location of the wireless access point device and a location of the wireless access point device recorded in the digital certificate by using the GPS function;
所述计算比较模块 214,配置为计算自身所在位置与部署该无线接入点 设备的位置的距离并判断该距离是否小于最大阈值, 将判断结果发送给显 示模块 212;  The calculation comparison module 214 is configured to calculate the distance between the location of the wireless access point device and the location of the wireless access point device, and determine whether the distance is less than the maximum threshold, and send the determination result to the display module 212;
相应的, 所述显示模块 212, 还配置为在判断结果为是时, 显示数字证 书内容和验证通过信息; 在判断结果为否时, 显示验证未通过信息。  Correspondingly, the display module 212 is further configured to display the digital certificate content and the verification pass information when the determination result is yes; when the determination result is no, the verification failure message is displayed.
图 3 为本发明第二实施例提供的无线网络接入的安全验证方法的流程 示意图, 以无线接入网络为 Wi-Fi网络, 且终端支持 GPS功能为例, 对本 发明第二实施例作进一步详细的说明。 如图 3所示, 包括以下步驟:  FIG. 3 is a schematic flowchart of a method for security verification of wireless network access according to a second embodiment of the present invention. The wireless access network is a Wi-Fi network, and the terminal supports the GPS function as an example, and further the second embodiment of the present invention is further provided. Detailed explanation. As shown in Figure 3, the following steps are included:
步驟 301~步驟 302:搜索可用的 Wi-Fi接入点名称列表,选择其中一个 Wi-Fi接入点设备进行连接 , 并判断该 Wi-Fi接入点设备是否支持数字证书 验证, 若判断的结果为是, 执行步驟 303, 否则, 执行步驟 308; Steps 301 to 302: Search for a list of available Wi-Fi access point names, and select one of them. The Wi-Fi access point device is connected, and determines whether the Wi-Fi access point device supports digital certificate verification. If the result of the determination is yes, go to step 303, otherwise, go to step 308;
这里, 所述 Wi-Fi接入点名称列表可包括 Wi-Fi接入点设备名称、是否 需要密码进行连接以及是否支持数字证书验证等信息; 具体的, 对于支持 数字证书验证的 Wi-Fi接入点设备名称可优先并以高亮图标显示;  Here, the Wi-Fi access point name list may include a Wi-Fi access point device name, whether a password is required for connection, and whether digital certificate verification is supported, etc.; specifically, for Wi-Fi connection supporting digital certificate verification The entry device name can be prioritized and displayed with a highlighted icon;
这里, 在选择其中一个 Wi-Fi接入点设备进行连接时, 若该 Wi-Fi接入 点设备需要密码进行验证, 则输入对应的密码完成验证即可; 否则, 则直 接进入下一个处理流程。  Here, when selecting one of the Wi-Fi access point devices to connect, if the Wi-Fi access point device requires a password for verification, the corresponding password is input to complete the verification; otherwise, the process directly proceeds to the next process. .
步驟 303: 判断数字证书是否完整有效, 若判断的结果为是, 执行步驟 304,; 否则, 执行步驟 308;  Step 303: Determine whether the digital certificate is complete and valid. If the result of the determination is yes, go to step 304; otherwise, go to step 308;
这里, 所述判断数字证书是否完整有效具体包括: 判断该数字证书是 否包括 Wi-Fi接入点设备名称、是否包括提供该 Wi-Fi接入点设备的目的以 及是否包括部署该 Wi-Fi接入点设备的位置等;  Here, the determining whether the digital certificate is completely valid specifically includes: determining whether the digital certificate includes a Wi-Fi access point device name, whether the purpose of providing the Wi-Fi access point device is included, and whether the Wi-Fi connection is deployed The location of the entry device, etc.
其中, 所述数字证书内容包括: Wi-Fi接入点设备名称、 提供该 Wi-Fi 接入点设备的目的、 部署该 Wi-Fi接入点设备的位置等信息。  The digital certificate content includes: a Wi-Fi access point device name, a purpose of providing the Wi-Fi access point device, and a location of the Wi-Fi access point device.
步驟 304~步驟 305: 通过 GPS功能搜寻终端自身所在位置以及数字证 书中记录的部署该 Wi-Fi接入点设备的位置,并判断 Wi-Fi接入点设备的位 置与终端的位置之间的距离是否小于最大阈值, 若判断的结果为是, 执行 步驟 306; 否则, 执行步驟 308;  Steps 304 to 305: Search for the location of the terminal and the location of the Wi-Fi access point device recorded in the digital certificate by using the GPS function, and determine the location between the location of the Wi-Fi access point device and the location of the terminal. Whether the distance is less than the maximum threshold, if the result of the determination is yes, go to step 306; otherwise, go to step 308;
这里,所述判断 Wi-Fi接入点设备的位置与终端的位置之间的距离是否 小于最大阈值, 若判断的结果为是, 则说明数字证书中记录的部署该 Wi-Fi 接入点设备的位置信息为真实信息, 通过安全验证; 否则, 则说明数字证 书中记录的部署该 Wi-Fi接入点设备的位置信息为虚假信息,未通过安全验 证;  Here, the determining whether the distance between the location of the Wi-Fi access point device and the location of the terminal is less than a maximum threshold, and if the result of the determination is yes, indicating that the Wi-Fi access point device is recorded in the digital certificate The location information is the real information, and the security verification is performed; otherwise, the location information of the device for deploying the Wi-Fi access point recorded in the digital certificate is false information, and the security verification is not passed;
例如, 一般 Wi-Fi信号的接收半径约为 95米, 一般情况下超过 95米, 终端将无法接收到该 Wi-Fi接入点 Wi-Fi发出的无线信号;考虑到通过 GPS 功能搜索终端自身所在位置以及数字证书中记录的部署该 Wi-Fi接入点设 备的位置带来的距离偏差,设置最大阈值为 200米,若 Wi-Fi接入点设备的 位置与终端的位置之间的距离小于 200米, 则说明数字证书中记录的部署 该 Wi-Fi接入点设备的位置信息为真实信息, 通过安全验证; 否则, 则说明 数字证书中记录的部署该 Wi-Fi接入点设备的位置信息为虚假信息,未通过 安全验证。 For example, a typical Wi-Fi signal has a receiving radius of about 95 meters, and in general, more than 95 meters. The terminal will not be able to receive the wireless signal from the Wi-Fi access point Wi-Fi; considering the location of the terminal itself and the location of the Wi-Fi access point device recorded in the digital certificate by the GPS function The distance deviation is set to a maximum threshold of 200 meters. If the distance between the location of the Wi-Fi access point device and the location of the terminal is less than 200 meters, the location of the Wi-Fi access point device recorded in the digital certificate is recorded. The information is the real information, and the security verification is performed; otherwise, the location information of the device deployed in the digital certificate and deployed by the Wi-Fi access point device is false information, and the security verification is not passed.
步驟 306~步驟 307: 终端显示数字证书内容, 验证通过, 终端可接入 Wi-Fi网络进行上网业务;  Step 306~ Step 307: The terminal displays the content of the digital certificate. After the verification is passed, the terminal can access the Wi-Fi network to perform the Internet access service.
步驟 308: 判断是否继续连接 Wi-Fi网络, 若判断的结果为是, 执行步 驟 306: 否则, 执行步驟 309;  Step 308: Determine whether to continue to connect to the Wi-Fi network, if the result of the determination is yes, go to step 306: Otherwise, go to step 309;
这里,可通过用户自身的选择是否继续连接 Wi-Fi网络,若用户选择接 续连接 Wi-Fi网络,则执行步驟 307:终端可接入 Wi-Fi网络进行上网业务; 否则, 则执行步驟 309: 结束当前 Wi-Fi网络连接。  Here, the user can select whether to continue to connect to the Wi-Fi network. If the user chooses to connect to the Wi-Fi network, the step 307 is performed: the terminal can access the Wi-Fi network to perform the Internet access service; otherwise, step 309 is performed: End the current Wi-Fi network connection.
以上所述, 仅为本发明实施例的较佳实施例而已, 并非用于限定本发 明实施例的保护范围。 凡在本发明实施例的精神和范围之内所作的任何修 改、 等同替换和改进等, 均包含在本发明实施例的保护范围之内。 工业实用性  The above is only a preferred embodiment of the embodiments of the present invention, and is not intended to limit the scope of protection of the embodiments of the present invention. All the modifications, equivalent substitutions and improvements made within the spirit and scope of the embodiments of the present invention are included in the scope of the present invention. Industrial applicability
本发明实施例通过验证无线接入点设备的数字证书是否完整有效, 进 而确定该无线接入点设备是否安全可靠, 能够确保用户使用安全可靠的公 共无线网络, 避免用户的私人信息及财产遭受损失, 提升用户的体验。  The embodiment of the invention verifies whether the digital certificate of the wireless access point device is complete and valid, and further determines whether the wireless access point device is safe and reliable, and ensures that the user uses a safe and reliable public wireless network to avoid loss of the user's private information and property. , enhance the user experience.

Claims

权利要求书 claims
1、 一种无线网络接入的安全验证方法, 该方法包括: 1. A security verification method for wireless network access. The method includes:
终端在连接无线接入点设备时, 下载数字证书, 并验证数字证书是否 完整有效, 若验证的结果为完整有效, 则终端显示数字证书内容和验证通 过信息; 否则, 终端显示验证未通过信息。 When the terminal connects to the wireless access point device, it downloads the digital certificate and verifies whether the digital certificate is complete and valid. If the verification result is complete and valid, the terminal displays the content of the digital certificate and the verification passing information; otherwise, the terminal displays the verification failure information.
2、 根据权利要求 1所述的方法, 其中, 所述验证数字证书是否完整有 效, 若验证的结果为完整有效后, 该方法还包括: 2. The method according to claim 1, wherein the verification of whether the digital certificate is complete and valid, and if the verification result is complete and valid, the method further includes:
通过终端支持的全球定位系统 GPS功能搜寻终端自身所在位置以及数 字证书中记录的部署该无线接入点设备的位置; Search the location of the terminal itself and the location of the wireless access point device recorded in the digital certificate through the global positioning system GPS function supported by the terminal;
计算终端自身所在位置与部署该无线接入点设备的位置的距离并判断 该距离是否小于最大阈值, 若判断的结果为是, 则终端显示数字证书内容 和验证通过信息; 否则, 终端显示验证未通过信息。 Calculate the distance between the terminal's own location and the location where the wireless access point device is deployed and determine whether the distance is less than the maximum threshold. If the result of the determination is yes, the terminal displays the digital certificate content and verification pass information; otherwise, the terminal displays verification failed. through information.
3、 根据权利要求 1所述的方法, 其中, 所述验证数字证书是否完整有 效包括: 判断该数字证书是否包括无线接入点设备的名称、 是否包括提供 该无线接入点设备的目的以及是否包括部署该无线接入点设备的位置。 3. The method according to claim 1, wherein the verifying whether the digital certificate is complete and valid includes: determining whether the digital certificate includes the name of the wireless access point device, whether it includes the purpose of providing the wireless access point device, and whether Includes the location where the wireless access point device is deployed.
4、 根据权利要求 1所述的方法, 其中, 所述终端连接无线接入点设备 之前, 该方法还包括: 将数字证书导入无线接入点设备, 且该数字证书包 含在无线接入点设备发送的无线信号中。 4. The method according to claim 1, wherein before the terminal connects to the wireless access point device, the method further includes: importing a digital certificate into the wireless access point device, and the digital certificate is included in the wireless access point device. in the wireless signal being sent.
5、 一种无线网络接入的安全险证系统, 该系统包括: 终端和无线接入 点设备; 其中, 5. A security certificate system for wireless network access. The system includes: a terminal and a wireless access point device; among which,
所述终端, 配置为在连接无线接入点设备时, 下载数字证书, 验证数 字证书是否完整有效, 并在验证的结果为完整有效时, 显示数字证书内容 和验证通过信息; 在验证的结果为不完整有效, 显示验证未通过信息; 所述无线接入点设备, 配置为向终端发送包含数字证书的无线信号。 The terminal is configured to download the digital certificate when connecting to the wireless access point device, verify whether the digital certificate is complete and valid, and when the verification result is complete and valid, display the digital certificate content and verification pass information; when the verification result is Incomplete and valid, verification failure information is displayed; the wireless access point device is configured to send a wireless signal containing a digital certificate to the terminal.
6、 根据权利要求 5所述的系统, 其中, 所述终端, 还配置为在验证数 字证书完整有效后, 通过终端自身支持的 GPS功能搜寻终端自身所在位置 以及数字证书中记录的部署该无线接入点设备的位置; 计算自身所在位置 与部署该无线接入点设备的位置的距离并判断该距离是否小于最大阈值, 在判断结果为是时, 显示数字证书内容和验证通过信息; 否则, 显示验证 未通过信息。 6. The system according to claim 5, wherein the terminal is further configured to verify the data After the digital certificate is complete and valid, use the GPS function supported by the terminal to search for its own location and the location where the wireless access point device is deployed recorded in the digital certificate; calculate the distance between its own location and the location where the wireless access point device is deployed. And judge whether the distance is less than the maximum threshold. When the judgment result is yes, display the digital certificate content and verification passing information; otherwise, display the verification failing information.
7、 根据权利要求 5或 6所述的系统, 其中, 所述终端包括: 连接验证 模块和显示模块; 7. The system according to claim 5 or 6, wherein the terminal includes: a connection verification module and a display module;
所述连接验证模块, 配置为在连接无线接入点设备时, 下载数字证书, 并验证数字证书是否完整有效, 将验证结果送给显示模块; The connection verification module is configured to download the digital certificate when connecting to the wireless access point device, verify whether the digital certificate is complete and valid, and send the verification result to the display module;
所述显示模块, 配置为在验证结果为完整有效时, 显示数字证书内容 和险证通过信息; 配置为在险证结果为不完整有效时, 显示险证未通过信 The display module is configured to display the digital certificate content and insurance certificate passing information when the verification result is complete and valid; configured to display the insurance certificate failure information when the insurance certificate result is incomplete and valid.
8、 根据权利要求 7所述的系统, 其中, 所述终端还包括: 搜索模块和 计算比较模块; 8. The system according to claim 7, wherein the terminal further includes: a search module and a calculation comparison module;
所述搜索模块, 配置为在验证数字证书完整有效后, 通过自身支持的 GPS 功能搜索自身所在位置以及数字证书中记录的部署该无线接入点设备 的位置; The search module is configured to, after verifying that the digital certificate is complete and valid, search for its own location and the location where the wireless access point device is deployed recorded in the digital certificate through the GPS function it supports;
所述计算比较模块, 配置为计算自身所在位置与部署该无线接入点设 备的位置的距离并判断该距离是否小于最大阈值, 将判断结果发送给显示 模块; The calculation and comparison module is configured to calculate the distance between its own location and the location where the wireless access point device is deployed, determine whether the distance is less than the maximum threshold, and send the determination result to the display module;
相应的, 所述显示模块, 还配置为在判断结果为是时, 显示数字证书 内容和验证通过信息; 在判断结果为否时, 显示验证未通过信息。 Correspondingly, the display module is also configured to display the content of the digital certificate and the verification passing information when the judgment result is yes; and to display the verification failure information when the judgment result is no.
9、 一种终端, 该终端包括: 连接验证模块和显示模块; 其中, 所述连接验证模块, 配置为在连接无线接入点设备时, 下载数字证书, 并验证数字证书是否完整有效, 将验证结果发送给显示模块; 所述显示模块, 配置为在验证结果为完整有效时, 显示数字证书内容 和险证通过信息; 配置为在险证结果为不完整有效时, 显示险证未通过信 9. A terminal, the terminal includes: a connection verification module and a display module; wherein the connection verification module is configured to download a digital certificate when connecting to a wireless access point device, and verify whether the digital certificate is complete and valid, and will verify The results are sent to the display module; The display module is configured to display the content of the digital certificate and the insurance certificate passing information when the verification result is complete and valid; and is configured to display the insurance certificate failure information when the insurance certificate result is incomplete and valid.
10、 根据权利要求 9所述的终端, 其中, 所述终端还包括: 搜索模块 和计算比较模块; 其中, 10. The terminal according to claim 9, wherein the terminal further includes: a search module and a calculation and comparison module; wherein,
所述搜索模块, 配置为在验证数字证书完整有效后, 通过自身支持的 GPS 功能搜索自身所在位置以及数字证书中记录的部署该无线接入点设备 的位置; The search module is configured to, after verifying that the digital certificate is complete and valid, search for its own location and the location where the wireless access point device is deployed recorded in the digital certificate through the GPS function it supports;
所述计算比较模块, 配置为计算自身所在位置与部署该无线接入点设 备的位置的距离并判断该距离是否小于最大阈值, 将判断结果发送给显示 模块; The calculation and comparison module is configured to calculate the distance between its own location and the location where the wireless access point device is deployed, determine whether the distance is less than the maximum threshold, and send the determination result to the display module;
相应的, 所述显示模块, 还配置为在判断结果为是时, 显示数字证书 内容和验证通过信息; 在判断结果为否时, 显示验证未通过信息。 Correspondingly, the display module is also configured to display the content of the digital certificate and the verification passing information when the judgment result is yes; and to display the verification failure information when the judgment result is no.
PCT/CN2013/078846 2012-12-26 2013-07-04 Wireless network access security verification method, system and terminal WO2013167020A2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201210575007.7 2012-12-26
CN201210575007.7A CN103052065B (en) 2012-12-26 2012-12-26 The safe verification method that a kind of wireless network accesses, system and terminal

Publications (2)

Publication Number Publication Date
WO2013167020A2 true WO2013167020A2 (en) 2013-11-14
WO2013167020A3 WO2013167020A3 (en) 2013-12-27

Family

ID=48064538

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2013/078846 WO2013167020A2 (en) 2012-12-26 2013-07-04 Wireless network access security verification method, system and terminal

Country Status (2)

Country Link
CN (1) CN103052065B (en)
WO (1) WO2013167020A2 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106982192A (en) * 2016-01-18 2017-07-25 天津赞普科技股份有限公司 The certification of variable cipher key chain and communication encryption mechanism for business WiFi
CN111586686A (en) * 2020-05-14 2020-08-25 中国联合网络通信集团有限公司 Method and system for network access authentication

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103052065B (en) * 2012-12-26 2016-03-30 中兴通讯股份有限公司 The safe verification method that a kind of wireless network accesses, system and terminal
CN104023336B (en) * 2014-06-13 2018-12-21 张力军 The radio switch-in method and mobile terminal of mobile terminal
CN106982191A (en) * 2016-01-18 2017-07-25 天津赞普科技股份有限公司 Embedded Credential-Security authentication communication mechanism for business WiFi
CN106982189A (en) * 2016-01-18 2017-07-25 天津赞普科技股份有限公司 Universal code key chain authentication mechanism for business WiFi

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101351047A (en) * 2007-07-17 2009-01-21 株式会社Ntt都科摩 Mobile terminal and method for executing scanning of radio signals
CN101547091A (en) * 2008-03-28 2009-09-30 上海华为技术有限公司 Method and device for transmitting information
CN103052065A (en) * 2012-12-26 2013-04-17 中兴通讯股份有限公司 Safety verification method and system for wireless network access, and terminal

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101351047A (en) * 2007-07-17 2009-01-21 株式会社Ntt都科摩 Mobile terminal and method for executing scanning of radio signals
CN101547091A (en) * 2008-03-28 2009-09-30 上海华为技术有限公司 Method and device for transmitting information
CN103052065A (en) * 2012-12-26 2013-04-17 中兴通讯股份有限公司 Safety verification method and system for wireless network access, and terminal

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106982192A (en) * 2016-01-18 2017-07-25 天津赞普科技股份有限公司 The certification of variable cipher key chain and communication encryption mechanism for business WiFi
CN111586686A (en) * 2020-05-14 2020-08-25 中国联合网络通信集团有限公司 Method and system for network access authentication

Also Published As

Publication number Publication date
CN103052065B (en) 2016-03-30
WO2013167020A3 (en) 2013-12-27
CN103052065A (en) 2013-04-17

Similar Documents

Publication Publication Date Title
TWI530894B (en) Method and related apparatus for information verification and apparatus thereof
WO2013167020A2 (en) Wireless network access security verification method, system and terminal
US10460309B2 (en) Payment verification method, apparatus and system
US8893243B2 (en) Method and system protecting against identity theft or replication abuse
US9887997B2 (en) Web authentication using client platform root of trust
EP3534584B1 (en) Service implementation method and apparatus
US20120254960A1 (en) Connecting mobile devices, internet-connected vehicles, and cloud services
CN104023336B (en) The radio switch-in method and mobile terminal of mobile terminal
WO2016053498A1 (en) Secure remote user device unlock
WO2014032612A1 (en) Method, device, server, system, and apparatus for preventing information leakage
JP2010165231A (en) Server authentication method and client terminal
CN104008325A (en) Mobile phone Wi-Fi network-connecting real name identity authentication platform and method based on two-dimension codes
CN105471815A (en) Internet-of-things data security method and Internet-of-things data security device based on security authentication
WO2017076216A1 (en) Server, mobile terminal, and internet real name authentication system and method
WO2015096501A1 (en) Method and apparatus for managing super user password on smart mobile terminal
WO2018045755A1 (en) Data transmission method and device in wifi network, and computer storage medium
CN109889474A (en) A kind of method and device of subscriber authentication
CN110135149A (en) A kind of method and relevant apparatus of application installation
CN105429934B (en) Method and apparatus, readable storage medium storing program for executing, the terminal of HTTPS connectivity verification
CN115378737A (en) Cross-domain device communication trust method, device, equipment and medium
JP6022704B2 (en) Method and terminal for message verification
CN105471920A (en) Identifying code processing method and device
CN107995214B (en) Website login method and related equipment
CN105592074A (en) Method and system of mobile device cooperation authentication on the basis of geographic position
CN107770143B (en) Method and device for verifying client validity

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 13787448

Country of ref document: EP

Kind code of ref document: A2

122 Ep: pct application non-entry in european phase

Ref document number: 13787448

Country of ref document: EP

Kind code of ref document: A2