WO2014166270A1 - Request authentication method, access point, service station and communication system - Google Patents

Request authentication method, access point, service station and communication system Download PDF

Info

Publication number
WO2014166270A1
WO2014166270A1 PCT/CN2013/088715 CN2013088715W WO2014166270A1 WO 2014166270 A1 WO2014166270 A1 WO 2014166270A1 CN 2013088715 W CN2013088715 W CN 2013088715W WO 2014166270 A1 WO2014166270 A1 WO 2014166270A1
Authority
WO
WIPO (PCT)
Prior art keywords
service
access point
site
authentication
request information
Prior art date
Application number
PCT/CN2013/088715
Other languages
French (fr)
Chinese (zh)
Inventor
杨浔
陶源
赵牧
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Publication of WO2014166270A1 publication Critical patent/WO2014166270A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W76/00Connection management
    • H04W76/30Connection release
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W76/00Connection management
    • H04W76/10Connection setup
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W84/00Network topologies
    • H04W84/02Hierarchically pre-organised networks, e.g. paging networks, cellular networks, WLAN [Wireless Local Area Network] or WLL [Wireless Local Loop]
    • H04W84/10Small scale networks; Flat hierarchical networks
    • H04W84/12WLAN [Wireless Local Area Networks]

Definitions

  • Embodiments of the present invention relate to a wireless communication technology, and in particular, to a request authentication method, apparatus, and system. Background technique
  • the basic service set includes an access point (AP) and at least one station (Station, STA), when the site includes a functional service site such as a projector or a printer, and the service site Once the associated authentication relationship with the access point has been established, services can be provided to other sites through the access point.
  • AP access point
  • STA station
  • AP access point
  • STA station
  • the site includes a functional service site such as a projector or a printer
  • the access point can select a service site for the site from which it can provide services from its associated service site. Since the access point can only select the service site from the associated service site for the site that needs to be serviced, in order to ensure that the site can obtain the service in time, each service site needs to maintain an association authentication relationship with the access point.
  • a first aspect of the embodiments of the present invention provides a method for requesting authentication, including:
  • the access point receives the service requirement information, where the service requirement information carries a service identifier, where the service identifier is identifier information of a service required by the site that needs to be served;
  • the access point selects a target service site that can provide a service corresponding to the service identifier; and performs authentication between the access point and the target service site.
  • performing authentication between the access point and the target service site includes: The access point sends the service request information to the target service site, where the service request information carries the service identifier, where the service request information is used by the target service site to determine whether the service identifier is provided. The ability of the corresponding service;
  • the access point sends, according to the service request success information, authentication request information to the target service station, where the authentication request information is used for authentication between the target service site and the access point.
  • performing authentication between the access point and the target service site includes:
  • the authentication between the access point and the target service site includes:
  • the access point sends the service request information to the target service site, where the service request information carries the service identifier, where the service request information is used by the target service site to determine whether the service identifier is provided.
  • the ability of the corresponding service
  • the access point receives the authentication request information sent by the target service site within a preset time, the access point performs authentication with the target service site, and the authentication request information is used by the target service site according to the The service request information is sent to the access point after having the capability to provide the service corresponding to the service identifier.
  • the method further includes:
  • the access point If the access point does not receive the authentication request information sent by the target service station within the preset time, the access point resends the service request information to the target service station.
  • the access point selecting, by the access point, the target service site that can provide the service corresponding to the service identifier includes: Incoming point selection can provide the service corresponding to the service identifier, and is in working time The service site within the segment acts as the target service site.
  • a second aspect of the embodiments of the present invention provides a method for requesting authentication, including:
  • the service station receives the service request information sent by the access point, where the service request information carries the capability of the service corresponding to the service identifier, where the service identifier is the service demand information sent by the access point from the site that needs to be served. Obtained in
  • a third aspect of the embodiments of the present invention provides a method for requesting authentication, including:
  • the service station receives the authentication request information that is sent by the access point and carries the service identifier, where the service identifier is obtained by the access point from the service requirement information sent by the site that needs to be served; After the service identifier determines the capability of providing the service corresponding to the service identifier, the service identifier is authenticated according to the authentication request information and the access point.
  • a fourth aspect of the embodiments of the present invention provides a method for requesting authentication, including:
  • the service station receives the service request information sent by the access point, where the service request information carries the capability of the service corresponding to the service identifier, where the service identifier is the service demand information sent by the access point from the site that needs to be served. Obtained in
  • the service station After the service station determines, according to the service request information, the capability of providing the service corresponding to the service identifier, the service station sends the authentication request information to the access point, where the authentication request information is used for the service site and the service site. Authenticate between access points.
  • a fifth aspect of the embodiments of the present invention provides an access point, including:
  • a receiving unit configured to receive service requirement information, where the service requirement information carries a service identifier, where the service identifier is identifier information of a service required by a station that needs to be served;
  • a selection unit configured to select a target service site that can provide a service corresponding to the service identifier
  • an authentication unit configured to perform authentication with the target service site.
  • the authentication unit is also used to:
  • the service request success information is sent to the target service site for authentication request information, where the authentication request information is used for authentication between the target service site and the access point.
  • the authentication unit is further configured to:
  • the authentication request information carrying the service identifier is sent to the target service site, and the capability of the service is subsequently authenticated with the access point.
  • the authentication unit is further configured to:
  • the service request information carries the service identifier
  • the service request information is used by the target service site to determine whether the service has the capability of providing the service identifier
  • the ability to provide a service corresponding to the service identifier is then sent to the access point.
  • the authenticating unit is further configured to:
  • the service request information is resent to the target service station.
  • the selecting unit is further configured to:
  • a service site that can provide the service corresponding to the service identifier and is in a valid working period is selected as the target service site.
  • a sixth aspect of the embodiments of the present invention provides a service site, including: a receiving unit, configured to receive service request information sent by the access point, where the service request information carries a service identifier, where the service request information is used by the service station to determine whether the service corresponding to the service identifier is provided Capability, the service identifier is obtained by the access point from service demand information sent by a site that needs to be served;
  • a sending unit configured to return, according to the service request information, the service request success information to the access point after determining the capability of providing the service corresponding to the service identifier
  • An authentication unit configured to receive, by the access point, authentication request information sent to the service site according to the service request success information, where the authentication request information is used between the service site and the access point Certify.
  • a seventh aspect of the embodiments of the present invention provides a service site, including:
  • a receiving unit configured to receive, by the access point, the authentication request information that carries the service identifier, where the service identifier is obtained by the access point from the service requirement information sent by the site that needs to be served;
  • an authentication unit configured to perform authentication according to the service request identifier and the access point according to the service identifier, after the capability of providing the service corresponding to the service identifier is determined.
  • An eighth aspect of the embodiments of the present invention provides a service site, including:
  • a receiving unit configured to receive service request information sent by the access point, where the service request information carries a service identifier, where the service request information is used by the service station to determine whether the service corresponding to the service identifier is provided Capability, the service identifier is obtained by the access point from service demand information sent by a site that needs to be served;
  • An authentication unit configured to send, according to the service request information, an ability to provide a service corresponding to the service identifier, to send, to the access point, authentication request information, where the authentication request information is used by the service site and the The access points are authenticated.
  • a ninth aspect of the embodiments of the present invention provides a communication system, including the foregoing site to be served, the foregoing access point, and the service site; the site to be served, the access point, and the Communication connection between service sites.
  • the request authentication method, device, and system provided by the embodiment of the present invention receive the service demand information by the access point, and select a target service site that can provide the service corresponding to the service identifier according to the service identifier carried in the service requirement information, and further, the target service site Authenticate between service sites. Since the access point can actively request an association authentication relationship with the service site, the service site no longer needs to be maintained.
  • the association authentication relationship with the access point the service site can cancel the association authentication relationship with the access point after the service is provided, and release the network resources accordingly, thereby improving the utilization of the network resources; Since the service site can only associate with one access point and the service requirements of the site at the same time, establishing or disassociating the authentication relationship with different access points improves the utilization and flexibility of the service site.
  • FIG. 1 is a flowchart of a method for requesting authentication according to an embodiment of the present invention
  • FIG. 2 is a flowchart of another method for requesting authentication according to an embodiment of the present invention.
  • FIG. 3 is a flowchart of still another method for requesting authentication according to an embodiment of the present invention.
  • FIG. 4 is a flowchart of still another method for requesting authentication according to an embodiment of the present invention.
  • FIG. 5 is a schematic structural diagram of an access point according to an embodiment of the present invention.
  • FIG. 5b is a schematic structural diagram of another access point according to an embodiment of the present disclosure.
  • 6a is a schematic structural diagram of a service site according to an embodiment of the present invention.
  • 6b is a schematic structural diagram of another service site according to an embodiment of the present invention.
  • FIG. 7a is a schematic structural diagram of another service site according to an embodiment of the present invention.
  • FIG. 7b is a schematic structural diagram of another service site according to an embodiment of the present invention.
  • FIG. 8 is a schematic structural diagram of another service site according to an embodiment of the present disclosure.
  • FIG. 8b is a schematic structural diagram of another service site according to an embodiment of the present invention.
  • FIG. 9 is a schematic structural diagram of a communication system according to an embodiment of the present invention. detailed description
  • the method for initiating the request authentication by the access point to the service site is introduced in the embodiments of the present invention.
  • the access point can initiate an action of establishing an association authentication relationship with the service site, so the service site no longer needs to remain with the access point. Associate the authentication relationship, after the service is provided, the association relationship with the access point can be canceled, and the network resources are released accordingly, thereby improving Utilization of network resources.
  • the site described in the embodiments of the present invention is a site that needs to use a service, and the service site is a site capable of providing a service.
  • the service site serves the site through the access point.
  • the service site can be a functional device such as a printer or projector.
  • FIG. 1 is a flowchart of a method for requesting authentication according to an embodiment of the present invention. As shown in FIG. 1, the method includes:
  • Step 101 The access point receives the service requirement information.
  • the service requirement information carries a service identifier, and the service identifier is identifier information of a service required by a site that needs to be served.
  • a site when a site needs to use a service, it can send service demand information to the access point.
  • the service requirement information carries the service identifier of the service that the site needs to use.
  • the access point can know which service the site needs to use through the service identifier.
  • the access point can learn the services that each service station can provide through information exchange with each service station connected to the communication; or the service station broadcasts the service broadcast that it can provide to the access point that it can communicate with. Therefore, the access point can learn the services that each service node can provide, and store the information in the access point in the form of the correspondence between the identifier of the service site and the service identifier. The access point is informed by the correspondence that which access service can be provided indirectly by the access point and which service site or services can be provided by the service site.
  • the station can learn information that the access point can provide indirectly by interacting with the access point; or, the access point broadcasts the service that it can provide indirectly to each site within its coverage. Therefore, the service identifier carried in the service requirement information sent by the site to the access point is the identifier information of the service that the access point can provide.
  • the station can communicate with a plurality of access points, the station can first determine which access point or services can provide the required services according to the above method, and then send the service demand information to the access point capable of providing the service.
  • the site may carry the service identifier in the service request information, the authentication request, the association request, or other information that the access point interacts with.
  • Step 102 The access point selects a target service site that can provide a service corresponding to the service identifier. Specifically, the access point searches for the correspondence between the stored service identifier and the identifier of the service site according to the service identifier in the service requirement information. If the access point finds one or more service sites corresponding to the service identifier in the correspondence, the one or more service sites may be respectively used as the target service site.
  • target service site may be one or more, and each target service site is one of the service sites, and is called a "target service site" in order to explicitly represent the object that communicates with the access point.
  • the site knows in advance the service that the access point can provide indirectly. If the site does not know in advance the service that the access point can provide indirectly, the access point may not find the target corresponding to the service identifier. Good service site.
  • the access point if it cannot find the target service site, it can communicate with the site to make the site aware that it cannot provide the service to the site indirectly.
  • Step 103 Perform authentication between the access point and the target service site.
  • the access point and the target service site perform the request for authentication, the following three processes may be implemented, and the specific method for requesting the authentication may use an implementation similar to that in the prior art.
  • the first type is that the service request information is sent by the access point to the target service station, and the service request information carries the service identifier obtained from the service requirement information; the target service station determines whether the service identifier is provided according to the service identifier. Identifying the capability of the corresponding service, if yes, returning the service request success information to the access point, and if not, returning the service request failure information to the access point; if the access point receives the service request success information, Sending the authentication request information to the target service site, and performing the authentication process between the two through the communication interaction between the access point and the target service site; if the access point receives the service request failure information, the subsequent authentication is not required to be initiated. Process.
  • the second method is: sending, by the access point, the authentication request information to the target service site, where the authentication request information carries the service identifier obtained from the service requirement information; after receiving the authentication request information, the target service site uses the The service identifier determines whether it has the ability to improve the service corresponding to the service identifier; if the target service site has the capability of providing the service corresponding to the service identifier, the authentication process between the two is performed through communication interaction with the access point. If the target service site does not have the capability to provide the service corresponding to the service identifier, the information for characterizing the failure is fed back to the access point.
  • the third type is that the service request information is sent by the access point to the target service station, and the service request information carries the service identifier obtained from the service requirement information; the target service station determines whether the service identifier is provided according to the service identifier. The ability to identify the corresponding service, and if so, to the connection The ingress returns the service request success information, and if not, returns the service request failure information to the access point; if the target service station returns the service request success information to the access point, it will continue to send the authentication request information to the access point. Through the communication interaction between the access point and the target service site, the authentication process between the two is performed; if the target service site returns the service request failure information to the access point, the subsequent authentication process is not required to be initiated.
  • an association authentication relationship can be established between the access point and the target service site. Moreover, during the association of the associated authentication relationship, both the access point and the target service site maintain an associated authentication relationship between the two.
  • the request authentication method provided by the embodiment of the present invention receives the service demand information by the access point, and selects a target service site that can provide the service corresponding to the service identifier according to the service identifier carried in the service requirement information, and further, between the target service site and the target service site. Certify. Since the access point can actively request an association authentication relationship with the service site, the service site no longer needs to maintain the association authentication relationship with the access point, and the service site can cancel the connection with the access point after providing the service. Associate the authentication relationship, and release the network resources accordingly, thereby improving the utilization of the network resources.
  • the The method can enable the service station to establish or de-associate the authentication relationship with different access points according to the service requirements of the access point and the site, thereby improving the utilization and flexibility of the service site.
  • FIG. 2 is a flowchart of another method for requesting authentication according to an embodiment of the present invention. As shown in FIG. 2, the method includes:
  • Step 201 The access point receives the service requirement information.
  • Step 202 The access point selects a target service site that can provide a service corresponding to the service identifier. For details, refer to the implementation manner described in step 102.
  • the access point selects a service site that can provide the service corresponding to the service identifier and is in a valid working period as the target service site.
  • each service station can work normally during which time period.
  • the access point queries one or more service sites that can provide the service corresponding to the service identifier After that, it is further determined whether the current time is within the effective working period of these service stations.
  • the access point queries for a service site that is capable of providing the service corresponding to the service identifier and is within the valid working period, it is used as the target service site.
  • the access point queries that there is no service site that can provide the service corresponding to the service identifier and is in the valid working period, but queries the service site that can provide the service corresponding to the service identifier, then the part can provide the service.
  • the site serves as the target service site; or the service site that is capable of providing the service but is not currently in a valid working period, and waits until its effective working time comes, and then uses it as the target service site.
  • the target site cannot be determined.
  • Step 203 The access point sends the service request information to the target service site.
  • the service request information carries the service identifier, and the service request information is specific.
  • the access point may send the service request information to each target service site in the following manner. .
  • the first is that after the access point sends the service request information to a target service site, it will wait to receive the reply from the target service site; if the access point receives the reply from the target service site, it can continue to serve other targets.
  • the station sends the service request information; if the access point does not receive the reply of the target service station after the waiting time exceeds a certain time, the service request information is continuously sent to other target service stations.
  • the second is that after the access point sends the service request information to a target service site, it can continue to send the service request information to other target service stations without waiting for the reply.
  • the third type is that the access point can use the multicast method to send the service request information to each target service station.
  • the access point may stop sending the service request information to other target service stations after receiving a reply from the target service station.
  • the access point may also send the service request information to all target service sites, and select a service site as a final target according to certain screening conditions from one or more target service sites that receive the reply within a certain period of time. Service site.
  • the above screening conditions may be service requirements of a site that needs to be served, for example Service type, time and price, etc.; can also communicate with the target service site and the access point, such as channel conditions, busyness, communication quality, support rate, etc. These parameters are available at the access point and target service. Obtained in the interaction of the site.
  • Step 204 The access point receives the service request success information sent by the target service station.
  • the service request success information is generated by the target service station according to the service request information, and is determined to have the capability of providing the service corresponding to the service identifier.
  • the target service station after receiving the service request information sent by the access point, the target service station needs to determine whether it has the capability of providing the service corresponding to the service identifier according to the service identifier in the service request information.
  • the ability to determine whether the service is provided includes the following aspects: whether the service item is available on the target service site; whether the target service site currently has an associated authentication relationship with other access points; whether the target service site is currently in the Normal working conditions, etc.
  • the judgment criteria are used to measure whether the target service site is capable of providing corresponding services, and can be set as needed.
  • the target service station determines that it has the capability of providing the service corresponding to the service identifier, returns the service request success information to the access point; if the target service site determines that it does not have the capability to provide the service corresponding to the service identifier , the service request failure information is returned to the access point.
  • Step 205 The access point sends the authentication request information to the target service site according to the service request success information.
  • the authentication request information is used for authentication between the target service site and the access point.
  • the access point if the access point receives the service request success information returned by the target service site, the access point sends the authentication request information to the target service site.
  • the purpose of the authentication request information is to authenticate between the target service site and the access point.
  • the method for authenticating between the target service site and the access point may use an implementation similar to that in the prior art.
  • FIG. 3 is a flowchart of still another method for requesting authentication according to an embodiment of the present invention. As shown in FIG. 3, the method includes:
  • Step 301 The access point receives the service requirement information.
  • Step 302 The access point selects a target service site that can provide a service corresponding to the service identifier. For details, refer to the implementation manners described in step 102 or 202.
  • Step 303 The access point sends, to the target service site, authentication request information that carries the service identifier.
  • the authentication request information is used for the target service station to perform authentication with the access point after determining the capability of providing the service corresponding to the service identifier.
  • the access point may directly send the authentication request information to the target service site, and carry the service identifier in the authentication request information.
  • the target service station may determine whether it is capable of providing the service according to the service identifier therein. For the implementation of determining whether the service capability is available, refer to the related content described in step 204.
  • the access point sends the authentication request information. For details, see the method for sending the service request information in step 203.
  • the target service site determines that it has the capability to provide the service, it performs authentication between the two through communication interaction with the access point; if the target service site determines that it does not have the service provided Capability, no authentication between the two.
  • the purpose of the authentication request information is to authenticate between the target service site and the access point.
  • the method for authenticating between the target service site and the access point may use an implementation similar to that in the prior art.
  • FIG. 4 is a flowchart of still another method for requesting authentication according to an embodiment of the present invention. As shown in FIG. 4, the method includes:
  • Step 401 The access point receives the service requirement information.
  • Step 402 The access point selects a target service site that can provide a service corresponding to the service identifier. For details, refer to the implementation described in step 102 or 202.
  • Step 403 The access point sends the service request information to the target service station.
  • the service request information carries the service identifier, and the service request information is specific. For details, refer to the implementation manner described in step 203.
  • Step 404 The service station determines, according to the service request information, that the device has the capability of providing the service corresponding to the service identifier, and sends the authentication request information to the access point.
  • the authentication request information is used for authentication with the service site. Specifically, after receiving the service request information sent by the access point, the target service station needs to determine whether it has the capability of providing the service corresponding to the service identifier according to the service identifier in the service request information.
  • the ability to determine whether the service is provided includes the following aspects: whether the service item is available on the target service site; whether the target service site currently has an associated authentication relationship with other access points; whether the target service site is currently in the Normal working conditions, etc.
  • the judgment criteria are used to measure whether the target service site is capable of providing corresponding services, and can be set as needed.
  • the target service station determines that it has the capability of providing the service corresponding to the service identifier, it returns service request success information to the access point, and sends the authentication request information to the access point. If the target service site determines that it does not have the capability to provide the service corresponding to the service identifier, the service request failure information is returned to the access point, and the authentication request information is not sent to the access point.
  • Step 405 If the access point receives the authentication request information sent by the target service station within a preset time, the access point performs authentication with the target service station.
  • the access point is pre-set with a length of time to represent the maximum time that the access point can wait to receive the authentication request information after sending the service request information to the target service station.
  • the access point determines whether the authentication request information sent by the target service station is received within the preset time.
  • the access point receives the authentication request information within a preset time, the authentication process between the two is performed through communication interaction with the target service site.
  • the purpose of the authentication request information is to authenticate between the target service site and the access point.
  • the method for authenticating between the target service site and the access point may use an implementation similar to that in the prior art.
  • the service request information may be resent to the target service site; or may not be resent. Or send the service request information to other target service sites.
  • FIG. 5a is a schematic structural diagram of an access point according to an embodiment of the present invention. As shown in FIG. 5a, the access point includes: a receiving unit 11, a selecting unit 12, and an authenticating unit 13.
  • the receiving unit 11 is configured to receive service requirement information, where the service requirement information carries a service identifier, where the service identifier is identifier information of a service required by a site that needs to be served;
  • the selecting unit 12 is configured to select a target service site that can provide a service corresponding to the service identifier;
  • the authentication unit 13 is configured to perform authentication with the target service site.
  • the authentication unit 13 is further configured to:
  • the service request success information is sent to the target service site for authentication request information, where the authentication request information is used for authentication between the target service site and the access point.
  • the authentication unit 13 is further configured to:
  • the authentication unit 13 is further configured to:
  • the service request information carries the service identifier
  • the service request information is used by the target service site to determine whether the service has the capability of providing the service identifier
  • the ability to provide a service corresponding to the service identifier is then sent to the access point.
  • the authentication unit 13 is further configured to:
  • the service request information is resent to the target service station.
  • selecting unit 12 is further configured to:
  • a service site that can provide the service corresponding to the service identifier and is in a valid working period is selected as the target service site.
  • FIG. 5b is a schematic structural diagram of another access point according to an embodiment of the present invention.
  • the access point includes: a processor 21, a memory 22, a bus 23, and a communication interface 24.
  • the processor 21, the memory 22 and the communication interface 24 are connected by a bus 23 and communicate with each other.
  • the processor 21 may be a single core or multi-core central processing unit (Central Processing Unit, The CPU), either an Application Specific Integrated Circuit (ASIC), or one or more integrated circuits configured to implement embodiments of the present invention.
  • CPU Central Processing Unit
  • ASIC Application Specific Integrated Circuit
  • the memory 22 can be a high speed RAM memory or a non-volatile memory, and at least one disk can be stored.
  • the memory 22 is used to store the program 221.
  • the program 221 may include program code, where the program code includes computer operation instructions.
  • the communication interface 24 is configured to receive service requirement information, where the service requirement information carries a service identifier, and the service identifier is identifier information of a service required by a site that needs to be served.
  • the processor 21 runs the program 221 to execute:
  • the method for requesting authentication by the access point provided by the embodiment of the present invention can refer to the operation steps described in the foregoing method embodiment.
  • the access point provided by the embodiment of the present invention receives the service requirement information, and selects a target service site that can provide a service corresponding to the service identifier according to the service identifier carried in the service requirement information, and then performs authentication with the target service site. Since the access point can actively request an association authentication relationship with the service site, the service site no longer needs to maintain the association authentication relationship with the access point, and the service site can cancel the connection with the access point after providing the service. Associate the authentication relationship, and release the network resources accordingly, thereby improving the utilization of the network resources.
  • the The method can enable the service station to establish or de-associate the authentication relationship with different access points according to the service requirements of the access point and the site, thereby improving the utilization and flexibility of the service site.
  • FIG. 6 is a schematic structural diagram of a service site according to an embodiment of the present invention.
  • the service site includes: a receiving unit 31, a sending unit 32, and an authentication unit 33.
  • the receiving unit 31 is configured to receive service request information sent by the access point, where the service request information carries a service identifier, where the service request information is used by the service station to determine whether the service corresponding to the service identifier is provided. Capability, the service identifier is obtained by the access point from service demand information sent by a site that needs to be served;
  • the sending unit 32 is configured to: after determining, according to the service request information, the capability of providing the service corresponding to the service identifier, return service request success information to the access point;
  • the authentication unit 33 is configured to receive authentication request information sent by the access point to the service site according to the service request success information, where the authentication request information is used for authentication with the service site.
  • FIG. 6b is a schematic structural diagram of another service site according to an embodiment of the present invention.
  • the service site includes: a processor 41, a memory 42, a bus 43, and a communication interface 44.
  • the processor 41, the memory 42 and the communication interface 44 are connected by a bus 43 and communicate with each other.
  • the processor 41 may be a single core or multi-core central processing unit (CPU), or an Application Specific Integrated Circuit (ASIC), or one or more integrated systems configured to implement the embodiments of the present invention. Circuit.
  • CPU central processing unit
  • ASIC Application Specific Integrated Circuit
  • the memory 42 can be a high speed RAM memory or a nonvolatile memory.
  • At least one disk is stored in the program.
  • the memory 42 is used to store the program 421.
  • the program 421 may include program code, where the program code includes computer operation instructions.
  • the communication interface 44 is configured to receive the service request information sent by the access point, where the service request information carries a service identifier, where the service request information is used by the service station to determine whether the service corresponding to the service identifier is provided. Capability, the service identifier is obtained by the access point from service demand information sent by a site that needs to be served.
  • the processor 41 runs the program 421 to execute:
  • the service request success information Determining, after determining the capability of providing the service corresponding to the service identifier, the service request success information to the access point according to the service request information; receiving the access point according to the service request success information, to the Authentication request information sent by the service site, where the authentication request information is used for authentication between the service site and the access point.
  • the method for receiving the request authentication by the service site provided by the embodiment of the present invention may refer to the operation steps described in the foregoing method embodiment.
  • the service station receives the service request information sent by the access point, and after determining the capability of providing the service corresponding to the service identifier according to the service request information, the service request is successfully returned to the access point.
  • the service site can cancel the association authentication relationship with the access point after providing the service, and release the network resources accordingly, thereby improving the utilization of network resources; in addition, since the service site is only at the same time
  • the method can be associated with an access point, and the method in the embodiment of the present invention can enable the service station to establish or cancel the association relationship with different access points according to the service requirements of the access point and the site, thereby improving the authentication relationship. Service site utilization and flexibility.
  • FIG. 7a is a schematic structural diagram of another service site according to an embodiment of the present invention.
  • the service site includes: a receiving unit 51 and an authentication unit 52.
  • the receiving unit 51 is configured to receive, by the access point, the authentication request information that carries the service identifier, where the service identifier is obtained by the access point from the service requirement information sent by the site that needs to be served;
  • the authentication unit 52 is configured to perform authentication according to the authentication request information and the access point after determining, according to the service identifier, the capability of providing the service corresponding to the service identifier.
  • FIG. 7b is a schematic structural diagram of another service site according to an embodiment of the present invention.
  • the service site includes: a processor 61, a memory 62, a bus 63, and a communication interface 64.
  • the processor 61, the memory 62 and the communication interface 64 are connected by a bus 63 and communicate with each other.
  • the processor 61 may be a single core or multi-core central processing unit (CPU), or an Application Specific Integrated Circuit (ASIC), or one or more integrated systems configured to implement the embodiments of the present invention. Circuit.
  • CPU central processing unit
  • ASIC Application Specific Integrated Circuit
  • the memory 62 can be a high speed RAM memory or a non-volatile memory, and at least one disk can be stored.
  • the memory 62 is used to store the program 621.
  • the program 421 may include program code, where the program code includes computer operation instructions.
  • the communication interface 64 is configured to receive the authentication request information that is sent by the access point and carries the service identifier, where the service identifier is obtained by the access point from the service requirement information sent by the site that needs to be served.
  • the processor 61 runs the program 621 to execute:
  • the method for receiving the request for authentication by the service site provided by the embodiment of the present invention can be referred to the operation steps described in the foregoing method embodiment.
  • the service station provided by the embodiment of the present invention receives the authentication request information that is sent by the access point and carries the service identifier, and after determining the capability of providing the service corresponding to the service identifier according to the service identifier, according to the authentication request information, The authentication is performed between the access points. Because the access point can actively request to establish an association authentication relationship with the service site, the service site no longer needs to maintain the association authentication relationship with the access point.
  • the service site can be provided.
  • the association relationship between the access point and the access point is cancelled, and the network resources are released accordingly, thereby improving the utilization of the network resources.
  • the service station can only be associated with one access point at the same time. The service requirements of the site, establishing or disassociating authentication relationships with different access points, improve the utilization and flexibility of the service site.
  • FIG. 8 is a schematic structural diagram of another service site according to an embodiment of the present invention.
  • the service site includes: a receiving unit 71 and an authentication unit 72.
  • the receiving unit 71 is configured to receive service request information sent by the access point, where the service request information carries a service identifier, where the service request information is used by the service site to determine whether the service corresponding to the service identifier is provided. Capability, the service identifier is obtained by the access point from service demand information sent by a site that needs to be served;
  • the authentication unit 72 is configured to: after determining, according to the service request information, the capability of providing the service corresponding to the service identifier, send the authentication request information to the access point, where the authentication request information is used for the service site Authenticate between.
  • FIG. 8b is a schematic structural diagram of another service site according to an embodiment of the present invention.
  • the service site includes: a processor 81, a memory 82, a bus 83, and a communication interface 84.
  • the processor 81, the memory 82, and the communication interface 84 are connected by a bus 83 and communicate with each other.
  • the processor 81 may be a single core or multi-core central processing unit (CPU), or an Application Specific Integrated Circuit (ASIC), or one or more integrated systems configured to implement the embodiments of the present invention. Circuit.
  • CPU central processing unit
  • ASIC Application Specific Integrated Circuit
  • the memory 82 may be a high speed RAM memory or a non-volatile memory, and at least one of the disks may be stored.
  • the memory 82 is used to store the program 821.
  • the program 821 may include program code, where the program code includes computer operation instructions.
  • the communication interface 84 is configured to receive service request information sent by the access point, where the service request information is Carrying a service identifier, where the service request information is used by the service site to determine whether it has the capability of providing a service corresponding to the service identifier, where the service identifier is sent by the access point from a site that needs to be served. Obtained in the service demand information.
  • the processor 81 runs the program 821 to execute:
  • the method for receiving the request authentication by the service site provided by the embodiment of the present invention may refer to the operation steps described in the foregoing method embodiment.
  • the service station receives the service request information sent by the access point, and after determining the capability of providing the service corresponding to the service identifier, according to the service request information, sending the authentication request information to the access point.
  • the authentication request information is used for authentication between the service site and the access point; since the access point can actively request to establish an association authentication relationship with the service site, the service site no longer needs to be maintained and accessed at all times.
  • the association authentication relationship between the points, the service site can cancel the association authentication relationship with the access point after the service is provided, and release the network resources accordingly, thereby improving the utilization of the network resources;
  • the site can only associate with one access point at the same time, and the method in the embodiment of the present invention can enable the service station to establish or de-associate with different access points according to the service requirements of the access point and the site.
  • the authentication relationship improves the utilization and flexibility of the service site.
  • FIG. 9 is a schematic structural diagram of a communication system according to an embodiment of the present invention.
  • the communication system includes a site 1 to be served, an access point 2 as shown in FIG. 5a or 5b, and a service site 3.
  • the service site 3 can be as shown in FIG. 6a or 6b, as shown in FIG. 7a or 7b, and can also be as shown in FIG. 8a or 8b.
  • the method for implementing the request for authentication in the communication system provided by the embodiment of the present invention may be referred to the operation steps described in the foregoing method embodiments.
  • the aforementioned program can be stored in a computer readable storage medium.
  • the program when executed, performs the steps including the foregoing method embodiments; and the foregoing storage medium includes: ROM, RAM, disk or optical disk, and the like, which can store program codes. Medium.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Telephonic Communication Services (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

Disclosed are a request authentication method, an access point, a service station and a communication system. The request authentication method comprises: the access point receiving service demand information (101) carrying a service identifier as identification information of the desired service by a station to be serviced; the access point selecting a target service station which is capable of providing the service corresponding to the service identifier (102); the access point performing authentication with the target service station (103). Because the access point can actively request to establish correlation authentication relationship with the service station, the service station no longer needs to keep the correlation authentication relationship with the access point all the time. The service station can cancel the correlation authentication relationship with the access point after the service has been provided, and correspondingly release this part of the network resources, so as to improve the utilization rate of the network resources. Moreover, the service station can establish or cancel the correlation authentication relationship with the access point according to the service demand of the access point and the station, and the utilization rate and flexibility of the service station can thus be improved.

Description

说 明 书 请求认证方法、 接入点、 服务站点及通信系统  Description of the book request authentication method, access point, service site and communication system
技术领域 本发明实施例涉及无线通信技术, 尤其涉及一种请求认证方法、 装置及 系统。 背景技术 TECHNICAL FIELD Embodiments of the present invention relate to a wireless communication technology, and in particular, to a request authentication method, apparatus, and system. Background technique
基本服务集 ( basic service set, BSS ) 包括一个接入点 ( Access point, AP ) 以及至少一个站点 (Station, STA ) , 当站点中包括投影仪或打印机 等功能性的服务站点时, 并且服务站点已建立与接入点的关联认证关系 后, 就可以通过接入点向其他站点提供服务。  The basic service set (BSS) includes an access point (AP) and at least one station (Station, STA), when the site includes a functional service site such as a projector or a printer, and the service site Once the associated authentication relationship with the access point has been established, services can be provided to other sites through the access point.
当某个站点需要使用某项服务时,接入点可以从其已关联的服务站点 中, 为该站点选择能够提供该项服务的服务站点。 由于接入点仅能够从已 关联的服务站点中为需要服务的站点选择服务站点, 因此为了保证站点能 够及时地获得服务, 各服务站点需要保持与接入点之间的关联认证关系。  When a site needs to use a service, the access point can select a service site for the site from which it can provide services from its associated service site. Since the access point can only select the service site from the associated service site for the site that needs to be serviced, in order to ensure that the site can obtain the service in time, each service site needs to maintain an association authentication relationship with the access point.
服务站点保持与接入点之间的关联认证关系会占用网络资源, 而服务 站点并不总是处于为其他站点提供服务的工作状态。 当服务站点占用着网 络资源与接入点保持关联认证关系, 而处于等待为其他站点提供服务的空 闲状态时, 会降低网络资源的利用率。 发明内容 本发明实施例的第一个方面是提供一种请求认证方法, 包括:  The service site maintains an association authentication relationship with the access point that occupies network resources, and the service site is not always in a working state for providing services to other sites. When the service site occupies the network resource and maintains the associated authentication relationship with the access point, while waiting for the idle state to provide services for other sites, the utilization of network resources is reduced. SUMMARY OF THE INVENTION A first aspect of the embodiments of the present invention provides a method for requesting authentication, including:
接入点接收服务需求信息, 所述服务需求信息中携带有服务标识, 所述 服务标识为需要被服务的站点所需的服务的标识信息;  The access point receives the service requirement information, where the service requirement information carries a service identifier, where the service identifier is identifier information of a service required by the site that needs to be served;
所述接入点选择可提供所述服务标识对应的服务的目标服务站点; 所述接入点与所述目标服务站点之间进行认证。  The access point selects a target service site that can provide a service corresponding to the service identifier; and performs authentication between the access point and the target service site.
结合第一个方面提供的请求认证方法, 在第一种可能的实现方式中, 所 述接入点与所述目标服务站点之间进行认证包括: 所述接入点向所述目标服务站点发送服务请求信息, 所述服务请求信息 中携带有所述服务标识, 所述服务请求信息用于供所述目标服务站点确定是 否具有提供所述服务标识对应的服务的能力; In conjunction with the request authentication method provided by the first aspect, in a first possible implementation manner, performing authentication between the access point and the target service site includes: The access point sends the service request information to the target service site, where the service request information carries the service identifier, where the service request information is used by the target service site to determine whether the service identifier is provided. The ability of the corresponding service;
所述接入点接收所述目标服务站点发送的服务请求成功信息, 所述服务 请求成功信息由所述目标服务站点根据所述服务请求信息, 确定具有提供所 述服务标识对应的服务的能力之后生成;  Receiving, by the access point, the service request success information sent by the target service station, where the service request success information is determined by the target service station according to the service request information, and having the capability of providing the service corresponding to the service identifier Generate
所述接入点根据所述服务请求成功信息, 向所述目标服务站点发送认证 请求信息, 所述认证请求信息用于供所述目标服务站点与所述接入点之间进 行认证。  And the access point sends, according to the service request success information, authentication request information to the target service station, where the authentication request information is used for authentication between the target service site and the access point.
结合第一个方面提供的请求认证方法, 在第二种可能的实现方式中, 所 述接入点与所述目标服务站点之间进行认证包括:  In conjunction with the request authentication method provided by the first aspect, in a second possible implementation manner, performing authentication between the access point and the target service site includes:
所述接入点向所述目标服务站点发送携带有所述服务标识的认证请求信 息, 所述认证请求信息用于供所述目标服务站点在确定具有提供所述服务标 识对应的服务的能力之后与所述接入点之间进行认证。  Sending, by the access point, the authentication request information that carries the service identifier to the target service site, where the authentication request information is used by the target service site after determining that the capability of providing the service corresponding to the service identifier is determined Authentication is performed with the access point.
结合第一个方面提供的请求认证方法, 在第三种可能的实现方式中, 所 述接入点与所述目标服务站点之间进行认证包括:  In conjunction with the request authentication method provided by the first aspect, in a third possible implementation, the authentication between the access point and the target service site includes:
所述接入点向所述目标服务站点发送服务请求信息, 所述服务请求信息 中携带有所述服务标识, 所述服务请求信息用于供所述目标服务站点确定是 否具有提供所述服务标识对应的服务的能力;  The access point sends the service request information to the target service site, where the service request information carries the service identifier, where the service request information is used by the target service site to determine whether the service identifier is provided. The ability of the corresponding service;
所述接入点若在预设时间内接收到所述目标服务站点发送的认证请求信 息, 则与所述目标服务站点之间进行认证, 所述认证请求信息由所述目标服 务站点根据所述服务请求信息在具有提供所述服务标识对应的服务的能力之 后发送给所述接入点。  If the access point receives the authentication request information sent by the target service site within a preset time, the access point performs authentication with the target service site, and the authentication request information is used by the target service site according to the The service request information is sent to the access point after having the capability to provide the service corresponding to the service identifier.
结合第一个方面的第三种可能的实现方式,在第四种可能的实现方式中, 所述方法还包括:  In conjunction with the third possible implementation of the first aspect, in a fourth possible implementation, the method further includes:
所述接入点若在所述预设时间内未接收到所述目标服务站点发送的所述 认证请求信息, 则重新向所述目标服务站点发送所述服务请求信息。  If the access point does not receive the authentication request information sent by the target service station within the preset time, the access point resends the service request information to the target service station.
结合第一个方面或第一至四种可能的实现方式, 在第五种可能的实现方 式中,所述接入点选择可提供所述服务标识对应的服务的目标服务站点包括: 所述接入点选择可提供所述服务标识对应的服务的、 且处于有效工作时 段内的服务站点作为目标服务站点。 With reference to the first aspect or the first to fourth possible implementation manners, in a fifth possible implementation manner, the access point selecting, by the access point, the target service site that can provide the service corresponding to the service identifier includes: Incoming point selection can provide the service corresponding to the service identifier, and is in working time The service site within the segment acts as the target service site.
本发明实施例的第二个方面是提供一种请求认证方法, 包括:  A second aspect of the embodiments of the present invention provides a method for requesting authentication, including:
服务站点接收接入点发送的服务请求信息, 所述服务请求信息中携带有 务标识对应的服务的能力, 所述服务标识是所述接入点从需要被服务的站点 所发送的服务需求信息中获得的;  The service station receives the service request information sent by the access point, where the service request information carries the capability of the service corresponding to the service identifier, where the service identifier is the service demand information sent by the access point from the site that needs to be served. Obtained in
所述服务站点根据所述服务请求信息, 确定具有提供所述服务标识对应 的服务的能力之后, 向所述接入点返回服务请求成功信息;  Determining, by the service station, the service request success information to the access point after determining that the service has the capability of providing the service corresponding to the service identifier according to the service request information;
所述服务站点接收所述接入点根据所述服务请求成功信息, 向所述服务 站点发送的认证请求信息, 所述认证请求信息用于供所述服务站点与所述接 入点之间进行认证。  Receiving, by the service station, authentication request information sent by the access point to the service site according to the service request success information, where the authentication request information is used between the service site and the access point. Certification.
本发明实施例的第三个方面是提供一种请求认证方法, 包括:  A third aspect of the embodiments of the present invention provides a method for requesting authentication, including:
服务站点接收接入点发送的携带有服务标识的认证请求信息, 所述服务 标识是所述接入点从需要被服务的站点所发送的服务需求信息中获得的; 所述服务站点根据所述服务标识确定具有提供所述服务标识对应的服务 的能力之后, 根据所述认证请求信息与所述接入点之间进行认证。  The service station receives the authentication request information that is sent by the access point and carries the service identifier, where the service identifier is obtained by the access point from the service requirement information sent by the site that needs to be served; After the service identifier determines the capability of providing the service corresponding to the service identifier, the service identifier is authenticated according to the authentication request information and the access point.
本发明实施例的第四个方面是提供一种请求认证方法, 包括:  A fourth aspect of the embodiments of the present invention provides a method for requesting authentication, including:
服务站点接收接入点发送的服务请求信息, 所述服务请求信息中携带有 务标识对应的服务的能力, 所述服务标识是所述接入点从需要被服务的站点 所发送的服务需求信息中获得的;  The service station receives the service request information sent by the access point, where the service request information carries the capability of the service corresponding to the service identifier, where the service identifier is the service demand information sent by the access point from the site that needs to be served. Obtained in
所述服务站点根据所述服务请求信息, 确定具有提供所述服务标识对应 的服务的能力之后, 向所述接入点发送认证请求信息, 所述认证请求信息用 于供所述服务站点与所述接入点之间进行认证。  After the service station determines, according to the service request information, the capability of providing the service corresponding to the service identifier, the service station sends the authentication request information to the access point, where the authentication request information is used for the service site and the service site. Authenticate between access points.
本发明实施例的第五个方面是提供一种接入点, 包括:  A fifth aspect of the embodiments of the present invention provides an access point, including:
接收单元, 用于接收服务需求信息, 所述服务需求信息中携带有服务标 识, 所述服务标识为需要被服务的站点所需的服务的标识信息;  a receiving unit, configured to receive service requirement information, where the service requirement information carries a service identifier, where the service identifier is identifier information of a service required by a station that needs to be served;
选择单元, 用于选择可提供所述服务标识对应的服务的目标服务站点; 认证单元, 用于与所述目标服务站点之间进行认证。  a selection unit, configured to select a target service site that can provide a service corresponding to the service identifier; and an authentication unit, configured to perform authentication with the target service site.
结合第五个方面提供的接入点, 在第一种可能的实现方式中, 所述认证 单元还用于: In conjunction with the access point provided by the fifth aspect, in a first possible implementation manner, the authentication The unit is also used to:
向所述目标服务站点发送服务请求信息, 所述服务请求信息中携带有所 述服务标识, 所述服务请求信息用于供所述目标服务站点确定是否具有提供 所述服务标识对应的服务的能力; 接收所述目标服务站点发送的服务请求成 功信息,所述服务请求成功信息由所述目标服务站点根据所述服务请求信息, 确定具有提供所述服务标识对应的服务的能力之后生成; 根据所述服务请求 成功信息, 向所述目标服务站点发送认证请求信息, 所述认证请求信息用于 供所述目标服务站点与所述接入点之间进行认证。  Sending the service request information to the target service site, where the service request information carries the service identifier, where the service request information is used by the target service site to determine whether the service has the capability of providing the service identifier Receiving service request success information sent by the target service station, where the service request success information is generated by the target service station according to the service request information, and having the capability of providing the service corresponding to the service identifier; The service request success information is sent to the target service site for authentication request information, where the authentication request information is used for authentication between the target service site and the access point.
结合第五个方面提供的接入点, 在第二种可能的实现方式中, 所述认证 单元还用于:  In conjunction with the access point provided by the fifth aspect, in a second possible implementation, the authentication unit is further configured to:
向所述目标服务站点发送携带有所述服务标识的认证请求信息, 所述认 务的能力之后与所述接入点之间进行认证。  The authentication request information carrying the service identifier is sent to the target service site, and the capability of the service is subsequently authenticated with the access point.
结合第五个方面提供的接入点, 在第三种可能的实现方式中, 所述认证 单元还用于:  In conjunction with the access point provided by the fifth aspect, in a third possible implementation, the authentication unit is further configured to:
向所述目标服务站点发送服务请求信息, 所述服务请求信息中携带有所 述服务标识, 所述服务请求信息用于供所述目标服务站点确定是否具有提供 所述服务标识对应的服务的能力; 在预设时间内接收到所述目标服务站点发 送的认证请求信息时, 与所述目标服务站点之间进行认证, 所述认证请求信 息由所述目标服务站点根据所述服务请求信息, 确定具有提供所述服务标识 对应的服务的能力之后发送给所述接入点。  Sending the service request information to the target service site, where the service request information carries the service identifier, where the service request information is used by the target service site to determine whether the service has the capability of providing the service identifier And performing authentication between the target service station and the target service station when the authentication request information sent by the target service station is received within a preset time, where the authentication request information is determined by the target service station according to the service request information. The ability to provide a service corresponding to the service identifier is then sent to the access point.
结合第五个方面的第三种可能的实现方式,在第四种可能的实现方式中, 所述认证单元还用于:  In conjunction with the third possible implementation of the fifth aspect, in a fourth possible implementation, the authenticating unit is further configured to:
在所述预设时间内未接收到所述目标服务站点发送的所述认证请求信息 时, 重新向所述目标服务站点发送所述服务请求信息。  And when the authentication request information sent by the target service station is not received within the preset time, the service request information is resent to the target service station.
结合第五个方面或第一至四种可能的实现方式, 在第五种可能的实现方 式中, 所述选择单元还用于:  In combination with the fifth aspect or the first to fourth possible implementation manners, in a fifth possible implementation manner, the selecting unit is further configured to:
选择可提供所述服务标识对应的服务的、 且处于有效工作时段内的服务 站点作为目标服务站点。  A service site that can provide the service corresponding to the service identifier and is in a valid working period is selected as the target service site.
本发明实施例的第六个方面是提供一种服务站点, 包括: 接收单元, 用于接收接入点发送的服务请求信息, 所述服务请求信息中 携带有服务标识, 所述服务请求信息用于供所述服务站点确定是否具有提供 所述服务标识对应的服务的能力, 所述服务标识是所述接入点从需要被服务 的站点所发送的服务需求信息中获得的; A sixth aspect of the embodiments of the present invention provides a service site, including: a receiving unit, configured to receive service request information sent by the access point, where the service request information carries a service identifier, where the service request information is used by the service station to determine whether the service corresponding to the service identifier is provided Capability, the service identifier is obtained by the access point from service demand information sent by a site that needs to be served;
发送单元, 用于根据所述服务请求信息, 确定具有提供所述服务标识对 应的服务的能力之后, 向所述接入点返回服务请求成功信息;  a sending unit, configured to return, according to the service request information, the service request success information to the access point after determining the capability of providing the service corresponding to the service identifier;
认证单元, 用于接收所述接入点根据所述服务请求成功信息, 向所述服 务站点发送的认证请求信息, 所述认证请求信息用于供所述服务站点与所述 接入点之间进行认证。  An authentication unit, configured to receive, by the access point, authentication request information sent to the service site according to the service request success information, where the authentication request information is used between the service site and the access point Certify.
本发明实施例的第七个方面是提供一种服务站点, 包括:  A seventh aspect of the embodiments of the present invention provides a service site, including:
接收单元, 用于接收接入点发送的携带有服务标识的认证请求信息, 所 述服务标识是所述接入点从需要被服务的站点所发送的服务需求信息中获得 的;  a receiving unit, configured to receive, by the access point, the authentication request information that carries the service identifier, where the service identifier is obtained by the access point from the service requirement information sent by the site that needs to be served;
认证单元, 用于根据所述服务标识确定具有提供所述服务标识对应的服 务的能力之后, 根据所述认证请求信息与所述接入点之间进行认证。  And an authentication unit, configured to perform authentication according to the service request identifier and the access point according to the service identifier, after the capability of providing the service corresponding to the service identifier is determined.
本发明实施例的第八个方面是提供一种服务站点, 包括:  An eighth aspect of the embodiments of the present invention provides a service site, including:
接收单元, 用于接收接入点发送的服务请求信息, 所述服务请求信息中 携带有服务标识, 所述服务请求信息用于供所述服务站点确定是否具有提供 所述服务标识对应的服务的能力, 所述服务标识是所述接入点从需要被服务 的站点所发送的服务需求信息中获得的;  a receiving unit, configured to receive service request information sent by the access point, where the service request information carries a service identifier, where the service request information is used by the service station to determine whether the service corresponding to the service identifier is provided Capability, the service identifier is obtained by the access point from service demand information sent by a site that needs to be served;
认证单元, 用于根据所述服务请求信息, 确定具有提供所述服务标识对 应的服务的能力之后, 向所述接入点发送认证请求信息, 所述认证请求信息 用于供所述服务站点与所述接入点之间进行认证。  An authentication unit, configured to send, according to the service request information, an ability to provide a service corresponding to the service identifier, to send, to the access point, authentication request information, where the authentication request information is used by the service site and the The access points are authenticated.
本发明实施例的第九个方面是提供一种通信系统, 包括上述需要被服务 的站点、 上述接入点, 以及上述服务站点; 所述需要被服务的站点、 所述接 入点以及所述服务站点之间通信连接。  A ninth aspect of the embodiments of the present invention provides a communication system, including the foregoing site to be served, the foregoing access point, and the service site; the site to be served, the access point, and the Communication connection between service sites.
本发明实施例提供的请求认证方法、 装置及系统, 由接入点接收服务需 求信息, 根据服务需求信息中携带的服务标识, 选择可提供服务标识对应的 服务的目标服务站点, 进而与该目标服务站点之间进行认证。 由于接入点可 以主动请求与服务站点建立关联认证关系, 因此服务站点不再需要一直保持 与接入点之间的关联认证关系, 服务站点可以在提供完服务之后取消与接入 点之间的关联认证关系 , 相应地对这部分网络资源进行释放, 从而提高网络 资源的利用率; 此外, 由于服务站点在同一时刻只能与一个接入点存在关联 和站点的服务需求, 与不同的接入点建立或取消关联认证关系, 提高了服务 站点的利用率和灵活性。 附图说明 The request authentication method, device, and system provided by the embodiment of the present invention receive the service demand information by the access point, and select a target service site that can provide the service corresponding to the service identifier according to the service identifier carried in the service requirement information, and further, the target service site Authenticate between service sites. Since the access point can actively request an association authentication relationship with the service site, the service site no longer needs to be maintained. The association authentication relationship with the access point, the service site can cancel the association authentication relationship with the access point after the service is provided, and release the network resources accordingly, thereby improving the utilization of the network resources; Since the service site can only associate with one access point and the service requirements of the site at the same time, establishing or disassociating the authentication relationship with different access points improves the utilization and flexibility of the service site. DRAWINGS
图 1为本发明实施例提供的请求认证方法的流程图;  FIG. 1 is a flowchart of a method for requesting authentication according to an embodiment of the present invention;
图 2为本发明实施例提供的另一请求认证方法的流程图;  2 is a flowchart of another method for requesting authentication according to an embodiment of the present invention;
图 3为本发明实施例提供的又一请求认证方法的流程图;  FIG. 3 is a flowchart of still another method for requesting authentication according to an embodiment of the present invention;
图 4为本发明实施例提供的又一请求认证方法的流程图;  4 is a flowchart of still another method for requesting authentication according to an embodiment of the present invention;
图 5a为本发明实施例提供的接入点的结构示意图;  FIG. 5 is a schematic structural diagram of an access point according to an embodiment of the present invention;
图 5b为本发明实施例提供的另一接入点的结构示意图;  FIG. 5b is a schematic structural diagram of another access point according to an embodiment of the present disclosure;
图 6a为本发明实施例提供的服务站点的结构示意图;  6a is a schematic structural diagram of a service site according to an embodiment of the present invention;
图 6b为本发明实施例提供的另一服务站点的结构示意图;  6b is a schematic structural diagram of another service site according to an embodiment of the present invention;
图 7a为本发明实施例提供的又一服务站点的结构示意图;  FIG. 7a is a schematic structural diagram of another service site according to an embodiment of the present invention;
图 7b为本发明实施例提供的又一服务站点的结构示意图;  FIG. 7b is a schematic structural diagram of another service site according to an embodiment of the present invention;
图 8a为本发明实施例提供的又一服务站点的结构示意图;  FIG. 8 is a schematic structural diagram of another service site according to an embodiment of the present disclosure;
图 8b为本发明实施例提供的又一服务站点的结构示意图;  FIG. 8b is a schematic structural diagram of another service site according to an embodiment of the present invention;
图 9为本发明实施例提供的通信系统的结构示意图。 具体实施方式  FIG. 9 is a schematic structural diagram of a communication system according to an embodiment of the present invention. detailed description
为了解决由于服务站点与接入点需要保持关联认证关系而占用网络资 源, 造成网络资源利用率降低的问题, 本发明各实施例中引入了接入点向服 务站点发起请求认证的方法。  In order to solve the problem that the service resources and the access point need to maintain the associated authentication relationship and occupy the network resources, and the utilization of the network resources is reduced, the method for initiating the request authentication by the access point to the service site is introduced in the embodiments of the present invention.
由于即使提供服务的服务站点当前与接入点不存在关联认证关系, 接入 点也可以主动发起与服务站点建立关联认证关系的动作, 因此服务站点不再 需要一直保持与接入点之间的关联认证关系, 在提供完服务之后可以取消与 接入点之间的关联认证关系, 相应地对这部分网络资源进行释放, 从而提高 网络资源的利用率。 应用场景中。 本发明各实施例中所述的站点即为需要使用服务的站点, 所述 的服务站点即为能够提供服务的站点。服务站点通过接入点为站点提供服务。 服务站点可以为打印机或投影仪等功能性的设备。 Since the service site that provides the service does not currently have an associated authentication relationship with the access point, the access point can initiate an action of establishing an association authentication relationship with the service site, so the service site no longer needs to remain with the access point. Associate the authentication relationship, after the service is provided, the association relationship with the access point can be canceled, and the network resources are released accordingly, thereby improving Utilization of network resources. In the application scenario. The site described in the embodiments of the present invention is a site that needs to use a service, and the service site is a site capable of providing a service. The service site serves the site through the access point. The service site can be a functional device such as a printer or projector.
图 1为本发明实施例提供的请求认证方法的流程图, 如图 1所示, 该方 法包括:  FIG. 1 is a flowchart of a method for requesting authentication according to an embodiment of the present invention. As shown in FIG. 1, the method includes:
步骤 101、 接入点接收服务需求信息。 其中, 所述服务需求信息中携带 有服务标识, 所述服务标识为需要被服务的站点所需的服务的标识信息。  Step 101: The access point receives the service requirement information. The service requirement information carries a service identifier, and the service identifier is identifier information of a service required by a site that needs to be served.
具体的, 当站点需要使用某项服务时, 可以向接入点发送服务需求信息。 在服务需求信息中携带有站点所需要使用服务的服务标识。 接入点通过服务 标识能够获知站点需要使用的是哪项服务。  Specifically, when a site needs to use a service, it can send service demand information to the access point. The service requirement information carries the service identifier of the service that the site needs to use. The access point can know which service the site needs to use through the service identifier.
接入点可以通过与通信连接的各服务站点进行信息交互, 获知各服务站 点可提供的服务; 或者服务站点将其能提供的服务广播告知其能够通信连接 的接入点。 从而, 接入点能够获知各服务节点能够提供的服务, 并以服务站 点的标识与服务标识的对应关系的形式存储在接入点中。 接入点通过该对应 关系能够获知, 该接入点可间接提供哪个或哪些服务, 以及这些服务可以由 哪个或哪些服务站点提供。  The access point can learn the services that each service station can provide through information exchange with each service station connected to the communication; or the service station broadcasts the service broadcast that it can provide to the access point that it can communicate with. Therefore, the access point can learn the services that each service node can provide, and store the information in the access point in the form of the correspondence between the identifier of the service site and the service identifier. The access point is informed by the correspondence that which access service can be provided indirectly by the access point and which service site or services can be provided by the service site.
站点可以通过与接入点进行信息交互, 获知该接入点能够间接提供的服 务; 或者, 接入点将其能间接提供的服务广播告知其覆盖范围内的各站点。 从而使得站点向接入点发送的服务需求信息中携带的服务标识, 是该接入点 能够提供的服务的标识信息。  The station can learn information that the access point can provide indirectly by interacting with the access point; or, the access point broadcasts the service that it can provide indirectly to each site within its coverage. Therefore, the service identifier carried in the service requirement information sent by the site to the access point is the identifier information of the service that the access point can provide.
由于站点能够与多个接入点通信连接, 因此站点可以根据上述方法先判 断出哪个或哪些接入点能够提供其所需的服务, 进而向能够提供该服务的接 入点发送服务需求信息。  Since the station can communicate with a plurality of access points, the station can first determine which access point or services can provide the required services according to the above method, and then send the service demand information to the access point capable of providing the service.
在实际应用中, 站点可以将服务标识携带在服务请求信息, 认证请求, 关联请求, 或其它于接入点进行交互的信息中。  In an actual application, the site may carry the service identifier in the service request information, the authentication request, the association request, or other information that the access point interacts with.
步骤 102、 接入点选择可提供所述服务标识对应的服务的目标服务站点。 具体的, 接入点根据服务需求信息中的服务标识, 在其所存储的服务标 识与服务站点的标识之间的对应关系中进行查找。 接入点若在该对应关系中查找到了该服务标识对应的一个或多个服务站 点, 则可以将该一个或多个服务站点分别作为目标服务站点。 Step 102: The access point selects a target service site that can provide a service corresponding to the service identifier. Specifically, the access point searches for the correspondence between the stored service identifier and the identifier of the service site according to the service identifier in the service requirement information. If the access point finds one or more service sites corresponding to the service identifier in the correspondence, the one or more service sites may be respectively used as the target service site.
需要说明的是, 目标服务站点可以为一个或多个, 每个目标服务站点均 为各服务站点中的一个, 称为 "目标服务站点" 是为了明确地体现与接入点 进行通信的对象。  It should be noted that the target service site may be one or more, and each target service site is one of the service sites, and is called a "target service site" in order to explicitly represent the object that communicates with the access point.
由于站点预先获知接入点能够间接提供的服务的方式是一种优选的情 况, 如果站点并未预先获知接入点能够间接提供的服务, 则接入点可能查找 不到 务标识对应的目标 Λ良务站点。  It is a preferred case that the site knows in advance the service that the access point can provide indirectly. If the site does not know in advance the service that the access point can provide indirectly, the access point may not find the target corresponding to the service identifier. Good service site.
在这样的情况下, 接入点查找不到目标服务站点, 则可以通过与该站点 进行通信交互, 以使该站点获知其无法间接为该站点提供该项服务。  In such a case, if the access point cannot find the target service site, it can communicate with the site to make the site aware that it cannot provide the service to the site indirectly.
步骤 103、 接入点与所述目标服务站点之间进行认证。  Step 103: Perform authentication between the access point and the target service site.
具体的 , 接入点与目标服务站点进行请求认证时, 可以通过如下三种流 程实现,具体的进行请求认证的方法可以釆用与现有技术中类似的实现方式。  Specifically, when the access point and the target service site perform the request for authentication, the following three processes may be implemented, and the specific method for requesting the authentication may use an implementation similar to that in the prior art.
第一种为, 由接入点向目标服务站点发送服务请求信息, 在服务请求信 息中携带有从服务需求信息中获得的服务标识; 目标服务站点根据该服务标 识, 判断其是否具有提供该服务标识对应的服务的能力, 如果是, 则向该接 入点返回服务请求成功信息, 如果否, 则向该接入点返回服务请求失败信息; 若该接入点接收到服务请求成功信息,则向目标服务站点发送认证请求信息, 通过接入点与目标服务站点之间的通信交互, 进行两者之间的认证流程; 若 接入点接收到服务请求失败信息, 则向无需发起后续的认证流程。  The first type is that the service request information is sent by the access point to the target service station, and the service request information carries the service identifier obtained from the service requirement information; the target service station determines whether the service identifier is provided according to the service identifier. Identifying the capability of the corresponding service, if yes, returning the service request success information to the access point, and if not, returning the service request failure information to the access point; if the access point receives the service request success information, Sending the authentication request information to the target service site, and performing the authentication process between the two through the communication interaction between the access point and the target service site; if the access point receives the service request failure information, the subsequent authentication is not required to be initiated. Process.
第二种为, 由接入点向目标服务站点发送认证请求信息, 在认证请求信 息中携带有从服务需求信息中获得的服务标识; 目标服务站点在接收到该认 证请求信息之后, 利用其中的服务标识判断其是否有能力提高该服务标识对 应的服务; 若目标服务站点具有提供该服务标识对应的服务的能力, 则通过 与接入点之间的通信交互, 进行两者之间的认证流程; 若目标服务站点不具 有提供该服务标识对应的服务的能力, 则向该接入点反馈用于表征失败的信 息。  The second method is: sending, by the access point, the authentication request information to the target service site, where the authentication request information carries the service identifier obtained from the service requirement information; after receiving the authentication request information, the target service site uses the The service identifier determines whether it has the ability to improve the service corresponding to the service identifier; if the target service site has the capability of providing the service corresponding to the service identifier, the authentication process between the two is performed through communication interaction with the access point. If the target service site does not have the capability to provide the service corresponding to the service identifier, the information for characterizing the failure is fed back to the access point.
第三种为, 由接入点向目标服务站点发送服务请求信息, 在服务请求信 息中携带有从服务需求信息中获得的服务标识; 目标服务站点根据该服务标 识, 判断其是否具有提供该服务标识对应的服务的能力, 如果是, 则向该接 入点返回服务请求成功信息, 如果否, 则向该接入点返回服务请求失败信息; 若目标服务站点向接入点返回的是服务请求成功信息, 则将继续向接入点发 送认证请求信息, 通过接入点与目标服务站点之间的通信交互, 进行两者之 间的认证流程; 若目标服务站点向接入点返回的是服务请求失败信息, 则向 无需发起后续的认证流程。 The third type is that the service request information is sent by the access point to the target service station, and the service request information carries the service identifier obtained from the service requirement information; the target service station determines whether the service identifier is provided according to the service identifier. The ability to identify the corresponding service, and if so, to the connection The ingress returns the service request success information, and if not, returns the service request failure information to the access point; if the target service station returns the service request success information to the access point, it will continue to send the authentication request information to the access point. Through the communication interaction between the access point and the target service site, the authentication process between the two is performed; if the target service site returns the service request failure information to the access point, the subsequent authentication process is not required to be initiated.
利用上述三种方法中的任意一种, 该接入点和该目标服务站点之间能够 建立起关联认证关系。 并且, 在该关联认证关系保持期间, 该接入点和该目 标服务站点上均保存有两者的关联认证关系。  With any of the above three methods, an association authentication relationship can be established between the access point and the target service site. Moreover, during the association of the associated authentication relationship, both the access point and the target service site maintain an associated authentication relationship between the two.
本发明实施例提供的请求认证方法, 由接入点接收服务需求信息, 根据 服务需求信息中携带的服务标识, 选择可提供服务标识对应的服务的目标服 务站点, 进而与该目标服务站点之间进行认证。 由于接入点可以主动请求与 服务站点建立关联认证关系, 因此服务站点不再需要一直保持与接入点之间 的关联认证关系, 服务站点可以在提供完服务之后取消与接入点之间的关联 认证关系, 相应地对这部分网络资源进行释放, 从而提高网络资源的利用率; 此外, 由于服务站点在同一时刻只能与一个接入点存在关联认证关系, 而利 用本发明实施例中的方法可以使得服务站点能够根据接入点和站点的服务需 求, 与不同的接入点建立或取消关联认证关系, 提高了服务站点的利用率和 灵活性。  The request authentication method provided by the embodiment of the present invention receives the service demand information by the access point, and selects a target service site that can provide the service corresponding to the service identifier according to the service identifier carried in the service requirement information, and further, between the target service site and the target service site. Certify. Since the access point can actively request an association authentication relationship with the service site, the service site no longer needs to maintain the association authentication relationship with the access point, and the service site can cancel the connection with the access point after providing the service. Associate the authentication relationship, and release the network resources accordingly, thereby improving the utilization of the network resources. In addition, since the service site can only have an associated authentication relationship with one access point at the same time, the The method can enable the service station to establish or de-associate the authentication relationship with different access points according to the service requirements of the access point and the site, thereby improving the utilization and flexibility of the service site.
图 2为本发明实施例提供的另一请求认证方法的流程图, 如图 2所示, 该方法包括:  FIG. 2 is a flowchart of another method for requesting authentication according to an embodiment of the present invention. As shown in FIG. 2, the method includes:
步骤 201、 接入点接收服务需求信息。  Step 201: The access point receives the service requirement information.
具体的, 可以参见步骤 101中所述的实现方式。  For details, refer to the implementation manner described in step 101.
步骤 202、 接入点选择可提供所述服务标识对应的服务的目标服务站点。 具体的, 可以参见步骤 102中所述的实现方式。  Step 202: The access point selects a target service site that can provide a service corresponding to the service identifier. For details, refer to the implementation manner described in step 102.
进一步地, 接入点选择可提供所述服务标识对应的服务的、 且处于有效 工作时段内的服务站点, 作为目标服务站点。  Further, the access point selects a service site that can provide the service corresponding to the service identifier and is in a valid working period as the target service site.
具体的, 由于接入点中除了存储有服务标识与服务站点的标识的对应关 系, 还可以存储有各服务站点的有效工作时段。 也就是说, 各服务站点分别 在哪个时间段内能够正常工作。  Specifically, because the access point stores the corresponding relationship between the service identifier and the identifier of the service site, the effective working period of each service station may also be stored. In other words, each service station can work normally during which time period.
接入点在查询到可提供所述服务标识对应的服务的一个或多个服务站点 之后, 进一步地判断当前时间是否在这些服务站点的有效工作时段内。 The access point queries one or more service sites that can provide the service corresponding to the service identifier After that, it is further determined whether the current time is within the effective working period of these service stations.
若接入点查询出存在能够提供该服务标识对应的服务的、 且处于有效工 作时段内的服务站点, 则将其作为目标服务站点。  If the access point queries for a service site that is capable of providing the service corresponding to the service identifier and is within the valid working period, it is used as the target service site.
若接入点查询出不存在能够提供该服务标识对应的服务的、 且处于有效 工作时段内的服务站点, 但是查询出存储能够提供服务标识对应的服务的服 务站点, 则将这部分能够提供服务的站点作为目标服务站点; 或者将能够提 供该服务的、 但是当前未处于有效工作时段的服务站点, 等待至其有效工作 时段到来时, 再将其作为目标服务站点。  If the access point queries that there is no service site that can provide the service corresponding to the service identifier and is in the valid working period, but queries the service site that can provide the service corresponding to the service identifier, then the part can provide the service. The site serves as the target service site; or the service site that is capable of providing the service but is not currently in a valid working period, and waits until its effective working time comes, and then uses it as the target service site.
若接入点查询出不存在能够提供该服务标识对应的服务的服务站点, 则 无法确定目标 务站点。  If the access point queries that there is no service site capable of providing the service corresponding to the service identifier, the target site cannot be determined.
步骤 203、 接入点向所述目标服务站点发送服务请求信息。  Step 203: The access point sends the service request information to the target service site.
其中, 所述服务请求信息中携带有所述服务标识, 所述服务请求信息用 具体的, 当目标服务站点为多个时, 接入点可以釆用如下方式向各目标 服务站点发送服务请求信息。  The service request information carries the service identifier, and the service request information is specific. When the target service site is multiple, the access point may send the service request information to each target service site in the following manner. .
第一种为, 接入点将服务请求信息发送给一个目标服务站点之后, 将等 待接收该目标服务站点的回复;如果接入点接收到了该目标服务站点的回复, 则可以继续向其他目标服务站点发送该服务请求信息; 如果接入点在等待时 间超过一定的时间之后 , 仍未接收到该目标服务站点的回复, 则继续向其他 目标服务站点发送该服务请求信息。  The first is that after the access point sends the service request information to a target service site, it will wait to receive the reply from the target service site; if the access point receives the reply from the target service site, it can continue to serve other targets. The station sends the service request information; if the access point does not receive the reply of the target service station after the waiting time exceeds a certain time, the service request information is continuously sent to other target service stations.
第二种为, 接入点将服务请求信息发送给一个目标服务站点之后, 可以 不等待其回复, 就继续向其他目标服务站点发送该服务请求信息。  The second is that after the access point sends the service request information to a target service site, it can continue to send the service request information to other target service stations without waiting for the reply.
第三种为, 接入点可以釆用组播的方式, 将服务请求信息发送给各目标 月良务站点。  The third type is that the access point can use the multicast method to send the service request information to each target service station.
在上述三种方式中,接入点也可以在接收到一个目标服务站点的回复后, 就停止向其他目标服务站点继续发送该服务请求信息。  In the above three manners, the access point may stop sending the service request information to other target service stations after receiving a reply from the target service station.
接入点也可以将该服务请求信息发送给全部的目标服务站点, 在一定时 间内, 从收到回复的一个或多个目标服务站点中, 按照一定的筛选条件选择 一个服务站点作为最终的目标服务站点。  The access point may also send the service request information to all target service sites, and select a service site as a final target according to certain screening conditions from one or more target service sites that receive the reply within a certain period of time. Service site.
另外, 上述的筛选条件可以为需要被服务的站点提出的服务需求, 例如 服务种类、 时间和价格等; 也可以为目标服务站点与接入点之间的通信情况, 例如信道情况、 繁忙程度、 通信质量、 支持速率等, 这些参数都是可以在接 入点与目标服务站点的交互中获得的。 In addition, the above screening conditions may be service requirements of a site that needs to be served, for example Service type, time and price, etc.; can also communicate with the target service site and the access point, such as channel conditions, busyness, communication quality, support rate, etc. These parameters are available at the access point and target service. Obtained in the interaction of the site.
步骤 204、 接入点接收所述目标服务站点发送的服务请求成功信息。 其中, 所述服务请求成功信息由所述目标服务站点根据所述服务请求信 息, 确定具有提供所述服务标识对应的服务的能力之后生成。  Step 204: The access point receives the service request success information sent by the target service station. The service request success information is generated by the target service station according to the service request information, and is determined to have the capability of providing the service corresponding to the service identifier.
具体的, 目标服务站点在接收到接入点发送的服务请求信息之后, 需要 根据服务请求信息中的服务标识, 判断其是否具有提供该服务标识对应的服 务的能力。  Specifically, after receiving the service request information sent by the access point, the target service station needs to determine whether it has the capability of providing the service corresponding to the service identifier according to the service identifier in the service request information.
判断是否具有提供服务的能力包括以下多个方面的内容: 该目标服务站 点上是否具有该服务项目; 该目标服务站点当前是否未与其他接入点存在关 联认证关系; 该目标服务站点当前是否处于正常的工作状态等。  The ability to determine whether the service is provided includes the following aspects: whether the service item is available on the target service site; whether the target service site currently has an associated authentication relationship with other access points; whether the target service site is currently in the Normal working conditions, etc.
具体利用那些判断标准来衡量目标服务站点是否有能力提供相应的服 务, 可以根据需要进行设置。  Specifically, the judgment criteria are used to measure whether the target service site is capable of providing corresponding services, and can be set as needed.
若目标服务站点在判断出其具有提供该服务标识对应的服务的能力, 则 向该接入点返回服务请求成功信息; 若目标服务站点在判断出其不具有提供 该服务标识对应的服务的能力, 则向该接入点返回服务请求失败信息。  If the target service station determines that it has the capability of providing the service corresponding to the service identifier, returns the service request success information to the access point; if the target service site determines that it does not have the capability to provide the service corresponding to the service identifier , the service request failure information is returned to the access point.
步骤 205、 接入点根据所述服务请求成功信息, 向所述目标服务站点发 送认证请求信息。 其中, 所述认证请求信息用于供所述目标服务站点与所述 接入点之间进行认证。  Step 205: The access point sends the authentication request information to the target service site according to the service request success information. The authentication request information is used for authentication between the target service site and the access point.
具体的, 接入点若接收到目标服务站点返回的服务请求成功信息, 则向 该目标服务站点发送认证请求信息。  Specifically, if the access point receives the service request success information returned by the target service site, the access point sends the authentication request information to the target service site.
该认证请求信息的作用是在目标服务站点与接入点之间进行认证。其中, 目标服务站点与接入点之间进行认证的方法, 可以釆用与现有技术中类似的 实现方式。  The purpose of the authentication request information is to authenticate between the target service site and the access point. The method for authenticating between the target service site and the access point may use an implementation similar to that in the prior art.
图 3为本发明实施例提供的又一请求认证方法的流程图, 如图 3所示, 该方法包括:  FIG. 3 is a flowchart of still another method for requesting authentication according to an embodiment of the present invention. As shown in FIG. 3, the method includes:
步骤 301、 接入点接收服务需求信息。  Step 301: The access point receives the service requirement information.
具体的, 可以参见步骤 101中所述的实现方式。  For details, refer to the implementation manner described in step 101.
步骤 302、 接入点选择可提供所述服务标识对应的服务的目标服务站点。 具体的, 可以参见步骤 102或 202中所述的实现方式。 Step 302: The access point selects a target service site that can provide a service corresponding to the service identifier. For details, refer to the implementation manners described in step 102 or 202.
步骤 303、 接入点向所述目标服务站点发送携带有所述服务标识的认证 请求信息。 其中, 所述认证请求信息用于供所述目标服务站点在确定具有提 供所述服务标识对应的服务的能力之后与所述接入点之间进行认证。  Step 303: The access point sends, to the target service site, authentication request information that carries the service identifier. The authentication request information is used for the target service station to perform authentication with the access point after determining the capability of providing the service corresponding to the service identifier.
具体的, 接入点可以直接将认证请求信息发送给目标服务站点, 并且在 认证请求信息中携带该服务标识。  Specifically, the access point may directly send the authentication request information to the target service site, and carry the service identifier in the authentication request information.
目标服务站点在接收到该认证请求信息之后,可以根据其中的服务标识, 判断其是否有能力提供该项服务。 对于判断是否具有服务能力的实现方式, 可以参见步骤 204中所述的相关内容。  After receiving the authentication request information, the target service station may determine whether it is capable of providing the service according to the service identifier therein. For the implementation of determining whether the service capability is available, refer to the related content described in step 204.
当目标服务站点为多个时, 接入点发送认证请求信息的实现方式, 可以 参见步骤 203中发送服务请求信息的实现方式。  When the target service site is multiple, the access point sends the authentication request information. For details, see the method for sending the service request information in step 203.
目标服务站点若判断出其具有提供该项服务的能力, 则通过与该接入点 之间的通信交互, 进行两者之间的认证; 目标服务站点若判断出其不具有提 供该项服务的能力, 则不进行两者之间的认证。  If the target service site determines that it has the capability to provide the service, it performs authentication between the two through communication interaction with the access point; if the target service site determines that it does not have the service provided Capability, no authentication between the two.
该认证请求信息的作用是在目标服务站点与接入点之间进行认证。其中, 目标服务站点与接入点之间进行认证的方法, 可以釆用与现有技术中类似的 实现方式。  The purpose of the authentication request information is to authenticate between the target service site and the access point. The method for authenticating between the target service site and the access point may use an implementation similar to that in the prior art.
图 4为本发明实施例提供的又一请求认证方法的流程图, 如图 4所示, 该方法包括:  FIG. 4 is a flowchart of still another method for requesting authentication according to an embodiment of the present invention. As shown in FIG. 4, the method includes:
步骤 401、 接入点接收服务需求信息。  Step 401: The access point receives the service requirement information.
具体的, 可以参见步骤 101中所述的实现方式。  For details, refer to the implementation manner described in step 101.
步骤 402、 接入点选择可提供所述服务标识对应的服务的目标服务站点。 具体的, 可以参见步骤 102或 202中所述的实现方式。  Step 402: The access point selects a target service site that can provide a service corresponding to the service identifier. For details, refer to the implementation described in step 102 or 202.
步骤 403、 接入点向所述目标服务站点发送服务请求信息。  Step 403: The access point sends the service request information to the target service station.
其中, 所述服务请求信息中携带有所述服务标识, 所述服务请求信息用 具体的, 可以参见步骤 203中所述的实现方式。  The service request information carries the service identifier, and the service request information is specific. For details, refer to the implementation manner described in step 203.
步骤 404、 服务站点根据所述服务请求信息, 确定具有提供所述服务标 识对应的服务的能力之后, 向所述接入点发送认证请求信息。 其中, 所述认 证请求信息用于与所述服务站点之间进行认证。 具体的, 目标服务站点在接收到接入点发送的服务请求信息之后, 需要 根据服务请求信息中的服务标识, 判断其是否具有提供该服务标识对应的服 务的能力。 Step 404: The service station determines, according to the service request information, that the device has the capability of providing the service corresponding to the service identifier, and sends the authentication request information to the access point. The authentication request information is used for authentication with the service site. Specifically, after receiving the service request information sent by the access point, the target service station needs to determine whether it has the capability of providing the service corresponding to the service identifier according to the service identifier in the service request information.
判断是否具有提供服务的能力包括以下多个方面的内容: 该目标服务站 点上是否具有该服务项目; 该目标服务站点当前是否未与其他接入点存在关 联认证关系; 该目标服务站点当前是否处于正常的工作状态等。  The ability to determine whether the service is provided includes the following aspects: whether the service item is available on the target service site; whether the target service site currently has an associated authentication relationship with other access points; whether the target service site is currently in the Normal working conditions, etc.
具体利用那些判断标准来衡量目标服务站点是否有能力提供相应的服 务, 可以根据需要进行设置。  Specifically, the judgment criteria are used to measure whether the target service site is capable of providing corresponding services, and can be set as needed.
若目标服务站点在判断出其具有提供该服务标识对应的服务的能力, 则 向该接入点返回服务请求成功信息, 并向该接入点发送认证请求信息。 若目 标服务站点在判断出其不具有提供该服务标识对应的服务的能力, 则向该接 入点返回服务请求失败信息, 并且不向该接入点发送认证请求信息。  If the target service station determines that it has the capability of providing the service corresponding to the service identifier, it returns service request success information to the access point, and sends the authentication request information to the access point. If the target service site determines that it does not have the capability to provide the service corresponding to the service identifier, the service request failure information is returned to the access point, and the authentication request information is not sent to the access point.
步骤 405、 接入点若在预设时间内接收到所述目标服务站点发送的认证 请求信息, 则与所述目标服务站点之间进行认证。  Step 405: If the access point receives the authentication request information sent by the target service station within a preset time, the access point performs authentication with the target service station.
具体的, 接入点中预先设置有一时间长度, 表征接入点在向目标服务站 点发送服务请求信息之后, 能够等待接收认证请求信息的最长时间。 接入点 判断在该预设时间内是否接收到了该目标服务站点所发送的认证请求信息。  Specifically, the access point is pre-set with a length of time to represent the maximum time that the access point can wait to receive the authentication request information after sending the service request information to the target service station. The access point determines whether the authentication request information sent by the target service station is received within the preset time.
若接入点在预设时间内接收到了该认证请求信息, 则通过与该目标服务 站点之间的通信交互, 进行两者之间的认证流程。  If the access point receives the authentication request information within a preset time, the authentication process between the two is performed through communication interaction with the target service site.
该认证请求信息的作用是在目标服务站点与接入点之间进行认证。其中, 目标服务站点与接入点之间进行认证的方法, 可以釆用与现有技术中类似的 实现方式。  The purpose of the authentication request information is to authenticate between the target service site and the access point. The method for authenticating between the target service site and the access point may use an implementation similar to that in the prior art.
若接入点在所述预设时间内未接收到所述目标服务站点发送的所述关联 请求信息, 则可以重新向所述目标服务站点发送所述服务请求信息; 也可以 不再重新发送, 或者向其他目标服务站点发送该服务请求信息。  If the access point does not receive the association request information sent by the target service station within the preset time, the service request information may be resent to the target service site; or may not be resent. Or send the service request information to other target service sites.
图 5a为本发明实施例提供的接入点的结构示意图, 如图 5a所示, 该接 入点包括: 接收单元 11、 选择单元 12和认证单元 13。  FIG. 5a is a schematic structural diagram of an access point according to an embodiment of the present invention. As shown in FIG. 5a, the access point includes: a receiving unit 11, a selecting unit 12, and an authenticating unit 13.
接收单元 11 , 用于接收服务需求信息, 所述服务需求信息中携带有服务 标识, 所述服务标识为需要被服务的站点所需的服务的标识信息;  The receiving unit 11 is configured to receive service requirement information, where the service requirement information carries a service identifier, where the service identifier is identifier information of a service required by a site that needs to be served;
选择单元 12 ,用于选择可提供所述服务标识对应的服务的目标服务站点; 认证单元 13 , 用于与所述目标服务站点之间进行认证。 The selecting unit 12 is configured to select a target service site that can provide a service corresponding to the service identifier; The authentication unit 13 is configured to perform authentication with the target service site.
进一步地, 所述认证单元 13还用于:  Further, the authentication unit 13 is further configured to:
向所述目标服务站点发送服务请求信息, 所述服务请求信息中携带有所 述服务标识, 所述服务请求信息用于供所述目标服务站点确定是否具有提供 所述服务标识对应的服务的能力; 接收所述目标服务站点发送的服务请求成 功信息,所述服务请求成功信息由所述目标服务站点根据所述服务请求信息, 确定具有提供所述服务标识对应的服务的能力之后生成; 根据所述服务请求 成功信息, 向所述目标服务站点发送认证请求信息, 所述认证请求信息用于 供所述目标服务站点与所述接入点之间进行认证。  Sending the service request information to the target service site, where the service request information carries the service identifier, where the service request information is used by the target service site to determine whether the service has the capability of providing the service identifier Receiving service request success information sent by the target service station, where the service request success information is generated by the target service station according to the service request information, and having the capability of providing the service corresponding to the service identifier; The service request success information is sent to the target service site for authentication request information, where the authentication request information is used for authentication between the target service site and the access point.
进一步地, 所述认证单元 13还用于:  Further, the authentication unit 13 is further configured to:
向所述目标服务站点发送携带有所述服务标识的认证请求信息, 所述认 证请求信息用于在所述目标服务站点确定具有提供所述服务标识对应的服务 的能力之后与所述接入点之间进行认证。  Sending, to the target service site, authentication request information carrying the service identifier, where the authentication request information is used after the target service site determines that the device has the capability of providing the service corresponding to the service identifier, and the access point Authenticate between.
进一步地, 所述认证单元 13还用于:  Further, the authentication unit 13 is further configured to:
向所述目标服务站点发送服务请求信息, 所述服务请求信息中携带有所 述服务标识, 所述服务请求信息用于供所述目标服务站点确定是否具有提供 所述服务标识对应的服务的能力; 在预设时间内接收到所述目标服务站点发 送的认证请求信息时, 与所述目标服务站点之间进行认证, 所述认证请求信 息由所述目标服务站点根据所述服务请求信息, 确定具有提供所述服务标识 对应的服务的能力之后发送给所述接入点。  Sending the service request information to the target service site, where the service request information carries the service identifier, where the service request information is used by the target service site to determine whether the service has the capability of providing the service identifier And performing authentication between the target service station and the target service station when the authentication request information sent by the target service station is received within a preset time, where the authentication request information is determined by the target service station according to the service request information. The ability to provide a service corresponding to the service identifier is then sent to the access point.
进一步地, 所述认证单元 13还用于:  Further, the authentication unit 13 is further configured to:
在所述预设时间内未接收到所述目标服务站点发送的所述认证请求信息 时, 重新向所述目标服务站点发送所述服务请求信息。  And when the authentication request information sent by the target service station is not received within the preset time, the service request information is resent to the target service station.
进一步地, 所述选择单元 12还用于:  Further, the selecting unit 12 is further configured to:
选择可提供所述服务标识对应的服务的、 且处于有效工作时段内的服务 站点作为目标服务站点。  A service site that can provide the service corresponding to the service identifier and is in a valid working period is selected as the target service site.
图 5b为本发明实施例提供的另一接入点的结构示意图, 如图 5b所示, 该接入点包括: 处理器 21、 存储器 22、 总线 23和通信接口 24。 处理器 21、 存储器 22和通信接口 24之间通过总线 23连接并完成相互间的通信。  FIG. 5b is a schematic structural diagram of another access point according to an embodiment of the present invention. As shown in FIG. 5b, the access point includes: a processor 21, a memory 22, a bus 23, and a communication interface 24. The processor 21, the memory 22 and the communication interface 24 are connected by a bus 23 and communicate with each other.
处理器 21 可能为单核或多核中央处理单元(Central Processing Unit, CPU ),或者为特定集成电路( Application Specific Integrated Circuit , ASIC ) , 或者为被配置成实施本发明实施例的一个或多个集成电路。 The processor 21 may be a single core or multi-core central processing unit (Central Processing Unit, The CPU), either an Application Specific Integrated Circuit (ASIC), or one or more integrated circuits configured to implement embodiments of the present invention.
存储器 22 可以为高速 RAM 存储器, 也可以为非易失性存储器 ( non-volatile memory ) , 例 口至少一个磁盘存 4诸器。  The memory 22 can be a high speed RAM memory or a non-volatile memory, and at least one disk can be stored.
存储器 22用于存放程序 221。 具体的, 程序 221中可以包括程序代码, 所述程序代码包括计算机操作指令。  The memory 22 is used to store the program 221. Specifically, the program 221 may include program code, where the program code includes computer operation instructions.
通信接口 24用于接收服务需求信息,所述服务需求信息中携带有服务标 识, 所述服务标识为需要被服务的站点所需的服务的标识信息。  The communication interface 24 is configured to receive service requirement information, where the service requirement information carries a service identifier, and the service identifier is identifier information of a service required by a site that needs to be served.
处理器 21运行程序 221 , 以执行:  The processor 21 runs the program 221 to execute:
选择可提供所述服务标识对应的服务的目标服务站点; 与所述目标服务 占点之间进行认证。  Selecting a target service site that can provide a service corresponding to the service identifier; and authenticating with the target service occupancy point.
具体的, 本发明实施例提供的接入点进行请求认证的方法, 可以参见上 述对应的方法实施例中所述的操作步骤。  Specifically, the method for requesting authentication by the access point provided by the embodiment of the present invention can refer to the operation steps described in the foregoing method embodiment.
本发明实施例提供的接入点, 接收服务需求信息, 根据服务需求信息中 携带的服务标识, 选择可提供服务标识对应的服务的目标服务站点, 进而与 该目标服务站点之间进行认证。 由于接入点可以主动请求与服务站点建立关 联认证关系, 因此服务站点不再需要一直保持与接入点之间的关联认证关系, 服务站点可以在提供完服务之后取消与接入点之间的关联认证关系, 相应地 对这部分网络资源进行释放, 从而提高网络资源的利用率; 此外, 由于服务 站点在同一时刻只能与一个接入点存在关联认证关系, 而利用本发明实施例 中的方法可以使得服务站点能够根据接入点和站点的服务需求, 与不同的接 入点建立或取消关联认证关系, 提高了服务站点的利用率和灵活性。  The access point provided by the embodiment of the present invention receives the service requirement information, and selects a target service site that can provide a service corresponding to the service identifier according to the service identifier carried in the service requirement information, and then performs authentication with the target service site. Since the access point can actively request an association authentication relationship with the service site, the service site no longer needs to maintain the association authentication relationship with the access point, and the service site can cancel the connection with the access point after providing the service. Associate the authentication relationship, and release the network resources accordingly, thereby improving the utilization of the network resources. In addition, since the service site can only have an associated authentication relationship with one access point at the same time, the The method can enable the service station to establish or de-associate the authentication relationship with different access points according to the service requirements of the access point and the site, thereby improving the utilization and flexibility of the service site.
图 6a为本发明实施例提供的服务站点的结构示意图, 如图 6a所示, 该 服务站点包括: 接收单元 31、 发送单元 32和认证单元 33。  FIG. 6 is a schematic structural diagram of a service site according to an embodiment of the present invention. As shown in FIG. 6a, the service site includes: a receiving unit 31, a sending unit 32, and an authentication unit 33.
接收单元 31 , 用于接收接入点发送的服务请求信息, 所述服务请求信息 中携带有服务标识, 所述服务请求信息用于供所述服务站点确定是否具有提 供所述服务标识对应的服务的能力, 所述服务标识是所述接入点从需要被服 务的站点所发送的服务需求信息中获得的;  The receiving unit 31 is configured to receive service request information sent by the access point, where the service request information carries a service identifier, where the service request information is used by the service station to determine whether the service corresponding to the service identifier is provided. Capability, the service identifier is obtained by the access point from service demand information sent by a site that needs to be served;
发送单元 32, 用于根据所述服务请求信息, 确定具有提供所述服务标识 对应的服务的能力之后, 向所述接入点返回服务请求成功信息; 认证单元 33 , 用于接收所述接入点根据所述服务请求成功信息, 向所述 服务站点发送的认证请求信息, 所述认证请求信息用于与所述服务站点之间 进行认证。 The sending unit 32 is configured to: after determining, according to the service request information, the capability of providing the service corresponding to the service identifier, return service request success information to the access point; The authentication unit 33 is configured to receive authentication request information sent by the access point to the service site according to the service request success information, where the authentication request information is used for authentication with the service site.
图 6b为本发明实施例提供的另一服务站点的结构示意图,如图 6b所示, 该服务站点包括: 处理器 41、存储器 42、总线 43和通信接口 44。处理器 41、 存储器 42和通信接口 44之间通过总线 43连接并完成相互间的通信。  FIG. 6b is a schematic structural diagram of another service site according to an embodiment of the present invention. As shown in FIG. 6b, the service site includes: a processor 41, a memory 42, a bus 43, and a communication interface 44. The processor 41, the memory 42 and the communication interface 44 are connected by a bus 43 and communicate with each other.
处理器 41 可能为单核或多核中央处理单元(Central Processing Unit, CPU ),或者为特定集成电路( Application Specific Integrated Circuit , ASIC ) , 或者为被配置成实施本发明实施例的一个或多个集成电路。  The processor 41 may be a single core or multi-core central processing unit (CPU), or an Application Specific Integrated Circuit (ASIC), or one or more integrated systems configured to implement the embodiments of the present invention. Circuit.
存储器 42 可以为高速 RAM 存储器, 也可以为非易失性存储器 The memory 42 can be a high speed RAM memory or a nonvolatile memory.
( non-volatile memory ) , 例 口至少一个磁盘存 4诸器。 (non-volatile memory), at least one disk is stored in the program.
存储器 42用于存放程序 421。 具体的, 程序 421中可以包括程序代码, 所述程序代码包括计算机操作指令。  The memory 42 is used to store the program 421. Specifically, the program 421 may include program code, where the program code includes computer operation instructions.
通信接口 44用于接收接入点发送的服务请求信息,所述服务请求信息中 携带有服务标识, 所述服务请求信息用于供所述服务站点确定是否具有提供 所述服务标识对应的服务的能力, 所述服务标识是所述接入点从需要被服务 的站点所发送的服务需求信息中获得的。  The communication interface 44 is configured to receive the service request information sent by the access point, where the service request information carries a service identifier, where the service request information is used by the service station to determine whether the service corresponding to the service identifier is provided. Capability, the service identifier is obtained by the access point from service demand information sent by a site that needs to be served.
处理器 41运行程序 421 , 以执行:  The processor 41 runs the program 421 to execute:
根据所述服务请求信息, 确定具有提供所述服务标识对应的服务的能力 之后, 向所述接入点返回服务请求成功信息; 接收所述接入点根据所述服务 请求成功信息, 向所述服务站点发送的认证请求信息, 所述认证请求信息用 于供所述服务站点与所述接入点之间进行认证。  Determining, after determining the capability of providing the service corresponding to the service identifier, the service request success information to the access point according to the service request information; receiving the access point according to the service request success information, to the Authentication request information sent by the service site, where the authentication request information is used for authentication between the service site and the access point.
具体的, 本发明实施例提供的服务站点接受请求认证的方法, 可以参见 上述对应的方法实施例中所述的操作步骤。  Specifically, the method for receiving the request authentication by the service site provided by the embodiment of the present invention may refer to the operation steps described in the foregoing method embodiment.
本发明实施例提供的服务站点, 接收接入点发送的服务请求信息, 根据 所述服务请求信息, 确定具有提供所述服务标识对应的服务的能力之后, 向 所述接入点返回服务请求成功信息, 接收所述接入点根据所述服务请求成功 信息, 向所述服务站点发送的认证请求信息, 所述认证请求信息用于供所述 服务站点与所述接入点之间进行认证; 由于接入点可以主动请求与服务站点 建立关联认证关系, 因此服务站点不再需要一直保持与接入点之间的关联认 证关系,服务站点可以在提供完服务之后取消与接入点之间的关联认证关系, 相应地对这部分网络资源进行释放, 从而提高网络资源的利用率; 此外, 由 于服务站点在同一时刻只能与一个接入点存在关联认证关系, 而利用本发明 实施例中的方法可以使得服务站点能够根据接入点和站点的服务需求, 与不 同的接入点建立或取消关联认证关系, 提高了服务站点的利用率和灵活性。 The service station provided by the embodiment of the present invention receives the service request information sent by the access point, and after determining the capability of providing the service corresponding to the service identifier according to the service request information, the service request is successfully returned to the access point. Receiving, by the access point, the authentication request information sent by the access point to the service site according to the service request success information, where the authentication request information is used for authentication between the service site and the access point; Since the access point can actively request an association authentication relationship with the service site, the service site no longer needs to maintain the association with the access point. Certificate relationship, the service site can cancel the association authentication relationship with the access point after providing the service, and release the network resources accordingly, thereby improving the utilization of network resources; in addition, since the service site is only at the same time The method can be associated with an access point, and the method in the embodiment of the present invention can enable the service station to establish or cancel the association relationship with different access points according to the service requirements of the access point and the site, thereby improving the authentication relationship. Service site utilization and flexibility.
图 7a为本发明实施例提供的又一服务站点的结构示意图,如图 7a所示, 该服务站点包括: 接收单元 51和认证单元 52。  FIG. 7a is a schematic structural diagram of another service site according to an embodiment of the present invention. As shown in FIG. 7a, the service site includes: a receiving unit 51 and an authentication unit 52.
接收单元 51 , 用于接收接入点发送的携带有服务标识的认证请求信息, 所述服务标识是所述接入点从需要被服务的站点所发送的服务需求信息中获 得的;  The receiving unit 51 is configured to receive, by the access point, the authentication request information that carries the service identifier, where the service identifier is obtained by the access point from the service requirement information sent by the site that needs to be served;
认证单元 52 , 用于根据所述服务标识确定具有提供所述服务标识对应的 服务的能力之后, 根据所述认证请求信息与所述接入点之间进行认证。  The authentication unit 52 is configured to perform authentication according to the authentication request information and the access point after determining, according to the service identifier, the capability of providing the service corresponding to the service identifier.
图 7b为本发明实施例提供的又一服务站点的结构示意图,如图 7b所示, 该服务站点包括: 处理器 61、存储器 62、总线 63和通信接口 64。处理器 61、 存储器 62和通信接口 64之间通过总线 63连接并完成相互间的通信。  FIG. 7b is a schematic structural diagram of another service site according to an embodiment of the present invention. As shown in FIG. 7b, the service site includes: a processor 61, a memory 62, a bus 63, and a communication interface 64. The processor 61, the memory 62 and the communication interface 64 are connected by a bus 63 and communicate with each other.
处理器 61 可能为单核或多核中央处理单元(Central Processing Unit, CPU ),或者为特定集成电路( Application Specific Integrated Circuit , ASIC ) , 或者为被配置成实施本发明实施例的一个或多个集成电路。  The processor 61 may be a single core or multi-core central processing unit (CPU), or an Application Specific Integrated Circuit (ASIC), or one or more integrated systems configured to implement the embodiments of the present invention. Circuit.
存储器 62 可以为高速 RAM 存储器, 也可以为非易失性存储器 ( non- volatile memory ) , 例 口至少一个磁盘存 4诸器。  The memory 62 can be a high speed RAM memory or a non-volatile memory, and at least one disk can be stored.
存储器 62用于存放程序 621。 具体的, 程序 421中可以包括程序代码, 所述程序代码包括计算机操作指令。  The memory 62 is used to store the program 621. Specifically, the program 421 may include program code, where the program code includes computer operation instructions.
通信接口 64用于接收接入点发送的携带有服务标识的认证请求信息,所 述服务标识是所述接入点从需要被服务的站点所发送的服务需求信息中获得 的。  The communication interface 64 is configured to receive the authentication request information that is sent by the access point and carries the service identifier, where the service identifier is obtained by the access point from the service requirement information sent by the site that needs to be served.
处理器 61运行程序 621 , 以执行:  The processor 61 runs the program 621 to execute:
根据所述服务标识确定具有提供所述服务标识对应的服务的能力之后, 根据所述认证请求信息与所述接入点之间进行认证。  After determining, according to the service identifier, the capability of providing the service corresponding to the service identifier, performing authentication according to the authentication request information and the access point.
具体的, 本发明实施例提供的服务站点接受请求认证的方法, 可以参见 上述对应的方法实施例中所述的操作步骤。 本发明实施例提供的服务站点, 接收接入点发送的携带有服务标识的认 证请求信息, 根据所述服务标识确定具有提供所述服务标识对应的服务的能 力之后, 根据所述认证请求信息与所述接入点之间进行认证; 由于接入点可 以主动请求与服务站点建立关联认证关系, 因此服务站点不再需要一直保持 与接入点之间的关联认证关系, 服务站点可以在提供完服务之后取消与接入 点之间的关联认证关系 , 相应地对这部分网络资源进行释放, 从而提高网络 资源的利用率; 此外, 由于服务站点在同一时刻只能与一个接入点存在关联 和站点的服务需求, 与不同的接入点建立或取消关联认证关系, 提高了服务 站点的利用率和灵活性。 Specifically, the method for receiving the request for authentication by the service site provided by the embodiment of the present invention can be referred to the operation steps described in the foregoing method embodiment. The service station provided by the embodiment of the present invention receives the authentication request information that is sent by the access point and carries the service identifier, and after determining the capability of providing the service corresponding to the service identifier according to the service identifier, according to the authentication request information, The authentication is performed between the access points. Because the access point can actively request to establish an association authentication relationship with the service site, the service site no longer needs to maintain the association authentication relationship with the access point. The service site can be provided. After the service, the association relationship between the access point and the access point is cancelled, and the network resources are released accordingly, thereby improving the utilization of the network resources. In addition, since the service station can only be associated with one access point at the same time. The service requirements of the site, establishing or disassociating authentication relationships with different access points, improve the utilization and flexibility of the service site.
图 8a为本发明实施例提供的又一服务站点的结构示意图,如图 8a所示, 该服务站点包括: 接收单元 71和认证单元 72。  FIG. 8 is a schematic structural diagram of another service site according to an embodiment of the present invention. As shown in FIG. 8a, the service site includes: a receiving unit 71 and an authentication unit 72.
接收单元 71 , 用于接收接入点发送的服务请求信息, 所述服务请求信息 中携带有服务标识, 所述服务请求信息用于供所述服务站点确定是否具有提 供所述服务标识对应的服务的能力, 所述服务标识是所述接入点从需要被服 务的站点所发送的服务需求信息中获得的;  The receiving unit 71 is configured to receive service request information sent by the access point, where the service request information carries a service identifier, where the service request information is used by the service site to determine whether the service corresponding to the service identifier is provided. Capability, the service identifier is obtained by the access point from service demand information sent by a site that needs to be served;
认证单元 72, 用于根据所述服务请求信息, 确定具有提供所述服务标识 对应的服务的能力之后, 向所述接入点发送认证请求信息, 所述认证请求信 息用于与所述服务站点之间进行认证。  The authentication unit 72 is configured to: after determining, according to the service request information, the capability of providing the service corresponding to the service identifier, send the authentication request information to the access point, where the authentication request information is used for the service site Authenticate between.
图 8b为本发明实施例提供的又一服务站点的结构示意图,如图 8b所示, 该服务站点包括: 处理器 81、存储器 82、总线 83和通信接口 84。处理器 81、 存储器 82和通信接口 84之间通过总线 83连接并完成相互间的通信。  FIG. 8b is a schematic structural diagram of another service site according to an embodiment of the present invention. As shown in FIG. 8b, the service site includes: a processor 81, a memory 82, a bus 83, and a communication interface 84. The processor 81, the memory 82, and the communication interface 84 are connected by a bus 83 and communicate with each other.
处理器 81 可能为单核或多核中央处理单元(Central Processing Unit, CPU ),或者为特定集成电路( Application Specific Integrated Circuit , ASIC ) , 或者为被配置成实施本发明实施例的一个或多个集成电路。  The processor 81 may be a single core or multi-core central processing unit (CPU), or an Application Specific Integrated Circuit (ASIC), or one or more integrated systems configured to implement the embodiments of the present invention. Circuit.
存储器 82 可以为高速 RAM 存储器, 也可以为非易失性存储器 ( non-volatile memory ) , 例 口至少一个磁盘存 4诸器。  The memory 82 may be a high speed RAM memory or a non-volatile memory, and at least one of the disks may be stored.
存储器 82用于存放程序 821。 具体的, 程序 821中可以包括程序代码, 所述程序代码包括计算机操作指令。  The memory 82 is used to store the program 821. Specifically, the program 821 may include program code, where the program code includes computer operation instructions.
通信接口 84用于接收接入点发送的服务请求信息,所述服务请求信息中 携带有服务标识, 所述服务请求信息用于供所述服务站点确定是否具有提供 所述服务标识对应的服务的能力, 所述服务标识是所述接入点从需要被服务 的站点所发送的服务需求信息中获得的。 The communication interface 84 is configured to receive service request information sent by the access point, where the service request information is Carrying a service identifier, where the service request information is used by the service site to determine whether it has the capability of providing a service corresponding to the service identifier, where the service identifier is sent by the access point from a site that needs to be served. Obtained in the service demand information.
处理器 81运行程序 821 , 以执行:  The processor 81 runs the program 821 to execute:
根据所述服务请求信息, 确定具有提供所述服务标识对应的服务的能力 之后, 向所述接入点发送认证请求信息, 所述认证请求信息用于供所述服务 站点与所述接入点之间进行认证。  And after determining, according to the service request information, the capability of providing the service corresponding to the service identifier, sending, to the access point, authentication request information, where the authentication request information is used by the service site and the access point Authenticate between.
具体的, 本发明实施例提供的服务站点接受请求认证的方法, 可以参见 上述对应的方法实施例中所述的操作步骤。  Specifically, the method for receiving the request authentication by the service site provided by the embodiment of the present invention may refer to the operation steps described in the foregoing method embodiment.
本发明实施例提供的服务站点, 接收接入点发送的服务请求信息; 根据 所述服务请求信息, 确定具有提供所述服务标识对应的服务的能力之后, 向 所述接入点发送认证请求信息, 所述认证请求信息用于供所述服务站点与所 述接入点之间进行认证; 由于接入点可以主动请求与服务站点建立关联认证 关系, 因此服务站点不再需要一直保持与接入点之间的关联认证关系, 服务 站点可以在提供完服务之后取消与接入点之间的关联认证关系, 相应地对这 部分网络资源进行释放, 从而提高网络资源的利用率; 此外, 由于服务站点 在同一时刻只能与一个接入点存在关联认证关系, 而利用本发明实施例中的 方法可以使得服务站点能够根据接入点和站点的服务需求, 与不同的接入点 建立或取消关联认证关系, 提高了服务站点的利用率和灵活性。  The service station provided by the embodiment of the present invention receives the service request information sent by the access point, and after determining the capability of providing the service corresponding to the service identifier, according to the service request information, sending the authentication request information to the access point. The authentication request information is used for authentication between the service site and the access point; since the access point can actively request to establish an association authentication relationship with the service site, the service site no longer needs to be maintained and accessed at all times. The association authentication relationship between the points, the service site can cancel the association authentication relationship with the access point after the service is provided, and release the network resources accordingly, thereby improving the utilization of the network resources; The site can only associate with one access point at the same time, and the method in the embodiment of the present invention can enable the service station to establish or de-associate with different access points according to the service requirements of the access point and the site. The authentication relationship improves the utilization and flexibility of the service site.
图 9为本发明实施例提供的通信系统的结构示意图, 如图 9所示, 该通 信系统包括需要被服务的站点 1、如图 5a或 5b所示的接入点 2以及服务站点 3。 其中, 服务站点 3可以如图 6a或 6b所示, 可以如图 7a或 7b所示, 还可 以如图 8a或 8b所示。需要被服务的站点 1、接入点 2以及服务站点 3之间通 信连接。  FIG. 9 is a schematic structural diagram of a communication system according to an embodiment of the present invention. As shown in FIG. 9, the communication system includes a site 1 to be served, an access point 2 as shown in FIG. 5a or 5b, and a service site 3. The service site 3 can be as shown in FIG. 6a or 6b, as shown in FIG. 7a or 7b, and can also be as shown in FIG. 8a or 8b. A communication connection between the site 1, the access point 2, and the service site 3 that need to be served.
具体的, 本发明实施例提供的通信系统中实现请求认证的方法, 可以参 见上述对应的方法实施例中所述的操作步骤。  Specifically, the method for implementing the request for authentication in the communication system provided by the embodiment of the present invention may be referred to the operation steps described in the foregoing method embodiments.
本领域普通技术人员可以理解: 实现上述各方法实施例的全部或部分步 骤可以通过程序指令相关的硬件来完成。 前述的程序可以存储于一计算机可 读取存储介质中。 该程序在执行时, 执行包括上述各方法实施例的步骤; 而 前述的存储介质包括: ROM, RAM, 磁碟或者光盘等各种可以存储程序代码 的介质。 It will be understood by those skilled in the art that all or part of the steps of implementing the above method embodiments may be performed by hardware related to the program instructions. The aforementioned program can be stored in a computer readable storage medium. The program, when executed, performs the steps including the foregoing method embodiments; and the foregoing storage medium includes: ROM, RAM, disk or optical disk, and the like, which can store program codes. Medium.
最后应说明的是: 以上各实施例仅用以说明本发明的技术方案, 而非对 其限制; 尽管参照前述各实施例对本发明进行了详细的说明, 本领域的普通 技术人员应当理解:其依然可以对前述各实施例所记载的技术方案进行修改, 或者对其中部分或者全部技术特征进行等同替换; 而这些修改或者替换, 并 不使相应技术方案的本质脱离本发明各实施例技术方案的范围。  Finally, it should be noted that the above embodiments are only for explaining the technical solutions of the present invention, and are not intended to be limiting thereof; although the present invention has been described in detail with reference to the foregoing embodiments, those skilled in the art will understand that The technical solutions described in the foregoing embodiments may be modified, or some or all of the technical features may be equivalently replaced; and the modifications or substitutions do not deviate from the technical solutions of the embodiments of the present invention. range.

Claims

权 利 要 求 书 Claim
1、 一种请求认证方法, 其特征在于, 包括:  A request authentication method, which is characterized by comprising:
接入点接收服务需求信息, 所述服务需求信息中携带有服务标识, 所述 服务标识为需要被服务的站点所需的服务的标识信息;  The access point receives the service requirement information, where the service requirement information carries a service identifier, where the service identifier is identifier information of a service required by the site that needs to be served;
所述接入点选择可提供所述服务标识对应的服务的目标服务站点; 所述接入点与所述目标服务站点之间进行认证。  The access point selects a target service site that can provide a service corresponding to the service identifier; and performs authentication between the access point and the target service site.
2、 根据权利要求 1所述的请求认证方法, 其特征在于, 所述接入点与所 述目标服务站点之间进行认证包括:  The request authentication method according to claim 1, wherein the authentication between the access point and the target service site comprises:
所述接入点向所述目标服务站点发送服务请求信息, 所述服务请求信息 中携带有所述服务标识, 所述服务请求信息用于供所述目标服务站点确定是 否具有提供所述服务标识对应的服务的能力;  The access point sends the service request information to the target service site, where the service request information carries the service identifier, where the service request information is used by the target service site to determine whether the service identifier is provided. The ability of the corresponding service;
所述接入点接收所述目标服务站点发送的服务请求成功信息, 所述服务 请求成功信息由所述目标服务站点根据所述服务请求信息, 确定具有提供所 述服务标识对应的服务的能力之后生成;  Receiving, by the access point, the service request success information sent by the target service station, where the service request success information is determined by the target service station according to the service request information, and having the capability of providing the service corresponding to the service identifier Generate
所述接入点根据所述服务请求成功信息向所述目标服务站点发送认证请 求信息, 所述认证请求信息用于供所述目标服务站点与所述接入点之间进行 认证。  And the access point sends the authentication request information to the target service site according to the service request success information, where the authentication request information is used for authentication between the target service site and the access point.
3、 根据权利要求 1所述的请求认证方法, 其特征在于, 所述接入点与所 述目标服务站点之间进行认证包括:  The request authentication method according to claim 1, wherein the authentication between the access point and the target service site comprises:
所述接入点向所述目标服务站点发送携带有所述服务标识的认证请求信 息, 所述认证请求信息用于供所述目标服务站点在确定具有提供所述服务标 识对应的服务的能力之后与所述接入点之间进行认证。  Sending, by the access point, the authentication request information that carries the service identifier to the target service site, where the authentication request information is used by the target service site after determining that the capability of providing the service corresponding to the service identifier is determined Authentication is performed with the access point.
4、 根据权利要求 1所述的请求认证方法, 其特征在于, 所述接入点与所 述目标服务站点之间进行认证包括:  The request authentication method according to claim 1, wherein the authentication between the access point and the target service site comprises:
所述接入点向所述目标服务站点发送服务请求信息, 所述服务请求信息 中携带有所述服务标识, 所述服务请求信息用于供所述目标服务站点确定是 否具有提供所述服务标识对应的服务的能力;  The access point sends the service request information to the target service site, where the service request information carries the service identifier, where the service request information is used by the target service site to determine whether the service identifier is provided. The ability of the corresponding service;
所述接入点若在预设时间内接收到所述目标服务站点发送的认证请求信 息, 则与所述目标服务站点之间进行认证, 所述认证请求信息由所述目标服 务站点根据所述服务请求信息在具有提供所述服务标识对应的服务的能力之 后发送给所述接入点。 If the access point receives the authentication request information sent by the target service site within a preset time, the access point performs authentication with the target service site, and the authentication request information is used by the target service site according to the Service request information has the ability to provide a service corresponding to the service identifier Then sent to the access point.
5、根据权利要求 4所述的请求认证方法,其特征在于,所述方法还包括: 所述接入点若在所述预设时间内未接收到所述目标服务站点发送的所述 认证请求信息, 则重新向所述目标服务站点发送所述服务请求信息。  The method for requesting authentication according to claim 4, wherein the method further comprises: if the access point does not receive the authentication request sent by the target service station within the preset time The information is then resent to the target service site to send the service request information.
6、 根据权利要求 1-5中任一所述的请求认证方法, 其特征在于, 所述接 入点选择可提供所述服务标识对应的服务的目标服务站点包括:  The request authentication method according to any one of claims 1-5, wherein the access point selects a target service site that can provide a service corresponding to the service identifier, including:
所述接入点选择可提供所述服务标识对应的服务的、 且处于有效工作时 段内的服务站点作为目标服务站点。  The access point selects a service site that can provide a service corresponding to the service identifier and is in a valid working period as a target service site.
7、 一种请求认证方法, 其特征在于, 包括:  7. A method for requesting authentication, characterized in that it comprises:
服务站点接收接入点发送的服务请求信息, 所述服务请求信息中携带有 务标识对应的服务的能力, 所述服务标识是所述接入点从需要被服务的站点 所发送的服务需求信息中获得的;  The service station receives the service request information sent by the access point, where the service request information carries the capability of the service corresponding to the service identifier, where the service identifier is the service demand information sent by the access point from the site that needs to be served. Obtained in
所述服务站点根据所述服务请求信息, 确定具有提供所述服务标识对应 的服务的能力之后, 向所述接入点返回服务请求成功信息;  Determining, by the service station, the service request success information to the access point after determining that the service has the capability of providing the service corresponding to the service identifier according to the service request information;
所述服务站点接收所述接入点根据所述服务请求成功信息, 向所述服务 站点发送的认证请求信息, 所述认证请求信息用于供所述服务站点与所述接 入点之间进行认证。  Receiving, by the service station, authentication request information sent by the access point to the service site according to the service request success information, where the authentication request information is used between the service site and the access point. Certification.
8、 一种请求认证方法, 其特征在于, 包括:  8. A method for requesting authentication, characterized in that it comprises:
服务站点接收接入点发送的携带有服务标识的认证请求信息, 所述服务 标识是所述接入点从需要被服务的站点所发送的服务需求信息中获得的; 所述服务站点根据所述服务标识确定具有提供所述服务标识对应的服务 的能力之后, 根据所述认证请求信息与所述接入点之间进行认证。  The service station receives the authentication request information that is sent by the access point and carries the service identifier, where the service identifier is obtained by the access point from the service requirement information sent by the site that needs to be served; After the service identifier determines the capability of providing the service corresponding to the service identifier, the service identifier is authenticated according to the authentication request information and the access point.
9、 一种请求认证方法, 其特征在于, 包括:  9. A method for requesting authentication, characterized in that it comprises:
服务站点接收接入点发送的服务请求信息, 所述服务请求信息中携带有 务标识对应的服务的能力, 所述服务标识是所述接入点从需要被服务的站点 所发送的服务需求信息中获得的;  The service station receives the service request information sent by the access point, where the service request information carries the capability of the service corresponding to the service identifier, where the service identifier is the service demand information sent by the access point from the site that needs to be served. Obtained in
所述服务站点根据所述服务请求信息, 确定具有提供所述服务标识对应 的服务的能力之后, 向所述接入点发送认证请求信息, 所述认证请求信息用 于供所述服务站点与所述接入点之间进行认证。 After the service station determines, according to the service request information, the capability of providing the service corresponding to the service identifier, the service station sends the authentication request information to the access point, where the authentication request information is used. Authentication is performed between the service site and the access point.
10、 一种接入点, 其特征在于, 包括:  10. An access point, comprising:
接收单元, 用于接收服务需求信息, 所述服务需求信息中携带有服务标 识, 所述服务标识为需要被服务的站点所需的服务的标识信息;  a receiving unit, configured to receive service requirement information, where the service requirement information carries a service identifier, where the service identifier is identifier information of a service required by a station that needs to be served;
选择单元, 用于选择可提供所述服务标识对应的服务的目标服务站点; 认证单元, 用于与所述目标服务站点之间进行认证。  a selection unit, configured to select a target service site that can provide a service corresponding to the service identifier; and an authentication unit, configured to perform authentication with the target service site.
11、根据权利要求 10所述的接入点,其特征在于,所述认证单元还用于: 向所述目标服务站点发送服务请求信息, 所述服务请求信息中携带有所 述服务标识, 所述服务请求信息用于供所述目标服务站点确定是否具有提供 所述服务标识对应的服务的能力; 接收所述目标服务站点发送的服务请求成 功信息,所述服务请求成功信息由所述目标服务站点根据所述服务请求信息, 确定具有提供所述服务标识对应的服务的能力之后生成; 根据所述服务请求 成功信息, 向所述目标服务站点发送认证请求信息, 所述认证请求信息用于 供所述目标服务站点与所述接入点之间进行认证。  The access point according to claim 10, wherein the authentication unit is further configured to: send service request information to the target service station, where the service request information carries the service identifier, where The service request information is used by the target service station to determine whether it has the capability of providing a service corresponding to the service identifier; receiving service request success information sent by the target service station, where the service request success information is served by the target service And generating, according to the service request information, the capability of providing the service corresponding to the service identifier, and generating, according to the service request success information, authentication request information, where the authentication request information is used for The target service site authenticates with the access point.
12、根据权利要求 10所述的接入点,其特征在于,所述认证单元还用于: 向所述目标服务站点发送携带有所述服务标识的认证请求信息, 所述认 务的能力之后与所述接入点之间进行认证。  The access point according to claim 10, wherein the authentication unit is further configured to: send, to the target service site, authentication request information that carries the service identifier, after the capability of the service Authentication is performed with the access point.
13、根据权利要求 10所述的接入点,其特征在于,所述认证单元还用于: 向所述目标服务站点发送服务请求信息, 所述服务请求信息中携带有所 述服务标识, 所述服务请求信息用于供所述目标服务站点确定是否具有提供 所述服务标识对应的服务的能力; 在预设时间内接收到所述目标服务站点发 送的认证请求信息时, 与所述目标服务站点之间进行认证, 所述认证请求信 息由所述目标服务站点根据所述服务请求信息, 确定具有提供所述服务标识 对应的服务的能力之后发送给所述接入点。  The access point according to claim 10, wherein the authentication unit is further configured to: send service request information to the target service station, where the service request information carries the service identifier, where The service request information is used by the target service station to determine whether the service corresponding to the service identifier is provided; when the authentication request information sent by the target service station is received within a preset time, the target service is The authentication is performed between the sites, and the authentication request information is sent by the target service site to the access point after determining the capability of providing the service corresponding to the service identifier according to the service request information.
14、根据权利要求 13所述的接入点,其特征在于,所述认证单元还用于: 在所述预设时间内未接收到所述目标服务站点发送的所述认证请求信息 时, 重新向所述目标服务站点发送所述服务请求信息。  The access point according to claim 13, wherein the authentication unit is further configured to: when the authentication request information sent by the target service station is not received within the preset time, Sending the service request information to the target service site.
15、 根据权利要求 10-14 中任一所述的接入点, 其特征在于, 所述选择 单元还用于: 选择可提供所述服务标识对应的服务的、 且处于有效工作时段内的服务 站点作为目标服务站点。 The access point according to any one of claims 10-14, wherein the selecting unit is further configured to: A service site that can provide the service corresponding to the service identifier and is in a valid working period is selected as the target service site.
16、 一种服务站点, 其特征在于, 包括:  16. A service site, comprising:
接收单元, 用于接收接入点发送的服务请求信息, 所述服务请求信息中 携带有服务标识, 所述服务请求信息用于供所述服务站点确定是否具有提供 所述服务标识对应的服务的能力, 所述服务标识是所述接入点从需要被服务 的站点所发送的服务需求信息中获得的;  a receiving unit, configured to receive service request information sent by the access point, where the service request information carries a service identifier, where the service request information is used by the service station to determine whether the service corresponding to the service identifier is provided Capability, the service identifier is obtained by the access point from service demand information sent by a site that needs to be served;
发送单元, 用于根据所述服务请求信息, 确定具有提供所述服务标识对 应的服务的能力之后, 向所述接入点返回服务请求成功信息;  a sending unit, configured to return, according to the service request information, the service request success information to the access point after determining the capability of providing the service corresponding to the service identifier;
认证单元, 用于接收所述接入点根据所述服务请求成功信息, 向所述服 务站点发送的认证请求信息, 所述认证请求信息用于供所述服务站点与所述 接入点之间进行认证。  An authentication unit, configured to receive, by the access point, authentication request information sent to the service site according to the service request success information, where the authentication request information is used between the service site and the access point Certify.
17、 一种服务站点, 其特征在于, 包括:  17. A service site, comprising:
接收单元, 用于接收接入点发送的携带有服务标识的认证请求信息, 所 述服务标识是所述接入点从需要被服务的站点所发送的服务需求信息中获得 的;  a receiving unit, configured to receive, by the access point, the authentication request information that carries the service identifier, where the service identifier is obtained by the access point from the service requirement information sent by the site that needs to be served;
认证单元, 用于根据所述服务标识确定具有提供所述服务标识对应的服 务的能力之后, 根据所述认证请求信息与所述接入点之间进行认证。  And an authentication unit, configured to perform authentication according to the service request identifier and the access point according to the service identifier, after the capability of providing the service corresponding to the service identifier is determined.
18、 一种服务站点, 其特征在于, 包括:  18. A service site, comprising:
接收单元, 用于接收接入点发送的服务请求信息, 所述服务请求信息中 携带有服务标识, 所述服务请求信息用于供所述服务站点确定是否具有提供 所述服务标识对应的服务的能力, 所述服务标识是所述接入点从需要被服务 的站点所发送的服务需求信息中获得的;  a receiving unit, configured to receive service request information sent by the access point, where the service request information carries a service identifier, where the service request information is used by the service station to determine whether the service corresponding to the service identifier is provided Capability, the service identifier is obtained by the access point from service demand information sent by a site that needs to be served;
认证单元, 用于根据所述服务请求信息, 确定具有提供所述服务标识对 应的服务的能力之后, 向所述接入点发送认证请求信息, 所述认证请求信息 用于供所述服务站点与所述接入点之间进行认证。  An authentication unit, configured to send, according to the service request information, an ability to provide a service corresponding to the service identifier, to send, to the access point, authentication request information, where the authentication request information is used by the service site and the The access points are authenticated.
19、 一种通信系统, 其特征在于, 包括: 需要被服务的站点、 如权利要 求 10-15中任一所述的接入点, 以及如权利要求 16、 17或 18所述的服务站 点; 所述需要被服务的站点、 所述接入点以及所述服务站点之间通信连接。  A communication system, comprising: a site to be served, an access point according to any one of claims 10-15, and a service site according to claim 16, 17 or 18; The communication connection between the site to be served, the access point, and the service site.
PCT/CN2013/088715 2013-04-09 2013-12-06 Request authentication method, access point, service station and communication system WO2014166270A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201310120656.2A CN104105094B (en) 2013-04-09 2013-04-09 Ask authentication method, apparatus and system
CN201310120656.2 2013-04-09

Publications (1)

Publication Number Publication Date
WO2014166270A1 true WO2014166270A1 (en) 2014-10-16

Family

ID=51672830

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2013/088715 WO2014166270A1 (en) 2013-04-09 2013-12-06 Request authentication method, access point, service station and communication system

Country Status (2)

Country Link
CN (1) CN104105094B (en)
WO (1) WO2014166270A1 (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110226308B (en) 2017-01-25 2021-02-23 华为技术有限公司 Network slice management method, management unit and system
CN114363927B (en) * 2017-02-27 2024-06-04 华为技术有限公司 Management method, management unit, communication system, storage medium, and program product

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1852474A (en) * 2005-12-20 2006-10-25 华为技术有限公司 Method and system for realizing multi-media broadcasting business in residence area
CN101277234A (en) * 2007-03-28 2008-10-01 华为技术有限公司 Household network and entry method
CN101753478A (en) * 2008-12-05 2010-06-23 中国移动通信集团公司 Distributed E-mail system and service method thereof
CN101800817A (en) * 2009-02-09 2010-08-11 中兴通讯股份有限公司 Method, device, system and service network for realizing service

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101588580A (en) * 2009-06-30 2009-11-25 华为技术有限公司 User access control method, home base station gateway and system
US8817662B2 (en) * 2010-10-20 2014-08-26 Marvell World Trade Ltd. Pre-association discovery

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1852474A (en) * 2005-12-20 2006-10-25 华为技术有限公司 Method and system for realizing multi-media broadcasting business in residence area
CN101277234A (en) * 2007-03-28 2008-10-01 华为技术有限公司 Household network and entry method
CN101753478A (en) * 2008-12-05 2010-06-23 中国移动通信集团公司 Distributed E-mail system and service method thereof
CN101800817A (en) * 2009-02-09 2010-08-11 中兴通讯股份有限公司 Method, device, system and service network for realizing service

Also Published As

Publication number Publication date
CN104105094B (en) 2017-08-18
CN104105094A (en) 2014-10-15

Similar Documents

Publication Publication Date Title
US10069557B2 (en) Communication method and device
CN104104516B (en) A kind of portal authentication method and equipment
US10856143B2 (en) Method and apparatus for IP address assignment
CN103746812B (en) A kind of access authentication method and system
US11212226B2 (en) Data processing method and apparatus, and device
US8914867B2 (en) Method and apparatus for redirecting data traffic
TWI415501B (en) Wireless network system and wireless access point device thereof
US9596209B2 (en) Causing client device to request a new internet protocol address based on a link local address
WO2012000271A1 (en) Method for terminal access and wireless communication network
US10517126B2 (en) Communication management and wireless roaming support
US9634917B2 (en) Method and system for detecting use of wrong internet protocol address
JP2018525916A (en) Communication method and related apparatus
CN113612861B (en) Remote access method, system and computer readable storage medium
CN108966363B (en) Connection establishing method and device
KR102490698B1 (en) Communication method for selecting a network slice / service and a communication device performing the same
WO2014166270A1 (en) Request authentication method, access point, service station and communication system
WO2013166678A1 (en) Mobile setting negotiation method and device
WO2018049655A1 (en) Device networking method, apparatus and system
WO2015135278A1 (en) Authentication method and system, prose functional entity, and ue
CN103973570A (en) Message transmission method, AP (access point) and message transmission system
CN114257634A (en) Server discovery method, device and storage medium
WO2015062038A1 (en) Method, apparatus and system for requesting association
CN107580325B (en) WDS (Wireless data System) connection method, wireless access point and terminal equipment
WO2018023213A1 (en) Network connection method and related device
KR101799402B1 (en) Method for simultaneously transmitting data in heterogeneous network

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 13881787

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 13881787

Country of ref document: EP

Kind code of ref document: A1