WO2015160781A1 - Portal authentication - Google Patents
Portal authentication Download PDFInfo
- Publication number
- WO2015160781A1 WO2015160781A1 PCT/US2015/025712 US2015025712W WO2015160781A1 WO 2015160781 A1 WO2015160781 A1 WO 2015160781A1 US 2015025712 W US2015025712 W US 2015025712W WO 2015160781 A1 WO2015160781 A1 WO 2015160781A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- user
- authentication
- portal
- client terminal
- application
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/313—User authentication using a call-back technique via a telephone network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/55—Push-based network services
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/56—Provisioning of proxy services
- H04L67/563—Data redirection of data network streams
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
- H04W12/068—Authentication using credential vaults, e.g. password manager applications or one time password [OTP] applications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2103—Challenge-response
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2117—User registration
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2101/00—Indexing scheme associated with group H04L61/00
- H04L2101/60—Types of network addresses
- H04L2101/618—Details of network addresses
- H04L2101/622—Layer-2 addresses, e.g. medium access control [MAC] addresses
Definitions
- the present disclosure relates to the field of Internet technology, and in particular, to an application client terminal and an application server.
- WLAN Wireless Local Area Network
- HaidilaoTM restaurant or StarbucksTM generally provide wireless access service for users.
- HaidilaoTM or StarbucksTM needs to construct and manage its own wireless network, such as deploying a wireless network that includes a wireless access point (AP) and a wireless access controller (AC).
- AP wireless access point
- AC wireless access controller
- the merchant such as HaidilaoTM is not only an owner of the wireless network but also an administrator of the wireless network, and needs to take security and service quality of the wireless access service into consideration. From the perspective of security, user identity authentication is undoubtedly an extremely important security mechanism.
- Wireless authentication modes such as Wi-Fi Protected Access (WPA)/WPA2 are widely applied to small-sized networks such as a home network, and an administrator of the network informs each authorized user of a secret key in a relatively safe manner.
- WPA Wi-Fi Protected Access
- WPA2 Wireless authentication modes
- small-sized networks such as a home network
- an administrator of the network informs each authorized user of a secret key in a relatively safe manner.
- informing users of a key one by one is obviously unacceptable.
- the mechanism described above runs at a wireless link layer, and therefore has poor compatibility.
- portable terminals of some users are earlier models, and the wireless technology used on such portable terminals may not support authentication modes such as WPA2.
- a portal authentication runs at a layer above the network layer, has general applicability, and is almost irrelevant to hardware of portable terminals of the user and wireless access technologies used on the portable terminals.
- a user obtains network access permission on the basis of a standard portal authentication process as long as the user accesses a wireless network.
- the portal authentication technology actually originates from the era of personal computer (PC) Internet, and has a technical problem for adapting to the usage characteristics of the mobile Internet.
- a WLAN Internet access service provided by China UnicomTM is used as an example.
- a smart phone of a user successfully connects to an AP of China UnicomTM (accesses a wireless network)
- a wireless network connection icon 11 indicates that the smart phone has successfully connected to the wireless network.
- the user may not refresh WeiboTM successfully.
- the root cause of this problem is that many ordinary users take it for granted that they may access an external network (generally the Internet) after successfully connecting to the wireless network. But in fact, the users merely successfully connect to the wireless network of UnicomTM in a wireless manner. Except for some authentication- free sites (such as a Dynamic Host Configuration Protocol (DHCP) server), the users cannot access the Internet before passing a portal authentication.
- DHCP Dynamic Host Configuration Protocol
- the portal authentication is implemented on the basis of a browser, and many ordinary users do not know that they need to open the browser to initiate a portal authentication process because this authentication mechanism is different from the authentication mode of wireless networks in a user's homes. From another perspective, even if some users understand working principles of the portal authentication, it is still inconvenient to perform the portal authentication.
- portable terminals of users generally have a function of automatically connecting to wireless networks to which the portable terminals have previously connected, while many smart phones will automatically turn off mobile data connections such as 3G when the smart phones successfully connect to the wireless network. Once the smart phone of the user automatically connects to the wireless network while the user does not notice this situation, the user will not initiate a portal authentication through the browser. In such a scenario, the user terminal may not access the Internet because the mobile data connection is turned off and problems will occur in many applications that need exchange data online all the time.
- the present disclosure provides an example application client terminal that resides or is applied on a portable terminal.
- the client includes a push processing unit, a portal agent unit, and a media access control address (MAC) synchronization unit.
- MAC media access control address
- the push processing unit when receiving an authentication prompt message pushed by an application server, outputs an authentication prompt option corresponding to the authentication prompt message in a message prompt bar of the portable terminal.
- the portal agent unit initiates a portal authentication after it is determined that the authentication prompt option is selected by a user, acquires MAC address information of the present portable terminal returned by a portal server after the portal authentication is initiated.
- the portal agent uses a user name and password that the application client terminal logs into the application server or the application server terminal as a user name and password for the portal authentication.
- the MAC synchronization sends the MAC address information of the present portable terminal returned by the portal server to the application server.
- the present disclosure further provides an example portal authentication method applied to a portable terminal 0 The method includes the following operations.
- Step A when an authentication prompt message pushed by an application server is received, an authentication prompt option corresponding to the authentication prompt message is output in a message prompt bar of the portable terminal;
- Step B the portal authentication is initiated after it is determined that the authentication prompt option is selected by a user.
- the MAC address information of the present portable terminal returned by a portal server is acquired after the portal authentication is initiated.
- a user name and password for the application logging into an application server is used as a user name and password for the portal authentication.
- Step C the MAC address information of the present portable terminal returned by the portal server is sent to the application server.
- the present disclosure further provides an example application server terminal applied to a server or that resides at the server and interacts with an application client terminal and a wireless server.
- the wireless server manages wireless access devices in at least one wireless network.
- the application server terminal includes a push management unit and a MAC maintenance unit.
- the push management unit acquires MAC address information of a portable terminal carried in the message, searches for a user corresponding to the MAC address in a local user MAC table, and pushes an authentication prompt message to an application client terminal of the user if the corresponding user is found.
- the portal authentication unit determines if a user name and password in the request belong to a registered user of the present application, and if so, determines that portal authentication of the user succeeds.
- the MAC maintenance unit updates the user MAC table with a correspondence relationship between the MAC address information and the user.
- the present disclosure further provides an example portal authentication service method applied to an application server to interact with a portable terminal and a wireless server.
- the wireless server manages wireless access devices in at least one wireless network.
- the method may include the following operations.
- Step a when a terminal connection message sent by the wireless server is received, the MAC address information of a portable terminal carried in the message is acquired, a user corresponding to the MAC address is searched in a local user MAC table, and an authentication prompt message is pushed to the user if the corresponding user is found;
- Step b when a portal authentication request is received, it is determined if the user name and password in the request belong to a registered user of the present application, and if so, it is determined that portal authentication of the user succeeds.
- Step c when the MAC address information sent by the user is received, the user MAC table is updated with a correspondence relationship between the MAC address information and the user.
- the present disclosure significantly facilitates the user's operation of using a portal authentication, and prevents, to a large degree, a problem that a user fails to access the Internet through a wireless network as the user forgets to perform a portal authentication or does not know the portal authentication mechanism to access the Internet.
- the present disclosure adapts better to the user requirements in a mobile Internet environment.
- FIG. 1 is a schematic diagram of a WeiboTM refreshing result when a user forgets to perform a portal authentication.
- FIG. 2 is a schematic diagram of a typical portal authentication networking.
- FIG. 3 is a diagram of hardware and logic structure of each node in a linkage system in an example embodiment of the present disclosure.
- FIG. 4 is a flow chart of an example portal authentication processing according to an example embodiment of the present disclosure.
- FIG. 5 is a flow chart of an example detailed portal authentication processing according to an example embodiment of the present disclosure.
- a portal authentication mechanism is described at first so that those of ordinary skill in the art will understand the technical advantages of the present disclosure more clearly.
- a portable terminal 202 such as smart phone successfully connects to a wireless network
- an external network such as a site on the Internet
- Step I A user uses a browser at a portable terminal 202 to access a website, for example, www.weibo.com. Since an Internet Protocol (IP) address of the site is generally not in an exception list (free of authentication) of an AC (wireless access control server or device) 204 and the IP address of the user is not in the user whitelist of the AC 204, the process turns to Step II.
- IP Internet Protocol
- Step II A wireless access device redirects the access of the user to a portal server 206 (which is generally integrated with the AC 204) by means of a Hypertext Transfer Protocol (HTTP) redirection, and the portal server returns a portal authentication page to the browser.
- HTTP Hypertext Transfer Protocol
- Step III The user enters a user name and password in the portal authentication page and submits an authentication request, and the portal server then submits the authentication request to the wireless access device.
- Step r The AC 204 initiates a portal authentication to the authentication server 208 to verify if the user name and password entered by the user are matched with an authorized user.
- Step V If the user portal authentication passes, the AC 204 adds the IP address of the user to the user whitelist.
- Step VI The user accesses to any website again, and since the IP address of the user is already in the user whitelist, the access of the user will be allowed.
- Step I to Step VI describe a typical portal authentication process, and such process is generally the same as the portal authentication on a PC.
- the portal authentication process may be simplified.
- the portal authentication page returned by the portal server 206 carries an application associated component (such as an AlipayTM associated component).
- the AlipayTM associated component After being loaded in the browser, the AlipayTM associated component will perform a calling operation of AlipayTM Wallet that calls AlipayTM Wallet to a foreground of the mobile phone, and sends a notification to ask AlipayTM Wallet to perform a portal authentication on behalf of the user.
- AlipayTM Wallet performs the portal authentication by using an AlipayTM user name and password of the user according to the notification.
- an application server 208 (such as AlipayTM server) plays the role of the corresponding authentication server; in this manner, the user does not need to remember the user name and password for the portal authentication, and instead the user can use the AlipayTM user name and password.
- the portable terminal 202 may connect to the AC 204 through an AP (access point) 214.
- the user Since the application AlipayTM Wallet may keep a logged-in status regularly, the user generally does not need to open the browser, and the operation of entering the AlipayTM user name and password in the portal authentication process is not necessary. More importantly, as AlipayTM has built partnerships with many merchants, the user may use the same user name and password to implement the portal authentication when paying a visit to those merchants. Of course, if a user is not an AlipayTM user, the user may still perform the portal authentication in a conventional portal authentication mode, but this user may need to register beforehand to acquire a portal user name and password, or acquire a temporary portal user name and password through a text message or in other manners. The authentication of the portal user name and password of such user will still be carried out in the authentication server. This solution facilitates the portal authentication of AlipayTM users or registered users of similar applications. However, such implementation still fails to thoroughly solve the technical problem raised in the background.
- the present disclosure further optimizes on the basis of the portal authentication described above.
- the present disclosure is based on an intensive linkage between a network system and an application system.
- the network system physically includes wireless access devices in a wireless network of a merchant and a wireless server that manages each of the wireless access devices; and the application system physically includes a portable terminal and an application server.
- the wireless access device provides a wireless network access service for the portable terminal.
- the wireless access device may be possessed by various merchants such as an operator or a food vendor, which is generally deployed in a physical area where the merchant provides a business service.
- each host includes one or more processors, memories, additional non-volatile storage devices, and network interfaces.
- a logic apparatus also referred to as a "virtual apparatus”
- a processor on a corresponding host reads a computer program or computer-executable instructions into a memory for execution.
- the present disclosure does not exclude other implementations, such as a programmable logic device, in addition to software implementation.
- an entity executing each processing step in the subsequent description may be implemented by using hardware, a logic device, or the like.
- a client or a portable terminal 302 includes one or more network interfaces 304, one or more processors or data processing unit(s) 306, and memory 308.
- the memory 308 is an example of computer-readable media.
- the memory 308 may store therein a plurality of modules or units including a push processing unit 310, a MAC synchronization unit 312, and a portal agent unit 314.
- the portable terminal 302 may further include an additional non-volatile storage device 316.
- the portable terminal 302 is connected to the network via a wireless access device 318.
- An application server terminal 320 includes one or more network interfaces 322, one or more processor(s) or data processing unit(s) 324, and memory 326.
- the memory 326 is an example of computer-readable media.
- the memory 326 may store therein a plurality of modules or units including a MAC maintenance unit 328, a portal authentication unit 330, and a push management unit 332.
- the application server terminal 320 may further include an additional non-volatile storage device 334.
- the client terminal, the wireless access device, the wireless server, and the application server terminal coordinate with each other during the operation to perform the following operations.
- the wireless access device reports a terminal connection message to the wireless server when it is determined that a portable terminal connects to the wireless network of the wireless access device.
- the message carries an identifier of the wireless access device and MAC address information of the portable terminal that connects to the wireless network.
- the wireless server sends a connection prompt message to the application server terminal.
- the connection prompt message carries the MAC address information of the portable terminal.
- the push management unit of the application server terminal acquires the MAC address information of the portable terminal carried in the message, and searches for a user corresponding to the MAC address in a user MAC table such as a local user MAC table. If the corresponding user is found, operations at 408 are performed. Otherwise, the current process flow is ended.
- the push management unit of the application server terminal pushes an authentication prompt message to an application client terminal of the found user.
- the push processing unit of the application client terminal outputs an authentication prompt option corresponding to the authentication prompt message in a message prompt bar of the portable terminal.
- the portal agent unit of the application client terminal initiates the portal authentication, acquires the MAC address information of the portable terminal returned by the portal server after the portal authentication is initiated, and, during the portal authentication, uses a user name and password that the application client terminal uses to log into the application server terminal as a user name and password for the portal authentication.
- the portal authentication unit of the application server terminal determines if the user name and password in the request belong to a registered user of the application, and if so, determines that the portal authentication of the user succeeds.
- the MAC synchronization unit of the application client terminal sends the
- the MAC maintenance unit of the application server terminal updates the user MAC table with a correspondence relationship between the MAC address information and the user.
- the portable terminal may be a terminal device that is easy for users to carry, for example, a smart phone, a PDA, or a tablet computer.
- a smart phone is used as an example for the description below.
- the application client terminal of the present disclosure may be an application software running on the portable terminal, which may be any client terminal from which the user enters a user name and password to log in to the application, such as mobile phone application client terminals including AlipayTM Wallet, TaobaoTM, SinaTM WeiboTM, or Laiwang.
- the application client terminal AlipayTM Wallet is used as an example for the description below.
- the application server terminal is service software that runs on an application server and provides a corresponding application service for the application client terminal.
- the AlipayTM server terminal is used as an example of the application server below.
- the wireless access device may be a fat AP, a AC in the architecture of AC and thin AP, or other similar network devices having a wireless access function.
- the AC is used as an example for the description below.
- one smart phone In most cases, one smart phone generally has a unique MAC address, and therefore, one MAC address generally has a relatively stable correspondence relationship with one user using AlipayTM Wallet.
- a corresponding user is thus determined to attempt to access the Internet through the wireless network.
- the AlipayTM server terminal is informed of this event according to the terminal connection message sent by the wireless server.
- the AlipayTM server terminal finds a corresponding AlipayTM user according to the MAC address information carried in the message, and in this case, it is assumed that the AlipayTM user is using the afore-mentioned smart phone that connects to the AC.
- the AlipayTM server terminal pushes an authentication prompt message to the AlipayTM client terminal of the user.
- AlipayTM Wallet generates an authentication prompt option according to the authentication prompt message; as long as the user selects the authentication prompt option, AlipayTM Wallet automatically performs the portal authentication on behalf of the user.
- the user only needs to select the authentication prompt option by clicking or a similar simple operation, and the portal authentication is completed quickly.
- the present techniques prevent, to a large degree, the problem that users forget to form the portal authentication.
- an authentication process for a first-time access of the smart phone to the wireless network is different in certain degrees from an authentication process for a non-first-time access to the wireless network.
- operations from 412 to 418 are performed.
- the difference between the portal authentication processes for the first-time access and non- first- time access are just the authentication triggering manner.
- a user visits a cooperative merchant (assuming it is merchant A) of AlipayTM for the first time.
- the user uses his smart phone (of which the MAC address is MAC3) to find a wireless network of merchant A, and completes a connection to the wireless network.
- the user's operation of connecting to the wireless network of merchant A will trigger operations from 402 to 406.
- the AlipayTM server terminal searches in a local user MAC table according to MAC3, as shown in Table 1. Since it is the first time that the user uses the AlipayTM server terminal to perform a portal authentication, MAC3 does not exist in Table 1 ; at the moment, the process flow of the application server terminal is ended here.
- the application server terminal does not know which user uses a smart phone to connect to the wireless network of merchant A, and therefore, cannot push an authentication prompt message.
- the user connects to the wireless network of the cooperative merchant of AlipayTM for the first time, operations at 408 will not be performed, and the mobile phone of the user will not receive an authentication prompt message. In this case, the user has to trigger a portal authentication process manually.
- Table 1
- the process of manually triggering portal authentication by the user is the same as that in the prior art, for example, by accessing to any website that is not in an exception site list, or to put it simply, the portal authentication is triggered as long as the user accesses to the Internet by using the browser.
- the application client terminal AlipayTM Wallet will be called by an AlipayTM associated component running on the browser.
- the portal agent unit of AlipayTM Wallet will receive an authentication notification of the associated component.
- the portal agent unit may check if the user is in an application logged-in status, and if the user Tony is not in the application logged-in status, an AlipayTM Wallet login interface is called to the foreground so that the user may enter an AlipayTM user name and password in the interface.
- the AlipayTM server terminal After the user submits the user name and password, the AlipayTM server terminal performs an identity authentication to complete the application login.
- the portal agent unit may take no account of the security mechanism of the application AlipayTM such that the application AlipayTM has its own login timeout mechanism, but this does not affect the use of the AlipayTM identity information (AlipayTM user name and password) as an alternative in the portal authentication.
- the portal authentication may be initiated as long as the user name and password of the user are stored in the AlipayTM client terminal. After the portal authentication is initiated, the portal authentication request will finally reach the AlipayTM server terminal, and the portal authentication unit of the AlipayTM server terminal checks if the user name and password in the portal authentication request belong to a registered user of AlipayTM, and if so, may return an authentication success notification to the wireless access device. Then the wireless access device notifies the smart phone of the successful authentication.
- an IP address that the AlipayTM server terminal uses to provide application services is generally configured in the exception site list of the AC of merchant A; in other words, each user may access the IP address through the AC to acquire application services without any limitation, no matter whether the user passes the authentication or not.
- Step 406 there are two kinds of trigger conditions for initiating the portal authentication: one is that the authentication prompt option is selected by the user, and the other is that a notification from the associated component of the browser is received.
- the trigger condition is the notification of the associated component of the browser.
- operations from 402 to 418 are only partially performed, in which operations at 408 and 410 are not performed and objectives of the operations at 408 and 410 are achieved by a manual operation of the user.
- AlipayTM Wallet in the present disclosure further performs operations at 416 and 418, which are different from the prior art.
- the method that the AlipayTM Wallet acquires the MAC address is significantly different from that in the prior art.
- application developers normally consider reading the MAC address from the operating system directly, and then sending the MAC address to the server terminal as the MAC address is an attribute of mobile phone hardware.
- the WindowsTM operating system by using the WindowsTM operating system as an example, all ordinary users may acquire the MAC address of the host by using a command such as "ipconfig /all.”
- ipconfig /all a command such as "ipconfig /all.”
- such conventional implementation idea has imperceptible technical defects.
- a mobile operating system provider sets many obstacles for reading a MAC address of a mobile phone.
- the AndroidTM operating system provided by GoogleTM
- additional conditions need to be satisfied, and to meet these additional conditions, more complicated development work needs to be done.
- the IOSTM operating system provided by AppleTM
- the operating system does not allow mobile phone applications to read the MAC address of the smart phone directly.
- the present techniques acquire the MAC address of the user in a more convenient method while ensuring the information security of the user.
- the AC naturally stores the MAC address of the smart phone as the AC needs to forward packets to the smart phone. Therefore, the AC may pass the MAC address of the smart phone to the portal server during the portal authentication, and the portal server returns the MAC address to the AlipayTM Wallet.
- the portal server is often integrated into the AC, and therefore, it is relatively easy to pass the MAC address.
- the present disclosure returns, to the AlipayTM Wallet, the MAC address of the mobile phone as a parameter passed by a redirected uniform resource location (URL) (a passing parameter of the redirected URL).
- URL uniform resource location
- the AlipayTM Wallet does not need to perform a special processing and a MAC synchronization unit thereon only needs to send the encrypted data to the application server terminal.
- the application server terminal needs to perform the special processing.
- the MAC maintenance unit determines if the MAC address information is encrypted data before the MAC address information is stored. If the MAC address information is not the encrypted data, the MAC maintenance unit only needs to store the correspondence relationship between the MAC address information and the user.
- the MAC maintenance unit needs to invoke, according to a vendor identification additionally carried in the passing parameter, a corresponding decryption algorithm to decrypt the encrypted data, to acquire plaintext MAC address information, and then store the correspondence relationship between the MAC address information and the user.
- the provider of the wireless access device has a partnership with AlipayTM, and thus the vendor identification of the device and an encryption/decryption corresponding to the identification (if necessary) are stored on the AlipayTM server terminal.
- the linkage of the MAC address information is realized, and moreover, the security of user information is improved.
- a process flow for the non-first-time access of the user to the wireless network of the cooperative merchant of AlipayTM Referring to FIG. 5, after the user Tony completes the first portal authentication in cooperative merchant A of AlipayTM, the AlipayTM server terminal stores the correspondence relationship between the user and the MAC address of the mobile phone of the user.
- a portable terminal (application client terminal) 504 such as smart phone that is installed an application e.g., AlipayTM accesses to a wireless access network via a wires access device 506 (integrated with a portal server).
- the wireless access device 506 sends a terminal connection message to a wireless server 510.
- the wireless server 510 sends a connection prompt message to an application server 514 such as an AlipayTM server with AlipayTM server terminal.
- the application server 514 finds a user according to MAC address information included in the connection prompt message.
- the application server 514 pushes an authentication prompt message to the portable terminal 504.
- the portable terminal 504 generates an authentication prompt option and displays it to a user.
- the portal terminal 504 initiates a portal authentication with the wireless access device 506 when it is determined that the authentication prompt option is selected by the user.
- the wireless access device 506 sends the MAC address of the portable terminal 504 returned from the portal server as a passing parameter of a redirected URL to the portable terminal 502.
- the portable terminal 504 acquires the MAC address information from the redirected URL.
- the portable terminal 504 submits a user name and password of the application such as AlipayTM to the wireless access device 506.
- the wireless access device sends a portal authentication request 530 to the application server 514.
- the application server 514 conducts an identity authentication 532.
- the application server 514 informs the wireless access device.
- the wireless access device 506 informs the portable terminal 504 that the authentication succeeds.
- the portable terminal 504 sends its MAC address information to the application server 514.
- the application server 514 saves the MAC address information and the user to a user MAC table.
- the user Tony With the correspondence relationship and the operations from 402 to 418, it is quite convenient for the user Tony to subsequently use a wireless network in any cooperative merchant of AlipayTM. Assuming that the user Toney visits merchant B again several days later, the user Tony uses his smart phone to find the wireless network of merchant B, and completes a connection to the wireless network. As described above, the user's operation of connecting to the wireless network of merchant B triggers operations from 402 to 406.
- the AlipayTM server terminal finds that the user using MAC3 is Tony when searching in the local user MAC table (which is Table 2 in this case), and then the application server terminal turns to 408 to push an authentication prompt message to the user.
- the AlipayTM server terminal is in the exception site list of the AC; therefore, the mutual access between AlipayTM Wallet and the AlipayTM server terminal is unlimited, while the application AlipayTM Wallet generally keeps a connection with the AlipayTM server terminal in the background to timely transmit important data with each other. Therefore, the authentication prompt message may be pushed to AlipayTM Wallet of user Tony smoothly.
- AlipayTM Wallet performs operations at 410 correspondingly to output an authentication prompt option in the message prompt bar (for example, at the top of the screen of the mobile phone).
- the design of message prompt option of social applications such as WeiboTM or other similar designs (which will not be specifically described) may be used to output the option, which is not detailed herein.
- AlipayTM Wallet may also output sound or a vibration prompt to remind the user correspondingly.
- the user may select the authentication prompt option by performing pull-down and clicking operations.
- AlipayTM Wallet performs operations at 412 to complete the portal authentication on behalf of the user.
- the IP address of the user will be added to the whitelist of the AC; in this way, the user may pass the portal authentication almost without perceiving it, and access the Internet.
- any AlipayTM user during the first-time connection to the wireless network of the cooperative merchant of AlipayTM, the user needs to manually open the browser and enter a website to trigger a portal authentication process. Afterwards, when the user goes to any cooperative merchant of AlipayTM and successfully connects to the wireless network, the user will receive an authentication prompt in a very short time, and only needs to select the authentication prompt option by performing operations such as pull-down and clicking to complete the portal authentication easily. On one hand, the user does not need to perform relatively complex operations such as opening the browser to enter a website. On the other hand, since the user acquires the authentication prompt, it prevents the user from forgetting to perform the portal authentication, which is more meaningful for those who are not familiar with the portal authentication technology.
- the description focuses on the case in which the user uses a particular smart phone, which may generally satisfy the use demands of the majority of users.
- the present disclosure is also applicable to the case in which the user uses multiple portable terminals. It is assumed that the user Tony uses two smart phones, in which the MAC address of mobile phone 1 is MAC 3 and the MAC address of mobile phone 2 is MAC256. If the user Tony uses the mobile phone 2 to repeat the foregoing use process, the server terminal only needs to store one unique table entry for one user; that is, the table entry of Tony is updated, and the MAC address of Tony is updated to be MAC256. If Tony uses the mobile phone 1 again, the table entry of Tony is refreshed again.
- this table entry may be deleted according to a preset aging mechanism.
- the third table entry in Table 3 is never updated at 418 or is not updated for more than a preset threshold of item, it may be inferred that the user no longer uses the MAC address, and thus this table entry may be deleted. If Tony uses this MAC address (for example, uses the original mobile phone) again, the present disclosure may still perform a normal processing according to the procedures described above.
- the linkage mechanism of the present disclosure can facilitate the linkage between users and merchants.
- an AC 602 (whose device identifier is AC 100) in FIG. 6 has a correspondence relationship with a merchant whose merchant identifier is HDL.
- the AC 602 may be a device bought or rented by merchant HDL. That is, the AC and the merchant have a correspondence relationship on the side of the wireless server, and this correspondence is often stored in a database of the wireless server 604, as shown in Table 4.
- the AC 602 sends a terminal connection message including the AC identification to the wireless server 604.
- the wireless server 604 searches the merchant identification according to the AC identification.
- the wireless server 604 sends a connection prompt message including the merchant identification to an application server 612 such as an AlipayTM server terminal.
- the application server 612 sends an authentication prompt message that includes service information of the merchant corresponding to the merchant identification and/or a third-party application corresponding to the merchant to a portable terminal 616 such as a smart phone installed an AlipayTM client terminal.
- the portable terminal 616 displays the server information and/or call the corresponding third-party application after the portal authentication succeeds.
- the portable terminal 616 displays the service information and/or calls the corresponding third- party application after the portal authentication succeeds.
- the portable terminal 616 connects with the AC 602 via an AP 618.
- the wireless server finds the corresponding merchant identifier HDL according to the
- AC identifier namely, AC 100, carried in the terminal connection message, adds the merchant identifier HDL to the connection prompt message, and sends it to the AlipayTM server terminal.
- the AlipayTM server terminal stores the service information and/or a third-party application identifier corresponding to merchant HDL.
- the AlipayTM server terminal may further include a merchant interface unit.
- the merchant interface unit may be a web service window. After the merchant logs in by using a corresponding enterprise account, the service information and third-party application identifier configured by the merchant are sent to the merchant interface unit, and the merchant interface unit stores the service information and third-party application identifier in a merchant information table.
- the merchant HDL may use the merchant interface unit to update the service information, such as commodity promotion information and new arrival information, in the merchant information table on the application server terminal regularly or irregularly.
- the third-party application identifier may be an identifier of an application client terminal corresponding to the merchant HDL, such as an ordering client developed by HDL itself, or an application client terminal, such as TaobaoTM app, developed by a cooperator of HDL and applicable to HDL.
- the push management unit of the AlipayTM server terminal searches the merchant information table (referring to the example in FIG. 5) according to the merchant identifier HDL in the connection prompt message to determine the corresponding service information and/or third-party application identifier.
- the push management unit adds the found service information and/or third-party application identifier to the authentication prompt message, and pushes the authentication prompt message to AlipayTM Wallet.
- the push processing unit of AlipayTM Wallet acquires the service information from the authentication prompt message and displays the service information.
- the push processing unit may display the service information after the portal authentication is passed as the service information may include a link and the user needs to click the link to access a corresponding site. Before the portal authentication is passed, the user cannot access those sites unless they are in the whitelist of exception sites.
- the push processing unit may further check if the smart phone has a corresponding third-party application locally. If the smart phone has the corresponding third-party application locally, the push processing unit starts the third-party application. If the smart phone does not have the corresponding third-party application locally, the push processing unit gives up, or suggests that the user download the third-party application.
- the present techniques further display the latest service information of merchant HDL to the user so that the user may conveniently have updated latest merchant service information in time.
- the push management unit facilitates self-service ordering of the user who is planning to dine in HDL.
- display of such service information and calling of the third-party application make consumption activities of users in merchant HDL much easier and reduce the costs of communication between consumers and the merchant.
- a computing device such as any server or device as described in the present disclosure may include one or more central processing units (CPU), one or more input/output interfaces, one or more network interfaces, and memory.
- CPU central processing units
- input/output interfaces one or more input/output interfaces
- network interfaces one or more network interfaces
- memory one or more network interfaces
- the memory may include forms such as non-permanent memory, random access memory (RAM), and/or non- volatile memory such as read only memory (ROM) and flash random access memory (flash RAM) in the computer-readable media.
- RAM random access memory
- ROM read only memory
- flash RAM flash random access memory
- the memory is an example of computer-readable media.
- the computer-readable media includes permanent and non-permanent, movable and non-movable media that may use any methods or techniques to implement information storage.
- the information may be computer-readable instructions, data structure, software modules, or any data.
- the example of computer storage media may include, but is not limited to, phase-change memory (PCM), static random access memory (SRAM), dynamic random access memory (DRAM), other type RAM, ROM, electrically erasable programmable read only memory (EEPROM), flash memory, internal memory, CD-ROM, DVD, optical memory, magnetic tape, magnetic disk, any other magnetic storage device, or any other non-communication media that may store information accessible by the computing device.
- PCM phase-change memory
- SRAM static random access memory
- DRAM dynamic random access memory
- ROM electrically erasable programmable read only memory
- flash memory internal memory
- CD-ROM DVD
- optical memory magnetic tape
- magnetic disk any other magnetic storage device, or any other non-communication media that may store information accessible by the computing device.
- the term “including,” “comprising,” or any variation thereof refers to non-exclusive inclusion so that a process, method, product, or device that includes a plurality of elements does not only include the plurality of elements but also any other element that is not expressly listed, or any element that is essential or inherent for such process, method, product, or device. Without more restriction, the elements defined by the phrase “including a " does not exclude that the process, method, product, or device includes another same element in addition to the elements.
- the example embodiments may be presented in the form of a method, a system, or a computer software product.
- the present techniques may be implemented by hardware, computer software, or a combination thereof.
- the present techniques may be implemented as the computer software product that is in the form of one or more computer storage media (including, but is not limited to, disk, CD-ROM, or optical storage device) that include computer-executable or computer-readable instructions.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computing Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Software Systems (AREA)
- Power Engineering (AREA)
- Telephonic Communication Services (AREA)
- Information Transfer Between Computers (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
Description
Claims
Priority Applications (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020167027874A KR102154384B1 (en) | 2014-04-14 | 2015-04-14 | Portal authentication |
JP2016561013A JP6552519B2 (en) | 2014-04-14 | 2015-04-14 | Portal authentication |
EP15780018.6A EP3132370A4 (en) | 2014-04-14 | 2015-04-14 | Portal authentication |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410148906.8 | 2014-04-14 | ||
CN201410148906.8A CN104980412B (en) | 2014-04-14 | 2014-04-14 | A kind of applications client, server-side and corresponding portal authentication method |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2015160781A1 true WO2015160781A1 (en) | 2015-10-22 |
Family
ID=54266055
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/US2015/025712 WO2015160781A1 (en) | 2014-04-14 | 2015-04-14 | Portal authentication |
Country Status (8)
Country | Link |
---|---|
US (1) | US10122704B2 (en) |
EP (1) | EP3132370A4 (en) |
JP (2) | JP6552519B2 (en) |
KR (1) | KR102154384B1 (en) |
CN (2) | CN104980412B (en) |
HK (1) | HK1213379A1 (en) |
TW (1) | TWI684153B (en) |
WO (1) | WO2015160781A1 (en) |
Families Citing this family (137)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8677377B2 (en) | 2005-09-08 | 2014-03-18 | Apple Inc. | Method and apparatus for building an intelligent automated assistant |
US9318108B2 (en) | 2010-01-18 | 2016-04-19 | Apple Inc. | Intelligent automated assistant |
US8977255B2 (en) | 2007-04-03 | 2015-03-10 | Apple Inc. | Method and system for operating a multi-function portable electronic device using voice-activation |
US10002189B2 (en) | 2007-12-20 | 2018-06-19 | Apple Inc. | Method and apparatus for searching using an active ontology |
US8676904B2 (en) | 2008-10-02 | 2014-03-18 | Apple Inc. | Electronic devices with voice command and contextual data processing capabilities |
US10706373B2 (en) | 2011-06-03 | 2020-07-07 | Apple Inc. | Performing actions associated with task items that represent tasks to perform |
US10276170B2 (en) | 2010-01-18 | 2019-04-30 | Apple Inc. | Intelligent automated assistant |
US8682667B2 (en) | 2010-02-25 | 2014-03-25 | Apple Inc. | User profiling for selecting user specific voice input processing information |
US9262612B2 (en) | 2011-03-21 | 2016-02-16 | Apple Inc. | Device access using voice authentication |
US10057736B2 (en) | 2011-06-03 | 2018-08-21 | Apple Inc. | Active transport based notifications |
US10134385B2 (en) | 2012-03-02 | 2018-11-20 | Apple Inc. | Systems and methods for name pronunciation |
US10417037B2 (en) | 2012-05-15 | 2019-09-17 | Apple Inc. | Systems and methods for integrating third party services with a digital assistant |
KR20240132105A (en) | 2013-02-07 | 2024-09-02 | 애플 인크. | Voice trigger for a digital assistant |
US10652394B2 (en) | 2013-03-14 | 2020-05-12 | Apple Inc. | System and method for processing voicemail |
US10748529B1 (en) | 2013-03-15 | 2020-08-18 | Apple Inc. | Voice activated device for use with a voice-based digital assistant |
WO2014197335A1 (en) | 2013-06-08 | 2014-12-11 | Apple Inc. | Interpreting and acting upon commands that involve sharing information with remote devices |
US10176167B2 (en) | 2013-06-09 | 2019-01-08 | Apple Inc. | System and method for inferring user intent from speech inputs |
KR101772152B1 (en) | 2013-06-09 | 2017-08-28 | 애플 인크. | Device, method, and graphical user interface for enabling conversation persistence across two or more instances of a digital assistant |
DE112014003653B4 (en) | 2013-08-06 | 2024-04-18 | Apple Inc. | Automatically activate intelligent responses based on activities from remote devices |
US10296160B2 (en) | 2013-12-06 | 2019-05-21 | Apple Inc. | Method for extracting salient dialog usage from live data |
CN110797019B (en) | 2014-05-30 | 2023-08-29 | 苹果公司 | Multi-command single speech input method |
US9715875B2 (en) | 2014-05-30 | 2017-07-25 | Apple Inc. | Reducing the need for manual start/end-pointing and trigger phrases |
US9430463B2 (en) | 2014-05-30 | 2016-08-30 | Apple Inc. | Exemplar-based natural language processing |
US9633004B2 (en) | 2014-05-30 | 2017-04-25 | Apple Inc. | Better resolution when referencing to concepts |
US10170123B2 (en) | 2014-05-30 | 2019-01-01 | Apple Inc. | Intelligent assistant for home automation |
US9338493B2 (en) | 2014-06-30 | 2016-05-10 | Apple Inc. | Intelligent automated assistant for TV user interactions |
US10127911B2 (en) | 2014-09-30 | 2018-11-13 | Apple Inc. | Speaker identification and unsupervised speaker adaptation techniques |
US10074360B2 (en) | 2014-09-30 | 2018-09-11 | Apple Inc. | Providing an indication of the suitability of speech recognition |
US9668121B2 (en) | 2014-09-30 | 2017-05-30 | Apple Inc. | Social reminders |
US10152299B2 (en) | 2015-03-06 | 2018-12-11 | Apple Inc. | Reducing response latency of intelligent automated assistants |
US9721566B2 (en) | 2015-03-08 | 2017-08-01 | Apple Inc. | Competing devices responding to voice triggers |
US9886953B2 (en) | 2015-03-08 | 2018-02-06 | Apple Inc. | Virtual assistant activation |
US10460227B2 (en) | 2015-05-15 | 2019-10-29 | Apple Inc. | Virtual assistant in a communication session |
US10083688B2 (en) | 2015-05-27 | 2018-09-25 | Apple Inc. | Device voice control for selecting a displayed affordance |
US10200824B2 (en) | 2015-05-27 | 2019-02-05 | Apple Inc. | Systems and methods for proactively identifying and surfacing relevant content on a touch-sensitive device |
US9578173B2 (en) * | 2015-06-05 | 2017-02-21 | Apple Inc. | Virtual assistant aided communication with 3rd party service in a communication session |
US20160378747A1 (en) | 2015-06-29 | 2016-12-29 | Apple Inc. | Virtual assistant for media playback |
US10740384B2 (en) | 2015-09-08 | 2020-08-11 | Apple Inc. | Intelligent automated assistant for media search and playback |
US10331312B2 (en) | 2015-09-08 | 2019-06-25 | Apple Inc. | Intelligent automated assistant in a media environment |
US10671428B2 (en) | 2015-09-08 | 2020-06-02 | Apple Inc. | Distributed personal assistant |
US10747498B2 (en) | 2015-09-08 | 2020-08-18 | Apple Inc. | Zero latency digital assistant |
US11587559B2 (en) | 2015-09-30 | 2023-02-21 | Apple Inc. | Intelligent device identification |
CN105245540B (en) * | 2015-10-27 | 2019-06-14 | 深圳市宏电技术股份有限公司 | Offline WIFI hot spot authentication method and Verification System based on IOS terminal |
US10691473B2 (en) | 2015-11-06 | 2020-06-23 | Apple Inc. | Intelligent automated assistant in a messaging environment |
US10956666B2 (en) | 2015-11-09 | 2021-03-23 | Apple Inc. | Unconventional virtual assistant interactions |
US10049668B2 (en) | 2015-12-02 | 2018-08-14 | Apple Inc. | Applying neural network language models to weighted finite state transducers for automatic speech recognition |
CN105516124A (en) * | 2015-12-03 | 2016-04-20 | 深圳市华讯方舟科技有限公司 | Portal authentication method, portal server and terminal |
US10223066B2 (en) | 2015-12-23 | 2019-03-05 | Apple Inc. | Proactive assistance based on dialog communication between devices |
CN105391625A (en) * | 2015-12-25 | 2016-03-09 | 成都云晖航空科技股份有限公司 | Safe operation method of aerial Internet social platform |
CN105610689A (en) * | 2015-12-25 | 2016-05-25 | 成都云晖航空科技股份有限公司 | Aerial internet social contact system |
CN105610690A (en) * | 2015-12-25 | 2016-05-25 | 成都云晖航空科技股份有限公司 | Method for constructing aerial internet social contact platform |
CN105610821A (en) * | 2015-12-26 | 2016-05-25 | 小米科技有限责任公司 | Security verification method and apparatuses |
CN106921636B (en) * | 2015-12-28 | 2020-05-08 | 华为技术有限公司 | Identity authentication method and device |
CN105530638B (en) * | 2016-01-12 | 2018-12-21 | 杭州敦崇科技股份有限公司 | A kind of free WIFI Verification System shared based on circle of friends |
CN105530612A (en) * | 2016-01-26 | 2016-04-27 | 山东康威通信技术股份有限公司 | WIFI authentication method using mobile terminal to access outdoor device and system |
CN105871851B (en) * | 2016-03-31 | 2018-11-30 | 广州中国科学院计算机网络信息中心 | Based on SaaS identity identifying method |
CN107332803A (en) * | 2016-04-29 | 2017-11-07 | 北京北信源软件股份有限公司 | A kind of admittance control method and system based on end host safe condition |
CN106028283A (en) * | 2016-05-26 | 2016-10-12 | 上海网数信息科技有限公司 | Method and system for analyzing user offline behaviors through wireless network data |
US11227589B2 (en) | 2016-06-06 | 2022-01-18 | Apple Inc. | Intelligent list reading |
US10049663B2 (en) | 2016-06-08 | 2018-08-14 | Apple, Inc. | Intelligent automated assistant for media exploration |
US10586535B2 (en) | 2016-06-10 | 2020-03-10 | Apple Inc. | Intelligent digital assistant in a multi-tasking environment |
DK179415B1 (en) | 2016-06-11 | 2018-06-14 | Apple Inc | Intelligent device arbitration and control |
DK201670540A1 (en) | 2016-06-11 | 2018-01-08 | Apple Inc | Application integration with a digital assistant |
JP6104439B1 (en) * | 2016-08-08 | 2017-03-29 | 株式会社Isao | Authentication system, method, program, and recording medium recording the program |
CN106304073A (en) * | 2016-08-30 | 2017-01-04 | 福建富士通信息软件有限公司 | A kind of authentication management method and system of WIFI Portal |
US10474753B2 (en) | 2016-09-07 | 2019-11-12 | Apple Inc. | Language identification using recurrent neural networks |
US10043516B2 (en) | 2016-09-23 | 2018-08-07 | Apple Inc. | Intelligent automated assistant |
CN107872445B (en) * | 2016-09-28 | 2021-01-29 | 华为技术有限公司 | Access authentication method, device and authentication system |
US11204787B2 (en) | 2017-01-09 | 2021-12-21 | Apple Inc. | Application integration with a digital assistant |
US10880332B2 (en) * | 2017-04-24 | 2020-12-29 | Unisys Corporation | Enterprise security management tool |
CN106973063B (en) * | 2017-04-27 | 2020-03-06 | 新华三技术有限公司 | Network authentication method and device |
DK201770383A1 (en) | 2017-05-09 | 2018-12-14 | Apple Inc. | User interface for correcting recognition errors |
US10417266B2 (en) | 2017-05-09 | 2019-09-17 | Apple Inc. | Context-aware ranking of intelligent response suggestions |
DK180048B1 (en) | 2017-05-11 | 2020-02-04 | Apple Inc. | MAINTAINING THE DATA PROTECTION OF PERSONAL INFORMATION |
US10726832B2 (en) | 2017-05-11 | 2020-07-28 | Apple Inc. | Maintaining privacy of personal information |
US10395654B2 (en) | 2017-05-11 | 2019-08-27 | Apple Inc. | Text normalization based on a data-driven learning network |
DK201770428A1 (en) | 2017-05-12 | 2019-02-18 | Apple Inc. | Low-latency intelligent automated assistant |
US11301477B2 (en) | 2017-05-12 | 2022-04-12 | Apple Inc. | Feedback analysis of a digital assistant |
DK179496B1 (en) | 2017-05-12 | 2019-01-15 | Apple Inc. | USER-SPECIFIC Acoustic Models |
DK179745B1 (en) | 2017-05-12 | 2019-05-01 | Apple Inc. | SYNCHRONIZATION AND TASK DELEGATION OF A DIGITAL ASSISTANT |
DK201770411A1 (en) | 2017-05-15 | 2018-12-20 | Apple Inc. | Multi-modal interfaces |
US10311144B2 (en) | 2017-05-16 | 2019-06-04 | Apple Inc. | Emoji word sense disambiguation |
DK179549B1 (en) | 2017-05-16 | 2019-02-12 | Apple Inc. | Far-field extension for digital assistant services |
US20180336892A1 (en) | 2017-05-16 | 2018-11-22 | Apple Inc. | Detecting a trigger of a digital assistant |
US20180336275A1 (en) | 2017-05-16 | 2018-11-22 | Apple Inc. | Intelligent automated assistant for media exploration |
US10403278B2 (en) | 2017-05-16 | 2019-09-03 | Apple Inc. | Methods and systems for phonetic matching in digital assistant services |
CN109640374B (en) * | 2017-10-09 | 2021-07-06 | 腾讯科技(深圳)有限公司 | Wireless network access method, wireless network processing device, storage medium and computer equipment |
US11496462B2 (en) * | 2017-11-29 | 2022-11-08 | Jpmorgan Chase Bank, N.A. | Secure multifactor authentication with push authentication |
CN109922109B (en) * | 2017-12-13 | 2022-06-21 | 阿里巴巴集团控股有限公司 | Service providing method, system and equipment |
CN110061956A (en) * | 2018-01-19 | 2019-07-26 | 北京盛世光明软件股份有限公司 | A kind of processing method and system improving user's online experience |
US10733375B2 (en) | 2018-01-31 | 2020-08-04 | Apple Inc. | Knowledge-based framework for improving natural language understanding |
US10789959B2 (en) | 2018-03-02 | 2020-09-29 | Apple Inc. | Training speaker recognition models for digital assistants |
US10592604B2 (en) | 2018-03-12 | 2020-03-17 | Apple Inc. | Inverse text normalization for automatic speech recognition |
KR102414927B1 (en) * | 2018-03-21 | 2022-06-30 | 삼성전자 주식회사 | Method and apparatus for authenticating a device using wireless local area network service |
US10818288B2 (en) | 2018-03-26 | 2020-10-27 | Apple Inc. | Natural assistant interaction |
US10909331B2 (en) | 2018-03-30 | 2021-02-02 | Apple Inc. | Implicit identification of translation payload with neural machine translation |
CN110401951B (en) * | 2018-04-25 | 2022-10-18 | 华为技术有限公司 | Method, device and system for authenticating terminal in wireless local area network |
US10928918B2 (en) | 2018-05-07 | 2021-02-23 | Apple Inc. | Raise to speak |
US11145294B2 (en) | 2018-05-07 | 2021-10-12 | Apple Inc. | Intelligent automated assistant for delivering content from user experiences |
US10984780B2 (en) | 2018-05-21 | 2021-04-20 | Apple Inc. | Global semantic word embeddings using bi-directional recurrent neural networks |
US10892996B2 (en) | 2018-06-01 | 2021-01-12 | Apple Inc. | Variable latency device coordination |
DK179822B1 (en) | 2018-06-01 | 2019-07-12 | Apple Inc. | Voice interaction at a primary device to access call functionality of a companion device |
US11386266B2 (en) | 2018-06-01 | 2022-07-12 | Apple Inc. | Text correction |
DK201870355A1 (en) | 2018-06-01 | 2019-12-16 | Apple Inc. | Virtual assistant operation in multi-device environments |
DK180639B1 (en) | 2018-06-01 | 2021-11-04 | Apple Inc | DISABILITY OF ATTENTION-ATTENTIVE VIRTUAL ASSISTANT |
US11076039B2 (en) | 2018-06-03 | 2021-07-27 | Apple Inc. | Accelerated task performance |
CN108833608B (en) * | 2018-06-12 | 2021-04-27 | 北斗天地股份有限公司 | Method for dynamically determining and changing server through password |
CN110831003B (en) * | 2018-08-13 | 2023-10-13 | 广东亿迅科技有限公司 | Authentication method and system based on WLAN flexible access network |
US11010561B2 (en) | 2018-09-27 | 2021-05-18 | Apple Inc. | Sentiment prediction from textual data |
US10839159B2 (en) | 2018-09-28 | 2020-11-17 | Apple Inc. | Named entity normalization in a spoken dialog system |
US11462215B2 (en) | 2018-09-28 | 2022-10-04 | Apple Inc. | Multi-modal inputs for voice commands |
US11170166B2 (en) | 2018-09-28 | 2021-11-09 | Apple Inc. | Neural typographical error modeling via generative adversarial networks |
US11475898B2 (en) | 2018-10-26 | 2022-10-18 | Apple Inc. | Low-latency multi-speaker speech recognition |
US11638059B2 (en) | 2019-01-04 | 2023-04-25 | Apple Inc. | Content playback on multiple devices |
US11348573B2 (en) | 2019-03-18 | 2022-05-31 | Apple Inc. | Multimodality in digital assistant systems |
CN109862043B (en) * | 2019-03-28 | 2022-03-22 | 新华三技术有限公司 | Terminal authentication method and device |
DK201970509A1 (en) | 2019-05-06 | 2021-01-15 | Apple Inc | Spoken notifications |
US11307752B2 (en) | 2019-05-06 | 2022-04-19 | Apple Inc. | User configurable task triggers |
US11475884B2 (en) | 2019-05-06 | 2022-10-18 | Apple Inc. | Reducing digital assistant latency when a language is incorrectly determined |
US11423908B2 (en) | 2019-05-06 | 2022-08-23 | Apple Inc. | Interpreting spoken requests |
US11140099B2 (en) | 2019-05-21 | 2021-10-05 | Apple Inc. | Providing message response suggestions |
US11496600B2 (en) | 2019-05-31 | 2022-11-08 | Apple Inc. | Remote execution of machine-learned models |
DK180129B1 (en) | 2019-05-31 | 2020-06-02 | Apple Inc. | User activity shortcut suggestions |
US11289073B2 (en) | 2019-05-31 | 2022-03-29 | Apple Inc. | Device text to speech |
DK201970511A1 (en) | 2019-05-31 | 2021-02-15 | Apple Inc | Voice identification in digital assistant systems |
US11227599B2 (en) | 2019-06-01 | 2022-01-18 | Apple Inc. | Methods and user interfaces for voice-based control of electronic devices |
US11360641B2 (en) | 2019-06-01 | 2022-06-14 | Apple Inc. | Increasing the relevance of new available information |
US10873571B1 (en) * | 2019-07-18 | 2020-12-22 | Capital One Services, Llc | Techniques to pre-authenticate a user identity for an electronic account |
WO2021056255A1 (en) | 2019-09-25 | 2021-04-01 | Apple Inc. | Text detection using global geometry estimators |
US11038934B1 (en) | 2020-05-11 | 2021-06-15 | Apple Inc. | Digital assistant hardware abstraction |
US11061543B1 (en) | 2020-05-11 | 2021-07-13 | Apple Inc. | Providing relevant data items based on context |
US11755276B2 (en) | 2020-05-12 | 2023-09-12 | Apple Inc. | Reducing description length based on confidence |
US11438375B2 (en) * | 2020-06-02 | 2022-09-06 | Saudi Arabian Oil Company | Method and system for preventing medium access control (MAC) spoofing attacks in a communication network |
CN113965554B (en) * | 2020-07-02 | 2023-06-23 | 北京神州数码云科信息技术有限公司 | Method for acquiring wireless internet terminal information based on MQTT protocol |
US11490204B2 (en) | 2020-07-20 | 2022-11-01 | Apple Inc. | Multi-device audio adjustment coordination |
US11438683B2 (en) | 2020-07-21 | 2022-09-06 | Apple Inc. | User identification using headphones |
CN112788579A (en) * | 2020-12-31 | 2021-05-11 | 厦门亿联网络技术股份有限公司 | Method and device for quickly pairing dual-mode Bluetooth equipment |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20100223654A1 (en) * | 2003-09-04 | 2010-09-02 | Brocade Communications Systems, Inc. | Multiple tiered network security system, method and apparatus using dynamic user policy assignment |
US20120030737A1 (en) * | 1998-12-08 | 2012-02-02 | Nomadix, Inc. | System and method for authorizing a portable communication device |
US20130163583A1 (en) * | 2011-12-26 | 2013-06-27 | Jaya MEGHANI | Systems and methods for communication setup via reconciliation of internet protocol addresses |
US20130340046A1 (en) * | 2012-06-18 | 2013-12-19 | Wistron Corporation | Wireless network client-authentication system and wireless network connection method thereof |
Family Cites Families (31)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
ES2243319T3 (en) * | 1999-10-22 | 2005-12-01 | Nomadix, Inc. | SYSTEM AND PROCEDURE TO REDIRECT USERS WHO TRY TO ACCESS A NETWORK DESTINATION. |
JP3865658B2 (en) * | 2002-06-04 | 2007-01-10 | 株式会社国際電気通信基礎技術研究所 | Wireless communication terminal and wireless ad hoc network using the same |
JP2004207820A (en) * | 2002-12-24 | 2004-07-22 | Sony Corp | Communication system, communication method, base station apparatus, communications program, and recording medium |
JP2004355073A (en) * | 2003-05-27 | 2004-12-16 | Nippon Telegr & Teleph Corp <Ntt> | Network authentication, batch authentication method for single sign-on, and system therefor |
JP2007179133A (en) * | 2005-12-27 | 2007-07-12 | Buffalo Inc | Information service system using wireless lan |
JP2007293868A (en) * | 2007-05-01 | 2007-11-08 | Buffalo Inc | Download system using wireless lan and information service system |
US8613044B2 (en) * | 2007-06-22 | 2013-12-17 | 4Dk Technologies, Inc. | Delegating or transferring of access to resources between multiple devices |
US7992197B2 (en) | 2007-10-29 | 2011-08-02 | Yahoo! Inc. | Mobile authentication framework |
US8261322B2 (en) | 2008-06-19 | 2012-09-04 | Microsoft Corporation | Home networking web-based service portal |
JP5582544B2 (en) * | 2008-08-29 | 2014-09-03 | エヌイーシー ヨーロッパ リミテッド | System for providing a user with network access to a service provider via a network provider and its operating method |
KR101044125B1 (en) * | 2009-02-27 | 2011-06-24 | 주식회사 케이티 | Method for User Terminal Authentication of Interface Server and Interface Server and User Terminal thereof |
US8775514B2 (en) * | 2009-06-11 | 2014-07-08 | Verizon Patent And Licensing Inc. | System and method for providing instant communication based customer support services using voice recognition |
KR100992573B1 (en) | 2010-03-26 | 2010-11-05 | 주식회사 아이그로브 | Authentication method and system using mobile terminal |
CN102238543A (en) * | 2010-04-27 | 2011-11-09 | 杭州华三通信技术有限公司 | Wireless Portal authentication method and access controller |
TWI451742B (en) * | 2011-04-14 | 2014-09-01 | Chunghwa Telecom Co Ltd | Secure login method |
GB201109311D0 (en) | 2011-06-03 | 2011-07-20 | Avimir Ip Ltd | Method and computer program for providing authentication to control access to a computer system |
KR101243713B1 (en) * | 2011-07-08 | 2013-03-13 | 이광민 | Wireless lan access point and method for accessing wireless lan |
CN102244866B (en) * | 2011-08-18 | 2016-01-20 | 杭州华三通信技术有限公司 | Gate verification method and access controller |
KR101439534B1 (en) * | 2011-09-16 | 2014-09-12 | 주식회사 케이티 | Web Redirect Authentication Method and Apparatus of WiFi Roaming Based on AC-AP Association |
CN103079201B (en) * | 2011-10-26 | 2015-06-03 | 中兴通讯股份有限公司 | Fast authentication method, access controller (AC) and system for wireless local area network |
US8769626B2 (en) | 2011-11-29 | 2014-07-01 | Cisco Technology, Inc. | Web authentication support for proxy mobile IP |
WO2013089604A1 (en) | 2011-12-16 | 2013-06-20 | Telefonaktiebolaget L M Ericsson (Publ) | A method and a network node for connecting a user device to a wireless local area network |
US20130283050A1 (en) | 2012-04-23 | 2013-10-24 | Anil Gupta | Wireless client authentication and assignment |
US9161219B2 (en) | 2012-06-22 | 2015-10-13 | Guest Tek Interactive Entertainment Ltd. | Authorizing secured wireless access at hotspot having open wireless network and secure wireless network |
US10263916B2 (en) | 2012-12-03 | 2019-04-16 | Hewlett Packard Enterprise Development Lp | System and method for message handling in a network device |
CN102984173B (en) * | 2012-12-13 | 2017-02-22 | 迈普通信技术股份有限公司 | Network access control method and system |
US9374369B2 (en) * | 2012-12-28 | 2016-06-21 | Lookout, Inc. | Multi-factor authentication and comprehensive login system for client-server networks |
CN103401884B (en) * | 2013-08-16 | 2017-07-28 | 深信服网络科技(深圳)有限公司 | Public wireless environment online authentication method and system based on wechat |
CN103501495A (en) * | 2013-10-16 | 2014-01-08 | 苏州汉明科技有限公司 | Perception-free WLAN (Wireless Local Area Network) authentication method fusing Portal/Web authentication and MAC (Media Access Control) authentication |
CN103596177A (en) * | 2013-11-19 | 2014-02-19 | 上海众人网络安全技术有限公司 | Method for making mobile terminal get access to public WiFi in one-key mode |
CN103647856B (en) * | 2013-12-23 | 2017-09-08 | 成都西加云杉科技有限公司 | APP obtains the method and system of the MAC Address of local terminal |
-
2014
- 2014-04-14 CN CN201410148906.8A patent/CN104980412B/en active Active
- 2014-04-14 CN CN201810568707.0A patent/CN108551675B/en active Active
- 2014-09-24 TW TW103132977A patent/TWI684153B/en active
-
2015
- 2015-04-14 EP EP15780018.6A patent/EP3132370A4/en not_active Ceased
- 2015-04-14 US US14/686,115 patent/US10122704B2/en active Active
- 2015-04-14 JP JP2016561013A patent/JP6552519B2/en active Active
- 2015-04-14 WO PCT/US2015/025712 patent/WO2015160781A1/en active Application Filing
- 2015-04-14 KR KR1020167027874A patent/KR102154384B1/en active IP Right Grant
-
2016
- 2016-02-01 HK HK16101109.8A patent/HK1213379A1/en unknown
-
2019
- 2019-07-02 JP JP2019123921A patent/JP6668544B2/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20120030737A1 (en) * | 1998-12-08 | 2012-02-02 | Nomadix, Inc. | System and method for authorizing a portable communication device |
US20100223654A1 (en) * | 2003-09-04 | 2010-09-02 | Brocade Communications Systems, Inc. | Multiple tiered network security system, method and apparatus using dynamic user policy assignment |
US20130163583A1 (en) * | 2011-12-26 | 2013-06-27 | Jaya MEGHANI | Systems and methods for communication setup via reconciliation of internet protocol addresses |
US20130340046A1 (en) * | 2012-06-18 | 2013-12-19 | Wistron Corporation | Wireless network client-authentication system and wireless network connection method thereof |
Non-Patent Citations (1)
Title |
---|
See also references of EP3132370A4 * |
Also Published As
Publication number | Publication date |
---|---|
JP2017514220A (en) | 2017-06-01 |
US10122704B2 (en) | 2018-11-06 |
EP3132370A4 (en) | 2017-10-25 |
CN104980412A (en) | 2015-10-14 |
TW201539342A (en) | 2015-10-16 |
KR20160144374A (en) | 2016-12-16 |
EP3132370A1 (en) | 2017-02-22 |
CN104980412B (en) | 2018-07-13 |
TWI684153B (en) | 2020-02-01 |
JP2019204519A (en) | 2019-11-28 |
JP6552519B2 (en) | 2019-07-31 |
KR102154384B1 (en) | 2020-09-10 |
US20150295915A1 (en) | 2015-10-15 |
JP6668544B2 (en) | 2020-03-18 |
HK1213379A1 (en) | 2016-06-30 |
CN108551675B (en) | 2022-04-15 |
CN108551675A (en) | 2018-09-18 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP6668544B2 (en) | Portal authentication | |
JP6259032B2 (en) | Managing wireless network login password sharing | |
JP6397956B2 (en) | Provision of mobile device management functions | |
US9882916B2 (en) | Method for verifying sensitive operations, terminal device, server, and verification system | |
US9998473B2 (en) | WiFi access management system and methods of operation thereof | |
WO2018041078A1 (en) | Method, system, proxy server, and computer storage medium for authentication | |
KR101696612B1 (en) | User authentication management | |
WO2018000834A1 (en) | Wifi hotspot information modification method and device | |
TWI761385B (en) | Device configuration method, device, and system | |
US20140109172A1 (en) | Providing Virtualized Private Network Tunnels | |
EP3364629A1 (en) | Providing virtualized private network tunnels | |
US20140109174A1 (en) | Providing Virtualized Private Network Tunnels | |
US20140297824A1 (en) | Providing an enterprise application store | |
US20110319056A1 (en) | Remote access to a mobile device | |
WO2017024842A1 (en) | Internet access authentication method, client, computer storage medium | |
US10805780B1 (en) | Mobile phone differentiated user set-up | |
US8739259B1 (en) | Multilayer wireless mobile communication device authentication | |
Blumenberg | WiFi Gate Guard: A Captive Portal Implementation for Home Networks |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 15780018 Country of ref document: EP Kind code of ref document: A1 |
|
REEP | Request for entry into the european phase |
Ref document number: 2015780018 Country of ref document: EP |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2015780018 Country of ref document: EP |
|
ENP | Entry into the national phase |
Ref document number: 2016561013 Country of ref document: JP Kind code of ref document: A |
|
ENP | Entry into the national phase |
Ref document number: 20167027874 Country of ref document: KR Kind code of ref document: A |
|
NENP | Non-entry into the national phase |
Ref country code: DE |