WO2016026429A1 - Method, device, and equipment for wireless network configuration, access, and visit - Google Patents

Method, device, and equipment for wireless network configuration, access, and visit Download PDF

Info

Publication number
WO2016026429A1
WO2016026429A1 PCT/CN2015/087363 CN2015087363W WO2016026429A1 WO 2016026429 A1 WO2016026429 A1 WO 2016026429A1 CN 2015087363 W CN2015087363 W CN 2015087363W WO 2016026429 A1 WO2016026429 A1 WO 2016026429A1
Authority
WO
WIPO (PCT)
Prior art keywords
wireless network
security key
network
wireless
name
Prior art date
Application number
PCT/CN2015/087363
Other languages
French (fr)
Chinese (zh)
Inventor
聂华闻
Original Assignee
北京贝虎机器人技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 北京贝虎机器人技术有限公司 filed Critical 北京贝虎机器人技术有限公司
Priority to CN201580038698.9A priority Critical patent/CN106537962B/en
Publication of WO2016026429A1 publication Critical patent/WO2016026429A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security

Definitions

  • the present invention relates to the field of wireless network authentication technologies, and in particular, to a wireless network configuration, access and access method, device and device.
  • wireless networks are becoming more and more inseparable from people's lives. For example, mobile phones, tablets, smart home devices, etc., more and more things in life need to rely on wireless networks to fully realize their value.
  • the device can automatically access the wireless network, and no effective solution has been proposed yet.
  • the embodiment of the present invention provides a wireless network configuration, access and access method, device and device, so that the device can automatically access the wireless network under the premise of ensuring network and data security.
  • a first aspect of the embodiments of the present invention provides a wireless network configuration method, which may include: generating a network security key of a wireless network; generating a wireless network name based on the network security key, where the wireless network name is Include at least a network security key portion representing the network security key; and configuring the wireless network based on the network security key and the wireless network name.
  • generating the wireless network name based on the network security key may include: encrypting the network security key to obtain a predetermined length of the encrypted network security key; and adding the encrypted network security key to the wireless network name
  • the network security key portion obtains a wireless network name including at least the network security key portion.
  • generating the wireless network name based on the network security key may further include at least one or any combination of: generating an information portion indicating that the wireless network name includes a network security key; generating for verifying the network security secret a verification information portion of the key; generating a type information portion representing the security type; and generating an encrypted information portion indicating an encryption rule for encrypting the network security key.
  • configuring the wireless network based on the network security key and the wireless network name may include configuring the wireless network name as a primary wireless network of a wireless access device and a wireless network of a secondary wireless network. a name; configuring the network security key as a network security key of the one wireless network.
  • a second aspect of the embodiments of the present invention provides a wireless network access method, which may include: acquiring a wireless network name, where the wireless network name includes at least a network security key portion indicating a network security key; The network security key portion extracts a network security key corresponding to the wireless network name; and automatically connects to the wireless network corresponding to the wireless network name based on the wireless network name and the network security key.
  • the method may further include: determining, based on the information portion of the wireless network name that the wireless network name includes a network security key, whether the wireless network name includes a network security key; from the network security key And partially extracting the network security key corresponding to the wireless network name, including: when the information part indicates that the wireless network name includes a network security key, extracting a network security key from the wireless network name.
  • a third aspect of the embodiments of the present invention provides a wireless network access method, which may include: receiving a data packet sent by a terminal device that performs wireless communication by using a wireless access device, where the wireless access device is configured with at least one a wireless network; determining whether the data packet is from a terminal device that performs wireless communication through a preset wireless network in the at least one wireless network; when the data packet is from a terminal device that performs wireless communication through the preset wireless network And forwarding the data packet to a network server associated with the terminal device.
  • the predetermined wireless network is a wireless network dedicated to one or more of the terminal devices for wireless communication.
  • a fourth aspect of the embodiments of the present invention provides a wireless network configuration apparatus, which may include: a network security key generation unit configured to generate a network security key for a wireless network; a wireless network name generation unit configured Generating a wireless network name based on the network security key, wherein the wireless network name includes at least a network security key portion representing the network security key; and a configuration unit configured to base the network security key And configuring the wireless access device with the wireless network name.
  • the wireless network configuration apparatus may further include: an encryption unit configured to perform encryption processing on the network security key to obtain an encrypted network security key; and wherein the wireless network name generation unit is further configured Generating a wireless network name based on the encrypted network security key, wherein the network security key is represented by the encrypted network security key.
  • the configuration unit may include: a determining module configured to configure the wireless network name as a name of one of a primary wireless network and a secondary wireless network of the wireless access device; a configuration module configured to: The network security key is configured as a network security key for the one wireless network.
  • a fifth aspect of the embodiments of the present invention provides a wireless access device, which may include: a configuration port configured to configure a wireless network based on wireless network configuration information, where the wireless network configuration information includes a first wireless network name And a first network security key, wherein the first wireless network name includes at least a wireless network security key portion representing the first network security key; and/or the wireless network configuration information includes a second wireless a network name, wherein the second wireless network name includes at least an information portion indicating that the wireless network does not require a network security key; and an input port configured to receive one or more terminal devices for wireless communication over the wireless network A transmitted data packet; an output port configured to forward the data packet to a network server associated with the one or more terminal devices.
  • the wireless access device may further include: a memory configured to store a device identification list of the terminal device that needs to forward the data packet to the network server; and a processor configured to determine whether the terminal device from which the received data packet is derived In the device identification list, if the determination is yes, the received data packet is forwarded to the network server through the output interface.
  • a sixth aspect of the embodiments of the present invention provides a terminal device, which may include: a wireless network search unit configured to acquire a wireless network name, and determine whether the wireless network name includes network security indicating a network security key. a key portion; the network security key extracting unit configured to extract network security corresponding to the wireless network name from the network security key portion in a case where the network security key portion is included in the determined wireless network name a key; the wireless network connection unit configured to automatically connect to the wireless network corresponding to the wireless network name based on the wireless network name and the extracted network security key.
  • the terminal device may further include: a network security key determining unit configured to determine whether the wireless network name includes network security based on an information portion of the wireless network name indicating that the wireless network name includes a network security key
  • the network security key extraction unit is specifically configured to extract the network security key from the wireless network name when it is determined that the information portion indicates that the wireless network name includes a network security key.
  • the network security key of the wireless network is added to the wireless network name, so that the terminal device to be accessed that meets the requirements can be directly from the wireless
  • the network security key is parsed in the network name, thereby realizing automatic access of the wireless network, solving the problem of requiring human input of the network security key in the prior art, and reducing the operation complexity of the terminal device accessing the wireless network.
  • FIG. 1 is a schematic diagram of a system architecture in accordance with an embodiment of the present invention.
  • FIG. 2 is a schematic block diagram of a system architecture in accordance with one embodiment of the present invention.
  • FIG. 3 is a schematic block diagram of a system architecture in accordance with another embodiment of the present invention.
  • FIG. 4 is a schematic diagram of a home wireless network system in accordance with one embodiment of the present invention.
  • Figure 5 is a schematic block diagram of a system architecture in accordance with yet another embodiment of the present invention.
  • FIG. 6 is a schematic flow chart of a method for configuring a wireless network name according to an embodiment of the present invention.
  • FIG. 7 is a schematic flowchart of a method for automatically accessing a terminal device according to an embodiment of the present invention.
  • FIG. 8 is a flow chart of a method for configuring, accessing, and accessing a wireless network according to an embodiment of the present invention
  • FIG. 9 is a flow chart of a wireless network configuration, access, and access method in accordance with another embodiment of the present invention.
  • FIG. 1 is a schematic diagram of a system architecture 100 in accordance with an embodiment of the present invention.
  • the system architecture 100 can include one or more wireless access devices 101, one or more terminal devices 102, and a wireless network configuration device 103.
  • the system architecture 100 may further include: a server 104.
  • the wireless access device 101 may be a device capable of providing a wireless network, such as a router, a wireless portable WIFI, a wireless network card, a Bluetooth device, and the like.
  • the terminal device 102 may be a device having wireless access capability to access the wireless network provided by the wireless access device 101, such as a mobile phone, a computer, a tablet computer, or the like, or a smart home device, such as a television, an air conditioner, a sweeping robot, Refrigerator, etc.
  • the wireless network configuration device 103 can be configured to configure the wireless access device 101 based on a prescribed authentication policy such that the terminal device 102 having the automatic authentication mechanism corresponding to the authentication policy can automatically access the wireless access device 101.
  • the authentication policy can include but is not limited to the following three types:
  • the wireless network of the wireless access device 101 is configured to be carried in the wireless network name, so that the terminal device 102 can automatically access the wireless access device 101 by using the network security key carried in the wireless network name.
  • Wireless network
  • FIG. 2 is a schematic block diagram of an example system architecture implementing an authentication policy (1).
  • the system architecture includes a wireless access device 101, one or more terminal devices 102, and a wireless network configuration device 103.
  • the wireless network configuration device 103 may include a network security key generation unit 1031, a wireless network name generation unit 1032, and a configuration unit 1033.
  • the network security key generation unit 1031 may be configured to generate a network security key KEY for the wireless network.
  • the wireless network name generation unit 1032 may be configured to generate a wireless network name WIRELESS_NAME based on the network security key KEY, wherein the wireless network name WIRELESS_NAME includes a network security key portion KEY_PORTION indicating a network security key KEY.
  • the configuration unit 1033 may be configured to transmit the wireless network configuration information carrying the network security key KEY and the wireless network name WIRELESS_NAME to the wireless access device 101 to perform wireless network configuration on the wireless access device 101.
  • the wireless access device 101 can include a configuration port 1011 and an input port 1012.
  • the configuration port 1011 can be configured to configure the wireless network WIRELESS based on the wireless network configuration information.
  • the input port 1012 can be configured to receive data packets transmitted by one or more terminal devices 102 that are in wireless communication over the wireless network WIRELESS.
  • the terminal device 102 may include a wireless network search unit 1021, a network security key extraction unit 1022, and a wireless network connection unit 1023.
  • the wireless network search unit 1021 may be configured to acquire the wireless network name WIRELESS_NAME.
  • the network security key extracting unit 1022 may be configured to extract the network security key KEY corresponding to the wireless network name WIRELESS_NAME from the network security key portion KEY_PORTION of the acquired wireless network name WIRELESS_NAME.
  • the wireless network connection unit 1023 may be configured to automatically connect to the wireless network WIRELESS corresponding to the wireless network name WIRELESS_NAME based on the wireless network name WIRELESS_NAME and the network security key KEY.
  • the wireless access device 101 may be configured by the wireless network configuration device 103 in accordance with the above authentication policy (1) at the time of shipment or during use.
  • the terminal device 102 for example, a smart sweeping robot having an automatic authentication mechanism corresponding to the authentication policy (1) can automatically connect to the wireless network after searching for the wireless network generated by the wireless access device 101 without artificially Enter the wireless network password information.
  • FIG. 3 is a schematic diagram of an example system architecture implementing an authentication policy (2).
  • the system architecture includes a wireless access device 101, one or more terminal devices 102, a wireless network configuration device 103, and a server 104.
  • the wireless network configuration device 103 may include a wireless network name generation unit 1032 and a configuration unit 1033.
  • the wireless network name generation unit 1032 can be configured to generate a wireless network name WIRELESS_NAME.
  • the wireless network name WIRELESS_NAME may include an indication that the wireless network is in a no-password mode information.
  • the configuration unit 1033 may be configured to send the wireless network configuration information carrying the wireless network name WIRELESS_NAME and the corresponding forwarding address information to the wireless access device 101 to perform wireless network configuration on the wireless access device 101 (wireless network name WIRELESS_NAME; none The cryptographic mode), and the wireless access device 101 is configured such that packets sent to the wireless access device 101 over the wireless network WIRELESS_NAME need to be forwarded to the server 104.
  • the wireless access device 101 can include a configuration port 1011, an input port 1012, and a forwarding port 1013.
  • the configuration port 1011 can be configured to configure the wireless network WIRELESS_NAME and the forwarding address (server 104) based on the wireless network configuration information.
  • the input port 1012 can be configured to receive data packets transmitted by one or more terminal devices 102 that are in wireless communication over the wireless network WIRELESS_NAME.
  • the forwarding port 1013 can be configured to forward the data packets received over the wireless network WIRELESS_NAME to the server 104.
  • the terminal device 102 may include a wireless network search unit 1021 and a wireless network connection unit 1023.
  • the wireless network search unit 1021 can be configured to search for a wireless network WIRELESS_NAME without a password.
  • the wireless network connection unit 1023 can be configured to directly connect to the passwordless wireless network WIRELESS_NAME.
  • the server 104 performs security detection on the data packet forwarded by the wireless access device 101, and determines whether the device that sends the data packet is a designated security device. If the security check is passed (ie, the determination result is “Yes”), The packet is forwarded to the corresponding destination device.
  • the server 104 may be, for example, a cloud server located on the Internet, or may be a dedicated server dedicated to the smart home device in the home.
  • FIG. 4 is a schematic diagram of a home wireless network system based on the above embodiment (authentication policy (2)).
  • the router 401 can be configured by the wireless network configuration device 103 at the time of shipment or during use.
  • the smart home device in the home for example, the washing machine 406 located on the ground floor, the first floor TV 402, the refrigerator 403, the second floor mobile phone 404, the computer 405
  • the router 401 After receiving the data packet from the smart home device, the router 401 uniformly forwards the data packet to the server 407, and the server 407 performs security detection on the data packet to determine whether the device that sends the data packet is the set security device. If the security check is passed (ie, the judgment result is "Yes"), the data packet is forwarded to the corresponding destination device.
  • Figure 5 is a schematic block diagram of an example system architecture implementing an authentication policy (3).
  • the example system architecture includes a wireless access device 101, one or more terminal devices 102, a wireless network configuration device 103, and a server 104.
  • the wireless network configuration device 103 may include a network security key generation unit 1031, a wireless network name generation unit 1032, and a configuration unit 1033.
  • the network security key generation unit 1031 may be configured to generate a network security key KEY for the wireless network.
  • the wireless network name generation unit 1032 may be configured to generate a wireless network name WIRELESS_NAME based on the network security key KEY, wherein the wireless network name WIRELESS_NAME includes a network security key portion KEY_PORTION indicating a network security key KEY.
  • the configuration unit 1033 may be configured to send the wireless network configuration information carrying the network security key KEY and the wireless network name WIRELESS_NAME and the corresponding forwarding address information to the wireless access device 101 to perform wireless network configuration on the wireless access device 101 (
  • the wireless network name WIRELESS_NAME, network key KEY) and the wireless access device 101 is configured such that data packets sent to the wireless access device 101 over the wireless network WIRELESS_NAME are forwarded to the server 104.
  • the wireless access device 101 can include a configuration port 1011, an input port 1012, and a forwarding port 1013.
  • the configuration port 1011 can be configured to configure the wireless network and forwarding address (server 104) based on the wireless network configuration information.
  • the input port 1012 can be configured to receive data packets transmitted by one or more terminal devices 102 that are in wireless communication over the wireless network WIRELESS_NAME.
  • the forwarding port 1013 can be configured to forward the data packets received over the wireless network WIRELESS_NAME to the server 104.
  • the terminal device 102 may include a wireless network search unit 1021, a network security key extraction unit 1022, and a wireless network connection unit 1023.
  • the wireless network search unit 1021 may be configured to acquire the wireless network name WIRELESS_NAME.
  • the network security key extracting unit 1022 may be configured to extract the network security key KEY corresponding to the wireless network name WIRELESS_NAME from the network security key portion KEY_PORTION in the wireless network name WIRELESS_NAME.
  • the wireless network connection unit 1023 may be configured to automatically connect to the wireless network corresponding to the wireless network name WIRELESS_NAME based on the wireless network name WIRELESS_NAME and the network security key KEY.
  • the server 104 performs security detection on the data packet forwarded by the wireless access device 101, and determines whether the device that sends the data packet is a designated security device. If the security check is passed (ie, the determination result is “Yes”), The packet is forwarded to the corresponding destination device.
  • the server 104 may be, for example, a cloud server located on the Internet, or may be a dedicated server dedicated to the smart home device in the home.
  • the embodiment shown in FIG. 5 increases the security detection of the data packets from the terminal device 102, thereby further improving the terminal device 102 automatically accessing the wireless network. safety.
  • the wireless network configuration device 103 shown in FIGS. 1 to 3 and FIG. 5 is merely an exemplary description, and does not specifically define the manner in which the wireless network configuration device 103 exists.
  • the wireless network configuration device 103 can be a separate server or processor, or can be built into the wireless access device, or can be an application in a user terminal device (such as a mobile phone, a tablet, a notebook, etc.).
  • the specific form of existence is diverse as long as the configuration of the wireless access device can be implemented.
  • the wireless access device 101 can be configured by connecting or communicating with the wireless network configuration device 103 at the time of shipment or during use.
  • the process of generating the wireless network name WIRELESS_NAME based on the wireless network password (Network Security Key KEY) (authentication policy (1)) is mainly implemented in the above-described wireless network configuration device 103.
  • the wireless network configuration device 103 can encrypt the network security key KEY to obtain a predetermined length of the encrypted network security key, and then encrypt the network security key. Add to the network security key part KEY_PORTION of the wireless network name WIRELESS_NAME, thereby obtaining the wireless network name including at least the network security key part.
  • the wireless network name of the router that is, the SSID (Service Set Identifier) is taken as an example.
  • SSID technology can divide a wireless LAN into several sub-networks that require different authentication. Each sub-network needs independent authentication. Only authenticated users can enter the corresponding sub-network, thus preventing unauthorized access. The user enters the network.
  • the SSID consists of case-insensitive characters of up to 32 characters. In order to minimize the changes to the original system and device, the SSID can still be used according to the above-mentioned original characters and characters. Name it.
  • the entire SSID can consist of the following four string regions:
  • the prefix area may be composed of a specific string, such as bp_;
  • Authentication password area that is, the above network security key part, the area can be set to store the encrypted network security key (in this example, the wireless network password of the wireless network provided by the router), the network security key can be It is a base64 encoded string formed by public key encryption and then compression-encoded.
  • the LZ77 compression algorithm may be used for compression coding, and other compression algorithms may be used. This example is only a schematic description and does not constitute a specific limitation;
  • Check value area used for data verification, which can be only one character. For example, it can be 26 letters (case sensitive) and one of 0-9 Arabic numerals. This value can be the router's MAC (Media Access Control). , wireless access control) address modulo 62 value, the reason for modulo 62 is to consider 26 uppercase letters, 26 lowercase letters and 0 to 9 of these 10 numbers, add up to a total of 62 characters.
  • MAC Media Access Control
  • the prefix area and the check value area may be configured to identify that the wireless network name includes a network security key, so that the terminal device to be accessed can quickly determine the wireless network after searching for the wireless network name of the wireless network. Whether to support automatic access of the device.
  • the generation process may be as shown in FIG. 6, and includes the following steps:
  • S65 Check whether the number of characters after re-encoding exceeds a predetermined number of characters (for example, 28 characters);
  • the network name of the wireless network may be broadcast, or may not be broadcasted, but the terminal device itself may calculate the network name of the estimated wireless network.
  • the terminal device 102 for example, a smart home device or the like
  • a corresponding automatic authentication mechanism needs to be built in.
  • the mechanism may exist in the form of a piece of code or may be a hardware component (for example, the encryption chip), the specific implementation manner can be selected as needed, and the application is not limited.
  • a decryption private key set may be built in, so that the private key can be used to decrypt the wireless network name, thereby obtaining the network security key therein, and ensuring that the decrypted private keys are not randomly copied.
  • a flowchart for automatically accessing the terminal device 102 includes:
  • the terminal device 102 scans the surrounding wireless network
  • S72 Determine, from the scanned wireless network, a wireless network that can automatically authenticate the access
  • the wireless network configuration device 103 is also required to perform configuration. That is, the wireless network configuration device 103 generates a wireless network password without password protection.
  • the difference from the existing wireless network connection method is that the data packets transmitted by the terminal device 102 connected to the wireless network are forwarded to a specific server 104, thereby ensuring the security of wireless network data transmission.
  • the router's wireless network name is used as an example.
  • the SSID consists of case-insensitive characters of up to 32 characters.
  • the entire SSID can consist of the following four string regions:
  • the prefix area may be composed of a specific string, such as bp_;
  • Mac address area This area can be the MAC address of the wireless access device but it is lost: the combination of numbers and letters;
  • Check value area used for data verification, which can be only one character. For example, it can be one of 26 letters (case sensitive) and 0-9 Arabic numerals.
  • the value can be the MAC address of the router. After the value;
  • the foregoing prefix, mac address area, and check value area may be configured to identify that the wireless network is passwordless, so that the terminal device 102 to be accessed may directly access the wireless network name after searching for the wireless network.
  • the terminal device 102 to be accessed may directly access the wireless network name after searching for the wireless network.
  • a wireless network In a wireless network.
  • the overall execution process may be as shown in FIG. 8, including:
  • S84 Forward the received data packet to a specific server.
  • the authentication policy (2) can be considered as a special way of the authentication policy (1), that is, equivalent to setting the network security key of the wireless network to none. Therefore, the authentication policy (2) can also be implemented by means of the authentication policy 1, that is, the wireless network name is also set by using [prefix] [base64 (authentication password)] [check value].
  • the wireless access device 101 can match with a constraint device, where the IP address of all the terminal devices connected to the wireless network provided by the wireless access device is recorded, and after receiving the data packet, The binding device can determine whether the source IP address of the data packet is in the recorded IP address set, and if so, directly forward the data packet to a preset specific server, thereby further ensuring security.
  • the wireless network name is the SSID of the router. Because the router has a primary SSID and a secondary SSID, one SSID corresponds to one wireless network. Therefore, optionally, the secondary SSID may be set according to one of the foregoing authentication policies, and the primary SSID is set according to the existing normal wireless network mode; the primary SSID may also be set according to one of the foregoing authentication policies, and the secondary SSID is Some of the normal wireless network mode settings; of course, the primary SSID and the secondary SSID can be set according to one of the above-mentioned authentication policies. The specific settings and selection methods can be selected according to actual needs, which is not limited in this application.
  • FIG. 9 is a flowchart of a method for configuring, accessing, and accessing a wireless network according to an embodiment of the present invention. Description will be made below with reference to FIG.
  • Step 901 The wireless network configuration device (the wireless network configuration device 103 shown in FIG. 1) generates a network security key of the wireless network.
  • Step 902 Generate a wireless network name based on the network security key, where the wireless network name includes at least a network security key portion indicating a network security key.
  • the network security key may be encrypted to obtain a predetermined length of the encrypted network security key, and then the encrypted network security key is added to the network security key part of the wireless network name to obtain at least the network security key part.
  • the name of the wireless network In actual implementation, optionally, the wireless network name also includes one or more of the following components:
  • Step 903 The wireless network configuration device configures the wireless network of the wireless access device based on the network security key and the wireless network name.
  • Step 904 The terminal device (ie, the terminal device 102 in FIG. 1) acquires a wireless network name.
  • Step 905 The terminal device extracts a network security key corresponding to the wireless network name from the network security key portion.
  • Step 906 The terminal device automatically connects to the wireless network corresponding to the wireless network name based on the wireless network name and the network security key.
  • Step 907 The wireless access device receives the data packet sent by the terminal device, where the wireless access device is configured with at least one wireless network.
  • Step 908 Determine whether the data packet is from a terminal device that performs wireless communication through a preset wireless network in the at least one wireless network.
  • two wireless networks can be provided at the same time, that is, a wireless network corresponding to the primary SSID and a wireless network corresponding to the secondary SSID.
  • the wireless network corresponding to the secondary SSID may be set as a preset wireless network, and then the terminal device accessing the wireless network considers that the data packet needs to be forwarded to the network server associated with the terminal devices.
  • the network server may be a server dedicated to a smart home device, and may be a cloud server.
  • Step 909 When the data packet is from a terminal device that performs wireless communication through the preset wireless network, forward the data packet to a network server associated with the terminal device.
  • steps 907 through 909 are merely optional steps of the wireless network configuration, access, and access methods provided by the present application, and lack of implementations in which some or all of them do not affect the basic purpose of the application.
  • embodiments of the present invention can be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment, or a combination of software and hardware. Moreover, the invention can take the form of a computer program product embodied on one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) including computer usable program code.
  • computer-usable storage media including but not limited to disk storage, CD-ROM, optical storage, etc.
  • the computer program instructions can also be stored in a computer readable memory that can direct a computer or other programmable data processing device to operate in a particular manner, such that the instructions stored in the computer readable memory include instructions.
  • An article of manufacture of a device that implements the functions specified in a block or blocks of a flow or a flow and/or block diagram of the flowchart.
  • These computer program instructions can also be loaded onto a computer or other programmable data processing device such that a series of operational steps are performed on a computer or other programmable device to produce computer-implemented processing for execution on a computer or other programmable device.
  • the instructions provide steps for implementing the functions specified in one or more of the flow or in a block or blocks of a flow diagram.
  • modules or steps of the embodiments of the present invention can be implemented by a general computing device, which can be concentrated on a single computing device or distributed in multiple computing devices. Alternatively, they may be implemented by program code executable by the computing device such that they may be stored in the storage device by the computing device and, in some cases, may be different from The steps shown or described are performed sequentially, or they are separately fabricated into individual integrated circuit modules, or a plurality of modules or steps thereof are fabricated into a single integrated circuit module. Thus, embodiments of the invention are not limited to any specific combination of hardware and software.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Small-Scale Networks (AREA)

Abstract

Provided in embodiments of the present invention are a method, a device, and equipment for wireless network configuration, connection, and access. The method for wireless network configuration comprises: generating a network security key for a wireless network; generating a wireless network name on the basis of the network security key, where the wireless network name comprises at least a network security key portion expressing the network security key; and, configuring the wireless network on the basis of the network security key and of the wireless network name. By such means, solved is the problem found in the prior art that a network security key needs to be entered manually, thus reducing the operational complexity for a terminal device to connect to a wireless network.

Description

无线网络配置、接入和访问方法、装置及设备Wireless network configuration, access and access method, device and device
本申请要求2014年08月18日递交的申请号为201410404086.4、发明名称为“SSID生成、智能设备接入方法及装置、物联网系统”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。The present application claims priority to Chinese Patent Application No. 201410404086.4, entitled "SSID Generation, Intelligent Device Access Method and Apparatus, Internet of Things System", filed on August 18, 2014, the entire contents of In this application.
技术领域Technical field
本发明涉及无线网络认证技术领域,特别涉及一种无线网络配置、接入和访问方法、装置及设备。The present invention relates to the field of wireless network authentication technologies, and in particular, to a wireless network configuration, access and access method, device and device.
背景技术Background technique
随着智能设备的广泛应用,无线网络与人们的生活渐渐变得密不可分。例如,手机、平板、智能家居设备等,生活中所用到的东西越来越多需要依靠无线网络才能充分实现其价值。With the widespread use of smart devices, wireless networks are becoming more and more inseparable from people's lives. For example, mobile phones, tablets, smart home devices, etc., more and more things in life need to rely on wireless networks to fully realize their value.
目前,当一个智能设备需要加入无线网络的时候,往往需要用户手动输入无线网络所对应的密码,然后才能使得智能设备加入到希望加入的无线网络中。这主要是考虑到网络和信息的安全,因此,即使是家庭无线网络一般也会设置密码。Currently, when a smart device needs to join a wireless network, the user is required to manually input the password corresponding to the wireless network, and then the smart device can be added to the wireless network that is desired to join. This is mainly due to the security of the network and information, so even the home wireless network will generally set a password.
这样必然会导致一个问题,就是在需要加入无线网络的设备很多的时候,用户就需要一个个输入密码,浪费很多的时间和精力。This inevitably leads to the problem that when there are many devices that need to join the wireless network, the user needs to input the password one by one, which wastes a lot of time and effort.
针对如何可以在保证网络和数据的安全的前提下,设备可自动接入到无线网络中,目前尚未提出有效的解决方案。Under the premise of ensuring the security of the network and data, the device can automatically access the wireless network, and no effective solution has been proposed yet.
发明内容Summary of the invention
为了解决上述问题,本发明实施例提出了一种无线网络配置、接入和访问方法、装置及设备,以便在保证网络和数据的安全的前提下,设备可自动接入无线网络。In order to solve the above problem, the embodiment of the present invention provides a wireless network configuration, access and access method, device and device, so that the device can automatically access the wireless network under the premise of ensuring network and data security.
本发明实施例的第一个方面提供了一种无线网络配置方法,可以包括:生成无线网络的网络安全密钥;基于所述网络安全密钥生成无线网络名称,其中,所述无线网络名称中至少包括表示所述网络安全密钥的网络安全密钥部分;以及基于所述网络安全密钥和所述无线网络名称配置所述无线网络。 A first aspect of the embodiments of the present invention provides a wireless network configuration method, which may include: generating a network security key of a wireless network; generating a wireless network name based on the network security key, where the wireless network name is Include at least a network security key portion representing the network security key; and configuring the wireless network based on the network security key and the wireless network name.
例如,基于所述网络安全密钥生成无线网络名称,可以包括:对所述网络安全密钥进行加密,得到预定长度的加密网络安全密钥;将所述加密网络安全密钥添加到无线网络名称的网络安全密钥部分,得到至少包括所述网络安全密钥部分的无线网络名称。For example, generating the wireless network name based on the network security key may include: encrypting the network security key to obtain a predetermined length of the encrypted network security key; and adding the encrypted network security key to the wireless network name The network security key portion obtains a wireless network name including at least the network security key portion.
例如,基于所述网络安全密钥生成无线网络名称还可以包括以下至少之一或任意组合:生成表示所述无线网络名称包含网络安全密钥的信息部分;生成用于校验所述网络安全密钥的校验信息部分;生成表示安全类型的类型信息部分;生成表示对所述网络安全密钥进行加密的加密规则的加密信息部分。For example, generating the wireless network name based on the network security key may further include at least one or any combination of: generating an information portion indicating that the wireless network name includes a network security key; generating for verifying the network security secret a verification information portion of the key; generating a type information portion representing the security type; and generating an encrypted information portion indicating an encryption rule for encrypting the network security key.
例如,基于所述网络安全密钥和所述无线网络名称配置所述无线网络,可以包括:将所述无线网络名称配置为无线接入设备的主无线网络和次无线网络中的一个无线网络的名称;将所述网络安全密钥配置为所述一个无线网络的网络安全密钥。For example, configuring the wireless network based on the network security key and the wireless network name may include configuring the wireless network name as a primary wireless network of a wireless access device and a wireless network of a secondary wireless network. a name; configuring the network security key as a network security key of the one wireless network.
本发明实施例的第二个方面提供了一种无线网络接入方法,可以包括:获取无线网络名称,其中,所述无线网络名称至少包括表示网络安全密钥的网络安全密钥部分;从所述网络安全密钥部分提取所述无线网络名称对应的网络安全密钥;基于所述无线网络名称和所述网络安全密钥自动连接到所述无线网络名称对应的无线网络。A second aspect of the embodiments of the present invention provides a wireless network access method, which may include: acquiring a wireless network name, where the wireless network name includes at least a network security key portion indicating a network security key; The network security key portion extracts a network security key corresponding to the wireless network name; and automatically connects to the wireless network corresponding to the wireless network name based on the wireless network name and the network security key.
例如,该方法还可以包括:基于所述无线网络名称中表示所述无线网络名称包含网络安全密钥的信息部分,判断所述无线网络名称是否包含网络安全密钥;从所述网络安全密钥部分提取所述无线网络名称对应的网络安全密钥,包括:当所述信息部分指示所述无线网络名称包含网络安全密钥时,从所述无线网络名称中提取网络安全密钥。For example, the method may further include: determining, based on the information portion of the wireless network name that the wireless network name includes a network security key, whether the wireless network name includes a network security key; from the network security key And partially extracting the network security key corresponding to the wireless network name, including: when the information part indicates that the wireless network name includes a network security key, extracting a network security key from the wireless network name.
本发明实施例的第三个方面提供了一种无线网络访问方法,可以包括:接收通过无线接入设备进行无线通信的终端装置发送的数据包,其中,所述无线接入设备配置有至少一个无线网络;判断所述数据包是否来自通过所述至少一个无线网络中预设无线网络进行无线通信的终端装置;当所述数据包来自于通过所述预设无线网络进行无线通信的终端装置时,向所述终端装置关联的网络服务器转发所述数据包。A third aspect of the embodiments of the present invention provides a wireless network access method, which may include: receiving a data packet sent by a terminal device that performs wireless communication by using a wireless access device, where the wireless access device is configured with at least one a wireless network; determining whether the data packet is from a terminal device that performs wireless communication through a preset wireless network in the at least one wireless network; when the data packet is from a terminal device that performs wireless communication through the preset wireless network And forwarding the data packet to a network server associated with the terminal device.
例如,所述预设无线网络为专用于一个或多个所述终端装置进行无线通信的无线网络。For example, the predetermined wireless network is a wireless network dedicated to one or more of the terminal devices for wireless communication.
本发明实施例的第四个方面提供了一种无线网络配置装置,可以包括:网络安全密钥产生单元,被配置为产生用于无线网络的网络安全密钥;无线网络名称产生单元,被配置为基于所述网络安全密钥生成无线网络名称,其中,所述无线网络名称至少包括表示所述网络安全密钥的网络安全密钥部分;以及配置单元,被配置为基于所述网络安全密钥和所述无线网络名称配置无线接入设备。 A fourth aspect of the embodiments of the present invention provides a wireless network configuration apparatus, which may include: a network security key generation unit configured to generate a network security key for a wireless network; a wireless network name generation unit configured Generating a wireless network name based on the network security key, wherein the wireless network name includes at least a network security key portion representing the network security key; and a configuration unit configured to base the network security key And configuring the wireless access device with the wireless network name.
例如,该无线网络配置装置还可以包括:加密单元,被配置为对所述网络安全密钥进行加密处理,得到加密网络安全密钥;并且,其中,所述无线网络名称产生单元,进一步被配置为基于所述加密网络安全密钥产生无线网络名称,其中,所述网络安全密钥由所述加密网络安全密钥表示。For example, the wireless network configuration apparatus may further include: an encryption unit configured to perform encryption processing on the network security key to obtain an encrypted network security key; and wherein the wireless network name generation unit is further configured Generating a wireless network name based on the encrypted network security key, wherein the network security key is represented by the encrypted network security key.
例如,配置单元可以包括:确定模块,被配置为将所述无线网络名称配置为无线接入设备的主无线网络和次无线网络中的一个无线网络的名称;配置模块,被配置为将所述网络安全密钥配置为所述一个无线网络的网络安全密钥。For example, the configuration unit may include: a determining module configured to configure the wireless network name as a name of one of a primary wireless network and a secondary wireless network of the wireless access device; a configuration module configured to: The network security key is configured as a network security key for the one wireless network.
本发明实施例的第五个方面提供了一种无线接入设备,可以包括:配置端口,被配置为基于无线网络配置信息配置无线网络,其中,所述无线网络配置信息包括第一无线网络名称和第一网络安全密钥,其中,所述第一无线网络名称至少包括表示所述第一网络安全密钥的无线网络安全密钥部分;和/或,所述无线网络配置信息包括第二无线网络名称,其中,所述第二无线网络名称至少包括表示所述无线网络无需网络安全密钥的信息部分;输入端口,被配置为接收通过所述无线网络进行无线通信的一个或多个终端装置发送的数据包;输出端口,被配置为向与所述一个或多个终端装置关联的网络服务器转发所述数据包。A fifth aspect of the embodiments of the present invention provides a wireless access device, which may include: a configuration port configured to configure a wireless network based on wireless network configuration information, where the wireless network configuration information includes a first wireless network name And a first network security key, wherein the first wireless network name includes at least a wireless network security key portion representing the first network security key; and/or the wireless network configuration information includes a second wireless a network name, wherein the second wireless network name includes at least an information portion indicating that the wireless network does not require a network security key; and an input port configured to receive one or more terminal devices for wireless communication over the wireless network A transmitted data packet; an output port configured to forward the data packet to a network server associated with the one or more terminal devices.
例如:无线接入设备还可以包括:存储器,被配置为存储需要将数据包转发至所述网络服务器的终端装置的装置标识列表;处理器,被配置为判断接收的数据包来自的终端装置是否在所述装置标识列表中,在确定是的情况下,通过所述输出接口将接收的数据包转发至所述网络服务器。For example, the wireless access device may further include: a memory configured to store a device identification list of the terminal device that needs to forward the data packet to the network server; and a processor configured to determine whether the terminal device from which the received data packet is derived In the device identification list, if the determination is yes, the received data packet is forwarded to the network server through the output interface.
本发明实施例的第六个方面提供了一种终端装置,可以包括:无线网络搜索单元,被配置为获取无线网络名称,并判断所述无线网络名称中是否包括表示网络安全密钥的网络安全密钥部分;网络安全密钥提取单元,被配置为在确定无线网络名称中包括所述网络安全密钥部分的情况下,从所述网络安全密钥部分提取所述无线网络名称对应的网络安全密钥;无线网络连接单元,被配置为基于所述无线网络名称和提取出的网络安全密钥自动连接到所述无线网络名称对应的无线网络。A sixth aspect of the embodiments of the present invention provides a terminal device, which may include: a wireless network search unit configured to acquire a wireless network name, and determine whether the wireless network name includes network security indicating a network security key. a key portion; the network security key extracting unit configured to extract network security corresponding to the wireless network name from the network security key portion in a case where the network security key portion is included in the determined wireless network name a key; the wireless network connection unit configured to automatically connect to the wireless network corresponding to the wireless network name based on the wireless network name and the extracted network security key.
例如,终端装置还可以包括:网络安全密钥判断单元,被配置为基于所述无线网络名称中表示所述无线网络名称包含网络安全密钥的信息部分,判断所述无线网络名称是否包含网络安全密钥;并且,其中网络安全密钥提取单元,具体被配置为当确定所述信息部分指示所述无线网络名称包含网络安全密钥时,从所述无线网络名称中提取网络安全密钥。 For example, the terminal device may further include: a network security key determining unit configured to determine whether the wireless network name includes network security based on an information portion of the wireless network name indicating that the wireless network name includes a network security key And the network security key extraction unit is specifically configured to extract the network security key from the wireless network name when it is determined that the information portion indicates that the wireless network name includes a network security key.
根据本申请上述提供的无线网络配置、接入和访问方法、装置及设备,将无线网络的网络安全密钥添加到了无线网络名称中,从而使得符合要求的待接入的终端装置可以直接从无线网络名称中解析出网络安全密钥,从而实现无线网络的自动接入,解决了现有技术中需要人为输入网络安全密钥的问题,降低了终端装置接入无线网络的操作复杂度。According to the wireless network configuration, access and access method, device and device provided by the above application, the network security key of the wireless network is added to the wireless network name, so that the terminal device to be accessed that meets the requirements can be directly from the wireless The network security key is parsed in the network name, thereby realizing automatic access of the wireless network, solving the problem of requiring human input of the network security key in the prior art, and reducing the operation complexity of the terminal device accessing the wireless network.
附图说明DRAWINGS
为了更清楚地说明本发明实施例中的技术方案,下面将对实施例描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本发明的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。在附图中:In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings used in the description of the embodiments will be briefly described below. It is obvious that the drawings in the following description are only some embodiments of the present invention. Other drawings may also be obtained from those of ordinary skill in the art in light of the inventive work. In the drawing:
图1是根据本发明实施例的系统架构的示意图;1 is a schematic diagram of a system architecture in accordance with an embodiment of the present invention;
图2是根据本发明一个实施例的系统架构的示意框图;2 is a schematic block diagram of a system architecture in accordance with one embodiment of the present invention;
图3是根据本发明另一个实施例的系统架构的示意框图;3 is a schematic block diagram of a system architecture in accordance with another embodiment of the present invention;
图4是根据本发明一个实施例的家庭无线网络系统示意图;4 is a schematic diagram of a home wireless network system in accordance with one embodiment of the present invention;
图5是根据本发明又一个实施例的系统架构的示意框图;Figure 5 is a schematic block diagram of a system architecture in accordance with yet another embodiment of the present invention;
图6是根据本发明一个实施例的配置无线网络名称的方法流程示意图;6 is a schematic flow chart of a method for configuring a wireless network name according to an embodiment of the present invention;
图7是根据本发明一个实施例的终端装置自动接入的方法流程示意图;FIG. 7 is a schematic flowchart of a method for automatically accessing a terminal device according to an embodiment of the present invention; FIG.
图8是根据本发明一个实施例的无线网络配置、接入及访问方法流程图;8 is a flow chart of a method for configuring, accessing, and accessing a wireless network according to an embodiment of the present invention;
图9是根据本发明另一个实施例的无线网络配置、接入及访问方法流程图。9 is a flow chart of a wireless network configuration, access, and access method in accordance with another embodiment of the present invention.
具体实施方式detailed description
为使本发明的目的、技术方案和优点更加清楚明白,下面结合实施方式和附图,对本发明做进一步详细说明。在此,本发明的示意性实施方式及其说明用于解释本发明,但并不作为对本发明的限定。In order to make the objects, technical solutions and advantages of the present invention more comprehensible, the present invention will be further described in detail with reference to the embodiments and drawings. The illustrative embodiments of the present invention and the description thereof are intended to explain the present invention, but are not intended to limit the invention.
针对一个实施方式描述和/或示例的特征,可以在一个或多个其它实施方式中以相同方式或以类似方式使用,和/或与其它实施方式的特征相结合或代替其它实施方式的特征。 Features described and/or exemplified for one embodiment may be used in the same manner or in a similar manner in one or more other embodiments, and/or in combination with or in place of features of other embodiments.
应当强调的是,词语“包括”当在本说明书中使用时用来指所引述的特征、要素、步骤或组成部分的存在,但不排除一个或多个其它特征、要素、步骤、组成部分或它们的组合的存在或增加。It should be emphasized that the term "comprising", when used in the specification, is used to refer to the <RTI ID=0.0> </ RTI> </ RTI> </ RTI> <RTIgt; The existence or increase of their combination.
图1为本发明一实施例的系统架构100的示意图。如图1所示,该系统架构100可以包括:一个或多个无线接入设备101、一个或多个终端装置102、以及无线网络配置装置103。可选地,该系统架构100还可以包括:服务器104。FIG. 1 is a schematic diagram of a system architecture 100 in accordance with an embodiment of the present invention. As shown in FIG. 1, the system architecture 100 can include one or more wireless access devices 101, one or more terminal devices 102, and a wireless network configuration device 103. Optionally, the system architecture 100 may further include: a server 104.
无线接入设备101可以是能够提供无线网络的设备,例如路由器、无线随身WIFI、无线网卡、蓝牙设备等。The wireless access device 101 may be a device capable of providing a wireless network, such as a router, a wireless portable WIFI, a wireless network card, a Bluetooth device, and the like.
终端装置102可以是具备无线接入能力以接入到无线接入设备101所提供的无线网络中的设备,例如手机、电脑、平板电脑等,或者智能家居设备,例如电视、空调、扫地机器人、冰箱等。The terminal device 102 may be a device having wireless access capability to access the wireless network provided by the wireless access device 101, such as a mobile phone, a computer, a tablet computer, or the like, or a smart home device, such as a television, an air conditioner, a sweeping robot, Refrigerator, etc.
无线网络配置装置103可以被配置为基于规定的认证策略对无线接入设备101进行配置,以使得具有与该认证策略对应的自动认证机制的终端装置102可以自动接入无线接入设备101所提供的无线网络中。认证策略可以包括但不限于以下三种:The wireless network configuration device 103 can be configured to configure the wireless access device 101 based on a prescribed authentication policy such that the terminal device 102 having the automatic authentication mechanism corresponding to the authentication policy can automatically access the wireless access device 101. In the wireless network. The authentication policy can include but is not limited to the following three types:
(1)将无线接入设备101的无线网络配置为网络安全密钥携带在无线网络名称中,使得终端装置102可以通过无线网络名称中携带的网络安全密钥,自动接入无线接入设备101的无线网络;(1) The wireless network of the wireless access device 101 is configured to be carried in the wireless network name, so that the terminal device 102 can automatically access the wireless access device 101 by using the network security key carried in the wireless network name. Wireless network;
(2)将无线接入设备101的无线网络配置为无密码模式,使得终端装置102可以采用无密码方式直接接入无线接入设备101的无线网络,但是接入该无线网络的终端装置102所发送的所有数据包都会被转发至服务器104,以进行安全性检测和转发;(2) Configuring the wireless network of the wireless access device 101 to be in a no-password mode, so that the terminal device 102 can directly access the wireless network of the wireless access device 101 without a password, but access the terminal device 102 of the wireless network. All packets sent will be forwarded to the server 104 for security detection and forwarding;
(3)将无线接入设备101的无线网络配置为网络安全密钥携带在无线网络名称中,使得终端装置102可以通过无线网络名称中携带的网络安全密钥,自动接入到无线接入设备101的无线网络,但是接入该无线网络的终端装置102所发送的所有数据包都会被转发至服务器104,以进行安全性检测和转发。(3) Configuring the wireless network of the wireless access device 101 as the network security key is carried in the wireless network name, so that the terminal device 102 can automatically access the wireless access device by using the network security key carried in the wireless network name. The wireless network of 101, but all packets sent by the terminal device 102 accessing the wireless network are forwarded to the server 104 for security detection and forwarding.
下面结合具体实施例,对上述三种认证策略分别从系统架构和具体工作方式进行说明。然而值得注意的是,这些具体实施例仅是为了更好地说明本发明,并不构成对本发明的不当限定。The following three types of authentication strategies are described in terms of system architecture and specific working modes, respectively, in combination with specific embodiments. However, it is to be understood that the specific embodiments are merely illustrative of the invention and are not intended to limit the invention.
图2为实现认证策略(1)的示例系统架构的示意框图。2 is a schematic block diagram of an example system architecture implementing an authentication policy (1).
如图所示,该系统架构包括无线接入设备101、一个或多个终端装置102和无线网络配置装置103。 As shown, the system architecture includes a wireless access device 101, one or more terminal devices 102, and a wireless network configuration device 103.
无线网络配置装置103可以包括:网络安全密钥产生单元1031、无线网络名称产生单元1032和配置单元1033。The wireless network configuration device 103 may include a network security key generation unit 1031, a wireless network name generation unit 1032, and a configuration unit 1033.
网络安全密钥产生单元1031可以被配置为产生用于无线网络的网络安全密钥KEY。无线网络名称产生单元1032可以被配置为基于网络安全密钥KEY生成无线网络名称WIRELESS_NAME,其中,该无线网络名称WIRELESS_NAME中包括表示网络安全密钥KEY的网络安全密钥部分KEY_PORTION。配置单元1033可以被配置为向无线接入设备101发送携带有网络安全密钥KEY和无线网络名称WIRELESS_NAME的无线网络配置信息,以对无线接入设备101进行无线网络配置。The network security key generation unit 1031 may be configured to generate a network security key KEY for the wireless network. The wireless network name generation unit 1032 may be configured to generate a wireless network name WIRELESS_NAME based on the network security key KEY, wherein the wireless network name WIRELESS_NAME includes a network security key portion KEY_PORTION indicating a network security key KEY. The configuration unit 1033 may be configured to transmit the wireless network configuration information carrying the network security key KEY and the wireless network name WIRELESS_NAME to the wireless access device 101 to perform wireless network configuration on the wireless access device 101.
无线接入设备101可以包括:配置端口1011和输入端口1012。配置端口1011可以被配置为基于无线网络配置信息配置无线网络WIRELESS。输入端口1012可以被配置为接收通过无线网络WIRELESS进行无线通信的一个或多个终端装置102发送的数据包。The wireless access device 101 can include a configuration port 1011 and an input port 1012. The configuration port 1011 can be configured to configure the wireless network WIRELESS based on the wireless network configuration information. The input port 1012 can be configured to receive data packets transmitted by one or more terminal devices 102 that are in wireless communication over the wireless network WIRELESS.
终端装置102可以包括:无线网络搜索单元1021、网络安全密钥提取单元1022和无线网络连接单元1023。无线网络搜索单元1021可以被配置为获取无线网络名称WIRELESS_NAME。网络安全密钥提取单元1022可以被配置为从所获取的无线网络名称WIRELESS_NAME中的网络安全密钥部分KEY_PORTION提取与该无线网络名称WIRELESS_NAME对应的网络安全密钥KEY。无线网络连接单元1023可以被配置为基于无线网络名称WIRELESS_NAME和网络安全密钥KEY自动连接到与该无线网络名称WIRELESS_NAME对应的无线网络WIRELESS。The terminal device 102 may include a wireless network search unit 1021, a network security key extraction unit 1022, and a wireless network connection unit 1023. The wireless network search unit 1021 may be configured to acquire the wireless network name WIRELESS_NAME. The network security key extracting unit 1022 may be configured to extract the network security key KEY corresponding to the wireless network name WIRELESS_NAME from the network security key portion KEY_PORTION of the acquired wireless network name WIRELESS_NAME. The wireless network connection unit 1023 may be configured to automatically connect to the wireless network WIRELESS corresponding to the wireless network name WIRELESS_NAME based on the wireless network name WIRELESS_NAME and the network security key KEY.
这样,例如,无线接入设备101(例如路由器A)在出厂时或者使用过程中,可以由无线网络配置装置103按照以上认证策略(1)进行无线网络配置。具有与认证策略(1)对应的自动认证机制的终端装置102(例如智能扫地机器人),在搜索到由无线接入设备101产生的无线网络后,可以自动连接到该无线网络中,而无需人为输入无线网络密码信息。Thus, for example, the wireless access device 101 (eg, router A) may be configured by the wireless network configuration device 103 in accordance with the above authentication policy (1) at the time of shipment or during use. The terminal device 102 (for example, a smart sweeping robot) having an automatic authentication mechanism corresponding to the authentication policy (1) can automatically connect to the wireless network after searching for the wireless network generated by the wireless access device 101 without artificially Enter the wireless network password information.
图3为实现认证策略(2)的示例系统架构的示意图。3 is a schematic diagram of an example system architecture implementing an authentication policy (2).
如图所示,该系统架构包括无线接入设备101、一个或多个终端装置102、无线网络配置装置103以及服务器104。As shown, the system architecture includes a wireless access device 101, one or more terminal devices 102, a wireless network configuration device 103, and a server 104.
无线网络配置装置103可以包括无线网络名称产生单元1032和配置单元1033。无线网络名称产生单元1032可以被配置为生成无线网络名称WIRELESS_NAME。优选地,该无线网络名称WIRELESS_NAME中可以包括指示无线网络为无密码模式的指示 信息。配置单元1033可以被配置为向无线接入设备101发送携带有无线网络名称WIRELESS_NAME和对应的转发地址信息的无线网络配置信息,以对无线接入设备101进行无线网络配置(无线网络名称WIRELESS_NAME;无密码模式),并且将无线接入设备101配置为使得通过无线网络WIRELESS_NAME发送至该无线接入设备101的数据包都需要转发至服务器104。The wireless network configuration device 103 may include a wireless network name generation unit 1032 and a configuration unit 1033. The wireless network name generation unit 1032 can be configured to generate a wireless network name WIRELESS_NAME. Preferably, the wireless network name WIRELESS_NAME may include an indication that the wireless network is in a no-password mode information. The configuration unit 1033 may be configured to send the wireless network configuration information carrying the wireless network name WIRELESS_NAME and the corresponding forwarding address information to the wireless access device 101 to perform wireless network configuration on the wireless access device 101 (wireless network name WIRELESS_NAME; none The cryptographic mode), and the wireless access device 101 is configured such that packets sent to the wireless access device 101 over the wireless network WIRELESS_NAME need to be forwarded to the server 104.
无线接入设备101可以包括:配置端口1011、输入端口1012和转发端口1013。配置端口1011可以被配置为基于无线网络配置信息配置无线网络WIRELESS_NAME和转发地址(服务器104)。输入端口1012可以被配置为接收通过无线网络WIRELESS_NAME进行无线通信的一个或多个终端装置102发送的数据包。转发端口1013可以被配置为将通过无线网络WIRELESS_NAME接收到的数据包转发至服务器104。The wireless access device 101 can include a configuration port 1011, an input port 1012, and a forwarding port 1013. The configuration port 1011 can be configured to configure the wireless network WIRELESS_NAME and the forwarding address (server 104) based on the wireless network configuration information. The input port 1012 can be configured to receive data packets transmitted by one or more terminal devices 102 that are in wireless communication over the wireless network WIRELESS_NAME. The forwarding port 1013 can be configured to forward the data packets received over the wireless network WIRELESS_NAME to the server 104.
终端装置102可以包括无线网络搜索单元1021和无线网络连接单元1023。无线网络搜索单元1021可以被配置为可以搜索无密码的无线网络WIRELESS_NAME。无线网络连接单元1023可以被配置为直接连接该无密码的无线网络WIRELESS_NAME。The terminal device 102 may include a wireless network search unit 1021 and a wireless network connection unit 1023. The wireless network search unit 1021 can be configured to search for a wireless network WIRELESS_NAME without a password. The wireless network connection unit 1023 can be configured to directly connect to the passwordless wireless network WIRELESS_NAME.
服务器104对无线接入设备101转发来的数据包进行安全性检测,判断发送该数据包的设备是否为指定的安全设备,如果安全性检测通过(即,判断结果为“是”),则将数据包转发至对应的目的设备。The server 104 performs security detection on the data packet forwarded by the wireless access device 101, and determines whether the device that sends the data packet is a designated security device. If the security check is passed (ie, the determination result is “Yes”), The packet is forwarded to the corresponding destination device.
服务器104例如可以是位于互联网上的云服务器,也可以是设置于家庭中专用于智能家居设备的专用服务器。The server 104 may be, for example, a cloud server located on the Internet, or may be a dedicated server dedicated to the smart home device in the home.
例如,图4为基于以上实施例(认证策略(2))的家庭无线网络系统的示意图。For example, FIG. 4 is a schematic diagram of a home wireless network system based on the above embodiment (authentication policy (2)).
在该家庭无线网络系统中,路由器401可以在出厂时或者使用过程中,由无线网络配置装置103进行配置。这样,家庭中的智能家居设备(例如,位于地下一层的洗衣机406,一层电视机402、冰箱403,二层的手机404、电脑405)都可以采用无密码的方式接入路由器401所提供的无线网络。路由器401在接收到来自智能家居设备的数据包后,将这些数据包统一转发至服务器407,由该服务器407对数据包进行安全性检测,判断发送该数据包的设备是否为设定的安全设备,如果通过安全性检测(即,判断结果为“是”),则将数据包转发至对应的目的设备。In the home wireless network system, the router 401 can be configured by the wireless network configuration device 103 at the time of shipment or during use. In this way, the smart home device in the home (for example, the washing machine 406 located on the ground floor, the first floor TV 402, the refrigerator 403, the second floor mobile phone 404, the computer 405) can be provided by the router 401 in a passwordless manner. Wireless network. After receiving the data packet from the smart home device, the router 401 uniformly forwards the data packet to the server 407, and the server 407 performs security detection on the data packet to determine whether the device that sends the data packet is the set security device. If the security check is passed (ie, the judgment result is "Yes"), the data packet is forwarded to the corresponding destination device.
图5为实现认证策略(3)的示例系统架构的示意框图。Figure 5 is a schematic block diagram of an example system architecture implementing an authentication policy (3).
如图所示,该示例系统架构包括无线接入设备101、一个或多个终端装置102、无线网络配置装置103以及服务器104。 As shown, the example system architecture includes a wireless access device 101, one or more terminal devices 102, a wireless network configuration device 103, and a server 104.
无线网络配置装置103可以包括:网络安全密钥产生单元1031、无线网络名称产生单元1032和配置单元1033。网络安全密钥产生单元1031可以被配置为产生用于无线网络的网络安全密钥KEY。无线网络名称产生单元1032可以被配置为基于网络安全密钥KEY生成无线网络名称WIRELESS_NAME,其中,该无线网络名称WIRELESS_NAME中包括表示网络安全密钥KEY的网络安全密钥部分KEY_PORTION。配置单元1033可以被配置为向无线接入设备101发送携带有网络安全密钥KEY和无线网络名称WIRELESS_NAME以及对应的转发地址信息的无线网络配置信息,以对无线接入设备101进行无线网络配置(无线网络名称WIRELESS_NAME,网络秘钥KEY),并且将无线接入设备101配置为使得通过无线网络WIRELESS_NAME发送至该无线接入设备101的数据包都需转发至服务器104。The wireless network configuration device 103 may include a network security key generation unit 1031, a wireless network name generation unit 1032, and a configuration unit 1033. The network security key generation unit 1031 may be configured to generate a network security key KEY for the wireless network. The wireless network name generation unit 1032 may be configured to generate a wireless network name WIRELESS_NAME based on the network security key KEY, wherein the wireless network name WIRELESS_NAME includes a network security key portion KEY_PORTION indicating a network security key KEY. The configuration unit 1033 may be configured to send the wireless network configuration information carrying the network security key KEY and the wireless network name WIRELESS_NAME and the corresponding forwarding address information to the wireless access device 101 to perform wireless network configuration on the wireless access device 101 ( The wireless network name WIRELESS_NAME, network key KEY), and the wireless access device 101 is configured such that data packets sent to the wireless access device 101 over the wireless network WIRELESS_NAME are forwarded to the server 104.
无线接入设备101可以包括:配置端口1011、输入端口1012和转发端口1013。配置端口1011可以被配置为基于无线网络配置信息配置无线网络和转发地址(服务器104)。输入端口1012可以被配置为接收通过无线网络WIRELESS_NAME进行无线通信的一个或多个终端装置102发送的数据包。转发端口1013可以被配置为将通过无线网络WIRELESS_NAME接收到的数据包转发至服务器104。The wireless access device 101 can include a configuration port 1011, an input port 1012, and a forwarding port 1013. The configuration port 1011 can be configured to configure the wireless network and forwarding address (server 104) based on the wireless network configuration information. The input port 1012 can be configured to receive data packets transmitted by one or more terminal devices 102 that are in wireless communication over the wireless network WIRELESS_NAME. The forwarding port 1013 can be configured to forward the data packets received over the wireless network WIRELESS_NAME to the server 104.
终端装置102可以包括:无线网络搜索单元1021、网络安全密钥提取单元1022和无线网络连接单元1023。无线网络搜索单元1021可以被配置为获取无线网络名称WIRELESS_NAME。网络安全密钥提取单元1022可以被配置为从该无线网络名称WIRELESS_NAME中的网络安全密钥部分KEY_PORTION提取与该无线网络名称WIRELESS_NAME对应的网络安全密钥KEY。无线网络连接单元1023可以被配置为基于无线网络名称WIRELESS_NAME和网络安全密钥KEY自动连接到与该无线网络名称WIRELESS_NAME对应的无线网络。The terminal device 102 may include a wireless network search unit 1021, a network security key extraction unit 1022, and a wireless network connection unit 1023. The wireless network search unit 1021 may be configured to acquire the wireless network name WIRELESS_NAME. The network security key extracting unit 1022 may be configured to extract the network security key KEY corresponding to the wireless network name WIRELESS_NAME from the network security key portion KEY_PORTION in the wireless network name WIRELESS_NAME. The wireless network connection unit 1023 may be configured to automatically connect to the wireless network corresponding to the wireless network name WIRELESS_NAME based on the wireless network name WIRELESS_NAME and the network security key KEY.
服务器104对无线接入设备101转发来的数据包进行安全性检测,判断发送该数据包的设备是否为指定的安全设备,如果安全性检测通过(即,判断结果为“是”),则将数据包转发至对应的目的设备。The server 104 performs security detection on the data packet forwarded by the wireless access device 101, and determines whether the device that sends the data packet is a designated security device. If the security check is passed (ie, the determination result is “Yes”), The packet is forwarded to the corresponding destination device.
服务器104例如可以是位于互联网上的云服务器,也可以是设置于家庭中专用于智能家居设备的专用服务器。The server 104 may be, for example, a cloud server located on the Internet, or may be a dedicated server dedicated to the smart home device in the home.
与图2所示的实施例相比,图5所示的实施例增加了对来自终端装置102的数据包的安全性检测,从而在实现终端装置102自动接入无线网络的同时,进一步提高了安全性。 Compared with the embodiment shown in FIG. 2, the embodiment shown in FIG. 5 increases the security detection of the data packets from the terminal device 102, thereby further improving the terminal device 102 automatically accessing the wireless network. safety.
图1至图3和图5中所示的无线网络配置装置103仅是一种示例性描述,并非对无线网络配置装置103的存在方式进行具体限定。例如,无线网络配置装置103可以是一个单独的服务器或者处理器,也可以是内置在无线接入设备中的,或者也可以是用户终端设备(例如手机,平板,笔记本等)中的一个应用程序,具体存在形式是多样的,只要能够实现对无线接入设备的配置即可。The wireless network configuration device 103 shown in FIGS. 1 to 3 and FIG. 5 is merely an exemplary description, and does not specifically define the manner in which the wireless network configuration device 103 exists. For example, the wireless network configuration device 103 can be a separate server or processor, or can be built into the wireless access device, or can be an application in a user terminal device (such as a mobile phone, a tablet, a notebook, etc.). The specific form of existence is diverse as long as the configuration of the wireless access device can be implemented.
例如,无线接入设备101可以在出厂时或者使用过程中,通过连接或与无线网络配置装置103通信来进行配置。For example, the wireless access device 101 can be configured by connecting or communicating with the wireless network configuration device 103 at the time of shipment or during use.
以上是对不同认证策略的系统架构和组成的描述。The above is a description of the system architecture and composition of different authentication strategies.
下面结合具体实施例对各个认证策略的实施进行描述。The implementation of each authentication policy will be described below in conjunction with specific embodiments.
基于无线网络密码(网络安全密钥KEY)生成无线网络名称WIRELESS_NAME的过程(认证策略(1))主要是在上述的无线网络配置装置103中实现的。考虑到网络安全密钥KEY(例如,无线网络密码)的安全性,无线网络配置装置103可以对网络安全密钥KEY进行加密,得到预定长度的加密网络安全密钥,然后将加密网络安全密钥添加到无线网络名称WIRELESS_NAME的网络安全密钥部分KEY_PORTION,从而得到至少包括网络安全密钥部分的无线网络名称。The process of generating the wireless network name WIRELESS_NAME based on the wireless network password (Network Security Key KEY) (authentication policy (1)) is mainly implemented in the above-described wireless network configuration device 103. Considering the security of the network security key KEY (for example, a wireless network password), the wireless network configuration device 103 can encrypt the network security key KEY to obtain a predetermined length of the encrypted network security key, and then encrypt the network security key. Add to the network security key part KEY_PORTION of the wireless network name WIRELESS_NAME, thereby obtaining the wireless network name including at least the network security key part.
例如,以路由器的无线网络名称,即SSID(Service Set Identifier,服务集标识)为例。SSID技术可以将一个无线局域网分为几个需要不同身份验证的子网络,每一个子网络都需要独立的身份验证,只有通过身份验证的用户才可以进入相应的子网络,从而防止未被授权的用户进入本网络。一般SSID由区分大小写的最多不超过32位的字符组成,为了对原系统和设备有尽量少的改动,因此在生成SSID的时候,可以仍旧按照上述原有的字符和字符数的限制对SSID进行命名。例如,整个SSID可以由如下4个字符串区域组成:For example, the wireless network name of the router, that is, the SSID (Service Set Identifier) is taken as an example. SSID technology can divide a wireless LAN into several sub-networks that require different authentication. Each sub-network needs independent authentication. Only authenticated users can enter the corresponding sub-network, thus preventing unauthorized access. The user enters the network. Generally, the SSID consists of case-insensitive characters of up to 32 characters. In order to minimize the changes to the original system and device, the SSID can still be used according to the above-mentioned original characters and characters. Name it. For example, the entire SSID can consist of the following four string regions:
[前缀][base64(认证密码)][校验数值][prefix][base64(authentication password)][check value]
其中,前缀区可以由特定的字符串组成,例如bp_;Wherein, the prefix area may be composed of a specific string, such as bp_;
认证密码区:即,上述的网络安全密钥部分,该区域可以被设置为存放加密后的网络安全密钥(此例中即路由器提供的无线网络的无线网密码),该网络安全密钥可以是通过公钥加密,然后再经过压缩编码后形成的base64编码字符串,压缩编码例如可以采用LZ77压缩算法,也可以采用其它的压缩算法,本例仅是示意性描述,不构成具体限定; Authentication password area: that is, the above network security key part, the area can be set to store the encrypted network security key (in this example, the wireless network password of the wireless network provided by the router), the network security key can be It is a base64 encoded string formed by public key encryption and then compression-encoded. For example, the LZ77 compression algorithm may be used for compression coding, and other compression algorithms may be used. This example is only a schematic description and does not constitute a specific limitation;
校验数值区:用于数据校验,可以仅为一个字符,例如可以是26个字母(区分大小写)及0-9的阿拉伯数字中的一个,该数值可以是路由器的MAC(Media Access Control,无线接入控制)地址取模62后的数值,之所以取模62是因为考虑26个大写字母,26个小写字母和0至9这10个数字,加起来一共62个字符。Check value area: used for data verification, which can be only one character. For example, it can be 26 letters (case sensitive) and one of 0-9 Arabic numerals. This value can be the router's MAC (Media Access Control). , wireless access control) address modulo 62 value, the reason for modulo 62 is to consider 26 uppercase letters, 26 lowercase letters and 0 to 9 of these 10 numbers, add up to a total of 62 characters.
上述的前缀区和校验数值区可以设置为用于标识该无线网络名称包含网络安全密钥,从而使得待接入的终端装置在搜索到无线网络的无线网络名称后可以快速判断出该无线网络是否支持设备的自动接入。The prefix area and the check value area may be configured to identify that the wireless network name includes a network security key, so that the terminal device to be accessed can quickly determine the wireless network after searching for the wireless network name of the wireless network. Whether to support automatic access of the device.
基于上述的无线网络名称的组成,其生成过程可以如图6所示,包括以下步骤:Based on the composition of the wireless network name described above, the generation process may be as shown in FIG. 6, and includes the following steps:
S61:产生随机密码;S61: generating a random password;
S62:根据自身的MAC地址调用对应的公钥进行加密;S62: Invoking a corresponding public key according to its own MAC address for encryption;
S63:对加密后的结果进行压缩;S63: compress the encrypted result;
S64:对压缩结果使用base64进行重新编码;S64: Recoding the compression result using base64;
S65:检查重新编码后的字符数是否超出预定字符数(例如,28个字符);S65: Check whether the number of characters after re-encoding exceeds a predetermined number of characters (for example, 28 characters);
S66:如果超出,则重新生成;S66: If it is exceeded, it is regenerated;
S67:如果未超出则将其作为网络名称的组成部分,按照预定的合成规则合成无线网络名称。S67: If it is not exceeded, it is used as a component of the network name, and the wireless network name is synthesized according to a predetermined synthesis rule.
在生成无线网络名称后,为了使得设备可以搜索到该无线网络,可以对该无线网络的网络名称进行广播,也可以不进行广播,而是等着终端装置自身计算推算无线网络的网络名称。After the wireless network name is generated, in order to enable the device to search for the wireless network, the network name of the wireless network may be broadcast, or may not be broadcasted, but the terminal device itself may calculate the network name of the estimated wireless network.
终端装置102(例如智能家居设备等)如果想要通过这种方式接入到无线网络中,需内置对应的自动认证机制,该机制可以以一段代码的形式存在,也可以是一个硬件组成部分(例如加密芯片),具体实现方式可以按照需要选择,本申请不作限定。If the terminal device 102 (for example, a smart home device or the like) wants to access the wireless network in this way, a corresponding automatic authentication mechanism needs to be built in. The mechanism may exist in the form of a piece of code or may be a hardware component ( For example, the encryption chip), the specific implementation manner can be selected as needed, and the application is not limited.
以加密芯片为例,其中可以内置有解密私钥集合,保证私钥可以用于对无线网络名称的解密,从而获取其中的网络安全密钥,并保证这些解密私钥不会被随意复制。Taking the encryption chip as an example, a decryption private key set may be built in, so that the private key can be used to decrypt the wireless network name, thereby obtaining the network security key therein, and ensuring that the decrypted private keys are not randomly copied.
如图7所示,为终端装置102进行自动接入的流程图,包括:As shown in FIG. 7, a flowchart for automatically accessing the terminal device 102 includes:
S71:终端装置102扫描周围的无线网络;S71: The terminal device 102 scans the surrounding wireless network;
S72:从扫描到的无线网络中确定出可以自动认证接入的无线网络;S72: Determine, from the scanned wireless network, a wireless network that can automatically authenticate the access;
S73:从该无线网络的无线网络名称中读取密码区域的字符串;S73: Read a character string of the password area from the wireless network name of the wireless network;
S74:解压缩该字符串;S74: Decompress the string;
S75:根据MAC取模匹配出对应的解密私钥; S75: Matching the corresponding decryption private key according to the MAC modulo;
S76:解密出无线网络的密码;S76: decrypt the password of the wireless network;
S77:自动认证连接。S77: Automatic authentication connection.
基于无密码的无线网络接入方式(认证策略(2)),同样需要无线网络配置装置103进行配置。即,通过无线网络配置装置103生成无密码保护的无线网络密码。与现有的无线网络连接方式的区别在于:连接至该无线网络中的终端装置102所发送的数据包都会被转发至一个特定的服务器104,从而保证无线网络数据传输的安全性。Based on the passwordless wireless network access method (authentication policy (2)), the wireless network configuration device 103 is also required to perform configuration. That is, the wireless network configuration device 103 generates a wireless network password without password protection. The difference from the existing wireless network connection method is that the data packets transmitted by the terminal device 102 connected to the wireless network are forwarded to a specific server 104, thereby ensuring the security of wireless network data transmission.
例如,以路由器的无线网络名称,即SSID,为例,一般SSID由区分大小写的最多不超过32位的字符组成,为了对原系统和设备有尽量少的改动,因此在生成SSID的时候,仍旧遵循原本的命名规则。例如,整个SSID可以由如下4个字符串区域组成:For example, the router's wireless network name, SSID, is used as an example. Generally, the SSID consists of case-insensitive characters of up to 32 characters. In order to minimize the changes to the original system and device, when generating the SSID, Still follow the original naming rules. For example, the entire SSID can consist of the following four string regions:
[前缀][mac地址][校验数值][prefix][mac address][check value]
其中,前缀区可以由特定的字符串组成,例如bp_;Wherein, the prefix area may be composed of a specific string, such as bp_;
mac地址区:该区域可以是无线接入设备的MAC地址却掉:后的数字与字母组合;Mac address area: This area can be the MAC address of the wireless access device but it is lost: the combination of numbers and letters;
校验数值区:用于数据校验,可以仅为一个字符,例如可以是26个字母(区分大小写)及0-9的阿拉伯数字中的一个,该数值可以是路由器的MAC地址取模62后的数值;Check value area: used for data verification, which can be only one character. For example, it can be one of 26 letters (case sensitive) and 0-9 Arabic numerals. The value can be the MAC address of the router. After the value;
上述的前缀、mac地址区和校验数值区可以设置为用于标识该无线网络是无密码的,从而使得待接入的终端装置102在搜索到无线网络的无线网络名称后可以直接接入该无线网络中。The foregoing prefix, mac address area, and check value area may be configured to identify that the wireless network is passwordless, so that the terminal device 102 to be accessed may directly access the wireless network name after searching for the wireless network. In a wireless network.
基于上述的无线网络名称的标识规则,总的执行流程可以如图8所示,包括:Based on the foregoing identification rules of the wireless network name, the overall execution process may be as shown in FIG. 8, including:
S81:读取无线接入设备的MAC地址;S81: Read a MAC address of the wireless access device;
S82:产生可以标识无密码接入的无线网络名称;S82: Generate a wireless network name that can identify passwordless access;
S83:接收连入该无线网络的终端装置发送数据包;S83: Receive a data packet sent by the terminal device connected to the wireless network;
S84:将接收到的数据包转发至特定的服务器。S84: Forward the received data packet to a specific server.
可选地,认证策略(2)可以认为是认证策略(1)的一种特殊方式,即,相当于将无线网络的网络安全密钥设置为无。因此,也可以采用认证策略1的方式实现认证策略(2),即,也采用:[前缀][base64(认证密码)][校验数值]的方式设置无线网络名称。Optionally, the authentication policy (2) can be considered as a special way of the authentication policy (1), that is, equivalent to setting the network security key of the wireless network to none. Therefore, the authentication policy (2) can also be implemented by means of the authentication policy 1, that is, the wireless network name is also set by using [prefix] [base64 (authentication password)] [check value].
可选地,无线接入设备101可以与一个约束装置进行匹配,在该约束装置中记录所有连入该无线接入设备所提供的无线网络的终端装置的IP地址,后续接收到数据包后, 都可以通过该约束装置判断该数据包的源IP地址是否在记录的IP地址集合中,如果在,则直接将该数据包转发至预设的特定服务器中,从而进一步保证安全性。Optionally, the wireless access device 101 can match with a constraint device, where the IP address of all the terminal devices connected to the wireless network provided by the wireless access device is recorded, and after receiving the data packet, The binding device can determine whether the source IP address of the data packet is in the recorded IP address set, and if so, directly forward the data packet to a preset specific server, thereby further ensuring security.
假设上述的无线接入设备为路由器,则无线网络名称即为路由器的SSID,因路由器存在主SSID和次SSID,一个SSID对应一个无线网络。因此,可选地,可以将次SSID按照上述认证策略之一设置,而主SSID按照现有的正常的无线网络方式设置;也可以将主SSID按照上述认证策略之一设置,而次SSID按照现有的正常的无线网络方式设置;当然也可以将主SSID和次SSID都按照上述认证策略之一设置,具体的设置和选择方式,可以按照实际需求选择,本申请对此不作限定。Assuming that the wireless access device is a router, the wireless network name is the SSID of the router. Because the router has a primary SSID and a secondary SSID, one SSID corresponds to one wireless network. Therefore, optionally, the secondary SSID may be set according to one of the foregoing authentication policies, and the primary SSID is set according to the existing normal wireless network mode; the primary SSID may also be set according to one of the foregoing authentication policies, and the secondary SSID is Some of the normal wireless network mode settings; of course, the primary SSID and the secondary SSID can be set according to one of the above-mentioned authentication policies. The specific settings and selection methods can be selected according to actual needs, which is not limited in this application.
图9为本发明实施例的无线网络配置、接入及访问方法流程图。下面结合图9进行描述。FIG. 9 is a flowchart of a method for configuring, accessing, and accessing a wireless network according to an embodiment of the present invention. Description will be made below with reference to FIG.
步骤901:无线网络配置装置(图1所示的无线网络配置装置103)生成无线网络的网络安全密钥。Step 901: The wireless network configuration device (the wireless network configuration device 103 shown in FIG. 1) generates a network security key of the wireless network.
步骤902:基于该网络安全密钥生成无线网络名称,其中,无线网络名称中至少包括表示网络安全密钥的网络安全密钥部分。Step 902: Generate a wireless network name based on the network security key, where the wireless network name includes at least a network security key portion indicating a network security key.
可选地,可以对网络安全密钥进行加密,得到预定长度的加密网络安全密钥,然后将加密网络安全密钥添加到无线网络名称的网络安全密钥部分,得到至少包括网络安全密钥部分的无线网络名称。在实际实现的时候,可选地,无线网络名称还包括以下组成部分中的一种或多种:Optionally, the network security key may be encrypted to obtain a predetermined length of the encrypted network security key, and then the encrypted network security key is added to the network security key part of the wireless network name to obtain at least the network security key part. The name of the wireless network. In actual implementation, optionally, the wireless network name also includes one or more of the following components:
1)表示无线网络名称包含网络安全密钥的信息部分;1) indicating that the wireless network name contains the information part of the network security key;
2)用于校验网络安全密钥的校验信息部分;2) a verification information portion for verifying the network security key;
3)表示安全类型的类型信息部分;3) indicating the type information part of the security type;
4)表示对所述网络安全密钥进行加密的加密规则的加密信息部分。4) An encrypted information portion of an encryption rule indicating encryption of the network security key.
步骤903:无线网络配置装置基于网络安全密钥和无线网络名称对无线接入设备的无线网络进行配置。Step 903: The wireless network configuration device configures the wireless network of the wireless access device based on the network security key and the wireless network name.
步骤904:终端装置(即图1中得终端装置102)获取无线网络名称。Step 904: The terminal device (ie, the terminal device 102 in FIG. 1) acquires a wireless network name.
步骤905:终端装置从网络安全密钥部分提取无线网络名称对应的网络安全密钥。Step 905: The terminal device extracts a network security key corresponding to the wireless network name from the network security key portion.
步骤906:终端装置基于无线网络名称和网络安全密钥自动连接到该无线网络名称对应的无线网络。Step 906: The terminal device automatically connects to the wireless network corresponding to the wireless network name based on the wireless network name and the network security key.
步骤907:无线接入设备接收终端装置发送过来的数据包,其中,所述无线接入设备配置有至少一个无线网络。 Step 907: The wireless access device receives the data packet sent by the terminal device, where the wireless access device is configured with at least one wireless network.
步骤908:判断所述数据包是否来自通过所述至少一个无线网络中预设无线网络进行无线通信的终端装置。Step 908: Determine whether the data packet is from a terminal device that performs wireless communication through a preset wireless network in the at least one wireless network.
例如,以路由器为例,可以同时提供两个无线网络,即主SSID对应的无线网络和次SSID对应的无线网络。可以将次SSID对应的无线网络设置为预设无线网络,那么接入该无线网络的终端装置都认为是数据包需要转发至与这些终端装置关联的网络服务器。例如,当这些终端装置都是智能家居设备的设备,这个网络服务器可以是专用于为智能家居设备的服务器,可以是一个云服务器。For example, taking a router as an example, two wireless networks can be provided at the same time, that is, a wireless network corresponding to the primary SSID and a wireless network corresponding to the secondary SSID. The wireless network corresponding to the secondary SSID may be set as a preset wireless network, and then the terminal device accessing the wireless network considers that the data packet needs to be forwarded to the network server associated with the terminal devices. For example, when these terminal devices are devices of a smart home device, the network server may be a server dedicated to a smart home device, and may be a cloud server.
步骤909:当所述数据包来自于通过所述预设无线网络进行无线通信的终端装置时,向所述终端装置关联的网络服务器转发所述数据包。Step 909: When the data packet is from a terminal device that performs wireless communication through the preset wireless network, forward the data packet to a network server associated with the terminal device.
应道注意,尽管在附图中以特定顺序描述了本发明方法的操作步骤,但是,这并非要求或者暗示必须按照该特定顺序来执行这些操作,或者必须执行全部所示的操作才能实现期望的结果。附加地或备选地,可以省略某些步骤,将多个步骤合并为一个步骤执行,和/或将一个步骤分解为多个步骤执行。It should be noted that although the operational steps of the method of the present invention are described in a particular order in the drawings, this is not required or implied that such operations must be performed in that particular order, or that all illustrated operations must be performed to achieve the desired. result. Additionally or alternatively, certain steps may be omitted, multiple steps being combined into one step, and/or one step being broken down into multiple steps.
例如,步骤907至步骤909仅是本申请所提供的无线网络配置、接入及访问方法的可选步骤,缺少其中一些或全部不会应影响本申请的基本目的的实现。For example, steps 907 through 909 are merely optional steps of the wireless network configuration, access, and access methods provided by the present application, and lack of implementations in which some or all of them do not affect the basic purpose of the application.
本领域内的技术人员应明白,本发明的实施例可提供为方法、系统、或计算机程序产品。因此,本发明可采用完全硬件实施例、完全软件实施例、或结合软件和硬件方面的实施例的形式。而且,本发明可采用在一个或多个其中包含有计算机可用程序代码的计算机可用存储介质(包括但不限于磁盘存储器、CD-ROM、光学存储器等)上实施的计算机程序产品的形式。Those skilled in the art will appreciate that embodiments of the present invention can be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment, or a combination of software and hardware. Moreover, the invention can take the form of a computer program product embodied on one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) including computer usable program code.
本发明是参照根据本发明实施例的方法、设备(系统)、和计算机程序产品的流程图和/或方框图来描述的。应理解可由计算机程序指令实现流程图和/或方框图中的每一流程和/或方框、以及流程图和/或方框图中的流程和/或方框的结合。可提供这些计算机程序指令到通用计算机、专用计算机、嵌入式处理机或其他可编程数据处理设备的处理器以产生一个机器,使得通过计算机或其他可编程数据处理设备的处理器执行的指令产生用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的装置。The present invention has been described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (system), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flowchart illustrations and/or FIG. These computer program instructions can be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing device to produce a machine for the execution of instructions for execution by a processor of a computer or other programmable data processing device. Means for implementing the functions specified in one or more of the flow or in a block or blocks of the flow chart.
这些计算机程序指令也可存储在能引导计算机或其他可编程数据处理设备以特定方式工作的计算机可读存储器中,使得存储在该计算机可读存储器中的指令产生包括指令 装置的制造品,该指令装置实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能。The computer program instructions can also be stored in a computer readable memory that can direct a computer or other programmable data processing device to operate in a particular manner, such that the instructions stored in the computer readable memory include instructions. An article of manufacture of a device that implements the functions specified in a block or blocks of a flow or a flow and/or block diagram of the flowchart.
这些计算机程序指令也可装载到计算机或其他可编程数据处理设备上,使得在计算机或其他可编程设备上执行一系列操作步骤以产生计算机实现的处理,从而在计算机或其他可编程设备上执行的指令提供用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的步骤。These computer program instructions can also be loaded onto a computer or other programmable data processing device such that a series of operational steps are performed on a computer or other programmable device to produce computer-implemented processing for execution on a computer or other programmable device. The instructions provide steps for implementing the functions specified in one or more of the flow or in a block or blocks of a flow diagram.
显然,本领域的技术人员应该明白,上述的本发明实施例的各模块或各步骤可以用通用的计算装置来实现,它们可以集中在单个的计算装置上,或者分布在多个计算装置所组成的网络上,可选地,它们可以用计算装置可执行的程序代码来实现,从而,可以将它们存储在存储装置中由计算装置来执行,并且在某些情况下,可以以不同于此处的顺序执行所示出或描述的步骤,或者将它们分别制作成各个集成电路模块,或者将它们中的多个模块或步骤制作成单个集成电路模块来实现。这样,本发明实施例不限制于任何特定的硬件和软件结合。Obviously, those skilled in the art should understand that the above modules or steps of the embodiments of the present invention can be implemented by a general computing device, which can be concentrated on a single computing device or distributed in multiple computing devices. Alternatively, they may be implemented by program code executable by the computing device such that they may be stored in the storage device by the computing device and, in some cases, may be different from The steps shown or described are performed sequentially, or they are separately fabricated into individual integrated circuit modules, or a plurality of modules or steps thereof are fabricated into a single integrated circuit module. Thus, embodiments of the invention are not limited to any specific combination of hardware and software.
以上所述仅为本发明的优选实施例而已,并不用于限制本发明,对于本领域的技术人员来说,本发明实施例可以有各种更改和变化。凡在本发明的精神和原则之内,所作的任何修改、等同替换、改进等,均应包含在本发明的保护范围之内。 The above description is only the preferred embodiment of the present invention, and is not intended to limit the present invention, and various changes and modifications may be made to the embodiments of the present invention. Any modifications, equivalent substitutions, improvements, etc. made within the spirit and scope of the present invention are intended to be included within the scope of the present invention.

Claims (15)

  1. 一种无线网络配置方法,包括:A wireless network configuration method includes:
    生成无线网络的网络安全密钥;Generating a network security key for the wireless network;
    基于所述网络安全密钥生成无线网络名称,其中,所述无线网络名称中至少包括表示所述网络安全密钥的网络安全密钥部分;以及Generating a wireless network name based on the network security key, wherein the wireless network name includes at least a network security key portion representing the network security key;
    基于所述网络安全密钥和所述无线网络名称配置所述无线网络。The wireless network is configured based on the network security key and the wireless network name.
  2. 根据权利要求1所述的方法,其中,基于所述网络安全密钥生成无线网络名称,包括:The method of claim 1 wherein generating a wireless network name based on the network security key comprises:
    对所述网络安全密钥进行加密,得到预定长度的加密网络安全密钥;Encrypting the network security key to obtain a predetermined length of an encrypted network security key;
    将所述加密网络安全密钥添加到无线网络名称的网络安全密钥部分,得到至少包括所述网络安全密钥部分的无线网络名称。Adding the encrypted network security key to the network security key portion of the wireless network name results in a wireless network name including at least the network security key portion.
  3. 根据权利要求2所述的方法,其中,基于所述网络安全密钥生成无线网络名称还包括以下至少之一或任意组合:The method of claim 2, wherein generating the wireless network name based on the network security key further comprises at least one or any combination of the following:
    生成表示所述无线网络名称包含网络安全密钥的信息部分;Generating an information portion indicating that the wireless network name includes a network security key;
    生成用于校验所述网络安全密钥的校验信息部分;Generating a verification information portion for verifying the network security key;
    生成表示安全类型的类型信息部分;Generating a type information portion indicating a security type;
    生成表示对所述网络安全密钥进行加密的加密规则的加密信息部分。An encrypted information portion representing an encryption rule that encrypts the network security key is generated.
  4. 根据权利要求1至3中任一项所述的方法,其中,基于所述网络安全密钥和所述无线网络名称配置所述无线网络,包括:The method of any one of claims 1 to 3, wherein configuring the wireless network based on the network security key and the wireless network name comprises:
    将所述无线网络名称配置为无线接入设备的主无线网络和次无线网络中的一个无线网络的名称;Configuring the wireless network name as a name of a wireless network in a primary wireless network and a secondary wireless network of the wireless access device;
    将所述网络安全密钥配置为所述一个无线网络的网络安全密钥。The network security key is configured as a network security key of the one wireless network.
  5. 一种无线网络接入方法,包括:A wireless network access method includes:
    获取无线网络名称,其中,所述无线网络名称至少包括表示网络安全密钥的网络安全密钥部分;Obtaining a wireless network name, wherein the wireless network name includes at least a network security key portion indicating a network security key;
    从所述网络安全密钥部分提取所述无线网络名称对应的网络安全密钥;Extracting, from the network security key portion, a network security key corresponding to the wireless network name;
    基于所述无线网络名称和所述网络安全密钥自动连接到所述无线网络名称对应的无线网络。Automatically connecting to the wireless network corresponding to the wireless network name based on the wireless network name and the network security key.
  6. 根据权利要求5所述的方法,还包括: The method of claim 5 further comprising:
    基于所述无线网络名称中表示所述无线网络名称包含网络安全密钥的信息部分,判断所述无线网络名称是否包含网络安全密钥;Determining, according to the information part of the wireless network name that the wireless network name includes a network security key, whether the wireless network name includes a network security key;
    并且其中,从所述网络安全密钥部分提取所述无线网络名称对应的网络安全密钥,包括:当所述信息部分指示所述无线网络名称包含网络安全密钥时,从所述无线网络名称中提取网络安全密钥。And wherein the extracting the network security key corresponding to the wireless network name from the network security key portion comprises: when the information portion indicates that the wireless network name includes a network security key, from the wireless network name Extract the network security key.
  7. 一种无线网络访问方法,包括:A wireless network access method includes:
    接收通过无线接入设备进行无线通信的终端装置发送的数据包,其中,所述无线接入设备配置有至少一个无线网络;Receiving a data packet sent by a terminal device that performs wireless communication by using a wireless access device, where the wireless access device is configured with at least one wireless network;
    判断所述数据包是否来自通过所述至少一个无线网络中预设无线网络进行无线通信的终端装置;Determining whether the data packet is from a terminal device that performs wireless communication through a preset wireless network in the at least one wireless network;
    当所述数据包来自于通过所述预设无线网络进行无线通信的终端装置时,向所述终端装置关联的网络服务器转发所述数据包。When the data packet is from a terminal device that performs wireless communication through the preset wireless network, the data packet is forwarded to a network server associated with the terminal device.
  8. 根据权利要求7所述的方法,其中,所述预设无线网络为专用于一个或多个所述终端装置进行无线通信的无线网络。The method of claim 7, wherein the predetermined wireless network is a wireless network dedicated to one or more of the terminal devices for wireless communication.
  9. 一种无线网络配置装置,包括:A wireless network configuration device includes:
    网络安全密钥产生单元,被配置为产生用于无线网络的网络安全密钥;a network security key generation unit configured to generate a network security key for the wireless network;
    无线网络名称产生单元,被配置为基于所述网络安全密钥生成无线网络名称,其中,所述无线网络名称至少包括表示所述网络安全密钥的网络安全密钥部分;以及a wireless network name generating unit configured to generate a wireless network name based on the network security key, wherein the wireless network name includes at least a network security key portion representing the network security key;
    配置单元,被配置为基于所述网络安全密钥和所述无线网络名称配置无线接入设备。And a configuration unit configured to configure the wireless access device based on the network security key and the wireless network name.
  10. 根据权利要求9所述的无线网络配置装置,还包括:The wireless network configuration device of claim 9, further comprising:
    加密单元,被配置为对所述网络安全密钥进行加密处理,得到加密网络安全密钥;An encryption unit configured to perform encryption processing on the network security key to obtain an encrypted network security key;
    并且其中,所述无线网络名称产生单元,进一步被配置为基于所述加密网络安全密钥产生无线网络名称,其中,所述网络安全密钥由所述加密网络安全密钥表示。And wherein the wireless network name generating unit is further configured to generate a wireless network name based on the encrypted network security key, wherein the network security key is represented by the encrypted network security key.
  11. 根据权利要求9或10所述的无线网络配置装置,其中,所述配置单元包括:The wireless network configuration device according to claim 9 or 10, wherein the configuration unit comprises:
    确定模块,被配置为将所述无线网络名称配置为无线接入设备的主无线网络和次无线网络中的一个无线网络的名称; a determining module configured to configure the wireless network name as a name of a wireless network in a primary wireless network and a secondary wireless network of the wireless access device;
    配置模块,被配置为将所述网络安全密钥配置为所述一个无线网络的网络安全密钥。And a configuration module configured to configure the network security key as a network security key of the one wireless network.
  12. 一种无线接入设备,包括:A wireless access device comprising:
    配置端口,被配置为基于无线网络配置信息配置无线网络,其中,所述无线网络配置信息包括第一无线网络名称和第一网络安全密钥,其中,所述第一无线网络名称至少包括表示所述第一网络安全密钥的无线网络安全密钥部分;和/或,所述无线网络配置信息包括第二无线网络名称,其中,所述第二无线网络名称至少包括表示所述无线网络无需网络安全密钥的信息部分;a configuration port configured to configure the wireless network based on the wireless network configuration information, wherein the wireless network configuration information includes a first wireless network name and a first network security key, wherein the first wireless network name includes at least a representation Determining a wireless network security key portion of the first network security key; and/or, the wireless network configuration information includes a second wireless network name, wherein the second wireless network name includes at least indicating that the wireless network does not require a network The information part of the security key;
    输入端口,被配置为接收通过所述无线网络进行无线通信的一个或多个终端装置发送的数据包;An input port configured to receive a data packet transmitted by one or more terminal devices that perform wireless communication over the wireless network;
    输出端口,被配置为向与所述一个或多个终端装置关联的网络服务器转发所述数据包。An output port configured to forward the data packet to a network server associated with the one or more terminal devices.
  13. 根据权利要求12所述的无线接入设备,还包括:The wireless access device of claim 12, further comprising:
    存储器,被配置为存储需要将数据包转发至所述网络服务器的终端装置的装置标识列表;a memory configured to store a device identification list of a terminal device that needs to forward the data packet to the network server;
    处理器,被配置为判断接收的数据包来自的终端装置是否在所述装置标识列表中,在确定是的情况下,通过所述输出接口将接收的数据包转发至所述网络服务器。The processor is configured to determine whether the terminal device from which the received data packet is from is in the device identification list, and if the determination is yes, forward the received data packet to the network server through the output interface.
  14. 一种终端装置,包括:A terminal device comprising:
    无线网络搜索单元,被配置为获取无线网络名称,并判断所述无线网络名称中是否包括表示网络安全密钥的网络安全密钥部分;a wireless network search unit configured to acquire a wireless network name, and determine whether the network security key portion indicating the network security key is included in the wireless network name;
    网络安全密钥提取单元,被配置为在确定无线网络名称中包括所述网络安全密钥部分的情况下,从所述网络安全密钥部分提取所述无线网络名称对应的网络安全密钥;a network security key extraction unit configured to extract a network security key corresponding to the wireless network name from the network security key portion if the network security key portion is included in the wireless network name;
    无线网络连接单元,被配置为基于所述无线网络名称和提取出的网络安全密钥自动连接到所述无线网络名称对应的无线网络。The wireless network connection unit is configured to automatically connect to the wireless network corresponding to the wireless network name based on the wireless network name and the extracted network security key.
  15. 根据权利要求14所述的终端装置,还包括:The terminal device according to claim 14, further comprising:
    网络安全密钥判断单元,被配置为基于所述无线网络名称中表示所述无线网络名称包含网络安全密钥的信息部分,判断所述无线网络名称是否包含网络安全密钥; The network security key determining unit is configured to determine, according to the information part of the wireless network name that the wireless network name includes a network security key, whether the wireless network name includes a network security key;
    并且,其中所述网络安全密钥提取单元,进一步被配置为当确定所述信息部分指示所述无线网络名称包含网络安全密钥时,从所述无线网络名称中提取网络安全密钥。 And wherein the network security key extraction unit is further configured to extract a network security key from the wireless network name when it is determined that the information portion indicates that the wireless network name includes a network security key.
PCT/CN2015/087363 2014-08-18 2015-08-18 Method, device, and equipment for wireless network configuration, access, and visit WO2016026429A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201580038698.9A CN106537962B (en) 2014-08-18 2015-08-18 Wireless network configuration, access and access method, device and equipment

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201410404086.4 2014-08-18
CN201410404086 2014-08-18

Publications (1)

Publication Number Publication Date
WO2016026429A1 true WO2016026429A1 (en) 2016-02-25

Family

ID=55350199

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2015/087363 WO2016026429A1 (en) 2014-08-18 2015-08-18 Method, device, and equipment for wireless network configuration, access, and visit

Country Status (2)

Country Link
CN (1) CN106537962B (en)
WO (1) WO2016026429A1 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109547266A (en) * 2018-12-29 2019-03-29 深圳市宏电技术股份有限公司 A kind of batch configuration method, apparatus and system
CN109932977A (en) * 2019-04-18 2019-06-25 合肥泛米智能科技有限公司 A kind of smart home device based on cloud computing
US10869345B1 (en) * 2015-04-27 2020-12-15 Marvell Asia Pte, Ltd. Systems and methods for provisioning devices for WLAN

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1632877A1 (en) * 2004-09-03 2006-03-08 Sap Ag Authentication of handheld devices for access to applications
CN102404725A (en) * 2011-11-08 2012-04-04 复旦大学 Method for safely building WiFi connection by SSID in application program
CN103841537A (en) * 2012-11-20 2014-06-04 中国电信股份有限公司 Control system and method using family gateway to deploy WLAN metropolitan area network

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7801100B2 (en) * 2007-06-04 2010-09-21 Sony Ericsson Mobile Communications Ab Operating ad-hoc wireless local area networks using network identifiers and application keys

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1632877A1 (en) * 2004-09-03 2006-03-08 Sap Ag Authentication of handheld devices for access to applications
CN102404725A (en) * 2011-11-08 2012-04-04 复旦大学 Method for safely building WiFi connection by SSID in application program
CN103841537A (en) * 2012-11-20 2014-06-04 中国电信股份有限公司 Control system and method using family gateway to deploy WLAN metropolitan area network

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10869345B1 (en) * 2015-04-27 2020-12-15 Marvell Asia Pte, Ltd. Systems and methods for provisioning devices for WLAN
CN109547266A (en) * 2018-12-29 2019-03-29 深圳市宏电技术股份有限公司 A kind of batch configuration method, apparatus and system
CN109932977A (en) * 2019-04-18 2019-06-25 合肥泛米智能科技有限公司 A kind of smart home device based on cloud computing

Also Published As

Publication number Publication date
CN106537962B (en) 2020-03-20
CN106537962A (en) 2017-03-22

Similar Documents

Publication Publication Date Title
US9843575B2 (en) Wireless network authentication method and wireless network authentication apparatus
US11765585B2 (en) Techniques for enabling computing devices to identify when they are in proximity to one another
CN105379190B (en) The system and method for being used to indicate service set identifier
JP5739072B2 (en) System and method for encoding exchanges using a set of shared ephemeral key data
US8787572B1 (en) Enhanced association for access points
CN105760764B (en) Encryption and decryption method and device for embedded storage device file and terminal
WO2018137351A1 (en) Method, relevant device and system for processing network key
US11736304B2 (en) Secure authentication of remote equipment
CN102761870B (en) Terminal authentication and service authentication method, system and terminal
CN109495251B (en) Anti-quantum-computation intelligent home cloud storage method and system based on key fob
KR20160078475A (en) Key configuration method, system and apparatus
US10097524B2 (en) Network configuration method, and related apparatus and system
KR20180119201A (en) Electronic device for authentication system
WO2022111187A1 (en) Terminal authentication method and apparatus, computer device, and storage medium
WO2016188053A1 (en) Wireless network access method, device, and computer storage medium
US11489808B1 (en) Providing a split-configuration virtual private network
KR20150053912A (en) Method and devices for registering a client to a server
US11863532B2 (en) Enabling efficient communication in a hybrid network
WO2016026429A1 (en) Method, device, and equipment for wireless network configuration, access, and visit
CN106559779B (en) Data transmission method, device and system
TWI520653B (en) Auto-matching method of wireless security, method of establishing connection, and wireless access point device
KR102226836B1 (en) Apparatus and method for sharing content using short-range communications in mobile devices
Lindroos et al. Developing a Systematic Process for Mobile Surveying and Analysis of WLAN Security
CN105721403B (en) For providing the method, equipment and system of wireless network resource
CN114222296A (en) Secure access method and system of wireless network

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15833076

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC ( EPO FORM 1205A DATED 07/06/2017 )

122 Ep: pct application non-entry in european phase

Ref document number: 15833076

Country of ref document: EP

Kind code of ref document: A1