WO2017012204A1 - 无线连接方法、终端及无线访问接入点、计算机存储介质 - Google Patents
无线连接方法、终端及无线访问接入点、计算机存储介质 Download PDFInfo
- Publication number
- WO2017012204A1 WO2017012204A1 PCT/CN2015/090924 CN2015090924W WO2017012204A1 WO 2017012204 A1 WO2017012204 A1 WO 2017012204A1 CN 2015090924 W CN2015090924 W CN 2015090924W WO 2017012204 A1 WO2017012204 A1 WO 2017012204A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- terminal
- mac address
- configuration information
- wireless
- unit
- Prior art date
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W48/00—Access restriction; Network selection; Access point selection
- H04W48/08—Access restriction or access information delivery, e.g. discovery data delivery
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W76/00—Connection management
- H04W76/10—Connection setup
Definitions
- the present invention relates to a wireless access technology in the field of communications, and in particular, to a wireless connection method, a terminal, and a wireless access point (AP), and a computer storage medium.
- Wi-Fi wireless local area networks
- AP access controller
- CPE Customer Premise Equipment
- One AC can control hundreds or even thousands of APs, and one AP can access dozens of wireless users (CPE, wireless network card, etc.), which provides great convenience for network management.
- the user performs Wi-Fi Internet access by ensuring the matching of Wi-Fi configuration information between the AP and the client, and the user may modify the Wi-Fi configuration information of the control terminal (AP) from time to time in order to ensure the security of the information.
- AP control terminal
- the access configuration information is no longer matched with the AP, the legitimate user that can access the previous user becomes an illegal user and is denied access by the wireless system.
- the Wi-Fi chip of the wireless device is restarted, and then the newly set new hotspot is transmitted, so that the previously connected legitimate user needs to rescan the Wi-Fi hotspot, and Entering a password to connect to Wi-Fi makes the user experience very poor.
- the embodiments of the present invention are expected to provide a wireless connection method, a terminal, an AP, and a computer storage medium, which can improve the user experience and improve the ease of wireless connection.
- An embodiment of the present invention provides a wireless connection method, where the method includes:
- the access status further includes a non-trust status; after the detecting the access status of the currently connected terminal, the method further includes:
- the updated wireless configuration information is applied, and the current connection with the terminal is disconnected.
- the sending the updated wireless configuration information to the terminal includes:
- the detecting the access status of the currently connected terminal includes:
- the method further includes:
- the embodiment of the invention further provides a wireless connection method, the method comprising:
- the access status is set to a trusted state, and when connected to the wireless access point AP, receiving the updated wireless configuration information sent by the AP;
- the method before the receiving the updated wireless configuration information sent by the AP, the method further includes:
- the updated wireless configuration information sent by the receiving AP includes:
- the method further includes:
- An embodiment of the present invention provides an AP, where the AP includes:
- the detecting unit is configured to detect, when the wireless configuration information is updated, an access status of the currently connected terminal, where the access status includes a trusted status;
- a first sending unit configured to send the updated wireless configuration information to the terminal when the detecting unit detects that the access status of the terminal is the trusted state
- the first connection unit is configured to apply the updated wireless configuration information sent by the first sending unit, disconnect the current connection with the terminal, and reconnect the terminal according to the updated wireless configuration information. .
- the access status detected by the detecting unit further includes an untrusted state
- the first connecting unit is further configured to: after the detecting unit detects an access state of the currently connected terminal, the detecting unit detects that the access state of the terminal is the untrusted state, and applies the updated Wireless configuration information, disconnecting the current connection with the terminal.
- the first sending unit is further configured to send configuration information of the background service to the terminal, and send the updated wireless configuration information to the terminal by using the background service.
- the AP further includes a first receiving unit
- the first receiving unit is configured to acquire a media access control MAC address of the terminal
- the detecting unit is further configured to detect whether the MAC address acquired by the first receiving unit exists in a MAC address list pre-stored by the first saving unit;
- the first receiving unit is further configured to: when the detecting unit detects that the MAC address exists in the MAC address list pre-stored by the first saving unit, acquire the encrypted information pre-stored in the terminal;
- the detecting unit is further configured to: decrypt the encrypted information acquired by the first receiving unit, and determine whether the decrypted encrypted information is consistent with the MAC address acquired by the first receiving unit; and the decrypted When the encrypted information is consistent with the MAC address of the terminal, determining that the access status of the terminal is the trusted state; and determining that the access status of the terminal is the same when the decrypted encrypted information is inconsistent with the MAC address State of non-trust
- the detecting unit is further configured to: after detecting whether the MAC address exists in a pre-stored MAC address list, the MAC address acquired by the first receiving unit does not exist in the first saving unit Detecting access of the terminal when pre-stored in the MAC address list The status is the untrusted state.
- An embodiment of the present invention provides a terminal, where the terminal includes:
- a second receiving unit configured to: when the access status is set to a trusted state, and when connected to the wireless access point AP, receive the updated wireless configuration information sent by the AP;
- the second connecting unit disconnects the current connection with the AP according to the updated wireless configuration information received by the second receiving unit, and re-wires the AP with the AP.
- the terminal further includes: a second sending unit, a second saving unit, and an installation unit;
- the second sending unit is configured to send the MAC address to the AP before the second receiving unit receives the updated wireless configuration information sent by the AP;
- the second receiving unit is further configured to receive the encrypted information sent by the AP; the encrypted information is a character string encrypted by the MAC address, and
- the second saving unit saves the encrypted information received by the second receiving unit
- the second receiving unit is further configured to receive configuration information of a background service sent by the AP, and
- the installation unit is configured to install the background service according to configuration information of a background service received by the second receiving unit;
- the second receiving unit is further configured to receive, by the background service installed by the installation unit, the updated wireless configuration information sent by the AP.
- the second connection unit is further configured to disconnect the current connection with the AP when the access status is set to an untrusted state.
- the embodiment of the invention further provides a computer storage medium, wherein the computer storage medium stores executable instructions, and the executable instructions are used to execute the wireless connection method.
- the access status of the currently connected terminal is detected, and the access status includes a trust status; and the access status of the terminal is detected as a trust.
- the updated wireless configuration information is sent to the terminal; the updated wireless configuration information is applied, the current connection with the terminal is disconnected, and the terminal is reconnected according to the updated wireless configuration information.
- the AP can send the updated wireless configuration information to the trusted terminal (ie, the legitimate user) after the wireless configuration information of the AP is updated, so that the terminal can automatically perform the updated wireless configuration information.
- Wireless connectivity enhances user experience and increases the ease of wireless connectivity.
- FIG. 1 is a flowchart 1 of a method for wireless connection according to an embodiment of the present invention
- FIG. 2 is a second flowchart of a wireless connection method according to an embodiment of the present invention.
- FIG. 3 is a flowchart 3 of a method for wireless connection according to an embodiment of the present invention.
- FIG. 4 is a flowchart 1 of a method for wireless connection according to an embodiment of the present invention.
- FIG. 5 is a second flowchart of a wireless connection method according to an embodiment of the present invention.
- FIG. 6 is an interaction diagram of a wireless connection method according to an embodiment of the present invention.
- FIG. 7 is a schematic structural diagram 1 of an AP 1 according to an embodiment of the present disclosure.
- FIG. 8 is a schematic structural diagram 2 of an AP 1 according to an embodiment of the present disclosure.
- FIG. 9 is a schematic structural diagram 1 of a terminal 2 according to an embodiment of the present disclosure.
- FIG. 10 is a schematic structural diagram 2 of a terminal 2 according to an embodiment of the present invention.
- the embodiment of the present invention provides a wireless connection method, which is a wireless connection method on the AP side. As shown in FIG. 1 , the method may include:
- the AP detects an access status of the currently connected terminal.
- the access status includes a trust status.
- the access status of the terminal in the embodiment of the present invention can be set by the AP, that is, set on the Web UI setting page. For example, if the current terminal connected to the AP is a legitimate user, the access state of the terminal is set to the trusted state, and the terminal other than the legitimate user is set to the untrusted state.
- the premise of the wireless connection method provided by the embodiment of the present invention is that the AP has set the access status of the terminal through the AP before the AP detects the access status of the currently connected terminal.
- the setting of the access status of the terminal is set and determined by the user, and can also be changed.
- the wireless configuration information can be a security policy, a wireless name or a password.
- the AP in the embodiment of the present invention may be a device that can serve as a wireless access point, such as a wireless router.
- the AP detects the access status of the currently connected terminal.
- the access status of the terminal may include: a trusted status and an untrusted status.
- the AP can send a detection request to the currently connected terminal.
- the wireless configuration information in the embodiment of the present invention may be a Wi-Fi configuration information, or may be configuration information of other forms of the wireless technology, which is not limited in the embodiment of the present invention.
- the data transmission between the AP and the terminal is based on the premise that the AP is connected to the terminal, otherwise the data cannot be transmitted. Therefore, the terminal that interacts with the AP in the embodiment of the present invention is currently The device to which the AP is connected.
- the AP detects the access status of the currently connected terminal, as shown in FIG. 2, and may include: S201-S206. details as follows:
- the AP acquires a media access control (MAC) address of the terminal, and detects whether the MAC address of the terminal exists in the pre-stored MAC address list.
- MAC media access control
- the AP When the AP detects the trust status of the terminal connected to it, firstly, because the AP is connected to the terminal, the AP can obtain the MAC address of the terminal, and the AP detects whether the obtained MAC address of the terminal exists in the pre-stored MAC address list. To determine the access status of the terminal.
- the AP when setting the access state of the terminal in the setting interface of the AP, the AP saves the MAC address of the terminal, and encrypts the MAC address of the terminal by an encryption algorithm to form an encrypted information, and the encryption is performed.
- the information is transmitted at the terminal, and the terminal stores the encrypted information corresponding to itself, that is, the encrypted information pre-stored in the terminal, so that the access state of the terminal is set to the trusted state by the AP.
- the AP does not save the MAC address of the terminal, and does not send encrypted information to the terminal, that is, there is no pre-stored encrypted information in the terminal.
- the wireless router initiates a detection request to the mobile phone 1, reads the MAC address of the mobile phone 1, and determines whether the MAC address of the mobile phone 1 is wireless. In the list of pre-stored MAC addresses in the router.
- the AP After the AP obtains the MAC address of the terminal, and detects whether the MAC address of the terminal exists in the pre-stored MAC address list, if the MAC address list of the terminal is stored in the AP, the AP obtains the pre-stored terminal. Encrypt information.
- the AP when the user sets the access status of the terminal in the web UI of the AP, the AP saves the MAC address of the terminal whose access status is the trusted state, and forms a pre-stored MAC address list, which is the access status of the terminal connected to the AP.
- the AP can save the MAC address of the terminal whose access status is the trusted state, and forms a pre-stored MAC address list, which is the access status of the terminal connected to the AP.
- the AP can initially determine the access status of the terminal by checking whether the MAC address of the terminal is consistent with the MAC address of the pre-stored trusted terminal.
- the optimal solution is that the AP acquires the encrypted information in the terminal when it determines that the MAC address of the terminal exists in the pre-stored MAC address list.
- the AP may send a request for obtaining the encrypted information to the terminal, and if the terminal has the encrypted information, send the encrypted information to the AP.
- the obtaining of the encrypted information in the embodiment of the present invention has been described in S201, and details are not described herein again.
- S203 The AP decrypts the encrypted information, and detects whether the decrypted encrypted information is consistent with the MAC address.
- the AP After the AP obtains the pre-stored encryption information in the terminal, the AP decrypts the encrypted information by using a decryption algorithm corresponding to the encryption algorithm, and then the AP detects whether the decrypted encrypted information is consistent with the MAC address of the terminal.
- the encrypted information is the MAC address of the terminal whose access status is the trusted state. Therefore, the decrypted encrypted information is the MAC address of the terminal.
- the AP excludes the terminal in the untrusted state in which the MAC address is not in the pre-stored MAC list, and then compares with the encrypted information in the terminal. , remove the terminal that masquerades the MAC address.
- the AP After the AP decrypts the encrypted information, the decrypted encrypted information (the MAC address of the terminal) matches the MAC address of the terminal, and the AP detects or determines that the access status of the terminal is a trusted state.
- the AP excludes the terminal in the untrusted state in which the MAC address is not in the pre-stored MAC list, and then compares with the encrypted information in the terminal.
- the terminal that masquerades the MAC address is removed, and then the AP determines that the decrypted encrypted information matches the detected MAC address of the terminal.
- the access status of the terminal is a trusted state, which improves the security and reliability of the AP to verify the access status of the terminal.
- the AP determines that the access status of the terminal is an untrusted state.
- the AP After the AP decrypts the encrypted information, the decrypted encrypted information (the MAC address of the terminal) is inconsistent with the MAC address of the terminal, and the AP detects or determines that the access status of the terminal is an untrusted state.
- the AP excludes the terminal in the untrusted state in which the MAC address is not in the pre-stored MAC list, and then compares with the encrypted information in the terminal. , remove the terminal that masquerades the MAC address. Therefore, when the decrypted encrypted information does not match the detected MAC address of the terminal, the AP determines that the access state of the terminal is an untrusted state, so that even if the terminal masquerades its own MAC address, the AP can still disguise The terminal detects the terminal, thereby improving the security and reliability of the access status of the AP verification terminal.
- S204 and S205 in the embodiment of the present invention are optional steps after S203, and one step is selected according to the actual detection situation; that is, in the embodiment of the present invention, after S203, S204 may be performed. S205 may also be executed. For example, the execution sequence may be determined according to an actual situation, and the embodiment of the present invention is not limited; and after S204 or S205 is executed, the current processing flow is ended.
- the AP After the AP detects whether the MAC address of the terminal exists in the pre-stored MAC address list, if there is no MAC address of the terminal in the MAC address list pre-stored by the AP, it indicates that the access status of the terminal is an untrusted state.
- S202-S205 and S206 in the embodiment of the present invention are optional steps after S201, and one step is selected according to the actual detection situation; that is, in the embodiment of the present invention, after S201, it can be executed.
- S202-S205, S206 may also be performed.
- the execution sequence may be determined according to an actual situation, and the embodiment of the present invention is not limited; and after the execution of S202-S205 or S206, the processing flow ends.
- the method for the AP to determine that the access status of the terminal is the untrusted state may be: when the MAC address of the terminal exists in the pre-stored MAC address list, the AP acquires the pre-stored encryption in the terminal. Information: At this time, if the encrypted information in the terminal is not obtained in the AP, that is, when there is no encrypted information in the terminal, the AP may determine that the access status of the terminal is an untrusted state.
- the AP After the AP detects the access status of the currently connected terminal, if the AP detects that the access status of the terminal is the trusted state, the AP sends the updated wireless configuration information to the terminal, that is, the terminal acquires the updated wireless configuration information. .
- the AP may send the updated wireless configuration information to the terminal, and then the AP may send the updated wireless configuration information to the terminal through the background service.
- the terminal can update the wireless configuration information in the terminal according to the updated wireless configuration information.
- the AP when setting the access status of the terminal, if the access status of one terminal is set to the trust status, the AP also sends the background service to the terminal and installs it.
- the background service refers to a related service that can receive updated wireless configuration information sent by the AP.
- the wireless router's wireless password is changed, when the wireless router detects that the access status of the mobile phone 1 is a trusted state, the wireless router sends the modified wireless password to the hand. Machine 1.
- the AP applies the updated wireless configuration information, disconnects the current connection with the terminal, and reconnects the terminal according to the updated wireless configuration information.
- the AP After transmitting the updated wireless configuration information to the terminal, the AP applies the updated wireless configuration information, disconnects the current connection with the terminal, and reconnects the terminal according to the updated wireless configuration information.
- the application layer of the AP does not send a message for modifying the wireless configuration information to the wireless chip after receiving the message for modifying the wireless configuration information. Instead, let the AP first detect the access status of the currently connected terminal, that is, S101. After the AP sends the updated wireless configuration information to the terminal, the application layer of the AP sends the latest wireless configuration information (updated wireless configuration information) to the wireless chip, and the AP applies the wireless chip to restart, according to the update.
- the wireless configuration information transmits a new wireless hotspot (ie, the AP applies the updated wireless configuration information), disconnects the current connection with the terminal, and the terminal automatically reconnects.
- a wireless connection method provided by the embodiment of the present invention further includes: S104.
- S104 As shown in Figure 3, the details are as follows:
- the AP After the AP detects the access status of the currently connected terminal, and the AP detects that the access status of the terminal is untrusted, the AP applies the updated wireless configuration information and disconnects the current wireless connection with the terminal.
- the mobile phone 2 is connected to the wireless router.
- the user modifies the wireless password of the wireless router, the user does not want the mobile phone 2 to connect to the wireless router, so the access state of the mobile phone 2 is set to the untrusted state, and the AP detects
- the application layer of the AP sends the updated wireless configuration information (including the updated wireless password) to the wireless core of the AP.
- the AP applies the wireless chip to restart, and transmits a new wireless hotspot according to the updated wireless configuration information (that is, the updated wireless configuration information of the AP application), and the mobile phone 2 is disconnected from the wireless router due to the change of the wireless password. .
- S102-S103 and S104 in the embodiment of the present invention are optional steps after S101, and one step is selected according to the actual detection situation; that is, in the embodiment of the present invention, after S101, it can be executed. S102-S103, S104 may also be performed. For example, the execution sequence may be determined according to an actual situation, and the embodiment of the present invention is not limited; and after the execution of S102-S103 or S104, the current processing flow ends.
- the embodiment of the present invention further provides a wireless connection method, which is a wireless connection method on the terminal side. As shown in FIG. 4, the method may include:
- the access status is set to a trusted state, and when connected to the AP, the terminal receives the updated wireless configuration information sent by the AP.
- the AP detects that the access state of the currently connected terminal is a trusted state, that is, the access state of the terminal is set to a trusted state, and when connected to the AP, the terminal may receive the updated wireless configuration information sent by the AP. .
- the terminal in the embodiment of the present invention may be a device capable of wireless connection, and specifically may be a mobile phone, a smart phone, a notebook computer, a digital broadcast receiver, a personal digital assistant, a tablet computer, a portable multimedia player, and a navigation device.
- a mobile terminal of a device or the like, and a fixed terminal such as a digital TV, a desktop computer, or the like.
- a fixed terminal such as a digital TV, a desktop computer, or the like.
- the terminal disconnects the current connection with the AP according to the updated wireless configuration information, and re-wires the AP with the AP.
- the terminal may apply the updated wireless configuration information, disconnect the current connection with the AP, and send a connection request to the AP, and Wirelessly connect to the AP with the updated wireless configuration information.
- the terminal can successfully connect to the AP.
- the method when the access status is set to the trusted state, before the terminal receives the updated wireless configuration information sent by the AP, that is, before S301, the method further includes: S303-S305. details as follows:
- the terminal sends a MAC address to the AP.
- the terminal receives and stores the encrypted information sent by the AP, where the encrypted information is a character string encrypted by the MAC address.
- the terminal receives configuration information of a background service sent by the AP, and installs the background service.
- the terminal when the access status of the terminal is set to the trusted state, the terminal sends its own MAC address to the AP for use by the AP to detect the access status of the terminal, and the AP receives the MAC address sent by the terminal. Encrypting the MAC of the terminal by the encryption algorithm, and transmitting the encrypted information (the string encrypted by the MAC address) to the terminal, becoming the pre-stored encrypted information in the terminal, and the configuration of the background service sent by the terminal receiving the AP Information and install background services.
- the background service in the embodiment of the present invention is a related service that can receive the updated wireless configuration information sent by the AP, and the terminal can perform the wireless configuration information transmission function with the AP when the background service is installed.
- the AP may encrypt the MAC address of the terminal by using an existing encryption method, which is not limited in the embodiment of the present invention.
- S301 may specifically be that the terminal receives the updated wireless configuration information sent by the AP through the background service.
- a wireless connection method is further provided by the embodiment of the present invention, further including: S306. details as follows:
- the wireless configuration information in the terminal does not match the updated wireless configuration information of the AP, and therefore, the terminal and the AP are not matched.
- the current wireless connection has been disconnected.
- S301-S305 and S306 in the embodiment of the present invention are optional steps, and one step is selected according to the actual detection situation; that is, in the embodiment of the present invention, according to actual conditions, S301 can be executed in S301.
- the execution sequence can be determined according to the actual situation, and the embodiment of the present invention is not limited; and after the execution of S301-S305 or S306, the processing flow ends.
- the AP when the wireless configuration information is updated, the AP detects the access status of the currently connected terminal, and the access status includes a trust status; when the access status of the terminal is detected as a trusted status, the AP sends The updated wireless configuration information is sent to the terminal; the updated wireless configuration information is applied, the current connection with the terminal is disconnected, and the terminal is reconnected according to the updated wireless configuration information.
- the AP can send the updated wireless configuration information to the trusted terminal (ie, the legitimate user) after the wireless configuration information of the AP is updated, so that the terminal can automatically perform the updated wireless configuration information.
- Wireless connectivity enhances user experience and increases the ease of wireless connectivity.
- the embodiment of the invention provides a wireless connection method. As shown in FIG. 6, the method may include:
- the terminal in the embodiment of the present invention may be a device capable of wireless connection, and specifically may be a mobile phone, a smart phone, a notebook computer, a digital broadcast receiver, a personal digital assistant, a tablet computer, a portable multimedia player, and a navigation device.
- a mobile terminal of a device or the like, and a fixed terminal such as a digital TV, a desktop computer, or the like.
- the configuration according to an embodiment of the present invention can also be applied to a fixed type of terminal, in addition to elements particularly for mobile purposes.
- the AP encrypts the MAC address of the terminal, and sends the encrypted information and the configuration information of the background service to the terminal, where the encrypted information is a string encrypted by the MAC address.
- the AP in the embodiment of the present invention may be a device that can serve as a wireless access point, such as a wireless router.
- the data transmission between the AP and the terminal is based on the premise that the AP is connected to the terminal, otherwise the data cannot be transmitted. Therefore, the terminal that interacts with the AP in the embodiment of the present invention is currently The device to which the AP is connected.
- the terminal saves the encrypted information, and installs the background service according to the configuration information of the background service.
- the access status of the terminal in the embodiment of the present invention can be set by the AP, that is, set on the Web UI setting page. For example, if the current terminal connected to the AP is a legitimate user, the access state of the terminal is set to the trusted state, and the terminal other than the legitimate user is set to the untrusted state.
- the premise of the implementation of the wireless connection method provided by the embodiment of the present invention is that before the AP detects the access status of the currently connected terminal, the user has set the access status of the terminal through the AP, that is, S401-S403.
- the setting of the access status of the terminal is set and determined by the user, and can also be changed.
- the access status of the terminal may include: a trusted status and an untrusted status.
- the terminal when the access status of the terminal is set to the trusted state, the terminal sends its own MAC address to the AP for use by the AP to detect the access status of the terminal, and the AP receives the MAC address sent by the terminal. Encrypting the MAC of the terminal by an encryption algorithm, and transmitting the encrypted encrypted information (a string encrypted by the MAC address) to the terminal.
- the encrypted information pre-stored in the terminal, and the terminal receiving configuration information of the background service sent by the AP, and installing the background service.
- the background service in the embodiment of the present invention is a related service that can receive the updated wireless configuration information sent by the AP, and the terminal can perform the wireless configuration information transmission function with the AP when the background service is installed.
- the AP may encrypt the MAC address of the terminal by using an existing encryption method, which is not limited in the embodiment of the present invention.
- the AP acquires the MAC address of the terminal, and detects whether the MAC address of the terminal exists in the pre-stored MAC address list.
- the wireless configuration information can be a security policy, a wireless name or a password.
- the AP may send a detection request to the currently connected terminal, the AP acquires the MAC address of the terminal, and detects whether the MAC address of the terminal exists in the pre-stored MAC address list.
- the wireless configuration information in the embodiment of the present invention may be a Wi-Fi configuration information, or may be configuration information of other forms of the wireless technology, which is not limited in the embodiment of the present invention.
- the AP When the AP detects the trust status of the terminal connected to it, firstly, because the AP is connected to the terminal, the AP can obtain the MAC address of the terminal, and the AP detects whether the obtained MAC address of the terminal exists in the pre-stored MAC address list. To determine the access status of the terminal.
- the AP when setting the access state of the terminal in the setting interface of the AP, the AP saves the MAC address of the terminal, and encrypts the MAC address of the terminal by an encryption algorithm to form an encrypted information, and the encryption is performed.
- the information is transmitted at the terminal, and the terminal stores the encrypted information corresponding to itself, that is, the encrypted information pre-stored in the terminal, so that the access state of the terminal is set to the trusted state by the AP.
- the AP To set the access status of the currently connected terminal to the untrusted state, the AP does not save the MAC address of the terminal, and does not send encrypted information to the terminal. That is, there is no pre-stored encrypted information in the terminal.
- the wireless router initiates a detection request to the mobile phone 1, reads the MAC address of the mobile phone 1, and determines whether the MAC address of the mobile phone 1 is wireless. In the list of pre-stored MAC addresses in the router.
- the AP receives the encrypted information pre-stored in the terminal.
- the AP After the AP obtains the MAC address of the terminal, and detects whether the MAC address of the terminal exists in the pre-stored MAC address list, if the MAC address list of the terminal is stored in the AP, the AP obtains the pre-stored terminal. Encrypt information.
- the AP when the user sets the access status of the terminal in the web UI of the AP, the AP saves the MAC address of the terminal whose access status is the trusted state, and forms a pre-stored MAC address list, which is the access status of the terminal connected to the AP.
- the AP can save the MAC address of the terminal whose access status is the trusted state, and forms a pre-stored MAC address list, which is the access status of the terminal connected to the AP.
- the AP can initially determine the access status of the terminal by checking whether the MAC address of the terminal is consistent with the MAC address of the pre-stored trusted terminal.
- the optimal solution is that the AP acquires the encryption in the terminal when determining that the MAC address of the terminal exists in the pre-stored MAC address list. information.
- the AP may send a request for obtaining the encrypted information to the terminal, and if the terminal has the encrypted information, send the encrypted information to the AP.
- S406 The AP decrypts the encrypted information, and detects whether the decrypted encrypted information is consistent with the MAC address.
- the AP After the AP obtains the pre-stored encryption information in the terminal, the AP decrypts the encrypted information by using a decryption algorithm corresponding to the encryption algorithm, and then the AP detects whether the decrypted encrypted information is consistent with the MAC address of the terminal.
- the encrypted information is the MAC address of the terminal whose access status is the trusted state. Therefore, the decrypted encrypted information is the MAC address of the terminal.
- the AP excludes the terminal in the untrusted state in which the MAC address is not in the pre-stored MAC list, and then compares with the encrypted information in the terminal. , remove the terminal that masquerades the MAC address.
- the AP determines that the access status of the terminal is a trusted state.
- the AP After the AP decrypts the encrypted information, the decrypted encrypted information (the MAC address of the terminal) matches the MAC address of the terminal, and the AP detects or determines that the access status of the terminal is a trusted state.
- the AP excludes the terminal in the untrusted state in which the MAC address is not in the pre-stored MAC list, and then compares with the encrypted information in the terminal.
- the terminal that masquerades the MAC address is removed, so that when the decrypted encrypted information is consistent with the detected MAC address of the terminal, the AP determines that the access state of the terminal is a trusted state, thus improving the security of the AP verifying the access state of the terminal. Sex and reliability.
- the AP After the AP decrypts the encrypted information, the decrypted encrypted information (the MAC address of the terminal) is inconsistent with the MAC address of the terminal, and the AP detects or determines that the access status of the terminal is an untrusted state.
- the AP excludes the terminal in the untrusted state in which the MAC address is not in the pre-stored MAC list, and then compares with the encrypted information in the terminal. , remove the terminal that masquerades the MAC address. Therefore, when the decrypted encrypted information does not match the detected MAC address of the terminal, the AP determines The access state of the terminal is an untrusted state, so that even if a terminal masquerades its own MAC address, the AP can detect the masqueraded terminal, thereby improving the security and reliability of the AP verifying the access state of the terminal.
- S407 and S408 in the embodiment of the present invention are optional steps after S406, and one step is selected according to the actual detection situation; that is, in the embodiment of the present invention, after S406, S407 may be performed. S408 may also be performed.
- the execution sequence may be determined according to an actual situation, and the embodiment of the present invention is not limited; and after the execution of S407 or S408, the processing flow ends.
- the AP After the AP detects whether the MAC address of the terminal exists in the pre-stored MAC address list, if there is no MAC address of the terminal in the MAC address list pre-stored by the AP, it indicates that the access status of the terminal is an untrusted state.
- the AP obtains the encrypted information pre-stored in the terminal. At this time, if the encrypted information in the terminal is not obtained in the AP, that is, if there is no encrypted information in the terminal, then The AP can determine that the access status of the terminal is an untrusted state.
- S405-S408, S409, and S410 in the embodiment of the present invention are optional steps after S404, and one step is selected according to the actual detection situation; that is, in the embodiment of the present invention, after S404, S405-S408 may be performed, and S409 may be performed, and S410 may be performed.
- the execution order may be determined according to an actual situation, and is not limited in the embodiment of the present invention; and after S405-S408, S409, or S410 is executed, the current processing flow is performed. End It is.
- the AP When the AP detects that the access status of the terminal is a trusted state, the AP sends the updated wireless configuration information to the terminal by using the background service.
- the AP After the AP detects the access status of the currently connected terminal, if the AP detects that the access status of the terminal is the trusted state, the AP sends the updated wireless configuration information to the terminal, that is, the terminal acquires the updated wireless configuration information. .
- the AP may send the updated wireless configuration information to the terminal, and then the AP may send the updated wireless configuration information to the terminal through the background service.
- the terminal can update the wireless configuration information in the terminal according to the updated wireless configuration information.
- the AP when setting the access status of the terminal, if the access status of one terminal is set to the trust status, the AP also sends the background service to the terminal and installs it.
- the background service refers to a related service that can receive updated wireless configuration information sent by the AP.
- the wireless router's wireless password is changed, when the wireless router detects that the access state of the mobile phone 1 is the trusted state, the wireless router sends the modified wireless password to the mobile phone 1.
- the AP applies the updated wireless configuration information.
- the AP After transmitting the updated wireless configuration information to the terminal, the AP applies the updated wireless configuration information.
- the application layer of the AP does not send a message for modifying the wireless configuration information to the wireless chip after receiving the message for modifying the wireless configuration information. Instead, let the AP first detect the access status of the currently connected terminal, that is, S101. After the AP sends the updated wireless configuration information to the terminal, the application layer of the AP sends the latest wireless configuration information (updated wireless configuration information) to the wireless chip, and the AP applies the wireless chip to restart, according to the update. Wireless configuration information to launch new wireless hotspots (ie, the AP applies the updated wireless configuration information) for the terminal to automatically connect.
- the terminal disconnects the current connection with the AP according to the updated wireless configuration information, and re-wires the AP with the AP.
- the terminal may apply the updated wireless configuration information, disconnect the current connection with the AP, send a connection request to the AP, and use the updated wireless configuration information with the AP. Re-wire the connection.
- the terminal can successfully connect to the AP.
- the AP When the AP detects that the access status of the terminal is an untrusted state, the AP applies the updated wireless configuration information, and disconnects the current connection with the terminal.
- the AP After the AP detects the access status of the currently connected terminal, and the AP detects that the access status of the terminal is untrusted, the AP applies the updated wireless configuration information to disconnect the current wireless connection with the terminal.
- the mobile phone 2 is connected to the wireless router.
- the user modifies the wireless password of the wireless router, the user does not want the mobile phone 2 to connect to the wireless router, so the access state of the mobile phone 2 is set to the untrusted state, and the AP detects
- the application layer of the AP sends the updated wireless configuration information (including the updated wireless password) to the wireless chip of the AP, and the AP applies the wireless chip to restart, according to the updated wireless configuration information.
- the new wireless hotspot ie, the updated wireless configuration information of the AP application
- the mobile phone 2 is disconnected from the wireless router due to the change of the wireless password.
- the AP when the wireless configuration information is updated, the AP detects the access status of the currently connected terminal, and the access status includes a trust status; when the access status of the terminal is detected as a trusted status, the AP sends The updated wireless configuration information is sent to the terminal; the updated wireless configuration information is applied, the current connection with the terminal is disconnected, and the terminal is reconnected according to the updated wireless configuration information.
- Adopt the above technology to achieve the solution because when the AP is wireless After the configuration information is updated, the AP may send the updated wireless configuration information to the trusted terminal (ie, the legal user), so that the terminal can automatically perform wireless connection according to the updated wireless configuration information, thereby improving the user experience and improving. The ease of wireless connection.
- an embodiment of the present invention provides an AP 1 corresponding to a wireless connection method on an AP side, where the AP 1 may include:
- the detecting unit 10 is configured to detect an access state of the currently connected terminal when the wireless configuration information is updated, and the access state includes a trusted state.
- the first sending unit 11 is configured to send the updated wireless configuration information to the terminal when the detecting unit 10 detects that the access status of the terminal is the trusted state.
- the first connection unit 12 is configured to apply the updated wireless configuration information sent by the first sending unit 11, disconnect the current connection with the terminal, and reconnect according to the updated wireless configuration information. Said terminal.
- the access status detected by the detecting unit 10 further includes an untrusted state.
- the first connection unit 12 is further configured to: after the detecting unit 10 detects the access status of the currently connected terminal, the detecting unit 10 detects that the access status of the terminal is the untrusted state, and applies the The updated wireless configuration information disconnects the current connection with the terminal.
- the first sending unit 11 is further configured to send configuration information of the background service to the terminal, and send the updated wireless configuration information to the terminal by using the background service.
- the AP 1 further includes a first receiving unit 13 and a first saving unit 14 .
- the first receiving unit 13 is configured to acquire a media access control MAC address of the terminal.
- the detecting unit 10 is further configured to detect the MAC acquired by the first receiving unit 13 Whether the address exists in the list of MAC addresses pre-stored by the first saving unit 14.
- the first receiving unit 13 is further configured to: when the detecting unit 10 detects that the MAC address exists in the MAC address list pre-stored by the first saving unit 14, obtain the encrypted information pre-stored in the terminal.
- the detecting unit 10 is further configured to decrypt the encrypted information acquired by the first receiving unit 13 to detect whether the decrypted encrypted information is consistent with the MAC address acquired by the first receiving unit 13; Determining, when the decrypted encrypted information is consistent with the MAC address, determining that the access status of the terminal is the trusted state; and determining that the access status of the terminal is different when the decrypted encrypted information is inconsistent with the MAC address The untrusted state.
- the detecting unit 10 is further configured to: after detecting whether the MAC address exists in a pre-stored MAC address list, the MAC address acquired by the first receiving unit 13 does not exist in the first When the storage unit 14 stores the pre-stored MAC address list, it detects that the access status of the terminal is the untrusted state.
- the AP in the embodiment of the present invention may be a device that can serve as a wireless access point, such as a wireless router.
- the detecting unit 10 and the first connecting unit 12 may be a central processing unit (CPU), a microprocessor (MPU), a digital signal processor (DSP) or a field programmable gate array (FPGA) located on the user equipment.
- the first receiving unit 13 can be implemented by a receiver
- the first transmitting unit 11 can be implemented by a transmitter
- the receiver and the transmitter can be implemented by a transceiver
- the first saving unit 14 can be implemented by a memory.
- the pre-stored MAC address list and its software code, the updated wireless configuration information, and its software code may be stored in a memory, wherein the memory is configured to store executable program code, the program code including computer operating instructions
- the memory may contain high speed RAM memory and may also include non-volatile memory, such as at least one disk memory.
- An AP and an AP provided by the embodiment of the present invention detect when the wireless configuration information is updated. Detecting an access status of the currently connected terminal, where the access status includes a trust status; when detecting that the access status of the terminal is a trusted status, sending the updated wireless configuration information to the terminal; applying the updated wireless configuration information, disconnecting the The current connection of the terminal, and reconnecting the terminal according to the updated wireless configuration information.
- the AP can send the updated wireless configuration information to the trusted terminal (ie, the legitimate user) after the wireless configuration information of the AP is updated, so that the terminal can automatically perform the updated wireless configuration information.
- Wireless connectivity enhances user experience and increases the ease of wireless connectivity.
- the embodiment of the present invention provides a terminal 2, which corresponds to a wireless connection method on the terminal side, and the terminal 2 may include:
- the second receiving unit 20 is configured to set the access status to a trusted state, and when connected to the AP, receive the updated wireless configuration information sent by the AP.
- the second connection unit 21 is configured to disconnect the current connection with the AP according to the updated wireless configuration information received by the second receiving unit 20, and re-wire the AP with the AP.
- the terminal 2 further includes: a second sending unit 22, a second saving unit 23, and a mounting unit 24.
- the second sending unit 22 is configured to send the MAC address to the AP before the second receiving unit 20 receives the updated wireless configuration information sent by the AP.
- the second receiving unit 20 is further configured to receive the encrypted information sent by the AP; the encrypted information is a character string encrypted by the MAC address, and
- the second saving unit 23 is configured to save the encrypted information received by the second receiving unit 20.
- the second receiving unit 20 is further configured to receive configuration information of a background service sent by the AP, and
- the installation unit 24 is configured to be according to the background service received by the second receiving unit 20 Configuration information to install the background service.
- the second receiving unit 20 is further configured to receive, by the background service installed by the installation unit 24, the updated wireless configuration information sent by the AP.
- the second connection unit 21 is further configured to: before the second receiving unit 20 receives the updated wireless configuration information sent by the AP, when the access status is set to an untrusted state, The current connection is broken.
- the terminal in the embodiment of the present invention may be a device capable of wireless connection, and specifically may be a mobile phone, a smart phone, a notebook computer, a digital broadcast receiver, a personal digital assistant, a tablet computer, a portable multimedia player, and a navigation device.
- a mobile terminal of a device or the like, and a fixed terminal such as a digital TV, a desktop computer, or the like.
- a fixed terminal such as a digital TV, a desktop computer, or the like.
- the second connecting unit 21 and the mounting unit 24 may be a central processing unit (CPU), a microprocessor (MPU), a digital signal processor (DSP) or a field programmable gate array (FPGA) located on the user equipment.
- the second receiving unit 20 can be implemented by a receiver
- the second transmitting unit 22 can be implemented by a transmitter
- the receiver and the transmitter can be implemented by a transceiver
- the second saving unit 23 can be implemented by a memory.
- the pre-stored encrypted information and its software code, the updated wireless configuration information and its software code may be stored in a memory, wherein the memory is used to store executable program code, the program code including computer operating instructions,
- the memory may contain high speed RAM memory and may also include non-volatile memory, such as at least one disk memory.
- the terminal provided by the embodiment of the present invention when the access state is set to the trusted state, and the terminal is connected to the AP, receives the updated wireless configuration information sent by the AP; and disconnects according to the updated wireless configuration information.
- Any terminal ie, a legitimate user
- the embodiment of the invention further provides a computer storage medium, wherein the computer storage medium stores executable instructions, and the executable instructions are used to execute the wireless connection method shown in any of the figures of FIG. 1 to FIG.
- embodiments of the present invention can be provided as a method, system, or computer program product. Accordingly, the present invention can take the form of a hardware embodiment, a software embodiment, or a combination of software and hardware. Moreover, the invention can take the form of a computer program product embodied on one or more computer-usable storage media (including but not limited to disk storage and optical storage, etc.) including computer usable program code.
- the computer program instructions can also be stored in a computer readable memory that can direct a computer or other programmable data processing device to operate in a particular manner, such that the instructions stored in the computer readable memory produce an article of manufacture comprising the instruction device.
- the apparatus implements the functions specified in one or more blocks of a flow or a flow and/or block diagram of the flowchart.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Mobile Radio Communication Systems (AREA)
- Small-Scale Networks (AREA)
Abstract
本发明实施例公开了一种无线连接方法,包括:无线配置信息存在更新时,检测当前连接的终端的访问状态,该访问状态包括信任状态;检测到终端的访问状态为信任状态时,发送更新后的无线配置信息至该终端;应用更新后的无线配置信息,断开与所述终端的当前连接,并根据所述更新后的无线配置信息重新连接终端。本发明实施例还同时公开了一种终端及AP、计算机存储介质。
Description
本发明涉及通信领域中的无线接入技术,尤其涉及一种无线连接方法、终端及无线访问接入点(AP,Wireless Access Point)、计算机存储介质。
随着无线局域网(WLAN)的不断普及,Wi-Fi技术已经深入千家万户,用户通过Wi-Fi上网变得便利。为了满足用户需求、节省成本和集群管理,先后出现了AP、接入控制器(AC,Access Controller或Wireless Access Point Controller)、用户端(CPE,Customer Premise Equipment)等设备。一台AC下可以控制几百甚至上千台AP,一台AP下可以接入几十个无线用户(CPE、无线网卡等),为网络的管理提供了极大的便利。
用户通过保证AP与用户端之间的Wi-Fi配置信息的匹配,来进行Wi-Fi上网,而用户为了保证自己的信息安全,会不定时地修改控制端(AP)的Wi-Fi配置信息(如安全策略,无线名称或密码等),由于接入的配置信息不再与AP匹配,就会导致之前能接入的合法用户变成非法用户,被无线系统拒绝接入。因此,在修改完AP端的Wi-Fi配置信息之后,无线设备的Wi-Fi芯片会重启,接着发射重新设置后的新热点,于是,之前连接的合法用户就需要重新扫描Wi-Fi热点,并输入密码连接Wi-Fi,使得用户体验很差。
发明内容
本发明实施例期望提供一种无线连接方法、终端及AP、计算机存储介质,能够提升用户体验感,提高无线连接的便易性。
本发明实施例的技术方案是这样实现的:
本发明实施例提供一种无线连接方法,所述方法包括:
无线配置信息存在更新时,检测当前连接的终端的访问状态,所述访问状态包括信任状态;
检测到所述终端的访问状态为所述信任状态时,发送更新后的无线配置信息至所述终端;
应用所述更新后的无线配置信息,断开与所述终端的当前连接,并根据所述更新后的无线配置信息重新连接所述终端。
在上述方案中,所述访问状态还包括非信任状态;所述检测当前连接的终端的访问状态之后,所述方法还包括:
检测到所述终端的访问状态为所述非信任状态时,应用所述更新后的无线配置信息,断开与所述终端的当前连接。
在上述方案中,所述发送更新后的无线配置信息至所述终端,包括:
发送后台服务的配置信息至所述终端,并通过所述后台服务发送所述更新后的无线配置信息至所述终端。
在上述方案中,所述检测当前连接的终端的访问状态,包括:
获取所述终端的媒体访问控制MAC地址,检测所述MAC地址是否存在于预存的MAC地址列表中;
所述MAC地址存在于所述预存的MAC地址列表中时,获取所述终端中预存的加密信息;
对所述加密信息进行解密,检测解密后的加密信息是否与所述MAC地址一致;
解密后的加密信息与所述MAC地址一致时,确定所述终端的访问状态为所述信任状态;
所述解密后的加密信息与所述MAC地址不一致时,确定所述终端的访
问状态为所述非信任状态;
相应的,所述检测所述MAC地址是否存在于预存的MAC地址列表中之后,所述方法还包括:
所述MAC地址不存在于所述预存的MAC地址列表中时,检测所述终端的访问状态为所述非信任状态。
本发明实施例还提供一种无线连接方法,所述方法包括:
访问状态被设置为信任状态,且与无线访问接入点AP连接时,接收所述AP发送的更新后的无线配置信息;
根据所述更新后的无线配置信息,断开与所述AP的当前连接,并与所述AP重新进行无线连接。
在上述方案中,所述接收AP发送的更新后的无线配置信息之前,所述方法还包括:
发送MAC地址至所述AP;
接收所述AP发送的加密信息并保存,所述加密信息为将所述MAC地址加密后的字符串;
接收所述AP发送的后台服务的配置信息,并安装所述后台服务;
相应的,所述接收AP发送的更新后的无线配置信息,包括:
通过所述后台服务接收所述AP发送的所述更新后的无线配置信息。
在上述方案中,所述方法还包括:
所述访问状态被设置为非信任状态时,与所述AP的当前连接被断开。
本发明实施例提供一种AP,所述AP包括:
检测单元,配置为无线配置信息存在更新时,检测当前连接的终端的访问状态,所述访问状态包括信任状态;
第一发送单元,配置为所述检测单元检测到所述终端的访问状态为所述信任状态时,发送更新后的无线配置信息至所述终端;
第一连接单元,配置为应用所述第一发送单元发送的所述更新后的无线配置信息,断开与所述终端的当前连接,并根据所述更新后的无线配置信息重新连接所述终端。
在上述方案中,所述检测单元检测的所述访问状态还包括非信任状态;
所述第一连接单元,还配置为所述检测单元检测当前连接的终端的访问状态之后,所述检测单元检测到所述终端的访问状态为所述非信任状态时,应用所述更新后的无线配置信息,断开与所述终端的当前连接。
在上述方案中,所述第一发送单元,还配置为发送后台服务的配置信息至所述终端,并通过所述后台服务发送所述更新后的无线配置信息至所述终端。
在上述方案中,所述AP还包括第一接收单元;
所述第一接收单元,配置为获取所述终端的媒体访问控制MAC地址;
所述检测单元,还配置为检测所述第一接收单元获取的所述MAC地址是否存在于第一保存单元预存的MAC地址列表中;
所述第一接收单元,还配置为所述检测单元检测所述MAC地址存在于所述第一保存单元预存的MAC地址列表中时,获取所述终端中预存的加密信息;
所述检测单元,还配置为对所述第一接收单元获取的所述加密信息进行解密,检测解密后的加密信息是否与所述第一接收单元获取的所述MAC地址一致;及解密后的加密信息与所述终端的MAC地址一致时,确定所述终端的访问状态为所述信任状态;以及所述解密后的加密信息与所述MAC地址不一致时,确定所述终端的访问状态为所述非信任状态;
相应的,所述检测单元,还配置为所述检测所述MAC地址是否存在于预存的MAC地址列表中之后,所述第一接收单元获取的所述MAC地址不存在于所述第一保存单元预存的MAC地址列表中时,检测所述终端的访问
状态为所述非信任状态。
本发明实施例提供一种终端,所述终端包括:
第二接收单元,配置为访问状态被设置为信任状态,且与无线访问接入点AP连接时,接收所述AP发送的更新后的无线配置信息;
第二连接单元,根据所述第二接收单元接收的所述更新后的无线配置信息,断开与所述AP的当前连接,并与所述AP重新进行无线连接。
在上述方案中,所述终端还包括:第二发送单元、第二保存单元和安装单元;
所述第二发送单元,配置为所述第二接收单元接收AP发送的更新后的无线配置信息之前,发送MAC地址至所述AP;
所述第二接收单元,还配置为接收所述AP发送的加密信息;所述加密信息为将所述MAC地址加密后的字符串,以及,
所述第二保存单元保存所述第二接收单元接收的所述加密信息;
所述第二接收单元,还配置为接收所述AP发送的后台服务的配置信息,以及,
所述安装单元,配置为根据所述第二接收单元接收的后台服务的配置信息,安装所述后台服务;
相应的,所述第二接收单元,还配置为通过所述安装单元安装的所述后台服务接收所述AP发送的所述更新后的无线配置信息。
在上述方案中,所述第二连接单元,还配置为所述访问状态被设置为非信任状态时,与所述AP的当前连接被断开。
本发明实施例还提供一种计算机存储介质,所述计算机存储介质中存储有可执行指令,所述可执行指令用于执行上述的无线连接方法。
本发明实施例中,在无线配置信息存在更新时,检测当前连接的终端的访问状态,该访问状态包括信任状态;检测到终端的访问状态为信任状
态时,发送更新后的无线配置信息至该终端;应用更新后的无线配置信息,断开与该终端的当前连接,并根据更新后的无线配置信息重新连接终端。采用上述技术实现方案,由于当AP的无线配置信息被更新后,AP可以对受信任的终端(即合法用户)发送更新后的无线配置信息,使得上述终端可以自动根据更新后的无线配置信息进行无线连接,从而提升用户体验感,且提高了无线连接的便易性。
图1为本发明实施例提供的一种无线连接方法的流程图一;
图2为本发明实施例提供的一种无线连接方法的流程图二;
图3为本发明实施例提供的一种无线连接方法的流程图三;
图4为本发明实施例还提供的一种无线连接方法的流程图一;
图5为本发明实施例还提供的一种无线连接方法的流程图二;
图6为本发明实施例提供的一种无线连接方法的交互图;
图7为本发明实施例提供的一种AP 1的结构示意图一;
图8为本发明实施例提供的一种AP 1的结构示意图二;
图9为本发明实施例提供的一种终端2的结构示意图一;
图10为本发明实施例提供的一种终端2的结构示意图二。
下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述。
实施例一
本发明实施例提供一种无线连接方法,为AP侧的无线连接方法,如图1所示,该方法可以包括:
S101、无线配置信息存在更新时,AP检测当前连接的终端的访问状态,
该访问状态包括信任状态。
需要说明的是,本发明实施例中的终端的访问状态是可以通过AP设置的,即在Web UI设置页面进行设置。例如,若与AP连接的当前终端为合法用户,则设置该终端的访问状态为信任状态,除合法用户外的终端,设置其访问状态为非信任状态。
在本发明实施例提供的无线连接方法实现的前提是:AP检测当前连接的终端的访问状态之前,用户已经通过AP设置好了该终端的访问状态。
需要说明的是,终端的访问状态的设置是由用户设置和决定的,也是可以改变的。
可选的,无线配置信息可以为安全策略,无线名称或密码。
可选的,本发明实施例中的AP可以是无线路由器等可以作为无线接入点的设备。
当用户通过AP的Web UI设置页面,进行无线配置信息的更新(修改)时,AP检测当前连接的终端的访问状态。
可选的,终端的访问状态可以包括:信任状态和非信任状态。
例如,AP可以发送检测请求至当前连接的终端。
可选的,本发明实施例中的无线配置信息可以为Wi-Fi配置信息,也可以为其他形式的无线技术的配置信息,本发明实施例不作限制。
需要说明的是,AP与终端之间的数据传输的前提是,AP正在与该终端进行连接,否则不能进行数据的传输,因此,本发明实施例中的与AP进行交互的终端为当前正在与该AP连接着的设备。
可选的,AP检测当前连接的终端的访问状态,如图2所示,可以包括:S201-S206。具体如下:
S201、AP获取终端的媒体访问控制(MAC,Media Access Control)地址,检测终端的MAC地址是否存在于预存的MAC地址列表中。
AP检测与其连接的终端的信任状态时,首先,由于AP与终端正在连接,因此,AP可以获取该终端的MAC地址,该AP通过检测获取的终端的MAC地址是否存在于预存的MAC地址列表中来判断该终端的访问状态。
需要说明的是,在AP的设置界面进行终端的访问状态的设置时,AP就将该终端的MAC地址保存了,并将该终端的MAC地址经过加密算法加密后,形成加密信息,将该加密信息传输在该终端,由该终端保存与自己对应的该加密信息,即终端中预存的加密信息,这样,就通过AP设置好了该终端的访问状态为信任状态。若要设置当前连接的终端的访问状态为非信任状态时,则AP不保存该终端的MAC地址,也不发送加密信息至终端,即终端中未有预存的加密信息。
示例性的,当手机1与无线路由器连接,且要改变无线路由器中的无线密码时,无线路由器向手机1发起检测请求,读取手机1的MAC地址,判断该手机1的MAC地址是否在无线路由器中预存的MAC地址列表中。
S202、MAC地址存在于预存的MAC地址列表中时,AP获取终端中预存的加密信息。
AP获取终端的MAC地址,并检测该终端的MAC地址是否存在于预存的MAC地址列表中之后,若AP中预存的MAC地址列表中有该终端的MAC地址,则该AP获取该终端中预存的加密信息。
需要说明的是,用户在AP的Web UI设置终端的访问状态时,AP将获取的访问状态为信任状态的终端的MAC地址都保存,形成预存的MAC地址列表,由于连接AP的终端的访问状态为信任状态的可以不止一个,因此,AP中保存的MAC地址也可以不止一个。
可以理解的是,AP可以通过校验终端的MAC地址是否与预存的信任终端的MAC地址一致来初步判断终端的访问状态。但是,由于非法终端可
以伪装自己的MAC地址与信任状态的终端的MAC地址一致,因此,最优的方案是AP在判断终端的MAC地址存在于预存的MAC地址列表中时,获取终端中的加密信息。
例如,AP可以发送获取加密信息的请求至终端,终端中若有加密信息,则发送该加密信息至AP。其中,本发明实施例中的加密信息的获取在S201中已进行了说明,此处不再赘述。
S203、AP对加密信息进行解密,检测解密后的加密信息是否与MAC地址一致。
AP获取终端中预存的加密信息之后,该AP通过与加密算法相应的解密算法对加密信息进行解密,然后,该AP检测解密后的加密信息是否与终端的MAC地址一致。
需要说明的是,加密信息是将访问状态为信任状态的终端的MAC地址进行了加密,因此,解密后的加密信息为终端的MAC地址。
可以理解的是,AP将直接获取的终端的MAC地址与预存的MAC地址列表对比后,排除MAC地址不在预存的MAC列表中的非信任状态的终端,然后,通过与终端中的加密信息的对比,去除伪装MAC地址的终端。
S204、解密后的加密信息与MAC地址一致时,AP确定终端的访问状态为信任状态。
AP对加密信息进行解密之后,解密后的加密信息(终端的MAC地址)与终端的MAC地址一致时,该AP检测或确定该终端的访问状态为信任状态。
可以理解的是,AP将直接获取的终端的MAC地址与预存的MAC地址列表对比后,排除MAC地址不在预存的MAC列表中的非信任状态的终端,然后,通过与终端中的加密信息的对比,去除伪装MAC地址的终端,于是,解密后的加密信息与检测的终端的MAC地址一致时,AP就确定了
该终端的访问状态为信任状态,这样,提高了AP验证终端的访问状态的安全性和可靠性。
S205、解密后的加密信息与MAC地址不一致时,AP确定终端的访问状态为非信任状态。
AP对加密信息进行解密之后,解密后的加密信息(终端的MAC地址)与终端的MAC地址不一致时,该AP检测或确定该终端的访问状态为非信任状态。
可以理解的是,AP将直接获取的终端的MAC地址与预存的MAC地址列表对比后,排除MAC地址不在预存的MAC列表中的非信任状态的终端,然后,通过与终端中的加密信息的对比,去除伪装MAC地址的终端。于是,解密后的加密信息与检测的终端的MAC地址不一致时,AP确定了该终端的访问状态为非信任状态,这样,即使有终端伪装了自己的MAC地址,但是,AP还是可以将伪装的终端检测出来,从而提高了AP验证终端的访问状态的安全性和可靠性。
需要说明的是,本发明实施例中的S204和S205为S203之后的可选步骤,根据实际检测情况选择其中一个步骤执行;也就是说,在本发明实施例中,S203之后,可以执行S204,也可以执行S205,例如执行顺序可以根据实际情况而定,本发明实施例不作限制;并且,S204或S205执行完后,本次处理流程就结束了。
S206、MAC地址不存在于预存的MAC地址列表中时,AP检测终端的访问状态为非信任状态。
AP检测终端的MAC地址是否存在于预存的MAC地址列表中之后,若在该AP预存的MAC地址列表中没有终端的MAC地址,则表明该终端的访问状态为非信任状态。
可以理解的是,AP中的预存MAC地址列表中都没有与终端的MAC
地址一致的,表征该终端未被设置为信任状态的终端。
需要说明的是,本发明实施例中的S202-S205和S206为S201之后的可选步骤,根据实际检测情况选择其中一个步骤执行;也就是说,在本发明实施例中,S201之后,可以执行S202-S205,也可以执行S206,例如执行顺序可以根据实际情况而定,本发明实施例不作限制;并且,S202-S205或S206执行完后,本次处理流程就结束了。
可选的,在本发明实施例中,AP判断终端的访问状态为非信任状态的一种方法还可以为:终端的MAC地址存在于预存的MAC地址列表中时,AP获取终端中预存的加密信息,此时,若AP中未获取到该终端中的加密信息,即该终端中没有加密信息时,则AP可以确定该终端的访问状态为非信任状态。
S102、AP检测到终端的访问状态为信任状态时,发送更新后的无线配置信息至终端。
AP检测当前连接的终端的访问状态之后,若该AP检测到该终端的访问状态为信任状态时,该AP发送更新后的无线配置信息至该终端,即该终端获取到了更新后的无线配置信息。
例如,当AP检测到终端的访问状态为信任状态时,由于该AP已经发送后台服务的配置信息至终端,因此,AP可以将更新后的无线配置信息进行封装后通过后台服务发送至终端,以使得该终端可以根据更新后的无线配置信息,来更新终端中的无线配置信息。
需要说明的是,在设置终端的访问状态时,若设置一个终端的访问状态为信任状态,则AP还会将后台服务发送至该终端,并安装。其中,后台服务是指可以接收AP发送的更新后的无线配置信息的相关服务。
示例性的,假设无线路由器的无线密码被改变,当无线路由器检测到手机1的访问状态为信任状态时,无线路由器发送修改后的无线密码给手
机1。
S103、AP应用更新后的无线配置信息,断开与该终端的当前连接,并根据该更新后的无线配置信息重新连接终端。
发送更新后的无线配置信息至终端之后,该AP应用更新后的无线配置信息,断开与该终端的当前连接,并根据该更新后的无线配置信息重新连接终端。
需要说明的是,用户在AP的Web UI上修改无线配置信息时,AP的应用层在接收到下发的修改无线配置信息的消息后,先不下发修改无线配置信息的消息到无线芯片中,而是先让AP检测当前连接的终端的访问状态,即S101。在AP发送更新后的无线配置信息至终端后,AP的应用层才将最新的无线配置信息(更新后的无线配置信息)下发到无线芯片,以及,AP应用该无线芯片重启,根据更新后的无线配置信息发射新的无线热点(即AP应用更新后的无线配置信息),断开与该终端的当前连接,供终端进行自动重新连接。
可选的,S101之后,本发明实施例提供的一种无线连接方法还包括:S104。如图3所示,具体如下:
S104、AP检测到终端的访问状态为非信任状态时,应用更新后的无线配置信息,断开与该终端的当前连接。
AP检测当前连接的终端的访问状态之后,该AP检测到终端的访问状态为非信任状态时,该AP应用更新后的无线配置信息,断开与该终端的当前的无线连接。
示例性的,手机2与无线路由器连接着,在用户修改该无线路由器的无线密码的时候,用户不想手机2连接该无线路由器,于是,将手机2的访问状态设置为非信任状态,AP检测到手机2的访问状态时,AP的应用层才将更新的无线配置信息(包括更新后的无线密码)下发到AP的无线芯
片,以及,AP应用该无线芯片重启,根据更新后的无线配置信息发射新的无线热点(即AP应用更新后的无线配置信息),由于无线密码的改变,手机2与该无线路由器断开连接。
需要说明的是,本发明实施例中的S102-S103和S104为S101之后的可选步骤,根据实际检测情况选择其中一个步骤执行;也就是说,在本发明实施例中,S101之后,可以执行S102-S103,也可以执行S104,例如执行顺序可以根据实际情况而定,本发明实施例不作限制;并且,S102-S103或S104执行完后,本次处理流程就结束了。
本发明实施例还提供一种无线连接方法,为终端侧的无线连接方法,如图4所示,该方法可以包括:
S301、访问状态被设置为信任状态,且与AP连接时,终端接收该AP发送的更新后的无线配置信息。
需要说明的是,AP检测当前连接的终端的访问状态为信任状态,即终端的访问状态被设置为信任状态,且与AP连接时,该终端可以接收到该AP发送的更新后的无线配置信息。
可选的,本发明实施例中的终端可以为能够进行无线连接的设备,具体可以为移动电话、智能电话、笔记本电脑、数字广播接收器、个人数字助理、平板电脑、便携式多媒体播放器、导航装置等等的移动终端,以及诸如数字TV、台式计算机等等的固定终端。然而,本领域技术人员将理解的是,除了特别用于移动目的的元件之外,根据本发明的实施方式的构造也能够应用于固定类型的终端。
S302、终端根据更新后的无线配置信息,断开与AP的当前连接,并与该AP重新进行无线连接。
终端接收AP发送的更新后的无线配置信息之后,该终端可以应用更新后的无线配置信息,断开与AP的当前连接,并发送连接请求至AP,并使
用更新后的无线配置信息与该AP进行无线连接。
例如,终端中的无线配置信息与AP更新后的无线配置信息相匹配时,终端才能与该AP连接成功。
可选的,如图5所示,访问状态被设置为信任状态时,终端在接收AP发送的更新后的无线配置信息之前,即S301之前,上述方法还包括:S303-S305。具体如下:
S303、终端发送MAC地址至AP。
S304、终端接收AP发送的加密信息并保存,该加密信息为将MAC地址加密后的字符串。
S305、终端接收AP发送的后台服务的配置信息,并安装该后台服务。
例如,终端的访问状态在被设置为信任状态时,该终端发送自己的MAC地址至该AP,以供该AP检测终端的访问状态时使用,且该AP在接收到上述终端发送的MAC地址后,通过加密算法将终端的MAC进行加密,并将加密后的加密信息(将MAC地址加密后的字符串)发送至终端,成为终端中预存的加密信息,以及终端接收AP发送的后台服务的配置信息,并安装后台服务。
需要说明的是,本发明实施例中的后台服务为可以接收AP发送的更新后的无线配置信息的相关服务,终端在安装上该后台服务时,才可以与AP进行无线配置信息的传输功能。
可选的,AP可以通过现有的加密方法对终端的MAC地址进行加密,本发明实施例不作限制。
例如,S301可以具体为终端通过后台服务接收AP发送的更新后的无线配置信息。
可选的,本发明实施例还提供的一种无线连接方法,还包括:S306。具体如下:
S306、访问状态被设置为非信任状态时,终端与AP的当前连接被断开。
终端的访问状态被设置为非信任状态时,由于AP侧的无线配置信息被改变了,终端中的无线配置信息与AP的更新后的无线配置信息不相匹配,因此,该终端与该AP的当前的无线连接被断开了。
需要说明的是,本发明实施例中的S301-S305与S306为可选的步骤,根据实际检测情况选择其中一个步骤执行;也就是说,在本发明实施例中,根据实际情况的不同,可以执行S301-S305,也可以执行S306,例如执行顺序可以根据实际情况而定,本发明实施例不作限制;并且,S301-S305或S306执行完后,本次处理流程就结束了。
本发明实施例所提供的一种无线连接方法,AP在无线配置信息存在更新时,检测当前连接的终端的访问状态,该访问状态包括信任状态;检测到终端的访问状态为信任状态时,发送更新后的无线配置信息至该终端;应用更新后的无线配置信息,断开与该终端的当前连接,并根据该更新后的无线配置信息重新连接终端。采用上述技术实现方案,由于当AP的无线配置信息被更新后,AP可以对受信任的终端(即合法用户)发送更新后的无线配置信息,使得上述终端可以自动根据更新后的无线配置信息进行无线连接,从而提升用户体验感,且提高了无线连接的便易性。
实施例二
本发明实施例提供一种无线连接方法,如图6所示,该方法可以包括:
S401、终端的访问状态在被设置为信任状态,且与AP连接时,该终端发送其MAC地址至该AP。
可选的,本发明实施例中的终端可以为能够进行无线连接的设备,具体可以为移动电话、智能电话、笔记本电脑、数字广播接收器、个人数字助理、平板电脑、便携式多媒体播放器、导航装置等等的移动终端,以及诸如数字TV、台式计算机等等的固定终端。然而,本领域技术人员将理解
的是,除了特别用于移动目的的元件之外,根据本发明的实施方式的构造也能够应用于固定类型的终端。
S402、AP将终端的MAC地址进行加密,并发送加密信息和后台服务的配置信息至终端,该加密信息为将MAC地址加密后的字符串。
可选的,本发明实施例中的AP可以是无线路由器等可以作为无线接入点的设备。
需要说明的是,AP与终端之间的数据传输的前提是,AP正在与该终端进行连接,否则不能进行数据的传输,因此,本发明实施例中的与AP进行交互的终端为当前正在与该AP连接着的设备。
S403、终端保存加密信息,并根据后台服务的配置信息安装该后台服务。
需要说明的是,本发明实施例中的终端的访问状态是可以通过AP设置的,即在Web UI设置页面进行设置。例如,若与AP连接的当前终端为合法用户,则设置该终端的访问状态为信任状态,除合法用户外的终端,设置其访问状态为非信任状态。
在本发明实施例提供的无线连接方法实现的前提是:AP检测当前连接的终端的访问状态之前,用户已经通过AP设置好了该终端的访问状态,即S401-S403。
需要说明的是,终端的访问状态的设置是由用户设置和决定的,也是可以改变的。
可选的,终端的访问状态可以包括:信任状态和非信任状态。
例如,终端的访问状态在被设置为信任状态时,该终端发送自己的MAC地址至该AP,以供该AP检测终端的访问状态时使用,且该AP在接收到上述终端发送的MAC地址后,通过加密算法将终端的MAC进行加密,并将加密后的加密信息(将MAC地址加密后的字符串)发送至终端,成为
终端中预存的加密信息,以及终端接收AP发送的后台服务的配置信息,并安装后台服务。
需要说明的是,本发明实施例中的后台服务为可以接收AP发送的更新后的无线配置信息的相关服务,终端在安装上该后台服务时,才可以与AP进行无线配置信息的传输功能。
可选的,AP可以通过现有的加密方法对终端的MAC地址进行加密,本发明实施例不作限制。
S404、无线配置信息存在更新时,AP获取终端的MAC地址,并检测终端的MAC地址是否存在于预存的MAC地址列表中。
可选的,无线配置信息可以为安全策略,无线名称或密码。
例如,无线配置信息存在更新时,AP可以发送检测请求至当前连接的终端,该AP获取终端的MAC地址,并检测终端的MAC地址是否存在于预存的MAC地址列表中。
可选的,本发明实施例中的无线配置信息可以为Wi-Fi配置信息,也可以为其他形式的无线技术的配置信息,本发明实施例不作限制。
AP检测与其连接的终端的信任状态时,首先,由于AP与终端正在连接,因此,AP可以获取该终端的MAC地址,该AP通过检测获取的终端的MAC地址是否存在于预存的MAC地址列表中来判断该终端的访问状态。
需要说明的是,在AP的设置界面进行终端的访问状态的设置时,AP就将该终端的MAC地址保存了,并将该终端的MAC地址经过加密算法加密后,形成加密信息,将该加密信息传输在该终端,由该终端保存与自己对应的该加密信息,即终端中预存的加密信息,这样,就通过AP设置好了该终端的访问状态为信任状态。若要设置当前连接的终端的访问状态为非信任状态时,则AP不保存该终端的MAC地址,也不发送加密信息至终端,
即终端中未有预存的加密信息。
示例性的,当手机1与无线路由器连接,且要改变无线路由器中的无线密码时,无线路由器向手机1发起检测请求,读取手机1的MAC地址,判断该手机1的MAC地址是否在无线路由器中预存的MAC地址列表中。
S405、MAC地址存在于预存的MAC地址列表中时,AP接收终端中预存的加密信息。
AP获取终端的MAC地址,并检测该终端的MAC地址是否存在于预存的MAC地址列表中之后,若AP中预存的MAC地址列表中有该终端的MAC地址,则该AP获取该终端中预存的加密信息。
需要说明的是,用户在AP的Web UI设置终端的访问状态时,AP将获取的访问状态为信任状态的终端的MAC地址都保存,形成预存的MAC地址列表,由于连接AP的终端的访问状态为信任状态的可以不止一个,因此,AP中保存的MAC地址也可以不止一个。
可以理解的是,AP可以通过校验终端的MAC地址是否与预存的信任终端的MAC地址一致来初步判断终端的访问状态。但是,由于非法终端可以伪装自己的MAC地址与信任状态的终端的MAC地址一致,因此,最优的方案是AP在判断终端的MAC地址存在于预存的MAC地址列表中时,获取终端中的加密信息。
例如,AP可以发送获取加密信息的请求至终端,终端中若有加密信息,则发送该加密信息至AP。
S406、AP对加密信息进行解密,检测解密后的加密信息是否与MAC地址一致。
AP获取终端中预存的加密信息之后,该AP通过与加密算法相应的解密算法对加密信息进行解密,然后,该AP检测解密后的加密信息是否与终端的MAC地址一致。
需要说明的是,加密信息是将访问状态为信任状态的终端的MAC地址进行了加密,因此,解密后的加密信息为终端的MAC地址。
可以理解的是,AP将直接获取的终端的MAC地址与预存的MAC地址列表对比后,排除MAC地址不在预存的MAC列表中的非信任状态的终端,然后,通过与终端中的加密信息的对比,去除伪装MAC地址的终端。
S407、解密后的加密信息与MAC地址一致时,AP确定终端的访问状态为信任状态。
AP对加密信息进行解密之后,解密后的加密信息(终端的MAC地址)与终端的MAC地址一致时,该AP检测或确定该终端的访问状态为信任状态。
可以理解的是,AP将直接获取的终端的MAC地址与预存的MAC地址列表对比后,排除MAC地址不在预存的MAC列表中的非信任状态的终端,然后,通过与终端中的加密信息的对比,去除伪装MAC地址的终端,于是,解密后的加密信息与检测的终端的MAC地址一致时,AP就确定了该终端的访问状态为信任状态,这样,提高了AP验证终端的访问状态的安全性和可靠性。
S408、解密后的加密信息与MAC地址不一致时,AP确定终端的访问状态为非信任状态。
AP对加密信息进行解密之后,解密后的加密信息(终端的MAC地址)与终端的MAC地址不一致时,该AP检测或确定该终端的访问状态为非信任状态。
可以理解的是,AP将直接获取的终端的MAC地址与预存的MAC地址列表对比后,排除MAC地址不在预存的MAC列表中的非信任状态的终端,然后,通过与终端中的加密信息的对比,去除伪装MAC地址的终端。于是,解密后的加密信息与检测的终端的MAC地址不一致时,AP确定了
该终端的访问状态为非信任状态,这样,即使有终端伪装了自己的MAC地址,但是,AP还是可以将伪装的终端检测出来,从而提高了AP验证终端的访问状态的安全性和可靠性。
需要说明的是,本发明实施例中的S407和S408为S406之后的可选步骤,根据实际检测情况选择其中一个步骤执行;也就是说,在本发明实施例中,S406之后,可以执行S407,也可以执行S408,例如执行顺序可以根据实际情况而定,本发明实施例不作限制;并且,S407或S408执行完后,本次处理流程就结束了。
S409、MAC地址不存在于预存的MAC地址列表中时,AP检测终端的访问状态为非信任状态。
AP检测终端的MAC地址是否存在于预存的MAC地址列表中之后,若在该AP预存的MAC地址列表中没有终端的MAC地址,则表明该终端的访问状态为非信任状态。
可以理解的是,AP中的预存MAC地址列表中都没有与终端的MAC地址一致的,表征该终端未被设置为信任状态的终端。
S410、MAC地址存在于预存的MAC地址列表中时,AP未获取到终端中预存的加密信息时,AP检测终端的访问状态为非信任状态。
终端的MAC地址存在于预存的MAC地址列表中时,AP去获取终端中预存的加密信息,此时,若AP中未获取到该终端中的加密信息,即该终端中没有加密信息时,则AP可以确定该终端的访问状态为非信任状态。
需要说明的是,本发明实施例中的S405-S408、S409和S410为S404之后的可选步骤,根据实际检测情况选择其中一个步骤执行;也就是说,在本发明实施例中,S404之后,可以执行S405-S408,也可以执行S409,还可以执行S410,例如执行顺序可以根据实际情况而定,本发明实施例不作限制;并且,S405-S408、S409或S410执行完后,本次处理流程就结束
了。
S411、AP检测到终端的访问状态为信任状态时,通过后台服务发送更新后的无线配置信息至终端。
AP检测当前连接的终端的访问状态之后,若该AP检测到该终端的访问状态为信任状态时,该AP发送更新后的无线配置信息至该终端,即该终端获取到了更新后的无线配置信息。
例如,当AP检测到终端的访问状态为信任状态时,由于该AP已经发送后台服务的配置信息至终端,因此,AP可以将更新后的无线配置信息进行封装后通过后台服务发送至终端,以使得该终端可以根据更新后的无线配置信息,来更新终端中的无线配置信息。
需要说明的是,在设置终端的访问状态时,若设置一个终端的访问状态为信任状态,则AP还会将后台服务发送至该终端,并安装。其中,后台服务是指可以接收AP发送的更新后的无线配置信息的相关服务。
示例性的,假设无线路由器的无线密码被改变,当无线路由器检测到手机1的访问状态为信任状态时,无线路由器发送修改后的无线密码给手机1。
S412、AP应用更新后的无线配置信息。
发送更新后的无线配置信息至终端之后,该AP应用更新后的无线配置信息。
需要说明的是,用户在AP的Web UI上修改无线配置信息时,AP的应用层在接收到下发的修改无线配置信息的消息后,先不下发修改无线配置信息的消息到无线芯片中,而是先让AP检测当前连接的终端的访问状态,即S101。在AP发送更新后的无线配置信息至终端后,AP的应用层才将最新的无线配置信息(更新后的无线配置信息)下发到无线芯片,以及,AP应用该无线芯片重启,根据更新后的无线配置信息发射新的无线热点
(即AP应用更新后的无线配置信息),供终端进行自动连接。
S413、终端根据更新后的无线配置信息,断开与AP的当前连接,并与该AP重新进行无线连接。
终端接收AP发送的更新后的无线配置信息之后,该终端可以应用更新后的无线配置信息,断开与AP的当前连接,并发送连接请求至AP,并使用更新后的无线配置信息与该AP重新进行无线连接。
例如,终端中的无线配置信息与AP更新后的无线配置信息相匹配时,终端才能与该AP连接成功。
S414、AP检测到终端的访问状态为非信任状态时,应用更新后的无线配置信息,断开与该终端的当前连接。
AP检测当前连接的终端的访问状态之后,该AP检测到终端的访问状态为非信任状态时,该AP应用更新后的无线配置信息,断开与该终端当前的无线连接。
示例性的,手机2与无线路由器连接着,在用户修改该无线路由器的无线密码的时候,用户不想手机2连接该无线路由器,于是,将手机2的访问状态设置为非信任状态,AP检测到手机2的访问状态时,AP的应用层才将更新的无线配置信息(包括更新后的无线密码)下发到AP的无线芯片,以及,AP应用该无线芯片重启,根据更新后的无线配置信息发射新的无线热点(即AP应用更新后的无线配置信息),由于无线密码的改变,手机2与该无线路由器断开连接。
本发明实施例所提供的一种无线连接方法,AP在无线配置信息存在更新时,检测当前连接的终端的访问状态,该访问状态包括信任状态;检测到终端的访问状态为信任状态时,发送更新后的无线配置信息至该终端;应用更新后的无线配置信息,断开与该终端的当前连接,并根据该更新后的无线配置信息重新连接终端。采用上述技术实现方案,由于当AP的无线
配置信息被更新后,AP可以对受信任的终端(即合法用户)发送更新后的无线配置信息,使得上述终端可以自动根据更新后的无线配置信息进行无线连接,从而提升用户体验感,且提高了无线连接的便易性。
实施例三
如图7所示,本发明实施例提供一种AP 1,对应于AP侧的无线连接方法,该AP 1可以包括:
检测单元10,配置为无线配置信息存在更新时,检测当前连接的终端的访问状态,所述访问状态包括信任状态。
第一发送单元11,配置为所述检测单元10检测到所述终端的访问状态为所述信任状态时,发送更新后的无线配置信息至所述终端。
第一连接单元12,配置为应用所述第一发送单元11发送的所述更新后的无线配置信息,断开与所述终端的当前连接,并根据所述更新后的无线配置信息重新连接所述终端。
可选的,所述检测单元10检测的所述访问状态还包括非信任状态。
所述第一连接单元12,还配置为所述检测单元10检测当前连接的终端的访问状态之后,所述检测单元10检测到所述终端的访问状态为所述非信任状态时,应用所述更新后的无线配置信息,断开与所述终端的当前连接。
可选的,所述第一发送单元11,还配置为发送后台服务的配置信息至所述终端,并通过所述后台服务发送所述更新后的无线配置信息至所述终端。
可选的,如图8所示,所述AP 1还包括第一接收单元13和第一保存单元14。
所述第一接收单元13,配置为获取所述终端的媒体访问控制MAC地址。
所述检测单元10,还配置为检测所述第一接收单元13获取的所述MAC
地址是否存在于第一保存单元14预存的MAC地址列表中。
所述第一接收单元13,还配置为所述检测单元10检测所述MAC地址存在于所述第一保存单元14预存的MAC地址列表中时,获取所述终端中预存的加密信息。
所述检测单元10,还配置为对所述第一接收单元13获取的所述加密信息进行解密,检测解密后的加密信息是否与所述第一接收单元13获取的所述MAC地址一致;及解密后的加密信息与所述MAC地址一致时,确定所述终端的访问状态为所述信任状态;以及所述解密后的加密信息与所述MAC地址不一致时,确定所述终端的访问状态为所述非信任状态。
相应的,所述检测单元10,还配置为所述检测所述MAC地址是否存在于预存的MAC地址列表中之后,所述第一接收单元13获取的所述MAC地址不存在于所述第一保存单元14预存的MAC地址列表中时,检测所述终端的访问状态为所述非信任状态。
可选的,本发明实施例中的AP可以是无线路由器等可以作为无线接入点的设备。
在实际应用中,上述检测单元10和第一连接单元12可由位于用户设备上的中央处理器(CPU)、微处理器(MPU)、数字信号处理器(DSP)或现场可编程门阵列(FPGA)等实现,第一接收单元13可以由接收器实现,第一发送单元11可以由发送器实现,接收器和发送器可以形成收发一体机来实现,第一保存单元14可以由存储器来实现,例如,预存的MAC地址列表及其软件代码、更新后的无线配置信息及其软件代码可以保存在存储器中,其中,存储器,其中,存储器配置为存储可执行程序代码,该程序代码包括计算机操作指令,存储器可能包含高速RAM存储器,也可能还包括非易失性存储器,例如,至少一个磁盘存储器。
本发明实施例所提供的一种AP,AP在无线配置信息存在更新时,检
测当前连接的终端的访问状态,该访问状态包括信任状态;检测到终端的访问状态为信任状态时,发送更新后的无线配置信息至该终端;应用更新后的无线配置信息,断开与该终端的当前连接,并根据该更新后的无线配置信息重新连接终端。采用上述技术实现方案,由于当AP的无线配置信息被更新后,AP可以对受信任的终端(即合法用户)发送更新后的无线配置信息,使得上述终端可以自动根据更新后的无线配置信息进行无线连接,从而提升用户体验感,且提高了无线连接的便易性。
如图9所示,本发明实施例提供一种终端2,对应于终端侧的无线连接方法,该终端2可以包括:
第二接收单元20,配置为访问状态被设置为信任状态,且与AP连接时,接收所述AP发送的更新后的无线配置信息。
第二连接单元21,配置为根据所述第二接收单元20接收的所述更新后的无线配置信息,断开与所述AP的当前连接,并与所述AP重新进行无线连接。
可选的,如图10所示,所述终端2还包括:第二发送单元22、第二保存单元23和安装单元24。
所述第二发送单元22,配置为所述第二接收单元20接收AP发送的更新后的无线配置信息之前,发送MAC地址至所述AP。
所述第二接收单元20,还配置为接收所述AP发送的加密信息;所述加密信息为将所述MAC地址加密后的字符串,以及,
所述第二保存单元23,配置为保存所述第二接收单元20接收的所述加密信息。
所述第二接收单元20,还配置为接收所述AP发送的后台服务的配置信息,以及,
所述安装单元24,配置为根据所述第二接收单元20接收的后台服务的
配置信息,安装所述后台服务。
相应的,所述第二接收单元20,还配置为通过所述安装单元24安装的所述后台服务接收所述AP发送的所述更新后的无线配置信息。
可选的,所述第二连接单元21,还配置为所述第二接收单元20接收AP发送的更新后的无线配置信息之前,所述访问状态被设置为非信任状态时,与所述AP的当前连接被断开。
可选的,本发明实施例中的终端可以为能够进行无线连接的设备,具体可以为移动电话、智能电话、笔记本电脑、数字广播接收器、个人数字助理、平板电脑、便携式多媒体播放器、导航装置等等的移动终端,以及诸如数字TV、台式计算机等等的固定终端。然而,本领域技术人员将理解的是,除了特别用于移动目的的元件之外,根据本发明的实施方式的构造也能够应用于固定类型的终端。
在实际应用中,上述第二连接单元21和安装单元24可由位于用户设备上的中央处理器(CPU)、微处理器(MPU)、数字信号处理器(DSP)或现场可编程门阵列(FPGA)等实现,第二接收单元20可以由接收器实现,第二发送单元22可以由发送器实现,接收器和发送器可以形成收发一体机来实现,第二保存单元23可以由存储器来实现,例如,预存的加密信息及其软件代码、更新后的无线配置信息及其软件代码可以保存在存储器中,其中,存储器,其中,存储器用于存储可执行程序代码,该程序代码包括计算机操作指令,存储器可能包含高速RAM存储器,也可能还包括非易失性存储器,例如,至少一个磁盘存储器。
本发明实施例所提供的一种终端,终端在访问状态被设置为信任状态,且与AP连接时,接收该AP发送的更新后的无线配置信息;根据更新后的无线配置信息,断开与AP的当前连接,并与AP重新进行无线连接。采用上述技术实现方案,由于当AP的无线配置信息被更新后,AP可以对受信
任的终端(即合法用户)发送更新后的无线配置信息,使得上述终端可以自动根据更新后的无线配置信息进行无线连接,从而提升用户体验感,且提高了无线连接的便易性。
本发明实施例还提供一种计算机存储介质,所述计算机存储介质中存储有可执行指令,所述可执行指令用于执行图1至图6任意附图所示的无线连接方法。
本领域内的技术人员应明白,本发明的实施例可提供为方法、系统、或计算机程序产品。因此,本发明可采用硬件实施例、软件实施例、或结合软件和硬件方面的实施例的形式。而且,本发明可采用在一个或多个其中包含有计算机可用程序代码的计算机可用存储介质(包括但不限于磁盘存储器和光学存储器等)上实施的计算机程序产品的形式。
本发明是参照根据本发明实施例的方法、设备(系统)、和计算机程序产品的流程图和/或方框图来描述的。应理解可由计算机程序指令实现流程图和/或方框图中的每一流程和/或方框、以及流程图和/或方框图中的流程和/或方框的结合。可提供这些计算机程序指令到通用计算机、专用计算机、嵌入式处理机或其他可编程数据处理设备的处理器以产生一个机器,使得通过计算机或其他可编程数据处理设备的处理器执行的指令产生用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的装置。
这些计算机程序指令也可存储在能引导计算机或其他可编程数据处理设备以特定方式工作的计算机可读存储器中,使得存储在该计算机可读存储器中的指令产生包括指令装置的制造品,该指令装置实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能。
这些计算机程序指令也可装载到计算机或其他可编程数据处理设备上,使得在计算机或其他可编程设备上执行一系列操作步骤以产生计算机
实现的处理,从而在计算机或其他可编程设备上执行的指令提供用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的步骤。
以上所述,仅为本发明的较佳实施例而已,并非用于限定本发明的保护范围。
Claims (16)
- 一种无线连接方法,所述方法包括:无线配置信息存在更新时,检测当前连接的终端的访问状态,所述访问状态包括信任状态;检测到所述终端的访问状态为所述信任状态时,发送更新后的无线配置信息至所述终端;应用所述更新后的无线配置信息,断开与所述终端的当前连接,并根据所述更新后的无线配置信息重新连接所述终端。
- 根据权利要求1所述的无线连接方法,其中,所述访问状态还包括非信任状态;所述检测当前连接的终端的访问状态之后,所述方法还包括:检测到所述终端的访问状态为所述非信任状态时,应用所述更新后的无线配置信息,断开与所述终端的当前连接。
- 根据权利要求1所述的无线连接方法,其中,所述发送更新后的无线配置信息至所述终端,包括:发送后台服务的配置信息至所述终端,并通过所述后台服务发送所述更新后的无线配置信息至所述终端。
- 根据权利要求1至3任一项所述的无线连接方法,其中,所述检测当前连接的终端的访问状态,包括:获取所述终端的媒体访问控制MAC地址,检测所述MAC地址是否存在于预存的MAC地址列表中;所述MAC地址存在于所述预存的MAC地址列表中时,获取所述终端中预存的加密信息;对所述加密信息进行解密,检测解密后的加密信息是否与所述MAC地址一致;解密后的加密信息与所述MAC地址一致时,确定所述终端的访问状态为所述信任状态;所述解密后的加密信息与所述MAC地址不一致时,确定所述终端的访问状态为所述非信任状态;相应的,所述检测所述MAC地址是否存在于预存的MAC地址列表中之后,所述方法还包括:所述MAC地址不存在于所述预存的MAC地址列表中时,检测所述终端的访问状态为所述非信任状态。
- 一种无线连接方法,所述方法包括:访问状态被设置为信任状态,且与无线访问接入点AP连接时,接收所述AP发送的更新后的无线配置信息;根据所述更新后的无线配置信息,断开与所述AP的当前连接,并与所述AP重新进行无线连接。
- 根据权利要求5所述的无线连接方法,其中,所述接收AP发送的更新后的无线配置信息之前,所述方法还包括:发送MAC地址至所述AP;接收所述AP发送的加密信息并保存,所述加密信息为将所述MAC地址加密后的字符串;接收所述AP发送的后台服务的配置信息,并安装所述后台服务;相应的,所述接收AP发送的更新后的无线配置信息,包括:通过所述后台服务接收所述AP发送的所述更新后的无线配置信息。
- 根据权利要求5所述的无线连接方法,其中,所述方法还包括:所述访问状态被设置为非信任状态时,与所述AP的当前连接被断开。
- 一种无线访问接入点AP,所述AP包括:检测单元,配置为无线配置信息存在更新时,检测当前连接的终端的 访问状态,所述访问状态包括信任状态;第一发送单元,配置为所述检测单元检测到所述终端的访问状态为所述信任状态时,发送更新后的无线配置信息至所述终端;第一连接单元,配置为应用所述第一发送单元发送的所述更新后的无线配置信息,断开与所述终端的当前连接,并根据所述更新后的无线配置信息重新连接所述终端。
- 根据权利要求8所述的AP,其中,所述检测单元检测的所述访问状态还包括非信任状态;所述第一连接单元,还配置为所述检测单元检测当前连接的终端的访问状态之后,所述检测单元检测到所述终端的访问状态为所述非信任状态时,应用所述更新后的无线配置信息,断开与所述终端的当前连接。
- 根据权利要求8所述的AP,其中,所述第一发送单元,还配置为发送后台服务的配置信息至所述终端,并通过所述后台服务发送所述更新后的无线配置信息至所述终端。
- 根据权利要求8至10任一项所述的AP,其中,所述AP还包括第一接收单元;所述第一接收单元,配置为获取所述终端的媒体访问控制MAC地址;所述检测单元,还配置为检测所述第一接收单元获取的所述MAC地址是否存在于第一保存单元预存的MAC地址列表中;所述第一接收单元,还配置为所述检测单元检测所述MAC地址存在于所述第一保存单元预存的MAC地址列表中时,获取所述终端中预存的加密信息;所述检测单元,还配置为对所述第一接收单元获取的所述加密信息进行解密,检测解密后的加密信息是否与所述第一接收单元获取的所述MAC地址一致;及解密后的加密信息与所述终端的MAC地址一致时,确定所述 终端的访问状态为所述信任状态;以及所述解密后的加密信息与所述MAC地址不一致时,确定所述终端的访问状态为所述非信任状态;相应的,所述检测单元,还配置为所述检测所述MAC地址是否存在于预存的MAC地址列表中之后,所述第一接收单元获取的所述MAC地址不存在于所述第一保存单元预存的MAC地址列表中时,检测所述终端的访问状态为所述非信任状态。
- 一种终端,所述终端包括:第二接收单元,配置为访问状态被设置为信任状态,且与无线访问接入点AP连接时,接收所述AP发送的更新后的无线配置信息;第二连接单元,根据所述第二接收单元接收的所述更新后的无线配置信息,断开与所述AP的当前连接,并与所述AP重新进行无线连接。
- 根据权利要求12所述的终端,其中,所述终端还包括:第二发送单元、第二保存单元和安装单元;所述第二发送单元,配置为所述第二接收单元接收AP发送的更新后的无线配置信息之前,发送MAC地址至所述AP;所述第二接收单元,还配置为接收所述AP发送的加密信息;所述加密信息为将所述MAC地址加密后的字符串,以及,所述第二保存单元保存所述第二接收单元接收的所述加密信息;所述第二接收单元,还配置为接收所述AP发送的后台服务的配置信息,以及,所述安装单元,配置为根据所述第二接收单元接收的后台服务的配置信息,安装所述后台服务;相应的,所述第二接收单元,还配置为通过所述安装单元安装的所述后台服务接收所述AP发送的所述更新后的无线配置信息。
- 根据权利要求12所述的终端,其中,所述第二连接单元,还配置为所述访问状态被设置为非信任状态时,与所述AP的当前连接被断开。
- 一种计算机存储介质,所述计算机存储介质中存储有可执行指令,所述可执行指令用于执行权利要求1至4任一项所述的无线连接方法。
- 一种计算机存储介质,所述计算机存储介质中存储有可执行指令,所述可执行指令用于执行权利要求5至7任一项所述的无线连接方法。
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510424422.6 | 2015-07-17 | ||
CN201510424422.6A CN106341815B (zh) | 2015-07-17 | 2015-07-17 | 一种无线连接方法、终端及ap |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2017012204A1 true WO2017012204A1 (zh) | 2017-01-26 |
Family
ID=57826812
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2015/090924 WO2017012204A1 (zh) | 2015-07-17 | 2015-09-28 | 无线连接方法、终端及无线访问接入点、计算机存储介质 |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN106341815B (zh) |
WO (1) | WO2017012204A1 (zh) |
Families Citing this family (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109327517B (zh) * | 2018-10-09 | 2022-05-20 | 上海尚往网络科技有限公司 | 获取无线接入点网络状态的方法及设备 |
CN111356149A (zh) * | 2018-12-24 | 2020-06-30 | 中兴通讯股份有限公司 | 一种无线网络配置方法及装置 |
CN110784941B (zh) * | 2019-10-31 | 2021-06-25 | Oppo广东移动通信有限公司 | Cpe与终端设备自动连接方法、装置及系统 |
CN111132373B (zh) * | 2019-12-05 | 2023-08-04 | 北京小米移动软件有限公司 | 网络连接方法、装置及设备 |
CN111132374A (zh) * | 2019-12-12 | 2020-05-08 | 北京小米移动软件有限公司 | 建立无线网络连接的方法及装置 |
CN113411809B (zh) * | 2021-07-30 | 2023-03-17 | 浙江大华技术股份有限公司 | 防接入伪ap和ap劫持的方法和装置 |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103716795A (zh) * | 2012-10-09 | 2014-04-09 | 中兴通讯股份有限公司 | 一种无线网络安全接入方法、装置和系统 |
US20150026774A1 (en) * | 2012-02-10 | 2015-01-22 | Zte Corporation | Access authentication method and device for wireless local area network hotspot |
CN104581716A (zh) * | 2014-12-31 | 2015-04-29 | 广东欧珀移动通信有限公司 | 一种无线接入点的连接方法及无线接入点设备 |
US20150143473A1 (en) * | 2013-11-15 | 2015-05-21 | Samsung Electronics Co., Ltd. | Electronic device and method for updating authentication information in the electronic device |
Family Cites Families (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20080123852A1 (en) * | 2006-11-28 | 2008-05-29 | Jianping Jiang | Method and system for managing a wireless network |
CN101431408B (zh) * | 2007-11-09 | 2012-10-17 | 北京华旗资讯数码科技有限公司 | 可实现通信终端与无线局域网连接的加密装置 |
CN101820629A (zh) * | 2010-04-15 | 2010-09-01 | 华为终端有限公司 | 一种无线局域网中身份认证的方法、装置及系统 |
CN103249040B (zh) * | 2012-02-08 | 2017-04-26 | 华为终端有限公司 | 一种无线接入认证的方法及装置 |
CN102711110A (zh) * | 2012-05-24 | 2012-10-03 | 中兴通讯股份有限公司 | 一种管理Wi-Fi网络的方法和无线路由器 |
US20140247941A1 (en) * | 2013-03-01 | 2014-09-04 | Oplink Communications, Inc. | Self-configuring wireless network |
CN104254070B (zh) * | 2013-06-25 | 2019-11-08 | 南京中兴新软件有限责任公司 | WiFi接入方法、智能终端及路由设备 |
CN103415016A (zh) * | 2013-07-05 | 2013-11-27 | 惠州Tcl移动通信有限公司 | 一种移动wifi热点连接处理方法及系统 |
CN104519513A (zh) * | 2013-09-30 | 2015-04-15 | 深圳市群云网络有限公司 | 一种基于无线局域网的通信方法及系统 |
CN104661219B (zh) * | 2015-01-15 | 2019-05-17 | 天地融科技股份有限公司 | 一种无线设备的通讯方法、无线设备和服务器 |
-
2015
- 2015-07-17 CN CN201510424422.6A patent/CN106341815B/zh active Active
- 2015-09-28 WO PCT/CN2015/090924 patent/WO2017012204A1/zh active Application Filing
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20150026774A1 (en) * | 2012-02-10 | 2015-01-22 | Zte Corporation | Access authentication method and device for wireless local area network hotspot |
CN103716795A (zh) * | 2012-10-09 | 2014-04-09 | 中兴通讯股份有限公司 | 一种无线网络安全接入方法、装置和系统 |
US20150143473A1 (en) * | 2013-11-15 | 2015-05-21 | Samsung Electronics Co., Ltd. | Electronic device and method for updating authentication information in the electronic device |
CN104581716A (zh) * | 2014-12-31 | 2015-04-29 | 广东欧珀移动通信有限公司 | 一种无线接入点的连接方法及无线接入点设备 |
Also Published As
Publication number | Publication date |
---|---|
CN106341815A (zh) | 2017-01-18 |
CN106341815B (zh) | 2020-11-27 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11616775B2 (en) | Network access authentication method, apparatus, and system | |
WO2017012204A1 (zh) | 无线连接方法、终端及无线访问接入点、计算机存储介质 | |
US9843575B2 (en) | Wireless network authentication method and wireless network authentication apparatus | |
US8046583B2 (en) | Wireless terminal | |
US11317340B2 (en) | Method and device for enabling access of an unconfigured device to a network hotspot device | |
JP6203985B1 (ja) | 認証証明のセキュアプロビジョニング | |
US9436819B2 (en) | Securely pairing computing devices | |
US8150372B2 (en) | Method and system for distributing data within a group of mobile units | |
JP5739072B2 (ja) | 共有エフェメラル・キー・データのセットを用いるエクスチェンジを符号化するためのシステム及び方法 | |
CN113099443B (zh) | 设备认证方法、装置、设备和系统 | |
WO2017028593A1 (zh) | 网络接入设备接入无线网络接入点的方法、网络接入设备、应用程序服务器和非易失性计算机可读存储介质 | |
WO2022111187A1 (zh) | 终端认证方法、装置、计算机设备及存储介质 | |
EP3700124B1 (en) | Security authentication method, configuration method, and related device | |
US10470102B2 (en) | MAC address-bound WLAN password | |
CN107567017B (zh) | 无线连接系统、装置及方法 | |
US11765164B2 (en) | Server-based setup for connecting a device to a local area network | |
EP3794852B1 (en) | Secure methods and systems for identifying bluetooth connected devices with installed application | |
CN112672351A (zh) | 无线局域网认证方法及装置、电子设备、存储介质 | |
US20170238236A1 (en) | Mac address-bound wlan password | |
JP2014509468A (ja) | 無線ネットワーククレデンシャルを帯域外配信するための方法及びシステム | |
US11832348B2 (en) | Data downloading method, data management method, and terminal | |
US8924710B2 (en) | Method and apparatus for providing session key for WUSB security and method and apparatus for obtaining the session key | |
EP4029215A1 (en) | Ecosystem-based wireless network setup | |
CN106878989B (zh) | 一种接入控制方法及装置 | |
US11962465B2 (en) | Control system, electronic device, and control method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 15898760 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 15898760 Country of ref document: EP Kind code of ref document: A1 |