WO2018095372A1 - Method for accessing network, and control terminal and router - Google Patents

Method for accessing network, and control terminal and router Download PDF

Info

Publication number
WO2018095372A1
WO2018095372A1 PCT/CN2017/112654 CN2017112654W WO2018095372A1 WO 2018095372 A1 WO2018095372 A1 WO 2018095372A1 CN 2017112654 W CN2017112654 W CN 2017112654W WO 2018095372 A1 WO2018095372 A1 WO 2018095372A1
Authority
WO
WIPO (PCT)
Prior art keywords
access
network
terminal
identification information
router
Prior art date
Application number
PCT/CN2017/112654
Other languages
French (fr)
Chinese (zh)
Inventor
李元飞
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2018095372A1 publication Critical patent/WO2018095372A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W48/00Access restriction; Network selection; Access point selection
    • H04W48/08Access restriction or access information delivery, e.g. discovery data delivery
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W48/00Access restriction; Network selection; Access point selection
    • H04W48/16Discovering, processing access restriction or access information

Definitions

  • the present disclosure relates to, but is not limited to, the field of network technologies, and in particular, to a method, a control terminal and a router for accessing a network.
  • Wireless Fidelity is a technology that allows electronic devices to connect to a Wireless Local Area Network (WLAN). Usually the electronic device is connected to the wireless LAN by a password. Wi-Fi is connected to the network through radio waves. A common wireless router is a wireless router. The wireless coverage of the wireless router can be connected by Wi-Fi connection. More and more families are forming wireless networks at home through routers, and visitors are allowed to connect to home Wi-Fi by telling them when they come to visit.
  • the present disclosure provides a method of accessing a network, a control terminal, and a router that selectively allows a guest terminal to access the network by screening the guest terminal.
  • the present disclosure provides a method for accessing a network, including:
  • the control terminal receives the network access request sent by the router, where the network access request includes: identity identification information of the access terminal requesting access to the network;
  • the control terminal performs identity authentication on the access terminal based on the identity identification information
  • the control terminal provides the access terminal with the network access authentication information of the access network, so that the access terminal accesses the network based on the network access authentication information.
  • the method further includes:
  • the control terminal updates the terminal information set of the access network in the router based on the identity identification information of the access terminal;
  • the terminal information set of the access network includes: identity identification information of an access terminal that is allowed to access the network.
  • the identity identification information includes: a MAC address of the access terminal;
  • the network access verification information includes: a network access password or a graphic code including an access network password.
  • the disclosure also provides a method for accessing a network, including:
  • the router acquires identity identification information of the access terminal requesting access to the network
  • the router sends a network access request including the identity identification information of the access terminal to the control terminal, for the control terminal to be based on the identity.
  • the identification information is used to authenticate the access terminal and provide the access terminal with the network access verification information of the access network if the access terminal passes the identity authentication;
  • the terminal information set of the access network includes: identity identification information of an access terminal that is allowed to access the network.
  • the method further includes:
  • the router updates the terminal information set of the access network in the router based on the identity identification information of the access terminal.
  • the method further includes:
  • the router When the identity information exists in the terminal information set of the access network, and the access terminal cannot successfully access the network, the router sends the network access verification information of the network to the access And the terminal, wherein the access terminal automatically accesses the network according to the network access verification information.
  • the identity identification information includes: a MAC address of the access terminal;
  • the network access verification information includes: a network access password or a graphic code including an access network password.
  • the disclosure also provides a control terminal, including:
  • the receiving module is configured to: receive a network access request sent by the router, where the network access request includes: The identification information of the access terminal requesting access to the network;
  • the authentication module is configured to: perform identity authentication on the access terminal based on the identity identification information;
  • the processing module is configured to: when the access terminal passes the identity authentication, provide the access terminal with the network access verification information of the access network, so that the access terminal accesses the network based on the network access verification information.
  • control terminal further includes:
  • the first update module is configured to: when the access terminal accesses the network, update the terminal information set of the access network in the router based on the identity identification information of the access terminal;
  • the terminal information set of the access network includes: identity identification information of an access terminal that is allowed to access the network.
  • the identity identification information includes: a MAC address of the access terminal;
  • the network access verification information includes: a network access password or a graphic code including an access network password.
  • the present disclosure also provides a router, including:
  • the obtaining module is configured to: obtain identification information of the access terminal requesting access to the network;
  • a requesting module configured to: if the identity identification information does not exist in the terminal information set of the access network, send a network access request including the identity identification information of the access terminal to the control terminal, where the control terminal is based on The identity identification information is used to authenticate the access terminal and provide access verification information of the access network to the access terminal if the access terminal passes the identity authentication;
  • the terminal information set of the access network includes: identity identification information of an access terminal that is allowed to access the network.
  • the router further includes:
  • the second update module is configured to: when the access terminal accesses the network, update the terminal information set of the access network in the router based on the identity identification information of the access terminal.
  • the router further includes:
  • a networking module configured to: the terminal information that the identification information exists in the access network If the access terminal cannot successfully access the network, the network access verification information of the network is sent to the access terminal, so that the access terminal automatically accesses the network according to the network access verification information.
  • the identity identification information includes: a MAC address of the access terminal;
  • the network access verification information includes: a network access password or a graphic code including an access network password.
  • Embodiments of the present disclosure also provide a computer readable storage medium storing computer executable instructions that, when executed, implement the above method of accessing a network.
  • the router may perform preliminary identity authentication on the access terminal accessing the network, and if not authenticated, send a network access request to the control terminal of the router to provide
  • the control terminal performs secondary identity authentication.
  • the router may provide the latest network access verification information of the network to the access terminal for the access terminal. Automatically connect to the network.
  • the control terminal may not perform network access processing when the client terminal accesses the network again, and the router may automatically provide the network access verification information to the client terminal according to the network access record.
  • FIG. 1 is a flowchart of a method for accessing a network according to a first example of an embodiment of the present disclosure
  • FIG. 2 is a flowchart of a method for accessing a network according to a second example of the embodiment of the present disclosure
  • FIG. 3 is a schematic structural diagram of a control terminal according to a third example of the embodiment of the present disclosure.
  • FIG. 4 is a schematic structural diagram of a router according to a fourth example of the disclosure.
  • FIG. 5 is a flowchart of a method for accessing a network according to a fifth example of the embodiment of the present disclosure.
  • a first example of the embodiment of the present disclosure may include Next steps:
  • Step S101 The control terminal receives the network access request sent by the router, where the network access request includes: identity identification information of the access terminal requesting access to the network.
  • control terminal may be a terminal that controls the router, and the control terminal may modify an access password of the network connected to the network by using the router.
  • the access terminal may be a terminal requesting access to a visitor of the network.
  • the identity identification information may include: a Media Access Control (MAC) address of the access terminal.
  • MAC Media Access Control
  • Step S102 The control terminal performs identity authentication on the access terminal based on the identity identification information.
  • control terminal may determine, according to the MAC address of the access terminal, whether the access terminal is a trusted terminal. For example, when a visitor comes to visit a home, if the visitor wants to connect to the home network, the visitor can be authenticated and verified by the visitor's MAC address.
  • Step S103 In the case that the access terminal passes the identity authentication, the control terminal provides the access terminal with the network access verification information of the access network, so that the access terminal accesses the network based on the network access verification information. .
  • the network access verification information may include: an online password or a graphic code including an incoming password.
  • the graphic code of the network access password may include the following forms: a barcode, a two-dimensional code, or a customized graphic code.
  • the control terminal can generate a two-dimensional code containing the network access password, and the visitor can access the network by scanning the two-dimensional code.
  • the method may further include:
  • the control terminal updates the terminal information set of the access network in the router based on the identity identification information of the access terminal;
  • the terminal information set of the access network includes: identity identification information of an access terminal that is allowed to access the network.
  • the control terminal adds the identity identification information of the guest terminal to the terminal information set of the access network in the router, for the router Performing preliminary identity authentication on the access terminal requesting access to the network according to the terminal information set of the access network.
  • a second example of the embodiment of the present disclosure may include the following steps:
  • Step S201 The router acquires identity identification information of the access terminal requesting access to the network.
  • the access terminal may be a terminal that requests a visitor to access the network.
  • the identification information may include: a MAC address of the access terminal.
  • Step S202 If the identity identification information does not exist in the terminal information set of the access network, the router sends a network access request including the identity identification information of the access terminal to the control terminal, where the control terminal is based on the control terminal.
  • the identity identification information is used to authenticate the access terminal and provide access verification information of the access network to the access terminal if the access terminal passes the identity authentication;
  • the terminal information set of the access network includes: identity identification information of an access terminal that is allowed to access the network.
  • the identity identification information of the access terminal may be stored in a terminal information set of the access network.
  • the control terminal may be a terminal that controls the router, and the control terminal may modify an access password of the network connected to the network by using the router.
  • the router may send the network access request to the control terminal, so that the control terminal determines whether the access terminal is trustworthy.
  • the method may further include:
  • the router updates the terminal information set of the access network in the router based on the identity identification information of the access terminal.
  • the access terminal When the access terminal is authenticated by the identity of the control terminal, the access terminal may successfully access the network, and may store the identity identification information of the access terminal to the terminal of the access network in the router. In the information collection.
  • the identity identification information in the terminal information set of the access network may be updated in the following two ways:
  • control terminal synchronizes the identity identification information of the access terminal that successfully accesses the network to the terminal information set of the access network in the router.
  • the router automatically saves the identification information of the access terminal that successfully accesses the network. Stored in the terminal information set of the access network.
  • the method may further include:
  • the router When the identity information exists in the terminal information set of the access network, and the access terminal cannot successfully access the network, the router sends the network access verification information of the network to the access And the terminal, wherein the access terminal automatically accesses the network according to the network access verification information.
  • the identity information of the access terminal exists in the terminal information set of the access network, it may be stated that the access terminal has successfully accessed the network, that is, the access terminal is a trusted access terminal.
  • the control terminal can modify the access password of the router during the current access and the last access of the access terminal, the access terminal cannot successfully access the network during the current access.
  • the router can automatically obtain the latest network access password of the network, and provide the latest network access password to the access terminal, so that the access terminal automatically connects to the network according to the latest network access password.
  • a third embodiment of the present disclosure may include:
  • the receiving module 301 is configured to: receive a network access request sent by the router, where the network access request includes: identity identification information of the access terminal that requests access to the network.
  • control terminal may be a terminal that controls the router, and the control terminal may modify an access password of the network connected to the network by using the router.
  • the access terminal may be a terminal requesting access to a visitor of the network.
  • the identification information may include: a MAC address of the access terminal.
  • the authentication module 302 is configured to perform identity authentication on the access terminal based on the identity identification information.
  • the authentication module 302 is configured to:
  • the access terminal Based on the MAC address of the access terminal, it is determined whether the access terminal is a trusted terminal. For example, when a visitor comes to visit a home, if the visitor wants to connect to the home network, the visitor can be authenticated and verified by the visitor's MAC address.
  • the processing module 303 is configured to: when the access terminal passes the identity authentication, provide the access terminal with the network access verification information of the access network, where the access terminal accesses the network based on the network access verification information. .
  • the network access verification information may include: an online password or a graphic code including an incoming password.
  • the graphic code of the network access password may include the following forms: a barcode, a two-dimensional code, or a customized graphic code.
  • the processing module 303 can generate a two-dimensional code containing the network access password, and the visitor can access the network by scanning the two-dimensional code.
  • control terminal may further include:
  • an update module configured to: when the access terminal accesses the network, update a terminal information set of the access network in the router based on the identity identification information of the access terminal;
  • the terminal information set of the access network includes: identity identification information of an access terminal that is allowed to access the network.
  • the update module may add identity identification information of the guest terminal to a terminal information set of the access network in the router, for the The router performs preliminary identity authentication on the access terminal requesting access to the network according to the terminal information set of the access network.
  • a router as shown in FIG. 4, may include:
  • the obtaining module 401 is configured to: obtain identity identification information of an access terminal that requests access to the network.
  • the access terminal is a terminal that requests a visitor to access the network.
  • the identification information may include: a MAC address of the access terminal.
  • the requesting module 402 is configured to: if the identity identification information does not exist in the terminal information set of the access network, send a network access request including the identity identification information of the access terminal to the control terminal, where the control terminal is used by the control terminal And performing identity authentication on the access terminal based on the identity identification information, and providing the access terminal with network access verification information of the access network if the access terminal passes the identity authentication;
  • the terminal information set of the access network includes: identity identification information of an access terminal that is allowed to access the network.
  • the control terminal may be a terminal that controls the router, and the control terminal may modify an access password of the network connected to the network by using the router.
  • the requesting module 402 can send the network access request to the control terminal, so that the control terminal determines whether the access terminal is trustworthy.
  • the router may further include:
  • an update module configured to: when the access terminal accesses the network, update the terminal information set of the access network in the router based on the identity identification information of the access terminal.
  • the networking module is configured to: when the identity identification information exists in the terminal information set of the access network, and the access terminal cannot successfully access the network, send the network verification information of the network Giving the access terminal to the access terminal to automatically access the network according to the network access verification information.
  • a fifth embodiment of the present disclosure based on the control terminal of the third example of the present disclosure and the router of the fourth example of the embodiment of the present disclosure, introduces a method for accessing a network. As shown in FIG. 5, the following steps may be included:
  • Step S501 The router acquires the MAC address of the access terminal requesting access to the network.
  • the access terminal may be a terminal that requests a visitor to access the network.
  • Step S502 The router determines whether the access terminal has successfully accessed the network, and if yes, sends the network access password of the network to the access terminal, so that the access terminal automatically according to the network access password. Accessing the network;
  • step S503 is performed.
  • step S502 the method may include:
  • the router acquires the latest network access password of the network, and sends the latest network access password to the access terminal, so that the access terminal automatically accesses the network according to the latest network access password.
  • the whitelist may store a MAC address of an access terminal that has successfully accessed the network.
  • the white list in this example may correspond to the terminal information set of the access network in the first to fourth examples of the embodiments of the present disclosure. If the MAC address of the access terminal exists in the whitelist, it may be stated that the access terminal has successfully connected to the network, that is, the access terminal is trusted. terminal.
  • Step S503 The router sends a network access request including the MAC address of the access terminal to the control terminal.
  • control terminal may be a terminal that controls the router, and the control terminal may modify an access password of the network connected to the network by using the router.
  • Step S504 The control terminal performs identity authentication on the access terminal according to the MAC address of the access terminal, and if the identity authentication is performed, step S505 is performed; if the identity authentication is not passed, the access terminal is denied access to the access terminal.
  • the internet The internet.
  • control terminal may determine, according to the MAC address of the access terminal, whether the access terminal is a trusted terminal. For example, when a visitor comes to visit a home, if the visitor wants to connect to the home network, the visitor can be authenticated and verified by the visitor's MAC address.
  • Step S505 In the case that the access terminal passes the identity authentication, the control terminal provides the access terminal with the network access verification information of the access network, so that the access terminal accesses the network based on the network access verification information. .
  • the network access verification information may include: an online password or a graphic code including an incoming password.
  • the graphic code of the network access password may include the following forms: a barcode, a two-dimensional code, or a customized graphic code.
  • the control terminal can generate a two-dimensional code containing the network access password, and the visitor can access the network by scanning the two-dimensional code.
  • Step S506 Add the MAC address of the access terminal to the whitelist.
  • step S506 may include:
  • the control terminal synchronizes the identity identification information of the access terminal that successfully accesses the network to the terminal information set of the access network in the router, or
  • the router automatically stores the identity identification information of the access terminal that successfully accesses the network into the terminal information set of the access network.
  • the whitelist may exist in the control terminal and the router at the same time, the control terminal acquires contact information on the terminal, and establishes the contact information and the whitelist.
  • the association of the MAC address may include: address book information, short message information, social software friend information, and the like.
  • the router may perform preliminary identity authentication on the access terminal accessing the network, and control the router if the identity authentication is not passed.
  • the terminal sends a network access request for the control terminal to perform secondary identity authentication.
  • the router may provide the latest network access verification information of the network to the access terminal for the access terminal. Automatically connect to the network.
  • the control terminal may not perform network access processing when the client terminal accesses the network again, and the router may automatically provide the network access verification information to the client terminal according to the network access record.
  • Embodiments of the present disclosure also provide a computer readable storage medium storing computer executable instructions that, when executed, implement the above method of accessing a network.
  • computer storage medium includes volatile and nonvolatile, implemented in any method or technology for storing information, such as computer readable instructions, data structures, program modules or other data. Sex, removable and non-removable media.
  • Computer storage media include, but are not limited to, Random Access Memory (RAM), Read-Only Memory (ROM), and Electrically Erasable Programmable Read-only Memory (EEPROM). Flash memory or other memory technology, compact disc read-only memory (CD-ROM), digital versatile disc (DVD) or other optical disc storage, magnetic cassette, magnetic tape, disk storage or other magnetic storage device, or Any other medium used to store the desired information and that can be accessed by the computer.
  • communication media typically includes computer readable instructions, data structures, program modules or a carrier or other transport. Other data in the modulated data signal, and may include any information delivery medium.
  • the router may perform preliminary identity authentication on the access terminal accessing the network, and if not authenticated, send a network access request to the control terminal of the router to provide
  • the control terminal performs secondary identity authentication.
  • the router may provide the latest network access verification information of the network to the access terminal for the access terminal. Automatically connect to the network.
  • the control terminal may not perform network access processing when the client terminal accesses the network again, and the router may automatically provide the network access verification information to the client terminal according to the network access record.

Abstract

Provided is a method for accessing a network. The method comprises: a control terminal receiving a network access request sent by a router, wherein the network access request comprises identity identification information about an access terminal which requests access to a network; the control terminal performing identity authentication on the access terminal based on the identity identification information; and where the access terminal passes identity authentication, the control terminal providing the access terminal with network access verification information for access to the network, so that the access terminal accesses the network based on the network access verification information.

Description

一种接入网络的方法、控制终端和路由器Method, control terminal and router for accessing network 技术领域Technical field
本公开涉及但不限于网络技术领域,尤其是一种接入网络的方法、控制终端和路由器。The present disclosure relates to, but is not limited to, the field of network technologies, and in particular, to a method, a control terminal and a router for accessing a network.
背景技术Background technique
无线保真(Wireless Fidelity,Wi-Fi)是一种允许电子设备连接到一个无线局域网(Wireless Local Area Network,WLAN)的技术。通常电子设备通过密码连接到无线局域网。Wi-Fi是通过无线电波来连接网络的,常见的就是一个无线路由器,在这个无线路由器的电波覆盖的有效范围都可以采用Wi-Fi连接方式进行联网。越来越多的家庭通过路由器在家中形成无线网络,当访客来家拜访时通过告之入网密码以允许访客连接家庭Wi-Fi。Wireless Fidelity (Wi-Fi) is a technology that allows electronic devices to connect to a Wireless Local Area Network (WLAN). Usually the electronic device is connected to the wireless LAN by a password. Wi-Fi is connected to the network through radio waves. A common wireless router is a wireless router. The wireless coverage of the wireless router can be connected by Wi-Fi connection. More and more families are forming wireless networks at home through routers, and visitors are allowed to connect to home Wi-Fi by telling them when they come to visit.
发明内容Summary of the invention
以下是对本文详细描述的主题的概述。本概述并非是为了限制权利要求的保护范围。The following is an overview of the topics detailed in this document. This Summary is not intended to limit the scope of the claims.
在通过路由器在家中形成无线网络的情况下,可能存在陌生人通过非法手段连接家庭Wi-Fi的现象,为了防止陌生人蹭网,用户可以经常更换入网密码,并在访客下次来家拜访时再次告之新的入网密码。In the case of forming a wireless network through a router at home, there may be a phenomenon in which a stranger connects to the home Wi-Fi through illegal means. In order to prevent strangers from smashing the network, the user can frequently change the network access password and when the visitor visits the next time. Tell the new password again.
本公开提供一种接入网络的方法、控制终端和路由器,通过对访客终端的筛选选择性地允许访客终端接入网络。The present disclosure provides a method of accessing a network, a control terminal, and a router that selectively allows a guest terminal to access the network by screening the guest terminal.
本公开提供一种接入网络的方法,包括:The present disclosure provides a method for accessing a network, including:
控制终端接收路由器发送来的入网请求,所述入网请求包括:请求接入网络的访问终端的身份识别信息;The control terminal receives the network access request sent by the router, where the network access request includes: identity identification information of the access terminal requesting access to the network;
所述控制终端基于所述身份识别信息对所述访问终端进行身份认证;The control terminal performs identity authentication on the access terminal based on the identity identification information;
在所述访问终端通过身份认证的情况下,所述控制终端向所述访问终端提供接入网络的入网验证信息,以供所述访问终端基于所述入网验证信息接入所述网络。 In the case that the access terminal is authenticated by the identity, the control terminal provides the access terminal with the network access authentication information of the access network, so that the access terminal accesses the network based on the network access authentication information.
在一种示例性实施方式中,所述方法还包括:In an exemplary embodiment, the method further includes:
在所述访问终端接入所述网络的情况下,所述控制终端基于所述访问终端的身份识别信息对所述路由器中的接入网络的终端信息集合进行更新;In the case that the access terminal accesses the network, the control terminal updates the terminal information set of the access network in the router based on the identity identification information of the access terminal;
所述接入网络的终端信息集合,包括:允许接入所述网络的访问终端的身份识别信息。The terminal information set of the access network includes: identity identification information of an access terminal that is allowed to access the network.
在一种示例性实施方式中,所述身份识别信息,包括:所述访问终端的MAC地址;In an exemplary embodiment, the identity identification information includes: a MAC address of the access terminal;
所述入网验证信息,包括:入网密码或含有入网密码的图形编码。The network access verification information includes: a network access password or a graphic code including an access network password.
本公开还提供一种接入网络的方法,包括:The disclosure also provides a method for accessing a network, including:
路由器获取请求接入网络的访问终端的身份识别信息;The router acquires identity identification information of the access terminal requesting access to the network;
在所述身份识别信息不存在于接入网络的终端信息集合的情况下,所述路由器向控制终端发送包含所述访问终端的身份识别信息的入网请求,以供所述控制终端基于所述身份识别信息对所述访问终端进行身份认证并在所述访问终端通过身份认证的情况下向所述访问终端提供接入网络的入网验证信息;In the case that the identity identification information does not exist in the terminal information set of the access network, the router sends a network access request including the identity identification information of the access terminal to the control terminal, for the control terminal to be based on the identity. The identification information is used to authenticate the access terminal and provide the access terminal with the network access verification information of the access network if the access terminal passes the identity authentication;
所述接入网络的终端信息集合,包括:允许接入所述网络的访问终端的身份识别信息。The terminal information set of the access network includes: identity identification information of an access terminal that is allowed to access the network.
在一种示例性实施方式中,所述方法还包括:In an exemplary embodiment, the method further includes:
在所述访问终端接入所述网络的情况下,所述路由器基于所述访问终端的身份识别信息对所述路由器中的所述接入网络的终端信息集合进行更新。In a case that the access terminal accesses the network, the router updates the terminal information set of the access network in the router based on the identity identification information of the access terminal.
在一种示例性实施方式中,所述方法还包括:In an exemplary embodiment, the method further includes:
在所述身份识别信息存在于所述接入网络的终端信息集合,且所述访问终端无法成功接入所述网络的情况下,所述路由器将所述网络的入网验证信息发送给所述访问终端,以供所述访问终端根据所述入网验证信息自动接入所述网络。When the identity information exists in the terminal information set of the access network, and the access terminal cannot successfully access the network, the router sends the network access verification information of the network to the access And the terminal, wherein the access terminal automatically accesses the network according to the network access verification information.
在一种示例性实施方式中,所述身份识别信息,包括:所述访问终端的MAC地址;In an exemplary embodiment, the identity identification information includes: a MAC address of the access terminal;
所述入网验证信息,包括:入网密码或含有入网密码的图形编码。The network access verification information includes: a network access password or a graphic code including an access network password.
本公开还提供一种控制终端,包括:The disclosure also provides a control terminal, including:
接收模块,设置为:接收路由器发送来的入网请求,所述入网请求包括: 请求接入网络的访问终端的身份识别信息;The receiving module is configured to: receive a network access request sent by the router, where the network access request includes: The identification information of the access terminal requesting access to the network;
认证模块,设置为:基于所述身份识别信息对所述访问终端进行身份认证;The authentication module is configured to: perform identity authentication on the access terminal based on the identity identification information;
处理模块,设置为:在所述访问终端通过身份认证的情况下,向所述访问终端提供接入网络的入网验证信息,以供所述访问终端基于所述入网验证信息接入所述网络。The processing module is configured to: when the access terminal passes the identity authentication, provide the access terminal with the network access verification information of the access network, so that the access terminal accesses the network based on the network access verification information.
在一种示例性实施方式中,所述控制终端还包括:In an exemplary embodiment, the control terminal further includes:
第一更新模块,设置为:在所述访问终端接入所述网络的情况下,基于所述访问终端的身份识别信息对所述路由器中的接入网络的终端信息集合进行更新;The first update module is configured to: when the access terminal accesses the network, update the terminal information set of the access network in the router based on the identity identification information of the access terminal;
所述接入网络的终端信息集合,包括:允许接入所述网络的访问终端的身份识别信息。The terminal information set of the access network includes: identity identification information of an access terminal that is allowed to access the network.
在一种示例性实施方式中,所述身份识别信息,包括:所述访问终端的MAC地址;In an exemplary embodiment, the identity identification information includes: a MAC address of the access terminal;
所述入网验证信息,包括:入网密码或含有入网密码的图形编码。The network access verification information includes: a network access password or a graphic code including an access network password.
本公开还提供一种路由器,包括:The present disclosure also provides a router, including:
获取模块,设置为:获取请求接入网络的访问终端的身份识别信息;The obtaining module is configured to: obtain identification information of the access terminal requesting access to the network;
请求模块,设置为:在所述身份识别信息不存在于接入网络的终端信息集合的情况下,向控制终端发送包含所述访问终端的身份识别信息的入网请求,以供所述控制终端基于所述身份识别信息对所述访问终端进行身份认证并在所述访问终端通过身份认证的情况下向所述访问终端提供接入网络的入网验证信息;a requesting module, configured to: if the identity identification information does not exist in the terminal information set of the access network, send a network access request including the identity identification information of the access terminal to the control terminal, where the control terminal is based on The identity identification information is used to authenticate the access terminal and provide access verification information of the access network to the access terminal if the access terminal passes the identity authentication;
所述接入网络的终端信息集合,包括:允许接入所述网络的访问终端的身份识别信息。The terminal information set of the access network includes: identity identification information of an access terminal that is allowed to access the network.
在一种示例性实施方式中,所述路由器还包括:In an exemplary embodiment, the router further includes:
第二更新模块,设置为:在所述访问终端接入所述网络的情况下,基于所述访问终端的身份识别信息对所述路由器中的所述接入网络的终端信息集合进行更新。The second update module is configured to: when the access terminal accesses the network, update the terminal information set of the access network in the router based on the identity identification information of the access terminal.
在一种示例性实施方式中,所述路由器还包括:In an exemplary embodiment, the router further includes:
连网模块,设置为:在所述身份识别信息存在于所述接入网络的终端信 息集合,且所述访问终端无法成功接入所述网络的情况下,将所述网络的入网验证信息发送给所述访问终端,以供所述访问终端根据所述入网验证信息自动接入所述网络。a networking module, configured to: the terminal information that the identification information exists in the access network If the access terminal cannot successfully access the network, the network access verification information of the network is sent to the access terminal, so that the access terminal automatically accesses the network according to the network access verification information. Network.
在一种示例性实施方式中,所述身份识别信息,包括:所述访问终端的MAC地址;In an exemplary embodiment, the identity identification information includes: a MAC address of the access terminal;
所述入网验证信息,包括:入网密码或含有入网密码的图形编码。The network access verification information includes: a network access password or a graphic code including an access network password.
本公开实施例还提供了一种计算机可读存储介质,存储有计算机可执行指令,所述计算机可执行指令被执行时实现上述接入网络的方法。Embodiments of the present disclosure also provide a computer readable storage medium storing computer executable instructions that, when executed, implement the above method of accessing a network.
本公开至少具有下列优点:The present disclosure has at least the following advantages:
本公开所述的接入网络的方法、控制终端和路由器,路由器可对接入网络的访问终端进行初步身份认证,如果未通过身份认证则向所述路由器的控制终端发送入网请求,以供所述控制终端进行二次身份认证。针对曾经成功接入所述网络的访问终端,当所述访问终端再次连接所述网络时,所述路由器可将所述网络的最新入网验证信息提供给所述访问终端,以供所述访问终端自动连接所述网络。对于已通过身份认证的客户终端,当所述客户终端再次接入所述网络时所述控制终端可不对其进行入网处理,所述路由器可根据入网记录自动为所述客户终端提供入网验证信息。The method for accessing a network, the control terminal, and the router according to the disclosure, the router may perform preliminary identity authentication on the access terminal accessing the network, and if not authenticated, send a network access request to the control terminal of the router to provide The control terminal performs secondary identity authentication. For the access terminal that has successfully accessed the network, when the access terminal connects to the network again, the router may provide the latest network access verification information of the network to the access terminal for the access terminal. Automatically connect to the network. For the client terminal that has passed the identity authentication, the control terminal may not perform network access processing when the client terminal accesses the network again, and the router may automatically provide the network access verification information to the client terminal according to the network access record.
在阅读并理解了附图和详细描述后,可以明白其他方面。Other aspects will be apparent upon reading and understanding the drawings and detailed description.
附图概述BRIEF abstract
图1为本公开实施例第一实例的接入网络的方法的流程图;1 is a flowchart of a method for accessing a network according to a first example of an embodiment of the present disclosure;
图2为本公开实施例第二实例的接入网络的方法的流程图;2 is a flowchart of a method for accessing a network according to a second example of the embodiment of the present disclosure;
图3为本公开实施例第三实例的控制终端的结构示意图;3 is a schematic structural diagram of a control terminal according to a third example of the embodiment of the present disclosure;
图4为本公开实施例第四实例的路由器的结构示意图;4 is a schematic structural diagram of a router according to a fourth example of the disclosure;
图5为本公开实施例第五实例的接入网络的方法的流程图。FIG. 5 is a flowchart of a method for accessing a network according to a fifth example of the embodiment of the present disclosure.
本公开的较佳实施方式Preferred embodiment of the present disclosure
下面结合附图对本公开的实施方式进行描述。Embodiments of the present disclosure will be described below with reference to the accompanying drawings.
本公开实施例第一实例,一种接入网络的方法,如图1所示,可包括以 下步骤:A first example of the embodiment of the present disclosure, a method for accessing a network, as shown in FIG. 1 , may include Next steps:
步骤S101:控制终端接收路由器发送来的入网请求,所述入网请求包括:请求接入网络的访问终端的身份识别信息。Step S101: The control terminal receives the network access request sent by the router, where the network access request includes: identity identification information of the access terminal requesting access to the network.
可选地,所述控制终端可以为控制所述路由器的终端,所述控制终端可以修改通过所述路由器连接所述网络的入网密码。Optionally, the control terminal may be a terminal that controls the router, and the control terminal may modify an access password of the network connected to the network by using the router.
所述访问终端可以为请求接入所述网络的访客的终端。The access terminal may be a terminal requesting access to a visitor of the network.
所述身份识别信息,可以包括:所述访问终端的媒体访问控制(Media Access Control,MAC)地址。The identity identification information may include: a Media Access Control (MAC) address of the access terminal.
步骤S102:所述控制终端基于所述身份识别信息对所述访问终端进行身份认证。Step S102: The control terminal performs identity authentication on the access terminal based on the identity identification information.
可选地,所述控制终端可以基于所述访问终端的MAC地址,判断所述访问终端是否为可信赖的终端。例如:当访客来家拜访时,若访客想要连接家庭网络,则可以通过所述访客的MAC地址对所述访客进行身份认证核实。Optionally, the control terminal may determine, according to the MAC address of the access terminal, whether the access terminal is a trusted terminal. For example, when a visitor comes to visit a home, if the visitor wants to connect to the home network, the visitor can be authenticated and verified by the visitor's MAC address.
步骤S103:在所述访问终端通过身份认证的情况下,所述控制终端向所述访问终端提供接入网络的入网验证信息,以供所述访问终端基于所述入网验证信息接入所述网络。Step S103: In the case that the access terminal passes the identity authentication, the control terminal provides the access terminal with the network access verification information of the access network, so that the access terminal accesses the network based on the network access verification information. .
可选地,所述入网验证信息,可以包括:入网密码或含有入网密码的图形编码。所述入网密码的图形编码可以包括以下形式:条形码、二维码或者自定义的图形码。例如,当访客通过身份认证时,控制终端可以生成含有入网密码的二维码,访客通过扫描所述二维码即可接入网络。Optionally, the network access verification information may include: an online password or a graphic code including an incoming password. The graphic code of the network access password may include the following forms: a barcode, a two-dimensional code, or a customized graphic code. For example, when the visitor passes the identity authentication, the control terminal can generate a two-dimensional code containing the network access password, and the visitor can access the network by scanning the two-dimensional code.
可选地,所述方法还可以包括:Optionally, the method may further include:
在所述访问终端接入所述网络的情况下,所述控制终端基于所述访问终端的身份识别信息对所述路由器中的接入网络的终端信息集合进行更新;In the case that the access terminal accesses the network, the control terminal updates the terminal information set of the access network in the router based on the identity identification information of the access terminal;
所述接入网络的终端信息集合,包括:允许接入所述网络的访问终端的身份识别信息。The terminal information set of the access network includes: identity identification information of an access terminal that is allowed to access the network.
在所述访问终端接入所述网络的情况下,所述控制终端将所述访客终端的身份识别信息添加到所述路由器中的所述接入网络的终端信息集合中,以供所述路由器根据所述接入网络的终端信息集合对请求接入网络的访问终端进行初步身份认证。 In the case that the access terminal accesses the network, the control terminal adds the identity identification information of the guest terminal to the terminal information set of the access network in the router, for the router Performing preliminary identity authentication on the access terminal requesting access to the network according to the terminal information set of the access network.
本公开实施例第二实例,一种接入网络的方法,如图2所示,可包括以下步骤:A second example of the embodiment of the present disclosure, a method for accessing a network, as shown in FIG. 2, may include the following steps:
步骤S201:路由器获取请求接入网络的访问终端的身份识别信息。Step S201: The router acquires identity identification information of the access terminal requesting access to the network.
可选地,所述访问终端可以为请求接入网络的访客的终端。Optionally, the access terminal may be a terminal that requests a visitor to access the network.
所述身份识别信息,可以包括:所述访问终端的MAC地址。The identification information may include: a MAC address of the access terminal.
步骤S202:在所述身份识别信息不存在于接入网络的终端信息集合的情况下,所述路由器向控制终端发送包含所述访问终端的身份识别信息的入网请求,以供所述控制终端基于所述身份识别信息对所述访问终端进行身份认证并在所述访问终端通过身份认证的情况下向所述访问终端提供接入网络的入网验证信息;Step S202: If the identity identification information does not exist in the terminal information set of the access network, the router sends a network access request including the identity identification information of the access terminal to the control terminal, where the control terminal is based on the control terminal. The identity identification information is used to authenticate the access terminal and provide access verification information of the access network to the access terminal if the access terminal passes the identity authentication;
所述接入网络的终端信息集合,包括:允许接入所述网络的访问终端的身份识别信息。当访问终端成功接入所述网络时,所述访问终端的身份识别信息可存储在所述接入网络的终端信息集合中。The terminal information set of the access network includes: identity identification information of an access terminal that is allowed to access the network. When the access terminal successfully accesses the network, the identity identification information of the access terminal may be stored in a terminal information set of the access network.
所述控制终端可以为控制所述路由器的终端,所述控制终端可以修改通过所述路由器连接所述网络的入网密码。The control terminal may be a terminal that controls the router, and the control terminal may modify an access password of the network connected to the network by using the router.
可选地,当所述访问终端的身份识别信息不存在于所述接入网络的终端信息集合时,可以说明所述访问终端从未接入过所述网络,或者,所述访问终端为不可信赖的访问终端。所以,路由器可以向所述控制终端发送所述入网请求,以供所述控制终端判断所述访问终端是否是可信赖的。Optionally, when the identity information of the access terminal does not exist in the terminal information set of the access network, it may be stated that the access terminal has never accessed the network, or the access terminal is unavailable. Trusted access terminal. Therefore, the router may send the network access request to the control terminal, so that the control terminal determines whether the access terminal is trustworthy.
可选地,所述方法还可以包括:Optionally, the method may further include:
在所述访问终端接入所述网络的情况下,所述路由器基于所述访问终端的身份识别信息对所述路由器中的所述接入网络的终端信息集合进行更新。In a case that the access terminal accesses the network, the router updates the terminal information set of the access network in the router based on the identity identification information of the access terminal.
当所述访问终端通过所述控制终端的身份认证时,所述访问终端可以成功接入网络,并可以将所述访问终端的身份识别信息存储到所述路由器中的所述接入网络的终端信息集合中。When the access terminal is authenticated by the identity of the control terminal, the access terminal may successfully access the network, and may store the identity identification information of the access terminal to the terminal of the access network in the router. In the information collection.
可通过以下两种方式对所述接入网络的终端信息集合中的身份识别信息进行更新:The identity identification information in the terminal information set of the access network may be updated in the following two ways:
第一种,所述控制终端将成功接入网络的访问终端的身份识别信息同步到所述路由器中的接入网络的终端信息集合中。First, the control terminal synchronizes the identity identification information of the access terminal that successfully accesses the network to the terminal information set of the access network in the router.
第二种,所述路由器将成功接入网络的访问终端的身份识别信息自动存 储到所述接入网络的终端信息集合中。Second, the router automatically saves the identification information of the access terminal that successfully accesses the network. Stored in the terminal information set of the access network.
可选地,所述方法还可以包括:Optionally, the method may further include:
在所述身份识别信息存在于所述接入网络的终端信息集合,且所述访问终端无法成功接入所述网络的情况下,所述路由器将所述网络的入网验证信息发送给所述访问终端,以供所述访问终端根据所述入网验证信息自动接入所述网络。When the identity information exists in the terminal information set of the access network, and the access terminal cannot successfully access the network, the router sends the network access verification information of the network to the access And the terminal, wherein the access terminal automatically accesses the network according to the network access verification information.
当访问终端的身份识别信息存在于所述接入网络的终端信息集合时,可以说明所述访问终端曾经成功地接入过所述网络,即所述访问终端为可信赖的访问终端。但是由于控制终端可以在所述访问终端此次访问与上次访问期间对所述路由器的入网密码进行了修改,所以导致所述访问终端在本次访问时不能成功接入所述网络。在此情况下,路由器可自动获取所述网络的最新入网密码,并将所述最新入网密码提供给所述访问终端,以供所述访问终端根据所述最新入网密码自动连接所述网络。When the identity information of the access terminal exists in the terminal information set of the access network, it may be stated that the access terminal has successfully accessed the network, that is, the access terminal is a trusted access terminal. However, since the control terminal can modify the access password of the router during the current access and the last access of the access terminal, the access terminal cannot successfully access the network during the current access. In this case, the router can automatically obtain the latest network access password of the network, and provide the latest network access password to the access terminal, so that the access terminal automatically connects to the network according to the latest network access password.
本公开实施例第三实例,一种控制终端,如图3所示,可包括:A third embodiment of the present disclosure, a control terminal, as shown in FIG. 3, may include:
接收模块301,设置为:接收路由器发送来的入网请求,所述入网请求包括:请求接入网络的访问终端的身份识别信息。The receiving module 301 is configured to: receive a network access request sent by the router, where the network access request includes: identity identification information of the access terminal that requests access to the network.
可选地,所述控制终端可以为控制所述路由器的终端,所述控制终端可以修改通过所述路由器连接所述网络的入网密码。Optionally, the control terminal may be a terminal that controls the router, and the control terminal may modify an access password of the network connected to the network by using the router.
所述访问终端可以为请求接入所述网络的访客的终端。The access terminal may be a terminal requesting access to a visitor of the network.
所述身份识别信息,可以包括:所述访问终端的MAC地址。The identification information may include: a MAC address of the access terminal.
认证模块302,设置为:基于所述身份识别信息对所述访问终端进行身份认证。The authentication module 302 is configured to perform identity authentication on the access terminal based on the identity identification information.
可选地,认证模块302是设置为:Optionally, the authentication module 302 is configured to:
基于所述访问终端的MAC地址,判断所述访问终端是否为可信赖的终端。例如:当访客来家拜访时,若访客想要连接家庭网络,则可以通过所述访客的MAC地址对所述访客进行身份认证核实。Based on the MAC address of the access terminal, it is determined whether the access terminal is a trusted terminal. For example, when a visitor comes to visit a home, if the visitor wants to connect to the home network, the visitor can be authenticated and verified by the visitor's MAC address.
处理模块303,设置为:在所述访问终端通过身份认证的情况下,向所述访问终端提供接入网络的入网验证信息,以供所述访问终端基于所述入网验证信息接入所述网络。 The processing module 303 is configured to: when the access terminal passes the identity authentication, provide the access terminal with the network access verification information of the access network, where the access terminal accesses the network based on the network access verification information. .
可选地,所述入网验证信息,可以包括:入网密码或含有入网密码的图形编码。所述入网密码的图形编码可以包括以下形式:条形码、二维码或者自定义的图形码。例如,当访客通过身份认证时,处理模块303可以生成含有入网密码的二维码,访客可以通过扫描所述二维码即可接入网络。Optionally, the network access verification information may include: an online password or a graphic code including an incoming password. The graphic code of the network access password may include the following forms: a barcode, a two-dimensional code, or a customized graphic code. For example, when the visitor passes the identity authentication, the processing module 303 can generate a two-dimensional code containing the network access password, and the visitor can access the network by scanning the two-dimensional code.
可选地,所述控制终端还可以包括:Optionally, the control terminal may further include:
更新模块,设置为:在所述访问终端接入所述网络的情况下,基于所述访问终端的身份识别信息对所述路由器中的接入网络的终端信息集合进行更新;And an update module, configured to: when the access terminal accesses the network, update a terminal information set of the access network in the router based on the identity identification information of the access terminal;
所述接入网络的终端信息集合,包括:允许接入所述网络的访问终端的身份识别信息。The terminal information set of the access network includes: identity identification information of an access terminal that is allowed to access the network.
在所述访问终端接入所述网络的情况下,所述更新模块可以将所述访客终端的身份识别信息添加到所述路由器中的所述接入网络的终端信息集合中,以供所述路由器根据所述接入网络的终端信息集合对请求接入网络的访问终端进行初步身份认证。In the case that the access terminal accesses the network, the update module may add identity identification information of the guest terminal to a terminal information set of the access network in the router, for the The router performs preliminary identity authentication on the access terminal requesting access to the network according to the terminal information set of the access network.
本公开实施例第四实例,一种路由器,如图4所示,可包括:In a fourth example of the embodiment of the present disclosure, a router, as shown in FIG. 4, may include:
获取模块401,设置为:获取请求接入网络的访问终端的身份识别信息。The obtaining module 401 is configured to: obtain identity identification information of an access terminal that requests access to the network.
可选地,所述访问终端为请求接入网络的访客的终端。Optionally, the access terminal is a terminal that requests a visitor to access the network.
所述身份识别信息,可以包括:所述访问终端的MAC地址。The identification information may include: a MAC address of the access terminal.
请求模块402,设置为:在所述身份识别信息不存在于接入网络的终端信息集合的情况下,向控制终端发送包含所述访问终端的身份识别信息的入网请求,以供所述控制终端基于所述身份识别信息对所述访问终端进行身份认证并在所述访问终端通过身份认证的情况下向所述访问终端提供接入网络的入网验证信息;The requesting module 402 is configured to: if the identity identification information does not exist in the terminal information set of the access network, send a network access request including the identity identification information of the access terminal to the control terminal, where the control terminal is used by the control terminal And performing identity authentication on the access terminal based on the identity identification information, and providing the access terminal with network access verification information of the access network if the access terminal passes the identity authentication;
所述接入网络的终端信息集合,包括:允许接入所述网络的访问终端的身份识别信息。The terminal information set of the access network includes: identity identification information of an access terminal that is allowed to access the network.
所述控制终端可以为控制所述路由器的终端,所述控制终端可以修改通过所述路由器连接所述网络的入网密码。The control terminal may be a terminal that controls the router, and the control terminal may modify an access password of the network connected to the network by using the router.
可选地,当所述访问终端的身份识别信息不存在于所述接入网络的终端信息集合时,可以说明所述访问终端从未接入过所述网络,或者,所述访问 终端为不可信赖的访问终端。所以,请求模块402可以向所述控制终端发送所述入网请求,以供所述控制终端判断所述访问终端是否是可信赖的。Optionally, when the identity identification information of the access terminal does not exist in the terminal information set of the access network, it may be stated that the access terminal has never accessed the network, or the access The terminal is an untrusted access terminal. Therefore, the requesting module 402 can send the network access request to the control terminal, so that the control terminal determines whether the access terminal is trustworthy.
可选地,所述路由器还可以包括:Optionally, the router may further include:
更新模块,设置为:在所述访问终端接入所述网络的情况下,基于所述访问终端的身份识别信息对所述路由器中的所述接入网络的终端信息集合进行更新。And an update module, configured to: when the access terminal accesses the network, update the terminal information set of the access network in the router based on the identity identification information of the access terminal.
连网模块,设置为:在所述身份识别信息存在于所述接入网络的终端信息集合,且所述访问终端无法成功接入所述网络的情况下,将所述网络的入网验证信息发送给所述访问终端,以供所述访问终端根据所述入网验证信息自动接入所述网络。The networking module is configured to: when the identity identification information exists in the terminal information set of the access network, and the access terminal cannot successfully access the network, send the network verification information of the network Giving the access terminal to the access terminal to automatically access the network according to the network access verification information.
本公开实施例第五实例,基于本公开实施例第三实例的控制终端和本公开实施例第四实例的路由器,介绍一种接入网络的方法,如图5所示,可包括以下步骤:A fifth embodiment of the present disclosure, based on the control terminal of the third example of the present disclosure and the router of the fourth example of the embodiment of the present disclosure, introduces a method for accessing a network. As shown in FIG. 5, the following steps may be included:
步骤S501:路由器获取请求接入网络的访问终端的MAC地址。Step S501: The router acquires the MAC address of the access terminal requesting access to the network.
可选地,所述访问终端可以为请求接入网络的访客的终端。Optionally, the access terminal may be a terminal that requests a visitor to access the network.
步骤S502:所述路由器判断所述访问终端是否已成功接入过所述网络,若是,则将所述网络的入网密码发送给所述访问终端,以供所述访问终端根据所述入网密码自动接入所述网络;Step S502: The router determines whether the access terminal has successfully accessed the network, and if yes, sends the network access password of the network to the access terminal, so that the access terminal automatically according to the network access password. Accessing the network;
若否,则执行步骤S503。If no, step S503 is performed.
可选地,步骤S502,可以包括:Optionally, step S502, the method may include:
所述路由器判断所述访问终端的MAC地址是否存在于预设的白名单中;Determining, by the router, whether a MAC address of the access terminal exists in a preset whitelist;
若是,则所述路由器获取所述网络的最新入网密码,并将所述最新入网密码发送给所述访问终端,以供所述访问终端根据所述最新入网密码自动接入所述网络。If yes, the router acquires the latest network access password of the network, and sends the latest network access password to the access terminal, so that the access terminal automatically accesses the network according to the latest network access password.
所述白名单可以存储有已成功接入所述网络的访问终端的MAC地址。本实例中的白名单可以相当于本公开实施例第一至第四实例中的接入网络的终端信息集合。若所述访问终端的MAC地址存在于所述白名单中,则可以说明所述访问终端曾经成功的连接过所述网络,即所述访问终端为可信赖的 终端。The whitelist may store a MAC address of an access terminal that has successfully accessed the network. The white list in this example may correspond to the terminal information set of the access network in the first to fourth examples of the embodiments of the present disclosure. If the MAC address of the access terminal exists in the whitelist, it may be stated that the access terminal has successfully connected to the network, that is, the access terminal is trusted. terminal.
步骤S503:所述路由器向控制终端发送包含所述访问终端的MAC地址的入网请求。Step S503: The router sends a network access request including the MAC address of the access terminal to the control terminal.
可选地,所述控制终端可以为控制所述路由器的终端,所述控制终端可以修改通过所述路由器连接所述网络的入网密码。Optionally, the control terminal may be a terminal that controls the router, and the control terminal may modify an access password of the network connected to the network by using the router.
步骤S504:所述控制终端根据所述访问终端的MAC地址对所述访问终端进行身份认证,若通过身份认证,则执行步骤S505;若未通过身份认证,则拒绝所述访问终端接入所述网络。Step S504: The control terminal performs identity authentication on the access terminal according to the MAC address of the access terminal, and if the identity authentication is performed, step S505 is performed; if the identity authentication is not passed, the access terminal is denied access to the access terminal. The internet.
可选地,所述控制终端可以基于所述访问终端的MAC地址,判断所述访问终端是否为可信赖的终端。例如:当访客来家拜访时,若访客想要连接家庭网络,则可以通过所述访客的MAC地址对所述访客进行身份认证核实。Optionally, the control terminal may determine, according to the MAC address of the access terminal, whether the access terminal is a trusted terminal. For example, when a visitor comes to visit a home, if the visitor wants to connect to the home network, the visitor can be authenticated and verified by the visitor's MAC address.
步骤S505:在所述访问终端通过身份认证的情况下,所述控制终端向所述访问终端提供接入网络的入网验证信息,以供所述访问终端基于所述入网验证信息接入所述网络。Step S505: In the case that the access terminal passes the identity authentication, the control terminal provides the access terminal with the network access verification information of the access network, so that the access terminal accesses the network based on the network access verification information. .
可选地,所述入网验证信息,可以包括:入网密码或含有入网密码的图形编码。所述入网密码的图形编码可以包括以下形式:条形码、二维码或者自定义的图形码。例如,当访客通过身份认证时,控制终端可以生成含有入网密码的二维码,访客可以通过扫描所述二维码即可接入网络。Optionally, the network access verification information may include: an online password or a graphic code including an incoming password. The graphic code of the network access password may include the following forms: a barcode, a two-dimensional code, or a customized graphic code. For example, when the visitor passes the identity authentication, the control terminal can generate a two-dimensional code containing the network access password, and the visitor can access the network by scanning the two-dimensional code.
步骤S506:在所述白名单中添加所述访问终端的MAC地址。Step S506: Add the MAC address of the access terminal to the whitelist.
可选地,步骤S506可以包括:Optionally, step S506 may include:
所述控制终端将成功接入网络的访问终端的身份识别信息同步到所述路由器中的接入网络的终端信息集合中,或者,The control terminal synchronizes the identity identification information of the access terminal that successfully accesses the network to the terminal information set of the access network in the router, or
所述路由器将成功接入网络的访问终端的身份识别信息自动存储到所述接入网络的终端信息集合中。The router automatically stores the identity identification information of the access terminal that successfully accesses the network into the terminal information set of the access network.
可选地,所述白名单可同时存在于所述控制终端和所述路由器中,所述控制终端获取所述终端上的联系人信息,并建立起所述联系人信息与所述白名单中的MAC地址的关联关系。所述联系人信息可以包括:通讯录信息、短信信息、社交软件好友信息等。通过在所述白名单中建立关系人与MAC地址的关联关系,可以清楚知道任一MAC地址所对应的用户信息。 Optionally, the whitelist may exist in the control terminal and the router at the same time, the control terminal acquires contact information on the terminal, and establishes the contact information and the whitelist. The association of the MAC address. The contact information may include: address book information, short message information, social software friend information, and the like. By establishing the association relationship between the person and the MAC address in the white list, the user information corresponding to any MAC address can be clearly known.
本公开实施例第一至第五实例中介绍的接入网络的方法、控制终端和路由器,路由器可对接入网络的访问终端进行初步身份认证,如果未通过身份认证则向所述路由器的控制终端发送入网请求,以供所述控制终端进行二次身份认证。针对曾经成功接入所述网络的访问终端,当所述访问终端再次连接所述网络时,所述路由器可将所述网络的最新入网验证信息提供给所述访问终端,以供所述访问终端自动连接所述网络。对于已通过身份认证的客户终端,当所述客户终端再次接入所述网络时所述控制终端可不对其进行入网处理,所述路由器可根据入网记录自动为所述客户终端提供入网验证信息。The method, the control terminal and the router for accessing the network introduced in the first to fifth embodiments of the present disclosure, the router may perform preliminary identity authentication on the access terminal accessing the network, and control the router if the identity authentication is not passed. The terminal sends a network access request for the control terminal to perform secondary identity authentication. For the access terminal that has successfully accessed the network, when the access terminal connects to the network again, the router may provide the latest network access verification information of the network to the access terminal for the access terminal. Automatically connect to the network. For the client terminal that has passed the identity authentication, the control terminal may not perform network access processing when the client terminal accesses the network again, and the router may automatically provide the network access verification information to the client terminal according to the network access record.
本公开实施例还提供了一种计算机可读存储介质,存储有计算机可执行指令,所述计算机可执行指令被执行时实现上述接入网络的方法。Embodiments of the present disclosure also provide a computer readable storage medium storing computer executable instructions that, when executed, implement the above method of accessing a network.
本领域普通技术人员可以理解,上文中所公开方法中的全部或某些步骤、系统、装置中的功能模块/单元可以被实施为软件、固件、硬件及其适当的组合。在硬件实施方式中,在以上描述中提及的功能模块/单元之间的划分不一定对应于物理组件的划分;例如,一个物理组件可以具有多个功能,或者一个功能或步骤可以由若干物理组件合作执行。某些组件或所有组件可以被实施为由处理器,如数字信号处理器或微处理器执行的软件,或者被实施为硬件,或者被实施为集成电路,如专用集成电路。这样的软件可以分布在计算机可读介质上,计算机可读介质可以包括计算机存储介质(或非暂时性介质)和通信介质(或暂时性介质)。如本领域普通技术人员公知的,术语计算机存储介质包括在用于存储信息(诸如计算机可读指令、数据结构、程序模块或其他数据)的任何方法或技术中实施的易失性和非易失性、可移除和不可移除介质。计算机存储介质包括但不限于随机存取存储器(RAM,Random Access Memory)、只读存储器(ROM,Read-Only Memory)、电可擦除只读存储器(EEPROM,Electrically Erasable Programmable Read-only Memory)、闪存或其他存储器技术、光盘只读存储器(CD-ROM,Compact Disc Read-Only Memory)、数字多功能盘(DVD)或其他光盘存储、磁盒、磁带、磁盘存储或其他磁存储装置、或者可以用于存储期望的信息并且可以被计算机访问的任何其他的介质。此外,本领域普通技术人员公知的是,通信介质通常包含计算机可读指令、数据结构、程序模块或者诸如载波或其他传输机 制之类的调制数据信号中的其他数据,并且可包括任何信息递送介质。Those of ordinary skill in the art will appreciate that all or some of the steps, systems, and functional blocks/units of the methods disclosed above may be implemented as software, firmware, hardware, and suitable combinations thereof. In a hardware implementation, the division between functional modules/units mentioned in the above description does not necessarily correspond to the division of physical components; for example, one physical component may have multiple functions, or one function or step may be composed of several physical The components work together. Some or all of the components may be implemented as software executed by a processor, such as a digital signal processor or microprocessor, or as hardware, or as an integrated circuit, such as an application specific integrated circuit. Such software may be distributed on a computer readable medium, which may include computer storage media (or non-transitory media) and communication media (or transitory media). As is well known to those of ordinary skill in the art, the term computer storage medium includes volatile and nonvolatile, implemented in any method or technology for storing information, such as computer readable instructions, data structures, program modules or other data. Sex, removable and non-removable media. Computer storage media include, but are not limited to, Random Access Memory (RAM), Read-Only Memory (ROM), and Electrically Erasable Programmable Read-only Memory (EEPROM). Flash memory or other memory technology, compact disc read-only memory (CD-ROM), digital versatile disc (DVD) or other optical disc storage, magnetic cassette, magnetic tape, disk storage or other magnetic storage device, or Any other medium used to store the desired information and that can be accessed by the computer. Moreover, it is well known to those skilled in the art that communication media typically includes computer readable instructions, data structures, program modules or a carrier or other transport. Other data in the modulated data signal, and may include any information delivery medium.
本领域的普通技术人员可以理解,可以对本公开的技术方案进行修改或者等同替换,而不脱离本公开技术方案的精神和范围,均应涵盖在本公开的权利要求范围当中。A person skilled in the art can understand that the technical solutions of the present disclosure may be modified or equivalent, without departing from the spirit and scope of the present disclosure, and should be included in the scope of the claims of the present disclosure.
工业实用性Industrial applicability
本公开所述的接入网络的方法、控制终端和路由器,路由器可对接入网络的访问终端进行初步身份认证,如果未通过身份认证则向所述路由器的控制终端发送入网请求,以供所述控制终端进行二次身份认证。针对曾经成功接入所述网络的访问终端,当所述访问终端再次连接所述网络时,所述路由器可将所述网络的最新入网验证信息提供给所述访问终端,以供所述访问终端自动连接所述网络。对于已通过身份认证的客户终端,当所述客户终端再次接入所述网络时所述控制终端可不对其进行入网处理,所述路由器可根据入网记录自动为所述客户终端提供入网验证信息。 The method for accessing a network, the control terminal, and the router according to the disclosure, the router may perform preliminary identity authentication on the access terminal accessing the network, and if not authenticated, send a network access request to the control terminal of the router to provide The control terminal performs secondary identity authentication. For the access terminal that has successfully accessed the network, when the access terminal connects to the network again, the router may provide the latest network access verification information of the network to the access terminal for the access terminal. Automatically connect to the network. For the client terminal that has passed the identity authentication, the control terminal may not perform network access processing when the client terminal accesses the network again, and the router may automatically provide the network access verification information to the client terminal according to the network access record.

Claims (14)

  1. 一种接入网络的方法,包括:A method of accessing a network, comprising:
    控制终端接收路由器发送来的入网请求,所述入网请求包括:请求接入网络的访问终端的身份识别信息;The control terminal receives the network access request sent by the router, where the network access request includes: identity identification information of the access terminal requesting access to the network;
    所述控制终端基于所述身份识别信息对所述访问终端进行身份认证;The control terminal performs identity authentication on the access terminal based on the identity identification information;
    在所述访问终端通过身份认证的情况下,所述控制终端向所述访问终端提供接入网络的入网验证信息,以供所述访问终端基于所述入网验证信息接入所述网络。In the case that the access terminal is authenticated by the identity, the control terminal provides the access terminal with the network access authentication information of the access network, so that the access terminal accesses the network based on the network access authentication information.
  2. 根据权利要求2所述的接入网络的方法,所述方法还包括:The method of accessing a network according to claim 2, the method further comprising:
    在所述访问终端接入所述网络的情况下,所述控制终端基于所述访问终端的身份识别信息对所述路由器中的接入网络的终端信息集合进行更新;In the case that the access terminal accesses the network, the control terminal updates the terminal information set of the access network in the router based on the identity identification information of the access terminal;
    所述接入网络的终端信息集合,包括:允许接入所述网络的访问终端的身份识别信息。The terminal information set of the access network includes: identity identification information of an access terminal that is allowed to access the network.
  3. 根据权利要求1所述的接入网络的方法,其中,所述身份识别信息,包括:所述访问终端的媒体访问控制MAC地址。The method of accessing a network according to claim 1, wherein the identity identification information comprises: a media access control MAC address of the access terminal.
  4. 一种接入网络的方法,包括:A method of accessing a network, comprising:
    路由器获取请求接入网络的访问终端的身份识别信息;The router acquires identity identification information of the access terminal requesting access to the network;
    在所述身份识别信息不存在于接入网络的终端信息集合的情况下,所述路由器向控制终端发送包含所述访问终端的身份识别信息的入网请求,以供所述控制终端基于所述身份识别信息对所述访问终端进行身份认证并在所述访问终端通过身份认证的情况下向所述访问终端提供接入网络的入网验证信息;In the case that the identity identification information does not exist in the terminal information set of the access network, the router sends a network access request including the identity identification information of the access terminal to the control terminal, for the control terminal to be based on the identity. The identification information is used to authenticate the access terminal and provide the access terminal with the network access verification information of the access network if the access terminal passes the identity authentication;
    所述接入网络的终端信息集合,包括:允许接入所述网络的访问终端的身份识别信息。The terminal information set of the access network includes: identity identification information of an access terminal that is allowed to access the network.
  5. 根据权利要求4所述的接入网络的方法,所述方法还包括:The method of accessing a network according to claim 4, the method further comprising:
    在所述访问终端接入所述网络的情况下,所述路由器基于所述访问终端的身份识别信息对所述路由器中的所述接入网络的终端信息集合进行更新。In a case that the access terminal accesses the network, the router updates the terminal information set of the access network in the router based on the identity identification information of the access terminal.
  6. 根据权利要求4所述的接入网络的方法,所述方法还包括:The method of accessing a network according to claim 4, the method further comprising:
    在所述身份识别信息存在于所述接入网络的终端信息集合,且所述访问 终端无法成功接入所述网络的情况下,所述路由器将所述网络的入网验证信息发送给所述访问终端,以供所述访问终端根据所述入网验证信息自动接入所述网络。The identification information exists in a terminal information set of the access network, and the access In the case that the terminal cannot successfully access the network, the router sends the network access authentication information of the network to the access terminal, so that the access terminal automatically accesses the network according to the network access authentication information.
  7. 根据权利要6所述的接入网络的方法,其中,所述身份识别信息,包括:所述访问终端的媒体访问控制MAC地址;The method for accessing a network according to claim 6, wherein the identity identification information comprises: a media access control MAC address of the access terminal;
    所述入网验证信息,包括:入网密码或含有入网密码的图形编码。The network access verification information includes: a network access password or a graphic code including an access network password.
  8. 一种控制终端,包括:A control terminal includes:
    接收模块,设置为:接收路由器发送来的入网请求,所述入网请求包括:请求接入网络的访问终端的身份识别信息;The receiving module is configured to: receive a network access request sent by the router, where the network access request includes: identity identification information of the access terminal that requests access to the network;
    认证模块,设置为:基于所述身份识别信息对所述访问终端进行身份认证;The authentication module is configured to: perform identity authentication on the access terminal based on the identity identification information;
    处理模块,设置为:在所述访问终端通过身份认证的情况下,向所述访问终端提供接入网络的入网验证信息,以供所述访问终端基于所述入网验证信息接入所述网络。The processing module is configured to: when the access terminal passes the identity authentication, provide the access terminal with the network access verification information of the access network, so that the access terminal accesses the network based on the network access verification information.
  9. 根据权利要求8所述的控制终端,所述控制终端还包括:The control terminal according to claim 8, wherein the control terminal further comprises:
    第一更新模块,设置为:在所述访问终端接入所述网络的情况下,基于所述访问终端的身份识别信息对所述路由器中的接入网络的终端信息集合进行更新;The first update module is configured to: when the access terminal accesses the network, update the terminal information set of the access network in the router based on the identity identification information of the access terminal;
    所述接入网络的终端信息集合,包括:允许接入所述网络的访问终端的身份识别信息。The terminal information set of the access network includes: identity identification information of an access terminal that is allowed to access the network.
  10. 根据权利要求8所述的控制终端,其中,所述身份识别信息,包括:所述访问终端的媒体访问控制MAC地址;The control terminal according to claim 8, wherein the identity identification information comprises: a media access control MAC address of the access terminal;
    所述入网验证信息,包括:入网密码或含有入网密码的图形编码。The network access verification information includes: a network access password or a graphic code including an access network password.
  11. 一种路由器,包括:A router that includes:
    获取模块,设置为:获取请求接入网络的访问终端的身份识别信息;The obtaining module is configured to: obtain identification information of the access terminal requesting access to the network;
    请求模块,设置为:在所述身份识别信息不存在于接入网络的终端信息集合的情况下,向控制终端发送包含所述访问终端的身份识别信息的入网请求,以供所述控制终端基于所述身份识别信息对所述访问终端进行身份认证并在所述访问终端通过身份认证的情况下向所述访问终端提供接入网络的入网验证信息; a requesting module, configured to: if the identity identification information does not exist in the terminal information set of the access network, send a network access request including the identity identification information of the access terminal to the control terminal, where the control terminal is based on The identity identification information is used to authenticate the access terminal and provide access verification information of the access network to the access terminal if the access terminal passes the identity authentication;
    所述接入网络的终端信息集合,包括:允许接入所述网络的访问终端的身份识别信息。The terminal information set of the access network includes: identity identification information of an access terminal that is allowed to access the network.
  12. 根据权利要求11所述的路由器,所述路由器还包括:The router of claim 11, the router further comprising:
    第二更新模块,设置为:在所述访问终端接入所述网络的情况下,基于所述访问终端的身份识别信息对所述路由器中的所述接入网络的终端信息集合进行更新。The second update module is configured to: when the access terminal accesses the network, update the terminal information set of the access network in the router based on the identity identification information of the access terminal.
  13. 根据权利要求11所述的路由器,所述路由器还包括:The router of claim 11, the router further comprising:
    连网模块,设置为:在所述身份识别信息存在于所述接入网络的终端信息集合,且所述访问终端无法成功接入所述网络的情况下,将所述网络的入网验证信息发送给所述访问终端,以供所述访问终端根据所述入网验证信息自动接入所述网络。The networking module is configured to: when the identity identification information exists in the terminal information set of the access network, and the access terminal cannot successfully access the network, send the network verification information of the network Giving the access terminal to the access terminal to automatically access the network according to the network access verification information.
  14. 根据权利要求13所述的路由器,其中,所述身份识别信息,包括:所述访问终端的媒体访问控制MAC地址;The router according to claim 13, wherein the identity identification information comprises: a media access control MAC address of the access terminal;
    所述入网验证信息,包括:入网密码或含有入网密码的图形编码。 The network access verification information includes: a network access password or a graphic code including an access network password.
PCT/CN2017/112654 2016-11-24 2017-11-23 Method for accessing network, and control terminal and router WO2018095372A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201611050783.X 2016-11-24
CN201611050783.XA CN108112014A (en) 2016-11-24 2016-11-24 A kind of method, control terminal and router for accessing network

Publications (1)

Publication Number Publication Date
WO2018095372A1 true WO2018095372A1 (en) 2018-05-31

Family

ID=62194771

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2017/112654 WO2018095372A1 (en) 2016-11-24 2017-11-23 Method for accessing network, and control terminal and router

Country Status (2)

Country Link
CN (1) CN108112014A (en)
WO (1) WO2018095372A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2023030000A1 (en) * 2021-08-30 2023-03-09 展讯半导体(成都)有限公司 Wireless network connection access control method and apparatus, storage medium, and terminal

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108966229A (en) * 2018-06-27 2018-12-07 上海康斐信息技术有限公司 A kind of method and terminal logging in wireless router
CN109087468B (en) * 2018-07-03 2020-10-30 创新先进技术有限公司 Display code broadcasting equipment, account binding and payment service processing method and device
CN110784317B (en) 2019-10-30 2022-09-13 京东方科技集团股份有限公司 Data encryption interaction method, device and system
CN113709711A (en) * 2020-10-29 2021-11-26 天翼智慧家庭科技有限公司 Automatic network access method for Bluetooth terminal equipment
JP2023550622A (en) * 2020-11-20 2023-12-04 華為技術有限公司 Method and related apparatus for determining trusted terminals
CN115119001A (en) * 2021-03-17 2022-09-27 阿里巴巴新加坡控股有限公司 Live broadcast control method, device, electronic equipment, medium and program product

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104363631A (en) * 2014-10-24 2015-02-18 小米科技有限责任公司 Connection method, device and system of wireless router
CN105338529A (en) * 2015-11-18 2016-02-17 Tcl集团股份有限公司 Wireless network connecting method and system
US9344421B1 (en) * 2006-05-16 2016-05-17 A10 Networks, Inc. User access authentication based on network access point
CN105743844A (en) * 2014-12-08 2016-07-06 联想(北京)有限公司 Information processing method and electronic device

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
NO2924944T3 (en) * 2014-03-25 2018-08-11
CN105554757A (en) * 2016-01-19 2016-05-04 成都飞鱼星科技股份有限公司 Wireless access authentication method based on cloud

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9344421B1 (en) * 2006-05-16 2016-05-17 A10 Networks, Inc. User access authentication based on network access point
CN104363631A (en) * 2014-10-24 2015-02-18 小米科技有限责任公司 Connection method, device and system of wireless router
CN105743844A (en) * 2014-12-08 2016-07-06 联想(北京)有限公司 Information processing method and electronic device
CN105338529A (en) * 2015-11-18 2016-02-17 Tcl集团股份有限公司 Wireless network connecting method and system

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2023030000A1 (en) * 2021-08-30 2023-03-09 展讯半导体(成都)有限公司 Wireless network connection access control method and apparatus, storage medium, and terminal

Also Published As

Publication number Publication date
CN108112014A (en) 2018-06-01

Similar Documents

Publication Publication Date Title
WO2018095372A1 (en) Method for accessing network, and control terminal and router
US9531835B2 (en) System and method for enabling wireless social networking
JP6599341B2 (en) Method, device and system for dynamic network access management
JP7459928B2 (en) Single sign-on (SSO) authentication with multiple authentication options
US9336378B2 (en) Credential sharing
US11096051B2 (en) Connection establishment method, device, and system
US11601429B2 (en) Network service control for access to wireless radio networks
US20180288617A1 (en) Transferable ownership tokens for discrete, identifiable devices
US11765164B2 (en) Server-based setup for connecting a device to a local area network
US10469484B1 (en) Automatic discovery and retrieval of interoperable applications
US20170150358A1 (en) Method and apparatus of triggering applications in a wireless environment
KR20160081973A (en) Network access
US20170238236A1 (en) Mac address-bound wlan password
US11019560B2 (en) Selective cloud-based SSID (service set identifier) steering for allowing different levels of access for wireless network friends when onboarding on Wi-Fi networks
US10341114B2 (en) Providing device, terminal device, providing method, non-transitory computer readable storage medium, and authentication processing system
US9853975B2 (en) Restricting access to content based on measurements of user terminal operational performance
WO2017020551A1 (en) Method and device for managing wireless access point
WO2018010256A1 (en) Method and device for wi-fi sharing
US10785165B2 (en) Method for controlling service data flow and network device
WO2016180223A1 (en) Wireless communication device management method and wireless communication device
US9935931B2 (en) Authorizing user access to resource by determining whether other, authorized users have indicated that the user should be permitted access
CN110048864B (en) Method and apparatus for authenticating an administrator of a device-specific message group
JP6813030B2 (en) Communications system
US20190205521A1 (en) User authentication integration device and method, and recording medium
WO2018014555A1 (en) Data transmission control method and apparatus

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17873135

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17873135

Country of ref document: EP

Kind code of ref document: A1