[go: up one dir, main page]

CN111314917B - Method for controlling wireless terminal access and wireless access point - Google Patents

Method for controlling wireless terminal access and wireless access point Download PDF

Info

Publication number
CN111314917B
CN111314917B CN202010109679.3A CN202010109679A CN111314917B CN 111314917 B CN111314917 B CN 111314917B CN 202010109679 A CN202010109679 A CN 202010109679A CN 111314917 B CN111314917 B CN 111314917B
Authority
CN
China
Prior art keywords
address information
information
module
wireless terminal
access point
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN202010109679.3A
Other languages
Chinese (zh)
Other versions
CN111314917A (en
Inventor
马小文
马广鹏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Tianhe Communication Co ltd
Original Assignee
Shenzhen Tianhe Communication Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Tianhe Communication Co ltd filed Critical Shenzhen Tianhe Communication Co ltd
Priority to CN202010109679.3A priority Critical patent/CN111314917B/en
Publication of CN111314917A publication Critical patent/CN111314917A/en
Application granted granted Critical
Publication of CN111314917B publication Critical patent/CN111314917B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W48/00Access restriction; Network selection; Access point selection
    • H04W48/08Access restriction or access information delivery, e.g. discovery data delivery
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W48/00Access restriction; Network selection; Access point selection
    • H04W48/16Discovering, processing access restriction or access information
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/70Reducing energy consumption in communication networks in wireless communication networks

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention discloses a method for controlling wireless terminal access and a wireless access point, which belong to the technical field of wireless communication technology, and comprise a control system, wherein the control system comprises a common address information module, an authentication module, a timing check module and an address comparison module; the wireless access point can perform address inspection on the interacted wireless terminal at regular time, and interrupt interaction with the wireless terminal with abnormal address information.

Description

一种控制无线终端接入的方法及无线接入点Method for controlling wireless terminal access and wireless access point

技术领域technical field

本发明涉及无线通讯技术的技术领域,尤其是涉及一种控制无线终端接入的方法及无线接入点。The present invention relates to the technical field of wireless communication technology, in particular to a method for controlling wireless terminal access and a wireless access point.

背景技术Background technique

目前在大面积无线局域网络(WirelessLocalAreaNetworks,WLAN)部署中,2.4G频段的无线网络占主流,此时无线终端由于受到同一无线接入点(AccessPoint,AP)下其他用户竞争,或受到其它AP的同频干扰,无线终端的性能将会迅速下降。双频AP的出现,可以分流部分支持5G频段(指的是5.1G至5.8G之间的频段,包括5.8G)的无线终端数据,减小2.4G频段的带宽竞争和流量压力。At present, in the deployment of large-area wireless local area networks (Wireless Local Area Networks, WLAN), the wireless network of the 2.4G frequency band is the mainstream. If there is co-channel interference, the performance of the wireless terminal will drop rapidly. The emergence of dual-band APs can offload part of the wireless terminal data that supports the 5G frequency band (referring to the frequency band between 5.1G and 5.8G, including 5.8G), reducing bandwidth competition and traffic pressure in the 2.4G frequency band.

现有技术可参考授权公告号为CN103813410B的中国发明专利,其公开了一种控制无线终端接入的方法及无线接入点,方法包括:无线接入点AP接收无线终端发送的探测请求帧和第一关联请求帧;根据所述探测请求帧判断所述无线终端是否支持5G频段;判断所述第一关联请求帧是否来自于5G频段;如果所述无线终端支持5G频段且所述第一关联请求帧来自于5G频段,则允许所述无线终端接入;如果所述无线终端支持5G频段,但所述第一关联请求帧来自于2.4G频段,则继续接收所述无线终端发送的第二关联请求帧,直至所述第二关联帧来自于5G频段时才允许所述无线终端接入。For the prior art, please refer to the Chinese invention patent whose authorized announcement number is CN103813410B, which discloses a method for controlling wireless terminal access and a wireless access point. The method includes: the wireless access point AP receives the detection request frame sent by the wireless terminal and The first association request frame; judging whether the wireless terminal supports the 5G frequency band according to the detection request frame; judging whether the first association request frame comes from the 5G frequency band; if the wireless terminal supports the 5G frequency band and the first association If the request frame comes from the 5G frequency band, the wireless terminal is allowed to access; if the wireless terminal supports the 5G frequency band, but the first association request frame comes from the 2.4G frequency band, continue to receive the second association request frame sent by the wireless terminal. An association request frame, and the wireless terminal is not allowed to access until the second association frame comes from the 5G frequency band.

上述中的现有技术方案存在以下缺陷:现在无线通讯技术不断发展,无线信号的频段也越来越多,无线终端也越来越多,一个无线终端可能被多个无线信号覆盖,无线终端必须与无线信号经过扫描、认证和关联才能进行数据沟通,但是如果在这个过程中有其他无线终端劫持或破译了认证方式,则可能会盗用无线信号,甚至劫取私人信息。The above existing technical solutions have the following defects: as wireless communication technology continues to develop, there are more and more frequency bands of wireless signals, and there are more and more wireless terminals. One wireless terminal may be covered by multiple wireless signals, and the wireless terminal must Data communication can only be carried out after scanning, authentication and association with the wireless signal, but if other wireless terminals hijack or decipher the authentication method during this process, the wireless signal may be stolen, or even private information may be hijacked.

发明内容Contents of the invention

本发明的目的是提供一种控制无线终端接入的方法,能够防止他人盗用无线终端传输的信息,保证了无线信号传输的安全性。The purpose of the present invention is to provide a method for controlling access of a wireless terminal, which can prevent others from misappropriating the information transmitted by the wireless terminal and ensure the security of wireless signal transmission.

本发明的上述技术目的是通过以下技术方案得以实现的:Above-mentioned technical purpose of the present invention is achieved through the following technical solutions:

一种控制无线终端接入,包括以下步骤:A control wireless terminal access, comprising the following steps:

一、无线接入点发出无线信号,无线终端接收无线信号并向无线接入点发送带有地址信息的认证信息;1. The wireless access point sends out a wireless signal, and the wireless terminal receives the wireless signal and sends authentication information with address information to the wireless access point;

二、无线接入点接收认证信息后进行认证并保存认证信息,若认证通过则向无线终端发送请求许可并与无线终端进行交互;2. After receiving the authentication information, the wireless access point performs authentication and saves the authentication information. If the authentication is passed, it sends a request for permission to the wireless terminal and interacts with the wireless terminal;

三、无线接入点定时调用无线终端的地址信息并在自身存储的常用地址信息库进行检索;3. The wireless access point periodically invokes the address information of the wireless terminal and retrieves it from the common address information database stored by itself;

四、若没有检索到则向无线终端发送地址调用请求;4. If not retrieved, send an address calling request to the wireless terminal;

五、无线终端接收到调用请求后向无线接入点发送地址信息;5. After receiving the call request, the wireless terminal sends address information to the wireless access point;

六、无线接入点接收到地址信息后将地址信息与保存的认证信息中的地址信息进行对比,若不同则中断与该无线终端的交互。6. After receiving the address information, the wireless access point compares the address information with the address information in the stored authentication information, and if they are different, interrupts the interaction with the wireless terminal.

通过采用上述方案,无线接入点会定时对交互的无线终端进行地址检测,以保证不会有其他无线终端盗用无线信号,有效保证了无线信号传输的安全性和可靠性,主要能够防止他人盗用无线终端传输的信息,本方法适合家用或办公场所实使用。By adopting the above solution, the wireless access point will periodically detect the address of the interacting wireless terminal to ensure that no other wireless terminal will steal the wireless signal, effectively ensuring the security and reliability of wireless signal transmission, and mainly preventing others from stealing For the information transmitted by the wireless terminal, this method is suitable for practical use in home or office.

本发明进一步设置为:第六步还包括:The present invention is further set to: the sixth step also includes:

六a、若无线接入点接收到的地址信息与保存的认证信息中的地址信息相同,则将该地址信息进行一次计数;6. a. If the address information received by the wireless access point is the same as the address information in the stored authentication information, count the address information once;

六b、当同一地址信息的计数达到预设值时将该地址信息添加至常用地址信息库中。6. b. When the count of the same address information reaches a preset value, the address information is added to the common address information database.

通过采用上述方案,无线接入点能够自动将多次通过检查的地址信息添加至常用地址信息库中,减少检查流程。By adopting the above solution, the wireless access point can automatically add the address information that has passed the inspection multiple times to the common address information database, thereby reducing the inspection process.

本发明进一步设置为:还包括以下步骤:The present invention is further set to: also comprise the following steps:

七、无线接入点接收本地输入的地址信息并将输入的地址信息添加至常用地址信息库中。Seventh, the wireless access point receives the locally input address information and adds the input address information to the common address information database.

通过采用上述方案,用户可以直接在无线接入点处管理常用地址信息库。By adopting the above solution, the user can directly manage the common address information database at the wireless access point.

本发明进一步设置为:还包括以下步骤:The present invention is further set to: also comprise the following steps:

八、无线接入点若同时接收到多个相同的地址信息,则向每个地址信息来源发送报警信息。Eighth, if the wireless access point receives multiple identical address information at the same time, it sends an alarm message to each address information source.

通过采用上述方案,无线接入点会提醒无线终端的用户信息可能存在被盗用风险,阻止用户发送私密信息。By adopting the above solution, the wireless access point will remind the user information of the wireless terminal that there may be a risk of being stolen, and prevent the user from sending private information.

本发明进一步设置为:步骤八还包括:The present invention is further set to: step eight also includes:

八a、无线接入点在发送报警信息后,向对应地址信息的无线终端发送深度信息请求,无线终端接收到深度信息请求后选择是否向无线接入点发送无线终端详细信息,若无线接入点没有接收到无线终端发送的无线终端详细信息,则锁定对应无线终端。Eight a. After sending the alarm information, the wireless access point sends a depth information request to the wireless terminal corresponding to the address information. After receiving the depth information request, the wireless terminal chooses whether to send the wireless terminal detailed information to the wireless access point. If the wireless access If the point does not receive the detailed information of the wireless terminal sent by the wireless terminal, the corresponding wireless terminal is locked.

通过采用上述方案,无线终端会自动向多个地址信息相同的无线终端发送请求,若无线终端拒绝发送详细信息,则可以锁定该无线终端,方便进行断线、追踪等操作,若无线终端选择发送详细信息,用户也可以通过无线接入点查看详细信息来分辨无线终端。By adopting the above solution, the wireless terminal will automatically send requests to multiple wireless terminals with the same address information. If the wireless terminal refuses to send detailed information, the wireless terminal can be locked to facilitate operations such as disconnection and tracking. If the wireless terminal chooses to send For detailed information, the user can also view the detailed information through the wireless access point to identify the wireless terminal.

本发明的目的是提供一种无线接入点,能够防止他人盗用无线终端传输的信息,保证了无线信号传输的安全性。The purpose of the present invention is to provide a wireless access point, which can prevent others from misappropriating the information transmitted by the wireless terminal, and ensures the security of wireless signal transmission.

本发明的上述技术目的是通过以下技术方案得以实现的:Above-mentioned technical purpose of the present invention is achieved through the following technical solutions:

一种无线接入点,包括控制系统,控制系统包括常用地址信息模块、认证模块、定时检查模块和地址比对模块;A wireless access point, including a control system, the control system includes a common address information module, an authentication module, a timing check module and an address comparison module;

所述常用地址信息模块作为常用地址信息库存储常用地址信息;The common address information module stores common address information as a common address information database;

所述认证模块存储有认证规则,认证模块接收外界输入的认证信息并根据认证规则对认证信息进行认证,认证通过则向认证信息来源发送请求许可并与认证信息来源进行交互,同时认证模块输出带有认证信息的启动信号;The authentication module stores authentication rules. The authentication module receives authentication information input from the outside and authenticates the authentication information according to the authentication rules. If the authentication passes, it sends a request for permission to the authentication information source and interacts with the authentication information source. At the same time, the authentication module outputs a A start signal with authentication information;

所述定时检查模块接受认证模块输出的启动信号,当定时检查模块接收到启动信号后开始计时,当计时达到设定值时调用对应来源的交互中的无线信息中的地址信息,并用调用的地址信息在常用地址信息模块检索地址信息,若没有检索到则输出对比信号;The timing check module accepts the start signal output by the authentication module, starts timing when the timing check module receives the start signal, and calls the address information in the wireless information in the interaction of the corresponding source when the timing reaches the set value, and uses the called address The information retrieves the address information in the common address information module, and outputs a comparison signal if it is not retrieved;

所述地址比对模块接受定时检查模块输出的对比信号,当地址比对模块接收到对比信号后向对应的无线终端发送地址调用请求,地址比对模块接收对应无线终端发送的地址信息并将地址信息与保存的认证信息中的地址信息进行对比,若不同则控制无线接入点与该无线终端中止交互。The address comparison module accepts the comparison signal output by the timing inspection module, and when the address comparison module receives the comparison signal, it sends an address call request to the corresponding wireless terminal, and the address comparison module receives the address information sent by the corresponding wireless terminal and sends the address The information is compared with the address information in the stored authentication information, and if they are different, the wireless access point is controlled to stop interacting with the wireless terminal.

通过采用上述方案,无线接入点会定时对交互的无线终端进行地址检测,以保证不会有其他无线终端盗用无线信号,有效保证了无线信号传输的安全性和可靠性,主要能够防止他人盗用无线终端传输的信息,本产品适合家用或办公场所实使用。By adopting the above solution, the wireless access point will periodically detect the address of the interacting wireless terminal to ensure that no other wireless terminal will steal the wireless signal, effectively ensuring the security and reliability of wireless signal transmission, and mainly preventing others from stealing The information transmitted by the wireless terminal, this product is suitable for practical use in home or office.

本发明进一步设置为:控制系统还包括地址计数模块,所述地址计数模块连接地址比对模块,若地址比对模块对比地址信息与保存的认证信息中的地址信息相同,则将该地址信息进行一次计数,当计数达到预设值时将该地址信息发送给常用地址信息模块进行存储。The present invention is further set as: the control system also includes an address counting module, the address counting module is connected to the address comparison module, if the address comparison module compares the address information with the address information in the stored authentication information, then the address information is One count, when the count reaches the preset value, the address information is sent to the common address information module for storage.

通过采用上述方案,无线接入点能够自动将多次通过检查的地址信息添加至常用地址信息库中,减少检查流程。By adopting the above solution, the wireless access point can automatically add the address information that has passed the inspection multiple times to the common address information database, thereby reducing the inspection process.

本发明进一步设置为:控制系统还包括手动添加模块,所述手动添加模块接收外界输入的地址信息并将地址信息传输给常用地址信息模块进行存储。The present invention is further set as: the control system further includes a manual adding module, the manual adding module receives the address information input from the outside and transmits the address information to the common address information module for storage.

通过采用上述方案,用户可以直接通过手动添加模块管理常用地址信息库。By adopting the above solution, the user can directly manage the common address information base by manually adding modules.

本发明进一步设置为:控制系统还包括报警模块;The present invention is further set as: the control system also includes an alarm module;

所述地址比对模块在同时接收到多个相同的地址信息时向报警模块发送地址信息;The address comparison module sends address information to the alarm module when receiving multiple identical address information at the same time;

所述报警模块存储有预设的报警信息,报警模块接收地址信息后向对应地址信息发送报警信息。The alarm module stores preset alarm information, and the alarm module sends alarm information to the corresponding address information after receiving the address information.

通过采用上述方案,无线接入点会提醒无线终端的用户信息可能存在被盗用风险,阻止用户发送私密信息。By adopting the above solution, the wireless access point will remind the user information of the wireless terminal that there may be a risk of being stolen, and prevent the user from sending private information.

本发明进一步设置为:所述报警模块接收地址信息后向对应地址信息发送深度信息请求并进行计时,若计时达到预设值时报警模块没有接收到无线终端详细信息,则锁定对应无线终端,若报警模块接收到无线终端详细信息,则停止计时并保存无线终端详细信息。The present invention is further set as: the alarm module sends a depth information request to the corresponding address information after receiving the address information and performs timing, if the alarm module does not receive the detailed information of the wireless terminal when the timing reaches the preset value, then locks the corresponding wireless terminal, if When the alarm module receives the detailed information of the wireless terminal, it stops timing and saves the detailed information of the wireless terminal.

通过采用上述方案,无线终端会自动向多个地址信息相同的无线终端发送请求,若无线终端拒绝发送详细信息,则可以锁定该无线终端,方便进行断线、追踪等操作,若无线终端选择发送详细信息,用户也可以通过无线接入点查看详细信息来分辨无线终端。By adopting the above solution, the wireless terminal will automatically send requests to multiple wireless terminals with the same address information. If the wireless terminal refuses to send detailed information, the wireless terminal can be locked to facilitate operations such as disconnection and tracking. If the wireless terminal chooses to send For detailed information, the user can also view the detailed information through the wireless access point to identify the wireless terminal.

综上所述,本发明具有以下有益效果:In summary, the present invention has the following beneficial effects:

1. 无线接入点会定时对交互的无线终端进行地址检测,以保证不会有其他无线终端盗用无线信号,有效保证了无线信号传输的安全性和可靠性,主要能够防止他人盗用无线终端传输的信息。1. The wireless access point will periodically detect the address of the interacting wireless terminal to ensure that no other wireless terminal will steal the wireless signal, effectively ensuring the security and reliability of wireless signal transmission, and mainly preventing others from stealing the wireless terminal transmission. Information.

2. 无线终端会自动向多个地址信息相同的无线终端发送请求,若无线终端拒绝发送详细信息,则可以锁定该无线终端,方便进行断线、追踪等操作,若无线终端选择发送详细信息,用户也可以通过无线接入点查看详细信息来分辨无线终端。2. The wireless terminal will automatically send requests to multiple wireless terminals with the same address information. If the wireless terminal refuses to send detailed information, the wireless terminal can be locked to facilitate operations such as disconnection and tracking. If the wireless terminal chooses to send detailed information, Users can also identify wireless terminals by checking detailed information of wireless access points.

附图说明Description of drawings

图1是实施例二的整体系统框图。Fig. 1 is the overall system block diagram of the second embodiment.

图中,1、常用地址信息模块;2、认证模块;3、手动添加模块;4、地址计数模块;5、定时检查模块;6、地址比对模块;7、报警模块。In the figure, 1. common address information module; 2. authentication module; 3. manual adding module; 4. address counting module; 5. regular check module; 6. address comparison module; 7. alarm module.

具体实施方式Detailed ways

实施例一:一种控制无线终端接入的方法,具体步骤如下:Embodiment 1: a method for controlling wireless terminal access, the specific steps are as follows:

步骤一、无线接入点发出无线信号,无线终端接收无线信号并向无线接入点发送带有地址信息的认证信息。Step 1: The wireless access point sends out a wireless signal, and the wireless terminal receives the wireless signal and sends authentication information with address information to the wireless access point.

步骤二、无线接入点接收认证信息后进行认证并保存认证信息,若认证通过则向无线终端发送请求许可并与无线终端进行交互。Step 2: After receiving the authentication information, the wireless access point performs authentication and saves the authentication information, and if the authentication is passed, sends a request for permission to the wireless terminal and interacts with the wireless terminal.

步骤三、无线接入点建立常用地址信息库。无线接入点定时调用无线终端的地址信息并在自身存储的常用地址信息库进行检索。Step 3: The wireless access point establishes a common address information database. The wireless access point regularly calls the address information of the wireless terminal and searches it in the common address information database stored by itself.

步骤四、若没有检索到则向无线终端发送地址调用请求。Step 4, if not retrieved, send an address call request to the wireless terminal.

步骤五、无线终端接收到调用请求后向无线接入点发送地址信息。Step 5: After receiving the call request, the wireless terminal sends address information to the wireless access point.

步骤六、无线接入点接收到地址信息后将地址信息与保存的认证信息中的地址信息进行对比,若不同则中断与该无线终端的交互。若无线接入点接收到的地址信息与保存的认证信息中的地址信息相同,则将该地址信息进行一次计数,当同一地址信息的计数达到预设值时将该地址信息添加至常用地址信息库中。Step 6: After receiving the address information, the wireless access point compares the address information with the address information in the stored authentication information, and if they are different, interrupts the interaction with the wireless terminal. If the address information received by the wireless access point is the same as the address information in the saved authentication information, the address information is counted once, and when the count of the same address information reaches the preset value, the address information is added to the common address information library.

步骤七、无线接入点接收本地输入的地址信息并将输入的地址信息添加至常用地址信息库中。Step 7: The wireless access point receives the locally input address information and adds the input address information to the common address information database.

步骤八、无线接入点若同时接收到多个相同的地址信息,则向每个地址信息来源发送报警信息。无线接入点在发送报警信息后,向对应地址信息的无线终端发送深度信息请求。无线终端接收到深度信息请求后选择是否向无线接入点发送无线终端详细信息。若无线接入点没有接收到无线终端发送的无线终端详细信息,则锁定对应无线终端。Step 8: If the wireless access point receives multiple identical address information at the same time, it sends an alarm message to each address information source. After sending the alarm information, the wireless access point sends a depth information request to the wireless terminal corresponding to the address information. After receiving the in-depth information request, the wireless terminal selects whether to send the detailed information of the wireless terminal to the wireless access point. If the wireless access point does not receive the detailed information of the wireless terminal sent by the wireless terminal, it locks the corresponding wireless terminal.

无线接入点会定时对交互的无线终端进行地址检测,以保证不会有其他无线终端盗用无线信号,有效保证了无线信号传输的安全性和可靠性。无线接入点会自动添加常用地址信息,也可手动添加。若出现多个相同的地址信息,则可能存在无线终端地址被劫持的可能,无线接入点会提醒无线终端的用户信息可能存在被盗用风险,阻止用户发送私密信息。无线终端会自动向多个地址信息相同的无线终端发送请求,若无线终端拒绝发送详细信息,则可以锁定该无线终端,方便进行断线、追踪等操作。若无线终端选择发送详细信息,用户也可以通过无线接入点查看详细信息来分辨无线终端。The wireless access point will regularly detect the address of the interacting wireless terminal to ensure that no other wireless terminal will steal the wireless signal, effectively ensuring the security and reliability of wireless signal transmission. The wireless access point will automatically add common address information, and it can also be added manually. If multiple identical address information appears, the wireless terminal address may be hijacked, and the wireless access point will remind the user information of the wireless terminal that there may be a risk of being stolen, preventing the user from sending private information. The wireless terminal will automatically send requests to multiple wireless terminals with the same address information. If the wireless terminal refuses to send detailed information, the wireless terminal can be locked to facilitate operations such as disconnection and tracking. If the wireless terminal chooses to send the detailed information, the user can also check the detailed information through the wireless access point to identify the wireless terminal.

实施例二、一种无线接入点,如图1所示,包括控制系统,控制系统包括常用地址信息模块1、认证模块2、定时检查模块5、地址比对模块6、手动添加模块3、地址计数模块4和报警模块7。Embodiment 2. A wireless access point, as shown in FIG. 1 , includes a control system, and the control system includes a common address information module 1, an authentication module 2, a regular check module 5, an address comparison module 6, a manual addition module 3, Address counting module 4 and alarm module 7.

如图1所示,常用地址信息模块1作为常用地址信息库存储常用地址信息。手动添加模块3接收外界输入的地址信息并将地址信息传输给常用地址信息模块1进行存储。用户可以直接通过手动添加模块3管理常用地址信息库。As shown in FIG. 1 , the common address information module 1 serves as a common address information database to store common address information. The manual adding module 3 receives the address information input from the outside and transmits the address information to the common address information module 1 for storage. Users can directly manage common address information databases by manually adding module 3.

如图1所示,认证模块2存储有认证规则,认证模块2接收外界输入的认证信息并根据认证规则对认证信息进行认证,认证通过则向认证信息来源发送请求许可并与认证信息来源进行交互,同时认证模块2输出带有认证信息的启动信号。认证模块2用于无线接入点对无线终端进行认证,开始与无线终端进行交互。As shown in Figure 1, the authentication module 2 stores authentication rules. The authentication module 2 receives the authentication information input from the outside and authenticates the authentication information according to the authentication rules. If the authentication is passed, it sends a request for permission to the authentication information source and interacts with the authentication information source. , and at the same time the authentication module 2 outputs a start signal with authentication information. The authentication module 2 is used for the wireless access point to authenticate the wireless terminal and start to interact with the wireless terminal.

如图1所示,定时检查模块5接受认证模块2输出的启动信号,当定时检查模块5接收到启动信号后开始计时。当计时达到设定值时调用对应来源的交互中的无线信息中的地址信息,并用调用的地址信息在常用地址信息模块1检索地址信息。若没有检索到则输出对比信号。As shown in FIG. 1 , the timing check module 5 receives the start signal output by the authentication module 2 , and starts counting when the timing check module 5 receives the start signal. When the timing reaches the set value, the address information in the wireless information in the interaction of the corresponding source is called, and the called address information is used to retrieve the address information in the common address information module 1 . If not found, a comparison signal is output.

如图1所示,地址比对模块6接受定时检查模块5输出的对比信号,当地址比对模块6接收到对比信号后向对应的无线终端发送地址调用请求。地址比对模块6接收对应无线终端发送的地址信息并将地址信息与保存的认证信息中的地址信息进行对比,若不同则控制无线接入点与该无线终端中止交互。地址比对模块6在同时接收到多个相同的地址信息时向报警模块7发送地址信息。无线接入点会定时对交互的无线终端进行地址检测,以保证不会有其他无线终端盗用无线信号,有效保证了无线信号传输的安全性和可靠性。As shown in FIG. 1 , the address comparison module 6 receives the comparison signal output by the timing check module 5 , and sends an address call request to the corresponding wireless terminal after receiving the comparison signal. The address comparison module 6 receives the address information sent by the corresponding wireless terminal and compares the address information with the address information in the stored authentication information, and if they are different, controls the wireless access point to stop interacting with the wireless terminal. When the address comparison module 6 receives multiple identical address information at the same time, it sends the address information to the alarm module 7 . The wireless access point will regularly detect the address of the interacting wireless terminal to ensure that no other wireless terminal will steal the wireless signal, effectively ensuring the security and reliability of wireless signal transmission.

如图1所示,地址计数模块4连接地址比对模块6,若地址比对模块6对比地址信息与保存的认证信息中的地址信息相同,则将该地址信息进行一次计数。当计数达到预设值时将该地址信息发送给常用地址信息模块1进行存储。无线接入点能够自动将多次通过检查的地址信息添加至常用地址信息库中,减少检查流程。As shown in FIG. 1 , the address counting module 4 is connected to the address comparison module 6 , and if the address information compared by the address comparison module 6 is the same as the address information in the stored authentication information, the address information is counted once. When the count reaches the preset value, the address information is sent to the common address information module 1 for storage. The wireless access point can automatically add the address information that has passed the inspection multiple times to the common address information database, reducing the inspection process.

如图1所示,报警模块7存储有预设的报警信息,报警模块7接收地址信息后向对应地址信息发送报警信息。无线接入点会提醒无线终端的用户信息可能存在被盗用风险,阻止用户发送私密信息。报警模块7接收地址信息后向对应地址信息发送深度信息请求并进行计时。若计时达到预设值时报警模块7没有接收到无线终端详细信息,则锁定对应无线终端。若报警模块7接收到无线终端详细信息,则停止计时并保存无线终端详细信息。无线终端会自动向多个地址信息相同的无线终端发送请求,若无线终端拒绝发送详细信息,则可以锁定该无线终端,方便进行断线、追踪等操作,若无线终端选择发送详细信息,用户也可以通过无线接入点查看详细信息来分辨无线终端。As shown in FIG. 1 , the alarm module 7 stores preset alarm information, and the alarm module 7 sends the alarm information to the corresponding address information after receiving the address information. The wireless access point will remind the user information of the wireless terminal that there may be a risk of being stolen, and prevent the user from sending private information. After receiving the address information, the alarm module 7 sends a depth information request to the corresponding address information and performs timing. If the alarm module 7 does not receive the detailed information of the wireless terminal when the timing reaches the preset value, it will lock the corresponding wireless terminal. If the alarm module 7 receives the detailed information of the wireless terminal, it stops timing and saves the detailed information of the wireless terminal. The wireless terminal will automatically send requests to multiple wireless terminals with the same address information. If the wireless terminal refuses to send detailed information, the wireless terminal can be locked to facilitate operations such as disconnection and tracking. If the wireless terminal chooses to send detailed information, the user can also You can check the detailed information of the wireless access point to identify the wireless terminal.

使用方式:用户首先在无线接入点上设置常用地址信息库,然后通过认证模块2将自己的无线终端与无线接入点进行联通。无线接入点定时对传输的无线信号进行检查,提取无线信号中的地址信息,来检测当前网络是否正常。无线接入点能够自动停止异常的地址信息来源的数据交互,同时也能够在用户无线终端地址被劫持时向用户发出警报,并查找、追踪异常的无线终端。Usage: the user first sets up the common address information database on the wireless access point, and then connects his wireless terminal with the wireless access point through the authentication module 2 . The wireless access point regularly checks the transmitted wireless signal, extracts the address information in the wireless signal, and detects whether the current network is normal. The wireless access point can automatically stop the data exchange of abnormal address information sources, and can also send an alarm to the user when the address of the user's wireless terminal is hijacked, and find and track abnormal wireless terminals.

本具体实施方式的实施例均为本发明的较佳实施例,并非依此限制本发明的保护范围,故:凡依本发明的结构、形状、原理所做的等效变化,均应涵盖于本发明的保护范围之内。The embodiments of this specific implementation mode are all preferred embodiments of the present invention, and are not intended to limit the protection scope of the present invention, so: all equivalent changes made according to the structure, shape and principle of the present invention should be covered by within the protection scope of the present invention.

Claims (10)

1. A method of controlling access to a wireless terminal, comprising the steps of:
1. the wireless access point sends out a wireless signal, and the wireless terminal receives the wireless signal and sends authentication information with address information to the wireless access point;
2. the wireless access point receives the authentication information, then authenticates and stores the authentication information, and if the authentication is passed, the wireless access point sends a request permission to the wireless terminal and interacts with the wireless terminal;
3. the wireless access point regularly invokes the address information of the wireless terminal and searches a common address information base stored by the wireless access point;
4. if not, sending an address calling request to the wireless terminal;
5. the wireless terminal sends address information to the wireless access point after receiving the call request;
6. and after receiving the address information, the wireless access point compares the address information with the address information in the stored authentication information, and if the address information is different, the wireless access point interrupts interaction with the wireless terminal.
2. The method of controlling access to a wireless terminal of claim 1, wherein the sixth step further comprises:
sixthly, if the address information received by the wireless access point is the same as the address information in the stored authentication information, counting the address information once;
and sixthly, adding the address information into a common address information base when the count of the same address information reaches a preset value.
3. A method of controlling access to a wireless terminal according to claim 2, further comprising the steps of:
7. the wireless access point receives the locally input address information and adds the input address information to a common address information base.
4. A method of controlling access to a wireless terminal according to claim 3, further comprising the steps of:
8. and if the wireless access point receives a plurality of pieces of same address information at the same time, sending alarm information to each address information source.
5. The method of claim 4, wherein step eight further comprises:
and eighth, after the wireless access point sends the alarm information, sending a depth information request to the wireless terminal corresponding to the address information, after receiving the depth information request, selecting whether to send the wireless terminal detailed information to the wireless access point, and if the wireless access point does not receive the wireless terminal detailed information sent by the wireless terminal, locking the corresponding wireless terminal.
6. A wireless access point, characterized by: the system comprises a control system, wherein the control system comprises a common address information module (1), an authentication module (2), a timing checking module (5) and an address comparison module (6);
the common address information module (1) is used as a common address information storage common address information;
the authentication module (2) stores authentication rules, the authentication module (2) receives authentication information input from the outside and authenticates the authentication information according to the authentication rules, if the authentication passes, the authentication module sends a request permission to an authentication information source and interacts with the authentication information source, and meanwhile the authentication module (2) outputs a starting signal with the authentication information;
the timing checking module (5) receives the starting signal output by the authentication module (2), starts timing after the timing checking module (5) receives the starting signal, calls address information in the wireless information in the interaction of the corresponding source when the timing reaches a set value, searches the address information in the common address information module (1) by using the called address information, and outputs a comparison signal if the address information is not searched;
the address comparison module (6) receives the comparison signal output by the timing checking module (5), when the address comparison module (6) receives the comparison signal, an address calling request is sent to the corresponding wireless terminal, the address comparison module (6) receives the address information sent by the corresponding wireless terminal and compares the address information with the address information in the stored authentication information, and if the address information is different, the wireless access point and the wireless terminal are controlled to stop interaction.
7. A wireless access point according to claim 6, wherein: the control system further comprises an address counting module (4), the address counting module (4) is connected with the address comparison module (6), if the address comparison module (6) compares the address information with the address information in the stored authentication information, the address information is counted once, and when the count reaches a preset value, the address information is sent to the common address information module (1) for storage.
8. A wireless access point according to claim 7, wherein: the control system also comprises a manual adding module (3), wherein the manual adding module (3) receives address information input by the outside and transmits the address information to the common address information module (1) for storage.
9. A wireless access point according to claim 6, wherein: the control system also comprises an alarm module (7);
the address comparison module (6) sends address information to the alarm module (7) when receiving a plurality of same address information at the same time;
the alarm module (7) stores preset alarm information, and the alarm module (7) sends the alarm information to the corresponding address information after receiving the address information.
10. A wireless access point according to claim 9, wherein: and the alarm module (7) receives the address information, then sends a depth information request to the corresponding address information and performs timing, if the timing reaches a preset value, the alarm module (7) does not receive the wireless terminal detailed information, the corresponding wireless terminal is locked, and if the alarm module (7) receives the wireless terminal detailed information, the timing is stopped and the wireless terminal detailed information is stored.
CN202010109679.3A 2020-02-22 2020-02-22 Method for controlling wireless terminal access and wireless access point Expired - Fee Related CN111314917B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010109679.3A CN111314917B (en) 2020-02-22 2020-02-22 Method for controlling wireless terminal access and wireless access point

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010109679.3A CN111314917B (en) 2020-02-22 2020-02-22 Method for controlling wireless terminal access and wireless access point

Publications (2)

Publication Number Publication Date
CN111314917A CN111314917A (en) 2020-06-19
CN111314917B true CN111314917B (en) 2023-06-23

Family

ID=71162156

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010109679.3A Expired - Fee Related CN111314917B (en) 2020-02-22 2020-02-22 Method for controlling wireless terminal access and wireless access point

Country Status (1)

Country Link
CN (1) CN111314917B (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101079741A (en) * 2007-06-29 2007-11-28 杭州华三通信技术有限公司 Access point, access controller and method for monitoring illegal access
US8045569B1 (en) * 2007-09-18 2011-10-25 Marvell International Ltd. Mechanism to verify packet data network support for internet protocol mobility
WO2014189262A1 (en) * 2013-05-24 2014-11-27 Strix Inc. User terminal authentication method of access point apparatus
CN105848131A (en) * 2016-05-09 2016-08-10 厦门四信通信科技有限公司 Method for realizing STA cross-domain roaming through cloud AC

Family Cites Families (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060114863A1 (en) * 2004-12-01 2006-06-01 Cisco Technology, Inc. Method to secure 802.11 traffic against MAC address spoofing
KR100944724B1 (en) * 2007-08-21 2010-03-03 엔에이치엔비즈니스플랫폼 주식회사 User Authentication System Using IP Address and Method
CN103476143B (en) * 2012-06-07 2016-05-25 中国移动通信集团公司 A kind of WLAN discharges method, the Apparatus and system of IP resource
US9693296B2 (en) * 2014-07-17 2017-06-27 Xiaomi Inc. Network connection method and apparatus
CN104125568B (en) * 2014-08-11 2018-09-07 湖南恒茂高科股份有限公司 Wireless access point safety certifying method and system
CN105246073B (en) * 2015-08-28 2019-06-21 深圳市信锐网科技术有限公司 The access authentication method and server of wireless network
CN105188059A (en) * 2015-09-30 2015-12-23 上海斐讯数据通信技术有限公司 Authentication method based on Portal server abnormity, and wireless access point
CN106603422A (en) * 2016-12-09 2017-04-26 上海斐讯数据通信技术有限公司 Network steal prevention method of wireless router, and wireless router
CN106982430B (en) * 2017-03-22 2020-12-22 台州市吉吉知识产权运营有限公司 Portal authentication method and system based on user use habits

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101079741A (en) * 2007-06-29 2007-11-28 杭州华三通信技术有限公司 Access point, access controller and method for monitoring illegal access
US8045569B1 (en) * 2007-09-18 2011-10-25 Marvell International Ltd. Mechanism to verify packet data network support for internet protocol mobility
WO2014189262A1 (en) * 2013-05-24 2014-11-27 Strix Inc. User terminal authentication method of access point apparatus
CN105848131A (en) * 2016-05-09 2016-08-10 厦门四信通信科技有限公司 Method for realizing STA cross-domain roaming through cloud AC

Also Published As

Publication number Publication date
CN111314917A (en) 2020-06-19

Similar Documents

Publication Publication Date Title
US8428555B2 (en) Securing quality of service (QoS) according to type of wireless local area network (WLAN) service
US8565429B2 (en) Method and system for veryfying the authenticity of a first communication participants in a communications network
US5708710A (en) Method and apparatus for authentication in a communication system
US7327690B2 (en) Wireless local or metropolitan area network with intrusion detection features and related methods
JPH11127468A (en) Communication control device and wireless communication system
US11197157B2 (en) Method, apparatus, and system for performing authentication on terminal in wireless local area network
WO2007026230A2 (en) Arbitrary mac address usage in a wlan system
CN105681272A (en) Method for detecting and defensing fishing WiFi of mobile terminal
WO2017128546A1 (en) Method and apparatus for securely accessing wifi network
EP1589703A2 (en) System and method for accessing a wireless network
JP2005536117A (en) Wireless local or metropolitan area network with intrusion detection and related methods
WO2007027412A2 (en) Failure handling during security exchanges between a station and an access point in a wlan
US20120190334A1 (en) Main board, and method of implementing network/card locking and mobile terminal in which network/card locking is implemented
WO2012055297A1 (en) Authentication method and device of mobile terminal
US6236859B1 (en) Method for the location registration of a mobile terminal
WO2015196679A1 (en) Authentication method and apparatus for wireless access
KR100666947B1 (en) Network access method and network system of short range wireless communication terminal
CN111314917B (en) Method for controlling wireless terminal access and wireless access point
WO2008122224A1 (en) Method, system and base station for locking the mobile terminal copied lawlessly
WO1998000956A2 (en) System and method for preventing cellular fraud
JP2001517387A (en) Method for performing a security-related check function in a mobile communication network and / or a wireless local network
US7177291B1 (en) Method for associating an apparatus in a communication network
WO2012065405A1 (en) Method and system for judging legal terminal
CN105743845A (en) Authentication method and device
JP3406992B2 (en) Mobile terminal connection control system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20230623

CF01 Termination of patent right due to non-payment of annual fee