[go: up one dir, main page]

CN114567462A - Network access authentication method including software compatibility check and system thereof - Google Patents

Network access authentication method including software compatibility check and system thereof Download PDF

Info

Publication number
CN114567462A
CN114567462A CN202210134441.5A CN202210134441A CN114567462A CN 114567462 A CN114567462 A CN 114567462A CN 202210134441 A CN202210134441 A CN 202210134441A CN 114567462 A CN114567462 A CN 114567462A
Authority
CN
China
Prior art keywords
software
compatibility
compatibility check
network access
check
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210134441.5A
Other languages
Chinese (zh)
Inventor
刘丰
章飞
夏业圣
孙柳
叶峰
程芳
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Mnai Energy Co ltd
Original Assignee
Shanghai Mnai Energy Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Mnai Energy Co ltd filed Critical Shanghai Mnai Energy Co ltd
Priority to CN202210134441.5A priority Critical patent/CN114567462A/en
Publication of CN114567462A publication Critical patent/CN114567462A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/36Prevention of errors by analysis, debugging or testing of software
    • G06F11/3668Testing of software
    • G06F11/3672Test management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/08Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/14Arrangements for monitoring or testing data switching networks using software, i.e. software packages
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1483Countermeasures against malicious traffic service impersonation, e.g. phishing, pharming or web spoofing

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Quality & Reliability (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Environmental & Geological Engineering (AREA)
  • Stored Programmes (AREA)

Abstract

本发明涉及一种包括软件兼容性检查的入网认证方法及其系统,所述方法包括以下软件兼容性检查步骤:S1、从属终端与汇聚节点建立连接,发送从属终端软件版本号给汇聚节点请求软件兼容性检查;S2、汇聚节点进行软件兼容性检查;S3、汇聚节点允许通过软件兼容性检查的从属终端入网并进行后续业务操作;或者S4、汇聚节点拒绝软件兼容性检查失败的从属终端入网并提示升级软件到汇聚节点当前软件版本号。有益效果是避免软件不兼容设备接入系统、保证系统稳定运行。

Figure 202210134441

The present invention relates to a network access authentication method including software compatibility check and a system thereof. The method includes the following software compatibility check steps: S1. A slave terminal establishes a connection with an aggregation node, and sends a software version number of the slave terminal to the aggregation node to request software Compatibility check; S2, the sink node performs software compatibility check; S3, the sink node allows the subordinate terminals that pass the software compatibility check to access the network and perform subsequent business operations; or S4, the sink node rejects the slave terminals that fail the software compatibility check to access the network and Prompt to upgrade the software to the current software version number of the sink node. The beneficial effect is to prevent software incompatible equipment from being connected to the system and ensure the stable operation of the system.

Figure 202210134441

Description

一种包括软件兼容性检查的入网认证方法及其系统A network access authentication method and system including software compatibility check

【技术领域】【Technical field】

本发明涉及计算机网络技术领域,具体涉及一种包括软件兼容性检查的入网认证方法及其系统。The invention relates to the technical field of computer networks, in particular to a network access authentication method including software compatibility check and a system thereof.

【背景技术】【Background technique】

一般的入网认证局域网内网系统包含汇聚节点和若干从属终端两个角色;从属终端需要到汇聚节点出进行入网合法性认证,防止非法终端接入系统,对系统安全性和稳定性造成影响。当前的入网认证应用场景中,主要参与者有从属终端和汇聚节点两个角色。从属终端通过无线通信方式主动连接汇聚节点,一台汇聚节点可以容纳多台从属终端。但是同时接入系统的从属终端可能有多个类似的产品型号,每个型号的产品个数不等,且产品内部装载不同时间发布的不同版本软件。The general network access authentication local area network system includes two roles: the aggregation node and several subordinate terminals; the subordinate terminals need to go to the aggregation node for network access legality authentication to prevent illegal terminals from accessing the system, which will affect the security and stability of the system. In the current network access authentication application scenario, the main participants have two roles of slave terminal and aggregation node. The slave terminals actively connect to the sink node through wireless communication, and one sink node can accommodate multiple slave terminals. However, the slave terminals connected to the system at the same time may have multiple similar product models, and the number of products of each model varies, and the products are loaded with different versions of software released at different times.

现有入网认证系统中一般只在从属终端与汇聚节点建立连接时进行MAC,ID等合法性校验检查,避免非法设备接入系统。而对软件版本的匹配性和兼容性检查规则比较少,现有针对兼容性解决方案一般是通过软件通信协议版本号检查确定兼容性、以及在软件开发和设计中提高软件对历史软件版本和后续软件版本的兼容性。In the existing network access authentication system, the MAC, ID and other legality verification checks are generally performed only when the slave terminal establishes a connection with the aggregation node, so as to prevent illegal devices from accessing the system. However, the matching and compatibility checking rules for software versions are relatively few. Existing solutions for compatibility generally determine compatibility by checking the version number of software communication protocols, and improve software’s compatibility with historical software versions and subsequent software versions in software development and design. Software version compatibility.

软件开发和设计中提高其兼容性固然是必备操作,但是在实际生产和部署时,由于各种原因会导致这些手段不能适应和规避全部兼容问题。It is a necessary operation to improve the compatibility in software development and design, but in actual production and deployment, due to various reasons, these methods cannot adapt to and avoid all compatibility problems.

软件通信协议版本号兼容,只能保证通信正常,无法保证汇聚节点和从属终端两个版本的其它功能兼容,因此前述通过软件通信协议版本号检查确定兼容性具有局限性。The software communication protocol version number is compatible, which can only ensure normal communication, but cannot guarantee that the other functions of the two versions of the sink node and the slave terminal are compatible. Therefore, the aforementioned checking of the software communication protocol version number to determine the compatibility has limitations.

提高软件对上历史软件版本和对下后续软件版本兼容性,但提高兼容性也有阈值和限制条件,不可能向上或者向下无限制无范围兼容,当涉及到比较大的需求变更导致软件功能较大变化,亦或者因为多次库存周转,导致现场部署时从属终端与汇聚节点的软件版本差异较大。此情况下现有“在软件开发和设计中提高软件对历史软件版本和后续软件版本的兼容性”方案是无法规避版本兼容性问题对系统稳定性造成巨大挑战的。Improve the compatibility of the software to the previous historical software version and the subsequent software version, but there are also thresholds and restrictions for improving the compatibility. It is impossible to be compatible upwards or downwards without limitation and scope. When it involves relatively large demand changes, the software functions are relatively poor. Major changes, or because of multiple inventory turnovers, the software versions of slave terminals and aggregation nodes are quite different during field deployment. Under this circumstance, the existing solution of "improving the compatibility of software with historical software versions and subsequent software versions in software development and design" cannot avoid the huge challenge to system stability caused by the version compatibility problem.

而恰恰软件的兼容性问题在需求变化比较大或者产品生命周期比较长的实际部署过程中是普遍存在的,加上软件兼容性问题还具有隐蔽性,一旦出现兼容问题就会对系统造成非常大的不良影响和破坏。However, the software compatibility problem is common in the actual deployment process when the requirements change greatly or the product life cycle is relatively long. In addition, the software compatibility problem is also hidden. Once the compatibility problem occurs, it will cause great damage to the system. adverse effects and damage.

本发明针对软件版本兼容性技术问题对包括从属终端和汇聚节点的入网认证技术作了改进。Aiming at the technical problem of software version compatibility, the present invention improves the network access authentication technology including the slave terminal and the convergence node.

【发明内容】[Content of the Invention]

本发明的目的是,提供一种避免软件不兼容设备接入系统、保证系统稳定运行的入网认证方法。The purpose of the present invention is to provide a network access authentication method that avoids software incompatible equipment from accessing the system and ensures stable operation of the system.

为实现上述目的,本发明采取的技术方案是一种包括软件兼容性检查的入网认证方法,运行在一种包括软件兼容性检查的入网认证系统上,所述入网认证系统包括一个汇聚节点和接入所述汇聚节点的若干从属终端组成的局域网;包括以下软件兼容性检查步骤:In order to achieve the above object, the technical solution adopted by the present invention is a network access authentication method including software compatibility check, which runs on a network access authentication system including software compatibility check, and the network access authentication system includes an aggregation node and an access point. into the local area network composed of several subordinate terminals of the aggregation node; including the following software compatibility check steps:

S1、从属终端与汇聚节点建立连接,发送从属终端软件版本号给汇聚节点请求软件兼容性检查;S1. The slave terminal establishes a connection with the sink node, and sends the software version number of the slave terminal to the sink node to request software compatibility check;

S2、汇聚节点进行软件兼容性检查;S2, the aggregation node performs software compatibility check;

S3、汇聚节点允许通过软件兼容性检查的从属终端入网并进行后续业务操作;S3. The aggregation node allows the subordinate terminals that have passed the software compatibility check to access the network and perform subsequent business operations;

或者S4、汇聚节点拒绝软件兼容性检查失败的从属终端入网并提示升级软件到汇聚节点当前软件版本号。Or S4, the sink node rejects the slave terminal that fails the software compatibility check to access the network and prompts to upgrade the software to the current software version number of the sink node.

优选地,上述的一种包括软件兼容性检查的入网认证方法,还包括一般入网认证步骤:从属终端与汇聚节点建立连接时进行MAC、ID合法性校验检查。Preferably, the above-mentioned network access authentication method including software compatibility check further includes a general network access authentication step: when the slave terminal establishes a connection with the aggregation node, MAC and ID validity check is performed.

优选地,上述的一种包括软件兼容性检查的入网认证方法,步骤S2允许并支持软件兼容性检查豁免功能,用于便利外部第三方接入从属终端、软件测试和调试过程。Preferably, in the above-mentioned network access authentication method including software compatibility check, step S2 allows and supports the software compatibility check exemption function for facilitating external third parties to access the slave terminal, software testing and debugging processes.

优选地,上述的一种包括软件兼容性检查的入网认证方法,步骤S2汇聚节点通过预置软件版本兼容性白名单进行软件兼容性检查,所述软件版本兼容性白名单呈树状图结构形式,标明汇聚节点当前软件版本号兼容支持的各个型号从属终端软件版本号。Preferably, in the above-mentioned network access authentication method including software compatibility check, in step S2, the aggregation node performs software compatibility check through a preset software version compatibility whitelist, and the software version compatibility whitelist is in the form of a tree diagram structure , indicating that the current software version number of the aggregation node is compatible with the software version number of each model slave terminal.

优选地,上述的一种包括软件兼容性检查的入网认证方法,运行的一种包括软件兼容性检查的入网认证系统上还包括上层云服务或者本地服务器,若干局域网接入所述上层云服务或者本地服务器;还包括汇聚节点软件版本兼容性白名单更新步骤:Preferably, in the above-mentioned network access authentication method including software compatibility check, the running network access authentication system including software compatibility check further includes an upper-layer cloud service or a local server, and several local area networks access the upper-layer cloud service or The local server; also includes the steps for updating the software version compatibility whitelist of the sink node:

S01、专门的软件版本发布系统导出或者系统版本管理员统一发布软件版本兼容性白名单、输出新的软件版本兼容性白名单文件给上层云服务或者本地服务器;S01. The special software version release system is exported or the system version administrator releases the software version compatibility whitelist uniformly, and outputs the new software version compatibility whitelist file to the upper cloud service or local server;

S02、汇聚节点定期到上层云服务或者本地服务器同步软件版本兼容性白名单文件,或上层云服务或者本地服务器通过自定义协议导入软件版本兼容性白名单文件到汇聚节点,或手动更新汇聚节点软件版本兼容性白名单文件;S02. The sink node regularly synchronizes the software version compatibility whitelist file to the upper-layer cloud service or local server, or the upper-layer cloud service or local server imports the software version compatibility whitelist file to the sink node through a custom protocol, or manually updates the sink node software Version compatibility whitelist file;

S03、汇聚节点检测发现软件版本兼容性白名单文件更新,重置从属终端入网状态,所述局域网执行步骤S1至步骤S4重新进行软件兼容性检查。S03 , the aggregation node detects and finds that the software version compatibility whitelist file is updated, resets the network access state of the slave terminal, and performs steps S1 to S4 again on the local area network to check the software compatibility.

优选地,上述软件版本兼容性白名单文件是按照约定格式生成的标准xml格式文件。Preferably, the above-mentioned software version compatibility whitelist file is a standard xml format file generated according to an agreed format.

优选地,上述的一种包括软件兼容性检查的入网认证方法,步骤S02汇聚节点每天一次到上层云服务或者本地服务器同步软件版本兼容性白名单文件。Preferably, in the above-mentioned network access authentication method including software compatibility check, in step S02, the aggregation node synchronizes the software version compatibility whitelist file to the upper-layer cloud service or the local server once a day.

本发明的又一目的是,提供一种避免软件不兼容设备接入系统、保证系统稳定运行的入网认证系统。Another object of the present invention is to provide a network access authentication system that avoids software incompatible devices from accessing the system and ensures stable operation of the system.

为实现上述又一目的,本发明采取的技术方案是一种包括软件兼容性检查的入网认证系统,包括一个汇聚节点和接入所述汇聚节点的若干从属终端组成的局域网;所述入网认证系统用于上述不需要所述上层云服务或者本地服务器介入的一种包括软件兼容性检查的入网认证方法。In order to achieve the above-mentioned still another object, the technical solution adopted by the present invention is a network access authentication system including software compatibility check, including a local area network composed of an aggregation node and several subordinate terminals accessing the aggregation node; the network access authentication system A network access authentication method including software compatibility check for the above-mentioned network access authentication method that does not require the intervention of the upper-layer cloud service or the local server.

优选地,上述的一种包括软件兼容性检查的入网认证系统,还包括上层云服务或者本地服务器,若干局域网接入所述上层云服务或者本地服务器;所述入网认证系统用于执行上述需要所述上层云服务或者本地服务器介入的一种包括软件兼容性检查的入网认证方法。Preferably, the above-mentioned network access authentication system including software compatibility check also includes an upper-layer cloud service or a local server, and several local area networks access the upper-layer cloud service or local server; the network access authentication system is used to perform the above-mentioned requirements. A network access authentication method involving software compatibility check involving the above-mentioned upper-layer cloud service or local server.

本发明一种包括软件兼容性检查的入网认证方法及其系统有如下有益效果:在入网认证的策略中,加入从属终端与汇聚节点软件兼容性和匹配认证,从而防止因软件功能升级或者其它原因导致从属终端和汇聚节点的软件不匹配不兼容的情况,进而影响系统的稳定和安全;1、可以满足比较复杂情况下软件兼容性检查,保证系统稳定运行;2、适应性强,可以覆盖产品从研发,测试,生产,部署整个生命周期的兼容性检查;3、模块化设计,各功能解耦又相互配合,保证该功能有效正常运行,且可以方便后续功能升级和扩展。The network access authentication method including software compatibility check and the system thereof of the present invention have the following beneficial effects: in the network access authentication strategy, software compatibility and matching authentication between the slave terminal and the convergence node is added, so as to prevent software function upgrades or other reasons. Cause the software of the slave terminal and the aggregation node to be incompatible and incompatible, thereby affecting the stability and security of the system; 1. It can meet the software compatibility check in more complex situations and ensure the stable operation of the system; 2. It has strong adaptability and can cover products Compatibility check of the entire life cycle from R&D, testing, production, and deployment; 3. Modular design, decoupling and cooperating with each other to ensure the effective and normal operation of the function, and facilitate subsequent function upgrades and expansions.

【附图说明】[Description of drawings]

图1是一种包括软件兼容性检查的入网认证其系统架构示意图。FIG. 1 is a schematic diagram of the system architecture of network access authentication including software compatibility check.

图2是一种包括软件兼容性检查的入网认证方法软件兼容性检查流程图。Fig. 2 is a software compatibility check flow chart of a network access authentication method including software compatibility check.

图3是一种包括软件兼容性检查的入网认证方法交互步骤图。FIG. 3 is a diagram of interaction steps of a network access authentication method including software compatibility check.

【具体实施方式】【Detailed ways】

下面结合实施例并参照附图对本发明作进一步描述。The present invention will be further described below in conjunction with the embodiments and with reference to the accompanying drawings.

在本发明中,服务器是在网络上提供、管理网络资源的一个计算机或设备,终端可指各种类型的装置,包括(但不限于)无线电话、蜂窝式电话、膝上型计算机、多媒体无线装置、无线通信个人计算机(PC)卡、个人数字助理(PDA)、外部或内部调制解调器等。客户端设备,即终端可为任何经由无线信道和/或经由有线信道(例如,光纤或同轴电缆)与服务器通信的数据装置。终端可具有多种名称,例如移动台、移动装置、移动单元,移动电话、远程站、远程终端机、远程单元、用户装置、用户设备、手持式装置等。不同终端可并入一个系统中。终端可为移动的或固定的,且可分散遍及一个通信网络。In the present invention, a server is a computer or device that provides and manages network resources on a network, and a terminal may refer to various types of devices, including (but not limited to) wireless phones, cellular phones, laptop computers, multimedia wireless Devices, wireless communication personal computer (PC) cards, personal digital assistants (PDA), external or internal modems, etc. A client device, ie, a terminal, can be any data device that communicates with a server via a wireless channel and/or via a wired channel (eg, fiber optic or coaxial cable). A terminal may have various names such as mobile station, mobile device, mobile unit, mobile phone, remote station, remote terminal, remote unit, user device, user equipment, handheld device, and the like. Different terminals can be incorporated into one system. Terminals may be mobile or stationary, and may be dispersed throughout a communication network.

实施例Example

本实施例实现一种包括软件兼容性检查的入网认证方法及其系统。This embodiment implements a network access authentication method including software compatibility check and a system thereof.

本实施例一种包括软件兼容性检查的入网认证方法及其系统在入网认证的策略中,加入从属终端与汇聚节点软件兼容性和匹配认证,提供一种对系统接入设备的强制性的兼容性检查措施,避免具有兼容性问题的设备接入系统,从而防止因软件功能升级或者其它原因导致从属终端和汇聚节点的软件不匹配不兼容的情况,影响系统的稳定和安全。In this embodiment, a network access authentication method including software compatibility check and a system thereof are added to the network access authentication strategy by adding software compatibility and matching authentication between the subordinate terminal and the aggregation node, providing a mandatory compatibility with system access devices. It can prevent the devices with compatibility problems from connecting to the system, so as to prevent the incompatibility of the software of the subordinate terminal and the aggregation node due to software function upgrade or other reasons, which will affect the stability and security of the system.

本实施例一种包括软件兼容性检查的入网认证方法及其系统是常规接入合法性检查的补充和加强,主要内容是从属终端与汇聚节点建立连接后,发送从属终端软件版本号给汇聚节点请求软件兼容性检查,汇聚节点返回检查结果给从属终端。只有通过软件兼容性检查后,汇聚节点才允许从属终端入网并进行后续的相关操作。如果兼容性检查失败,则拒绝其入网,并提示用户升级软件。The network access authentication method and system including software compatibility check in this embodiment are supplements and enhancements of conventional access validity check. The main content is that after the slave terminal establishes a connection with the sink node, the software version number of the slave terminal is sent to the sink node. A software compatibility check is requested, and the sink node returns the check result to the slave terminal. Only after passing the software compatibility check, the sink node allows the slave terminal to access the network and perform subsequent related operations. If the compatibility check fails, it will be denied access to the network and the user will be prompted to upgrade the software.

本实施例一种包括软件兼容性检查的入网认证方法及其系统从属终端作为兼容性检查的发起方,汇聚节点作为检查的确认方,所有入网的从属终端都需要进行软件兼容性检查。软件版本是软件编译时生成的唯一标识,可作为软件兼容性检查的依据。In this embodiment, a network access authentication method including software compatibility check and its system slave terminal serve as the initiator of the compatibility check, the sink node serves as the check confirmer, and all network access slave terminals need to perform software compatibility check. The software version number is a unique identifier generated when the software is compiled, and can be used as a basis for software compatibility checking.

本实施例一种包括软件兼容性检查的入网认证方法及其系统汇聚节点预置软件版本兼容性白名单,即汇聚节点预置不同软件版本所配套支持的每个型号从属终端的软件版本列表。白名单整体内容呈现树状图的形式,可以依据汇聚节点当前版本号查询其所能兼容的各个型号从属终端的软件版本(号)记录。In this embodiment, a network access authentication method including software compatibility check and a system pre-set software version compatibility whitelist of the aggregation node, that is, the aggregation node presets the software version list of each type of slave terminal supported by different software versions. The overall content of the whitelist is in the form of a tree diagram, and the software version (number) record of each compatible model of slave terminals can be queried according to the current version number of the sink node.

本实施例一种包括软件兼容性检查的入网认证方法及其系统考虑到实际部署的便利性,允许并支持软件版本兼容性白名单外部更新功能。In this embodiment, a network access authentication method including software compatibility check and a system thereof allow and support the external update function of the software version compatibility whitelist considering the convenience of actual deployment.

本实施例一种包括软件兼容性检查的入网认证方法及其系统考虑到外部第三方接入从属终端,以及软件测试、调试过程的便利性,允许并支持兼容性检查豁免功能。In this embodiment, a network access authentication method including software compatibility check and a system thereof allow and support the compatibility check exemption function in consideration of external third-party access to the slave terminal and convenience of software testing and debugging processes.

本实施例一种包括软件兼容性检查的入网认证方法及其系统软件版本兼容性白名单的管理和发布,由专门的版本管理系统导出,也可以由版本管理员统一发布,保证其唯一性、准确性和权威性。In this embodiment, a network access authentication method including software compatibility check and management and release of a whitelist of system software version compatibility are derived from a special version management system, and can also be released uniformly by a version administrator to ensure its uniqueness, Accuracy and authority.

本实施例一种包括软件兼容性检查的入网认证系统包含汇聚节点,从属终端,服务器三个角色;在该系统中,一个汇聚节点和其下面接入的多个从属终端组成一个局域网,多个类似的局域网接入上层云服务或者本地服务器,从而组成整个系统网络。A network access authentication system including software compatibility check in this embodiment includes three roles: a sink node, a slave terminal, and a server; in this system, a sink node and multiple slave terminals connected under it form a local area network, and Similar local area networks are connected to upper-layer cloud services or local servers to form the entire system network.

本实施例一种包括软件兼容性检查的入网认证系统每个局域网中的汇聚节点和其下属的从属终端都要独立进行软件兼容性检查。保证每个局域网的稳定,从而实现整个系统的稳定。In the network access authentication system including software compatibility check in this embodiment, each aggregation node in the local area network and its subordinate subordinate terminals must independently perform software compatibility check. To ensure the stability of each local area network, so as to achieve the stability of the entire system.

图1是一种包括软件兼容性检查的入网认证系统架构示意图。如附图1所示,本实施例一种包括软件兼容性检查的入网认证系统某个汇聚节点同时接入了三个类型合计八个从属终端。每个从属终端的软件版本可能不同。为了保证整个系统稳定运行,在这些从属终端正常的校验并连接汇聚节点后,进行入网软件兼容性检查,只有检查通过的从属终端才算完成入网校验,允许其进行后续的业务交互。FIG. 1 is a schematic diagram of the architecture of a network access authentication system including software compatibility check. As shown in FIG. 1 , in a network access authentication system including software compatibility check in this embodiment, a certain aggregation node simultaneously accesses three types of eight slave terminals in total. The software version of each slave terminal may be different. In order to ensure the stable operation of the entire system, after these slave terminals are properly verified and connected to the aggregation node, the network access software compatibility check is performed. Only the slave terminals that pass the check can complete the network access verification, allowing them to conduct subsequent business interactions.

图2是一种包括软件兼容性检查的入网认证方法软件兼容性检查流程图。如附图2所示,本实施例一种包括软件兼容性检查的入网认证方法完整的软件兼容性检查方案,主要由软件版本发布更新、更新白名单和入网检查三个功能组件配合完成。Fig. 2 is a software compatibility check flow chart of a network access authentication method including software compatibility check. As shown in FIG. 2 , a complete software compatibility check scheme including software compatibility check for a network access authentication method in this embodiment is mainly completed by the cooperation of three functional components: software version release update, update whitelist and network access check.

图3是一种包括软件兼容性检查的入网认证方法交互步骤图。如附图3所示,本实施例一种包括软件兼容性检查的入网认证方法,当汇聚节点或者从属终端更新软件版本后,会输出新的白名单文件;而汇聚节点会定期(每天一次)在服务器同步白名单,当发现白名单更新后会重置从属终端入网状态。此时从属终端需要重新进行入网检测和软件兼容性检查,即重复图3业务流程。FIG. 3 is a diagram of interaction steps of a network access authentication method including software compatibility check. As shown in FIG. 3 , a network access authentication method including software compatibility check in this embodiment, when the aggregation node or the slave terminal updates the software version, a new whitelist file will be output; and the aggregation node will periodically (once a day) Synchronize the whitelist on the server. When the whitelist is found to be updated, the network access status of the slave terminal will be reset. At this time, the slave terminal needs to perform network access detection and software compatibility check again, that is, repeat the business process shown in FIG. 3 .

软件版本兼容性白名单由版本管理员发布或者版本发布系统导出,是按照约定的格式生成的xml文件;其内容为以汇聚节点软件版本号为根节点描述的其兼容的各型号从属终端的版本清单。一个产品的软件版本编译和发布时,其软件版本号具有唯一标识性;可以理解成版本号就代表了该软件的功能,因此用软件版本号来做为软件兼容性检查的凭据是可信的。The software version compatibility whitelist is published by the version administrator or exported by the version publishing system. It is an xml file generated according to the agreed format; its content is the version of the slave terminal of each model that is compatible with the software version number of the aggregation node as the root node. list. When the software version of a product is compiled and released, its software version number has unique identification; it can be understood that the version number represents the function of the software, so it is credible to use the software version number as the credential for software compatibility check .

软件版本兼容性白名单为标准xml格式文件,具体内容示例如下:The software version compatibility whitelist is a standard xml format file. The specific content is as follows:

Figure BDA0003503871640000071
Figure BDA0003503871640000071

Figure BDA0003503871640000081
Figure BDA0003503871640000081

Figure BDA0003503871640000091
Figure BDA0003503871640000091

scm-version:白名单文件版本号,作用是汇聚节点进行同步白名单的依据;scm-version: The version number of the whitelist file, which is the basis for the aggregation node to synchronize the whitelist;

scm-info name:汇聚节点软件版本号,汇聚节点根据自身当前版本号在该文件中查询当前其兼容的从属终端版本信息;scm-info name: the software version number of the sink node. The sink node queries the current compatible slave terminal version information in this file according to its current version number;

sub-versions name:从属终端型号,不同型号从属终端分别列出其兼容信息;sub-versions name: slave terminal model, and the compatibility information of different models of slave terminals is listed separately;

sub:从属终端版本号;sub: slave terminal version number;

exempt-info:豁免产品信息,此类产品可获得豁免兼容性检查权限,主要用于开发调试阶段。exempt-info: exempted product information, such products can be exempted from compatibility check permissions, mainly used in the development and debugging stage.

本实施例一种包括软件兼容性检查的入网认证方法及其系统软件版本兼容性白名单可以更改格式或者内容定义,整体上只需要配合实现版本信息清单记录功能即可。In this embodiment, a network access authentication method including software compatibility check and a system software version compatibility whitelist can change the format or content definition, and only need to cooperate to realize the version information list recording function as a whole.

本实施例一种包括软件兼容性检查的入网认证方法及其系统软件版本兼容性白名单输出,可以是人工手动输出,也可以是各类软件版本发布及管理系统自定义导出的软件版本兼容性白名单。In this embodiment, a network access authentication method including software compatibility check and the output of a whitelist of system software version compatibility can be manually output, or software version compatibility exported by various software version release and management systems. whitelist.

本实施例一种包括软件兼容性检查的入网认证方法及其系统软件版本兼容性白名单更新机制,可以由汇聚节点主动去本地或者云服务器同步更新,也可以手动或者自定义协议主动导入。In this embodiment, a network access authentication method including software compatibility check and a system software version compatibility whitelist update mechanism can be actively updated by the sink node to the local or cloud server, or imported manually or by a custom protocol.

本实施例一种包括软件兼容性检查的入网认证方法及其系统软件版本兼容性检查,也可以适用于其它类似局域网或者相似TOP结构中的兼容性,安全性检查保护,以及防呆功能中。A network access authentication method including software compatibility check and system software version compatibility check in this embodiment can also be applied to compatibility in other similar local area networks or similar TOP structures, security check protection, and foolproof functions.

本实施例一种包括软件兼容性检查的入网认证方法及其系统:1,可以满足比较复杂情况下软件兼容性检查,保证系统稳定运行;2,适应性强,可以覆盖产品从研发,测试,生产,部署整个生命周期的兼容性检查;3,模块化设计,各功能解耦又相互配合,保证该功能有效正常运行,且可以方便后续功能升级和扩展。A network access authentication method and system including software compatibility check in this embodiment: 1, it can satisfy the software compatibility check in a relatively complex situation, and ensure the stable operation of the system; 2, it has strong adaptability, and can cover product development, testing, Production and deployment of compatibility checks throughout the entire life cycle; 3. Modular design, decoupling and cooperating with each other to ensure the effective and normal operation of the function, and facilitate subsequent function upgrades and expansions.

本领域普通技术人员可以理解实现上述实施例方法中的全部或部分流程是可以通过计算机程序来指令相关的硬件来完成,所述的程序可存储于计算机可读取存储介质中,该程序在执行时,可包括如上述各方法的实施例的流程。其中,所述的存储介质可为磁碟、光盘、只读存储记忆体(Read-Only Memory,ROM)或随机存储记忆体(Random AccessMemory,RAM)等。Those of ordinary skill in the art can understand that all or part of the processes in the methods of the above embodiments can be completed by instructing the relevant hardware through a computer program, and the program can be stored in a computer-readable storage medium, and the program can be executed when the program is executed. , may include the flow of the above-mentioned method embodiments. The storage medium may be a magnetic disk, an optical disk, a read-only memory (Read-Only Memory, ROM), or a random access memory (Random Access Memory, RAM) or the like.

以上所述仅是本发明的优选实施方式,应当指出,对于本技术领域的普通技术人员,在不脱离本发明原理的前提下,还可以做出若干改进和补充,这些改进和补充也应视为本发明的保护范围。The above are only the preferred embodiments of the present invention. It should be pointed out that for those skilled in the art, without departing from the principles of the present invention, several improvements and supplements can be made, and these improvements and supplements should also be considered as It is the protection scope of the present invention.

Claims (9)

1. A network access authentication method including software compatibility check is characterized in that: the access authentication system comprises a convergent node and a local area network consisting of a plurality of slave terminals accessed to the convergent node; the method comprises the following software compatibility checking steps:
s1, the slave terminal establishes connection with the sink node, and sends the slave terminal software version number to the sink node to request software compatibility check;
s2, the sink node checks the software compatibility;
s3, the sink node allows the slave terminal passing the software compatibility check to access the network and perform subsequent service operation;
or S4, the convergent node refuses the slave terminal which fails in the software compatibility check to access the network and prompts the upgrade software to the current software version number of the convergent node.
2. The network access authentication method comprising software compatibility check according to claim 1, further comprising a general network access authentication step of: and when the slave terminal establishes connection with the sink node, checking the validity of the MAC and the ID.
3. The network entry authentication method comprising software compatibility checking according to claim 1, wherein: step S2 allows and supports a software compatibility check exemption function for facilitating external third party access to the slave terminal, software testing and debugging process.
4. A network entry authentication method comprising software compatibility checking according to claim 1, characterized in that: and step S2, the sink node checks the software compatibility through a preset software version compatibility white list, wherein the software version compatibility white list is in a tree diagram structure form and marks the version numbers of the slave terminal software of each model supported by the current software version number of the sink node in a compatible manner.
5. The network entry authentication method comprising software compatibility checking according to claim 4, wherein: the operating network access authentication system comprising software compatibility check also comprises an upper cloud service or a local server, and a plurality of local area networks are accessed to the upper cloud service or the local server; the method also comprises a step of updating the white list of the convergent node software version compatibility:
s01, exporting a software version compatibility white list by a special software version release system or uniformly releasing a software version compatibility white list by a system version administrator, and outputting a new software version compatibility white list file to an upper cloud service or a local server;
s02, the sink node synchronizes the software version compatibility white list file to the upper layer cloud service or the local server regularly, or the upper layer cloud service or the local server introduces the software version compatibility white list file to the sink node through a custom protocol, or the sink node software version compatibility white list file is updated manually;
and S03, detecting and discovering the white list file update of the software version compatibility by the sink node, resetting the network access state of the slave terminal, and executing the step S1 to the step S4 by the local area network for software compatibility check again.
6. The method of claim 5, wherein the method comprises a software compatibility check, and further comprises: the software version compatibility white list file is a standard xml format file generated according to an agreed format.
7. The method of claim 5, wherein the method comprises a software compatibility check, and further comprises: step S02 the sink node synchronizes the software version compatibility white list file to the upper cloud service or the local server once a day.
8. A network entry authentication system including a software compatibility check, characterized by: the local area network comprises a convergent node and a plurality of slave terminals accessed to the convergent node; the network access authentication system is used for executing the network access authentication method comprising the software compatibility check of any claim from 1 to 4.
9. A network entry authentication system including a software compatibility check according to claim 8, wherein: the system also comprises an upper cloud service or a local server, and a plurality of local area networks are accessed to the upper cloud service or the local server; the network access authentication system is used for executing the network access authentication method comprising the software compatibility check of any claim from 5 to 7.
CN202210134441.5A 2022-02-14 2022-02-14 Network access authentication method including software compatibility check and system thereof Pending CN114567462A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210134441.5A CN114567462A (en) 2022-02-14 2022-02-14 Network access authentication method including software compatibility check and system thereof

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210134441.5A CN114567462A (en) 2022-02-14 2022-02-14 Network access authentication method including software compatibility check and system thereof

Publications (1)

Publication Number Publication Date
CN114567462A true CN114567462A (en) 2022-05-31

Family

ID=81714615

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210134441.5A Pending CN114567462A (en) 2022-02-14 2022-02-14 Network access authentication method including software compatibility check and system thereof

Country Status (1)

Country Link
CN (1) CN114567462A (en)

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080301668A1 (en) * 2007-05-29 2008-12-04 Guenter Zachmann Managing Different Versions of Server Components Regarding Compatibility With Collaborating Servers
CN106997302A (en) * 2017-03-31 2017-08-01 广东欧珀移动通信有限公司 Firmware upgrading method and device and audio playing equipment
CN107015828A (en) * 2017-03-31 2017-08-04 广东欧珀移动通信有限公司 Audio software upgrade method, application program upgrade method, device and system
CN107291457A (en) * 2017-06-08 2017-10-24 重庆长安汽车股份有限公司 The long-range renewal computing system and method for entire car controller software
CN109787789A (en) * 2017-11-10 2019-05-21 中兴通讯股份有限公司 Compatible management method, device and the equipment of software upgrading, storage medium
CN111414189A (en) * 2020-03-20 2020-07-14 深圳前海微众银行股份有限公司 A method and device for determining version compatibility
CN113612757A (en) * 2021-07-29 2021-11-05 四川福泰美科技有限公司 Method and system for safely accessing industrial Internet of things terminal to network
CN113961936A (en) * 2021-10-26 2022-01-21 南方电网数字电网研究院有限公司 Trusted whitelist construction method, system, device and computer equipment

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080301668A1 (en) * 2007-05-29 2008-12-04 Guenter Zachmann Managing Different Versions of Server Components Regarding Compatibility With Collaborating Servers
CN106997302A (en) * 2017-03-31 2017-08-01 广东欧珀移动通信有限公司 Firmware upgrading method and device and audio playing equipment
CN107015828A (en) * 2017-03-31 2017-08-04 广东欧珀移动通信有限公司 Audio software upgrade method, application program upgrade method, device and system
CN107291457A (en) * 2017-06-08 2017-10-24 重庆长安汽车股份有限公司 The long-range renewal computing system and method for entire car controller software
CN109787789A (en) * 2017-11-10 2019-05-21 中兴通讯股份有限公司 Compatible management method, device and the equipment of software upgrading, storage medium
CN111414189A (en) * 2020-03-20 2020-07-14 深圳前海微众银行股份有限公司 A method and device for determining version compatibility
CN113612757A (en) * 2021-07-29 2021-11-05 四川福泰美科技有限公司 Method and system for safely accessing industrial Internet of things terminal to network
CN113961936A (en) * 2021-10-26 2022-01-21 南方电网数字电网研究院有限公司 Trusted whitelist construction method, system, device and computer equipment

Similar Documents

Publication Publication Date Title
US10089106B2 (en) Communications network, computer architecture, computer-implemented method and computer program product for development and management of femtocell-based applications
US20060143179A1 (en) Apparatus and method for managing security policy information using a device management tree
CN101083537B (en) A method, device and system for realizing equipment management
CN113271311B (en) A digital identity management method and system in a cross-chain network
CN111490893B (en) Method, device and system for establishing network forwarding model
CN111177246A (en) Service data processing method and device
US8745701B2 (en) Method and system for modeling options for opaque management data for a user and/or an owner
CN113221093B (en) Single sign-on system, method, equipment and product based on block chain
CN113992406A (en) A permission access control method for consortium chain cross-chain
CN113315681A (en) Automatic testing method and system based on intelligent home gateway plug-in
CA2569665C (en) A generic framework for developing ems provisioning services
CN113010238A (en) Permission determination method, device and system for micro application call interface
CN102137102B (en) Realizing method of service supporting platform for supporting multiclass information publishing modes
CN114125812A (en) A data synchronization method, device, server and storage medium
CN111711532B (en) Unified management method for heterogeneous network equipment
CN115694847A (en) A device management method, system and device
CN114567462A (en) Network access authentication method including software compatibility check and system thereof
CN112860462A (en) Method, device and system for realizing interconnection and intercommunication of IOT platform bases
WO2023134144A1 (en) Method for processing cloud service in cloud system, and related apparatus
CN115412557A (en) Block chain resource management method and device based on multi-chain cooperation
CN114676408A (en) Privacy computing platform system and resource interaction method
CN112925766A (en) Data security management and control device, system, method and readable storage medium thereof
CN114285613B (en) Data information calling method and device, storage medium and electronic device
WO2024108374A1 (en) Device configuration method and apparatus
CN116303257A (en) Data processing method, device, apparatus, medium and program product

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WD01 Invention patent application deemed withdrawn after publication
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20220531