CN101282254A - Method, system and apparatus for managing household network equipment - Google Patents
Method, system and apparatus for managing household network equipment Download PDFInfo
- Publication number
- CN101282254A CN101282254A CNA2007100875501A CN200710087550A CN101282254A CN 101282254 A CN101282254 A CN 101282254A CN A2007100875501 A CNA2007100875501 A CN A2007100875501A CN 200710087550 A CN200710087550 A CN 200710087550A CN 101282254 A CN101282254 A CN 101282254A
- Authority
- CN
- China
- Prior art keywords
- home network
- authority
- network device
- network user
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Small-Scale Networks (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention provides a management method for household network apparatuses, comprising the following steps of: receiving a visit request of household network users to visit the household network apparatuses; validating usage authority of the household network users to household network apparatuses according to attributes of the household network users contained in the visit request and to the attributes of the household apparatuses that the household network users visit; then in accordance with the usage authority, controlling the usage of household network apparatuses by the household network users. The invention also provides a management system and device for household network apparatuses. The invention is able to offer convenience for the household network administer to manage the apparatuses by setting attributes and authority of the apparatuses and businesses in the household network; and the invention confirms secure level of the household network apparatuses and usage authority of the household network users, which is beneficial to secure management of the household network.
Description
Technical field
The present invention relates to home network control and management technical field, relate in particular to a kind of home network device management method, system and device.
Background technology
The home network notion is proposed by household electrical appliances and IT industry at first, mainly in order to satisfy the user for demands such as the control of domestic electric appliance, security protections, comprises based on the family digital medium of Intel and the media center operating system of Microsoft etc.Development along with the broadband internet network, operator begins to pay close attention to home network, but be different from household electric appliances and IT industry understanding for home network and home gateway, telecom operators no longer rest on home network the network interconnection in the home-ranges, but with the extension of home network as communication network.
From the development of home network, home network is a constantly notion of expansion, and different industries has different understanding to home network, and is corresponding, also formed standardization body or forum separately.In general, home network relates to the content aspect four on notion and category:
(1) towards the home network interconnected
The home network interconnected mainly refers to by various internet devices and network technology, and each equipment of home network is linked together.Interconnected relates to two aspects, and one is that network connects, and emphasis is the home networking technology, for example Ethernet, PLC (Power Line Communication, power line networking), Wifi (WirelessFidelity, Wireless Fidelity), bluetooth etc.; Another one is internal unit control, for example carries out internal unit control by UPnP (Universal Plug and Play, UPnP) relevant criterion.
(2) towards household internal information sharing and collaborative work
Household internal information sharing and collaborative shared content of portion and the capacity of equipment within the family of mainly referring to.For example, share, can play the movie and video programs that are stored on the PC on the television set, can browse photo that digital camera takes etc. by TV by multimedia messages.Information sharing and cooperation are mainly on application layer, by information sharing and collaborative, can in home-ranges, set up a applied environment, isolated originally household equipment is coupled together, constitute seamless integrated home media, office and information centre based on home network.
(3) provide public network to connect and the broadband services application towards public network
Home network mainly is by home gateway home network and exterior I nternet broadband network to be coupled together towards the connection and the broadband service of public network, the content that comprises two aspects, one is the broadband access control that cooperates the home network demand to carry out, particularly for QoS (Quality of Server, service quality), (comprise attack protection and anti-virus) safely, and inner NAT (Network Address Translation, net address conversion) and problem, unified solution that relates to household internal network and broadband access network of needs such as penetrate; Another is to be that target is commenced business with the family, comprises broadband services and communication service.Different with traditional communication service and broadband services, have new characteristics based on the business of home network environment, comprise multiple terminals, multiple presenting and mode of operation, converged communication etc.
(4) towards the family network service platform
Business platform towards home network is a core to satisfy the family network service demand, and service management and business development platform towards home network are provided, and relates to three aspects: first aspect is that home network device is disposed automatically and manages; Second aspect is business configuration and the tactical management to home network; The 3rd aspect is the open interface that home network is provided to applications, makes applications can utilize the platform capabilities of home network, comprises the service application of exploitations such as capacity of equipment, automatic allocative abilities, tactical management ability based on home network.
Can see by home network universal model shown in Figure 1, different according to present position and effect, the home network entity can be divided into 7 kinds, comprising: long-distance user, remote terminal, application server, household safe gateway, domestic. applications server, domestic consumer, household equipment.Connect by wired or wireless mode between inner each entity of home network, and be connected with public network by the household safe gateway.Connecting each other between these entities comprises: long-distance user and remote terminal, remote terminal and household safe gateway, remote terminal and domestic. applications server, remote terminal and household equipment, application server and household safe gateway, application server and domestic. applications server, application server and household equipment, household safe gateway and household equipment, domestic. applications server and household equipment, household equipment and domestic consumer, household equipment and other household equipment, contact between household safe gateway and the domestic. applications server.
Wherein, household equipment is divided into 3 classes according to the function difference: category-A household equipment, category-B household equipment and C class household equipment.The category-A household equipment has controlled function, for example: computer, set-top box etc.; The category-B household equipment has bridging functionality, for example: switch (switch) and hub (hub) etc.; C class household equipment provides special services for other household equipment, and for example: Digital Television, refrigerator etc., wherein, C class household equipment does not have communication interface directly to connect home network, need be connected to home network by the category-B household equipment.
From the view of security because kinsfolk's difference has a variety of home environments, for example: single family, man and wife family, three-person household etc.Because member's identity difference in the family often requires that distinct device is had different rights of using.
And existing this device class method is just classified to household equipment on function, often is not very rigorous but classify with this simple sorting technique, and the equipment that belongs to certain kind equipment may have the function of another type equipment simultaneously.And this classification is not provided convenience for family network management person's management equipment: do not have the level of security of clear and definite equipment and user's service authority thereof, be unfavorable for the safety management of home network.
Summary of the invention
The embodiment of the invention provides a kind of home network device management method, system and device, is convenient to the safety management of home network.
The embodiment of the invention provides the access control method of home network device, may further comprise the steps:
Receive the access request of home network user visit home network device;
According to the attribute of the described home network user that comprises in the described access request, and the attribute of the household equipment of being visited by described home network user, the rights of using of described home network user verified to described home network device;
According to described rights of using, control of the use of described home network user to described home network device.
The embodiment of the invention also provides a kind of home network device management system, comprises home network device and authentication server, and described authentication server comprises that authority is provided with unit and Authority Verification unit;
Described authority is provided with the unit, is used to set in advance the attribute of home network user and described home network device, and home network user is to the rights of using of home network device;
Described Authority Verification unit, be used for the operation requests verified according to the described home network user that the described home network device that receives access request sends, and described authority is provided with rights of using checking that the unit sets in advance and initiates the described home network user of described access request and whether have corresponding rights of using to initiating described access request.
The embodiment of the invention also provides a kind of authentication server that is used for the home network device management, comprises that authority is provided with unit and Authority Verification unit,
Described authority is provided with the unit, is used to set in advance the attribute of home network user and home network device, and described home network user is to the rights of using of described home network device;
Described Authority Verification unit, be used for the operation requests verified according to the described network user that the described home network device that receives access request sends, and described authority is provided with rights of using checking that the unit sets in advance and initiates the described home network user of described access request and whether have corresponding rights of using to initiating described access request.
The embodiment of the invention can be provided convenience for family network management person's management equipment by home network user and home network device are carried out the fraction classification; And the level of security of clear and definite home network device and home network user thereof help the safety management of home network to the rights of using of home network device.
Description of drawings
Fig. 1 is a home network universal model structure chart in the prior art;
Fig. 2 is a home network device business management method flow chart in the embodiment of the invention;
Fig. 3 is the reciprocal process figure of client and home network device A in the embodiment of the invention;
Fig. 4 is the reciprocal process figure of the mutual back of client and home network device A and home network device B in the embodiment of the invention;
Fig. 5 is a home network user permission modification flow chart in the embodiment of the invention;
Fig. 6 is home network user authority application or an authority cancellation flow chart in the embodiment of the invention;
Fig. 7 is home network device business management system figure in the embodiment of the invention.
Embodiment
Do not used without permission for the protecting network resource, guarantee to have only user could visit home network device, canned data, information flow, services and applications etc., needed the safety management of reinforcement home network device through authorizing.The present invention discloses a kind of home network device business management method, and one embodiment may further comprise the steps as shown in Figure 2:
S201, the attribute of home network device is set, and the attribute of home network user is set according to the authority demand according to demand for security.
Home network device comprises: provide the home network device of info class service, as computer, monitor etc.; Provide the home network device of service class, as refrigerator, microwave oven etc.Obviously, the home network device of stored information will be higher than the home network device that single service only is provided to the demand degree of safety.Home network user mainly is relatively more fixing kinsfolk, also has the interim visitor of family, considers for the safety or the others factor of information in the home network, requires different kinsfolks that different operating rights is arranged.
In general home network, home network device is divided into shared device and personal device.Wherein, shared device comprises phone, TV, broadcast receiver, refrigerator etc.; Personal device comprises PC, game terminal etc.Above-mentioned personal device and shared device are unfixing, can distinguish according to the operating position of equipment in home network.
According to the difference of demand for security further home network device be set to public service equipment, private services equipment, public information equipment, personal information equipment; Be keeper, domestic consumer and interim visitor etc. and home network user can be set according to the difference of authority demand.
S202, the default attribute of basis are provided with the rights of using of home network user to home network device.
Behind the attribute that home network device and home network user are set respectively, also need to be provided with the rights of using of home network user to home network device.Attribute setting among the integrating step S201, concrete setting can be achieved as follows: for public service equipment, because stored information and generally can not threatening not, for all kinsfolks provide same service, illuminating lamp for example, sound equipment, the level of security of this kind equipment is minimum, generally not needing home network user to carry out identity and Authority Verification just can use, therefore can be all identical rights of using of home network user configuration; Public information equipment, can stored information or information service is provided, for example video telephone, TV, facsimile machine, monitor etc., the level of security of this kind equipment is medium, need authenticate user identity and authority, therefore dispose different rights of using for the user of different attribute; Private services equipment, stored information not, only the individual can use, perhaps stored information not, but relatively dangerous to the certain user, the operate refrigerator that may have threat, microwave oven etc. of children or old man for example, the level of security of this kind equipment is higher, need authenticate user identity and authority, therefore just dispose rights of using for the specific user; Personal information equipment, can stored information provide service for the individual, for example PC, game terminal etc., the level of security of this kind equipment is the highest, need carry out identity and Authority Verification to the user, therefore just dispose rights of using for the specific user, and the user of different attribute need dispose different rights of using.
S203, when home network user need be used home network device, verify whether this home network user has corresponding rights of using, if then allow this home network user that home network device is carried out corresponding operating.
After the rights of using of process step S202 were provided with, home network user then must be through authentication and Authority Verification when using home network device.Wherein, authentication is meant the identity of confirming home network user by the comparison of identity information, specifically can decide according to the home network security needs, and generally the authentication method that can adopt has: user password authentication, smart card authentication, biological characteristic authentication etc.; And Authority Verification is meant by the permissions list that sets in advance and confirms the rights of using of home network user to home network device.At the identity information of confirming home network user correct and have corresponding rights of using to home network device after, this home network user promptly can be carried out corresponding operating to home network device.
At among the invention described above embodiment to the attribute setting of home network device and home network user, and home network user specifically is provided with example with one below and is further set forth the setting of home network device rights of using.In conjunction with existing home network device A, B, C classification, every kind equipment is carried out secondary divide, promptly be subdivided into the public service kind equipment, public information kind equipment, private services kind equipment, personal information kind equipment.Household equipment is divided into 12 classes thus.
Through after the device class, be that example is provided with the authority relation between distinct device and the different user with general three-person household, be expressed as follows with table 1.
Table 1: the authority relation between device class and the user
In the table 1, Y represents that corresponding user has this equipment and uses or control authority, N represents not have corresponding authority;? the expression authority has after according to the approval of casual user to the demand of appliance services and keeper to be used or control, and described private services or the pairing Y* of info class equipment are meant that only the service object of this appliance services has the right to use.
Here the user in the home network is divided, be convenient to from user perspective table 1.
Father and mother generally are as family network management person, and the equipment rights of using are managed, and such as with Digital Television, the open hour of computer limit, forbid that child is to right to use of some hazardous equipment etc.; When interim visitor occurring in the family, also need visitor's equipment rights of using are limited.Therefore, the network manager is possessed of control power to all devices in the home network, also all has the right to use to all common equipments with for the personal device of keeper service.
Child in the family is exactly the fixedly domestic consumer except the keeper in the home network, do not have the control and the right to use for the category-A equipment in the common equipment, because category-A equipment is the equipment with controlled function, need avoid irrational operation to occur to cause unnecessary loss.In addition, such user also is restricted to the service time of some equipment, and for example the network connect hours of TV, PC is all set in advance by the network manager.
Interim visitor's Permission Levels need be distributed by the keeper temporarily, and the general Permission Levels of the casual user of different identity also can be different, but generally all do not have the control of equipment.The table l in unique all users all have control and usufructuary public service kind equipment in the C kind equipment because its not stored information can not cause other threat yet.
The level of security table 1 of slave unit again: obviously info class equipment is lower than the service class to the open degree of user, and promptly the info class device security is superior to service class equipment.Because generally all storing useful information in the info class equipment, only the network manager just is possessed of control power to these equipment, and other user only has the right to use or the part right to use.Personal device is than the level of security height of common equipment, because the personal information kind equipment may stored the personal information of need to be keep secret, the person used under private services equipment generally only allowed equipment.The category-A device security is superior to B and C class, because can be used for controlling miscellaneous equipment, generally only the network manager could operate control to category-A equipment.
In the embodiment of the invention, carry out initialization about the attribute and the corresponding rights of using of home network user in will be when home network is installed, and after being connected to home network, home network device is carried out the attribute setting home network device.Detailed process can be carried out as follows:
When the configuration home network is installed, home gateway can be divided three classes having the user now: keeper, general kinsfolk and interim visitor, and come all types of user authority is carried out initialization according to the authority list (as shown in table 1) of public service class, public information class, private services class, personal information kind equipment in A, B, the C class.
After family's network installation is finished, all devices in the home network needs to carry out initialization with home gateway and is connected, and by home gateway these equipment are classified, a class home network user has identical rights of using for same class home network device.
The initialization procedure of kinsfolk's authority of the present invention will carry out original allocation to the rights of using of home network user after family's network installation is finished, and the rights of using of corresponding private information equipment are adjusted.Detailed process is as follows:
After the initialization of finishing home network device, distribute an administrator right to home network user, administrator right can be given corresponding keeper or general kinsfolk's authority to other home network user, and gives corresponding interim visitor's authority to regular visitor.
The keeper can adjust the personal information kind equipment authority of home network user on the basis of distributing that the rights of using of home network user are classified, so that make home network user only have the right to use to the personal information kind equipment of oneself.
In the use flow process of the household equipment in the embodiment of the invention, because detailed partition has been carried out in rights of using and home network device classification to home network user, so after family's network user login arrives family's network, if authenticate to home network user a certain class home network device is had rights of using, this home network user just can have corresponding rights of using to this class home network device so.Detailed process may further comprise the steps as shown in Figure 3:
Step s301, home network user is sent service request by client to home network device A, comprises the user name of home network user, the information on services of application in the request, as service name or unique identification.
Step s302, home network device A send the request of home network being carried out corresponding checking to authentication server after receiving the service request of home network user.
Step s303, authentication server is verified the identity of home network user.
Step s304, authentication by and after home network user information obtained confirming, authentication server will be verified the associative operation authority that this home network user is applied for.
After step s305, server passed through domestic consumer's Authority Verification, this home network user of notice home network device A had the right to operate accordingly.
Step s306, home network user is operated accordingly to home network device.
If home network user will conduct interviews to home network device B after visit finishes to home network device A again, because home network user had been carried out authentication before home network device A is operated, so here do not need again the identity of this home network user to be verified, concrete steps may further comprise the steps as shown in Figure 4:
Step s401, home network user by client to home network device B transmit operation request.
Step s402, home network device B sends home network user identity and Authority Verification request to authentication server.
Step s403 verifies whether this home network user is identical with the request to home network device A to the request of home network device B, if identical, then changes step s404, otherwise, change step s405.
Step s404, authentication server is investigated home network device B and whether home network device A belongs to same type home network device to home gateway, as belong to same class home network device (not comprising personal information class home network device) then home network user can carry out same operation to home network device B, change step s406, otherwise, change step s405.
Step s405, verifying authorization, if home network user is to the service of equipment B application and inequality to the operation of device A application, though or the application service is identical, but home network device A and home network device B do not belong to same class home network device, then authentication server need be verified again to the corresponding operating right of home network user, just allow home network user that home network device B is operated accordingly if having corresponding authority, if home network user does not have authority that home network device B is carried out requested operation, then provide the refusal prompting.
Step s406, home network user is operated accordingly to household equipment.
In kinsfolk's permission modification flow process of the present invention, can apply for obtaining the right to use or the control of certain equipment to the keeper as kinsfolk or interim visitor's home network user, the keeper also can cancel kinsfolk and the interim visitor right to use or the control to home network device.Specifically as shown in Figure 5, may further comprise the steps:
Step s501, the rights of using that home network user is applied for a certain home network device or a certain class home network device to the keeper, or the keeper thinks some authority that cancel home network user; After the keeper ratified application, keeper's identity of use itself was landed home gateway by client, and sent the request of change home network user corresponding authority to home gateway.
Step s502, home gateway sends the identity and the Authority Verification request of this home network user to authentication server after receiving the corresponding operating request of certain home network user with the transmission of keeper's identity.
Step s503, authentication server carries out authentication to this home network user, if identity information checking by change step s504.
Step s504 checks that whether this home network user has administrator right to revise other member's corresponding authority, if this home network user has the modification authority to other home network user, just changes step s505; If this home network user does not have authority that the authority of other home network user is operated accordingly, then provide the refusal prompting.
Step s505, authentication server returns a response that allows modification to home gateway.
Step s506, home gateway begin to carry out the modification of corresponding home network user authority.
Step s507, the notice authentication server carries out the corresponding modification operation.
Step s508 is stored in the amended home network user authority of keeper in the permissions list of authentication server, and authority just had through the home network user of revising or lost operating right to some home network device this moment.
Step s509, if store successfully at the permissions list of authentication server, authentication server returns the storage successful information to home gateway.
Step s510, home gateway returns the home network user authority to the Administrator Client and revises successful information.
In the authority application of the home network user in the embodiment of the invention and the authority logout flow path, kinsfolk or interim visitor can apply for obtaining corresponding kinsfolk or interim visitor's identity to the keeper, and the keeper also can cancel kinsfolk or interim visitor's respective identity.Detailed process may further comprise the steps as shown in Figure 6:
Step s601, the identity that home network user applies for obtaining corresponding kinsfolk or interim visitor to the keeper, or the keeper thinks the respective identity that cancel home network user; After the keeper ratified application, keeper's identity of use itself was landed home gateway by client, and sent the request of adding or cancelling home network user to home gateway.
Step s602, home gateway sends the identity and the Authority Verification request of this home network user to authentication server after receiving the corresponding operating request of certain home network user with the initiation of keeper's identity.
Step s603, authentication server carries out authentication to this home network user, if identity information checking by change step s604.
Step s604 checks that whether this home network user has authority to revise other home network user corresponding authority, if this home network user has the modification authority to other home network user, then changes step s605; If home network user does not have authority that the authority of other home network user is operated accordingly, then provide the refusal prompting.
Step s605, authentication server returns a response that allows modification to home gateway.
Step s606, home gateway begin to add or delete corresponding home network user authority.
Step s607, the notice authentication server carries out the interpolation or the deletion of corresponding home network user authority.
Step s608 adds the user to authentication server and gives corresponding authority, and this moment, this new home network user just had corresponding authority; Or the keeper is the cancellation of certain home network user, and this home network user is just deleted from authentication server so.
Step s609, if store successfully at the permissions list of authentication server, authentication server returns the storage successful information to home gateway.
Step s610, home gateway return home network user to the Administrator Client and add or cancel successful information.
The embodiment of the invention described above home network device management method, by home network device and user are carried out the fraction classification, and home network user is when needs are operated home network device, need identity information checking and Authority Verification through authentication server, whether has corresponding operating right with go forward side by side step card of the correctness of the information of determining one's identity, thereby make things convenient for the keeper that home network is managed, make the level of security and the user right of home network device more clear and definite, help the safety management of home network.
The present invention also discloses a kind of home network device management system, one embodiment as shown in Figure 7, comprise client 100, home network device 200 and authentication server 300, authentication server 300 comprises that authority is provided with unit 301, identity authenticating unit 302, Authority Verification unit 303 and permissions list memory cell 304.Authority is provided with unit 301 and is used to set in advance the rights of using of home network user to home network device, and deposits permissions list memory cell 304 in tabular form; Identity authenticating unit 302 is used for home network user is carried out authentication, confirms whether the identity information of home network user is correct; Authority Verification unit 303 is used for according to the authentication request of home network device 200 to ID authentication device 300 transmissions, and the rights of using tabulation of permissions list memory cell 304 storages is carried out Authority Verification for home network user; Permissions list memory cell 304 is used to store described rights of using tabulation.
With a concrete application example the invention described above home network device management system is further set forth below.Continue as shown in Figure 7, at first the attribute setting that home network user and home network device are finished in unit 301 is set by the authority in the authentication server 300, and for home network user is provided with rights of using, and the rights of using after will being provided with deposit in the permissions list memory cell 304 of authentication server 300 with tabular form; When home network user need be used home network device 200, initiate operation requests to home network device 200, comprise the user name of home network user, the operation information of application in the request by client 100; Home network is provided with 200 after receiving user's operation requests, 300 couples of users carry out identity and Authority Verification by authentication server, specifically comprise: whether the home network user identity information of initiating operation requests according to canned data judgement in advance by identity authenticating unit 302 meets, after identity authenticating unit 302 authentications are passed through, whether there is authority to operate by Authority Verification unit 303 according to this home network user of permissions list Information Authentication in the permissions list memory cell 304, if the verification passes, then allow home network user that home network device 200 is carried out corresponding operating.In addition, home network user can also be provided with unit 301 by the authority in 100 pairs of authentication servers 300 of client to keeper's application and operate, carry out permission modification, application and cancellation, authority is provided with unit 301 and after carrying out corresponding authority modification the result is deposited in the permissions list memory cell 304.
The embodiment of the invention described above home network device management system, in family's network device management, at first the unit is set home network device and user are carried out the fraction differentiated control by the authority of authentication server, when need operating home network device, the user by identity authenticating unit and Authority Verification unit user's identity information and authority are verified again then, to determine whether having corresponding operating right; Thereby by home network device and user are carried out the fraction classification, provide convenience, and make the level of security of home network device and user right thereof more clear and definite, help the safety management of home network for family network management person manages equipment.
The present invention also discloses a kind of authentication server that is used for the home network device management, one embodiment is shown in authentication server among Fig. 7 300, and it comprises that authority is provided with unit 301, identity authenticating unit 302, Authority Verification unit 303 and permissions list memory cell 304.Authority is provided with unit 301 and is used to set in advance the rights of using of home network user to home network device, and deposits permissions list memory cell 304 in tabular form; Identity authenticating unit 302 is used for home network user is carried out authentication, confirms whether the identity information of home network user is correct; Authority Verification unit 303 is used for according to the authentication request of home network device 200 to ID authentication device 300 transmissions, and the rights of using tabulation of permissions list memory cell 304 storages is carried out Authority Verification for home network user; Permissions list memory cell 304 is used to store described rights of using tabulation.
More than disclosed only be specific embodiments of the invention, still, the present invention is not limited thereto, any those skilled in the art can think variation all should fall into protection scope of the present invention.
Claims (13)
1. the access control method of a home network device is characterized in that, may further comprise the steps:
Receive the access request of home network user visit home network device;
According to the attribute of the described home network user that comprises in the described access request, and the attribute of the household equipment of being visited by described home network user, the rights of using of described home network user verified to described home network device;
According to described rights of using, control of the use of described home network user to described home network device.
2. the access control method of home network device according to claim 1 is characterized in that the attribute of described home network device is according to the demand for security setting of home network device.
3. as the access control method of home network device as described in the claim 2, it is characterized in that the attribute of described home network device comprises according to demand for security order from low to high: public service equipment, public information equipment, private services equipment, personal information equipment.
4. the access control method of home network device according to claim 1 is characterized in that, the attribute of described home network user is provided with according to the authority demand of home network user.
5. the access control method of home network device according to claim 1 is characterized in that, further comprises before the rights of using of described checking home network user to home network device:
Identity information according to the described home network user that comprises in the described access request carries out authentication, determines that the identity information of described home network user is legal.
6. the access control method of home network device according to claim 1 is characterized in that, also comprises the permission modification flow process:
Receive the change authority request that the First Family network user changes the second home network user authority;
The described First Family network user is carried out authentication and Authority Verification;
After confirming that the described First Family network user has authority to revise the corresponding authority of described second home network user, the authority of described second home network user is made amendment according to the described First Family network user's change authority request.
7. the access control method of home network device according to claim 1 is characterized in that, also comprises authority application and authority logout flow path:
Receive application that described home network user sends or the request of nullifying other home network user authority;
Described home network user is carried out authentication and Authority Verification;
After confirming that described home network user has authority application or nullifies other member's corresponding authority, carry out of the request of described home network user to other home network user authority application or authority cancellation.
8. a home network device management system comprises home network device and authentication server, it is characterized in that, described authentication server comprises that authority is provided with unit and Authority Verification unit;
Described authority is provided with the unit, is used to set in advance the attribute of home network user and described home network device, and home network user is to the rights of using of home network device;
Described Authority Verification unit, be used for the operation requests verified according to the described home network user that the described home network device that receives access request sends, and described authority is provided with rights of using checking that the unit sets in advance and initiates the described home network user of described access request and whether have corresponding rights of using to initiating described access request.
9. as home network device management system as described in the claim 8, it is characterized in that described authentication server also comprises identity authenticating unit, be used for the identity information of the described home network user of initiating described access request is verified.
10. as home network device management system as described in the claim 8, it is characterized in that, according to described authority the setting of unit is set, described home network device is divided into: public service equipment, public information equipment, private services equipment, personal information equipment.
11. an authentication server that is used for the home network device management is characterized in that, comprises that authority is provided with unit and Authority Verification unit,
Described authority is provided with the unit, is used to set in advance the attribute of home network user and home network device, and described home network user is to the rights of using of described home network device;
Described Authority Verification unit, be used for the operation requests verified according to the described network user that the described home network device that receives access request sends, and described authority is provided with rights of using checking that the unit sets in advance and initiates the described home network user of described access request and whether have corresponding rights of using to initiating described access request.
12., it is characterized in that as being used for the authentication server of home network device management as described in the claim 11, also comprise identity authenticating unit, be used for the identity information of the described home network user of initiating described access request is verified.
13. as described in claim 11, be used for the authentication server that home network device is managed, it is characterized in that, according to described authority the setting of unit is set, described home network device is divided into: public service equipment, public information equipment, private services equipment, personal information equipment.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2007100875501A CN101282254B (en) | 2007-04-02 | 2007-04-02 | Method, system and apparatus for managing household network equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2007100875501A CN101282254B (en) | 2007-04-02 | 2007-04-02 | Method, system and apparatus for managing household network equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101282254A true CN101282254A (en) | 2008-10-08 |
| CN101282254B CN101282254B (en) | 2011-06-01 |
Family
ID=40014547
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2007100875501A Expired - Fee Related CN101282254B (en) | 2007-04-02 | 2007-04-02 | Method, system and apparatus for managing household network equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101282254B (en) |
Cited By (43)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2010111914A1 (en) * | 2009-03-31 | 2010-10-07 | 华为技术有限公司 | Method, apparatus and system for network authorization management |
| CN101951403A (en) * | 2010-09-16 | 2011-01-19 | 中兴通讯股份有限公司 | Classification-based centralized authentication and authorization method in information terminal |
| CN102025747A (en) * | 2010-12-29 | 2011-04-20 | 中兴通讯股份有限公司 | Household information machine and authentication method thereof |
| CN102065439A (en) * | 2011-01-13 | 2011-05-18 | 中兴通讯股份有限公司 | Interference harmonizing method and device |
| CN102065377A (en) * | 2009-11-12 | 2011-05-18 | 中兴通讯股份有限公司 | Femtocell user management method and device |
| CN102077652A (en) * | 2009-04-24 | 2011-05-25 | 华为技术有限公司 | Method and apparatus for carrying out admission controlling of closed subscriber group csg terminal |
| CN101521598B (en) * | 2009-03-30 | 2011-07-13 | 中兴通讯股份有限公司 | SNMP network management system and method thereof for managing access customer |
| CN102340527A (en) * | 2010-07-20 | 2012-02-01 | 中国联合网络通信集团有限公司 | Realization method for home portal and home gateway |
| CN102594630A (en) * | 2011-01-10 | 2012-07-18 | 海尔集团公司 | Intelligent household system |
| CN102710625A (en) * | 2012-05-24 | 2012-10-03 | 中兴通讯股份有限公司 | Method for controlling external terminal to access electric appliance and home gateway |
| CN102789682A (en) * | 2012-07-13 | 2012-11-21 | 惠州Tcl移动通信有限公司 | Method and system for remote control of household appliances |
| CN102970604A (en) * | 2012-11-29 | 2013-03-13 | 天津三星电子有限公司 | Television user authority distribution management system |
| CN103268552A (en) * | 2013-04-16 | 2013-08-28 | 北京小米科技有限责任公司 | Method and system for processing data |
| CN103384232A (en) * | 2012-05-02 | 2013-11-06 | 华为终端有限公司 | Identity authentication method and device |
| CN103546423A (en) * | 2012-07-10 | 2014-01-29 | 中兴通讯股份有限公司 | Digital multimedia right control method and digital multimedia equipment |
| CN103684939A (en) * | 2013-11-22 | 2014-03-26 | 九阳股份有限公司 | Right control method for network appliance system |
| CN103729590A (en) * | 2013-12-27 | 2014-04-16 | 四川长虹电器股份有限公司 | Method, device and system for setting equipment access right |
| CN103795708A (en) * | 2013-12-27 | 2014-05-14 | 北京天融信软件有限公司 | Terminal access method and system |
| CN104239777A (en) * | 2014-08-29 | 2014-12-24 | 深信服网络科技(深圳)有限公司 | Method and system for releasing control of controlled equipment |
| CN104283745A (en) * | 2014-09-12 | 2015-01-14 | 小米科技有限责任公司 | Method, device and system for controlling intelligent household equipment |
| CN104468657A (en) * | 2013-09-18 | 2015-03-25 | 上海耕云供应链管理有限公司 | Equipment enabling control system and equipment enabling control method based on equipment identification information |
| CN104793502A (en) * | 2014-01-21 | 2015-07-22 | 上海科斗电子科技有限公司 | Intelligent control system with learning function |
| CN104881014A (en) * | 2015-05-29 | 2015-09-02 | 四川长虹电器股份有限公司 | Control method and intelligent household control device |
| CN105095706A (en) * | 2015-06-25 | 2015-11-25 | 小米科技有限责任公司 | Method and apparatus for setting operational right |
| CN105162769A (en) * | 2015-07-31 | 2015-12-16 | 中国联合网络通信集团有限公司 | Gateway authority transfer method and gateway authority transfer device |
| CN105430644A (en) * | 2015-10-30 | 2016-03-23 | 深圳市灵感智慧科技有限公司 | Method of realizing APP privilege management |
| CN105472765A (en) * | 2014-08-21 | 2016-04-06 | 小米科技有限责任公司 | Method and device for controlling sound box connection |
| CN105527852A (en) * | 2015-12-11 | 2016-04-27 | 四川长虹电器股份有限公司 | Method for controlling smart home system and controller |
| CN105741126A (en) * | 2016-04-01 | 2016-07-06 | 广东美的暖通设备有限公司 | Management method and management apparatus of air conditioner, server, terminal and communication module |
| CN106330957A (en) * | 2016-09-26 | 2017-01-11 | 深圳前海弘稼科技有限公司 | Control method of planting apparatus, control device and server |
| CN106506455A (en) * | 2016-10-11 | 2017-03-15 | 杭州迪普科技股份有限公司 | A kind of management-control method of movable storage device and device |
| CN106896729A (en) * | 2015-12-17 | 2017-06-27 | 美的集团股份有限公司 | The management method of family's group household electrical appliance, device and system |
| CN107180632A (en) * | 2017-06-19 | 2017-09-19 | 微鲸科技有限公司 | Sound control method, device and readable storage medium storing program for executing |
| CN107741701A (en) * | 2017-11-16 | 2018-02-27 | 广东乐心医疗电子股份有限公司 | Intelligent wearable household control method and system for children |
| WO2018227802A1 (en) * | 2017-06-13 | 2018-12-20 | 西安中兴新软件有限责任公司 | Permission obtaining method, apparatus and device, and storage medium |
| CN109120638A (en) * | 2018-09-18 | 2019-01-01 | 淄博正邦知识产权企划有限公司 | A kind of safety access device and method applied to smart home system |
| CN109756446A (en) * | 2017-11-01 | 2019-05-14 | 中车株洲电力机车研究所有限公司 | A kind of access method and system of mobile unit |
| CN110932898A (en) * | 2019-11-27 | 2020-03-27 | 云南电网有限责任公司电力科学研究院 | Intelligent network management system and method |
| CN111092797A (en) * | 2019-12-23 | 2020-05-01 | 四川虹美智能科技有限公司 | Equipment control authority distribution method, device and system |
| CN111585985A (en) * | 2020-04-24 | 2020-08-25 | 广东职业技术学院 | Business identity recognition and authentication method and system based on block chain |
| TWI714159B (en) * | 2019-07-10 | 2020-12-21 | 東碩資訊股份有限公司 | User authentication management system and method |
| CN114710348A (en) * | 2022-03-31 | 2022-07-05 | 湖北工业大学 | Authorization authentication and key agreement method for user to use household intelligent equipment |
| WO2023284555A1 (en) * | 2021-07-14 | 2023-01-19 | 华为技术有限公司 | Method for securely calling service, and method and apparatus for securely registering service |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1863195B (en) * | 2005-05-13 | 2010-04-07 | 中兴通讯股份有限公司 | Family network system with safety registration function and method thereof |
-
2007
- 2007-04-02 CN CN2007100875501A patent/CN101282254B/en not_active Expired - Fee Related
Cited By (63)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101521598B (en) * | 2009-03-30 | 2011-07-13 | 中兴通讯股份有限公司 | SNMP network management system and method thereof for managing access customer |
| WO2010111914A1 (en) * | 2009-03-31 | 2010-10-07 | 华为技术有限公司 | Method, apparatus and system for network authorization management |
| CN102077652A (en) * | 2009-04-24 | 2011-05-25 | 华为技术有限公司 | Method and apparatus for carrying out admission controlling of closed subscriber group csg terminal |
| CN102065377A (en) * | 2009-11-12 | 2011-05-18 | 中兴通讯股份有限公司 | Femtocell user management method and device |
| CN102065377B (en) * | 2009-11-12 | 2014-02-05 | 中兴通讯股份有限公司 | Femtocell user management method and device |
| CN102340527A (en) * | 2010-07-20 | 2012-02-01 | 中国联合网络通信集团有限公司 | Realization method for home portal and home gateway |
| CN101951403A (en) * | 2010-09-16 | 2011-01-19 | 中兴通讯股份有限公司 | Classification-based centralized authentication and authorization method in information terminal |
| WO2012034377A1 (en) * | 2010-09-16 | 2012-03-22 | 中兴通讯股份有限公司 | Classification-based centralized authentication and authorization method in information terminal |
| CN102025747A (en) * | 2010-12-29 | 2011-04-20 | 中兴通讯股份有限公司 | Household information machine and authentication method thereof |
| WO2012094888A1 (en) * | 2011-01-10 | 2012-07-19 | 海尔集团公司 | Smart home system |
| CN102594630A (en) * | 2011-01-10 | 2012-07-18 | 海尔集团公司 | Intelligent household system |
| CN102065439A (en) * | 2011-01-13 | 2011-05-18 | 中兴通讯股份有限公司 | Interference harmonizing method and device |
| CN103384232B (en) * | 2012-05-02 | 2016-08-24 | 华为终端有限公司 | Identity authentication method and device |
| CN103384232A (en) * | 2012-05-02 | 2013-11-06 | 华为终端有限公司 | Identity authentication method and device |
| CN102710625A (en) * | 2012-05-24 | 2012-10-03 | 中兴通讯股份有限公司 | Method for controlling external terminal to access electric appliance and home gateway |
| CN103546423B (en) * | 2012-07-10 | 2018-04-17 | 中兴通讯股份有限公司 | Digital multimedia authority control method and digital multimedia device |
| CN103546423A (en) * | 2012-07-10 | 2014-01-29 | 中兴通讯股份有限公司 | Digital multimedia right control method and digital multimedia equipment |
| CN102789682A (en) * | 2012-07-13 | 2012-11-21 | 惠州Tcl移动通信有限公司 | Method and system for remote control of household appliances |
| CN102789682B (en) * | 2012-07-13 | 2015-12-16 | 惠州Tcl移动通信有限公司 | A kind of method and system of remote control home electrical appliance |
| CN102970604A (en) * | 2012-11-29 | 2013-03-13 | 天津三星电子有限公司 | Television user authority distribution management system |
| CN103268552A (en) * | 2013-04-16 | 2013-08-28 | 北京小米科技有限责任公司 | Method and system for processing data |
| CN104468657B (en) * | 2013-09-18 | 2018-04-20 | 上海耕云供应链管理有限公司 | Equipment based on device identifying information enables control system and control method |
| CN104468657A (en) * | 2013-09-18 | 2015-03-25 | 上海耕云供应链管理有限公司 | Equipment enabling control system and equipment enabling control method based on equipment identification information |
| CN103684939A (en) * | 2013-11-22 | 2014-03-26 | 九阳股份有限公司 | Right control method for network appliance system |
| CN103684939B (en) * | 2013-11-22 | 2017-06-06 | 九阳股份有限公司 | A kind of authority control method of network household appliance system |
| CN103729590A (en) * | 2013-12-27 | 2014-04-16 | 四川长虹电器股份有限公司 | Method, device and system for setting equipment access right |
| CN103795708A (en) * | 2013-12-27 | 2014-05-14 | 北京天融信软件有限公司 | Terminal access method and system |
| CN104793500A (en) * | 2014-01-21 | 2015-07-22 | 上海本星电子科技有限公司 | Database system containing owner information and application thereof |
| CN104793501A (en) * | 2014-01-21 | 2015-07-22 | 上海科斗电子科技有限公司 | Intelligent control system adopting multiple information verification |
| CN104793499A (en) * | 2014-01-21 | 2015-07-22 | 上海科斗电子科技有限公司 | Intelligent interactive system and software system thereof |
| CN104793527A (en) * | 2014-01-21 | 2015-07-22 | 上海科斗电子科技有限公司 | Intelligent interaction system with body state identification function |
| CN104793502A (en) * | 2014-01-21 | 2015-07-22 | 上海科斗电子科技有限公司 | Intelligent control system with learning function |
| CN104793503A (en) * | 2014-01-21 | 2015-07-22 | 上海科斗电子科技有限公司 | Intelligent interaction system containing relative position control parameters |
| CN104793526A (en) * | 2014-01-21 | 2015-07-22 | 上海科斗电子科技有限公司 | Intelligent interactive system with master identity distinguishing function |
| CN105472765A (en) * | 2014-08-21 | 2016-04-06 | 小米科技有限责任公司 | Method and device for controlling sound box connection |
| CN104239777B (en) * | 2014-08-29 | 2017-07-11 | 深信服网络科技(深圳)有限公司 | The method and system of controlled plant solution control |
| CN104239777A (en) * | 2014-08-29 | 2014-12-24 | 深信服网络科技(深圳)有限公司 | Method and system for releasing control of controlled equipment |
| CN104283745A (en) * | 2014-09-12 | 2015-01-14 | 小米科技有限责任公司 | Method, device and system for controlling intelligent household equipment |
| CN104881014A (en) * | 2015-05-29 | 2015-09-02 | 四川长虹电器股份有限公司 | Control method and intelligent household control device |
| CN105095706A (en) * | 2015-06-25 | 2015-11-25 | 小米科技有限责任公司 | Method and apparatus for setting operational right |
| CN105095706B (en) * | 2015-06-25 | 2019-02-12 | 小米科技有限责任公司 | Operating right setting method and device |
| CN105162769A (en) * | 2015-07-31 | 2015-12-16 | 中国联合网络通信集团有限公司 | Gateway authority transfer method and gateway authority transfer device |
| CN105162769B (en) * | 2015-07-31 | 2018-12-28 | 中国联合网络通信集团有限公司 | A kind of method and device of gateway permission transfer |
| CN105430644A (en) * | 2015-10-30 | 2016-03-23 | 深圳市灵感智慧科技有限公司 | Method of realizing APP privilege management |
| CN105527852A (en) * | 2015-12-11 | 2016-04-27 | 四川长虹电器股份有限公司 | Method for controlling smart home system and controller |
| CN106896729A (en) * | 2015-12-17 | 2017-06-27 | 美的集团股份有限公司 | The management method of family's group household electrical appliance, device and system |
| CN105741126B (en) * | 2016-04-01 | 2020-06-30 | 广东美的暖通设备有限公司 | Management method and management device of air conditioner, server, terminal and communication device |
| CN105741126A (en) * | 2016-04-01 | 2016-07-06 | 广东美的暖通设备有限公司 | Management method and management apparatus of air conditioner, server, terminal and communication module |
| CN106330957A (en) * | 2016-09-26 | 2017-01-11 | 深圳前海弘稼科技有限公司 | Control method of planting apparatus, control device and server |
| CN106506455A (en) * | 2016-10-11 | 2017-03-15 | 杭州迪普科技股份有限公司 | A kind of management-control method of movable storage device and device |
| CN106506455B (en) * | 2016-10-11 | 2019-09-06 | 杭州迪普科技股份有限公司 | A kind of management-control method and device of movable storage device |
| WO2018227802A1 (en) * | 2017-06-13 | 2018-12-20 | 西安中兴新软件有限责任公司 | Permission obtaining method, apparatus and device, and storage medium |
| CN107180632A (en) * | 2017-06-19 | 2017-09-19 | 微鲸科技有限公司 | Sound control method, device and readable storage medium storing program for executing |
| CN109756446A (en) * | 2017-11-01 | 2019-05-14 | 中车株洲电力机车研究所有限公司 | A kind of access method and system of mobile unit |
| CN109756446B (en) * | 2017-11-01 | 2021-07-30 | 中车株洲电力机车研究所有限公司 | Access method and system for vehicle-mounted equipment |
| CN107741701A (en) * | 2017-11-16 | 2018-02-27 | 广东乐心医疗电子股份有限公司 | Intelligent wearable household control method and system for children |
| CN109120638A (en) * | 2018-09-18 | 2019-01-01 | 淄博正邦知识产权企划有限公司 | A kind of safety access device and method applied to smart home system |
| TWI714159B (en) * | 2019-07-10 | 2020-12-21 | 東碩資訊股份有限公司 | User authentication management system and method |
| CN110932898A (en) * | 2019-11-27 | 2020-03-27 | 云南电网有限责任公司电力科学研究院 | Intelligent network management system and method |
| CN111092797A (en) * | 2019-12-23 | 2020-05-01 | 四川虹美智能科技有限公司 | Equipment control authority distribution method, device and system |
| CN111585985A (en) * | 2020-04-24 | 2020-08-25 | 广东职业技术学院 | Business identity recognition and authentication method and system based on block chain |
| WO2023284555A1 (en) * | 2021-07-14 | 2023-01-19 | 华为技术有限公司 | Method for securely calling service, and method and apparatus for securely registering service |
| CN114710348A (en) * | 2022-03-31 | 2022-07-05 | 湖北工业大学 | Authorization authentication and key agreement method for user to use household intelligent equipment |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101282254B (en) | 2011-06-01 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101282254B (en) | Method, system and apparatus for managing household network equipment | |
| US20220078179A1 (en) | Zero sign-on authentication | |
| US8813194B2 (en) | Enabling access to a secured wireless local network without user input of a network password | |
| CN101064628B (en) | Household network appliance safe management system and method | |
| CN101682439B (en) | Method for using contents, method for sharing contents and device based on security level | |
| CN102947797B (en) | The online service using directory feature extending transversely accesses and controls | |
| CN1881964B (en) | Home gateway device, access control system for home network | |
| CN104903900B (en) | Shared file system and method | |
| CN101267367B (en) | Method, system, authentication server and home device for controlling access to home network | |
| US20100023491A1 (en) | Method and apparatus for network storage access rights management | |
| CN103150621A (en) | Social device resource management | |
| KR20070117502A (en) | Method and system for access control to ce devices in a network | |
| CN101820344A (en) | AAA server, home network access method and system | |
| US20080013554A1 (en) | Gateway for controlling electric equipment connected to lan through wan | |
| CN102763394A (en) | Monitoring method and device | |
| CN104683320A (en) | Home network multimedia content sharing access control method and device | |
| WO2009008003A2 (en) | Method and system for restricting access of one or more users to a service | |
| JPWO2008093868A1 (en) | Control system for controlling controlled device such as peripheral device, control method, and computer program for control | |
| US20070162980A1 (en) | SYSTEM AND METHOD FOR PROVIDING CONTENT SECURITY IN UPnP SYSTEMS | |
| US20090049143A1 (en) | System and method for transmitting messages for a set of communication devices | |
| CN101335647A (en) | Family network access method and family network management system | |
| CN104469489A (en) | User migration method, device and system for internet protocol television system | |
| US20100162414A1 (en) | Digital Rights Management for Differing Domain-Size Restrictions | |
| CN105703981B (en) | The method of nomadic service is provided by virtual home gateway | |
| KR101702417B1 (en) | Method and apparatus for monopolizing call session of transmitting/receiving call system using universal plug and play |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20110601 Termination date: 20160402 |