CN105871749A - Network access control method and system based on router, and related device - Google Patents

Network access control method and system based on router, and related device Download PDF

Info

Publication number
CN105871749A
CN105871749A CN201510785241.6A CN201510785241A CN105871749A CN 105871749 A CN105871749 A CN 105871749A CN 201510785241 A CN201510785241 A CN 201510785241A CN 105871749 A CN105871749 A CN 105871749A
Authority
CN
China
Prior art keywords
user
router
access device
access
finger print
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201510785241.6A
Other languages
Chinese (zh)
Inventor
黄启鑫
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Leshi Zhixin Electronic Technology Tianjin Co Ltd
Original Assignee
Leshi Zhixin Electronic Technology Tianjin Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Leshi Zhixin Electronic Technology Tianjin Co Ltd filed Critical Leshi Zhixin Electronic Technology Tianjin Co Ltd
Priority to CN201510785241.6A priority Critical patent/CN105871749A/en
Priority to PCT/CN2016/085421 priority patent/WO2017084322A1/en
Publication of CN105871749A publication Critical patent/CN105871749A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/069Authentication using certificates or pre-shared keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/70Admission control; Resource allocation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Biomedical Technology (AREA)
  • General Health & Medical Sciences (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses a network access control method and system based on a router, and a related device. Different network access control policies are made for each access user. The network access control precision is effectively improved. With respect to a user for whom the network access control policy needs to be set, the router stores the fingerprint information, user name and corresponding network access control policy of the user as a record. The method comprises that the router instructs the access user to carry out fingerprint verification when the access user accesses the router by using an access device; the fingerprint information of the access user transmitted by the access device and the MAC (Media Access Control) address of a local device are received; the user corresponding to the fingerprint information is matched in the stored records according to the fingerprint information of the access user; and the network access control policy corresponding to the matched user is obtained from the stored records and is configured to the MAC address of the access device if the matching is successful.

Description

A kind of method for network access control based on router, system and relevant device
Technical field
The present invention relates to networking technology area, particularly relate to a kind of NS software based on router Method, system and relevant device.
Background technology
Router (Router) is multiple to divide in logic for connecting also known as gateway device (Gateway) The network opened, so-called logic network is to represent a single network or a subnet.When data from When one subnet is transferred to another subnet, can be completed by the routing function of router.Therefore, Router has and judges the network address and select IP (Internet Protocol, Internet protocol) path Function, it can be set up and connect flexibly in Multi net voting Interconnection Environment, can use diverse data Packet and media access method connect various subnets, and router only accepts the letter of source station or other routers Breath, belongs to a kind of InterWorking Equipment of Internet.
Carry out NS software by router, be the function of most of router support.Net at present Network accesses in controlling and identifies that the scheme accessing user typically has the most several, and so-called access user refers to The user of router it is connected to by access device (such as mobile phone, PC etc.).Concrete:
Mode one, MAC (Media Access Control, media interviews control) Address Recognition.
Concrete, MAC Address identification refers to, for the MAC Address being connected to router, formulate and visit Ask control strategy.Such as specify some MAC Address can not access some website, or can not access Other equipment in LAN, etc..
Mode two, time period control.
Under normal circumstances, a time period is set, it is stipulated that in this time period, all access devices can not be visited Ask some website, or other access control policies.
Mode three, user account identification.
Concrete, user account identification refers to provide user account for each user being connected to router Number, password, and be the different access control policy of different user account distribution.
Existing network accesses in controlling and identifies the scheme accessing user, has the drawback that
For MAC Address identifying schemes, the MAC Address of access device can only be identified, and cannot Identify the access user using this access device, therefore access user in same access device difference and use Scene under, impart identical access control policy.
For time period control program, a time period uses a kind of access control policy, it is impossible to for not The same user that accesses formulates different access control policies.
For user account identifying schemes, first, use same user account, password are not ensured that Be same access user;Secondly, user account, password easily replicate, and input user account, Password is comparatively laborious, and once user forgets Password, and also can affect the normal access network of user and even bring Potential safety hazard.
Visible, in existing NS software scheme based on router, for the identification accessing user Spend low, it is impossible to realize formulating different Network Acccss Control Policies for the different users that accesses, cause NS software cannot be carried out accurately, corresponding solution is the most urgently provided.
Summary of the invention
It is an object of the invention to provide a kind of method for network access control based on router, system and Relevant device, it is possible to conveniently and effectively identify and access user, and be difficult to fake, it is achieved for often Individual access user formulates different Network Acccss Control Policies, thus is effectively improved NS software Precision.
For achieving the above object, the present invention proposes a kind of NS software side based on router Method, for needing to arrange the user of Network Acccss Control Policy, described router is by the fingerprint of this user The Network Acccss Control Policy of information, user name and correspondence preserves as a record, described Method includes:
When accessing user and using access device to be connected to router, router instruction described access user Carry out fingerprint authentication;
Router receives the described access user of the described access device transmission finger by the typing of this equipment Stricture of vagina information and the MAC Address of this equipment;
Router, according to the described finger print information accessing user, mates described fingerprint in the record preserved The user that information is corresponding, if the match is successful, obtains, in the record preserved, the user matched corresponding Network Acccss Control Policy, and the Network Acccss Control Policy got is allocated to described access device MAC Address.
Further, said method also can have the characteristics that, also includes:
When certain access device disconnects from described router, whether router is searched on this access device Have input access user, if so, the Network Acccss Control Policy configured for this access device is deleted.
Further, said method also can have the characteristics that, described access device is provided with application Program APP;
Described router instruction described access user carries out fingerprint authentication, specifically includes:
The APP that described router is installed on access device sends fingerprint authentication request, and instruction is described Access user and carry out fingerprint authentication;And
Described access user is passed through this equipment by the APP installed on this equipment by described access device The finger print information of typing and the MAC Address of this equipment send router to.
Further, said method also can have the characteristics that, described access device is provided with application Program APP;And
For needing to arrange the user of Network Acccss Control Policy, described router is by the fingerprint of this user The Network Acccss Control Policy of information, user name and correspondence carries out the realization preserved as a record Method, specifically includes:
When obtaining after the event of finger print information of user is triggered on router, router is to access device The APP of upper installation sends a notification message, and the finger print information of user is extracted in instruction;
The APP installed on access device obtains user's finger print information of typing on this equipment, and will It is sent to router after finger print information coding;
Router is by the finger print information of this user, and is user name and the network access of this user setup Control strategy, as a record, is saved in this router.
Conceive based on same technology, present invention also offers a kind of NS software based on router System, including access device and router, wherein:
Described access device, carries out fingerprint authentication for the user that accesses sent according to described router Instruction, points out the access user's typing finger print information by this equipment couple in router, and connects described Access customer sends route to by the finger print information of this equipment typing and the MAC Address of this equipment Device;
Described router, for for needing to arrange the user of Network Acccss Control Policy, preserves by this One record of the Network Acccss Control Policy composition of the finger print information of user, user name and correspondence; When accessing user and using access device to be connected to this router, described access user is indicated to carry out fingerprint Checking;And according to the described finger print information accessing user, in the record preserved, mate described fingerprint The user that information is corresponding, if the match is successful, obtains, in the record preserved, the user matched corresponding Network Acccss Control Policy, and the Network Acccss Control Policy got is allocated to described access device MAC Address.
Further, said system also can have the characteristics that, described router is additionally operable to when certain Access device, when this router disconnects, is searched and whether be have input access user on this access device, if It is that the Network Acccss Control Policy configured for this access device is deleted.
Further, said system also can have the characteristics that, described access device is provided with application Program APP;And
Described router, sends fingerprint authentication specifically for the APP by installing on access device Request, indicates described access user to carry out fingerprint authentication;
Described access device, specifically for the APP by installing on this equipment by described access user Router is sent to by the finger print information of this equipment typing and the MAC Address of this equipment.
Further, said system also can have the characteristics that, described access device is provided with application Program APP;And
Described router, is additionally operable to after the event of the finger print information of acquisition user is triggered, to access The APP installed on equipment sends a notification message, and the finger print information of user is extracted in instruction;And by this use The finger print information at family, and be that the user name of this user setup and Network Acccss Control Policy are as one Record, is saved in this router;
Described access device, is additionally operable to the APP by installing on this equipment and obtains user at this equipment The finger print information of upper typing, and it is sent to router after finger print information coding.
Present invention also offers a kind of router, including:
Memory module, for for needing to arrange the user of Network Acccss Control Policy, preserves by this use One record of the Network Acccss Control Policy composition of the finger print information at family, user name and correspondence;
Indicating module, for when accessing user and using access device to be connected to this router, indicating institute State access user and carry out fingerprint authentication;
Receiver module, the described access user transmitted for receiving described access device is recorded by this equipment The finger print information entered and the MAC Address of this equipment;
Matching module, for according to the described finger print information accessing user, in the note that memory module preserves Record is mated the user that described finger print information is corresponding;
Control module, if the match is successful for described matching module, in the record that memory module preserves Obtain the Network Acccss Control Policy that the user matched is corresponding, and the NS software that will get Strategy is allocated to the MAC Address of described access device.
Further, above-mentioned router also can have the characteristics that, described control module, is additionally operable to work as Certain access device, when this router disconnects, is searched and whether be have input access use on this access device Family, if so, deletes the Network Acccss Control Policy configured for this access device.
Method for network access control based on router, system and relevant device, the pin that the present invention provides To needing to arrange the user of Network Acccss Control Policy, router is by the finger print information of this user, user The Network Acccss Control Policy of name and correspondence preserves as a record, uses when accessing user When access device is connected to router, match corresponding user by fingerprint authentication, for this user Implement the Network Acccss Control Policy pre-set.This programme solves existing network based on router In access control scheme, it is impossible to be truly realized and access user setup Network Acccss Control Policy for certain Problem, can precisely, easily for be specifically connected to router user setup network access control System strategy;And can identify that access user is difficult to fake accurately and effectively based on finger print information, from And it is effectively improved the precision of NS software.
Other features and advantages of the present invention will illustrate in the following description, and, partly from Description becomes apparent, or understands by implementing the application.The purpose of the present invention and its His advantage can be by knot specifically noted in the description write, claims and accompanying drawing Structure realizes and obtains.
Accompanying drawing explanation
Accompanying drawing is for providing a further understanding of the present invention, and constitutes a part for description, with The embodiment of the present invention is used for explaining the present invention together, is not intended that limitation of the present invention.In the accompanying drawings:
Fig. 1 is the flow chart of method for network access control based on router in the embodiment of the present invention one.
Fig. 2 is the flow chart of method for network access control based on router in the embodiment of the present invention two.
Fig. 3 is network access control system Organization Chart based on router in the embodiment of the present invention three.
Fig. 4 is the structured flowchart of router in the embodiment of the present invention four.
Detailed description of the invention
The embodiment of the present invention provides a kind of method for network access control based on router, system and is correlated with Equipment, it is possible to conveniently and effectively identify and access user, and be difficult to fake, it is achieved connect for each Access customer formulates different Network Acccss Control Policies, thus is effectively improved the essence of NS software Accuracy.
Below in conjunction with Figure of description, the preferred embodiments of the present invention are illustrated, it will be appreciated that this Preferred embodiment described by place is merely to illustrate and explains the present invention, is not intended to limit the present invention. And in the case of not conflicting, the embodiment in the application and the feature in embodiment can mutual groups Close.
Embodiment one
The present inventor invention during find, at present quite a few access device (such as mobile phone, PC etc.) all there is fingerprint identification function, the embodiment of the present invention is by fingerprint recognition and based on router NS software combines, in order to identifies and accesses user, and be difficult to fake, reaches veritably The purpose of different Network Acccss Control Policies is formulated so that network accesses control for each access user Make more accurate.
It should be noted that before performing NS software, arrange network for needs and access control The user of system strategy, needs to gather in advance the finger print information of user, formulates network for this user and accesses control System strategy, and the Network Acccss Control Policy of the finger print information of this user, user name and correspondence is made It is that a record preserves in the router, when accessing control for subsequent network.Based on above-mentioned early stage Completing of preparation, as it is shown in figure 1, the network based on router that the embodiment of the present invention provides is visited Ask control method, comprise the steps:
S101, when access user use access device to be connected to router time, router indicates this access User carries out fingerprint authentication.
In being embodied as, once certain has been provided with the use of Network Acccss Control Policy at router Family, when using any access device to be connected to router, this access user is it is first necessary to carry out fingerprint inspection Card, to obtain corresponding network access authority.
S102, router receive this access user of the access device transmission fingerprint by the typing of this equipment Information and the MAC Address of this equipment.
S103, router, according to the finger print information of access user, mate this fingerprint in the record preserved The user that information is corresponding, if the match is successful, obtains, in the record preserved, the user matched corresponding Network Acccss Control Policy, and the Network Acccss Control Policy got is allocated to access device MAC Address.
So far, method for network access control based on router has performed.In order to avoid same access Equipment follow-up accessed by different user after, still use a network accessing user side to access control The problem of system strategy, the method for network access control that the embodiment of the present invention provides, farther include as follows Step:
S104, when certain access device disconnects from router, router is searched on this access device and is No have input accesses user, and the Network Acccss Control Policy that if so, will configure for this access device is deleted.
Embodiment two
Below the specific implementation process of the embodiment of the present invention is described in detail, in order to make it easy to understand, User is denoted as user, and router is denoted as router, and access device is denoted as client, is arranged on client Application program be denoted as APP, the finger print information of user is denoted as fingerprint, NS software plan Slightly it is denoted as policy.As in figure 2 it is shown, specifically include following steps:
The client that can obtain finger print information is accessed router by S201, user.
S202, manager trigger the event of the finger print information obtaining user on router.
The APP installed on S203, router and client is mutual, i.e. sends a notification message, and instruction carries Take the fingerprint of user.
S204, user be typing finger print information on client;
The APP of the upper installation of S205, Client gets the fingerprint, APP of this user will The fingerprint typing passing to router, user after fingerprint coding completes.
After S206~S207, the fingerprint typing of user complete, router may require that manager is this User arranges policy, and provides a user name for this user, to facilitate identification and management;Management After member is provided with, router can protect using fingerprint+ user name+policy as a record Exist in router.
S208, assume certain be provided with the user of policy use any client again connect to router.
After S209, Client access router, router can send fingerprint authentication and ask client APP, Require that user verifies fingerprint.
S210~S211, User are by after client typing fingerprint, and APP can be by fingerprint + client MAC Address sends router to.
S212, Router are by the user corresponding to this fingerprint of algorithmic match.
If S213~S214 has matched certain user, then this user's preserved before obtaining Policy, is then allocated to the MAC Address of client by this policy.
S215~S218, assume certain client from router disconnect, whether router searches this client Have input certain user, if finding certain user, then policy corresponding for this client being deleted.
It should be noted that S201~S207 is the policy stage pre-setting user, for follow-up base Network access control in router is prepared;S208~S214 is network insertion control based on router In the stage processed, use the fingerprint of user to realize accessing user and identify and make for different user With the different policy being pre-configured with;S215~S217 disconnects from router for certain client The processing stage of optimization, it is ensured that implement smoothly based on the Network access control accessing user.Each phase flow Relatively independent, involved in each stage user and client, can be identical user and client, Can certainly be different user and client.
Embodiment three
Conceive based on same technology, embodiments provide a kind of network based on router and access Control system, owing to the principle of this system solution problem is consistent with method for network access control, therefore The enforcement of this system may refer to the enforcement of method, is not repeating in place of repetition.As it is shown on figure 3, this The network access control system based on router that inventive embodiments provides, including access device 301 He Router 302, wherein:
Access device 301, carries out fingerprint authentication for the user that accesses sent according to router 302 Instruction, points out the access user 300 typing finger print information by this equipment couple in router 302, and The MAC Address accessing the user 300 finger print information by the typing of this equipment and this equipment is passed Give router 302;
Router 302, for for needing to arrange the user of Network Acccss Control Policy, preserves by this One record of the Network Acccss Control Policy composition of the finger print information of user, user name and correspondence; When accessing user 300 and using access device 301 to be connected to this router, instruction accesses user 300 Carry out fingerprint authentication;And according to accessing the finger print information of user, the record preserved mates fingerprint The user that information is corresponding, if the match is successful, obtains, in the record preserved, the user matched corresponding Network Acccss Control Policy, and the Network Acccss Control Policy got is allocated to access device 301 MAC Address.
It is also preferred that the left in order to avoid same access device follow-up accessed by different user after, still use The problem of a upper Network Acccss Control Policy accessing user side, router 302, it is additionally operable to when certain Individual access device, when this router disconnects, is searched and whether be have input access user on this access device, If so, the Network Acccss Control Policy configured for this access device is deleted.
In order to implement this programme, access device 301 is generally fitted with APP (application program).Tool During body is implemented:
Router 302, sends fingerprint inspection specifically for the APP by installing on access device 301 Card request, instruction accesses user 300 and carries out fingerprint authentication;
Access device 301, leads to access user 300 specifically for the APP by installing on this equipment The MAC Address of the finger print information and this equipment of crossing the typing of this equipment sends router 302 to.
In order to formulate Network Acccss Control Policy for user the most in the router, in being embodied as:
Router 302, is additionally operable to after the event of the finger print information of acquisition user is triggered, to access The APP installed on equipment 301 sends a notification message, and the finger print information of user is extracted in instruction;And will The finger print information of this user, and be user name and the Network Acccss Control Policy conduct of this user setup Article one, record, is saved in this router;
Access device 301, is additionally operable to the APP by installing on this equipment and obtains user on this equipment The finger print information of typing, and it is sent to router 302 after finger print information coding.
Embodiment four
The embodiment of the present invention also provides for the possible structure of a kind of router, as shown in Figure 4, and including:
Memory module 401, for for needing to arrange the user of Network Acccss Control Policy, preserve by One note of the Network Acccss Control Policy composition of the finger print information of this user, user name and correspondence Record;
Indicating module 402, for when accessing user and using access device to be connected to this router, referring to Show that access user carries out fingerprint authentication;
Receiver module 403, the described access user transmitted for receiving access device is recorded by this equipment The finger print information entered and the MAC Address of this equipment;
Matching module 404, for the finger print information according to access user, preserves in memory module 401 Record in mate the user that described finger print information is corresponding;
Control module 405, if the match is successful for described matching module, preserves in memory module 401 Record in obtain the Network Acccss Control Policy that the user matched is corresponding, and the network that will get Access control policy is allocated to the MAC Address of access device.
In being embodied as, control module 405, it is additionally operable to disconnect from this router when certain access device Time, search and on this access device, whether have input access user, if so, will configure for this access device Network Acccss Control Policy delete.
Method for network access control based on router that the embodiment of the present invention provides, system and relevant set Standby, for needing to arrange the user of Network Acccss Control Policy, router by the finger print information of this user, The Network Acccss Control Policy of user name and correspondence preserves as a record, when accessing user When using access device to be connected to router, match corresponding user by fingerprint authentication, for this User implements the Network Acccss Control Policy pre-set.This programme solves existing based on router In NS software scheme, it is impossible to be truly realized and access user setup NS software for certain The problem of strategy, can precisely, easily for the user setup network being specifically connected to router visit Ask control strategy;And can identify that access user is difficult to make accurately and effectively based on finger print information Vacation, thus it is effectively improved the precision of NS software.
It will be understood by those skilled in the art that embodiments of the invention can be provided as method, system, set Standby or computer program.Therefore, the present invention can use complete hardware embodiment, complete software real The form of the embodiment in terms of executing example or combining software and hardware.And, the present invention can use one Individual or multiple wherein include computer usable program code computer-usable storage medium (include but It is not limited to disk memory, CD-ROM, optical memory etc.) the upper computer program implemented Form.
The foregoing is only presently preferred embodiments of the present invention, not in order to limit the present invention, all at this Within bright spirit and principle, any modification, equivalent substitution and improvement etc. made, should be included in Within protection scope of the present invention.

Claims (10)

1. a method for network access control based on router, it is characterised in that set for needs Put the user of Network Acccss Control Policy, described router by the finger print information of this user, user name with And the Network Acccss Control Policy of correspondence preserves as a record, described method includes:
When accessing user and using access device to be connected to router, router instruction described access user Carry out fingerprint authentication;
Router receives the described access user of the described access device transmission finger by the typing of this equipment Stricture of vagina information and the MAC Address of this equipment;
Router, according to the described finger print information accessing user, mates described fingerprint in the record preserved The user that information is corresponding, if the match is successful, obtains, in the record preserved, the user matched corresponding Network Acccss Control Policy, and the Network Acccss Control Policy got is allocated to described access device MAC Address.
Method the most according to claim 1, it is characterised in that also include:
When certain access device disconnects from described router, whether router is searched on this access device Have input access user, if so, the Network Acccss Control Policy configured for this access device is deleted.
Method the most according to claim 1, it is characterised in that install on described access device There is application A PP;
Described router instruction described access user carries out fingerprint authentication, specifically includes:
The APP that described router is installed on access device sends fingerprint authentication request, and instruction is described Access user and carry out fingerprint authentication;And
Described access user is passed through this equipment by the APP installed on this equipment by described access device The finger print information of typing and the MAC Address of this equipment send router to.
Method the most according to claim 1, it is characterised in that install on described access device There is application A PP;And
For needing to arrange the user of Network Acccss Control Policy, described router is by the fingerprint of this user The Network Acccss Control Policy of information, user name and correspondence carries out the realization preserved as a record Method, specifically includes:
When obtaining after the event of finger print information of user is triggered on router, router is to access device The APP of upper installation sends a notification message, and the finger print information of user is extracted in instruction;
The APP installed on access device obtains user's finger print information of typing on this equipment, and will It is sent to router after finger print information coding;
Router is by the finger print information of this user, and is user name and the network access of this user setup Control strategy, as a record, is saved in this router.
5. a network access control system based on router, it is characterised in that include that access sets Standby and router, wherein:
Described access device, carries out fingerprint authentication for the user that accesses sent according to described router Instruction, points out the access user's typing finger print information by this equipment couple in router, and connects described Access customer sends route to by the finger print information of this equipment typing and the MAC Address of this equipment Device;
Described router, for for needing to arrange the user of Network Acccss Control Policy, preserves by this One record of the Network Acccss Control Policy composition of the finger print information of user, user name and correspondence; When accessing user and using access device to be connected to this router, described access user is indicated to carry out fingerprint Checking;And according to the described finger print information accessing user, in the record preserved, mate described fingerprint The user that information is corresponding, if the match is successful, obtains, in the record preserved, the user matched corresponding Network Acccss Control Policy, and the Network Acccss Control Policy got is allocated to described access device MAC Address.
System the most according to claim 5, it is characterised in that
Described router, is additionally operable to, when certain access device disconnects from this router, search this access Access user, the NS software that if so, will configure whether is have input for this access device on equipment Strategy is deleted.
System the most according to claim 6, it is characterised in that install on described access device There is application A PP;And
Described router, sends fingerprint authentication specifically for the APP by installing on access device Request, indicates described access user to carry out fingerprint authentication;
Described access device, specifically for the APP by installing on this equipment by described access user Router is sent to by the finger print information of this equipment typing and the MAC Address of this equipment.
System the most according to claim 5, it is characterised in that install on described access device There is application A PP;And
Described router, is additionally operable to after the event of the finger print information of acquisition user is triggered, to access The APP installed on equipment sends a notification message, and the finger print information of user is extracted in instruction;And by this use The finger print information at family, and be that the user name of this user setup and Network Acccss Control Policy are as one Record, is saved in this router;
Described access device, is additionally operable to the APP by installing on this equipment and obtains user at this equipment The finger print information of upper typing, and it is sent to router after finger print information coding.
9. a router, it is characterised in that including:
Memory module, for for needing to arrange the user of Network Acccss Control Policy, preserves by this use One record of the Network Acccss Control Policy composition of the finger print information at family, user name and correspondence;
Indicating module, for when accessing user and using access device to be connected to this router, indicating institute State access user and carry out fingerprint authentication;
Receiver module, the described access user transmitted for receiving described access device is recorded by this equipment The finger print information entered and the MAC Address of this equipment;
Matching module, for according to the described finger print information accessing user, in the note that memory module preserves Record is mated the user that described finger print information is corresponding;
Control module, if the match is successful for described matching module, in the record that memory module preserves Obtain the Network Acccss Control Policy that the user matched is corresponding, and the NS software that will get Strategy is allocated to the MAC Address of described access device.
Router the most according to claim 9, it is characterised in that
Described control module, is additionally operable to, when certain access device disconnects from this router, search this and connect Enter and on equipment, whether have input access user, if so, the network configured for this access device is accessed control System strategy is deleted.
CN201510785241.6A 2015-11-16 2015-11-16 Network access control method and system based on router, and related device Pending CN105871749A (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201510785241.6A CN105871749A (en) 2015-11-16 2015-11-16 Network access control method and system based on router, and related device
PCT/CN2016/085421 WO2017084322A1 (en) 2015-11-16 2016-06-12 Router-based network access control method and system, and related device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510785241.6A CN105871749A (en) 2015-11-16 2015-11-16 Network access control method and system based on router, and related device

Publications (1)

Publication Number Publication Date
CN105871749A true CN105871749A (en) 2016-08-17

Family

ID=56623656

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510785241.6A Pending CN105871749A (en) 2015-11-16 2015-11-16 Network access control method and system based on router, and related device

Country Status (2)

Country Link
CN (1) CN105871749A (en)
WO (1) WO2017084322A1 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107196933A (en) * 2017-05-18 2017-09-22 西南大学 A kind of novel finger print certification networked devices and its networking method
CN107612742A (en) * 2017-10-09 2018-01-19 郑州云海信息技术有限公司 A kind of method of routing device configurating terminal fingerprint
CN108347730A (en) * 2017-01-25 2018-07-31 中兴通讯股份有限公司 A kind of wireless communication process method and device

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101068183A (en) * 2007-06-28 2007-11-07 杭州华三通信技术有限公司 Network invitation to enter controlling method and network invitation to enter controlling system
CN101188603A (en) * 2006-11-16 2008-05-28 中兴通讯股份有限公司 A method for access to the external network according to user's right
US20110034248A1 (en) * 2009-08-07 2011-02-10 Steelseries Hq Apparatus for associating physical characteristics with commands
CN104469762A (en) * 2013-09-12 2015-03-25 西安龙飞网络科技有限公司 User grading control system of 3G/WIFI wireless router

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8286171B2 (en) * 2008-07-21 2012-10-09 Workshare Technology, Inc. Methods and systems to fingerprint textual information using word runs
CN102625303A (en) * 2011-01-27 2012-08-01 西安龙飞软件有限公司 A method for WFII/3G router access authentication by using fingerprint
CN203466847U (en) * 2013-05-10 2014-03-05 龙旗电子(惠州)有限公司 3G/WIFI router fingerprint access detection device
CN104902477A (en) * 2015-06-26 2015-09-09 努比亚技术有限公司 Authentication terminal, wireless router, wireless router connection method and wireless router connection system

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101188603A (en) * 2006-11-16 2008-05-28 中兴通讯股份有限公司 A method for access to the external network according to user's right
CN101068183A (en) * 2007-06-28 2007-11-07 杭州华三通信技术有限公司 Network invitation to enter controlling method and network invitation to enter controlling system
US20110034248A1 (en) * 2009-08-07 2011-02-10 Steelseries Hq Apparatus for associating physical characteristics with commands
CN104469762A (en) * 2013-09-12 2015-03-25 西安龙飞网络科技有限公司 User grading control system of 3G/WIFI wireless router

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108347730A (en) * 2017-01-25 2018-07-31 中兴通讯股份有限公司 A kind of wireless communication process method and device
WO2018137309A1 (en) * 2017-01-25 2018-08-02 中兴通讯股份有限公司 Wireless communication processing method and device
CN108347730B (en) * 2017-01-25 2022-12-09 中兴通讯股份有限公司 Wireless communication processing method and device
CN107196933A (en) * 2017-05-18 2017-09-22 西南大学 A kind of novel finger print certification networked devices and its networking method
CN107612742A (en) * 2017-10-09 2018-01-19 郑州云海信息技术有限公司 A kind of method of routing device configurating terminal fingerprint

Also Published As

Publication number Publication date
WO2017084322A1 (en) 2017-05-26

Similar Documents

Publication Publication Date Title
EP3598312B1 (en) Data transfer method and computer program
CN105100034B (en) The method and apparatus of access function in a kind of network application
CN101711470A (en) A system and method for creating a list of shared information on a peer-to-peer network
CN110971569A (en) Network access authority management method and device and computing equipment
CN109088875A (en) A kind of access authority method of calibration and device
CN104106241A (en) System and Method to Generate Secure Name Records
CN106034104A (en) Verification method, verification device and verification system for network application accessing
US10528756B2 (en) Method for managing information using tree structure based on blockchain, server and terminal using the same
JP5729300B2 (en) Information management apparatus, information management method, and information management program
CN105531977B (en) The method and system of control is connected with the mobile device of remote data access for synchronization
CN109088909B (en) Service gray level publishing method and device based on merchant type
CN110968848B (en) User-based rights management method and device and computing equipment
CN104937897B (en) The system and method analyzed for the redundant safety eliminated to network packet
US9059987B1 (en) Methods and systems of using single sign-on for identification for a web server not integrated with an enterprise network
RU2654854C1 (en) Method for collecting data on wireless communication device user and machine-readable medium for method implementation
CN107580032B (en) Data processing method, device and equipment
CN104158818A (en) Single sign-on method and system
CN105516059A (en) Resource access control method and device
CN105516395A (en) Network address assignment method and device
CN105893456B (en) The isolated method and system of the computing basic facility of geography fence perception
CN105871749A (en) Network access control method and system based on router, and related device
CN106295366B (en) Sensitive data identification method and device
Koike et al. Called function identification of IoT devices by network traffic analysis
CN104092751A (en) Service access method and device
JP5190922B2 (en) Community communication network and communication control method

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20160817

WD01 Invention patent application deemed withdrawn after publication