WO2016197712A1 - Method and device for accessing wireless network - Google Patents

Method and device for accessing wireless network Download PDF

Info

Publication number
WO2016197712A1
WO2016197712A1 PCT/CN2016/079937 CN2016079937W WO2016197712A1 WO 2016197712 A1 WO2016197712 A1 WO 2016197712A1 CN 2016079937 W CN2016079937 W CN 2016079937W WO 2016197712 A1 WO2016197712 A1 WO 2016197712A1
Authority
WO
WIPO (PCT)
Prior art keywords
client
access node
wireless access
authentication
authentication request
Prior art date
Application number
PCT/CN2016/079937
Other languages
French (fr)
Chinese (zh)
Inventor
邵敏茹
王伟
吕何平
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2016197712A1 publication Critical patent/WO2016197712A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W84/00Network topologies
    • H04W84/02Hierarchically pre-organised networks, e.g. paging networks, cellular networks, WLAN [Wireless Local Area Network] or WLL [Wireless Local Loop]
    • H04W84/10Small scale networks; Flat hierarchical networks
    • H04W84/12WLAN [Wireless Local Area Networks]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W72/00Local resource management
    • H04W72/50Allocation or scheduling criteria for wireless resources
    • H04W72/56Allocation or scheduling criteria for wireless resources based on priority criteria
    • H04W72/563Allocation or scheduling criteria for wireless resources based on priority criteria of the wireless resources

Definitions

  • the present application relates to, but is not limited to, the field of communications technologies, and in particular, to a method and an apparatus for accessing a wireless network.
  • WIFI Wireless-Fidelity
  • uFi WIFI hotspots
  • CPE high-speed wireless gateways
  • FIG. 1 it is a schematic diagram of a process in which an STA (Station, WIFI client) accesses an AP (Access Point, WIFI hotspot) in the related art. It can be seen that the process of the STA accessing the AP is as follows:
  • the STA broadcasts a probe request, and the AP that receives the request returns a probe response to the STA, which carries the connection authentication information required for accessing the AP, and the STA sends an authentication request to the AP.
  • the AP that receives the request replies to the STA with an authentication response; the STA sends an association request to the AP, and the AP that receives the request replies to the STA with an association response.
  • the connection is established, and then the STA can access the LAN through the AP. It can be seen from the flow shown in FIG. 1 that each STA must establish a connection with the AP after multiple interactions with the AP.
  • all STAs and APs have the same access procedure. APs treat all STAs fairly, except for STA standard information such as MAC address and name (optional). of.
  • APs a large number of APs currently set in public cannot provide better services to users.
  • the AP cannot know the level of the STAs that are accessed by the AP. If there are special requirements, the APs may not be satisfied due to AP load, or the preemption of network resources by individual users makes other STA users feel The network is extremely unsmooth, which brings great trouble to STA users and APs.
  • the embodiment of the invention provides a method for accessing a wireless network, which is used for a wireless access node, and includes:
  • the method further includes: before receiving the first authentication request sent by the client, the method further includes:
  • the method further includes: before receiving the first authentication request sent by the client, the method further includes:
  • the first authentication request is sent when the current load status received by the client exceeds a preset load status.
  • the load broadcast uses a beacon frame to carry a load status of the wireless access node
  • the identity information of the client included in the first authentication request includes a security code issued by the wireless access node or payment information of the client.
  • the first authentication request uses the beacon frame to carry the identity information of the client, where the identity information of the client is encapsulated in a frame body field of the beacon frame.
  • the method further includes: authenticating the client according to the authentication information, and determining whether the current load can allocate sufficient network resources to the client, and if the current load is detected, the client cannot be The terminal allocates enough network resources to control the disconnected client with the lowest level of access.
  • the client with the lowest level of control access is disconnected, and the network resources of the client with the lowest level are gradually recovered, and the link of the client is released when the network resource falls to a threshold.
  • the connection to the lowest level client is disconnected, and the network resources of the client with the lowest level are gradually recovered, and the link of the client is released when the network resource falls to a threshold.
  • the embodiment of the invention further provides a method for accessing a wireless network, which is used for a client, and includes:
  • the wireless access node Receiving, by the wireless access node, a first authentication response, where the first authentication response includes level information that is allocated by the wireless access node to the client according to the identity identification information;
  • the method Before the sending the first authentication request to the wireless access node in a high load state, the method further includes:
  • the method Before the sending the first authentication request to the wireless access node in a high load state, the method further includes:
  • the load broadcast uses a beacon frame to carry a load status of the wireless access node; wherein the load status of the wireless access node is encapsulated in a frame body field of the beacon frame.
  • the identity information of the client included in the first authentication request includes a security code issued by the wireless access node or payment information of the client.
  • the first authentication request uses the beacon frame to carry the identity information of the client, where the identity information of the client is encapsulated in a frame body field of the beacon frame.
  • the embodiment of the invention further provides an apparatus for accessing a wireless network, which is used for wireless accessing a node, and includes:
  • a first receiving module configured to receive a first authentication request sent by the client, where the first authentication request includes identity identification information of the client;
  • the first sending module is configured to send a first authentication response to the client according to the first authentication request, where the first authentication response includes the wireless access node assigning the client according to the identity identification information Level information;
  • a second receiving module configured to receive a second authentication request sent by the client according to the first authentication response, where the second authentication request includes an authentication required by the client to access the wireless access node information
  • the second sending module is configured to complete the authentication of the client according to the second authentication request, and send a second authentication response to the client, to establish a connection with the client, where the second authentication response is Containing network resources allocated to the client according to the level information.
  • the device may further include: a detecting module, configured to receive a probe request sent by the client, and return a probe response to the client, so that the client sends the probe response to the wireless access node Send the first authentication request.
  • a detecting module configured to receive a probe request sent by the client, and return a probe response to the client, so that the client sends the probe response to the wireless access node Send the first authentication request.
  • the embodiment of the invention further provides an apparatus for accessing a wireless network, which is used for a client, and includes:
  • a third sending module configured to send a first authentication request to the wireless access node, where the first authentication request includes the identity identification information of the client;
  • the apparatus may further include: a probe requesting module configured to send a probe request to the wireless access node; and a probe response module configured to receive the probe response returned by the wireless access node.
  • FIG. 1 is a schematic diagram showing a process of a client accessing a wireless access node in the related art
  • FIG. 2 is a flow chart showing the basic steps of a method for accessing a wireless network on a wireless access node side according to an embodiment of the present invention
  • FIG. 4 is a specific flowchart of a client accessing a wireless access node according to an embodiment of the present invention
  • FIG. 5 is a diagram showing a beacon frame format of a load broadcast in a method for accessing a wireless network according to an embodiment of the present invention
  • FIG. 6 is a diagram showing a beacon frame format of a first authentication request in a method for accessing a wireless network according to an embodiment of the present invention
  • FIG. 7 is a structural diagram showing the structure of an apparatus for accessing a wireless network on a radio access node side according to an embodiment of the present invention.
  • FIG. 8 is a structural diagram showing the structure of an apparatus for accessing a wireless network on a client side according to an embodiment of the present invention.
  • the embodiment of the present invention provides a method and device for accessing a wireless network, in which the wireless network node treats all clients fairly, and the service of the advanced user cannot be satisfied due to the reason that the wireless network node meets the requirements, thereby affecting the user experience.
  • the wireless access node first determines the particularity of the client according to the identity information of the client, thereby assigning level information to the client; and then authenticating the client according to the authentication information sent by the client, and the wireless access node is based on the level of the client.
  • the other information allocates network resources to the client to establish a connection with the client; the method can intelligently authenticate the client's qualification, improve the quality service for the special client, and reduce the impact on the client due to the wireless access node load. Improve product performance and enhance the user experience.
  • an embodiment of the present invention provides a method for accessing a wireless network, which is used for a wireless access node, and includes:
  • Step 11 Receive a first authentication request sent by the client, where the first authentication request includes identity identification information of the client.
  • Step 12 Send a first authentication response to the client according to the first authentication request, where the first authentication response includes level information that is allocated by the wireless access node to the client according to the identity identification information.
  • Step 13 Receive a second authentication request sent by the client according to the first authentication response, where the second authentication request includes authentication information required by the client to access the wireless access node.
  • Step 14 Perform authentication on the client according to the second authentication request, and send a second authentication response to the client, and establish a connection with the client, where the second authentication response is included according to the
  • the level information is the network resource allocated by the client.
  • a method for accessing a wireless network for a client in the foregoing embodiment of the present application includes:
  • Step 21 Send a first authentication request to the wireless access node, where the first authentication request includes the identity identification information of the client.
  • Step 22 Receive a first authentication response returned by the wireless access node, where the first authentication response includes level information that is allocated by the wireless access node to the client according to the identity identification information.
  • Step 23 Send a second authentication request to the wireless access node according to the first authentication response, where the second authentication request includes authentication information required by the client to access the wireless access node.
  • Step 24 Receive a second authentication response returned by the wireless access node, establish a connection with the wireless access node, where the second authentication response includes the wireless access node according to the level letter.
  • the network resources allocated for the client are allocated for the client.
  • the clients are all referred to as STAs, and the wireless access nodes are referred to as APs.
  • the STA sends a first authentication request to the AP, and the AP that receives the first authentication request resolves the identity information indicating the special qualification of the client in the first authentication request, and allocates level information to the client according to the identity identification information.
  • the level information is included in the first authentication response and returned to the STA; the STA that receives the first authentication response sends a second authentication request to the AP, and the AP that receives the second authentication request is based on the information in the second authentication request.
  • the right information completes the authentication of the STA, and the network resource allocated to the client according to the level information, and the AP establishes a connection with the STA based on the network resource.
  • the method for accessing a wireless network provided by the embodiment of the present invention can intelligently authenticate the qualification of the STA, provide high-quality services for the special STA, reduce the slow running or crash of the AP due to high load, improve product performance, and improve user experience.
  • the method may further include:
  • Step 15 Receive a probe request sent by the client, and return a probe response to the client, so that the client sends the first authentication request to the wireless access node after receiving the probe response.
  • the method before step 21 may further include:
  • Step 25 Send a probe request to the wireless access node.
  • Step 26 Receive a probe response returned by the wireless access node.
  • Step 16 Perform load broadcast, where the load broadcast includes a current load status, where the first authentication request is sent when the current load status received by the client exceeds a preset load status. That is, when the current load state of the AP exceeds the preset load state, the AP is currently in a high load state; otherwise, the AP is currently in a low load state.
  • the method may further include:
  • Step 27 Receive a load broadcast of the wireless access node, where the load broadcast includes a current load status of the wireless access node.
  • Step 28 Parse the load broadcast, and send the first authentication request to a wireless access node whose current load status exceeds a preset load status.
  • a wireless access node whose current load status exceeds a preset load status.
  • the load broadcast in the foregoing embodiment of the present application uses a beacon frame to carry a load status of the wireless access node; wherein the load status of the wireless access node is encapsulated in a frame body of the beacon frame In the field.
  • the identity identification information of the client included in the first authentication request in the foregoing embodiment of the present application includes a security code issued by the wireless access node or payment information of the client.
  • the first authentication request carries the identity information of the client by using a beacon frame, where the identity information of the client is encapsulated in a frame body field of the beacon frame.
  • the method provided by the embodiment of the present invention may further include:
  • Step 17 Authenticate the client according to the authentication information, and determine whether the current load can allocate sufficient network resources to the client, and if the current load is detected, the client cannot be allocated enough network. Resources that control the lowest level of clients that have been disconnected.
  • the step of controlling the disconnected client with the lowest level of access may be: gradually recovering the network resources of the client with the lowest level, and releasing the chain of the client when the network resource falls to a threshold. Road, disconnect from the lowest level client.
  • Step 31 The AP performs load broadcast, where the load broadcast includes current load information of the AP; the broadcast is completed by a Beacon frame (beacon frame).
  • the load information refers to the number of STAs that the AP itself has accessed, and the weighted value obtained according to the bandwidth that the AP can allocate for the STA.
  • the AP For the calculation of the load, the AP combines the number of STAs and the bandwidth that can be allocated for the STAs. For example, when the STAs that the AP has accessed have reached the maximum number of accesses, the bandwidth that the AP can allocate is no longer considered.
  • the AP has reached the high load state; when the STAs that the AP has accessed do not reach the maximum number of accesses, and the weighting plan is performed according to the bandwidth allocated by each STA, the bandwidth that the current AP can allocate is calculated, and the bandwidth that the AP can allocate is calculated. When a certain threshold is reached, the AP is considered to have reached a high load.
  • the frame structure of the management frame used by the payload broadcast in the embodiment of the present invention is The 802.11MAC standard frame has been improved, and the modifications include:
  • Sub Type field of the standard frame is modified to form a special frame of the embodiment of the present invention, which is used to broadcast the load of the AP, and the STA that receives the management frame can also parse it.
  • the Sub Type value of the embodiment of the present invention is 0110. Since the Sub Type values 0110 to 0111 and 1101 to 1111 of the management frame in the standard protocol are not defined, any one of them can be used here to distinguish it from other standard values.
  • the frame body field is the data field of the frame.
  • the load information of the AP is encapsulated in the field, including the AP load state Load_State (set to 1 when the load is high, and not when the load is high). It is 0) and the load value Load_Per (in the form of a percentage, that is, the current allocateable bandwidth as a percentage of the total available bandwidth).
  • the Frame Control field also includes: Protocol version bits, To DS and From DS bits, More Fragment bits, Retry bits, Power Management bits, More Data. Multi-data) bits, Protected Frame bits, and Order bits; Duration/ID field, Address1 field, Address2 field, Address3 field, Sequence Control (Sequence Control) Fields Address4 (Address 4) field, FCS (Frame Check Sequence) field.
  • Protocol version bits To DS and From DS bits
  • More Fragment bits bits
  • Retry bits Power Management bits
  • More Data. Multi-data bits Protected Frame bits, and Order bits
  • Duration/ID field Address1 field, Address2 field, Address3 field, Sequence Control (Sequence Control) Fields Address4 (Address 4) field, FCS (Frame Check Sequence) field.
  • Step 32 The STA parses the load broadcast frame from the AP, extracts the load information of the AP, and discriminates the load information of the AP.
  • step 33 according to the determination result of step 32, when the AP is under high load, the process proceeds to step 34, and when the AP is not at a high load, the process proceeds to step 311.
  • Step 311 The STA initiates a normal probe request to the AP because the AP is currently in a low load state, and initiates an authentication and access procedure after receiving the probe response from the AP.
  • Step 34 The STA sends a probe request to the AP, and after receiving the probe response from the AP, the STA initiates Special authentication request (first authentication request);
  • the special authentication request refers to the special authentication information of the STA included in the authentication request sent by the STA to the AP.
  • the special authentication information refers to information that can indicate the special qualification of the STA, such as a security code and payment information issued by the AP holder.
  • the modified content includes:
  • Sub Type field of the standard frame is modified to form a special frame of the present embodiment for broadcasting the load of the AP, and the STA that receives the management frame can also parse it.
  • the Sub Type value of this embodiment is 0111. Since the Sub Type values 0110 to 0111 and 1101 to 1111 of the management frame in the standard protocol are not defined, any one of them can be used here to distinguish it from other standard values.
  • the frame body field is a data field of a frame.
  • the STA's special authentication information is encapsulated in the field, such as the security code Security_CODE, the payment information Payment_Info, and the like issued by the AP holder.
  • the AP holder can provide the STA user with a security code by face-to-face or other means to identify the priority of the STA.
  • the higher the amount of payment information provided by the STA indicating that the STA has a higher qualification, and the better service provided by the AP may be obtained.
  • the Frame Control field also includes: Protocol version bits, To DS and From DS bits, More Fragment bits, Retry bits, Power Management bits, More Data. Multi-data) bits, Protected Frame bits, and Order bits; Duration/ID field, Address1 field, Address2 field, Address3 field, Sequence Control (Sequence Control) Fields Address4 (Address 4) field, FCS (Frame Check Sequence) field.
  • Protocol version bits To DS and From DS bits
  • More Fragment bits bits
  • Retry bits Power Management bits
  • More Data. Multi-data bits Protected Frame bits, and Order bits
  • Duration/ID field Address1 field, Address2 field, Address3 field, Sequence Control (Sequence Control) Fields Address4 (Address 4) field, FCS (Frame Check Sequence) field.
  • Step 35 After receiving the special authentication request from the STA, the AP extracts and parses the special authentication information included in the STA.
  • Step 36 The AP queries the local user information list by using the setting module to query the STA-related information. If the query is successful, the process proceeds to step 37. If the query is unsuccessful, the process proceeds to step 312.
  • the user information list is user information saved locally by the AP, and the user information may be manually input by the AP user, or may be obtained according to other application programs, such as scanning of the consumption flow list.
  • the user information list has Level_Num as the first index and the MAC address as the second index, including the following fields:
  • MAC Address MAC address of the STA. If a user in the user information list has not accessed the AP through WIFI, set the MAC address to F.
  • Security_CODE Security code, provided by the AP user, the source can be manually input by the user, or from the consumption flow number number scan.
  • the security code can be the last N digits of the consumption flow number. It should be noted that the security code is jointly held by the STA and the AP. A special authentication process for STAs and APs.
  • Level_Num Level information, that is, the level information set by the AP for the STA. This level information is used when the AP allocates resources for the STA.
  • Level_Num is generated by the special authentication information and the special settings of the AP for a certain user.
  • the AP user can set the level of a certain user on the AP. When the AP user is not set, the AP user generates the information according to the payment information and the credit record in the special authentication information of the STA.
  • Level_Num is sorted in descending order.
  • the user information list is sorted and updated according to the value of Level_Num.
  • Step 37 The AP considers that the special authentication information of the STA is valid, and considers that the special authentication information provided by the STA is valid, allocates level information to the AP according to the special authentication information of the STA, and updates the local user information list.
  • step 38 the AP sends an authentication response to the STA, and accepts the special authentication request of the STA.
  • This certification The response needs to include the level information assigned by the AP to this STA.
  • the STA then initiates an authentication request (second authentication request) to the AP to complete the password authentication.
  • Step 39 The AP allocates matching network resources to the STA according to the level information of the STA.
  • the AP detects that its own load cannot allocate sufficient network resources for the STA, it needs to disconnect the user with the lowest level in the network through the query of the user information list.
  • the AP gradually recovers the resources of the STA_LOW, and releases the link of the user when the resources fall to a certain threshold.
  • the AP when the AP disconnects the STA_LOW user, the AP needs to send a disconnection alarm message to the STA_LOW user, prompting the user to leave the network, and disconnecting the STA_LOW when the user is still in the network within the specified time. User's link.
  • step 310 the AP establishes a connection with the STA.
  • step 312 since the AP considers that the special authentication information provided by the STA is invalid, the AP sends an authentication response to the STA, and rejects the special authentication request of the STA.
  • step 313 the STA initiates normal authentication and access procedures to the AP.
  • the embodiment of the invention further provides a method for accessing a wireless network, which can intelligently authenticate the qualification of the STA, provide high-quality services for the special STA, reduce the slow running or crash of the AP due to high load, improve product performance, and improve users. Experience.
  • an apparatus for accessing a wireless network including:
  • the first receiving module 71 is configured to receive a first authentication request sent by the client, where the first authentication request includes identity identification information of the client;
  • the first sending module 72 is configured to send a first authentication response to the client according to the first authentication request, where the first authentication response includes the wireless access node as the client according to the identity identification information Allocated level information;
  • the second receiving module 73 is configured to receive a second authentication request sent by the client according to the first authentication response, where the second authentication request includes the client accessing the wireless access node Required authentication information;
  • the second sending module 74 is configured to complete authentication of the client according to the second authentication request, and send a second authentication response to the client, establish a connection with the client, and the second authentication response
  • the network resource allocated to the client according to the level information is included.
  • the device in the foregoing embodiment of the present application further includes:
  • the detecting module is configured to receive the probe request sent by the client, and return a probe response to the client, so that the client sends the first authentication request to the wireless access node after receiving the probe response.
  • the device in the foregoing embodiment of the present application further includes:
  • a broadcast module configured to perform a load broadcast, where the load broadcast includes a current load status, where the first authentication request is sent when the current load status received by the client exceeds a preset load status.
  • the identity identification information of the client included in the first authentication request in the foregoing embodiment of the present application includes a security code issued by the wireless access node or payment information of the client.
  • the device in the foregoing embodiment of the present application further includes:
  • the disconnecting module is configured to authenticate the client according to the authentication information, and determine whether the current load can allocate sufficient network resources to the client, and if the current load is detected, the client cannot be allocated. Enough network resources to control the disconnected client with the lowest level of access.
  • the device for accessing the wireless network on the side of the wireless access node provided by the embodiment of the present invention is a device that applies the method for accessing the wireless network on the side of the wireless access node, and the device on the side of the wireless access node is connected. All embodiments of the method of entering a wireless network are applicable to the device and all achieve the same or similar benefits.
  • the embodiment of the present invention further provides an apparatus for accessing a wireless network, which is used by a client, and includes:
  • the third sending module 81 is configured to send a first authentication request to the wireless access node, where the first authentication request includes the identity identification information of the client;
  • the third receiving module 82 is configured to receive the first authentication response returned by the wireless access node,
  • the first authentication response includes level information that is allocated by the wireless access node to the client according to the identity identification information;
  • the fourth sending module 83 is configured to send a second authentication request to the wireless access node according to the first authentication response, where the second authentication request includes a template required by the client to access the wireless access node Right information
  • the fourth receiving module 84 is configured to receive a second authentication response returned by the wireless access node, and establish a connection with the wireless access node, where the second authentication response includes the wireless access node according to the level information.
  • the network resources allocated by the client are configured to allocate to the wireless access node.
  • the apparatus in the foregoing embodiment of the present application may further include:
  • a probe requesting module configured to send a probe request to the wireless access node
  • a probe response module is configured to receive a probe response returned by the wireless access node.
  • the apparatus in the foregoing embodiment of the present application may further include:
  • Receiving a broadcast module configured to receive a load broadcast of the wireless access node, where the load broadcast includes a current load status of the wireless access node;
  • the parsing module is configured to parse the load broadcast, and send the first authentication request to a wireless access node whose current load status exceeds a preset load status.
  • the identity identification information of the client included in the first authentication request in the foregoing embodiment of the present application includes a security code issued by the wireless access node or payment information of the client.
  • the apparatus for accessing a wireless network on the client side of the embodiment of the present invention is a device for applying the method for accessing a wireless network on the client side, and the method for accessing a wireless network on the client side All of the embodiments are applicable to the device that accesses the wireless network, and both achieve the same or similar benefits.
  • a computer readable storage medium storing computer executable instructions that are implemented by a processor to implement the above method.
  • the storage medium includes, but is not limited to, an optical disk, a floppy disk, a hard disk, a rewritable memory, and the like.
  • each module/unit in the above embodiment may be implemented in the form of hardware, for example, by implementing an integrated circuit to implement its corresponding function, or may be implemented in the form of a software function module, for example, executing a program stored in the memory by a processor. / instruction to achieve its corresponding function.
  • Embodiments of the invention are not limited to any specific form of combination of hardware and software.
  • the wireless access node first determines the particularity of the client according to the identity identification information of the client, and assigns level information to the client; and then completes the authentication according to the authentication information sent by the client.
  • the authentication of the client, and the wireless access node allocates network resources to the client according to the level information of the client, thereby establishing a connection with the client.
  • the embodiment of the invention can intelligently identify the qualification of the client, improve the quality service for the special client, reduce the impact on the client due to the load of the wireless access node, improve the product performance and enhance the user experience.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

Disclosed are a method and device for accessing a wireless network. The method is used for a wireless access node and comprises: receiving a first authentication request sent by a client, the first authentication request including identity identification information of the client; sending a first authentication response, the first authentication response including level information allocated by the wireless access node for the client according to the identity identification information; receiving a second authentication request sent by the client, the second authentication request including authentication information required for the client to access the wireless access node; completing authentication regarding the client according to the second authentication request, sending a second authentication response to the client, and establishing a connection with the client, the second authentication response including network resources allocated for the client according to the level information. The present method identifies the qualifications of clients, provides a high quality service for special clients, reduces the problem of wireless access nodes running slowly or crashing due to high loads, and improves product performance and the user experience.

Description

一种接入无线网络的方法及装置Method and device for accessing wireless network 技术领域Technical field
本申请涉及但不限于通信技术领域,特别涉及一种接入无线网络的方法及装置。The present application relates to, but is not limited to, the field of communications technologies, and in particular, to a method and an apparatus for accessing a wireless network.
背景技术Background technique
目前,用户在使用移动终端上网时,经常会使用WIFI(Wireless-Fidelity,无线保真)进行网络连接。随着WIFI的日益普遍,能够为用户提供无线热点的产品不仅局限于以此为卖点的uFi(WIFI热点)和CPE(高速无线网关)产品,而是扩展到普通的智能机。Currently, when using a mobile terminal to access the Internet, users often use WIFI (Wireless-Fidelity) for network connection. With the increasing popularity of WIFI, products that can provide users with wireless hotspots are not limited to uFi (WIFI hotspots) and CPE (high-speed wireless gateways) products, but extend to ordinary smart phones.
如图1所示,是相关技术中STA(Station,WIFI客户端)接入AP(Access Point,WIFI热点)的过程示意图。可以看出,STA接入AP的过程如下:As shown in FIG. 1 , it is a schematic diagram of a process in which an STA (Station, WIFI client) accesses an AP (Access Point, WIFI hotspot) in the related art. It can be seen that the process of the STA accessing the AP is as follows:
STA广播探测请求(Probe request),接收到该请求的AP向该STA回复探测响应(Probe response),其中携带接入本AP所需的连接认证信息,STA向上述AP发送认证请求(Authentication request),收到该请求的AP向STA回复认证响应(Authentication response);STA向上述AP发送关联请求(Association request),收到该请求的AP向STA回复关联响应(Association response)。在STA和AP之间进行探测、认证、关联成功后就建立连接,之后STA就可以通过AP接入局域网。由图1所示的流程可见,每一个STA必须经过与AP的多次交互之后,才能建立与AP之间的连接。另外,值得一提的是,所有的STA与AP的接入过程都是相同的,AP除了对STA标准的信息如MAC地址、名称(可选)有记录以外,对所有的STA都是公平对待的。The STA broadcasts a probe request, and the AP that receives the request returns a probe response to the STA, which carries the connection authentication information required for accessing the AP, and the STA sends an authentication request to the AP. The AP that receives the request replies to the STA with an authentication response; the STA sends an association request to the AP, and the AP that receives the request replies to the STA with an association response. After the STA and the AP perform detection, authentication, and association, the connection is established, and then the STA can access the LAN through the AP. It can be seen from the flow shown in FIG. 1 that each STA must establish a connection with the AP after multiple interactions with the AP. In addition, it is worth mentioning that all STAs and APs have the same access procedure. APs treat all STAs fairly, except for STA standard information such as MAC address and name (optional). of.
按照相关技术,目前在公共场合设置的大量AP无法为用户提供更优质的服务。AP无法得知接入的STA是什么级别的用户,是否有特殊需求,往往会出现高级用户的服务由于AP负荷原因无法得到满足的现象,或是个别用户对于网络资源的抢占使得其他STA用户感觉到网络极为不通畅,给STA用户和AP都带来了极大的困扰。According to the related technology, a large number of APs currently set in public cannot provide better services to users. The AP cannot know the level of the STAs that are accessed by the AP. If there are special requirements, the APs may not be satisfied due to AP load, or the preemption of network resources by individual users makes other STA users feel The network is extremely unsmooth, which brings great trouble to STA users and APs.
发明内容 Summary of the invention
以下是对本文详细描述的主题的概述。本概述并非是为了限制权利要求的保围。The following is an overview of the topics detailed in this document. This summary is not intended to limit the scope of the claims.
本发明实施例提供一种接入无线网络的方法,用于无线访问节点,包括:The embodiment of the invention provides a method for accessing a wireless network, which is used for a wireless access node, and includes:
接收客户端发送的第一认证请求,所述第一认证请求中包含所述客户端的身份标识信息;Receiving a first authentication request sent by the client, where the first authentication request includes identity information of the client;
根据所述第一认证请求向所述客户端发送第一认证响应,所述第一认证响应中包含所述无线访问节点根据所述身份识别信息为所述客户端分配的级别信息;Sending, by the first authentication request, a first authentication response to the client, where the first authentication response includes level information that is allocated by the wireless access node to the client according to the identity identification information;
接收所述客户端根据所述第一认证响应发送的第二认证请求,所述第二认证请求中包含所述客户端接入所述无线访问节点所需的鉴权信息;Receiving, by the client, a second authentication request that is sent according to the first authentication response, where the second authentication request includes authentication information required by the client to access the wireless access node;
根据所述第二认证请求完成对所述客户端的鉴权,并向所述客户端发送第二认证响应,与所述客户端建立连接,所述第二认证响应中包含根据所述级别信息为所述客户端分配的网络资源。Acquiring the authentication of the client according to the second authentication request, and sending a second authentication response to the client, establishing a connection with the client, where the second authentication response includes The network resource allocated by the client.
其中,接收客户端发送的第一认证请求之前,所述方法还包括:The method further includes: before receiving the first authentication request sent by the client, the method further includes:
接收所述客户端发送的探测请求,并向所述客户端返回探测响应,使得所述客户端收到所述探测响应后向所述无线访问节点发送第一认证请求。Receiving a probe request sent by the client, and returning a probe response to the client, so that the client sends the first authentication request to the wireless access node after receiving the probe response.
其中,接收客户端发送的第一认证请求之前,所述方法还包括:The method further includes: before receiving the first authentication request sent by the client, the method further includes:
进行负载广播,所述负载广播中包含当前负载状态;Performing a load broadcast, where the load broadcast includes a current load status;
其中当客户端接收的所述当前负载状态超过预设负载状态时,发送所述第一认证请求。The first authentication request is sent when the current load status received by the client exceeds a preset load status.
其中,所述负载广播利用信标帧来承载所述无线访问节点的负载状态;其中,The load broadcast uses a beacon frame to carry a load status of the wireless access node;
将所述无线访问节点的负载状态封装在所述信标帧的帧主体字段中。The load status of the wireless access node is encapsulated in a frame body field of the beacon frame.
其中,所述第一认证请求中包含的客户端的身份标识信息包括所述无线访问节点发放的安全码或者所述客户端的付费信息。The identity information of the client included in the first authentication request includes a security code issued by the wireless access node or payment information of the client.
其中,所述第一认证请求利用信标帧来承载所述客户端的身份标识信息;其中,将所述客户端的身份标识信息封装在所述信标帧的帧主体字段中。 The first authentication request uses the beacon frame to carry the identity information of the client, where the identity information of the client is encapsulated in a frame body field of the beacon frame.
其中,所述方法还包括:根据所述鉴权信息对所述客户端进行鉴权,并判断当前负载是否能够为所述客户端分配足够的网络资源,若检测到当前负载无法为所述客户端分配足够的网络资源,控制已接入的级别最低的客户端断开。The method further includes: authenticating the client according to the authentication information, and determining whether the current load can allocate sufficient network resources to the client, and if the current load is detected, the client cannot be The terminal allocates enough network resources to control the disconnected client with the lowest level of access.
其中,所述控制已接入的级别最低的客户端断开,为:将所述级别最低的客户端的网络资源逐步回收,直至网络资源降至一阈值时释放所述客户端的链路,断开与级别最低的客户端的连接。The client with the lowest level of control access is disconnected, and the network resources of the client with the lowest level are gradually recovered, and the link of the client is released when the network resource falls to a threshold. The connection to the lowest level client.
本发明实施例还提供一种接入无线网络的方法,用于客户端,包括:The embodiment of the invention further provides a method for accessing a wireless network, which is used for a client, and includes:
向无线访问节点发送第一认证请求,所述第一认证请求中包含所述客户端的身份识别信息;Sending a first authentication request to the wireless access node, where the first authentication request includes the identity identification information of the client;
接收所述无线访问节点返回的第一认证响应,所述第一认证响应中包含所述无线访问节点根据所述身份识别信息为所述客户端分配的级别信息;Receiving, by the wireless access node, a first authentication response, where the first authentication response includes level information that is allocated by the wireless access node to the client according to the identity identification information;
根据所述第一认证响应向所述无线访问节点发送第二认证请求,所述第二认证请求中包括所述客户端接入所述无线访问节点所需的鉴权信息;Sending a second authentication request to the wireless access node according to the first authentication response, where the second authentication request includes authentication information required by the client to access the wireless access node;
接收所述无线访问节点返回的第二认证响应,与所述无线访问节点建立连接,所述第二认证响应中包含所述无线访问节点根据所述级别信息为所述客户端分配的网络资源。Receiving a second authentication response returned by the wireless access node, establishing a connection with the wireless access node, where the second authentication response includes a network resource allocated by the wireless access node to the client according to the level information.
所述向处于高负载状态的无线访问节点发送第一认证请求之前,所述方法还包括:Before the sending the first authentication request to the wireless access node in a high load state, the method further includes:
向无线访问节点发送探测请求;Sending a probe request to the wireless access node;
接收所述无线访问节点返回的探测响应。Receiving a probe response returned by the wireless access node.
所述向处于高负载状态的无线访问节点发送第一认证请求之前,所述方法还包括:Before the sending the first authentication request to the wireless access node in a high load state, the method further includes:
接收所述无线访问节点的负载广播,所述负载广播中包含所述无线访问节点的当前负载状态;Receiving a load broadcast of the wireless access node, where the load broadcast includes a current load status of the wireless access node;
解析所述负载广播,向当前负载状态超过预设负载状态的无线访问节点发送所述第一认证请求。 Parsing the load broadcast, and sending the first authentication request to a wireless access node whose current load status exceeds a preset load status.
其中,所述负载广播利用信标帧来承载所述无线访问节点的负载状态;其中,将所述无线访问节点的负载状态封装在所述信标帧的帧主体字段中。The load broadcast uses a beacon frame to carry a load status of the wireless access node; wherein the load status of the wireless access node is encapsulated in a frame body field of the beacon frame.
其中,所述第一认证请求中包含的客户端的身份标识信息包括所述无线访问节点发放的安全码或者所述客户端的付费信息。The identity information of the client included in the first authentication request includes a security code issued by the wireless access node or payment information of the client.
其中,所述第一认证请求利用信标帧来承载所述客户端的身份标识信息;其中,将所述客户端的身份标识信息封装在所述信标帧的帧主体字段中。The first authentication request uses the beacon frame to carry the identity information of the client, where the identity information of the client is encapsulated in a frame body field of the beacon frame.
本发明实施例还提供一种接入无线网络的装置,用于无线访问节点,包括:The embodiment of the invention further provides an apparatus for accessing a wireless network, which is used for wireless accessing a node, and includes:
第一接收模块,设置为接收客户端发送的第一认证请求,所述第一认证请求中包含所述客户端的身份标识信息;a first receiving module, configured to receive a first authentication request sent by the client, where the first authentication request includes identity identification information of the client;
第一发送模块,设置为根据所述第一认证请求向所述客户端发送第一认证响应,所述第一认证响应中包含所述无线访问节点根据所述身份识别信息为所述客户端分配的级别信息;The first sending module is configured to send a first authentication response to the client according to the first authentication request, where the first authentication response includes the wireless access node assigning the client according to the identity identification information Level information;
第二接收模块,设置为接收所述客户端根据所述第一认证响应发送的第二认证请求,所述第二认证请求中包含所述客户端接入所述无线访问节点所需的鉴权信息;a second receiving module, configured to receive a second authentication request sent by the client according to the first authentication response, where the second authentication request includes an authentication required by the client to access the wireless access node information;
第二发送模块,设置为根据所述第二认证请求完成对所述客户端的鉴权,并向所述客户端发送第二认证响应,与所述客户端建立连接,所述第二认证响应中包含根据所述级别信息为所述客户端分配的网络资源。The second sending module is configured to complete the authentication of the client according to the second authentication request, and send a second authentication response to the client, to establish a connection with the client, where the second authentication response is Containing network resources allocated to the client according to the level information.
所述装置还可包括:探测模块,设置为接收所述客户端发送的探测请求,并向所述客户端返回探测响应,使得所述客户端收到所述探测响应后向所述无线访问节点发送第一认证请求。The device may further include: a detecting module, configured to receive a probe request sent by the client, and return a probe response to the client, so that the client sends the probe response to the wireless access node Send the first authentication request.
其中,所述装置还可包括:广播模块,设置为进行负载广播,所述负载广播中包含当前负载状态;其中当客户端接收的所述当前负载状态超过预设负载状态时,发送所述第一认证请求。The device may further include: a broadcast module configured to perform load broadcast, where the load broadcast includes a current load status; and when the current load status received by the client exceeds a preset load status, sending the An authentication request.
其中,所述第一认证请求中包含的客户端的身份标识信息包括所述无线访问节点发放的安全码或者所述客户端的付费信息。The identity information of the client included in the first authentication request includes a security code issued by the wireless access node or payment information of the client.
所述装置还可包括:断开模块,设置为根据所述鉴权信息对所述客户端 进行鉴权,并判断当前负载是否能够为所述客户端分配足够的网络资源,若检测到当前负载无法为所述客户端分配足够的网络资源,控制已接入的级别最低的客户端断开。The apparatus may further include: a disconnection module, configured to the client according to the authentication information Perform authentication, and determine whether the current load can allocate sufficient network resources for the client. If it is detected that the current load cannot allocate sufficient network resources for the client, the client with the lowest access level is controlled to be disconnected. .
本发明实施例还提供一种接入无线网络的装置,用于客户端,包括:The embodiment of the invention further provides an apparatus for accessing a wireless network, which is used for a client, and includes:
第三发送模块,设置为向无线访问节点发送第一认证请求,所述第一认证请求中包含所述客户端的身份识别信息;a third sending module, configured to send a first authentication request to the wireless access node, where the first authentication request includes the identity identification information of the client;
第三接收模块,设置为接收所述无线访问节点返回的第一认证响应,所述第一认证响应中包含所述无线访问节点根据所述身份识别信息为所述客户端分配的级别信息;a third receiving module, configured to receive a first authentication response returned by the wireless access node, where the first authentication response includes level information that is allocated by the wireless access node to the client according to the identity identification information;
第四发送模块,设置为根据所述第一认证响应向所述无线访问节点发送第二认证请求,所述第二认证请求中包括所述客户端接入所述无线访问节点所需的鉴权信息;a fourth sending module, configured to send a second authentication request to the wireless access node according to the first authentication response, where the second authentication request includes an authentication required by the client to access the wireless access node information;
第四接收模块,设置为接收所述无线访问节点返回的第二认证响应,与所述无线访问节点建立连接,所述第二认证响应中包含所述无线访问节点根据所述级别信息为所述客户端分配的网络资源。a fourth receiving module, configured to receive a second authentication response returned by the wireless access node, to establish a connection with the wireless access node, where the second authentication response includes the wireless access node according to the level information Network resources allocated by the client.
所述装置还可包括:探测请求模块,设置为向无线访问节点发送探测请求;探测响应模块,设置为接收所述无线访问节点返回的探测响应。The apparatus may further include: a probe requesting module configured to send a probe request to the wireless access node; and a probe response module configured to receive the probe response returned by the wireless access node.
所述装置还可包括:接收广播模块,设置为接收所述无线访问节点的负载广播,所述负载广播中包含所述无线访问节点的当前负载状态;解析模块,设置为解析所述负载广播,向当前负载状态超过预设负载状态的无线访问节点发送所述第一认证请求。The apparatus may further include: a receiving broadcast module configured to receive a load broadcast of the wireless access node, the load broadcast including a current load status of the wireless access node; and a parsing module configured to parse the load broadcast, The first authentication request is sent to a wireless access node whose current load status exceeds a preset load status.
其中,所述第一认证请求中包含的客户端的身份标识信息包括所述无线访问节点发放的安全码或者所述客户端的付费信息。The identity information of the client included in the first authentication request includes a security code issued by the wireless access node or payment information of the client.
本发明实施例还提供了一种计算机可读存储介质,存储有计算机可执行指令,所述计算机可执行指令被处理器执行时上述的方法。Embodiments of the present invention also provide a computer readable storage medium storing computer executable instructions, the method described above when the computer executable instructions are executed by a processor.
本发明实施例的接入无线网络的方法及装置中,无线访问节点先根据客户端的身份标识信息来确定客户端的特殊性,从而为客户端分配级别信息;再根据客户端发送的鉴权信息完成对客户端的鉴权,且无线访问节点根据客 户端的级别信息为客户端分配网络资源,从而与客户端建立连接;该方法能够针对客户端的资质进行智能鉴别,为特殊客户端提高优质服务,减少由于无线访问节点负荷原因为客户端带来的影响,提高产品性能并提高用户体验。In the method and device for accessing a wireless network according to the embodiment of the present invention, the wireless access node first determines the particularity of the client according to the identity identification information of the client, thereby assigning level information to the client; and then completing the authentication information sent by the client. Authentication of the client, and the wireless access node is based on the guest The level information of the client allocates network resources to the client to establish a connection with the client; the method can intelligently authenticate the client's qualification, improve the quality service for the special client, and reduce the client's load due to the wireless access node load. Impact, improve product performance and improve user experience.
在阅读并理解了附图和详细描述后,可以明白其他方面。Other aspects will be apparent upon reading and understanding the drawings and detailed description.
附图概述BRIEF abstract
图1表示相关技术中客户端接入无线访问节点的过程示意图;1 is a schematic diagram showing a process of a client accessing a wireless access node in the related art;
图2表示本发明实施例提供的无线访问节点侧的接入无线网络的方法的基本步骤流程图;2 is a flow chart showing the basic steps of a method for accessing a wireless network on a wireless access node side according to an embodiment of the present invention;
图3表示本发明实施例提供的客户端侧的接入无线网络的方法的基本步骤流程图;FIG. 3 is a flow chart showing the basic steps of a method for accessing a wireless network on a client side according to an embodiment of the present invention;
图4表示本发明实施例提供的客户端接入无线访问节点的具体流程图;4 is a specific flowchart of a client accessing a wireless access node according to an embodiment of the present invention;
图5表示本发明实施例提供的接入无线网络的方法中负载广播的信标帧格式;FIG. 5 is a diagram showing a beacon frame format of a load broadcast in a method for accessing a wireless network according to an embodiment of the present invention;
图6表示本发明实施例提供的接入无线网络的方法中第一认证请求的信标帧格式;FIG. 6 is a diagram showing a beacon frame format of a first authentication request in a method for accessing a wireless network according to an embodiment of the present invention;
图7表示本发明实施例提供的无线访问节点侧的接入无线网络的装置的组成结构图;FIG. 7 is a structural diagram showing the structure of an apparatus for accessing a wireless network on a radio access node side according to an embodiment of the present invention;
图8表示本发明实施例提供的客户端侧的接入无线网络的装置的组成结构图。FIG. 8 is a structural diagram showing the structure of an apparatus for accessing a wireless network on a client side according to an embodiment of the present invention.
本发明的实施方式Embodiments of the invention
为使本发明实施例要解决的技术问题、技术方案和优点更加清楚,下面将结合附图及具体实施例进行详细描述。The technical problems, the technical solutions, and the advantages of the embodiments of the present invention will be more clearly described in the following description.
本发明实施例针对无线网络节点对所有客户端均公平对待,导致高级用户的服务由于无线网络节点符合原因无法得到满足的现象,影响用户体验的问题,提供一种接入无线网络的方法及装置,无线访问节点先根据客户端的身份标识信息确定客户端的特殊性,从而为客户端分配级别信息;再根据客户端发送的鉴权信息完成对客户端的鉴权,且无线访问节点根据客户端的级 别信息为客户端分配网络资源,从而与客户端建立连接;该方法能够针对客户端的资质进行智能鉴别,为特殊客户端提高优质服务,减少由于无线访问节点负荷原因为客户端带来的影响,提高产品性能并提高用户体验。The embodiment of the present invention provides a method and device for accessing a wireless network, in which the wireless network node treats all clients fairly, and the service of the advanced user cannot be satisfied due to the reason that the wireless network node meets the requirements, thereby affecting the user experience. The wireless access node first determines the particularity of the client according to the identity information of the client, thereby assigning level information to the client; and then authenticating the client according to the authentication information sent by the client, and the wireless access node is based on the level of the client. The other information allocates network resources to the client to establish a connection with the client; the method can intelligently authenticate the client's qualification, improve the quality service for the special client, and reduce the impact on the client due to the wireless access node load. Improve product performance and enhance the user experience.
如图2所示,本发明实施例提供一种接入无线网络的方法,用于无线访问节点,包括:As shown in FIG. 2, an embodiment of the present invention provides a method for accessing a wireless network, which is used for a wireless access node, and includes:
步骤11,接收客户端发送的第一认证请求,所述第一认证请求中包含所述客户端的身份标识信息;Step 11: Receive a first authentication request sent by the client, where the first authentication request includes identity identification information of the client.
步骤12,根据所述第一认证请求向所述客户端发送第一认证响应,所述第一认证响应包含所述无线访问节点根据所述身份识别信息为所述客户端分配的级别信息;Step 12: Send a first authentication response to the client according to the first authentication request, where the first authentication response includes level information that is allocated by the wireless access node to the client according to the identity identification information.
步骤13,接收所述客户端根据所述第一认证响应发送的第二认证请求,所述第二认证请求中包含所述客户端接入所述无线访问节点所需的鉴权信息;Step 13: Receive a second authentication request sent by the client according to the first authentication response, where the second authentication request includes authentication information required by the client to access the wireless access node.
步骤14,根据所述第二认证请求完成对所述客户端的鉴权,并向所述客户端发送第二认证响应,与所述客户端建立连接,所述第二认证响应中包含根据所述级别信息为所述客户端分配的网络资源。Step 14: Perform authentication on the client according to the second authentication request, and send a second authentication response to the client, and establish a connection with the client, where the second authentication response is included according to the The level information is the network resource allocated by the client.
相应的,本申请上述实施例中用于客户端的一种接入无线网络的方法,包括:Correspondingly, a method for accessing a wireless network for a client in the foregoing embodiment of the present application includes:
步骤21,向无线访问节点发送第一认证请求,所述第一认证请求中包含所述客户端的身份识别信息;Step 21: Send a first authentication request to the wireless access node, where the first authentication request includes the identity identification information of the client.
步骤22,接收所述无线访问节点返回的第一认证响应,所述第一认证响应中包含所述无线访问节点根据所述身份识别信息为所述客户端分配的级别信息;Step 22: Receive a first authentication response returned by the wireless access node, where the first authentication response includes level information that is allocated by the wireless access node to the client according to the identity identification information.
步骤23,根据所述第一认证响应向所述无线访问节点发送第二认证请求,所述第二认证请求中包括所述客户端接入所述无线访问节点所需的鉴权信息;Step 23: Send a second authentication request to the wireless access node according to the first authentication response, where the second authentication request includes authentication information required by the client to access the wireless access node.
步骤24,接收所述无线访问节点返回的第二认证响应,与所述无线访问节点建立连接,所述第二认证响应中包含所述无线访问节点根据所述级别信 息为所述客户端分配的网络资源。Step 24: Receive a second authentication response returned by the wireless access node, establish a connection with the wireless access node, where the second authentication response includes the wireless access node according to the level letter. The network resources allocated for the client.
本申请的上述实施例中,客户端均称为STA,无线访问节点均称为AP。首先STA向AP发送第一认证请求,接收到第一认证请求的AP解析该第一认证请求中表明客户端的特殊资质的身份标识信息,根据所述身份识别信息为所述客户端分配级别信息并将所述级别信息包含在第一认证响应中返回给STA;接收到第一认证响应的STA向AP发送第二认证请求,接收到第二认证请求的AP根据所述第二认证请求中的鉴权信息,完成对STA的鉴权,并根据所述级别信息为所述客户端分配的网络资源,基于该网络资源所述AP和所述STA建立连接。本发明实施例提供的接入无线网络的方法能够对STA的资质进行智能鉴别,为特殊STA提供优质服务,减少AP由于高负荷引起的运行缓慢或崩溃问题,提高产品性能,并提高用户体验。In the above embodiments of the present application, the clients are all referred to as STAs, and the wireless access nodes are referred to as APs. First, the STA sends a first authentication request to the AP, and the AP that receives the first authentication request resolves the identity information indicating the special qualification of the client in the first authentication request, and allocates level information to the client according to the identity identification information. The level information is included in the first authentication response and returned to the STA; the STA that receives the first authentication response sends a second authentication request to the AP, and the AP that receives the second authentication request is based on the information in the second authentication request. The right information completes the authentication of the STA, and the network resource allocated to the client according to the level information, and the AP establishes a connection with the STA based on the network resource. The method for accessing a wireless network provided by the embodiment of the present invention can intelligently authenticate the qualification of the STA, provide high-quality services for the special STA, reduce the slow running or crash of the AP due to high load, improve product performance, and improve user experience.
进一步的,本申请的上述实施例中步骤11之前,所述方法还可以包括:Further, before step 11 in the foregoing embodiment of the present application, the method may further include:
步骤15,接收所述客户端发送的探测请求,并向所述客户端返回探测响应,使得所述客户端收到所述探测响应后向所述无线访问节点发送第一认证请求。Step 15: Receive a probe request sent by the client, and return a probe response to the client, so that the client sends the first authentication request to the wireless access node after receiving the probe response.
相应的,步骤21之前所述方法还可以包括:Correspondingly, the method before step 21 may further include:
步骤25,向无线访问节点发送探测请求;Step 25: Send a probe request to the wireless access node.
步骤26,接收所述无线访问节点返回的探测响应。Step 26: Receive a probe response returned by the wireless access node.
进一步的,本申请的上述实施例中步骤11之前,所述方法还包括:Further, before step 11 in the foregoing embodiment of the present application, the method further includes:
步骤16,进行负载广播,所述负载广播中包含当前负载状态;其中当客户端接收的所述当前负载状态超过预设负载状态时,发送所述第一认证请求。即当AP的当前负载状态超过预设负载状态时,该AP当前处于高负载状态;否则,该AP当前处于低负载状态。Step 16: Perform load broadcast, where the load broadcast includes a current load status, where the first authentication request is sent when the current load status received by the client exceeds a preset load status. That is, when the current load state of the AP exceeds the preset load state, the AP is currently in a high load state; otherwise, the AP is currently in a low load state.
相应的,本申请的上述实施例中步骤11之前,所述方法还可以包括:Correspondingly, before step 11 in the above embodiment of the present application, the method may further include:
步骤27,接收所述无线访问节点的负载广播,所述负载广播中包含所述无线访问节点的当前负载状态;Step 27: Receive a load broadcast of the wireless access node, where the load broadcast includes a current load status of the wireless access node.
步骤28,解析所述负载广播,向当前负载状态超过预设负载状态的无线访问节点发送所述第一认证请求。其中,当AP的当前负载状态超过预设负 载状态时,该AP当前处于高负载状态;否则,该AP当前处于低负载状态。Step 28: Parse the load broadcast, and send the first authentication request to a wireless access node whose current load status exceeds a preset load status. Wherein, when the current load state of the AP exceeds the preset negative When the state is loaded, the AP is currently in a high load state; otherwise, the AP is currently in a low load state.
较佳的,本申请的上述实施例中所述负载广播利用信标帧承载所述无线访问节点的负载状态;其中,将所述无线访问节点的负载状态封装在所述信标帧的帧主体字段中。Preferably, the load broadcast in the foregoing embodiment of the present application uses a beacon frame to carry a load status of the wireless access node; wherein the load status of the wireless access node is encapsulated in a frame body of the beacon frame In the field.
较佳的,本申请的上述实施例中所述第一认证请求中包含的客户端的身份标识信息包括所述无线访问节点发放的安全码或者所述客户端的付费信息。且所述第一认证请求利用信标帧承载所述客户端的身份标识信息;其中,将所述客户端的身份标识信息封装在所述信标帧的帧主体字段中。Preferably, the identity identification information of the client included in the first authentication request in the foregoing embodiment of the present application includes a security code issued by the wireless access node or payment information of the client. And the first authentication request carries the identity information of the client by using a beacon frame, where the identity information of the client is encapsulated in a frame body field of the beacon frame.
需要说明的,当处于高负载状态的AP无法为STA分配足够的网络资源时,本发明实施例提供的方法还可以包括:It should be noted that, when the AP in the high load state cannot allocate sufficient network resources to the STA, the method provided by the embodiment of the present invention may further include:
步骤17,根据所述鉴权信息对所述客户端进行鉴权,并判断当前负载是否能够为所述客户端分配足够的网络资源,若检测到当前负载无法为所述客户端分配足够的网络资源,控制已接入的级别最低的客户端断开。Step 17: Authenticate the client according to the authentication information, and determine whether the current load can allocate sufficient network resources to the client, and if the current load is detected, the client cannot be allocated enough network. Resources that control the lowest level of clients that have been disconnected.
具体的,所述控制已接入的级别最低的客户端断开的步骤具体可以为:将所述级别最低的客户端的网络资源逐步回收,直至网络资源降至一阈值时释放所述客户端的链路,断开与级别最低的客户端的连接。Specifically, the step of controlling the disconnected client with the lowest level of access may be: gradually recovering the network resources of the client with the lowest level, and releasing the chain of the client when the network resource falls to a threshold. Road, disconnect from the lowest level client.
为了更好的对本发明实施例提供的接入无线网络的方法进行详细描述,下面结合图4对本发明实施例的方法的进行具体说明:For a detailed description of the method for accessing a wireless network provided by the embodiment of the present invention, the method of the embodiment of the present invention is specifically described below with reference to FIG. 4:
步骤31,AP进行负载广播,负载广播中包含AP的当前负载信息;此广播通过Beacon帧(信标帧)来完成。Step 31: The AP performs load broadcast, where the load broadcast includes current load information of the AP; the broadcast is completed by a Beacon frame (beacon frame).
所述的负载信息,是指AP本身已接入的STA数量、以及根据AP可为STA分配的带宽所得到的加权值。AP对于负载的计算,结合STA数量以及AP所剩余的可为STA分配的带宽,例如,当AP已接入的STA已经到最大接入数,则不再考虑AP可分配的带宽,即认为AP已达到高负载状态;当AP已接入的STA未达到最大接入数,而按照每个STA已分配到的带宽进行加权计划,计算得出当前AP可以分配的带宽,当AP可分配的带宽达到一定的阈值时,认为AP已达到高负载。The load information refers to the number of STAs that the AP itself has accessed, and the weighted value obtained according to the bandwidth that the AP can allocate for the STA. For the calculation of the load, the AP combines the number of STAs and the bandwidth that can be allocated for the STAs. For example, when the STAs that the AP has accessed have reached the maximum number of accesses, the bandwidth that the AP can allocate is no longer considered. The AP has reached the high load state; when the STAs that the AP has accessed do not reach the maximum number of accesses, and the weighting plan is performed according to the bandwidth allocated by each STA, the bandwidth that the current AP can allocate is calculated, and the bandwidth that the AP can allocate is calculated. When a certain threshold is reached, the AP is considered to have reached a high load.
如图5所示,本发明实施例中负载广播所使用的管理帧的帧结构是对 802.11MAC标准帧进行了改进,修改的内容包括:As shown in FIG. 5, the frame structure of the management frame used by the payload broadcast in the embodiment of the present invention is The 802.11MAC standard frame has been improved, and the modifications include:
Frame Control(帧控制)字段:对标准帧的Frame Control字段进行改进,从该字段的Type=00可以看到,此帧属于管理帧;Frame Control field: Improves the Frame Control field of the standard frame. As can be seen from Type=00 of the field, this frame belongs to the management frame.
Sub Type(子类型):对标准帧的Sub Type字段进行改进,构成本发明实施例的特殊帧,用于广播AP的负载,而接收到此管理帧的STA也能够对其进行解析。Sub Type: The Sub Type field of the standard frame is modified to form a special frame of the embodiment of the present invention, which is used to broadcast the load of the AP, and the STA that receives the management frame can also parse it.
其中,本发明实施例的Sub Type赋值为0110。由于标准协议中管理帧的Sub Type值0110~0111与1101~1111未被定义,此处可使用其中的任意一个值,与其它的标准值相区分。The Sub Type value of the embodiment of the present invention is 0110. Since the Sub Type values 0110 to 0111 and 1101 to 1111 of the management frame in the standard protocol are not defined, any one of them can be used here to distinguish it from other standard values.
Frame Body(帧主体)字段:Frame body字段是帧的数据字段,本实施例中将AP的负载信息封装在该字段中,包括AP负载状态Load_State(高负载时置为1,非高负载时置为0)以及负载值Load_Per(百分比形式体现,即当前可分配的带宽占总共可分配的带宽的百分比)。Frame Body field: The frame body field is the data field of the frame. In this embodiment, the load information of the AP is encapsulated in the field, including the AP load state Load_State (set to 1 when the load is high, and not when the load is high). It is 0) and the load value Load_Per (in the form of a percentage, that is, the current allocateable bandwidth as a percentage of the total available bandwidth).
除了上述对标准帧进行了修改的字段以外,该帧中还包括以下字段:In addition to the above-described fields that have been modified for standard frames, the following fields are also included in the frame:
Frame Control字段中还包括:Protocol(协议版本)位、To DS与From DS位、More Fragment(更多分段)位、Retry(重试)位、Power Management(电源管理)位、More Data(更多数据)位、Protected Frame(保护帧)位及Order(顺序)位;Duration/ID(时长)字段、Address1(地址1)字段、Address2(地址2)字段、Address3(地址3)字段、Sequence Control(顺序控制)字段Address4(地址4)字段、FCS(帧校验序列)字段。上述各字段的定义同相关标准,在此不再进行赘述。The Frame Control field also includes: Protocol version bits, To DS and From DS bits, More Fragment bits, Retry bits, Power Management bits, More Data. Multi-data) bits, Protected Frame bits, and Order bits; Duration/ID field, Address1 field, Address2 field, Address3 field, Sequence Control (Sequence Control) Fields Address4 (Address 4) field, FCS (Frame Check Sequence) field. The definitions of the above fields are the same as the related standards, and are not described here.
步骤32,STA解析来自AP的负载广播帧,提取其中AP的负载信息,并对该AP的负载信息进行判别。Step 32: The STA parses the load broadcast frame from the AP, extracts the load information of the AP, and discriminates the load information of the AP.
步骤33,根据步骤32的判别结果,当AP处于高负载时,转向步骤34,当AP不是处于高负载时,转向步骤311。In step 33, according to the determination result of step 32, when the AP is under high load, the process proceeds to step 34, and when the AP is not at a high load, the process proceeds to step 311.
步骤311,由于AP当前处于低负载状态,STA向AP发起正常的探测请求,在收到来自AP的探测响应后发起认证和接入流程。Step 311: The STA initiates a normal probe request to the AP because the AP is currently in a low load state, and initiates an authentication and access procedure after receiving the probe response from the AP.
步骤34,STA向AP发送探测请求,收到来自AP的探测响应后,发起 特殊认证请求(第一认证请求);Step 34: The STA sends a probe request to the AP, and after receiving the probe response from the AP, the STA initiates Special authentication request (first authentication request);
所述特殊认证请求,是指STA向AP发送的认证请求中,包含STA的特殊认证信息。所述特殊认证信息,是指可以表明STA特殊资质的信息,例如由AP持有人发放的安全码、付费信息等。The special authentication request refers to the special authentication information of the STA included in the authentication request sent by the STA to the AP. The special authentication information refers to information that can indicate the special qualification of the STA, such as a security code and payment information issued by the AP holder.
请参见图6,STA向AP发起的特殊认证请求,对802.11MAC标准帧进行了改进,修改的内容包括:Referring to FIG. 6, the STA performs a special authentication request to the AP, and the 802.11 MAC standard frame is improved. The modified content includes:
Frame Control(帧控制)字段:对标准帧的Frame Control字段进行改进,从该字段的Type=00可以看到,此帧属于管理帧;Frame Control field: Improves the Frame Control field of the standard frame. As can be seen from Type=00 of the field, this frame belongs to the management frame.
Sub Type(子类型):对标准帧的Sub Type字段进行改进,构成本实施例的特殊帧,用于广播AP的负载,而接收到此管理帧的STA也能够对其进行解析。Sub Type: The Sub Type field of the standard frame is modified to form a special frame of the present embodiment for broadcasting the load of the AP, and the STA that receives the management frame can also parse it.
其中,本实施例的Sub Type赋值为0111。由于标准协议中管理帧的Sub Type值0110~0111与1101~1111未被定义,此处可使用其中的任意一个值,与其它的标准值相区分。The Sub Type value of this embodiment is 0111. Since the Sub Type values 0110 to 0111 and 1101 to 1111 of the management frame in the standard protocol are not defined, any one of them can be used here to distinguish it from other standard values.
Frame Body(帧主体)字段:Frame body字段是帧的数据字段,本实施例中将STA的特殊认证信息封装在该字段中,例如由AP持有人发放的安全码Security_CODE、付费信息Payment_Info等。优选的,AP持有人可以通过面授或其它的方式为STA用户提供安全码,用来标识STA的优先级。优选的,当STA所提供的付费信息中额度越高,表明STA具有越高的资质,可能得到AP所提供的越优质的服务。Frame Body field: The frame body field is a data field of a frame. In this embodiment, the STA's special authentication information is encapsulated in the field, such as the security code Security_CODE, the payment information Payment_Info, and the like issued by the AP holder. Preferably, the AP holder can provide the STA user with a security code by face-to-face or other means to identify the priority of the STA. Preferably, the higher the amount of payment information provided by the STA, indicating that the STA has a higher qualification, and the better service provided by the AP may be obtained.
除了上述对标准帧进行了修改的字段以外,该帧中还包括以下字段:In addition to the above-described fields that have been modified for standard frames, the following fields are also included in the frame:
Frame Control字段中还包括:Protocol(协议版本)位、To DS与From DS位、More Fragment(更多分段)位、Retry(重试)位、Power Management(电源管理)位、More Data(更多数据)位、Protected Frame(保护帧)位及Order(顺序)位;Duration/ID(时长)字段、Address1(地址1)字段、Address2(地址2)字段、Address3(地址3)字段、Sequence Control(顺序控制)字段Address4(地址4)字段、FCS(帧校验序列)字段。上述各字段的定义同相关标准,在此不再进行赘述。 The Frame Control field also includes: Protocol version bits, To DS and From DS bits, More Fragment bits, Retry bits, Power Management bits, More Data. Multi-data) bits, Protected Frame bits, and Order bits; Duration/ID field, Address1 field, Address2 field, Address3 field, Sequence Control (Sequence Control) Fields Address4 (Address 4) field, FCS (Frame Check Sequence) field. The definitions of the above fields are the same as the related standards, and are not described here.
步骤35,AP收到来自STA的特殊认证请求后,对其中包含的特殊认证信息进行提取和解析。Step 35: After receiving the special authentication request from the STA, the AP extracts and parses the special authentication information included in the STA.
步骤36,AP通过设置模块查询本地的用户信息列表,来查询此STA相关的信息,如果查询成功,转向步骤37,如果查询不成功,转向步骤312。Step 36: The AP queries the local user information list by using the setting module to query the STA-related information. If the query is successful, the process proceeds to step 37. If the query is unsuccessful, the process proceeds to step 312.
所述的用户信息列表,是AP本地保存的用户信息,此用户信息可以由AP用户人工输入,也可以根据其它应用程序关联获得,例如消费流水单的扫描等。The user information list is user information saved locally by the AP, and the user information may be manually input by the AP user, or may be obtained according to other application programs, such as scanning of the consumption flow list.
用户信息列表由Level_Num作为第一索引,MAC地址作为第二索引,包括以下字段:The user information list has Level_Num as the first index and the MAC address as the second index, including the following fields:
MAC Address:STA的MAC地址,如果用户信息列表中某个用户未曾通过WIFI方式接入AP时,将MAC地址置为全F;MAC Address: MAC address of the STA. If a user in the user information list has not accessed the AP through WIFI, set the MAC address to F.
Security_CODE:安全码,由AP用户提供,来源可以是用户手动输入,或是来自于消费流水单号扫描。例如安全码可以是消费流水单号的后N位。需要说明的是,安全码是STA和AP共同持有的。用于STA和AP的特殊认证过程。Security_CODE: Security code, provided by the AP user, the source can be manually input by the user, or from the consumption flow number number scan. For example, the security code can be the last N digits of the consumption flow number. It should be noted that the security code is jointly held by the STA and the AP. A special authentication process for STAs and APs.
Level_Num:级别信息,即AP为STA设置的级别信息。此级别信息用于AP为STA分配资源时使用。Level_Num: Level information, that is, the level information set by the AP for the STA. This level information is used when the AP allocates resources for the STA.
需要说明的是,Level_Num的计算是由特殊认证信息以及AP对某用户的特殊设置生成。其中,AP用户可以在AP上对某个用户的级别进行设置,当AP用户未设置时,AP用户根据STA的特殊认证信息中的付费信息以及信用记录来生成。It should be noted that the calculation of Level_Num is generated by the special authentication information and the special settings of the AP for a certain user. The AP user can set the level of a certain user on the AP. When the AP user is not set, the AP user generates the information according to the payment information and the credit record in the special authentication information of the STA.
需要说明的是,Level_Num是按从高到低的顺序来排序的,当某个新的STA接入AP或AP手动输入某用户信息时,用户信息列表会根据Level_Num的值进行排序更新。It should be noted that Level_Num is sorted in descending order. When a new STA accesses an AP or an AP manually inputs a user information, the user information list is sorted and updated according to the value of Level_Num.
步骤37,由于AP查询到STA的特殊认证信息,认为STA提供的特殊认证信息是有效的,根据STA的特殊认证信息,为AP分配级别信息,并更新本地的用户信息列表。Step 37: The AP considers that the special authentication information of the STA is valid, and considers that the special authentication information provided by the STA is valid, allocates level information to the AP according to the special authentication information of the STA, and updates the local user information list.
步骤38,AP向STA发送认证响应,接受STA的特殊认证请求。此认证 响应中需要包括AP为此STA分配的级别信息。然后STA向AP发起认证请求(第二认证请求),完成密码鉴权。In step 38, the AP sends an authentication response to the STA, and accepts the special authentication request of the STA. This certification The response needs to include the level information assigned by the AP to this STA. The STA then initiates an authentication request (second authentication request) to the AP to complete the password authentication.
步骤39,AP根据此STA的级别信息,为此STA分配匹配的网络资源。Step 39: The AP allocates matching network resources to the STA according to the level information of the STA.
需要说明的是,当AP检测到自身的负载无法为此STA分配足够的网络资源时,需要通过对用户信息列表的查询,将其中在网的级别最低的用户断开。It should be noted that when the AP detects that its own load cannot allocate sufficient network resources for the STA, it needs to disconnect the user with the lowest level in the network through the query of the user information list.
需要说明的是,对将低级别的STA(以下均称为STA_LOW)的断开时逐步完成的,AP将STA_LOW的资源进行逐步回收,直至资源降至一定阈值时释放该用户的链路。It should be noted that, when the disconnection of the lower-level STAs (hereinafter referred to as STA_LOW) is completed step by step, the AP gradually recovers the resources of the STA_LOW, and releases the link of the user when the resources fall to a certain threshold.
考虑到用户体验,此处AP将STA_LOW用户断开时,需要向此STA_LOW用户发送连接断开告警信息,提示用户离网,在规定时间内检测到此用户仍然在网时,断开与此STA_LOW用户的链路。Considering the user experience, when the AP disconnects the STA_LOW user, the AP needs to send a disconnection alarm message to the STA_LOW user, prompting the user to leave the network, and disconnecting the STA_LOW when the user is still in the network within the specified time. User's link.
步骤310,AP与STA建立连接。In step 310, the AP establishes a connection with the STA.
步骤312,由于AP认为STA提供的特殊认证信息是无效的,因此向STA发送认证响应,拒绝STA的特殊认证请求。In step 312, since the AP considers that the special authentication information provided by the STA is invalid, the AP sends an authentication response to the STA, and rejects the special authentication request of the STA.
步骤313,STA向AP发起正常认证,接入流程。In step 313, the STA initiates normal authentication and access procedures to the AP.
本发明实施例还提出一种接入无线网络的方法能够对STA的资质进行智能鉴别,为特殊STA提供优质服务,减少AP由于高负荷引起的运行缓慢或崩溃问题;提高产品性能,并提高用户体验。The embodiment of the invention further provides a method for accessing a wireless network, which can intelligently authenticate the qualification of the STA, provide high-quality services for the special STA, reduce the slow running or crash of the AP due to high load, improve product performance, and improve users. Experience.
如图7所示,本发明实施例的一种接入无线网络的装置,用于无线访问节点,包括:As shown in FIG. 7, an apparatus for accessing a wireless network according to an embodiment of the present invention is used for a wireless access node, including:
第一接收模块71,设置为接收客户端发送的第一认证请求,所述第一认证请求中包含所述客户端的身份标识信息;The first receiving module 71 is configured to receive a first authentication request sent by the client, where the first authentication request includes identity identification information of the client;
第一发送模块72,设置为根据所述第一认证请求向所述客户端发送第一认证响应,所述第一认证响应中包含所述无线访问节点根据所述身份识别信息为所述客户端分配的级别信息;The first sending module 72 is configured to send a first authentication response to the client according to the first authentication request, where the first authentication response includes the wireless access node as the client according to the identity identification information Allocated level information;
第二接收模块73,设置为接收所述客户端根据所述第一认证响应发送的第二认证请求,所述第二认证请求中包含所述客户端接入所述无线访问节点 所需的鉴权信息;The second receiving module 73 is configured to receive a second authentication request sent by the client according to the first authentication response, where the second authentication request includes the client accessing the wireless access node Required authentication information;
第二发送模块74,设置为根据所述第二认证请求完成对所述客户端的鉴权,并向所述客户端发送第二认证响应,与所述客户端建立连接,所述第二认证响应中包含根据所述级别信息为所述客户端分配的网络资源。The second sending module 74 is configured to complete authentication of the client according to the second authentication request, and send a second authentication response to the client, establish a connection with the client, and the second authentication response The network resource allocated to the client according to the level information is included.
具体的,本申请的上述实施例中所述装置还包括:Specifically, the device in the foregoing embodiment of the present application further includes:
探测模块,设置为接收所述客户端发送的探测请求,并向所述客户端返回探测响应,使得所述客户端收到所述探测响应后向所述无线访问节点发送第一认证请求。The detecting module is configured to receive the probe request sent by the client, and return a probe response to the client, so that the client sends the first authentication request to the wireless access node after receiving the probe response.
具体的,本申请的上述实施例中所述装置还包括:Specifically, the device in the foregoing embodiment of the present application further includes:
广播模块,设置为进行负载广播,所述负载广播中包含当前负载状态;其中当客户端接收的所述当前负载状态超过预设负载状态时,发送所述第一认证请求。And a broadcast module, configured to perform a load broadcast, where the load broadcast includes a current load status, where the first authentication request is sent when the current load status received by the client exceeds a preset load status.
具体的,本申请的上述实施例中所述第一认证请求中包含的客户端的身份标识信息包括所述无线访问节点发放的安全码或者所述客户端的付费信息。Specifically, the identity identification information of the client included in the first authentication request in the foregoing embodiment of the present application includes a security code issued by the wireless access node or payment information of the client.
具体的,本申请的上述实施例中所述装置还包括:Specifically, the device in the foregoing embodiment of the present application further includes:
断开模块,设置为根据所述鉴权信息对所述客户端进行鉴权,并判断当前负载是否能够为所述客户端分配足够的网络资源,若检测到当前负载无法为所述客户端分配足够的网络资源,控制已接入的级别最低的客户端断开。The disconnecting module is configured to authenticate the client according to the authentication information, and determine whether the current load can allocate sufficient network resources to the client, and if the current load is detected, the client cannot be allocated. Enough network resources to control the disconnected client with the lowest level of access.
需要说明的是,本发明实施例提供的无线接入节点侧的接入无线网络的装置是应用上述无线接入节点侧的接入无线网络的方法的装置,则上述无线接入节点侧的接入无线网络的方法的所有实施例均适用于该装置,且均能达到相同或相似的有益效果。It should be noted that, the device for accessing the wireless network on the side of the wireless access node provided by the embodiment of the present invention is a device that applies the method for accessing the wireless network on the side of the wireless access node, and the device on the side of the wireless access node is connected. All embodiments of the method of entering a wireless network are applicable to the device and all achieve the same or similar benefits.
如图8所示,本发明实施例还提供一种接入无线网络的装置,用于客户端,包括:As shown in FIG. 8, the embodiment of the present invention further provides an apparatus for accessing a wireless network, which is used by a client, and includes:
第三发送模块81,设置为向无线访问节点发送第一认证请求,所述第一认证请求中包含所述客户端的身份识别信息;The third sending module 81 is configured to send a first authentication request to the wireless access node, where the first authentication request includes the identity identification information of the client;
第三接收模块82,设置为接收所述无线访问节点返回的第一认证响应, 所述第一认证响应中包含所述无线访问节点根据所述身份识别信息为所述客户端分配的级别信息;The third receiving module 82 is configured to receive the first authentication response returned by the wireless access node, The first authentication response includes level information that is allocated by the wireless access node to the client according to the identity identification information;
第四发送模块83,设置为根据所述第一认证响应向所述无线访问节点发送第二认证请求,所述第二认证请求中包括所述客户端接入所述无线访问节点所需的鉴权信息;The fourth sending module 83 is configured to send a second authentication request to the wireless access node according to the first authentication response, where the second authentication request includes a template required by the client to access the wireless access node Right information
第四接收模块84,设置为接收所述无线访问节点返回的第二认证响应,与所述无线访问节点建立连接,所述第二认证响应中包含所述无线访问节点根据所述级别信息为所述客户端分配的网络资源。The fourth receiving module 84 is configured to receive a second authentication response returned by the wireless access node, and establish a connection with the wireless access node, where the second authentication response includes the wireless access node according to the level information. The network resources allocated by the client.
具体的,本申请的上述实施例中所述装置还可以包括:Specifically, the apparatus in the foregoing embodiment of the present application may further include:
探测请求模块,设置为向无线访问节点发送探测请求;a probe requesting module, configured to send a probe request to the wireless access node;
探测响应模块,设置为接收所述无线访问节点返回的探测响应。A probe response module is configured to receive a probe response returned by the wireless access node.
具体的,本申请的上述实施例中所述装置还可以包括:Specifically, the apparatus in the foregoing embodiment of the present application may further include:
接收广播模块,设置为接收所述无线访问节点的负载广播,所述负载广播中包含所述无线访问节点的当前负载状态;Receiving a broadcast module, configured to receive a load broadcast of the wireless access node, where the load broadcast includes a current load status of the wireless access node;
解析模块,设置为解析所述负载广播,向当前负载状态超过预设负载状态的无线访问节点发送所述第一认证请求。The parsing module is configured to parse the load broadcast, and send the first authentication request to a wireless access node whose current load status exceeds a preset load status.
具体的,本申请的上述实施例中所述第一认证请求中包含的客户端的身份标识信息包括所述无线访问节点发放的安全码或者所述客户端的付费信息。Specifically, the identity identification information of the client included in the first authentication request in the foregoing embodiment of the present application includes a security code issued by the wireless access node or payment information of the client.
需要说明的是,本发明实施例提供的客户端侧的接入无线网络的装置是应用上述客户端侧的接入无线网络的方法的装置,则上述客户端侧的接入无线网络的方法的所有实施例均适用于该接入无线网络的装置,且均能达到相同或相似的有益效果。It should be noted that, the apparatus for accessing a wireless network on the client side of the embodiment of the present invention is a device for applying the method for accessing a wireless network on the client side, and the method for accessing a wireless network on the client side All of the embodiments are applicable to the device that accesses the wireless network, and both achieve the same or similar benefits.
在另外一个实施例中,还提供了一种计算机可读存储介质,存储有计算机可执行指令,所述计算机可执行指令被处理器执行时实现上述方法。该存储介质包括但不限于:光盘、软盘、硬盘、可擦写存储器等。In another embodiment, there is also provided a computer readable storage medium storing computer executable instructions that are implemented by a processor to implement the above method. The storage medium includes, but is not limited to, an optical disk, a floppy disk, a hard disk, a rewritable memory, and the like.
本领域普通技术人员可以理解上述方法中的全部或部分步骤可通过程序来指令相关硬件(例如处理器)完成,所述程序可以存储于计算机可读存储 介质中,如只读存储器、磁盘或光盘等。可选地,上述实施例的全部或部分步骤也可以使用一个或多个集成电路来实现。相应地,上述实施例中的各模块/单元可以采用硬件的形式实现,例如通过集成电路来实现其相应功能,也可以采用软件功能模块的形式实现,例如通过处理器执行存储于存储器中的程序/指令来实现其相应功能。本发明实施例不限制于任何特定形式的硬件和软件的结合。One of ordinary skill in the art will appreciate that all or part of the steps in the above methods may be performed by a program to instruct related hardware, such as a processor, which may be stored in computer readable storage. In media, such as read-only memory, disk or optical disk. Alternatively, all or part of the steps of the above embodiments may also be implemented using one or more integrated circuits. Correspondingly, each module/unit in the above embodiment may be implemented in the form of hardware, for example, by implementing an integrated circuit to implement its corresponding function, or may be implemented in the form of a software function module, for example, executing a program stored in the memory by a processor. / instruction to achieve its corresponding function. Embodiments of the invention are not limited to any specific form of combination of hardware and software.
以上所述是本发明实施例的优选实施方式,应当指出,对于本技术领域的普通技术人员来说,在不脱离本发明实施例所述原理的前提下,还可以做出若干改进和润饰,这些改进和润饰也应视为本发明实施例的保护范围。The above is a preferred embodiment of the embodiments of the present invention. It should be noted that those skilled in the art can make some improvements and refinements without departing from the principles of the embodiments of the present invention. These improvements and modifications should also be considered as protection scope of embodiments of the present invention.
工业实用性Industrial applicability
本发明实施例提供的接入无线网络的方法及装置,由无线访问节点先根据客户端的身份标识信息确定客户端的特殊性,为客户端分配级别信息;再根据客户端发送的鉴权信息完成对客户端的鉴权,且无线访问节点根据客户端的级别信息为客户端分配网络资源,从而与客户端建立连接。本发明实施例能够针对客户端的资质进行智能鉴别,为特殊客户端提高优质服务,减少由于无线访问节点负荷原因为客户端带来的影响,提高产品性能并提升用户体验。 The method and device for accessing a wireless network provided by the embodiment of the present invention, the wireless access node first determines the particularity of the client according to the identity identification information of the client, and assigns level information to the client; and then completes the authentication according to the authentication information sent by the client. The authentication of the client, and the wireless access node allocates network resources to the client according to the level information of the client, thereby establishing a connection with the client. The embodiment of the invention can intelligently identify the qualification of the client, improve the quality service for the special client, reduce the impact on the client due to the load of the wireless access node, improve the product performance and enhance the user experience.

Claims (24)

  1. 一种接入无线网络的方法,用于无线访问节点,其特征在于,包括:A method for accessing a wireless network, for wireless accessing a node, comprising:
    接收客户端发送的第一认证请求,所述第一认证请求中包含所述客户端的身份标识信息;Receiving a first authentication request sent by the client, where the first authentication request includes identity information of the client;
    根据所述第一认证请求向所述客户端发送第一认证响应,所述第一认证响应中包含所述无线访问节点根据所述身份识别信息为所述客户端分配的级别信息;Sending, by the first authentication request, a first authentication response to the client, where the first authentication response includes level information that is allocated by the wireless access node to the client according to the identity identification information;
    接收所述客户端根据所述第一认证响应发送的第二认证请求,所述第二认证请求中包含所述客户端接入所述无线访问节点所需的鉴权信息;Receiving, by the client, a second authentication request that is sent according to the first authentication response, where the second authentication request includes authentication information required by the client to access the wireless access node;
    根据所述第二认证请求完成对所述客户端的鉴权,并向所述客户端发送第二认证响应,与所述客户端建立连接,所述第二认证响应中包含根据所述级别信息为所述客户端分配的网络资源。Acquiring the authentication of the client according to the second authentication request, and sending a second authentication response to the client, establishing a connection with the client, where the second authentication response includes The network resource allocated by the client.
  2. 根据权利要求1所述的接入无线网络的方法,接收客户端发送的第一认证请求之前,所述方法还包括:The method of accessing a wireless network according to claim 1, before the receiving the first authentication request sent by the client, the method further includes:
    接收所述客户端发送的探测请求,并向所述客户端返回探测响应,使得所述客户端收到所述探测响应后向所述无线访问节点发送第一认证请求。Receiving a probe request sent by the client, and returning a probe response to the client, so that the client sends the first authentication request to the wireless access node after receiving the probe response.
  3. 根据权利要求1所述的接入无线网络的方法,接收客户端发送的第一认证请求之前,所述方法还包括:The method of accessing a wireless network according to claim 1, before the receiving the first authentication request sent by the client, the method further includes:
    进行负载广播,所述负载广播中包含当前负载状态;Performing a load broadcast, where the load broadcast includes a current load status;
    其中当客户端接收的所述当前负载状态超过预设负载状态时,发送所述第一认证请求。The first authentication request is sent when the current load status received by the client exceeds a preset load status.
  4. 根据权利要求3所述的接入无线网络的方法,其中,所述负载广播利用信标帧来承载所述无线访问节点的负载状态;其中,将所述无线访问节点的负载状态封装在所述信标帧的帧主体字段中。The method of accessing a wireless network according to claim 3, wherein said load broadcast utilizes a beacon frame to carry a load status of said wireless access node; wherein said load status of said wireless access node is encapsulated in said The frame body field of the beacon frame.
  5. 根据权利要求1所述的接入无线网络的方法,其中,所述第一认证请求中包含的客户端的身份标识信息包括所述无线访问节点发放的安全码或者所述客户端的付费信息。 The method for accessing a wireless network according to claim 1, wherein the identity identification information of the client included in the first authentication request includes a security code issued by the wireless access node or payment information of the client.
  6. 根据权利要求5所述的接入无线网络的方法,其中,所述第一认证请求利用信标帧来承载所述客户端的身份标识信息;其中,The method of accessing a wireless network according to claim 5, wherein the first authentication request uses a beacon frame to carry identity information of the client;
    将所述客户端的身份标识信息封装在所述信标帧的帧主体字段中。Encapsulating the identity information of the client in a frame body field of the beacon frame.
  7. 根据权利要求1所述的接入无线网络的方法,所述方法还包括:The method of accessing a wireless network according to claim 1, further comprising:
    根据所述鉴权信息对所述客户端进行鉴权,并判断当前负载是否能够为所述客户端分配足够的网络资源,若检测到当前负载无法为所述客户端分配足够的网络资源,控制已接入的级别最低的客户端断开。And authenticating the client according to the authentication information, and determining whether the current load can allocate sufficient network resources to the client, and if detecting that the current load cannot allocate sufficient network resources to the client, control The lowest level client that has been connected is disconnected.
  8. 根据权利要求7所述的接入无线网络的方法,其中,所述控制已接入的级别最低的客户端断开,为:The method of accessing a wireless network according to claim 7, wherein said controlling the lowest level of clients that have been accessed is disconnected, which is:
    将所述级别最低的客户端的网络资源逐步回收,直至网络资源降至一阈值时释放所述客户端的链路,断开与级别最低的客户端的连接。The network resources of the lowest level client are gradually recovered until the network resource drops to a threshold, the link of the client is released, and the connection with the lowest level client is disconnected.
  9. 一种接入无线网络的方法,用于客户端,其特征在于,包括:A method for accessing a wireless network, for a client, comprising:
    向无线访问节点发送第一认证请求,所述第一认证请求中包含所述客户端的身份识别信息;Sending a first authentication request to the wireless access node, where the first authentication request includes the identity identification information of the client;
    接收所述无线访问节点返回的第一认证响应,所述第一认证响应中包含所述无线访问节点根据所述身份识别信息为所述客户端分配的级别信息;Receiving, by the wireless access node, a first authentication response, where the first authentication response includes level information that is allocated by the wireless access node to the client according to the identity identification information;
    根据所述第一认证响应向所述无线访问节点发送第二认证请求,所述第二认证请求中包括所述客户端接入所述无线访问节点所需的鉴权信息;Sending a second authentication request to the wireless access node according to the first authentication response, where the second authentication request includes authentication information required by the client to access the wireless access node;
    接收所述无线访问节点返回的第二认证响应,与所述无线访问节点建立连接,所述第二认证响应中包含所述无线访问节点根据所述级别信息为所述客户端分配的网络资源。Receiving a second authentication response returned by the wireless access node, establishing a connection with the wireless access node, where the second authentication response includes a network resource allocated by the wireless access node to the client according to the level information.
  10. 根据权利要求9所述的接入无线网络的方法,所述向处于高负载状态的无线访问节点发送第一认证请求之前,所述方法还包括:The method of accessing a wireless network according to claim 9, before the sending the first authentication request to the wireless access node in a high load state, the method further includes:
    向无线访问节点发送探测请求;Sending a probe request to the wireless access node;
    接收所述无线访问节点返回的探测响应。Receiving a probe response returned by the wireless access node.
  11. 根据权利要求9所述的接入无线网络的方法,所述向处于高负载状态的无线访问节点发送第一认证请求之前,所述方法还包括: The method of accessing a wireless network according to claim 9, before the sending the first authentication request to the wireless access node in a high load state, the method further includes:
    接收所述无线访问节点的负载广播,所述负载广播中包含所述无线访问节点的当前负载状态;Receiving a load broadcast of the wireless access node, where the load broadcast includes a current load status of the wireless access node;
    解析所述负载广播,向当前负载状态超过预设负载状态的无线访问节点发送所述第一认证请求。Parsing the load broadcast, and sending the first authentication request to a wireless access node whose current load status exceeds a preset load status.
  12. 根据权利要求11所述的接入无线网络的方法,其中,所述负载广播利用信标帧来承载所述无线访问节点的负载状态;其中,The method of accessing a wireless network according to claim 11, wherein said load broadcast utilizes a beacon frame to carry a load status of said wireless access node;
    将所述无线访问节点的负载状态封装在所述信标帧的帧主体字段中。The load status of the wireless access node is encapsulated in a frame body field of the beacon frame.
  13. 根据权利要求9所述的接入无线网络的方法,其中,所述第一认证请求中包含的客户端的身份标识信息包括所述无线访问节点发放的安全码或者所述客户端的付费信息。The method for accessing a wireless network according to claim 9, wherein the identity identification information of the client included in the first authentication request includes a security code issued by the wireless access node or payment information of the client.
  14. 根据权利要求13所述的接入无线网络的方法,其中,所述第一认证请求利用信标帧来承载所述客户端的身份标识信息;其中,The method of accessing a wireless network according to claim 13, wherein the first authentication request uses a beacon frame to carry identity information of the client;
    将所述客户端的身份标识信息封装在所述信标帧的帧主体字段中。Encapsulating the identity information of the client in a frame body field of the beacon frame.
  15. 一种接入无线网络的装置,用于无线访问节点,其特征在于,包括:An apparatus for accessing a wireless network, used for a wireless access node, comprising:
    第一接收模块,设置为接收客户端发送的第一认证请求,所述第一认证请求中包含所述客户端的身份标识信息;a first receiving module, configured to receive a first authentication request sent by the client, where the first authentication request includes identity identification information of the client;
    第一发送模块,设置为根据所述第一认证请求向所述客户端发送第一认证响应,所述第一认证响应中包含所述无线访问节点根据所述身份识别信息为所述客户端分配的级别信息;The first sending module is configured to send a first authentication response to the client according to the first authentication request, where the first authentication response includes the wireless access node assigning the client according to the identity identification information Level information;
    第二接收模块,设置为接收所述客户端根据所述第一认证响应发送的第二认证请求,所述第二认证请求中包含所述客户端接入所述无线访问节点所需的鉴权信息;a second receiving module, configured to receive a second authentication request sent by the client according to the first authentication response, where the second authentication request includes an authentication required by the client to access the wireless access node information;
    第二发送模块,设置为根据所述第二认证请求完成对所述客户端的鉴权,并向所述客户端发送第二认证响应,与所述客户端建立连接,所述第二认证响应中包含根据所述级别信息为所述客户端分配的网络资源。The second sending module is configured to complete the authentication of the client according to the second authentication request, and send a second authentication response to the client, to establish a connection with the client, where the second authentication response is Containing network resources allocated to the client according to the level information.
  16. 根据权利要求15所述的接入无线网络的装置,还包括:The apparatus for accessing a wireless network according to claim 15, further comprising:
    探测模块,设置为接收所述客户端发送的探测请求,并向所述客户端返 回探测响应,使得所述客户端收到所述探测响应后向所述无线访问节点发送第一认证请求。a detecting module, configured to receive a probe request sent by the client, and return to the client Returning the probe response, so that the client sends the first authentication request to the wireless access node after receiving the probe response.
  17. 根据权利要求15所述的接入无线网络的装置,还包括:The apparatus for accessing a wireless network according to claim 15, further comprising:
    广播模块,设置为进行负载广播,所述负载广播中包含当前负载状态;其中当客户端接收的所述当前负载状态超过预设负载状态时,发送所述第一认证请求。And a broadcast module, configured to perform a load broadcast, where the load broadcast includes a current load status, where the first authentication request is sent when the current load status received by the client exceeds a preset load status.
  18. 根据权利要求15所述的接入无线网络的装置,其中,所述第一认证请求中包含的客户端的身份标识信息包括所述无线访问节点发放的安全码或者所述客户端的付费信息。The apparatus for accessing a wireless network according to claim 15, wherein the identity identification information of the client included in the first authentication request includes a security code issued by the wireless access node or payment information of the client.
  19. 根据权利要求15所述的接入无线网络的装置,还包括:The apparatus for accessing a wireless network according to claim 15, further comprising:
    断开模块,设置为根据所述鉴权信息对所述客户端进行鉴权,并判断当前负载是否能够为所述客户端分配足够的网络资源,若检测到当前负载无法为所述客户端分配足够的网络资源,控制已接入的级别最低的客户端断开。The disconnecting module is configured to authenticate the client according to the authentication information, and determine whether the current load can allocate sufficient network resources to the client, and if the current load is detected, the client cannot be allocated. Enough network resources to control the disconnected client with the lowest level of access.
  20. 一种接入无线网络的装置,用于客户端,其特征在于,包括:An apparatus for accessing a wireless network, configured for a client, comprising:
    第三发送模块,设置为向无线访问节点发送第一认证请求,所述第一认证请求中包含所述客户端的身份识别信息;a third sending module, configured to send a first authentication request to the wireless access node, where the first authentication request includes the identity identification information of the client;
    第三接收模块,设置为接收所述无线访问节点返回的第一认证响应,所述第一认证响应中包含所述无线访问节点根据所述身份识别信息为所述客户端分配的级别信息;a third receiving module, configured to receive a first authentication response returned by the wireless access node, where the first authentication response includes level information that is allocated by the wireless access node to the client according to the identity identification information;
    第四发送模块,设置为根据所述第一认证响应向所述无线访问节点发送第二认证请求,所述第二认证请求中包括所述客户端接入所述无线访问节点所需的鉴权信息;a fourth sending module, configured to send a second authentication request to the wireless access node according to the first authentication response, where the second authentication request includes an authentication required by the client to access the wireless access node information;
    第四接收模块,设置为接收所述无线访问节点返回的第二认证响应,与所述无线访问节点建立连接,所述第二认证响应中包含所述无线访问节点根据所述级别信息为所述客户端分配的网络资源。a fourth receiving module, configured to receive a second authentication response returned by the wireless access node, to establish a connection with the wireless access node, where the second authentication response includes the wireless access node according to the level information Network resources allocated by the client.
  21. 根据权利要求20所述的接入无线网络的装置,还包括:The apparatus for accessing a wireless network according to claim 20, further comprising:
    探测请求模块,设置为向无线访问节点发送探测请求; a probe requesting module, configured to send a probe request to the wireless access node;
    探测响应模块,设置为接收所述无线访问节点返回的探测响应。A probe response module is configured to receive a probe response returned by the wireless access node.
  22. 根据权利要求20所述的接入无线网络的装置,还包括:The apparatus for accessing a wireless network according to claim 20, further comprising:
    接收广播模块,设置为接收所述无线访问节点的负载广播,所述负载广播中包含所述无线访问节点的当前负载状态;Receiving a broadcast module, configured to receive a load broadcast of the wireless access node, where the load broadcast includes a current load status of the wireless access node;
    解析模块,设置为解析所述负载广播,向当前负载状态超过预设负载状态的无线访问节点发送所述第一认证请求。The parsing module is configured to parse the load broadcast, and send the first authentication request to a wireless access node whose current load status exceeds a preset load status.
  23. 根据权利要求20所述的接入无线网络的装置,其中,所述第一认证请求中包含的客户端的身份标识信息包括所述无线访问节点发放的安全码或者所述客户端的付费信息。The apparatus for accessing a wireless network according to claim 20, wherein the identity identification information of the client included in the first authentication request comprises a security code issued by the wireless access node or payment information of the client.
  24. 一种计算机可读存储介质,存储有计算机可执行指令,所述计算机可执行指令被处理器执行时实现权利要求1至8任一项所述的方法,和/或实现权利要求9至14任一项所述的方法。 A computer readable storage medium storing computer executable instructions that, when executed by a processor, implement the method of any one of claims 1 to 8, and/or implement any of claims 9 to One of the methods described.
PCT/CN2016/079937 2016-01-18 2016-04-21 Method and device for accessing wireless network WO2016197712A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201610032816.1A CN106982429B (en) 2016-01-18 2016-01-18 Method and device for accessing wireless network
CN201610032816.1 2016-01-18

Publications (1)

Publication Number Publication Date
WO2016197712A1 true WO2016197712A1 (en) 2016-12-15

Family

ID=57503306

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2016/079937 WO2016197712A1 (en) 2016-01-18 2016-04-21 Method and device for accessing wireless network

Country Status (2)

Country Link
CN (1) CN106982429B (en)
WO (1) WO2016197712A1 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113098737B (en) * 2019-12-23 2022-12-30 北京神经元网络技术有限公司 User node admission control method and device and electronic equipment

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101946472A (en) * 2008-01-10 2011-01-12 苹果公司 Apparatus and methods for network resource allocation
CN103096492A (en) * 2011-11-08 2013-05-08 华为终端有限公司 Method, system and relative device of wireless access point and terminal communication
CN103929784A (en) * 2013-01-10 2014-07-16 ***通信集团上海有限公司 User bandwidth control method, apparatus and system
CN104081864A (en) * 2012-01-27 2014-10-01 高通股份有限公司 Systems and methods for priority based session and mobility management dual- priority mtc devices

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101212371B (en) * 2006-12-29 2010-11-24 华为技术有限公司 Channel access parameter configuration method, access point, server, and communication system
US9148893B2 (en) * 2008-03-03 2015-09-29 Qualcomm Incorporated Access channel load management in a wireless communication system
JP2010026547A (en) * 2008-07-15 2010-02-04 Fujitsu Ltd Firewall load balancing method and firewall load balancing system
US8955054B2 (en) * 2010-01-06 2015-02-10 Qualcomm Incorporated Method and apparatus for providing simultaneous support for multiple master keys at an access point in a wireless communication system
CN103841625A (en) * 2012-11-21 2014-06-04 ***通信集团上海有限公司 WLAN access method and WLAN access device
US9055062B1 (en) * 2014-08-08 2015-06-09 Google Inc. Per-user wireless traffic handling
CN104219788A (en) * 2014-09-29 2014-12-17 王波 Access method and access device of Internet-of-Things terminal
CN105007633B (en) * 2015-06-16 2019-05-24 北京佰才邦技术有限公司 The network Enhancement Method and device of wireless communication networks

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101946472A (en) * 2008-01-10 2011-01-12 苹果公司 Apparatus and methods for network resource allocation
CN103096492A (en) * 2011-11-08 2013-05-08 华为终端有限公司 Method, system and relative device of wireless access point and terminal communication
CN104081864A (en) * 2012-01-27 2014-10-01 高通股份有限公司 Systems and methods for priority based session and mobility management dual- priority mtc devices
CN103929784A (en) * 2013-01-10 2014-07-16 ***通信集团上海有限公司 User bandwidth control method, apparatus and system

Also Published As

Publication number Publication date
CN106982429A (en) 2017-07-25
CN106982429B (en) 2021-04-20

Similar Documents

Publication Publication Date Title
US8266681B2 (en) System and method for automatic network logon over a wireless network
US9338689B2 (en) Method for mobile terminal to access wireless access point and wireless access point
CN115002924A (en) Uplink small data transmission method, network side DU and network side CU
US9473877B2 (en) Uplink/downlink transmission method for small amount of data, and corresponding terminal and mobility management unit
EP3200490B1 (en) System and method for online sign up provider selection
US20060117174A1 (en) Method of auto-configuration and auto-prioritizing for wireless security domain
CN110999356A (en) Network security management method and device
EP3758312B1 (en) Method and system for the creation of a multicast group
US20120202511A1 (en) System and Method for Resolving Contention Among Applications Requiring Data Connections Between a Mobile Communications Device and a Wireless Network
US11832340B2 (en) Session management method and apparatus
US10397859B2 (en) Wireless network access
WO2013082984A1 (en) Method for attaching e-utran and mobility management entity
US9113331B2 (en) Validating user identity by cooperation between core network and access controller
US11871223B2 (en) Authentication method and apparatus and device
EP2712262B1 (en) Network attach method and apparatus thereof for relay node
EP3758404B1 (en) Configuration information acquisition method, apparatus and device, and storage medium and system
CN113411286B (en) Access processing method and device based on 5G technology, electronic equipment and storage medium
WO2021233395A1 (en) Communication method and apparatus, and computer-readable storage medium
WO2016197712A1 (en) Method and device for accessing wireless network
WO2017054102A1 (en) Method and device for managing user equipment
WO2022068669A1 (en) Session establishment method and apparatus, access network device and storage medium
JP2003318939A (en) Communication system and control method thereof
JP5423320B2 (en) Wireless communication system and method
KR20220152950A (en) Network slice admission control (nsac) discovery and roaming enhancements
CN114302386A (en) Wireless network connection method, device, access point and storage medium

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16806610

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 16806610

Country of ref document: EP

Kind code of ref document: A1