CN107979838A - A kind of radio switch-in method, device, access point apparatus and storage medium - Google Patents
A kind of radio switch-in method, device, access point apparatus and storage medium Download PDFInfo
- Publication number
- CN107979838A CN107979838A CN201711202793.5A CN201711202793A CN107979838A CN 107979838 A CN107979838 A CN 107979838A CN 201711202793 A CN201711202793 A CN 201711202793A CN 107979838 A CN107979838 A CN 107979838A
- Authority
- CN
- China
- Prior art keywords
- mac address
- sta
- module
- preset
- radio frequency
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 61
- 238000012544 monitoring process Methods 0.000 claims description 16
- 238000004590 computer program Methods 0.000 claims description 4
- 230000008569 process Effects 0.000 abstract description 20
- 239000000523 sample Substances 0.000 description 14
- 230000004044 response Effects 0.000 description 11
- 238000010586 diagram Methods 0.000 description 5
- 230000009471 action Effects 0.000 description 3
- 230000032683 aging Effects 0.000 description 3
- 238000012545 processing Methods 0.000 description 3
- 238000004891 communication Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000018109 developmental process Effects 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000035515 penetration Effects 0.000 description 1
- 238000000060 site-specific infrared dichroism spectroscopy Methods 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/02—Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/08—Access security
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Power Engineering (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
An embodiment of the present invention provides a kind of radio switch-in method, device, access point apparatus and storage medium, wherein, radio switch-in method includes:Obtain the first MAC Address of the terminal STA that bluetooth module listens to;According to preset matching condition, whether there is in the MAC Address for the STA for meeting preset condition that the radio-frequency module of the AP for judging to obtain listens to and matched second MAC Address of the first MAC Address;If in the presence of permission STA accesses wireless network.Can be on the basis of wlan security be ensured by this programme, simplify STA accesses WLAN realizes process.
Description
Technical Field
The present invention relates to the field of communications technologies, and in particular, to a wireless access method, an apparatus, an access point device, and a storage medium.
Background
With the continuous development of communication technology, the application of WLAN (Wireless Local Area Network) is becoming more and more widespread. In a WLAN application scenario, such as personal home, restaurant, hotel, etc., built through a wireless router, in order to prevent access by an illegal STA (Station), the WLAN is generally provided with an access password. If the STA needs to Access the WLAN, the network name of the WLAN and the corresponding Access password need to be known in advance, the STA searches the network name of the WLAN needing to be accessed by searching the network signal list, then sends a wireless Access request carrying the Access password to an Access Point (AP) of the WLAN, and the AP allows the STA to Access the WLAN after verifying that the Access password is correct.
In the method for accessing the STA to the wireless network, before the STA accesses the WLAN, a user needs to know the network name of the WLAN and the corresponding access password, then the STA is operated in a manual search and manual input mode, and the verification can be performed between the STA and the AP, so that the realization process of accessing the STA to the WLAN is complex.
In order to solve the above problems, an AP scanning algorithm is proposed in a related method for accessing the STA to the wireless network, the AP automatically scans address information of surrounding STAs, and adds the scanned address information of the STA to an authentication-free white list, and through the above processing, the STA corresponding to the address information added to the authentication-free white list can automatically access the WLAN. However, due to different performance of different APs, the scanned area is not fixed, and if the scanned area of an AP is large, illegal STAs may exist in the scanned STAs, so that the WLAN has a safety hazard.
Disclosure of Invention
Embodiments of the present invention provide a wireless access method, an apparatus, an access point device, and a storage medium, so as to simplify a process of accessing a terminal STA to a WLAN on the basis of ensuring the security of the WLAN. The specific technical scheme is as follows:
in a first aspect, an embodiment of the present invention provides a wireless access method, which is applied to an access point AP, and the method includes:
acquiring a first MAC address of a terminal STA sensed by a Bluetooth module;
judging whether a second MAC address matched with the first MAC address exists in the obtained MAC addresses of the STAs meeting the preset conditions and sensed by the radio frequency module of the AP according to preset matching conditions;
and if so, allowing the STA to access the wireless network.
In a second aspect, an embodiment of the present invention provides a wireless access apparatus, which is applied to an access point AP, and the apparatus includes:
the acquisition module is used for acquiring a first MAC address of the terminal STA sensed by the Bluetooth module;
the judging module is used for judging whether a second MAC address matched with the first MAC address exists in the obtained MAC addresses of the STAs meeting the preset conditions and detected by the radio frequency module of the AP according to the preset matching conditions;
and the authentication module is used for allowing the STA to access the wireless network if the second MAC address exists.
In a third aspect, an embodiment of the present invention provides an access point device, including a processor and a storage medium, the storage medium storing machine executable instructions executable by the processor, the processor being caused by the machine executable instructions to: implementing the method steps as described in the first aspect.
In a fourth aspect, an embodiment of the present invention provides a storage medium, in which a computer program is stored, and the computer program, when executed by a processor, implements the method steps according to the first aspect.
According to the wireless access method, the wireless access device, the access point equipment and the storage medium provided by the embodiment of the invention, the first MAC address of the terminal STA sensed by the Bluetooth module is obtained, whether the second MAC address matched with the first MAC address exists in the MAC addresses of the STA meeting the preset condition sensed by the radio frequency module of the AP is judged according to the preset matching condition, and if the second MAC address exists, the STA is allowed to access the wireless network. Because the transmitting power of the bluetooth signal is far lower than that of the WLAN and the bluetooth signal has no wall-through capability, the first MAC address of the STA detected by the obtained bluetooth module is the bluetooth MAC address of the STA in the scene area, and whether the STA is legal or not is determined according to the preset matching condition by limiting the area where the STA is located, that is, whether a second MAC address matched with the first MAC address exists in the MAC addresses of the STA which meet the preset condition and are detected by the radio frequency module is determined, and if the second MAC address exists, the STA is legal. And in a secret-free condition, a legal STA is allowed to directly access the wireless network. Therefore, the implementation process of the STA accessing the WLAN is simplified, and the safety of the WLAN is ensured.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a schematic structural diagram of a WLAN network system in the prior art;
fig. 2 is a schematic flow chart of a prior art process for establishing a connection between a terminal device and an access point;
fig. 3 is a flowchart illustrating a radio access method according to an embodiment of the present invention;
fig. 4 is a schematic structural diagram of a wireless access device according to an embodiment of the present invention;
fig. 5 is a schematic structural diagram of a wireless access device according to yet another embodiment of the present invention;
fig. 6 is a schematic structural diagram of a wireless access device according to still another embodiment of the present invention;
fig. 7 is a schematic structural diagram of an access point device according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The structure of the WLAN network system is shown in fig. 1, and the WLAN network system includes STAs and APs. The STA is a terminal device supporting 802.11, such as a notebook computer equipped with a WLAN network card, a mobile phone supporting WLAN, etc.; the AP provides the STA with 802.11-based wireless access service, and simultaneously converts the 802.11 frame format of the wireless network into the frame format of other types of wired networks, such as 802.3 networks, which is equivalent to completing the bridging between the wireless network and the wired network. The process of the STA accessing the WLAN is a process of the STA establishing a connection with the AP, and the conventional process of the STA establishing a connection with the AP is shown in fig. 2.
In the first step, the STA discovers and selects an AP.
The STA can discover the AP in two ways, one is passive monitoring Beacon (Beacon) frame information, the Beacon frame is a management frame in the WLAN network, and is sent out by the AP at intervals, periodically declares the existence of the 802.11WLAN network, and various supported wireless parameters, such as network name SSID, support rate, and the like, and also includes other information of the vendor-defined AP; the other is that the STA actively sends a Probe Request (Probe Request) frame, and the AP responds to a Probe Response (Probe Response) frame, where the Probe Request frame and the Probe Response frame are Probe frames, and both the STA and the AP can send the Probe Request frame to Probe which 802.11WLAN networks around, and the AP receiving the Probe Request frame needs to respond to the Probe Response frame.
And step two, authentication.
The STA sends an Authentication Request frame to the AP, and the AP responds to the Authentication Response frame, so that mutual Authentication between the STA and the AP is realized.
And thirdly, associating.
After the STA and the AP are authenticated, when the STA tries to join the 802.11WLAN network, the STA sends an Association Request (Association Request) frame to the AP, and the AP responds to an Association Response (Association Response) frame, so far, the STA establishes Association with the AP, and the AP allocates related information to the STA. After the association is completed, the connection establishment between the AP and the STA is completed, and data message interaction can be performed. In the existing method for accessing the STA to the wireless network, an Association Request frame sent by the STA carries an access password, the AP needs to judge the access password, if the access password is the same as a preset password, the AP responds to the Association response frame, and establishes connection between the AP and the STA; if the password is different from the preset password, no response is made, namely, the connection between the AP and the STA cannot be established. The access password is added into the Association Request frame by means of manual input. This complicates the implementation of the STA to access the WLAN.
In order to simplify the implementation process of accessing the STA to the WLAN on the basis of ensuring the security of the WLAN, embodiments of the present invention provide a wireless access method, apparatus, access point device, and storage medium.
In a first aspect, a radio access method provided in an embodiment of the present invention is introduced.
As shown in fig. 3, a wireless access method provided in an embodiment of the present invention is applied to an AP, and the method may include the following steps:
s301, a first MAC address of the STA sensed by the Bluetooth module is obtained.
The bluetooth module is responsible for scanning bluetooth broadcast signals of nearby STAs, the bluetooth module may extract a first MAC (Media Access Control) address (which may be referred to as a bluetooth MAC address) of the STA from the received bluetooth broadcast signals, and the bluetooth module may be integrated in an AP (which may be a fat AP or a thin AP) or may be independent of the AP. If the Bluetooth module is integrated in the AP, the AP can directly acquire the first MAC address of the STA from the Bluetooth module of the AP; if the bluetooth module is independent of the AP, it is usually located at a position close to the AP, and the first MAC address of the STA needs to be transferred between the AP and the bluetooth module through a special interface. The first MAC address may specifically be a bluetooth MAC address. At present, STAs in the market, such as mobile phones, notebook computers, and tablet computers, often include both a radio frequency module and a bluetooth module, and the transmission power of a bluetooth signal is much lower than Wi-Fi, generally about 10 meters, and there is basically no wall penetration capability, so if the bluetooth signal of an STA can be acquired, it is more likely that the STA is located in a set security area.
If the bluetooth module of the STA is in a scannable state, the STA broadcasts the first MAC address of the STA periodically, and the bluetooth module on the AP side can directly scan the first MAC address of the STA. However, if the bluetooth module of the STA is in the non-scannable state, since the bluetooth module of the STA may respond to the connection request of the device that is once paired with the bluetooth module of the STA, the bluetooth module of the AP side may use each first MAC address as a target MAC address, add the target MAC address to the connection request, broadcast the connection request one by one, wait for the response of the STA, and if there is a STA responding to the connection request and the bluetooth module of the AP side receives a response signal, it indicates that there is a paired STA, that is, the target MAC address may be determined as the first MAC address of the STA.
S302, according to a preset matching condition, whether a second MAC address matched with the first MAC address exists in the obtained MAC addresses of the STA meeting the preset condition and sensed by the radio frequency module of the AP is judged.
The AP may acquire the first MAC address of the STA through the bluetooth module, and may acquire the MAC address of the STA (which may be referred to as a wireless MAC address) through the radio frequency module. When the STA accesses the WLAN, according to the existing access strategy, the wireless MAC address must be the wireless MAC address which the AP allows to access, and the mode can access the WLAN only in the wireless listening range of the AP, so that the security is low. Therefore, based on the existing access policy, in order to improve the security of the WLAN, the obtained first MAC address may be matched from the MAC addresses of the STAs obtained by the radio frequency module to obtain the MAC addresses of the legitimate STAs, that is, the STAs within a smaller range (within a range where bluetooth can be monitored) may access the WLAN.
In this step, the MAC address of the STA meeting the preset condition, which is sensed by the radio frequency module of the AP, may be obtained in the following manner:
acquiring the MAC address of the STA, wherein the signal intensity sensed by a radio frequency module of the AP is not less than a first preset threshold; or,
and acquiring the MAC address of the STA, wherein the increment of the signal intensity sensed by the radio frequency module of the AP is not less than a second preset threshold value.
In the embodiment of the present invention, the radio frequency module in the existing AP has a high level function, and may monitor a Probe Request frame sent by a nearby STA while providing a WLAN access service to the outside, and may obtain a location of the STA by monitoring an RSSI (Received Signal Strength Indication) measured when the Probe Request frame is monitored, that is, a Signal Strength of the STA, and determine whether the Signal Strength of the STA monitored by the radio frequency module of the AP is not less than a set first preset threshold, and if not, indicate that the STA is close to the AP, and consider that the STA is located in an AP coverage area, and may record a MAC address of the STA.
In the embodiment of the present invention, a second preset threshold may be further set, and according to the RSSI measured when the Probe Request frame is listened to, it is determined whether an increment of the signal strength of the STA listened to by the radio frequency module of the AP is not less than the second preset threshold, and if not, it indicates that the STA may have entered an area covered by the AP, and the MAC address of the STA may be recorded. For example, when the STA is outdoors, the AP learns-80 dbm of signal strength and becomes-50 dbm of signal strength indoors, and when the increase in signal strength exceeds 30dbm, the STA is considered to possibly enter the area covered by the AP, and the MAC address of the STA is recorded.
In this step, the preset matching condition may be that characters on designated positions in the first MAC address and the second MAC address are the same, and optionally, an implementation manner for determining whether the second MAC address matching the first MAC address exists in this step may be:
and judging whether a second MAC address with the same characters on the designated position as those on the first MAC address exists in the obtained MAC addresses of the STAs meeting the preset conditions and detected by the radio frequency module of the AP.
The matching process of the first MAC address and the MAC address of the STA meeting the preset condition, which is detected by the radio frequency module, is to compare characters (for example, characters on the first 10 bits) on the designated bit in the first MAC address with characters on the designated bit of the MAC address of each STA, if the comparison is the same, it indicates that a second MAC address matching with the first MAC address exists, and the corresponding STA is considered to be a valid STA located in the set area; if not, the second MAC address matched with the first MAC address does not exist, and the STA is considered to be illegal.
Most of the radio frequency modules and bluetooth modules of STAs in the market are integrated at present, that is, manufactured by the same supplier, while the MAC address belongs to a limited resource, the difference between the bluetooth MAC address and the wireless MAC address is small, and usually only the characters on the last several bits are different, for example, most mobile phone manufacturers choose to add 1 to the bluetooth MAC address as the wireless MAC address. Therefore, by using the characteristic that the characters on the designated bits are the same, the second MAC address matching the first MAC address is identified, for example, assuming that the acquired first MAC address is D0:33:11:47:88: B3 (the last two characters can be masked off, for example, the masked off characters are D0:33:11:47:88: XX; or no operation is performed), the characters on the designated bits are the characters on the first 15 bits, and then it is determined whether the characters on the first 15 bits in the MAC address meeting the preset condition detected by the radio frequency module are the MAC address of D0:33:11:47:88, and assuming that there is a MAC address of D0:33:11:47:88: B2, the MAC address is the MAC address matching D0:33:11:47:88: B3.
And S303, if the STA exists, allowing the STA to access the wireless network.
If the second MAC address matched with the first MAC address exists, the corresponding STA is considered to be located in the set area, the safety requirement is met, namely the STA is a legal STA, therefore, the corresponding STA can be allowed to be directly accessed into the wireless network according to the matched second MAC address without passing password authentication, the STA can be accessed into the wireless network, and the purpose of simplifying the access process is achieved. And, while allowing the STA to access the wireless network, the second MAC address may also be added to the authentication-free white list, so that the STA may directly access the wireless network when requesting access again. That is, after determining that a second MAC address matching the first MAC address exists in the MAC addresses of the STAs meeting the preset condition and heard by the radio frequency module of the AP, the method may further include the following steps:
and adding a second MAC address matched with the first MAC address to the authentication-free white list.
Further, in order to improve the security of the WLAN, the AP may perform an aging operation on the MAC address of each STA in the authentication-free white list, which may specifically be implemented by the following steps:
monitoring data traffic of the STA corresponding to each second MAC address in the authentication-free white list;
and when the duration of the no-data traffic is monitored to reach the preset duration, deleting the second MAC address of the STA without the data traffic from the authentication-free white list.
The AP may monitor data traffic of the STA corresponding to each MAC address in the authentication-free white list in real time, start to count a duration of no data traffic of a certain STA after monitoring that the STA has no data traffic, and delete the MAC address of the STA from the authentication-free white list if the duration reaches a preset duration (e.g., 24 hours). If a certain STA does not use the data traffic of the WLAN for a long time, it indicates that the STA is not in the limited area of the WLAN for a long time, then the STA may be regarded as an illegal STA and deleted from the authentication-free white list, so that the security of the WLAN may be improved, and if high security of the WLAN is required, the preset time duration may be set to be shorter, for example, 1 hour, 3 hours, and the like. The aging operation of the wireless address information in the authentication-free white list is performed in real time, and has no necessary sequence with the realization of the access of the STA to the wireless network, and the aging operation is not particularly limited.
By applying the embodiment, the first MAC address of the terminal STA sensed by the Bluetooth module is acquired, whether the second MAC address matched with the first MAC address exists in the MAC addresses of the STA meeting the preset condition sensed by the radio frequency module of the AP or not is judged according to the preset matching condition, and if the second MAC address exists, the STA is allowed to access the wireless network. Because the transmitting power of the bluetooth signal is far lower than that of the WLAN and the bluetooth signal has no wall-through capability, the first MAC address of the STA detected by the obtained bluetooth module is the bluetooth MAC address of the STA in the scene area, and whether the STA is legal or not is determined according to the preset matching condition by limiting the area where the STA is located, that is, whether a second MAC address matched with the first MAC address exists in the MAC addresses of the STA which meet the preset condition and are detected by the radio frequency module is determined, and if the second MAC address exists, the STA is legal. And in a secret-free condition, a legal STA is allowed to directly access the wireless network. Therefore, the implementation process of the STA accessing the WLAN is simplified, and the safety of the WLAN is ensured.
In a second aspect, corresponding to the method embodiment of the first aspect, an embodiment of the present invention provides a wireless access apparatus, as shown in fig. 4, where the apparatus may include:
an obtaining module 410, configured to obtain a first MAC address of the terminal STA sensed by the bluetooth module;
the determining module 420 is configured to determine, according to a preset matching condition, whether a second MAC address matching the first MAC address exists in the obtained MAC addresses of the STAs meeting the preset condition, which are detected by the radio frequency module of the AP;
an authentication module 430, configured to allow the STA to access a wireless network if the second MAC address exists.
Optionally, the obtaining module 410 may be further configured to:
acquiring the MAC address of the STA, wherein the signal intensity sensed by the radio frequency module of the AP is not less than a first preset threshold; or
And acquiring the MAC address of the STA, wherein the increment of the signal intensity sensed by the radio frequency module of the AP is not less than a second preset threshold value.
Optionally, the determining module 420 may be specifically configured to:
and judging whether a second MAC address with the same characters on the designated position as those on the first MAC address exists in the obtained MAC addresses of the STAs meeting the preset conditions and listened by the radio frequency module of the AP.
By applying the embodiment, the first MAC address of the terminal STA sensed by the Bluetooth module is acquired, whether the second MAC address matched with the first MAC address exists in the MAC addresses of the STA meeting the preset condition sensed by the radio frequency module of the AP or not is judged according to the preset matching condition, and if the second MAC address exists, the STA is allowed to access the wireless network. Because the transmitting power of the bluetooth signal is far lower than that of the WLAN and the bluetooth signal has no wall-through capability, the first MAC address of the STA detected by the obtained bluetooth module is the bluetooth MAC address of the STA in the scene area, and whether the STA is legal or not is determined according to the preset matching condition by limiting the area where the STA is located, that is, whether a second MAC address matched with the first MAC address exists in the MAC addresses of the STA which meet the preset condition and are detected by the radio frequency module is determined, and if the second MAC address exists, the STA is legal. And in a secret-free condition, a legal STA is allowed to directly access the wireless network. Therefore, the implementation process of the STA accessing the WLAN is simplified, and the safety of the WLAN is ensured.
Based on the embodiment shown in fig. 4, an embodiment of the present invention further provides a wireless access apparatus, as shown in fig. 5, the apparatus may include:
an obtaining module 510, configured to obtain a first MAC address of the terminal STA sensed by the bluetooth module;
a determining module 520, configured to determine, according to a preset matching condition, whether a second MAC address matching the first MAC address exists in the obtained MAC addresses of the STAs meeting the preset condition, which are detected by the radio frequency module of the AP;
an authentication module 530, configured to allow the STA to access a wireless network if a second MAC address exists;
an adding module 540, configured to add a second MAC address matching the first MAC address to an authentication-exempt white list.
Based on the embodiment shown in fig. 6, an embodiment of the present invention further provides a wireless access apparatus, as shown in fig. 6, the apparatus may include:
an obtaining module 610, configured to obtain a first MAC address of the terminal STA, which is sensed by the bluetooth module;
a determining module 620, configured to determine, according to a preset matching condition, whether a second MAC address matching the first MAC address exists in the obtained MAC addresses of the STAs meeting the preset condition, which are detected by the radio frequency module of the AP;
an authentication module 630, configured to allow the STA to access a wireless network if a second MAC address exists;
an adding module 640, configured to add a second MAC address matching the first MAC address to an authentication-exempt white list;
a monitoring module 650, configured to monitor data traffic of an STA corresponding to each second MAC address in the authentication-free white list;
a deleting module 660, configured to delete the second MAC address of the STA without data traffic from the authentication-free white list when the time length for monitoring the data traffic reaches a preset time length.
By applying the embodiment, after the MAC address of the STA is obtained by monitoring through the radio frequency module, if the MC address is determined to be stored in the authentication-free white list through authentication, the STA can be directly accessed into the wireless network without performing the operations of obtaining the first MAC address of the STA monitored by the Bluetooth module and judging whether the second MAC address matched with the first MAC address exists, so that the aim of simplifying the authentication process can be achieved; if the MAC address is not stored in the authentication-free white list, whether a second MAC address matched with the first MAC address exists in the obtained STA meeting the preset condition and detected by the radio frequency module of the AP or not is judged according to the preset matching condition by obtaining the first MAC address of the terminal STA detected by the Bluetooth module, and if the second MAC address exists, the STA is allowed to access the wireless network. Because the transmitting power of the bluetooth signal is far lower than that of the WLAN and the bluetooth signal has no wall-through capability, the first MAC address of the STA detected by the obtained bluetooth module is the bluetooth MAC address of the STA in the scene area, and whether the STA is legal or not is determined according to the preset matching condition by limiting the area where the STA is located, that is, whether a second MAC address matched with the first MAC address exists in the MAC addresses of the STA which meet the preset condition and are detected by the radio frequency module is determined, and if the second MAC address exists, the STA is legal. And in a secret-free condition, a legal STA is allowed to directly access the wireless network. Therefore, the implementation process of the STA accessing the WLAN is simplified, and the safety of the WLAN is ensured.
In a third aspect, to solve the problem in the prior art, an embodiment of the present invention provides an access point device, as shown in fig. 7, where the access point device 700 may include: a processor 701 and a storage medium 702.
The storage medium 702 stores machine executable instructions executable by the processor 701, the processor 701 being caused by the machine executable instructions to implement the steps of:
acquiring a first MAC address of a terminal STA sensed by a Bluetooth module;
judging whether a second MAC address matched with the first MAC address exists in the obtained MAC addresses of the STAs meeting the preset conditions and sensed by the radio frequency module of the AP according to preset matching conditions;
and if so, allowing the STA to access the wireless network.
Optionally, the processor 701 may further implement:
acquiring the MAC address of the STA, wherein the signal intensity sensed by the radio frequency module of the AP is not less than a first preset threshold; or
And acquiring the MAC address of the STA, wherein the increment of the signal intensity sensed by the radio frequency module of the AP is not less than a second preset threshold value.
Optionally, the processor 701 may specifically implement, in the step of determining whether a second MAC address matched with the first MAC address exists in the MAC addresses of the STAs meeting the preset condition, which are listened to by the radio frequency module of the AP according to the preset matching condition:
and judging whether a second MAC address with the same characters on the designated position as those on the first MAC address exists in the obtained MAC addresses of the STAs meeting the preset conditions and listened by the radio frequency module of the AP.
Optionally, the processor 701 may further implement:
adding a second MAC address matching the first MAC address to an authentication-free white list.
Optionally, the processor 701 may further implement:
monitoring data traffic of the STA corresponding to each second MAC address in the authentication-free white list;
and deleting the second MAC address of the STA without the data traffic from the authentication-free white list when the time length of monitoring the no data traffic reaches the preset time length.
In this embodiment, the processor of the access point device can realize that: the method comprises the steps of acquiring a first MAC address of a terminal STA sensed by a Bluetooth module, judging whether a second MAC address matched with the first MAC address exists in the MAC addresses of the STA meeting preset conditions sensed by a radio frequency module of an acquired AP or not according to preset matching conditions, and if yes, allowing the STA to access a wireless network. Because the transmitting power of the bluetooth signal is far lower than that of the WLAN and the bluetooth signal has no wall-through capability, the first MAC address of the STA detected by the obtained bluetooth module is the bluetooth MAC address of the STA in the scene area, and whether the STA is legal or not is determined according to the preset matching condition by limiting the area where the STA is located, that is, whether a second MAC address matched with the first MAC address exists in the MAC addresses of the STA which meet the preset condition and are detected by the radio frequency module is determined, and if the second MAC address exists, the STA is legal. And in a secret-free condition, a legal STA is allowed to directly access the wireless network. Therefore, the implementation process of the STA accessing the WLAN is simplified, and the safety of the WLAN is ensured.
The storage medium may include a RAM (Random Access Memory) or an NVM (Non-volatile Memory), such as at least one disk Memory. In the alternative, the storage medium may be at least one memory device located remotely from the processor.
The Processor may be a general-purpose Processor, including a Central Processing Unit (CPU), a Network Processor (NP), and the like; but also a DSP (Digital signal processing), an ASIC (Application Specific Integrated Circuit), an FPGA (Field Programmable Gate Array) or other Programmable logic device, discrete Gate or transistor logic device, discrete hardware component.
In a fourth aspect, corresponding to the wireless access method provided in the foregoing embodiments, an embodiment of the present invention provides a storage medium storing machine-executable instructions, and when the storage medium is called and executed by a processor, the storage medium implements the following steps:
acquiring a first MAC address of a terminal STA sensed by a Bluetooth module;
judging whether a second MAC address matched with the first MAC address exists in the obtained MAC addresses of the STAs meeting the preset conditions and sensed by the radio frequency module of the AP according to preset matching conditions;
and if so, allowing the STA to access the wireless network.
Optionally, the processor may further implement:
acquiring the MAC address of the STA, wherein the signal intensity sensed by the radio frequency module of the AP is not less than a first preset threshold; or
And acquiring the MAC address of the STA, wherein the increment of the signal intensity sensed by the radio frequency module of the AP is not less than a second preset threshold value.
Optionally, the processor may specifically implement:
and judging whether a second MAC address with the same characters on the designated position as those on the first MAC address exists in the obtained MAC addresses of the STAs meeting the preset conditions and listened by the radio frequency module of the AP.
Optionally, the processor may further implement:
adding a second MAC address matching the first MAC address to an authentication-free white list.
Optionally, the processor may further implement:
monitoring data traffic of the STA corresponding to each second MAC address in the authentication-free white list;
and deleting the second MAC address of the STA without the data traffic from the authentication-free white list when the time length of monitoring the no data traffic reaches the preset time length.
In this embodiment, the storage medium stores an application program that executes the wireless access method provided in the embodiment of the present invention when running, so that it is possible to implement: the method comprises the steps of acquiring a first MAC address of a terminal STA sensed by a Bluetooth module, judging whether a second MAC address matched with the first MAC address exists in the MAC addresses of the STA meeting preset conditions sensed by a radio frequency module of an acquired AP or not according to preset matching conditions, and if yes, allowing the STA to access a wireless network. Because the transmitting power of the bluetooth signal is far lower than that of the WLAN and the bluetooth signal has no wall-through capability, the first MAC address of the STA detected by the obtained bluetooth module is the bluetooth MAC address of the STA in the scene area, and whether the STA is legal or not is determined according to the preset matching condition by limiting the area where the STA is located, that is, whether a second MAC address matched with the first MAC address exists in the MAC addresses of the STA which meet the preset condition and are detected by the radio frequency module is determined, and if the second MAC address exists, the STA is legal. And in a secret-free condition, a legal STA is allowed to directly access the wireless network. Therefore, the implementation process of the STA accessing the WLAN is simplified, and the safety of the WLAN is ensured.
For the access point device and the storage medium embodiment, since the contents of the method involved are substantially similar to those of the foregoing method embodiment, the description is relatively simple, and for the relevant points, reference may be made to the partial description of the method embodiment.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
All the embodiments in the present specification are described in a related manner, and the same and similar parts among the embodiments may be referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, as for the apparatus embodiment, since it is substantially similar to the method embodiment, the description is relatively simple, and for the relevant points, reference may be made to the partial description of the method embodiment.
The above description is only for the preferred embodiment of the present invention, and is not intended to limit the scope of the present invention. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention shall fall within the protection scope of the present invention.
Claims (12)
1. A wireless access method applied to an Access Point (AP), the method comprising:
acquiring a first MAC address of a terminal STA sensed by a Bluetooth module;
judging whether a second MAC address matched with the first MAC address exists in the obtained MAC addresses of the STAs meeting the preset conditions and sensed by the radio frequency module of the AP according to preset matching conditions;
and if so, allowing the STA to access the wireless network.
2. The method according to claim 1, wherein the MAC address of the STA meeting the preset condition and detected by the radio frequency module of the AP is obtained by:
acquiring the MAC address of the STA, wherein the signal intensity sensed by the radio frequency module of the AP is not less than a first preset threshold; or,
and acquiring the MAC address of the STA, wherein the increment of the signal intensity sensed by the radio frequency module of the AP is not less than a second preset threshold value.
3. The method according to claim 1 or 2, wherein the determining, according to a preset matching condition, whether a second MAC address matching the first MAC address exists in the MAC addresses of the STAs meeting the preset condition, which are detected by the radio frequency module of the AP, includes:
and judging whether a second MAC address with the same characters on the designated position as those on the first MAC address exists in the obtained MAC addresses of the STAs meeting the preset conditions and listened by the radio frequency module of the AP.
4. The method of claim 3, further comprising:
adding a second MAC address matching the first MAC address to an authentication-free white list.
5. The method of claim 4, further comprising:
monitoring data traffic of the STA corresponding to each second MAC address in the authentication-free white list;
and deleting the second MAC address of the STA without the data traffic from the authentication-free white list when the time length of monitoring the no data traffic reaches the preset time length.
6. A wireless access apparatus, applied to an access point AP, the apparatus comprising:
the acquisition module is used for acquiring a first MAC address of the terminal STA sensed by the Bluetooth module;
the judging module is used for judging whether a second MAC address matched with the first MAC address exists in the obtained MAC addresses of the STAs meeting the preset conditions and detected by the radio frequency module of the AP according to the preset matching conditions;
and the authentication module is used for allowing the STA to access the wireless network if the second MAC address exists.
7. The apparatus of claim 6, wherein the obtaining module is further configured to:
acquiring the MAC address of the STA, wherein the signal intensity sensed by the radio frequency module of the AP is not less than a first preset threshold; or
And acquiring the MAC address of the STA, wherein the increment of the signal intensity sensed by the radio frequency module of the AP is not less than a second preset threshold value.
8. The apparatus according to claim 6 or 7, wherein the determining module is specifically configured to:
and judging whether a second MAC address with the same characters on the designated position as those on the first MAC address exists in the obtained MAC addresses of the STAs meeting the preset conditions and listened by the radio frequency module of the AP.
9. The apparatus of claim 8, further comprising:
and the adding module is used for adding a second MAC address matched with the first MAC address into an authentication-free white list.
10. The apparatus of claim 9, further comprising:
the monitoring module is used for monitoring the data traffic of the STA corresponding to each second MAC address in the authentication-free white list;
and the deleting module is used for deleting the second MAC address of the STA without the data traffic from the authentication-free white list when the time length for monitoring the data traffic reaches the preset time length.
11. An access point device comprising a processor and a storage medium storing machine executable instructions executable by the processor, the processor caused by the machine executable instructions to: carrying out the method steps of any one of claims 1 to 5.
12. A storage medium, characterized in that a computer program is stored in the storage medium, which computer program, when being executed by a processor, carries out the method steps of any one of claims 1-5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201711202793.5A CN107979838A (en) | 2017-11-27 | 2017-11-27 | A kind of radio switch-in method, device, access point apparatus and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201711202793.5A CN107979838A (en) | 2017-11-27 | 2017-11-27 | A kind of radio switch-in method, device, access point apparatus and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN107979838A true CN107979838A (en) | 2018-05-01 |
Family
ID=62011936
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201711202793.5A Pending CN107979838A (en) | 2017-11-27 | 2017-11-27 | A kind of radio switch-in method, device, access point apparatus and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN107979838A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110891298A (en) * | 2019-12-18 | 2020-03-17 | 惠州拓邦电气技术有限公司 | Bluetooth connection method, device, Bluetooth equipment and system |
| CN113225788A (en) * | 2021-04-20 | 2021-08-06 | Oppo广东移动通信有限公司 | WiFi connection method and device, electronic equipment and readable storage medium |
| CN115484600A (en) * | 2022-07-28 | 2022-12-16 | 天翼云科技有限公司 | Wireless access detection method, device, electronic equipment and storage medium |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101247610A (en) * | 2007-02-13 | 2008-08-20 | 艾威梯软件技术(北京)有限公司 | Method, equipment and system for managing multi-short distance wireless technical communication |
| CN106412809A (en) * | 2016-11-22 | 2017-02-15 | 任子行网络技术股份有限公司 | MAC address acquisition method and system based on Bluetooth and WIFI |
| CN106535092A (en) * | 2016-11-01 | 2017-03-22 | 惠州Tcl移动通信有限公司 | Network sharing method, network accessing method and system |
| US9820099B2 (en) * | 2016-02-19 | 2017-11-14 | Electronic Beacons Systems LLC | Electronic beacon reader system and method |
-
2017
- 2017-11-27 CN CN201711202793.5A patent/CN107979838A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101247610A (en) * | 2007-02-13 | 2008-08-20 | 艾威梯软件技术(北京)有限公司 | Method, equipment and system for managing multi-short distance wireless technical communication |
| US9820099B2 (en) * | 2016-02-19 | 2017-11-14 | Electronic Beacons Systems LLC | Electronic beacon reader system and method |
| CN106535092A (en) * | 2016-11-01 | 2017-03-22 | 惠州Tcl移动通信有限公司 | Network sharing method, network accessing method and system |
| CN106412809A (en) * | 2016-11-22 | 2017-02-15 | 任子行网络技术股份有限公司 | MAC address acquisition method and system based on Bluetooth and WIFI |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110891298A (en) * | 2019-12-18 | 2020-03-17 | 惠州拓邦电气技术有限公司 | Bluetooth connection method, device, Bluetooth equipment and system |
| CN113225788A (en) * | 2021-04-20 | 2021-08-06 | Oppo广东移动通信有限公司 | WiFi connection method and device, electronic equipment and readable storage medium |
| CN115484600A (en) * | 2022-07-28 | 2022-12-16 | 天翼云科技有限公司 | Wireless access detection method, device, electronic equipment and storage medium |
| CN115484600B (en) * | 2022-07-28 | 2024-12-10 | 天翼云科技有限公司 | Wireless access detection method, device, electronic device and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP3111701B1 (en) | Access point initiated neighbor report request | |
| KR101907487B1 (en) | Method and apparatus for connecting access point in a portable terminal | |
| US9572190B2 (en) | Device and method for associating with WiFi networks | |
| US20130225165A1 (en) | Out-of-band scanning for femto access point detection | |
| CN106211279B (en) | Wireless network method of network entry and wireless device | |
| US9526065B2 (en) | Device and method for WiFi scan optimization | |
| KR20110109708A (en) | Automatic connection device and method in wireless communication system | |
| US11546772B2 (en) | Method for providing assistance for pairing a Wi-Fi type terminal with a Wi-Fi type access point | |
| KR102521545B1 (en) | Method and apparatus for dynamic connection change in wlan | |
| US20250330901A1 (en) | Link Selection for an Idle or Inactive User Equipment | |
| CN108605277A (en) | Establish the method and device of WLAN connection | |
| WO2017128546A1 (en) | Method and apparatus for securely accessing wifi network | |
| CN111278036B (en) | A method and device for collecting MAC addresses | |
| JP2015035712A (en) | Radio base station apparatus, radio terminal apparatus, radio communication system, inter-terminal direct communication control method, and computer program | |
| US20180270049A1 (en) | Techniques for preventing abuse of bootstrapping information in an authentication protocol | |
| CN107979838A (en) | A kind of radio switch-in method, device, access point apparatus and storage medium | |
| CN110958611A (en) | WiFi connection control method and device, storage medium and terminal | |
| EP3114887B1 (en) | Determination method and corresponding terminal, computer program product and storage medium | |
| US9420460B2 (en) | WLAN authentication restriction | |
| US12120605B2 (en) | Access point (AP) selection in self-organizing network | |
| CN117062191A (en) | Method, device, equipment and medium for connecting wireless access points of Internet of things equipment | |
| TWI765324B (en) | Wireless communication device and wireless communication method used in wireless communication device | |
| CN107969000B (en) | Method, device, device and medium for state detection of wireless repeater uplink | |
| EP2815612A1 (en) | Out-of-band scanning for femto access point detection | |
| CN117135738B (en) | A WIFI communication method, device and network equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20180501 |