CN1852192A - Network identifying method in wireless local network - Google Patents
Network identifying method in wireless local network Download PDFInfo
- Publication number
- CN1852192A CN1852192A CN 200510100430 CN200510100430A CN1852192A CN 1852192 A CN1852192 A CN 1852192A CN 200510100430 CN200510100430 CN 200510100430 CN 200510100430 A CN200510100430 A CN 200510100430A CN 1852192 A CN1852192 A CN 1852192A
- Authority
- CN
- China
- Prior art keywords
- service set
- extended service
- identification
- network
- set identification
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
本发明公开了一种无线局域网中网络识别的方法,所述无线局域网包括多个终端设备架构而成的至少一个基本服务集及其所属的至少一扩展服务集;包括步骤:对所述扩展服务集采用唯一标识的扩展服务集标识,在进行信道扫描时,增加该扩展服务集标识参数;当终端设备初次接入时,将其扩展服务集标识参数设置为媒体访问控制广播地址;否则,设置为特定的扩展服务集标识;在网络选择时同步到对应的扩展服务集,并以该扩展服务集标识为参数与网络系统进行鉴权和关联。本发明方法由于设置了一新的扩展服务集标识以用于各终端设备和基本服务集在不同扩展服务集中的标识识别,能够全局统一标识,并且满足了802.11终端在同一ESS之下快速漫游的需求。
The invention discloses a method for network identification in a wireless local area network. The wireless local area network includes at least one basic service set constructed by a plurality of terminal devices and at least one extended service set to which it belongs; including the steps of: The set adopts the uniquely identified extended service set identification. When performing channel scanning, the extended service set identification parameter is added; when the terminal device accesses for the first time, the extended service set identification parameter is set as the media access control broadcast address; otherwise, set Identifies a specific extended service set; synchronizes to the corresponding extended service set during network selection, and uses the extended service set identification as a parameter to perform authentication and association with the network system. Since the method of the present invention sets a new extended service set identification for the identification identification of each terminal equipment and basic service set in different extended service sets, it can globally unify the identification, and satisfies the requirement of fast roaming of 802.11 terminals under the same ESS need.
Description
技术领域technical field
本发明涉及一种网络识别的方法,尤其涉及的是一种无线局域网中的网络识别方法。The invention relates to a network identification method, in particular to a network identification method in a wireless local area network.
背景技术Background technique
现有技术中,WLAN(无线局域网)技术因其在联网的无线化特点、可比拟有线的高速率接入以及其价格低廉等优势而深受市场的欢迎。目前已开始取代有线广泛应用于家庭、校园、酒店、企业办公等场合,并开始作为一种无线宽带接入技术广泛部署于公众场合,提供公众无线宽带数据接入服务。ISO/IEC 8802-11:1999“信息技术系统间远程通信和信息交换局域网和城域网特定要求第11部分:无线LAN某体访问控制(MAC,Media AccessControl地址是识别局域网节点的标识)和物理层(PHY)规范”是WLAN的国际标准,其内容对应IEEE 802.11标准。In the prior art, the WLAN (Wireless Local Area Network) technology is very popular in the market because of its wireless characteristics in networking, high-speed access comparable to wired connections, and its low price. At present, it has begun to replace wired and widely used in homes, campuses, hotels, corporate offices, etc., and has begun to be widely deployed in public places as a wireless broadband access technology to provide public wireless broadband data access services. ISO/IEC 8802-11: 1999 "Specific requirements for telecommunication and information exchange between information technology systems Local area network and metropolitan area network Part 11: Wireless LAN certain body access control (MAC, Media AccessControl address is the identification of the local area network node) and physical Layer (PHY) Specification" is an international standard for WLAN, and its content corresponds to the IEEE 802.11 standard.
中国也发布了WLAN国家标准GB/T 15629.11-2003,其与国际标准的主要差别在于在接入控制的安全机制。事实上,市场广泛应用的WLAN产品主要是IEEE 802.11标准项目组发布的针对IEEE 802.11的补充规范,包括IEEE802.11b、IEEE 802.11g、IEEE 802.11a等。其中,802.11b、802.11g工作于2.4Hz频段,802.11a工作在5GHz频段。802.11b支持的物理层速率可达到11Mb/s,802.11g、802.11a支持的物理层速率可达到54Mb/s。目前IEEE 802.11正在制订支持更高吞吐量的标准802.11n以更好地支持各种实时业务及多媒体应用,增大系统容量。China has also released the WLAN national standard GB/T 15629.11-2003, the main difference between it and the international standard lies in the security mechanism of access control. In fact, WLAN products widely used in the market are mainly the supplementary specifications for IEEE 802.11 released by the IEEE 802.11 standard project group, including IEEE802.11b, IEEE 802.11g, IEEE 802.11a, etc. Among them, 802.11b and 802.11g work in the 2.4Hz frequency band, and 802.11a work in the 5GHz frequency band. The physical layer rate supported by 802.11b can reach 11Mb/s, and the physical layer rate supported by 802.11g and 802.11a can reach 54Mb/s. At present, IEEE 802.11 is formulating a standard 802.11n that supports higher throughput to better support various real-time services and multimedia applications and increase system capacity.
根据IEEE 802.11标准定义的WLAN系统,其基本结构如图1所示,STA(Station)指包含IEEE 802.11无线局域网接口的终端设备,目前市场上许多手机都支持无线局域网接口,便携机也已内置无线局域网接口。对于一些不带无线局域网接口的设备,可以通过安装WLAN无线网卡的方式,提供无线局域网接口。According to the WLAN system defined by the IEEE 802.11 standard, its basic structure is shown in Figure 1. STA (Station) refers to a terminal device that includes an IEEE 802.11 wireless LAN interface. LAN interface. For some devices without a wireless LAN interface, a WLAN wireless network card can be installed to provide a wireless LAN interface.
如图1所示的,AP(Access Point)即接入点,相当于移动网络的基站,其主要功能是使得各终端设备STA能与其它的STA或有线网络的相关设备进行通信,例如:多个STA接入到一个AP组成一个无线局域网进行通信,接入到不同的AP的STA组成一个局域网进行通信,以及STA与有线局域网的相关设备进行通信等等。关联到一个AP下的STA就构成了一个基本服务集(BSS)。As shown in Figure 1, AP (Access Point) is the access point, which is equivalent to the base station of the mobile network. Its main function is to enable each terminal device STA to communicate with other STAs or related devices of the wired network, for example: multiple STAs connected to an AP form a wireless LAN for communication, STAs connected to different APs form a LAN for communication, and STAs communicate with related devices in a wired LAN, and so on. The STAs associated to an AP constitute a basic service set (BSS).
其中,DS(Distribution System)即分发系统,使得不同的基本服务集BSS之间、以及BSS与有线局域网之间能够组成一个大的局域网,称之为扩展服务集ESS;其中portal是指提供DS与有线局域网之间MAC服务数据单元(MSDUs)转发的逻辑点。Among them, DS (Distribution System) is the distribution system, so that different basic service sets BSS, and between BSS and wired LAN can form a large local area network, which is called extended service set ESS; where portal refers to the provision of DS and Logical point for forwarding of MAC Service Data Units (MSDUs) between wired LANs.
在802.11标准中定义了服务集标识SSID,有时也被称之为ESSID,用于标识一个扩展服务集ESS,即当BSS通过DS互联组成一个ESS时,各AP上配置的SSID是相同的。但是,由于SSID的定义并没有一个全局编码的规范,即使是两个完全独立的不同的网络,也可能配置相同的SSID,因此,在实际应用中,即使两个BSS配置的SSID是一样的,也不能由此确定这两个BSS属于同一个ESS。The 802.11 standard defines the service set identifier SSID, sometimes called ESSID, which is used to identify an extended service set ESS, that is, when BSSs are interconnected through DS to form an ESS, the SSID configured on each AP is the same. However, since the definition of SSID does not have a global encoding specification, even two completely independent and different networks may configure the same SSID. Therefore, in practical applications, even if the SSIDs configured by two BSSs are the same, Nor can it be determined that the two BSSs belong to the same ESS.
当一个STA从ESS内的一个BSS漫游到另一个BSS时,由于SSID不能可信地用于标识ESS,因此实质上不可能在STA与ESS之间建立任何关系;跨BSS的漫游相当于跨两个不同物理网络,这导致了STA与新的BSS重建关联特别是安全关联的复杂性,如需要预认证或重认证等。而且现有技术在漫游前进行目标BSS选择时,无法判断目标BSS是否与当前的BSS属于同一个ESS。When a STA roams from one BSS to another within an ESS, since the SSID cannot be trusted to identify the ESS, it is virtually impossible to establish any relationship between the STA and the ESS; roaming across BSSs is equivalent to crossing two different physical networks, which leads to the complexity of re-establishing associations between STAs and new BSSs, especially security associations, such as the need for pre-authentication or re-authentication. Moreover, in the prior art, when selecting a target BSS before roaming, it is impossible to determine whether the target BSS and the current BSS belong to the same ESS.
因此,现有技术还存在缺陷,而有待于改进和发展。Therefore, there are also defects in the prior art, which need to be improved and developed.
发明内容Contents of the invention
本发明的目的在于提供一种无线局域网中网络识别的方法,对应802.11标准定义的扩展服务集ESS概念,提出了一种ESS识别方案,能唯一标识不同的ESS,并满足802.11终端在同一ESS之下快速漫游的需求。The purpose of the present invention is to provide a method for network identification in a wireless local area network. Corresponding to the extended service set ESS concept defined by the 802.11 standard, an ESS identification scheme is proposed, which can uniquely identify different ESSs and satisfy the requirements of 802.11 terminals in the same ESS. meet the needs of fast roaming.
为达到上述目的,本发明的技术方案包括:To achieve the above object, technical solutions of the present invention include:
一种无线局域网中网络识别的方法,所述无线局域网包括多个终端设备架构而成,所述多个终端设备组成至少一个基本服务集,所述基本服务集又组成至少一扩展服务集;所述方法包括步骤:A method for network identification in a wireless local area network, wherein the wireless local area network is structured by a plurality of terminal devices, the plurality of terminal devices form at least one basic service set, and the basic service set forms at least one extended service set; Said method comprises steps:
A、对所述扩展服务集采用唯一标识的扩展服务集标识,在进行信道扫描时,增加该扩展服务集标识参数;A. Using a uniquely identified extended service set identifier for the extended service set, and adding the extended service set identifier parameter when performing channel scanning;
B、当终端设备初次接入时,将其扩展服务集标识参数设置为媒体访问控制广播地址;否则,设置为特定的扩展服务集标识;B. When the terminal device accesses for the first time, set its extended service set identification parameter to the media access control broadcast address; otherwise, set it to a specific extended service set identification;
C、在网络选择时如果所述终端设备的扩展服务集标识参数不为媒体访问控制广播地址,则判断对应信道是否属于与该终端设备相同扩展服务集标识的扩展服务集,如是则同步到对应的扩展服务集,并以该扩展服务集标识为参数与网络系统进行鉴权和关联。C. When selecting a network, if the ESSI parameter of the terminal equipment is not the media access control broadcast address, then judge whether the corresponding channel belongs to the ESSA with the same ESSI ID as the terminal equipment, and if so, synchronize to the corresponding The extended service set, and use the extended service set identifier as a parameter to authenticate and associate with the network system.
所述的方法,其中,所述扩展服务集标识为对应扩展服务集的媒体访问控制广播地址。Said method, wherein, said extended service set identifier is a media access control broadcast address corresponding to the extended service set.
所述的方法,其中,所述扩展服务集表示为对应扩展服务集与外部网络互通的入口地址。The method described above, wherein, the extended service set is represented as an entry address corresponding to the extended service set communicating with the external network.
所述的方法,其中,所述基本服务集所属的扩展服务集通过802.11信标帧中增加域扩展服务集广播其扩展服务集标识。The method described above, wherein, the extended service set to which the basic service set belongs broadcasts its extended service set identifier by adding a domain extended service set in the 802.11 beacon frame.
所述的方法,其中,所述基本服务集属于多个扩展服务集时,在所述域扩展服务集设置一扩展服务集标识的列表。The method described above, wherein when the basic service set belongs to multiple extended service sets, a list of extended service set identifiers is set in the domain extended service set.
所述的方法,其中,还包括:在信道扫描的应答帧中增加相应域扩展服务集携带其扩展服务集标识。The method further includes: adding the corresponding domain extended service set to carry its extended service set identifier in the response frame of channel scanning.
所述的方法,其中,所述应答帧中未携带扩展服务集标识或扩展服务集标识为广播地址时,对应域扩展服务集标识为该基本服务集的扩展服务集标识。The method described above, wherein, when the response frame does not carry the ESID or the ESID is a broadcast address, the corresponding ESID is the ESID of the basic service set.
所述的方法,其中,所述无线局域网根据所述扩展服务集标识对应为一层级架构,该层级架构包括:一基本服务集级和一扩展服务集级;一鉴权服务器连接该两级网络,并且各终端设备与鉴权服务器之间进行身份认证,协商主密钥,并生成相应的扩展服务集域密钥,以及基本服务集域密钥即会话密钥。The method described above, wherein, the wireless local area network corresponds to a hierarchical structure according to the extended service set identifier, and the hierarchical structure includes: a basic service set level and an extended service set level; an authentication server connected to the two-level network , and perform identity authentication between each terminal device and the authentication server, negotiate a master key, and generate a corresponding extended service set domain key, and a basic service set domain key that is a session key.
所述的方法,其中,所述会话密钥依据所述扩展服务集域密钥生成,而所述扩展服务集域密钥依据所述终端设备与鉴权服务器之间协商的主密钥生成。The method described above, wherein the session key is generated according to the extended service set domain key, and the extended service set domain key is generated according to a master key negotiated between the terminal device and the authentication server.
本发明所提供的一种无线局域网中网络识别的方法,由于设置了一新的扩展服务集标识以用于各终端设备和基本服务集在不同扩展服务集中的标识识别,能够统一标识,并且满足了802.11终端在同一ESS之下快速漫游的需求。A method for network identification in a wireless local area network provided by the present invention, since a new extended service set identification is set for the identification identification of each terminal device and basic service set in different extended service sets, the identification can be unified, and satisfy Meets the requirement for fast roaming of 802.11 terminals under the same ESS.
附图说明Description of drawings
图1为现有技术的802.11标准所规定的网络架构图;FIG. 1 is a network architecture diagram specified in the 802.11 standard of the prior art;
图2为本发明的无线局域网的网络架构示意图;Fig. 2 is a schematic diagram of the network architecture of the wireless local area network of the present invention;
图3a为本发明方法的信道扫描时的被动扫描的流程图;Fig. 3 a is the flow chart of the passive scanning when the channel scanning of the method of the present invention;
图3b为本发明方法的信道扫描时的主动扫描的流程图;Fig. 3 b is the flow chart of the active scanning when the channel scanning of the method of the present invention;
图4为本发明方法的无线局域网的网络架构示意图。FIG. 4 is a schematic diagram of the network architecture of the wireless local area network of the method of the present invention.
具体实施方式Detailed ways
以下结合附图,将对本发明的各较佳实施例进行较为详细的说明。Various preferred embodiments of the present invention will be described in detail below in conjunction with the accompanying drawings.
本发明所述的无线局域网中网络识别的方法中,其设置了一新的ESS标识:扩展服务集标识ESSID,在现有的802.11标准定义的基本服务集BSS采用的标识BSSID是AP的MAC地址。对于ESS,采用SSID,不同于BSSID,SSID是一个字符串,目前唯一的应用是用户区分同一个AP上不同的用户群或业务。因此即使两个BSS设置有同样的SSID,也并不意味着这两个BSS就属于同一个ESS,SSID没有全局的编码方法。因此,在本发明方法中,采用类似BSSID的定义方法,也使用一个MAC地址来标识一个ESS,称之为ESSID。由于MAC地址具有全局性的唯一标识性,因此不同的ESS可以通过MAC地址来唯一标识,这样,不同的ESS就具有不同的ESSID了。In the method for network identification in the wireless local area network of the present invention, it sets a new ESS mark: extended service set mark ESSID, the sign BSSID that the basic service set BSS of existing 802.11 standard definition adopts is the MAC address of AP . For ESS, SSID is used, which is different from BSSID. SSID is a character string. Currently, the only application is for users to distinguish different user groups or services on the same AP. Therefore, even if two BSSs are set with the same SSID, it does not mean that the two BSSs belong to the same ESS, and there is no global encoding method for SSIDs. Therefore, in the method of the present invention, a definition method similar to BSSID is adopted, and a MAC address is also used to identify an ESS, which is called ESSID. Because the MAC address has a globally unique identifier, different ESSs can be uniquely identified by the MAC address. In this way, different ESSs have different ESSIDs.
具体到本发明方法的一个ESS的实施例中,其ESSID可以是该ESS与外部网络互通的入口地址(Entrance Address)。当该ESS完全是一种孤岛形式,即不与任何外部系统联系时,其ESSID可以设定为MAC广播地址。Specifically, in an ESS embodiment of the method of the present invention, its ESSID may be an entry address (Entrance Address) for intercommunication between the ESS and the external network. When the ESS is completely isolated, that is, not in contact with any external system, its ESSID can be set as the MAC broadcast address.
在本发明方法的一个无线局域网物理网络中,可以只包含一个BSS,也可以只包含一个ESS,或也可以包含多个ESS。并且本发明方法允许一个BSS同时属于多个ESS,例如当该局域网存在多个与外部网络互通的入口时。由于无线局域网中的终端设备具有移动性,因此,无线局域网的架构不同于有线局域网,具有一定的灵活性。ESS与BSS之间的这种灵活的包含关系如图2所示的,BSS#1和BSS#2既属于ESS#1,又属于ESS#2;BSS#1和BSS#2以及BSS#3同属于ESS#1,BSS#1和BSS#2以及BSS#4同属于ESS#2。In a wireless local area network physical network in the method of the present invention, only one BSS may be included, or only one ESS may be included, or multiple ESSs may also be included. And the method of the present invention allows one BSS to belong to multiple ESSs at the same time, for example, when the local area network has multiple entrances to communicate with external networks. Due to the mobility of the terminal equipment in the wireless local area network, the structure of the wireless local area network is different from that of the wired local area network, and has certain flexibility. The flexible inclusion relationship between ESS and BSS is shown in Figure 2.
本发明方法的工作原理包括:在基于ESSID的网络选择中,一个STA接入一个无线局域网存在以下几种情形:1)STA首次接入,不知道该网络的ESSID;2)STA要求接入特定的ESS,获知其ESSID;例如,漫游接入的情形,此时STA已接入特定的ESS,但要求从当前BSS漫游到该ESS内的另一个BSS。The working principle of the method of the present invention includes: in ESSID-based network selection, there are the following situations for a STA to access a wireless local area network: 1) STA accesses for the first time and does not know the ESSID of the network; 2) STA requires access to a specific For example, in the case of roaming access, the STA has already connected to a specific ESS, but requires roaming from the current BSS to another BSS within the ESS.
基于ESSID的网络选择方法就是,在进行信道扫描时,增加参数ESSID。当STA首次接入时,将ESSID设置为MAC广播地址;否则设置为特定的ESSID,即其所属的扩展服务集标识。当参数ESSID为广播地址时,网络选择依赖于其他参数,与现有技术相同。当参数ESSID不为广播地址时,只有当对应信道属于该ESS即拥有与终端同样的ESSID时,才允许同步到对应的ESS,并以该ESSID为参数与系统进行鉴权、关联等处理。The ESSID-based network selection method is to increase the parameter ESSID when performing channel scanning. When the STA accesses for the first time, set the ESSID as the MAC broadcast address; otherwise, set it as a specific ESSID, that is, the extended service set identifier to which it belongs. When the parameter ESSID is the broadcast address, the network selection depends on other parameters, which is the same as the prior art. When the parameter ESSID is not a broadcast address, only when the corresponding channel belongs to the ESS, that is, has the same ESSID as the terminal, it is allowed to synchronize to the corresponding ESS, and use the ESSID as a parameter to perform authentication and association with the system.
本发明方法的无线网络中增加扩展服务集标识ESSID后,可通过在802.11信标(Beacon)帧增加相应域ESS广播该BSS所属于的ESSID,当一个BSS同时属于多个ESS时,该域包含一个ESSID列表;同时802.11探询帧Probe Request可增加相应域ESS携带ESSID,以主动扫描属于相应ESS的BSS;如图3a和图3b所示的,IEEE 802.11 Probe Response增加相应域ESS携带ESSID,当802.11 Probe Request未携带ESSID或ESSID为广播地址时,该域ESSID为该BSS所属的ESSID;或当BSS属于Probe Request所携带的ESSID对应ESS时,该域中ESSID等于Probe Request中对应ESSID值。本发明方法中的被动扫描由BSS对STA发起,而主动扫描由STA主动发起。After adding the extended service set identifier ESSID in the wireless network of the method of the present invention, the ESSID to which the BSS belongs can be broadcast by adding the corresponding domain ESS in the 802.11 beacon (Beacon) frame. When a BSS belongs to multiple ESSs at the same time, the domain includes An ESSID list; at the same time, the 802.11 probe frame Probe Request can add the corresponding domain ESS to carry the ESSID to actively scan the BSS belonging to the corresponding ESS; as shown in Figure 3a and Figure 3b, IEEE 802.11 Probe Response adds the corresponding domain ESS to carry the ESSID, when When the Probe Request does not carry ESSID or ESSID is the broadcast address, the ESSID in this field is the ESSID to which the BSS belongs; or when the BSS belongs to the ESS corresponding to the ESSID carried by the Probe Request, the ESSID in this field is equal to the corresponding ESSID value in the Probe Request. The passive scan in the method of the present invention is initiated by the BSS to the STA, while the active scan is initiated by the STA.
本发明方法在确定ESSID后,802.11鉴权过程及关联过程可以增加ESSID参数,使得鉴权过程及关联过程与ESS关联起来,方便其鉴权。当ESSID为广播地址或该域为空时,上述相关处理流程与原来802.11标准相同。After the ESSID is determined in the method of the present invention, the 802.11 authentication process and the association process can increase the ESSID parameter, so that the authentication process and the association process are associated with the ESS to facilitate its authentication. When the ESSID is a broadcast address or the field is empty, the above-mentioned relevant processing flow is the same as the original 802.11 standard.
当本发明方法设置了参数ESSID之后,就可以将无线局域网对应到一个层级安全架构中,在无线局域网内分为两级:ESS级及BSS级;如图4所示的,所述硬件网络中BSS可以交叉设置架构ESS,一鉴权服务器AS连接该分为两级的硬件网络,终端设备STA分别通过会话密钥PTK与BSS通讯,通过ESS密钥通信连接ESS,通过主密钥连接鉴权服务器AS。After the parameter ESSID is set in the method of the present invention, the wireless local area network can be corresponding to a hierarchical security framework, which is divided into two levels in the wireless local area network: ESS level and BSS level; as shown in Figure 4, in the hardware network The BSS can cross-set the architecture ESS. An authentication server AS connects to the two-level hardware network. The terminal device STA communicates with the BSS through the session key PTK, communicates with the ESS through the ESS key, and connects with the master key for authentication. Server AS.
基于该层级结构,当STA首次接入系统时,STA与鉴权服务器AS之间进行身份认证,协商主密钥MSK,并生成相应的ESS域密钥,以及BSS域密钥即会话密钥PTK。STA与AP之间的会话密钥依据ESS域密钥生成,而ESS域密钥(ESS KEY)则依据STA与AS之间协商的主密钥生成。因此,当STA在一个ESS内的BSS之间漫游时,只需要重新协商会话密钥,不需要802.11i所述预认证或重认证,减少了漫游处理的流程,实现了方便快捷的漫游通信。Based on this hierarchical structure, when a STA accesses the system for the first time, identity authentication is performed between the STA and the authentication server AS, the master key MSK is negotiated, and the corresponding ESS domain key is generated, and the BSS domain key is the session key PTK . The session key between STA and AP is generated based on the ESS domain key, and the ESS domain key (ESS KEY) is generated based on the master key negotiated between STA and AS. Therefore, when a STA roams between BSSs in an ESS, it only needs to renegotiate the session key, and does not need pre-authentication or re-authentication as described in 802.11i, which reduces the roaming process and realizes convenient and fast roaming communication.
在上述本发明的层级架构中,在MSK的生命周期内,可以进行ESS KEY的定期更新,在ESS KEY的生命周期内,允许进行PTK的定期更新。PTK、MSK的定义与IEEE 802.11i的PTK、MSK定义相对应,唯一的差别在于802.11i的PTK根据MSK生成,而本发明方法中的PTK是根据ESS KEY生成的。In the hierarchical structure of the present invention mentioned above, within the life cycle of MSK, regular update of ESS KEY can be performed, and within the life cycle of ESS KEY, regular update of PTK is allowed. The definition of PTK and MSK is corresponding to the definition of PTK and MSK of IEEE 802.11i, the only difference is that the PTK of 802.11i is generated according to MSK, while the PTK in the method of the present invention is generated according to ESS KEY.
本发明方法的各密钥表示了协商双方之间的信任关系,并且须注意的是,上述架构示意图仅示出了本发明方法系统的基本架构,在实际应用中,如所述鉴权服务器可能与所述层级网络之间可以增加其他连接层次,而这些显然也在本发明的技术构思范围内。Each key of the method of the present invention represents the trust relationship between the negotiating parties, and it should be noted that the above schematic diagram only shows the basic structure of the method system of the present invention. In practical applications, if the authentication server may Other connection levels can be added with the hierarchical network, and these are obviously also within the scope of the technical concept of the present invention.
本发明方法对应802.11定义的ESS概念,提供了一种ESS识别方案,即设置一新的参数ESSID,利用MAC地址这一全局性的唯一标识参数,能够唯一的标识不同的ESS,并满足了802.11终端在同一ESS之下快速漫游的需求。The method of the present invention corresponds to the ESS concept defined by 802.11, and provides an ESS identification scheme, that is, setting a new parameter ESSID, using the global unique identification parameter of the MAC address, can uniquely identify different ESSs, and meets the requirements of 802.11 The terminal needs to roam quickly under the same ESS.
本发明方法可基于该唯一标识进行网络选择,并将安全机制对应到一种层级结构,增加ESS-KEY,避免了ESS内跨BSS漫游时802.11i所要求的预认证或重认证,实现漫游更迅速。The method of the present invention can perform network selection based on the unique identifier, and correspond the security mechanism to a hierarchical structure, increase the ESS-KEY, avoid the pre-authentication or re-authentication required by 802.11i when roaming across BSSs in the ESS, and realize roaming more fast.
应当理解的是,上述针对具体实施例的描述较为具体,并不能因此而认为是对本发明专利专利保护范围的限制,本发明的专利保护范围应以所附权利要求为准。It should be understood that the above descriptions for specific embodiments are relatively specific, and should not be considered as limiting the scope of the patent protection of the present invention, and the scope of protection of the patent of the present invention should be determined by the appended claims.
Claims (9)
Priority Applications (4)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200510100430 CN1852192A (en) | 2005-10-21 | 2005-10-21 | Network identifying method in wireless local network |
| PCT/CN2006/002524 WO2007045147A1 (en) | 2005-10-21 | 2006-09-25 | An accessing network method, system and terminal of the wireless local area network terminal |
| CNA2006800123931A CN101160833A (en) | 2005-10-21 | 2006-09-25 | Method, system and terminal for accessing wireless local area network terminal to network |
| US11/584,407 US20070153732A1 (en) | 2005-10-21 | 2006-10-20 | Method for a wireless local area network terminal to access a network, a system and a terminal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200510100430 CN1852192A (en) | 2005-10-21 | 2005-10-21 | Network identifying method in wireless local network |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN1852192A true CN1852192A (en) | 2006-10-25 |
Family
ID=37133662
Family Applications (2)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 200510100430 Pending CN1852192A (en) | 2005-10-21 | 2005-10-21 | Network identifying method in wireless local network |
| CNA2006800123931A Pending CN101160833A (en) | 2005-10-21 | 2006-09-25 | Method, system and terminal for accessing wireless local area network terminal to network |
Family Applications After (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNA2006800123931A Pending CN101160833A (en) | 2005-10-21 | 2006-09-25 | Method, system and terminal for accessing wireless local area network terminal to network |
Country Status (1)
| Country | Link |
|---|---|
| CN (2) | CN1852192A (en) |
Cited By (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101889419A (en) * | 2007-10-08 | 2010-11-17 | 高通股份有限公司 | Setting up a communication node |
| WO2010149072A1 (en) * | 2009-06-25 | 2010-12-29 | 华为技术有限公司 | Method, system for processing information and mobility management network element |
| CN102413200A (en) * | 2011-11-04 | 2012-04-11 | 北京播思软件技术有限公司 | Method and device for customizing wireless hotspot service set identification |
| CN103167586A (en) * | 2013-03-01 | 2013-06-19 | 北京傲天动联技术股份有限公司 | Wireless terminal access and reselecting method based on access point (AP) cluster |
| CN104869621A (en) * | 2015-06-12 | 2015-08-26 | 联想(北京)有限公司 | Method and device for network awareness |
| US9167505B2 (en) | 2007-10-08 | 2015-10-20 | Qualcomm Incorporated | Access management for wireless communication |
| CN105323758A (en) * | 2014-07-02 | 2016-02-10 | 上海新联纬讯科技发展有限公司 | Wireless router extended service identifier service providing method |
| CN102165827B (en) * | 2008-09-25 | 2016-11-16 | 皇家飞利浦电子股份有限公司 | Has the directional discovery protocol of coordinated Channel assignment |
| US9775096B2 (en) | 2007-10-08 | 2017-09-26 | Qualcomm Incorporated | Access terminal configuration and access control |
| CN109845335A (en) * | 2016-10-24 | 2019-06-04 | 索尼公司 | Communication equipment and communication means |
| CN111093198A (en) * | 2015-07-23 | 2020-05-01 | 中移(杭州)信息技术有限公司 | Wireless local area network data transmission method and device |
-
2005
- 2005-10-21 CN CN 200510100430 patent/CN1852192A/en active Pending
-
2006
- 2006-09-25 CN CNA2006800123931A patent/CN101160833A/en active Pending
Cited By (19)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9775096B2 (en) | 2007-10-08 | 2017-09-26 | Qualcomm Incorporated | Access terminal configuration and access control |
| US9055511B2 (en) | 2007-10-08 | 2015-06-09 | Qualcomm Incorporated | Provisioning communication nodes |
| CN101889419A (en) * | 2007-10-08 | 2010-11-17 | 高通股份有限公司 | Setting up a communication node |
| CN107027119A (en) * | 2007-10-08 | 2017-08-08 | 高通股份有限公司 | Provisioning communication nodes |
| US9167505B2 (en) | 2007-10-08 | 2015-10-20 | Qualcomm Incorporated | Access management for wireless communication |
| CN102165827B (en) * | 2008-09-25 | 2016-11-16 | 皇家飞利浦电子股份有限公司 | Has the directional discovery protocol of coordinated Channel assignment |
| WO2010149072A1 (en) * | 2009-06-25 | 2010-12-29 | 华为技术有限公司 | Method, system for processing information and mobility management network element |
| CN101931935B (en) * | 2009-06-25 | 2013-09-11 | 华为技术有限公司 | Terminal access method, network equipment and communication system |
| CN102413200A (en) * | 2011-11-04 | 2012-04-11 | 北京播思软件技术有限公司 | Method and device for customizing wireless hotspot service set identification |
| CN103167586A (en) * | 2013-03-01 | 2013-06-19 | 北京傲天动联技术股份有限公司 | Wireless terminal access and reselecting method based on access point (AP) cluster |
| CN103167586B (en) * | 2013-03-01 | 2015-08-12 | 北京傲天动联技术股份有限公司 | A kind of access of the wireless terminal based on AP cluster and reselecting method |
| CN105323758A (en) * | 2014-07-02 | 2016-02-10 | 上海新联纬讯科技发展有限公司 | Wireless router extended service identifier service providing method |
| CN104869621A (en) * | 2015-06-12 | 2015-08-26 | 联想(北京)有限公司 | Method and device for network awareness |
| CN104869621B (en) * | 2015-06-12 | 2019-01-15 | 联想(北京)有限公司 | A kind of Network Recognition method and apparatus |
| CN111093198A (en) * | 2015-07-23 | 2020-05-01 | 中移(杭州)信息技术有限公司 | Wireless local area network data transmission method and device |
| CN111093198B (en) * | 2015-07-23 | 2023-04-28 | 中移(杭州)信息技术有限公司 | Wireless local area network data sending method and device |
| CN109845335A (en) * | 2016-10-24 | 2019-06-04 | 索尼公司 | Communication equipment and communication means |
| US11160008B2 (en) | 2016-10-24 | 2021-10-26 | Sony Corporation | Communication device and communication method |
| CN109845335B (en) * | 2016-10-24 | 2022-04-19 | 索尼公司 | Communication apparatus and communication method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101160833A (en) | 2008-04-09 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8009626B2 (en) | Dynamic temporary MAC address generation in wireless networks | |
| US7917146B2 (en) | Methods, apparatuses and systems facilitating client handoffs in wireless network systems | |
| EP1653668B1 (en) | Restricted WLAN access for unknown wireless terminal | |
| US7672459B2 (en) | Key distribution and caching mechanism to facilitate client handoffs in wireless network systems | |
| US8174973B2 (en) | Procedure for wireless network management and station supporting the procedure | |
| EP1990967A1 (en) | A method, an apparatus and a wireless local area network for establishing the virtual link and a data transferring method | |
| WO2007045147A1 (en) | An accessing network method, system and terminal of the wireless local area network terminal | |
| US20070002811A1 (en) | Mechanism to enable optimized provision of beacon information in WLAN networks | |
| US20070213029A1 (en) | System and Method for Provisioning of Emergency Calls in a Shared Resource Network | |
| CN101049031A (en) | Media-independent handover (MIH) method featuring a simplified beacon | |
| CN1481651A (en) | Transmission of security associations during mobile terminal handover | |
| CN101160833A (en) | Method, system and terminal for accessing wireless local area network terminal to network | |
| CN1905504A (en) | Method for implementing virtual LAN based on WAPI system in WLAN | |
| CN102281182B (en) | Message processing method, access controller, access point and system in access network | |
| CN101827362B (en) | Method for identifying access point identity, workstation roaming method and related equipment | |
| CA2661050C (en) | Dynamic temporary mac address generation in wireless networks | |
| CN100499673C (en) | Virtual terminal temporary media access control address dynamic altering method | |
| CN100446492C (en) | Method for LAN terminal to access LAN | |
| CN108235386A (en) | A kind of communication means and equipment | |
| CN1859248A (en) | Service cut-in method for radio local network and radio local network system | |
| CN1805391A (en) | Method and apparatus for supporting multiple logical networks in wireless LAN | |
| CN100403717C (en) | A method of network sharing in wireless local area network | |
| CN1805387A (en) | Wireless LAN and method for implementing quick switching between mobile stations |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C12 | Rejection of a patent application after its publication | ||
| RJ01 | Rejection of invention patent application after publication |