[go: up one dir, main page]

CN115038082A - Safety internet access control system and method for optical communication equipment - Google Patents

Safety internet access control system and method for optical communication equipment Download PDF

Info

Publication number
CN115038082A
CN115038082A CN202210644796.9A CN202210644796A CN115038082A CN 115038082 A CN115038082 A CN 115038082A CN 202210644796 A CN202210644796 A CN 202210644796A CN 115038082 A CN115038082 A CN 115038082A
Authority
CN
China
Prior art keywords
equipment
internet
wifi signal
signal strength
white list
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210644796.9A
Other languages
Chinese (zh)
Inventor
张济
王勃
严恒辉
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Baigong Semiconductor Co ltd
Original Assignee
Shanghai Baigong Semiconductor Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Baigong Semiconductor Co ltd filed Critical Shanghai Baigong Semiconductor Co ltd
Priority to CN202210644796.9A priority Critical patent/CN115038082A/en
Publication of CN115038082A publication Critical patent/CN115038082A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • H04W12/088Access security using filters or firewalls
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/101Access control lists [ACL]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04QSELECTING
    • H04Q11/00Selecting arrangements for multiplex systems
    • H04Q11/0001Selecting arrangements for multiplex systems using optical switching
    • H04Q11/0062Network aspects
    • H04Q11/0067Provisions for optical access or distribution networks, e.g. Gigabit Ethernet Passive Optical Network (GE-PON), ATM-based Passive Optical Network (A-PON), PON-Ring
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/63Location-dependent; Proximity-dependent
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/69Identity-dependent
    • H04W12/71Hardware identity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W48/00Access restriction; Network selection; Access point selection
    • H04W48/08Access restriction or access information delivery, e.g. discovery data delivery
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W84/00Network topologies
    • H04W84/02Hierarchically pre-organised networks, e.g. paging networks, cellular networks, WLAN [Wireless Local Area Network] or WLL [Wireless Local Loop]
    • H04W84/10Small scale networks; Flat hierarchical networks
    • H04W84/12WLAN [Wireless Local Area Networks]
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/70Reducing energy consumption in communication networks in wireless communication networks

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Small-Scale Networks (AREA)

Abstract

The invention discloses a safe internet access control system and method of optical communication equipment, relating to the technical field of network safety, the system comprises a detection module, a control module and a management module, wherein the detection module acquires the WiFiMAC address and WiFi signal intensity of the internet access equipment in real time, the control module sets a WiFiMAC address white list of the internet access equipment and a WiFi signal intensity value required by non-white list equipment authentication, by presetting the WiFi signal intensity value and taking the intensity value as a comparison threshold value for authentication processing, and the preset WiFi signal strength value carries the identity information of the PON gateway, and authentication processing is carried out based on the WiFi signal strength of the internet access equipment, whether the internet access equipment is accessed to the internet is controlled, operation and maintenance managers or users of the PON gateway in the management module inquire an MAC address white list and a WiFi signal strength value required by equipment authentication through a remote login system. The invention relates to a safe internet access control system and method of optical communication equipment, which have good protection effect.

Description

Safety internet access control system and method for optical communication equipment
Technical Field
The invention relates to the technical field of network security, in particular to a system and a method for controlling the safe internet access of optical communication equipment.
Background
The communication device refers to all electronic devices used in the network information transmission process, for example: switches, bridges, repeaters, routers, gateways, etc., are also important for network security between communication devices, which generally refers to the security of computer networks and, in fact, may also refer to the security of computer communication networks. The computer communication network is a system which interconnects a plurality of computers with independent functions through communication equipment and transmission media and realizes information transmission and exchange among the computers under the support of communication software. The computer network is a system that connects a plurality of independent computer systems, terminals, and data devices, which are relatively dispersed geographically, by a communication means for the purpose of sharing resources, and performs data exchange under the control of a protocol. The fundamental purpose of computer networks is resource sharing, and communication networks are the way to implement network resource sharing, so that computer networks are secure, and corresponding computer communication networks must also be secure, and information exchange and resource sharing should be implemented for network users. Hereinafter, network security refers to both computer network security and computer communication network security.
When the mobile device is connected with the wireless WiFi, when a new internet access device is connected into the PON gateway, identity identification is required, when WiFi signals are unstable or the distance is large, the connection signals are often weak, the use is very inconvenient, users cannot be reminded in time, the protection effect is poor, the network is easily rubbed by others, and the network is easily attacked illegally by hackers, and protection is required layer by layer, various interception can be carried out to realize safe internet access, so that a new solution is necessary to be provided.
The existing PON gateway authentication system has the defects of inconvenient use, incapability of reminding a user in time, poor protection effect, easiness in being rubbed by others, easiness in being illegally attacked by hackers, and capability of realizing safe internet surfing by various interception, and therefore, a safe internet surfing control system and a safe internet surfing control method of optical communication equipment are provided.
Disclosure of Invention
The invention mainly aims to provide a system and a method for controlling the safe internet access of optical communication equipment, which can effectively solve the defects that the existing PON gateway authentication system in the background art is very inconvenient to use, cannot remind a user in time, has poor protection effect, is easy to be rubbed by others and is easy to be illegally attacked by hackers.
In order to achieve the purpose, the invention adopts the technical scheme that: a safe internet access control system of optical communication equipment comprises a detection module, a control module and a management module, wherein the detection module acquires a WiFi MAC address and a WiFi signal strength of internet access equipment in real time, the control module sets a WiFi MAC address white list of the internet access equipment and a WiFi signal strength value required by non-white list equipment authentication, carries out authentication processing by using the strength value as a comparison threshold value through presetting a WiFi signal strength value, carries identity information of a PON gateway of the PON and carries out authentication processing based on the WiFi signal strength of the internet access equipment to control whether the internet access equipment is accessed to the internet, if the signal strength value of the internet access equipment is greater than the presetting WiFi signal strength value, the internet access equipment is allowed to be networked, the MAC address of the internet access equipment is stored in the MAC address white list, and if the signal strength value of the internet access equipment is less than the presetting WiFi signal strength value, the network equipment is not allowed to be networked and is continuously monitored, an operation and maintenance manager or a user of a PON gateway in the management module remotely logs in a system to inquire an MAC address white list and a WiFi signal intensity value required by equipment authentication, and modifies and adjusts the MAC address white list and the WiFi signal intensity value required by equipment authentication, because the closer the equipment is to the PON gateway, the higher the signal intensity value of the network equipment is, the larger the signal intensity value of the network equipment is, the traditional password verification mode is changed, and any equipment can pass the network authentication only by being close enough to the PON gateway, so that the potential safety hazards of network rubbing, hacker intrusion and the like are fundamentally avoided through the limitation of physical positions, and the safe network access can be realized without layer-by-layer protection and various interception.
The control system is composed of four parts, namely an embedded microprocessor, peripheral hardware equipment, an embedded operating system and an application program of a user, and is used for realizing functions of controlling, monitoring or managing other equipment.
Preferably, when the PON gateway is started, an initial inducing program is started synchronously, and the control system program automatically acquires the PON gateway self-starting permission, so that once the PON gateway is started, the control system runs immediately, an illegal user is guaranteed to utilize the PON gateway to start and invade the PON gateway through a time leak instantly, and the use safety of the PON gateway is improved.
Preferably, the control system further comprises a prompting unit, wherein if the WiFi signal strength is not enough in the prompting unit, a prompting signal is sent to the mobile device, the prompting signal includes pop-up alarm information and prompts that the user needs to be close to the PON gateway, so as to prompt the user, reduce the original cognition of the user on the inherent password authentication of the PON gateway, and make the system more convenient for various users to use.
Preferably, the white list is an SQL database, the WiFi MAC address of the device that allows access to the internet is stored in the white list database, and meanwhile, real-time security protection is performed on the white list database through misuse detection, so that security protection on the WiFi MAC address white list is improved, an illegal user is effectively prevented from directly invading the WiFi MAC address white list, the illegal user is prevented from adding the own MAC address into the MAC address white list, connection and invasion are realized, and the use security of the system is further improved.
A safe internet access control method of optical communication equipment comprises the following steps:
s1: when the PON gateway is started or restarted, the control system is automatically loaded;
s2: when the internet-surfing equipment is wirelessly connected with the PON gateway, the detection module scans and acquires a WiFi MAC address of the internet-surfing equipment and sends the WiFi MAC address to the control module;
s3, the control module performs analysis processing according to the white list: if the WiFi MAC address belongs to the white list of the internet access devices, directly allowing access to the internet, and if the WiFi MAC address does not belong to the white list of the internet access devices, sending the WiFi MAC address of the internet access devices to the detection module;
s4, the detection module searches and acquires the WiFi signal intensity of the internet access equipment and provides the WiFi signal intensity for the control module to carry out authentication;
s5, the control module carries out authentication processing according to the WiFi signal intensity of the internet equipment acquired by the detection module, the WiFi signal intensity of the internet equipment reaches or exceeds a preset signal intensity value, the internet equipment is allowed to be safely accessed to the internet through equipment authentication, the MAC address is added into a white list, the equipment does not need to be authenticated to directly access the internet when surfing next time, and if the WiFi signal intensity of the internet equipment is not enough, a prompt signal pops up on a screen of the prompt unit to prompt a user to enable the internet equipment to approach to the PON gateway;
s6, if the internet access equipment cannot pass the authentication due to insufficient signal strength, the control module adds the internet access equipment to a list of equipment to be authenticated, periodically searches again to obtain the current WiFi signal strength of the equipment and re-authenticates, and passes the equipment authentication if the new signal strength reaches or exceeds the preset WiFi signal strength value; if the signal intensity is still insufficient, information reminding is continuously popped up;
s7, the network access equipment which does not pass the authentication is shut down or is far away from the PON gateway, so that the PON gateway cannot interrupt the wireless connection of the network access equipment, the control module deletes the network access equipment from the list of the equipment to be authenticated, and the authentication of the network access equipment is finished;
and S8, allowing operation and maintenance personnel or users to remotely log in the control system by the management module, and inquiring the WiFi signal strength value required by the authentication of the MAC address white list and non-white list equipment.
Preferably, the preset WiFi signal strength value in step S5 is a comparison threshold, an operation and maintenance person or a user remotely logs in the control system and adjusts the preset WiFi signal strength value of the PON gateway, and a user automatically adjusts and controls the preset WiFi signal strength value according to the size of the room area, so that the PON gateway is more convenient to use and more accurate in connection, for example, the room size is 10m away from the PON gateway, and the preset WiFi signal strength value of the PON gateway in the room is set according to the signal strength value 10m away from the PON gateway, thereby ensuring that all internet access devices in the room can connect to the PON gateway.
Preferably, the wifi MAC address of the internet access device is an ethernet physical layer address, and the same internet access device has a unique wifi MAC address and cannot be changed, so that the user is prevented from changing the wifi MAC address into a MAC address in a white list, and the security of the system use is further improved.
Compared with the prior art, the invention has the following beneficial effects:
in the invention, a safe internet access control system is arranged, a detection module, a control module and a management module are arranged in the control system, the detection module acquires a WiFi MAC address and a WiFi signal strength of internet access equipment in real time, the control module sets a WiFi MAC address white list of the internet access equipment and a WiFi signal strength value required by non-white list equipment authentication, authentication processing is carried out by using the preset WiFi signal strength value as a comparison threshold value through the preset WiFi signal strength value, the preset WiFi signal strength value carries identity information of a gateway of the PON, authentication processing is carried out based on the WiFi signal strength of the internet access equipment to control whether the internet access equipment is accessed to the internet, if the signal strength value of the internet access equipment is greater than the preset WiFi signal strength value, the internet access equipment is allowed to be networked, the MAC address of the internet access equipment is stored in the MAC address white list, and if the signal strength value of the internet access equipment is less than the preset WiFi signal strength value, the network access equipment is not allowed to be networked and is continuously monitored, an operation and maintenance manager or a user of a PON gateway in a management module inquires an MAC address white list and a WiFi signal intensity value required by equipment authentication through a remote login system, and modifies and adjusts the MAC address white list and the WiFi signal intensity value required by equipment authentication, and the signal intensity value of the network access equipment is larger as the equipment is closer to the PON gateway.
Drawings
Fig. 1 is a flowchart of a secure internet access control method of an optical communication device according to the present invention;
FIG. 2 is an enlarged view of a portion of FIG. 1A;
FIG. 3 is an enlarged view of a portion of FIG. 1 at B according to the present invention;
fig. 4 is a system block diagram of a secure internet access control system of an optical communication device according to the present invention.
Detailed Description
In order to make the technical means, the creation characteristics, the achievement purposes and the effects of the invention easy to understand, the invention is further described with the specific embodiments.
In the description of the present invention, it should be noted that the terms "upper", "lower", "inner", "outer", "front", "rear", "both ends", "one end", "the other end", and the like indicate orientations or positional relationships based on orientations or positional relationships shown in the drawings, and are only for convenience of description and simplification of description, but do not indicate or imply that the device or element referred to must have a specific orientation, be configured in a specific orientation, and operate, and thus, should not be construed as limiting the present invention. Furthermore, the terms "first," "second," and the like are used for descriptive purposes only and are not to be construed as indicating or implying relative importance.
In the description of the present invention, it is to be noted that, unless otherwise explicitly specified or limited, the terms "mounted," "disposed," "connected," and the like are to be construed broadly, such as "connected," which may be fixedly connected, detachably connected, or integrally connected; can be mechanically or electrically connected; they may be connected directly or indirectly through intervening media, or they may be interconnected between two elements. The specific meanings of the above terms in the present invention can be understood in specific cases to those skilled in the art.
Referring to fig. 1-4, the present invention is a secure internet access control system for an optical communication device, the control system includes a detection module, a control module and a management module, the detection module obtains a WiFi MAC address and a WiFi signal strength of an internet access device in real time, the control module sets a WiFi MAC address white list of the internet access device and a WiFi signal strength value required for non-white list device authentication, performs authentication processing by presetting the WiFi signal strength value and using the strength value as a comparison threshold, and the preset WiFi signal strength value carries identity information of a PON gateway itself and performs authentication processing based on the WiFi signal strength of the internet access device to control whether the internet access device accesses the internet, if the internet access device signal strength value is greater than the preset WiFi signal strength value, the internet access device is allowed to be networked, and the MAC address of the internet access device is stored in the MAC address white list, if the signal intensity value of the internet equipment is smaller than the preset WiFi signal intensity value, the internet equipment is not allowed to be networked and is continuously monitored, operation and maintenance management personnel or users of a PON gateway in a management module inquire an MAC address white list and a WiFi signal intensity value required by equipment authentication through a remote login system, and modify and adjust the MAC address white list and the WiFi signal intensity value required by equipment authentication.
The control system is composed of four parts, namely an embedded microprocessor, peripheral hardware equipment, an embedded operating system and an application program of a user, and is used for realizing the functions of controlling, monitoring or managing other equipment.
The method comprises the steps that when the PON gateway is started, an initial inducing program is started synchronously, a control system is started synchronously, the control system program automatically acquires the PON gateway self-starting authority, the control system is guaranteed to run immediately once the PON gateway is started, an illegal user is guaranteed to utilize the PON gateway to start and invade the PON gateway through time holes instantly, and the use safety of the PON gateway is improved.
The control system further comprises a prompting unit, if the WiFi signal strength is insufficient in the prompting unit, a prompting signal is sent to the mobile device, the prompting signal comprises popup alarm information and prompts that a user needs to be close to the PON gateway, the user is reminded, the original cognition of the user on the inherent password authentication of the PON gateway is reduced, and the system is more convenient for various users to use.
The white list is an SQL (structured query language) database, WiFi MAC addresses of devices which are allowed to access to the Internet are stored in the white list database, real-time safety protection is conducted on the white list database through misuse detection, safety protection on the WiFi MAC address white list is improved, illegal users are effectively prevented from directly invading the WiFi MAC address white list, the fact that the illegal users add MAC addresses to the MAC address white list is avoided, connection and invasion are achieved, and use safety of the system is further improved.
A safe internet access control method of optical communication equipment comprises the following steps:
s1: when the PON gateway is started or restarted, the control system is automatically loaded;
s2: when the internet-surfing equipment is wirelessly connected with the PON gateway, the detection module scans and acquires a WiFi MAC address of the internet-surfing equipment and sends the WiFi MAC address to the control module;
s3, the control module performs analysis processing according to the white list: if the WiFi MAC address belongs to the white list of the internet access equipment, directly allowing access to the internet, and if the WiFi MAC address does not belong to the white list of the internet access equipment, sending the WiFi MAC address of the internet access equipment to the detection module;
s4, the detection module searches and acquires the WiFi signal intensity of the internet access equipment and provides the WiFi signal intensity for the control module to authenticate;
s5, the control module carries out authentication processing according to the WiFi signal strength of the internet equipment acquired by the detection module, the WiFi signal strength of the internet equipment reaches or exceeds a preset signal strength value, the internet equipment is allowed to be safely accessed to the internet through equipment authentication, the MAC address is added into a white list, the equipment does not need to be authenticated to directly access the internet when surfing next time, and if the WiFi signal strength of the internet equipment is not enough, a prompting signal pops up on a screen of a prompting unit to prompt a user to enable the internet equipment to approach to a PON gateway;
s6, if the internet equipment cannot pass the authentication due to insufficient signal strength, the control module adds the internet equipment to a list of equipment to be authenticated, periodically searches again to obtain the current WiFi signal strength of the equipment and re-authenticates the equipment, and if the new signal strength reaches or exceeds a preset WiFi signal strength value, the equipment passes the authentication; if the signal intensity is still insufficient, information reminding is continuously popped up;
s7, the network access equipment which does not pass the authentication is shut down or is far away from the PON gateway, so that the PON gateway cannot interrupt the wireless connection of the network access equipment, the control module deletes the network access equipment from the list of the equipment to be authenticated, and the authentication of the network access equipment is finished;
and S8, allowing operation and maintenance personnel or users to remotely log in the control system by the management module, and inquiring the WiFi signal strength value required by the authentication of the MAC address white list and non-white list equipment.
Wherein, the WiFi signal intensity value that predetermines in step S5 is the contrast threshold value, operation and maintenance personnel or user long-range login this control system and adjust the predetermined WiFi signal intensity value size of this PON gateway, and user' S self-regulation according to the regional size in room regulates and control predetermined WiFi signal intensity value size for more convenient to use, it is more accurate to connect, for example, room size is apart from PON gateway 10m, according to the signal intensity value size apart from PON gateway 10m, set for the predetermined WiFi signal intensity value size of PON gateway in this room, guarantee that this PON gateway can be connected to whole online equipment in this room.
The WiFiMAC address of the internet equipment is an Ethernet physical layer address, and the same internet equipment has a unique WiFiMAC address which cannot be changed, so that a user is prevented from changing the WiFiMAC address into an MAC address in a white list, and the use safety of the system is further improved.
The foregoing shows and describes the general principles and broad features of the present invention and advantages thereof. It will be understood by those skilled in the art that the present invention is not limited to the embodiments described above, which are described in the specification and illustrated only to illustrate the principle of the present invention, but that various changes and modifications may be made therein without departing from the spirit and scope of the present invention, which fall within the scope of the invention as claimed. The scope of the invention is defined by the appended claims and equivalents thereof.

Claims (8)

1. The utility model provides a safe online control system of optical communication equipment which characterized in that: the control system comprises a detection module, a control module and a management module, wherein the detection module acquires a WiFi MAC address and a WiFi signal strength of the Internet access equipment in real time, the control module sets a WiFiMAC address white list of the Internet access equipment and a WiFi signal strength value required by non-white list equipment authentication, carries out authentication processing based on the WiFi signal strength of the Internet access equipment and controls whether the Internet access equipment is accessed to the Internet, and an operation and maintenance manager or a user of a PON gateway in the management module remotely logs in the system to inquire the MAC address white list and the WiFi signal strength value required by equipment authentication and modify and adjust the MAC address white list and the WiFi signal strength value required by equipment authentication.
2. The system of claim 1, wherein the system comprises: the control system writes an embedded program into a code, the embedded program is installed in a CPU inside the PON gateway, and the program is provided with an initial inducing program which acquires the self-starting authority of the PON gateway in advance.
3. The system of claim 2, wherein the system comprises: and synchronously starting an initial inducing program and synchronously starting the control system when the PON gateway is started.
4. The system of claim 1, wherein the system comprises: the control system further comprises a prompting unit, if the WiFi signal strength is not enough in the prompting unit, a prompting signal is sent to the mobile device, and the prompting signal comprises pop-up alarm information and prompts a user to be close to the PON gateway.
5. The system of claim 1, wherein the system comprises: the white list is an SQL database, WiFi MAC addresses of devices which are allowed to access to the Internet are stored in the white list database, and meanwhile real-time safety protection is conducted on the white list database through misuse detection.
6. A safe internet access control method of optical communication equipment is characterized in that: the method comprises the following steps:
s1: when the PON gateway is started or restarted, a control system is automatically loaded, and the control system is the control system in any one of claims 1-4;
s2: when the internet-surfing equipment is wirelessly connected with the PON gateway, the detection module scans and acquires a WiFi MAC address of the internet-surfing equipment and sends the WiFi MAC address to the control module;
s3, the control module performs analysis processing according to the white list: if the WiFi MAC address belongs to the white list of the internet access devices, directly allowing access to the internet, and if the WiFi MAC address does not belong to the white list of the internet access devices, sending the WiFi MAC address of the internet access devices to the detection module;
s4, the detection module searches and acquires the WiFi signal intensity of the internet equipment and provides the WiFi signal intensity for the control module to authenticate;
s5, the control module carries out authentication processing according to the WiFi signal intensity of the internet equipment acquired by the detection module, the WiFi signal intensity of the internet equipment reaches or exceeds a preset signal intensity value, safe access to internet is allowed through equipment authentication, the MAC address is added into a white list, the equipment does not need authentication to directly surf the internet when surfing the internet next time, and if the WiFi signal intensity of the internet equipment is not enough, a prompting signal pops up on a screen of the prompting unit to prompt a user to enable the internet equipment to be close to the PON gateway;
s6, if the internet access equipment cannot pass the authentication due to insufficient signal strength, the control module adds the internet access equipment to a list of equipment to be authenticated, periodically searches again to obtain the current WiFi signal strength of the equipment and re-authenticates, and passes the equipment authentication if the new signal strength reaches or exceeds the preset WiFi signal strength value; if the signal intensity is still insufficient, information reminding is continuously popped up;
s7, the network access equipment which does not pass the authentication is shut down or is far away from the PON gateway, so that the PON gateway cannot interrupt the wireless connection of the network access equipment, the control module deletes the network access equipment from the list of the equipment to be authenticated, and the authentication of the network access equipment is finished;
and S8, allowing operation and maintenance personnel or users to remotely log in the control system by the management module, and inquiring the WiFi signal strength value required by the authentication of the MAC address white list and non-white list equipment.
7. The method according to claim 5, wherein the method comprises: in step S5, when the preset WiFi signal strength value is the comparison threshold, the operation and maintenance personnel or the user remotely logs in the control system and adjusts the preset WiFi signal strength value of the PON gateway.
8. The method according to claim 6, wherein the method comprises: the WiFiMAC address of the internet-surfing equipment is an Ethernet physical layer address, and the same internet-surfing equipment has a unique WiFiMAC address and cannot be changed.
CN202210644796.9A 2022-06-08 2022-06-08 Safety internet access control system and method for optical communication equipment Pending CN115038082A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210644796.9A CN115038082A (en) 2022-06-08 2022-06-08 Safety internet access control system and method for optical communication equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210644796.9A CN115038082A (en) 2022-06-08 2022-06-08 Safety internet access control system and method for optical communication equipment

Publications (1)

Publication Number Publication Date
CN115038082A true CN115038082A (en) 2022-09-09

Family

ID=83123165

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210644796.9A Pending CN115038082A (en) 2022-06-08 2022-06-08 Safety internet access control system and method for optical communication equipment

Country Status (1)

Country Link
CN (1) CN115038082A (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2013198130A (en) * 2012-03-22 2013-09-30 Fujitsu Fip Corp Authentication device and authentication method
WO2016101729A1 (en) * 2014-12-26 2016-06-30 北京奇虎科技有限公司 Wireless network access method, device and system
US20160227591A1 (en) * 2015-02-04 2016-08-04 Jiransoft Co., Ltd. Wireless lan connection method using signal strength
WO2016184380A1 (en) * 2015-05-19 2016-11-24 中兴通讯股份有限公司 Processing method and device for network access

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2013198130A (en) * 2012-03-22 2013-09-30 Fujitsu Fip Corp Authentication device and authentication method
WO2016101729A1 (en) * 2014-12-26 2016-06-30 北京奇虎科技有限公司 Wireless network access method, device and system
US20160227591A1 (en) * 2015-02-04 2016-08-04 Jiransoft Co., Ltd. Wireless lan connection method using signal strength
WO2016184380A1 (en) * 2015-05-19 2016-11-24 中兴通讯股份有限公司 Processing method and device for network access

Similar Documents

Publication Publication Date Title
US20190188993A1 (en) Integrated physical and logical security management via a portable device
CN110035048B (en) Method for controlling access to in-vehicle wireless network
US7817994B2 (en) Secure control of wireless sensor network via the internet
EP2869614B1 (en) Processing method of wireless network equipment, wireless network equipment and processor thereof
KR101910605B1 (en) System and method for controlling network access of wireless terminal
CN110519306B (en) Equipment access control method and device of Internet of things
US20040064727A1 (en) Method and apparatus for enforcing network security policies
CN104754582B (en) Safeguard the client and method of BYOD safety
US11683312B2 (en) Client device authentication to a secure network
US10068077B2 (en) False alarm avoidance
KR20080065299A (en) Integrated network and physical premises access control server
KR102010488B1 (en) SYSTEM AND METHOD FOR SECURE IoT TERMINAL REMOTE ACCESS AND IP ADDRESS ALLOTING METHOD
CN109496411B (en) Method and system for improving network security
JP2008500632A (en) Network system and method for providing an ad hoc access environment
US20180248892A1 (en) Location-Based Continuous Two-Factor Authentication
US8103756B2 (en) Network access device capability alert mechanism
US20210243188A1 (en) Methods and apparatus for authenticating devices
CN106685843B (en) A method of security hardening router
CN104702562A (en) Terminal fusion service access method, terminal fusion service access system, and terminal
CN109547402B (en) Data protection method and device, electronic equipment and readable storage medium
CN110598388A (en) Method for controlling login access of authority system
CN110611913A (en) Nuclear power plant wireless network access method, system management platform and access system
GB2582617A (en) A computing device, method and system for controlling the accessibility of data
CN115038082A (en) Safety internet access control system and method for optical communication equipment
CN106488449A (en) A kind of management method of Wireless Telecom Equipment and Wireless Telecom Equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20220909