CN102104527B - Access control method and equipment - Google Patents
Access control method and equipment Download PDFInfo
- Publication number
- CN102104527B CN102104527B CN 200910254362 CN200910254362A CN102104527B CN 102104527 B CN102104527 B CN 102104527B CN 200910254362 CN200910254362 CN 200910254362 CN 200910254362 A CN200910254362 A CN 200910254362A CN 102104527 B CN102104527 B CN 102104527B
- Authority
- CN
- China
- Prior art keywords
- account
- connection
- access
- terminal
- internet
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Abstract
The invention provides an access control method, which is used for solving the problems of control operation difficulties and personal management restraints of the prior art in control over the network access of a user. The method comprises the following steps of: checking a terminal which tries to access to the Internet; accessing the terminal to the Internet if the terminal passes through the checking, and establishing a corresponding relation between a checking code by which the terminal passes through checking and a unique identification code of the terminal; and managing the Internet access of an account according to the corresponding relation between the unique identification code and the checking code. In the method, a healthy surfing environment can be constructed; moreover, the Internet access of the terminal can be controlled on the access control equipment by text account management instead of terminal management, so the method is applicable to the actual operation level of most users; meanwhile, different text accounts are endowed with different authorities having smaller particles, so the management is actually detailed and becomes more personal.
Description
Technical field
The present invention relates to network field, be specifically related to a kind of connection control method and access control equipment.
Background technology
The benefit that the development of Internet (Internet) technology brings to the modern life is to provide the resource of magnanimity to access easily for people, especially home network enters average family and personal computer (PC, Personal Computer), the popularizing of the various terminals such as mobile phone, this facility by the Internet Gains resources is more obvious.Yet, because the upper resource of Internet is very different, sometimes be necessary the certain user is limited, for example, the guardian need to limit or monitor the minor and access poor sources on the Internet.
The method of the upper resource of a kind of restricting user access Internet of prior art is to be undertaken by the software on the terminals such as PC.Need to collect certain expense owing to using software, perhaps, software has intellectual property, can not arbitrarily use, therefore, this method of controlling access Internet by the application software on the PC is not calculated, and the user who has better computer technology may also can invade unintentionally other people intellectual property.
Because terminal need to could access Internet by access control equipment, therefore, another kind of Innovative method is to control the user by access control equipment to access Internet.For example, by arranging at access control equipment, limit some media interviews control (MAC, Media Access Control) terminal access Internet corresponding to address.
Although said method decreases in expense (because not needing the function of access control equipment is paid separately) with respect to the access Internet by the software control user on the terminals such as PC, but this method is based on MAC Address carries out, this all is difficult to most people, because the monitor must know the MAC Address that is limited terminal and just can arrange, and this set just limit simply this terminal can access network, in fact limit all and used user or the account of this terminal, lost personal management.
Summary of the invention
The embodiment of the invention provides a kind of connection control method and access control equipment, and control is not easy to operate, limit the problem of personal management when being used for solving prior art control user access network.
A kind of connection control method comprises: the terminal of attempting to access Internet is carried out verification; If described verification is passed through, then with described terminal access Internet, set up the corresponding relation of check code that described verification passes through and the unique identification code of described terminal, described check code for the account/password of user's setting to or described check code be account; Follow the tracks of each connection that described account was accessed take described unique identification code as keyword; Connect/the account mapping table, described connection/account mapping table has been preserved the linkage record of described account access; The connection that described account was accessed limits.
A kind of access control equipment comprises: correction verification module is used for the terminal of attempting to access Internet is carried out verification; The corresponding relation creation module, when being used for verification that described correction verification module carries out the terminal of attempting to access Internet and passing through, set up the corresponding relation of the unique identification code of check code that described verification passes through and described terminal, account/password that described check code arranges for the user to or described check code be account; Tracking cell is for follow the tracks of each connection that described account was accessed take described unique identification code as keyword; Connection/account mapping table is set up the unit, is used for connecting/the account mapping table, and described connection/account mapping table has been preserved the linkage record of described account access; Limiting unit, the connection that is used for described account was accessed limits.
The embodiment of the invention is set up the corresponding relation of the unique identification code of check code that described verification passes through and described terminal by the terminal that verification is passed through, according to the corresponding relation of described unique identification code and described check code, manage described account to the access of Internet.Because the present invention controls by the access Internet to terminal on access control equipment, can build healthy online environment, and, only by realizing just that to the text account rather than to the management of terminal the access Internet to terminal controls on access control equipment, be applicable to most of users' practical operation level, and for different text accounts, give particle less different rights, in fact refinement management, make management more personalized.
Description of drawings
Fig. 1 is a kind of connection control method schematic flow sheet that the embodiment of the invention provides;
Fig. 2 is a kind of access control equipment logical construction schematic diagram that the embodiment of the invention provides.
Embodiment
The embodiment of the invention provides a kind of connection control method, set up the corresponding relation of the unique identification code of check code that described verification passes through and described terminal by the terminal that verification is passed through, according to the corresponding relation of described unique identification code and described check code, manage described account to the access of Internet.The embodiment of the invention also provides corresponding access control equipment.Below be elaborated respectively.
Please refer to Fig. 1, a kind of connection control method basic procedure schematic diagram that the embodiment of the invention provides mainly comprises:
Step S101 carries out verification to the terminal of attempting to access Internet.
Usually, terminal accesses Internet by access control equipment.In embodiments of the present invention, for example before the pc access Internet, access control equipment pushes out first login interface for user's input validation code to terminal, then the check code of user's input carried out verification, only have the correct check code of input, verification could be passed through, and terminal could access Internet.Check code can be account/password of arranging of user oneself pair, also can be for example account of key message, but not need password.In embodiments of the present invention, account is to provide with text account form.Like this, the present invention will be converted into to the restriction of whole terminal the restriction to account, both make things convenient for different user, also to the further refinement of management of terminal of access.
Step S102 if described verification is passed through, then with described terminal access Internet, sets up the corresponding relation of the unique identification code of check code that described verification passes through and described terminal.
Verification is passed through, and then this user is validated user, allows terminal access Internet.Usually, terminal has a unique identification code that is used for this terminal of unique identification, for example, and the MAC Address of PC, IP address etc.In embodiments of the present invention, access control equipment can further be set up the corresponding relation of the unique identification code of check code that described verification passes through and described terminal.So, follow-up access control equipment can use the unique identification code to carry out as keyword to the tracking of this account.
Step S103 according to the corresponding relation of described unique identification code and described check code, manages this account to the access of Internet.
Managing this account can be that the period of this account access Internet is controlled to the access of Internet, stipulates which section period can access Internet, and which section period cannot be accessed Internet; Also can be that total duration of this account access Internet is controlled, these controls be presented as the restrict access to the upper resource of all Internet.
Further, also can:
Unique identification code take terminal is followed the tracks of each connection that account was accessed as keyword, and for example, according to the port of HTTP, follow the tracks of each HTTP and connect, perhaps, and according to different service ports, the linkage record of tracking assets (bt, electric donkey, a sudden peal of thunder and p etc.);
Connect/the account mapping table, connection/account mapping table has been preserved the linkage record of account access, also can be understood as the connection that account was accessed and correspond under this account, the result that these actions are finished has set up connection/account mapping table exactly;
The connection that account was accessed limits.
Above-mentioned described account access Internet is managed is embodied in the part restriction of the upper resource of Internet or the restriction that part is connected, for example, the website filter or disable access certain connect etc.
In embodiments of the present invention, same terminal can have a plurality of accounts.Access control equipment can generate a control tabulation for each account, tabulates to realize that by the control of each account the connection to this account was accessed limits.The control tabulation comprises the restriction project that this account access Internet is done, comprise the setting that described account connects access, for example, can account name and password, the time period of control online, total duration of controlling online, tracking internet records be set separately and filter website etc. each account, these projects can limit by control tabulation, embodiment be a kind of management to the account authority.
Certainly, also can be according to user's needs, the connection that account was accessed is added into the control tabulation, allows this account that the management of this connection is directly limited to realize by the project in the control tabulation.
In the prior art, the user needs manual unlocking browser login related web site, realizes the online demand of oneself, as sees a film, and downloads software, search information etc.This online that has reduced to a certain extent the user is experienced, for example, for a user who likes seeing a film at www.kankan.com, each online all needs manually to go for asks this network address, and it is a kind of contusion that the identical operation of time execution that spends about a minute is experienced the user.
Unlike the prior art, in embodiments of the present invention, can be according to the linkage record in the connection/account mapping table, the connection of accessing is sorted, analyzed, obtain user's online preference, for example, the connection that visiting frequency is high may be exactly that the user relatively connects at the webpage place of preference, therefore, before the connection ordering extremely that visiting frequency is high.After terminal is by verification, for example,, will in connections/account mapping table, sort to the user of front connection active push to the described account of use during Internet by access after the verification of an account.So, the user can directly access resource on the Internet by the connection of active push when using the account login, saves thus the user and opens certain frequent time of the website of access of browser access, promotes the user and experiences.
In order to save the internal memory of access control equipment, and adapt to user interest drift, in embodiments of the present invention, can also be set as the update cycle of connection/account mapping table a rational time.The linkage record holding time in connection/account mapping table reaches the update cycle, then linkage record is upgraded automatically.For example, can be set the rational time (for example, a week), if at this within reasonable time, find that some connects the account that never quilt is corresponding and accessed, and has reason then to think that the user of this account of use is no longer interested in these connections.In these cases, just can the linkage record in the connection/account mapping table be upgraded, delete these at this linkage record of never being accessed by corresponding account within reasonable time.
From above-described embodiment as can be known, the present invention controls by the access Internet to terminal on access control equipment, can build healthy online environment, and, only just can realize by the management to the text account, be applicable to most of users' practical operation level.In addition, owing to being to realize that by different accounts rather than terminal the user is accessed Internet to be controlled, in fact refinement management, make management more personalized, also save the time that the user opens certain website of often accessing of browser access and automatically push the interested connection of user, promoted user's experience.
See also Fig. 2, a kind of access control equipment basic logical structure schematic diagram that the embodiment of the invention provides.For convenience of explanation, only show the part relevant with the embodiment of the invention.Functional module among this embodiment or functional unit can make software module/unit, hardware module/unit or the software and hardware module/unit that combines, and the present invention does not limit.
This access control equipment comprises correction verification module 21, corresponding relation creation module 22 and account management module 23.
Corresponding relation creation module 22, be used for 21 pairs of described correction verification modules attempt to access verification that the terminal of Internet carries out by the time, set up the corresponding relation of the unique identification code of check code that described verification passes through and described terminal.Usually, terminal has the unique identification code of this terminal of unique identification, for example, and the MAC Address of PC, IP address etc.In embodiments of the present invention, corresponding relation creation module 22 can be set up the corresponding relation of the unique identification code of check code that described verification passes through and described terminal further.Like this, follow-up access control equipment can use the unique identification code to carry out as keyword to the tracking of this account.
Connection/account mapping table is set up unit 232, is used for connecting/account mapping table 27, and wherein, connection/account mapping table 27 has been preserved the linkage record of account access;
Limiting unit 233 limits for the connection that account was accessed, and for example, to the part restriction of the upper resource of Internet or the restriction that part is connected, for example, certain connects website filtration or disable access etc.
Described access control equipment also comprises:
From above-described embodiment as can be known, the present invention controls by the access Internet to terminal on access control equipment, can build healthy online environment, and, only just can realize by the management to the text account, be applicable to most of users' practical operation level.In addition, owing to being to realize that by different accounts rather than terminal the user is accessed Internet to be controlled, in fact refinement management, make management more personalized, also save the time that the user opens certain website of often accessing of browser access and automatically push the interested connection of user, promoted user's experience.
One of ordinary skill in the art will appreciate that all or part of step in the whole bag of tricks of above-described embodiment is to come the relevant hardware of instruction finish by program, this program can be stored in the computer-readable recording medium, storage medium can comprise: read-only memory (ROM, Read Only Memory), random access memory (RAM, Random Access Memory), disk or CD etc.
Above connection control method and the access control equipment that the embodiment of the invention is provided is described in detail, used specific case herein principle of the present invention and execution mode are set forth, the explanation of above embodiment just is used for helping to understand method of the present invention and core concept thereof; Simultaneously, for one of ordinary skill in the art, according to thought of the present invention, all will change in specific embodiments and applications, in sum, this description should not be construed as limitation of the present invention.
Claims (8)
1. a connection control method is characterized in that, comprising:
The terminal of attempting to access Internet is carried out verification;
If described verification is passed through, then with described terminal access Internet, set up the corresponding relation of check code that described verification passes through and the unique identification code of described terminal, described check code for the account/password of user's setting to or described check code be account;
Follow the tracks of each connection that described account was accessed take described unique identification code as keyword;
Connect/the account mapping table, described connection/account mapping table has been preserved the linkage record of described account access;
The connection that described account was accessed limits.
2. method according to claim 1 is characterized in that, the described connection that described account was accessed limits and comprises:
Generate the control tabulation of described account, described control tabulation comprises the restriction project that described account access Internet is done, and comprises the setting that described account connects access;
According to user's needs, the connection that described account was accessed is added into described control tabulation.
3. method according to claim 1 is characterized in that, also comprises according to the linkage record in described connection/account mapping table, and the connection of described access is sorted, before the connection ordering extremely that visiting frequency is high.
4. method according to claim 3 is characterized in that, also be included in described terminal by verification after access during Internet, give the user who uses described account to front connection active push with described ordering.
5. method according to claim 1 is characterized in that, also comprises:
Regularly automatically upgrade the linkage record in described connection/account mapping table.
6. method according to claim 1 is characterized in that, described unique identification code is MAC Address or IP address.
7. an access control equipment is characterized in that, comprising:
Correction verification module is used for the terminal of attempting to access Internet is carried out verification;
The corresponding relation creation module, when being used for verification that described correction verification module carries out the terminal of attempting to access Internet and passing through, set up the corresponding relation of the unique identification code of check code that described verification passes through and described terminal, account/password that described check code arranges for the user to or described check code be account;
Tracking cell is for follow the tracks of each connection that described account was accessed take described unique identification code as keyword;
Connection/account mapping table is set up the unit, is used for connecting/the account mapping table, and described connection/account mapping table has been preserved the linkage record of described account access;
Limiting unit, the connection that is used for described account was accessed limits.
8. access control equipment according to claim 7 is characterized in that, described access control equipment also comprises:
Order module, the linkage record for the connection of setting up unit foundation according to described connection/account mapping table/account mapping table sorts to the connection of described access, before the connection ordering extremely that visiting frequency is high;
Pushing module is used for giving the user who uses described account to front connection active push with ordering in the described order module when described terminal accesses Internet by verification;
Update module is used for regularly automatically upgrading the linkage record that described connection/account mapping table is set up the connection of unit foundation/account mapping table.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200910254362 CN102104527B (en) | 2009-12-22 | 2009-12-22 | Access control method and equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200910254362 CN102104527B (en) | 2009-12-22 | 2009-12-22 | Access control method and equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102104527A CN102104527A (en) | 2011-06-22 |
| CN102104527B true CN102104527B (en) | 2013-04-17 |
Family
ID=44157068
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 200910254362 Active CN102104527B (en) | 2009-12-22 | 2009-12-22 | Access control method and equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102104527B (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103188241A (en) * | 2011-12-31 | 2013-07-03 | 上海第九城市信息技术有限公司 | User account management method based on mobile intelligent terminal number |
| CN102999713A (en) * | 2012-11-15 | 2013-03-27 | 沈阳中科博微自动化技术有限公司 | Multi-user remote data operating method with authority management |
| CN105099983B (en) * | 2014-04-16 | 2018-11-09 | 阿里巴巴集团控股有限公司 | authorization method, authority setting method and device |
| CN104852915B (en) * | 2015-04-30 | 2019-02-22 | Oppo广东移动通信有限公司 | A kind of upper network control method and equipment |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6523067B2 (en) * | 1999-01-19 | 2003-02-18 | Intel Corporation | System and method for using internet based caller ID for controlling access to an object stored in a computer |
| CN1728646A (en) * | 2004-07-31 | 2006-02-01 | 华为技术有限公司 | Method and equipment of implementation for controlling network access in communication system |
| CN101442793A (en) * | 2008-12-30 | 2009-05-27 | 杭州华三通信技术有限公司 | Access method, apparatus and system for wireless network |
-
2009
- 2009-12-22 CN CN 200910254362 patent/CN102104527B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6523067B2 (en) * | 1999-01-19 | 2003-02-18 | Intel Corporation | System and method for using internet based caller ID for controlling access to an object stored in a computer |
| CN1728646A (en) * | 2004-07-31 | 2006-02-01 | 华为技术有限公司 | Method and equipment of implementation for controlling network access in communication system |
| CN101442793A (en) * | 2008-12-30 | 2009-05-27 | 杭州华三通信技术有限公司 | Access method, apparatus and system for wireless network |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102104527A (en) | 2011-06-22 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9021564B2 (en) | Method and apparatus to assist user input based on a mobile terminal browser | |
| CN110113360B (en) | Single set of credentials for accessing multiple computing resource services | |
| CN104025539B (en) | The method and apparatus for promoting single-sign-on services | |
| CN102447677B (en) | Resource access control method, system and equipment | |
| CN108234475B (en) | Account management method, electronic equipment and computer storage medium | |
| JP5019653B2 (en) | System and method for managing distribution of Internet content | |
| JP2016520887A (en) | Content, service aggregation, management and presentation system | |
| WO2015179406A1 (en) | Restricted accounts on a mobile platform | |
| CN105659558A (en) | Multiple resource servers with single, flexible, pluggable OAuth server and OAuth-protected RESTful OAuth consent management service, and mobile application single sign on OAuth service | |
| CN106416125A (en) | Automatic directory join for virtual machine instances | |
| CN105554146A (en) | Remote access method and device | |
| CN110287691A (en) | Application program login method, device, equipment and storage medium | |
| CN102104527B (en) | Access control method and equipment | |
| US10387872B2 (en) | Browser-based payment for content | |
| CN103136034A (en) | Method and browser of processing information | |
| US11882154B2 (en) | Template representation of security resources | |
| CN103001934A (en) | Terminal application login method and terminal application login system | |
| US20120079591A1 (en) | Data Filtering for Communication Devices | |
| US20110126266A1 (en) | Method and system for authenticating subaccount users | |
| CN102299945A (en) | Gateway configuration page registration method, system thereof and portal certificate server | |
| US10116701B2 (en) | Device-type based content management | |
| CN102314425A (en) | Data searching method and system | |
| US10021082B2 (en) | Integration of form and file services | |
| CN111277595B (en) | User and data management method suitable for multiple users and multiple terminals | |
| US10757216B1 (en) | Group profiles for group item recommendations |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CP03 | Change of name, title or address | ||
| CP03 | Change of name, title or address |
Address after: 518129 Building 2, B District, Bantian HUAWEI base, Longgang District, Shenzhen, Guangdong. Patentee after: Huawei Terminal (Shenzhen) Co., Ltd. Address before: 518129 Bantian HUAWEI headquarters office building, Longgang District, Guangdong, Shenzhen Patentee before: Huawei Device Co., Ltd. |