CN110856173B

CN110856173B - Network access method and device and electronic equipment

Info

Publication number: CN110856173B
Application number: CN201911175620.8A
Authority: CN
Inventors: 王纪伟
Original assignee: Vivo Mobile Communication Co Ltd
Current assignee: Vivo Mobile Communication Co Ltd
Priority date: 2019-11-26
Filing date: 2019-11-26
Publication date: 2022-11-18
Anticipated expiration: 2039-11-26
Also published as: CN110856173A

Abstract

The embodiment of the invention provides a network access method, a network access device and electronic equipment, wherein the method comprises the following steps: receiving an access information acquisition instruction sent by electronic equipment, wherein the access information acquisition instruction carries address information of a target server, and the target server is a server for verifying network access authority; acquiring an access account according to the access information acquisition instruction, transmitting the access account to a target server according to the address information, and receiving access verification information which is transmitted by the target server and generated for the access account; and sending the access account and the access verification information to the electronic equipment. According to the embodiment of the invention, the problem of leakage of personal privacy of the user when the user connects the wireless network by inputting personal privacy accounts such as communication numbers and the like is avoided, and the privacy safety of the personal accounts of the user is effectively ensured.

Description

Network access method and device and electronic equipment

Technical Field

The present invention relates to the field of computer technologies, and in particular, to a network access method and apparatus, and an electronic device.

Background

With the development of mobile internet and the popularization of mobile intelligent terminals, people have become a life style to surf the internet by using mobile terminals such as smart phones and tablet computers in public places such as shopping malls, hotels and airports. More and more public places are covered by public WiFi, and great convenience is provided for mobile internet surfing of people. Public WiFi has become the standard for public places such as "just needed" and merchants for people to surf the internet on the move.

At present, since a merchant and a network media company cooperate, when a user needs to connect WiFi provided by the merchant, the user needs to input a communication number (such as a mobile phone number) of the user, and then the communication number is sent to a server, the server sends a verification code to the communication number, and the user inputs the verification code on a network login interface and then requests the server to connect the WiFi provided by the merchant.

However, in the above way of connecting to the public WiFi, personal privacy information such as the communication number of the user is easily leaked, so that the user may often receive a large amount of spam advertisement information, which brings trouble to the user.

Disclosure of Invention

Embodiments of the present invention provide a network access method, an apparatus, and an electronic device, so as to solve the problem that personal privacy information such as a communication number of a user is easily revealed and privacy security of the user is seriously affected when a wireless network is connected by inputting the personal privacy information such as the communication number.

In order to solve the above technical problem, the embodiment of the present invention is implemented as follows:

in a first aspect, an embodiment of the present invention provides a network access method, including:

receiving an access information acquisition instruction sent by electronic equipment, wherein the access information acquisition instruction carries address information of a target server, and the target server is a server for verifying network access authority;

acquiring an access account according to the access information acquisition instruction, sending the access account to the target server according to the address information, and receiving access verification information which is sent by the target server and generated for the access account;

and sending the access account and the access verification information to the electronic equipment.

In a second aspect, an embodiment of the present invention provides a network access apparatus, including:

the system comprises a first receiving module, a second receiving module and a third receiving module, wherein the first receiving module is used for receiving an access information acquisition instruction sent by electronic equipment, the access information acquisition instruction carries address information of a target server, and the target server is a server for verifying network access authority;

the first sending module is used for obtaining an access account according to the access information obtaining instruction and sending the access account to the target server according to the address information;

the second receiving module is used for receiving access verification information which is sent by the target server and generated for the access account;

and the second sending module is used for sending the access account and the access verification information to the electronic equipment.

In a third aspect, an embodiment of the present invention provides an electronic device, including a processor, a communication interface, a memory, and a communication bus; the processor, the communication interface and the memory complete mutual communication through a bus; the memory is used for storing a computer program; the processor is configured to execute the program stored in the memory to implement the steps of the network access method according to the first aspect.

In a fourth aspect, the present invention provides a computer-readable storage medium, on which a computer program is stored, where the computer program, when executed by a processor, implements the network access method steps according to the first aspect.

According to the technical scheme provided by the embodiment of the invention, the embodiment of the invention receives the access information acquisition instruction sent by the electronic equipment, wherein the access information acquisition instruction carries address information of a target server, the target server is a server for verifying network access authority, then an access account is acquired according to the access information acquisition instruction and is sent to the target server according to the address information, and access verification information which is sent by the target server and is generated for the access account is received and is sent to the electronic equipment. Therefore, when an access information acquisition instruction sent by the electronic equipment is received, an access account is allocated for the access information acquisition instruction, and corresponding access verification information is requested from the target server, so that the electronic equipment can acquire network access authority based on the access account and the access verification information to access a network, the problem that the personal privacy of a user is revealed when the user connects a wireless network in a personal privacy account mode such as a communication number is input is avoided, and the privacy safety of the personal account of the user is effectively guaranteed.

Drawings

In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly introduced below, it is obvious that the drawings in the following description are only some embodiments described in the present invention, and for those skilled in the art, other drawings can be obtained according to these drawings without creative efforts.

Fig. 1 is a first flowchart of a network access method according to an embodiment of the present invention;

fig. 2 is a schematic flowchart of a network access method according to a second embodiment of the present invention;

fig. 3 is a third flowchart of a network access method according to an embodiment of the present invention;

FIG. 4 is a schematic diagram of a pop-up window during a link detection process according to the present invention;

fig. 5 is a fourth flowchart illustrating a network access method according to an embodiment of the present invention;

fig. 6 is a schematic diagram illustrating a module of a network access apparatus according to an embodiment of the present invention;

fig. 7 is a schematic structural diagram of an electronic device according to an embodiment of the present invention.

Detailed Description

The embodiment of the invention provides a network access method, a network access device and electronic equipment.

In order to make those skilled in the art better understand the technical solution of the present invention, the technical solution in the embodiment of the present invention will be clearly and completely described below with reference to the drawings in the embodiment of the present invention, and it is obvious that the described embodiment is only a part of the embodiment of the present invention, and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.

As shown in fig. 1, an execution subject of the method may be a server, where the server may be an independent server or a server cluster composed of multiple servers. Also, the server may be a server or the like for determining an access account. The method can ensure that the user can access the network under the condition of ensuring that personal privacy accounts such as personal communication numbers of the user are not revealed in the process of network access by using electronic equipment such as a terminal and the like, thereby ensuring the privacy safety of the personal accounts of the user. In order to distinguish from the subsequent target server, the server may be referred to as an account generation server. The method may specifically comprise the steps of:

in S101, an access information obtaining instruction sent by the electronic device is received, where the access information obtaining instruction carries address information of a target server, and the target server is a server for verifying a network access right.

The access information may be information of a network access account and access authentication information (such as a password or an authentication code) that are displayed on a network connection login interface and need to be input by a user. The access information obtaining instruction may be an instruction for obtaining an access account and access authentication information of a certain network connection. The target server may be a server for providing network connectivity and verifying network access rights. For example, the target server may be a server for providing a certain wireless network (e.g., public WiFi), and the target server may be a server for receiving network access information and verifying whether the received network access information has network access rights.

In implementation, with the development of mobile internet and the popularization of mobile intelligent terminals, it has become a life style of people to use mobile terminals such as smart phones and tablet computers to surf the internet in public places such as shopping malls, hotels and airports. More and more public places are covered by public WiFi, and great convenience is provided for mobile internet surfing of people. Public WiFi has become the standard for public places such as "just needed" and merchants for people to surf the internet on the move. At present, due to cooperation of a merchant and a network media company, when a user needs to connect with WiFi provided by the merchant, the user needs to input a communication number (such as a mobile phone number) of the user, then the communication number is sent to a server, the server sends a verification code to the communication number, and the user inputs the verification code on a network login interface and then requests to connect with the WiFi provided by the merchant. However, in the above way of connecting to the public WiFi, personal privacy information such as the communication number of the user is easily leaked, so that the user may often receive a large amount of spam advertisement information, which brings trouble to the user. Therefore, the embodiments of the present invention provide a technical solution to solve the above problems, and refer to the following contents.

Taking a mode that a user needs to input a personal privacy account such as a communication number and the like and can access a network only through verification of the target server as an example, an application program used for sending the access information acquisition instruction may be installed in the electronic device of the user. When a user needs to connect a certain wireless network (such as public WiFi), a corresponding network connection interface can be opened through electronic equipment, when prompt messages of personal privacy account numbers such as personal communication numbers and the like need to be input are displayed on the network connection interface, the network connection interface can be quitted first, an application program which is located on a display screen and used for providing an access information acquisition instruction can be triggered, the application program can detect address information of a target server providing wireless network access authority verification and category information of an access account number to be input in the network connection interface through related information of the network connection interface, and sends the access information acquisition instruction carrying the address information and the category information of the access account number to be input to an account number generation server.

Or, the access information may be acquired by triggering an access information acquisition button in the network connection interface. Specifically, when a user needs to connect to a wireless network, a corresponding network connection interface can be opened through the electronic device, when a prompt message of a personal privacy account number such as a personal communication number needs to be input is displayed on the network connection interface, an access information acquisition key located in the network connection interface can be triggered, after an application program of the network connection interface detects a triggering operation of the user, address information of a target server providing the wireless network and category information of an access account number to be input in the network connection interface can be detected through the network connection interface, and an access information acquisition instruction carrying the address information and the category information of the access account number to be input is sent to the account number generation server.

The account generating server may be an execution subject of the method. The types of the access account can be a communication number, a communication mailbox account, identity document information, an account of a preset application program and the like. The account generation server receives an access information acquisition instruction sent by the electronic equipment.

In S102, an access account is obtained according to the access information obtaining instruction, and the access account is sent to the target server according to the address information.

The access account can be one or more of a communication number, a communication mailbox account, identity document information and an account of a preset application program. The identity document information may include identity card information, social security card account information, driver license information, passport information, and the like.

In S103, access authentication information generated for the access account and sent by the target server is received.

In implementation, the account generation server may obtain a predetermined number of access accounts of corresponding account categories in advance according to the categories of the access accounts, and store the obtained predetermined number of access accounts in a predetermined database according to the account categories. For example, a predetermined number of pre-acquired communication numbers, communication mailbox accounts, identity document information, accounts of predetermined applications, and the like may be stored in a predetermined database according to the types of the access accounts.

Specifically, after receiving an access information acquisition instruction sent by the electronic device through the processing of S101, the account generation server first searches, according to the category information of an access account to be input in the access information acquisition instruction, a plurality of access accounts corresponding to the category of the access account in the predetermined database, may allocate an access account to the electronic device according to a predetermined access account allocation rule, then, according to address information of a target server carried in the access information acquisition instruction, send the allocated access account to the target server, after receiving the access account, the target server may send corresponding access verification information to the access account, and the account generation server may intercept or obtain the access verification information therefrom, where the access verification information may be a password of an access network or a verification code of the access network, and the like.

It should be noted that, the manner for allocating the access account to the electronic device may be allocation according to a predetermined access account allocation rule, or may be random allocation. The predetermined access account allocation rule may be allocation according to an arrangement order of access accounts stored in a predetermined database, and the like.

In S104, the access account and the access verification information are transmitted to the electronic device.

In an implementation, after receiving the access verification information sent by the target server through the processing of S103, the account generation server may send the access account and the access verification information together to the electronic device, so that the electronic device obtains a network access right to access the network based on the received access account and the access verification information.

The embodiment of the invention provides a network access method, which comprises the steps of receiving an access information acquisition instruction sent by electronic equipment, wherein the access information acquisition instruction carries address information of a target server, the target server is a server for verifying network access authority, then acquiring an access account according to the access information acquisition instruction, sending the access account to the target server according to the address information, receiving access verification information which is sent by the target server and generated for the access account, and sending the access account and the access verification information to the electronic equipment. Therefore, when an access information acquisition instruction sent by the electronic equipment is received, an access account is allocated for the access information acquisition instruction, and corresponding access verification information is requested from the target server, so that the electronic equipment can acquire network access authority based on the access account and the access verification information to access a network, the problem that the personal privacy of a user is revealed when the user connects a wireless network in a personal privacy account mode such as a communication number is input is avoided, and the privacy safety of the personal account of the user is effectively guaranteed.

As shown in fig. 2, the specific processing manner of S102 may be various, and an alternative processing manner is provided below, which may specifically refer to the processing of S1021-S1025 below.

And S1021, acquiring the number of historical access account numbers for verifying the network access authority in a preset period.

In implementation, considering that the number of users who acquire access accounts through the account generation server is different every day, in order to provide access accounts for users at different times or in different periods, the account generation server may acquire the number of historical access accounts for performing network access authority verification in the predetermined period.

And S1022, determining the estimated number of the access accounts required in the current period based on the number of the historical access accounts.

In an implementation, after the account generation server obtains the number of historical access accounts for performing network access authority verification in a predetermined period through the processing of S1021, the estimated number of access accounts required in the current period may be determined based on the number of historical access accounts. Specifically, the estimated number may be a multiple of the number of the historical access accounts, for example, may be 1.1 times of the number of the historical access accounts, and the estimated number may be 1.1 times of the number of the historical access accounts, for example, if the number of the historical access accounts for which the network access permission verification is performed in a predetermined period (for example, the previous day) is 1000, it is determined that the estimated number of the access accounts required in the current period is 1100.

And S1023, acquiring the estimated access account numbers.

In an implementation, after the account generation server determines the estimated number of access accounts required in the current period based on the number of historical access accounts through the processing in S1022, the estimated number of access accounts may be acquired, where the estimated number of access accounts may include access accounts pre-stored in a predetermined database and access accounts additionally acquired and stored in the predetermined database.

Specifically, taking an access account as a mailbox account as an example, if the number of mailbox accounts pre-stored in a predetermined database is 1000, and it is determined that the estimated number of access accounts required in the current period is 1100, 1000 stored mailbox accounts can be obtained from the predetermined database, and in addition, 100 public mailbox accounts can be obtained through a predetermined interface, and the 100 public mailbox accounts are stored in the position where the mailbox accounts are stored in the predetermined database. If the number of mailbox accounts pre-stored in the predetermined database is 2000 and the determined estimated number is 1100, additional mailbox accounts do not need to be acquired through a predetermined interface, and at the moment, 1100 mailbox accounts can be directly acquired from the predetermined database.

It should be noted that, in addition, the manner of obtaining the access account may be determined according to the type of the access account, for example, if the type of the access account is a mailbox account, a predetermined number of public mailbox accounts may be obtained through a predetermined interface, and then the obtained predetermined number of public mailbox accounts are stored in a corresponding location where mailbox accounts are stored in the predetermined database. If the access account is a communication number, the account generation server can acquire the communication number by inputting a pre-purchased communication number into the application program through a corresponding application program installed in the account generation server and a worker.

Specifically, the account generation server is further installed with a corresponding application program, the application program may be provided with an account storage page, and the account storage page may include an access account type input frame, an access account storage number input frame of a corresponding account type, an access account input submit button and a cancel button, and the like. If the access account category which needs to be acquired additionally is 100 communication numbers, the worker can start the application program, input the communication numbers in the account category input box and the storage quantity input box of the account storage page in the application program to input 100, then input 100 communication numbers purchased in advance into the access account input box, and after the input is finished, click a submit button, at this time, the account generation server can acquire the 100 communication numbers input in the account storage page and store the 100 communication numbers to corresponding positions where the communication numbers are stored in the preset database.

And S1024, aiming at the access information acquisition instruction, selecting one access account from the estimated number of access accounts as the access account aiming at the access information acquisition instruction.

And S1025, sending the access account to the target server according to the address information.

In implementation, after the account generation server obtains the estimated number of access accounts through the processing of S1023, according to the type of the access account carried in the obtaining instruction, one access account is selected from the storage location corresponding to the type of the access account in the predetermined database as the access account for the access information obtaining instruction, and then, according to the address information of the target server, the access account is sent to the target server.

In practical applications, examples of the specific processing procedures of S1021-S1025 may be: for the case that the access account category is a communication number, the basic device of the account generation server may include a modem (e.g., a cat pool), which needs to be maintained at the account generation server first, and the modem may include 16 card slots, where each card slot is a GSM module. The modem can be connected with a PC through a USB and is mounted as a serial port device. When the account generation server receives an access information acquisition instruction sent by user electronic equipment, an AT instruction can be sent to the modem through software or a driver program to complete the operation of allocating a communication account.

In implementation, first, according to the amount of active users in a predetermined period (e.g., the historical amount of users who obtain the access account through the account generation server), a communication number (e.g., a communication number that may be the historical amount of active users (1 + 10%)) for maintaining the estimated amount of active users may be purchased in advance. The employee may then pre-store the pre-purchased pre-estimated number of communication numbers in the modem of the account generation system. When a user needs to fill in a communication number, an access information acquisition instruction is sent to an account generation server through a long link (such as url or http) established between the user and the account generation server, when the account generation server receives the access information acquisition instruction sent by the user, a communication account is acquired through a modem, and the electronic equipment is simulated to log in the wireless network based on the communication account. Specifically, the operation is to send a Post request command to the target server through the long link between the account generation server and the target server to obtain the access authentication information (i.e. the authentication code or the password). Through the long-chain connection between the account generation server and the user electronic equipment, the electronic equipment automatically fills the access verification information into a WiFi login interface, and the user can access the network by clicking confirmation.

Considering that the security of the wireless network is low and is easily attacked by malicious means such as phishing, when a user successfully connects to the wireless network for access, the website address to be accessed is often maliciously modified and jumps to other irregular websites, and as shown in fig. 3, the following processes of S105-S108 may be executed to solve the above problem.

And S105, receiving the search terms sent by the electronic equipment.

In implementation, after the electronic device of the user acquires the access account and the access authentication information through the account generation server and accesses the network based on the access account and the access authentication information, when the user sends a network access request through the network, the account generation server can intercept the network access request and monitor whether the network access request sent by the user is maliciously modified, so that the security of the user in the process of using the wireless network is further improved.

Specifically, after the electronic device of the user acquires an access account and access verification information through the account generation server and accesses a network based on the access account and the access verification information, the user can input a search word in a search input box of a search engine through the electronic device and click a submit button, the search engine can generate a request based on the acquired search word input by the user and send the request to the search engine server, and meanwhile, the account generation server can intercept the request, so that the search word sent by the electronic device can be received.

S106, obtaining access information corresponding to the search terms, wherein the access information comprises at least one of links corresponding to the search terms and access request messages corresponding to the search terms.

The access request message corresponding to the search term may be content included in the access request message, and the like.

S107, judging whether the access information corresponding to the search word is matched with the reference access information corresponding to the search word.

The reference access information may be accurate access information that has not been tampered with maliciously (including a link corresponding to a search term and/or an access request message corresponding to the search term). The reference access information may be acquired by the account generation server through a predetermined second network interface (which may be a higher-security network interface) based on the search term.

In implementation, the account generating server may determine whether the path (e.g., get, post url) in the reference access information and/or the domain name to be accessed corresponding to the search term matches the path (e.g., get, post url) in the access information and/or the domain name to be accessed corresponding to the acquired search term based on the path (e.g., get, post url) in the reference access information and/or the domain name to be accessed corresponding to the search term.

And S108, if the judgment result is negative, determining that the access information corresponding to the search word is abnormal, and sending prompt information for disconnecting the network access to the electronic equipment.

In implementation, if the account generating server detects, through the processing in S106, that a path (e.g., get, post url) in the reference access information corresponding to the search term does not match a path (e.g., get, post url) in the access information, or that a domain name to be accessed in the reference access information corresponding to the search term does not match a domain name to be accessed in the acquired access information, or that the path (e.g., get, post url) and the domain name to be accessed in the reference access information corresponding to the search term do not match the path (e.g., get, post url) and the domain name to be accessed in the access information corresponding to the search term, it is determined that the access information corresponding to the search term is abnormal, and prompt information for disconnecting the network access or switching the network is sent to the electronic device. As shown in fig. 4, the electronic device may display the prompt message in a pop-up window form, and may also display keys for setting, terminating, canceling, and the like of the network in the pop-up window. If the user clicks the end button, access to the link may be terminated. And if the user clicks the cancel button, exiting the prompt interface and accessing the link. If the user clicks the network setting key, at this time, the display interface of the electronic device may jump to the network setting interface, and the user may terminate accessing the link by triggering a disconnect network connection key or a switch network connection key in the network setting interface.

In order to further improve the security of the user accessing the web page, as shown in fig. 5, the following processes S109 to S111 may be further executed:

and S109, if the judgment result is yes, acquiring the operation data of the user from the electronic equipment.

The operation data may be a command request message for operating the application program, which is reported in the process of operating the application program by the user.

And S110, judging whether abnormal data exist in the transmission information and/or the operation data corresponding to the operation data.

In implementation, after acquiring the operation data of the user through the processing in S109, the account generating server may determine whether there is abnormal data in the reporting path corresponding to the operation data and the command request message for operating the application program, or may determine whether there is abnormal data in the reporting path corresponding to the operation data, or may determine whether there is abnormal data in the operation data.

It should be noted that, the above determining process of determining whether there is abnormal data in the transmission information and/or the operation data corresponding to the operation data may be determined based on whether the reference transmission information and/or the reference operation data corresponding to the operation data matches with the transmission information and/or the operation data corresponding to the operation data. If the reference transmission information corresponding to the operation data does not match the transmission information corresponding to the operation data, or the operation data does not match the reference operation data, or both the reference transmission information corresponding to the operation data and the reference operation data corresponding to the operation data do not match the transmission information corresponding to the operation data and the reported operation data, it can be determined that the operation data has abnormal data.

And S111, if the abnormal data exists, determining that the operation of the user is abnormal, and sending prompt information for disconnecting the network access to the electronic equipment.

In order to improve the detection efficiency of the access information requested by the user, before the access information corresponding to the search term is acquired in S106, the following processes in S112 and S113 may be further performed:

s112, acquiring abnormal access information;

and S113, storing the abnormal access information into a first preset database.

The abnormal access information stored in the first predetermined database may be acquired in advance, or may be abnormal access information corresponding to the search term determined by the detection.

In implementation, after the processing of S113 stores the access information with abnormality in the first predetermined database, when it is detected that the website information to be accessed by the next user is the same as one piece of abnormal access information in the first predetermined database, it may be directly determined that the website accessed by the user is abnormal, and a prompt message for disconnecting the network access may be sent to the electronic device of the user, without obtaining reference access information through a predetermined second network interface for comparison, so as to improve the detection efficiency of the access information requested by the user.

The specific processing manner of S106 may be various, and an alternative processing manner is provided below, which may be specifically referred to the processing of S1061-S1063.

S1061, determining whether the search term matches with the access information in the first predetermined database.

In implementation, in order to further improve the detection efficiency of the access information requested by the user, after the search term sent by the electronic device is received through the above S105, it is detected that the search term input by the user is a link, and the obtained search term may be matched with the access information in the first predetermined database.

And S1062, if the judgment result is negative, acquiring access information corresponding to the search term through a preset first network interface.

And S1063, if the judgment result is yes, sending prompt information for disconnecting the network access to the electronic equipment.

However, in order to further improve the detection efficiency of the access information requested by the user, the following processes of S114 and S115 may be further performed:

and S114, acquiring reference access information corresponding to the historical search terms through a preset second network interface according to the historical search terms.

The predetermined second network interface may be a network interface with higher security, and the access information corresponding to the search term obtained through the predetermined second network interface has higher reliability.

S115, storing the acquired reference access information corresponding to the historical search terms into a second preset database;

accordingly, the specific processing manner of S107 may be various, and an alternative processing manner is provided below, which may be referred to as the processing of S1071 below.

S1071, determines whether reference access information matching the access information corresponding to the search word exists in the second predetermined database.

Further, after the electronic device of the user accesses the network through the account generation server, the electronic device receives the search word sent by the electronic device and acquires the access information corresponding to the search word, and then judges whether the access information corresponding to the search word is matched with the reference access information corresponding to the search word, and when the fact that the access information corresponding to the search word is abnormal is determined, a method for sending prompt information for disconnecting network access to the electronic device is sent, so that the safety of the information of the website accessed by the user is guaranteed, and the situation that the website to be accessed by the user is maliciously modified to jump to other irregular websites is avoided.

Corresponding to the network access method provided in the foregoing embodiment, based on the same technical concept, an embodiment of the present invention further provides a network access apparatus, and fig. 6 is a schematic diagram illustrating a module composition of the network access apparatus provided in the embodiment of the present invention, where the network access apparatus is configured to execute the network access method described in fig. 1 to fig. 5, and as shown in fig. 6, the network access apparatus includes:

a first receiving module 601, configured to receive an access information obtaining instruction sent by an electronic device, where the access information obtaining instruction carries address information of a target server, and the target server is a server for verifying a network access permission;

a first sending module 602, configured to obtain an access account according to the access information obtaining instruction, and send the access account to the target server according to the address information;

a second receiving module 603, configured to receive access verification information, which is sent by the target server and generated for the access account;

a second sending module 604, configured to send the access account and the access verification information to the electronic device, so that the electronic device obtains a network access right to access a network based on the access account and the access verification information.

Optionally, the access account includes one or more of a communication number, a communication mailbox account, identity document information, and an account of a predetermined application program.

Optionally, the access authentication information is of multiple types, including a password of the access network and an authentication code of the access network.

Optionally, the first sending module 602 includes:

the system comprises a first acquisition unit, a second acquisition unit and a third acquisition unit, wherein the first acquisition unit is used for acquiring the number of historical access accounts for verifying the network access authority in a preset period;

the determining unit is used for determining the estimated number of the access accounts required in the current period based on the number of the historical access accounts;

the second obtaining unit is used for obtaining the estimated number of the access accounts;

and the selecting unit is used for selecting one access account from the estimated number of access accounts as the access account aiming at the access information acquisition instruction according to the access information acquisition instruction.

Optionally, the apparatus further comprises:

the first acquisition module is used for receiving the search terms sent by the electronic equipment;

a second obtaining module, configured to obtain access information corresponding to the search term, where the access information includes at least one of a link corresponding to the search term and an access request message corresponding to the search term;

the first detection module is used for judging whether the access information corresponding to the search word is matched with the reference access information corresponding to the search word;

and the first processing module is used for determining that the access information corresponding to the search word is abnormal and sending prompt information for disconnecting network access to the electronic equipment if the judgment result is negative.

Optionally, the apparatus further comprises:

the second processing module is used for acquiring the operation data of the user from the electronic equipment if the judgment result is yes;

the second detection module is used for judging whether transmission information corresponding to the operation data and/or the operation data have abnormal data or not;

and the third processing module is used for determining that the operation of the user is abnormal if abnormal data exists, and sending prompt information for disconnecting network access to the electronic equipment.

Optionally, the apparatus further comprises:

the third acquisition module is used for acquiring the access information with abnormity;

the first storage module is used for storing the access information with the abnormity into a first preset database;

the second obtaining module includes:

the detection unit is used for judging whether the search word is matched with the access information in the first preset database or not;

the first processing unit is used for acquiring access information corresponding to the search word through a preset first network interface if the judgment result is negative;

and the second processing unit is used for sending prompt information for disconnecting the network access to the electronic equipment if the judgment result is yes.

Optionally, the apparatus further comprises:

the fourth acquisition module is used for acquiring reference access information corresponding to the historical search terms through a preset second network interface according to the historical search terms;

the second storage module is used for storing the acquired reference access information corresponding to the historical search terms into a second preset database;

correspondingly, the first detection module is configured to:

and judging whether reference access information matched with the access information corresponding to the search word exists in the second preset database.

The network access device provided by the embodiment of the present invention can implement each process in the embodiment corresponding to the network access method, and is not described herein again to avoid repetition.

It should be noted that the network access apparatus provided in the embodiment of the present invention and the network access method provided in the embodiment of the present invention are based on the same inventive concept, and therefore specific implementation of the embodiment may refer to implementation of the foregoing network access method, and repeated details are not described herein.

Corresponding to the network access method provided in the foregoing embodiment, based on the same technical concept, an embodiment of the present invention further provides an electronic device, where the electronic device is configured to execute the network access method, fig. 7 is a schematic diagram of a hardware structure of an electronic device for implementing various embodiments of the present invention, and the electronic device 700 shown in fig. 7 includes, but is not limited to: a radio frequency unit 701, a network module 702, an audio output unit 703, an input unit 704, a sensor 705, a display unit 706, a user input unit 707, an interface unit 708, a memory 709, a processor 710, a power supply 711, and the like. Those skilled in the art will appreciate that the electronic device configuration shown in fig. 7 does not constitute a limitation of the electronic device, and that the electronic device may include more or fewer components than shown, or some components may be combined, or a different arrangement of components. In the embodiment of the present invention, the mobile terminal includes, but is not limited to, a mobile phone, a tablet computer, a notebook computer, a palm computer, a vehicle-mounted terminal, a wearable device, a pedometer, and the like.

The processor 710 is configured to implement the following steps:

In addition, the access account includes one or more of a communication number, a communication mailbox account, identity document information and an account of a predetermined application program.

In addition, the access authentication information is various, including a password of the access network and an authentication code of the access network.

Further, the processor 710 is further configured to implement the following steps:

acquiring the number of historical access accounts for verifying the network access authority in a preset period;

determining the estimated number of the access accounts required in the current period based on the number of the historical access accounts;

acquiring the estimated number of access accounts;

and aiming at the access information acquisition instruction, selecting one access account from the estimated number of access accounts as the access account aiming at the access information acquisition instruction.

In addition, the processor 710 is further configured to implement the following steps:

receiving a search word sent by the electronic equipment;

acquiring access information corresponding to the search terms, wherein the access information comprises at least one of links corresponding to the search terms and access request messages corresponding to the search terms;

judging whether the access information corresponding to the search word is matched with the reference access information corresponding to the search word;

if the judgment result is negative, determining that the access information corresponding to the search word is abnormal, and sending prompt information for disconnecting network access to the electronic equipment.

if the judgment result is yes, acquiring operation data of a user from the electronic equipment;

judging whether transmission information corresponding to the operation data and/or abnormal data exist in the operation data or not;

and if the abnormal data exists, determining that the operation of the user is abnormal, and sending prompt information for disconnecting the network access to the electronic equipment.

acquiring access information with abnormality;

storing the access information with the abnormity into a first preset database;

judging whether the search word is matched with the access information in the first preset database;

if the judgment result is negative, obtaining access information corresponding to the search word through a preset first network interface;

and if so, sending prompt information for disconnecting network access to the electronic equipment.

acquiring reference access information corresponding to the historical search terms through a preset second network interface according to the historical search terms;

storing the acquired reference access information corresponding to the historical search words into a second preset database;

accordingly, the processor 710 is further configured to implement the following steps:

According to the technical scheme provided by the embodiment of the invention, the embodiment of the invention receives the access information acquisition instruction sent by the electronic equipment, wherein the access information acquisition instruction carries address information of a target server, the target server is a server for verifying network access authority, then an access account is acquired according to the access information acquisition instruction and is sent to the target server according to the address information, and access verification information which is sent by the target server and is generated for the access account is received and is sent to the electronic equipment. Therefore, when an access information acquisition instruction sent by the electronic equipment is received, an access account is allocated to the access information acquisition instruction, and corresponding access verification information is requested from the target server, so that the electronic equipment can acquire network access authority based on the access account and the access verification information to access a network, the problem that the personal privacy of a user is leaked when the user is connected with a wireless network in a personal privacy account mode such as a communication number is input is avoided, and the privacy safety of the personal account of the user is effectively guaranteed.

It should be noted that the electronic device 700 provided in the embodiment of the present invention is capable of implementing each process implemented by the electronic device in the foregoing network access method embodiment, and for avoiding repetition, details are not described here again.

It should be understood that, in the embodiment of the present invention, the radio frequency unit 701 may be used for receiving and sending signals during a message transmission and reception process or a call process, and specifically, receives downlink data from a base station and then processes the received downlink data to the processor 710; in addition, the uplink data is transmitted to the base station. In general, radio frequency unit 701 includes, but is not limited to, an antenna, at least one amplifier, a transceiver, a coupler, a low noise amplifier, a duplexer, and the like. In addition, the radio frequency unit 701 may also communicate with a network and other devices through a wireless communication system.

The electronic device provides wireless broadband internet access to the user via the network module 702, such as assisting the user in sending and receiving e-mails, browsing web pages, and accessing streaming media.

The audio output unit 703 may convert audio data received by the radio frequency unit 701 or the network module 702 or stored in the memory 709 into an audio signal and output as sound. Also, the audio output unit 703 may also provide audio output related to a specific function performed by the electronic apparatus 700 (e.g., a call signal reception sound, a message reception sound, etc.). The audio output unit 703 includes a speaker, a buzzer, a receiver, and the like.

The input unit 704 is used to receive audio or video signals. The input Unit 704 may include a Graphics Processing Unit (GPU) 7041 and a microphone 7042, and the Graphics processor 7041 processes image data of a still picture or video obtained by an image capturing device (e.g., a camera) in a video capture mode or an image capture mode. The processed image frames may be displayed on the display unit 706. The image frames processed by the graphic processor 7041 may be stored in the memory 709 (or other storage medium) or transmitted via the radio unit 701 or the network module 702. The microphone 7042 may receive sounds and may be capable of processing such sounds into audio data. The processed audio data may be converted into a format output transmittable to a mobile communication base station via the radio frequency unit 701 in case of a phone call mode.

The electronic device 700 also includes at least one sensor 705, such as a light sensor, motion sensor, and other sensors. Specifically, the light sensor includes an ambient light sensor that can adjust the brightness of the display panel 7061 according to the brightness of ambient light, and a proximity sensor that can turn off the display panel 7061 and/or a backlight when the electronic device 700 is moved to the ear. As one type of motion sensor, an accelerometer sensor can detect the magnitude of acceleration in each direction (generally three axes), detect the magnitude and direction of gravity when stationary, and can be used to identify the posture of an electronic device (such as horizontal and vertical screen switching, related games, magnetometer posture calibration), and vibration identification related functions (such as pedometer, tapping); the sensors 705 may also include fingerprint sensors, pressure sensors, iris sensors, molecular sensors, gyroscopes, barometers, hygrometers, thermometers, infrared sensors, etc., which are not described in detail herein.

The display unit 706 is used to display information input by the user or information provided to the user. The Display unit 706 may include a Display panel 7061, and the Display panel 7061 may be configured in the form of a Liquid Crystal Display (LCD), an Organic Light-Emitting Diode (OLED), or the like.

The user input unit 707 may be used to receive input numeric or character information and generate key signal inputs related to user settings and function control of the electronic device. Specifically, the user input unit 707 includes a touch panel 7071 and other input devices 7072. The touch panel 7071, also referred to as a touch screen, may collect touch operations by a user on or near the touch panel 7071 (e.g., operations by a user on or near the touch panel 7071 using a finger, a stylus, or any other suitable object or attachment). The touch panel 7071 may include two parts of a touch detection device and a touch controller. The touch detection device detects the touch direction of a user, detects a signal brought by touch operation and transmits the signal to the touch controller; the touch controller receives touch information from the touch sensing device, converts the touch information into touch point coordinates, sends the touch point coordinates to the processor 710, receives a command from the processor 710, and executes the command. In addition, the touch panel 7071 can be implemented by various types such as resistive, capacitive, infrared, and surface acoustic wave. The user input unit 707 may include other input devices 7072 in addition to the touch panel 7071. In particular, the other input devices 7072 may include, but are not limited to, a physical keyboard, function keys (such as volume control keys, switch keys, etc.), a trackball, a mouse, and a joystick, which are not described herein again.

Further, the touch panel 7071 may be overlaid on the display panel 7061, and when the touch panel 7071 detects a touch operation on or near the touch panel 7071, the touch operation is transmitted to the processor 710 to determine the type of the touch event, and then the processor 710 provides a corresponding visual output on the display panel 7061 according to the type of the touch event. Although the touch panel 7071 and the display panel 7061 are shown in fig. 7 as two separate components to implement the input and output functions of the electronic device, in some embodiments, the touch panel 7071 and the display panel 7061 may be integrated to implement the input and output functions of the electronic device, which is not limited herein.

The interface unit 708 is an interface for connecting an external device to the electronic apparatus 700. For example, the external device may include a wired or wireless headset port, an external power supply (or battery charger) port, a wired or wireless data port, a memory card port, a port for connecting a device having an identification module, an audio input/output (I/O) port, a video I/O port, an earphone port, and the like. The interface unit 708 may be used to receive input (e.g., data information, power, etc.) from an external device and transmit the received input to one or more elements within the electronic apparatus 700 or may be used to transmit data between the electronic apparatus 700 and the external device.

The memory 709 may be used to store software programs as well as various data. The memory 709 may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required by at least one function (such as a sound playing function, an image playing function, etc.), and the like; the storage data area may store data (such as audio data, a phonebook, etc.) created according to the use of the cellular phone, and the like. Further, the memory 709 may include high speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other volatile solid state storage device.

The processor 710 is a control center of the electronic device, connects various parts of the whole electronic device by using various interfaces and lines, performs various functions of the electronic device and processes data by running or executing software programs and/or modules stored in the memory 709 and calling data stored in the memory 709, thereby monitoring the whole electronic device. Processor 710 may include one or more processing units; preferably, the processor 710 may integrate an application processor, which mainly handles operating systems, user interfaces, application programs, etc., and a modem processor, which mainly handles wireless communications. It will be appreciated that the modem processor described above may not be integrated into processor 710.

The electronic device 700 may also include a power supply 711 (e.g., a battery) for providing power to the various components, and preferably, the power supply 711 may be logically coupled to the processor 710 via a power management system, such that functions of managing charging, discharging, and power consumption may be performed via the power management system.

In addition, the electronic device 700 includes some functional modules that are not shown, and are not described in detail herein.

Preferably, an embodiment of the present invention further provides an electronic device, which includes a processor 710, a memory 709, and a computer program stored in the memory 709 and capable of running on the processor 710, where the computer program is executed by the processor 710 to implement each process of the foregoing network access method embodiment, and can achieve the same technical effect, and in order to avoid repetition, details are not described here again.

Further, corresponding to the network access method provided in the foregoing embodiment, an embodiment of the present invention further provides a computer-readable storage medium, where a computer program is stored on the computer-readable storage medium, and when the computer program is executed by the processor 710, the steps of the foregoing network access method embodiment are implemented, and the same technical effects can be achieved, and in order to avoid repetition, details are not described here again. The computer-readable storage medium may be a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk.

As will be appreciated by one skilled in the art, embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.

The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

In a typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.

The memory may include forms of volatile memory in a computer readable medium, random Access Memory (RAM) and/or non-volatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). Memory is an example of a computer-readable medium.

Computer-readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), static Random Access Memory (SRAM), dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), read Only Memory (ROM), electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, a computer readable medium does not include a transitory computer readable medium such as a modulated data signal and a carrier wave.

It is to be understood that the embodiments described herein may be implemented in hardware, software, firmware, middleware, microcode, or any combination thereof. For a hardware implementation, the Processing units may be implemented within one or more Application Specific Integrated Circuits (ASICs), digital Signal Processors (DSPs), digital Signal Processing Devices (DSPDs), programmable Logic Devices (PLDs), field Programmable Gate Arrays (FPGAs), general purpose processors, controllers, micro-controllers, microprocessors, other electronic units designed to perform the functions described herein, or a combination thereof.

For a software implementation, the techniques described in this embodiment of the present invention may be implemented with modules (e.g., procedures, functions, and so on) that perform the functions described in this embodiment of the present invention. The software codes may be stored in a memory and executed by a processor. The memory may be implemented within the processor or external to the processor.

It should also be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising a … …" does not exclude the presence of another identical element in a process, method, article, or apparatus that comprises the element.

Through the above description of the embodiments, those skilled in the art will clearly understand that the method of the above embodiments can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware, but in many cases, the former is a better implementation manner. Based on such understanding, the technical solutions of the present invention may be embodied in the form of a software product, which is stored in a storage medium (such as ROM/RAM, magnetic disk, optical disk) and includes instructions for enabling a terminal (such as a mobile phone, a computer, a server, an air conditioner, or a network device) to execute the method according to the embodiments of the present invention.

While the present invention has been described with reference to the embodiments shown in the drawings, the present invention is not limited to the embodiments, which are illustrative and not restrictive, and it will be apparent to those skilled in the art that various changes and modifications can be made herein without departing from the spirit and scope of the invention as defined in the appended claims. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present invention should be included in the scope of the claims of the present invention.

Claims

1. A method for network access, the method comprising:

acquiring an access account according to the access information acquisition instruction, and sending the access account to the target server according to the address information;

receiving access verification information which is sent by the target server and generated for the access account;

sending the access account and the access verification information to the electronic equipment;

further comprising:

receiving a search word sent by the electronic equipment;

if not, sending prompt information for disconnecting network access to the electronic equipment.

2. The method of claim 1, wherein the access account comprises one or more of a communication number, a communication mailbox account, identity document information, and an account of a predetermined application.

3. The method of claim 1, wherein the obtaining an access account according to the access information obtaining instruction comprises:

acquiring the estimated number of access account numbers;

4. The method of claim 1, further comprising:

judging whether transmission information corresponding to the operation data and/or the operation data have abnormal data or not;

and if the abnormal data exist, sending prompt information for disconnecting network access to the electronic equipment.

5. The method according to claim 1, further comprising, before the obtaining access information corresponding to the search term:

acquiring access information with abnormality;

storing the access information with the abnormity into a first preset database;

the obtaining of the access information corresponding to the search term includes:

6. The method of claim 1, further comprising:

the determining whether the access information corresponding to the search term matches the reference access information corresponding to the search term includes:

7. A network access apparatus, the apparatus comprising:

the first receiving module is used for receiving an access information acquisition instruction sent by the electronic equipment, wherein the access information acquisition instruction carries address information of a target server, and the target server is a server for verifying network access authority;

the second sending module is used for sending the access account and the access verification information to the electronic equipment;

the device further comprises:

and the first processing module is used for sending prompt information for disconnecting network access to the electronic equipment if the judgment result is negative.

8. The apparatus of claim 7, wherein the first sending module comprises:

9. The apparatus of claim 7, further comprising:

and the third processing module is used for sending prompt information for disconnecting network access to the electronic equipment if the abnormal data exists.

10. The apparatus of claim 7, further comprising:

the second obtaining module includes:

and the second processing unit is used for sending prompt information for disconnecting network access to the electronic equipment if the judgment result is yes.

11. The apparatus of claim 7, further comprising:

the first detection module is configured to:

12. An electronic device comprising a processor, a communication interface, a memory, and a communication bus; the processor, the communication interface and the memory complete mutual communication through a bus; the memory is used for storing a computer program; the processor, configured to execute the program stored in the memory, and implement the steps of the network access method according to any one of claims 1 to 6.

13. A computer-readable storage medium, characterized in that a computer program is stored on the computer-readable storage medium, which computer program, when being executed by a processor, carries out the network access method steps of any one of claims 1-6.