The Wireless Local Area Network (Wireless Local Area Network, WLAN) is widely used at home, in small-scale office and business places. In the WLAN, a terminal accesses the WLAN through a routing device, and uses the wireless network service. However, research shows that a wireless routing device is easily attacked, and cannot protect security of a user network and digital properties.
A typical process of a wireless terminal accessing the WLAN is: Firstly, on each possible WLAN broadcast channel, intercept beacon (Beacon) information sent by a WIFI access point ((Access Point, AP), including a WIFI wireless router), and if a proper AP is found, start an access process. The access process includes: authentication (Authentication) and association (Association). The authentication is performed so as to ensure that only an authorized user can access the network, and in an authentication process, usually a user access password needs to be input. The association is performed so as to determine a capability supported by a terminal, and agree on a parameter used when two parties communicate with each other. After the access process is completed, a process of establishing a connection between the terminal and the AP is completed. Due to openness of an air interface, theoretically, all information transmitted over the air can be thieved, and then decrypted in various manners to obtain a network access password, an information transmission encryption password, and the like. A typical security problem in the access process of the WLAN is that the access password in the authentication process may be thieved illegally.
An existing location-based authentication technology can partially solve the problem that key information is thieved illegally. By using this technology, when a mobile terminal sends a wireless access request, a spatial location of the mobile terminal is determined, and if it is located within a preset wireless network range, the mobile terminal is allowed to access the network. Especially, the location-based authentication technology can protect, to some extent, important information transmitted over the air in the authentication stage. However, in the prior art, an area where authentication is allowed to be completed generally is an area where the network service can be obtained, which brings the following contradictions:
from the perspective of network coverage (or use convenience of the network), a user hopes that it is convenient as much as possible when accessing the WLAN, that is, the user hopes that an area where the location-based authentication is allowed is large enough; and
from the perspective of security, it is required that the authentication area is small enough, so as to ensure that the area is a secure area that can be controlled completely.
Therefore, the objective of improving the security of the WLAN contradicts the objective of improving the use convenience of the WLAN.