CN107710216A - For establishing the apparatus and method of secure communication channel in Internet of Things (IoT) system - Google Patents

Abstract

The present invention describes the apparatus and method for the secure communication between IoT devices and IoT services.For example, an embodiment of system includes：Internet of Things (IoT) services, and the Internet of Things service is used to establish the communication with IoT devices by IoT centers or mobile user devices；The first crypto engine in the IoT services, first crypto engine include being used to generate service public key and service the key generation logic of private cipher key；The second crypto engine on the IoT devices, second crypto engine include the key generation logic for generating means public keys and device private cipher key；First crypto engine is used to transmit the service public key to second crypto engine and second transmission engine and is used to transmit described device public keys to first crypto engine；First crypto engine generates password using described device public keys and the service private cipher key；Second crypto engine generates identical password using the service public key and described device private cipher key；And wherein once generating the password, then first crypto engine and second crypto engine use the password or the packet transmitted using the data structure encryption and decryption that are drawn from the password between first crypto engine and second crypto engine.

Description

For establishing the apparatus and method of secure communication channel in Internet of Things (IoT) system

Background technology

Technical field

Present invention relates generally to field of computer.More particularly, it relates to for being established in IoT systems The apparatus and method of secure communication channel.

Description of Related Art

" Internet of Things " refer in Internet basic framework can unique identification embedded equipment interconnection.Finally, IoT is estimated New species will be caused to be widely applied program, in the applications, almost any type of physics things can provide On itself or its surrounding environment information and/or can be remotely controlled by the client terminal device on internet.

Due to some problems relevant with connectivity, power and standardization shortage, the exploitation and use of Internet of Things are compared always It is slower.For example, IoT is developed and is using a faced obstacle, no standard platform allows developer to design and carry For new IoT devices and service.In order to enter IoT markets, developer must design whole IoT platforms from the beginning, including IoT needed for supporting realizes the procotol and architecture, hardware, software and services needed.Therefore, IoT devices is each Family provides commercial city and designs and connect IoT devices using proprietary technology, and this causes for end user, and use is polytype IoT devices are a hard works.IoT is relevant with the connection of IoT devices and power supply using another obstacle faced Difficulty.For example, the electrical equipment of connection refrigerator, garage door switch, environmental sensor, domestic security sensor/controller etc. Need power supply for each connection IoT devices power, and this power supply generally position it is inconvenient.

It for interconnecting the wireless technology of IoT devices (such as bluetooth LE) is typically short distance skill that another existing problem, which is, Art.So if be in for the data collection center for implementing IoT outside the scope of IoT devices, IoT devices will be unable to by Data transfer is to IoT centers (vice versa).Therefore, it is necessary to allow the IoT centers that IoT devices are provided data to outside scope The technology of (or other IoT devices).

Brief description of the drawings

The present invention can be more fully understood from detailed description below with reference to drawings below, wherein：

Figure 1A to Figure 1B shows the different embodiments of IoT system architectures；

Fig. 2 shows the IoT devices according to one embodiment of the invention；

Fig. 3 shows the IoT centers according to one embodiment of the invention；

Fig. 4 A to Fig. 4 B show that the present invention is used to controlling and collecting the data from IoT devices and generates the reality of notice Apply scheme；

Fig. 5 shows that the present invention is used to collect the data from IoT devices and generate to take from IoT centers and/or IoT The embodiment of the notice of business；

Fig. 6 shows that middle mobile device collects the data for carrying out self-retaining IoT devices and the data are supplied into IoT centers System an embodiment；

Fig. 7 shows the middle connection logic implemented in one embodiment of the invention；

Fig. 8 shows the method according to one embodiment of the invention；

Fig. 9 A show the embodiment for providing program code and data renewal to IoT devices；

The embodiment that Fig. 9 B show the method that program code and data renewal are provided to IoT devices；

Figure 10 shows the high-level view of an embodiment of security architecture；

Figure 11 is shown in which to store one of the framework of key on IoT devices using subscriber identity module (SIM) Embodiment；

Figure 12 A are shown in which to register IoT devices embodiment using bar code or QR code；

Figure 12 B are shown in which the embodiment matched using bar code or QR code；

Figure 13 shows an embodiment of the method for being programmed using IoT centers to SIM；

Figure 14 is shown for an embodiment at IoT centers and the method for IoT service registry IoT devices；And

Figure 15 shows an embodiment of the method for encrypting the data that be sent to IoT devices；

Figure 16 A to Figure 16 B show that the present invention is used for the different of encryption data between IoT services and IoT devices and implemented Scheme；

Figure 17 shows that the present invention is used to perform security key exchange, generation public code and generated using the password close The embodiment of key stream；

Figure 18 shows the packet structure according to one embodiment of the invention；

Figure 19 show it is used in one embodiment in the case of not with IoT devices formally pairing to IoT Device write-in data/from the technology of IoT device for reading data；

Figure 20 shows the one group of exemplary command used in one embodiment of the invention；

Figure 21 shows the exemplary sequence of the transaction using order bag；

Figure 22 shows the method according to one embodiment of the invention；And

Figure 23 A to Figure 23 C show the method for matching safely according to one embodiment of the invention.

Embodiment

In the following description, for illustrative purposes, many specific details are set forth herein thoroughly to understand hereafter Embodiment of the present invention of description.However, those skilled in the art is readily apparent, can be in these no specific details Some in the case of put into practice embodiment of the present invention.In other cases, to avoid fuzzy embodiment of the present invention General principle, well known construction and device are shown in form of a block diagram.

One embodiment of the invention includes a kind of Internet of Things (IoT) platform, developer can using the platform come Design and build new IoT devices and application program.Specifically, an embodiment includes the basis for Internet of things device Hardware/software platform, the underlying hardware/software platform include predefined network protocol stack and IoT centers, and IoT devices lead to Cross the IoT centers and be connected to internet.Service, can be serviced such as by the IoT in addition, an embodiment includes an IoT Under access and manage describedly IoT centers and connection IoT devices.In addition, an embodiment of IoT platforms is included to visit Ask and configure IoT services, center and connection device IoT application programs or web application (for example, in client terminal device Upper execution).Existing online retailer and other website operators can utilize IoT platforms as described herein easily to be existing Customer group provides unique IoT functions.

Figure 1A shows the general view for the architecture platform that can realize embodiment of the present invention thereon.Specifically, it is illustrated that Embodiment includes multiple IoT devices 101 to 105, during these IoT devices are communicably connected to by local communi-cation channel 130 IoT centers 110 are entreated, the central IoT centers are communicatively connected to IoT services 120 by internet 220 in itself.IoT devices 101 to Each IoT devices in 105 initially can (for example, using matching technology described below) matched with IoT centers 110 to cause Each communication channel in local communi-cation channel 130 can be realized.In one embodiment, IoT services 120 include final use User data storehouse 122, the user account information and data that the IoT devices for safeguarding from each user are collected.If for example, IoT devices include sensor (for example, temperature sensor, accelerometer, heat sensor, motion detector etc.), then database 122 It can constantly update to store the data collected by IoT devices 101-105.It is stored in data in database 122 and then can be with Via the IoT application programs on user's set 135 and browser (or via desktop computer or other client meters Calculation machine system) it is able to access that end user and networking client (for example, have subscribed the website 130 of IoT services 120).

IoT devices 101 to 105 can be collected on itself and its surrounding environment equipped with various types of sensors Information, and the information of collection is supplied to IoT services 120, user's set 135 and/or external website via IoT centers 110 130.Some IoT devices in IoT devices 101 to 105 can be held in response to the control command sent by IoT centers 110 The function that row is specified.A variety of specific examples of the information collected by IoT devices 101 to 105 and control command are provided below. In an embodiment described below, IoT devices 101 are designed to record user's selection and are sent to user's selection IoT services 120 and/or the user input apparatus of website.

In one embodiment, IoT centers 110 include cellular radio, with via such as 4G (for example, mobile WiMAX, LTE) or 5G cellular data services cellular service 115 establish to internet 220 connection.Alternatively Or in addition, IoT centers 110 can include WiFi radio devices, with by the way that IoT centers 110 are connected into internet (example Such as, via to end user provide Internet service ISP) WiFi access points or router 116 establish WiFi connections.Of course, it should be noted that the general principle of the present invention is not limited to any certain types of communication channel or agreement.

In one embodiment, IoT devices 101 to 105 are can to use battery electric quantity (for example, several years) fortune for a long time Capable ultra low power device.In order to save power, can be come using low power wireless communication technology such as Bluetooth Low Energy (LE) Realize local communi-cation channel 130.In this embodiment, each IoT devices in IoT devices 101 to 105 and IoT centers 110 Equipped with bluetooth LE radio devices and protocol stack.

As described above, in one embodiment, the IoT platforms, which are included on user's set 135, to be performed to allow user Access and configure the IoT application programs or Web of connected IoT devices 101 to 105, IoT centers 110 and/or IoT services 120 Application program.In one embodiment, the application program or web application can be designed as by the network operator of website 130 IoT functions are provided to its customer group.As illustrated, the website can safeguard the use for including the Account History related to each user User data storehouse 131.

Figure 1B shows the additional connectivity option for multiple IoT centers 110 to 111,190.In this embodiment, it is single Individual user can unique user guard station 180 (for example, the family of user or job site) place's in-site installation have multiple centers 110 to 111.Can so it do, for example to extend the wireless range needed for all IoT devices 101 to 105 of connection.If as illustrated, User has multiple centers 110,111, then they can be via local communi-cation channel (for example, Wifi, Ethernet, power line network Network etc.) connection.In one embodiment, each center in center 110 to 111 can pass through cellular connection 115 or WiFi 116 (being not explicitly depicted in Figure 1B) of connection are directly connected to establish with IoT services 120.Alternatively or except this Outside, an IoT center such as IoT centers 110 in IoT centers can serve as " master " center, and it is on user resident 180 Every other IoT centers such as IoT centers 111 provide connectivity and/or local service (in connection IoT centers 110 and IoT Shown in the dotted line of the heart 111).For example, main IoT centers 110 can be established in the unique IoT being directly connected to that 120 are serviced with IoT The heart.In one embodiment, only " master " IoT centers 110 equipped with cellular communication interface to establish and IoT services 120 Connection.So, all communications between IoT services 120 and other IoT centers 111 will flow through main IoT centers 110.It is used as this Role, main IoT centers 110 can have additional program code, between other IoT centers 111 and IoT services 120 The data of exchange perform filter operation (for example, in possibility, local service is in some request of data).

Connected regardless of IoT centers 110 to 111, in one embodiment, IoT services 120 will be logically by center It is associated with user, and by the combination of the IoT devices 101 to 105 of all attachments can be via being provided with application program 135 Under the single comprehensive user interface (and/or interface based on browser) that user's set accesses.

In this embodiment, main IoT centers 110 and one or more subordinate IoT centers 111 can pass through local network Connection, the local network can be WiFi network 116, Ethernet and/or use power line communication (PLC) network (for example, wherein The electric wire running fully or partially through user of network).In addition, for IoT centers 110 to 111, IoT devices 101 to Each IoT devices in 105 can use such as WiFi, Ethernet, PLC or bluetooth LE any kind of local network channel Interconnected with IoT centers 110 to 111.

Figure 1B also show the IoT centers 190 at second user guard station 181.Such IoT of virtually limitless quantity Center 190 can be mounted and configure, to collect the data of the IoT devices 191 to 192 at user resident all over the world. In one embodiment, it can be same two user residents 180 to 181 of user configuration.A for example, user resident 180 Can be the main house of user, and another user resident 181 can be the chalet of user.In this case, IoT takes Business 120 will be logically associated with user by IoT centers 110 to 111,190, and by the IoT devices 101 to 105 of all attachments, 191 to 192 combinations can be accessed via the user's set for being provided with application program 135 single comprehensive user interface (and/ Or the interface based on browser) under.

As shown in Fig. 2 an exemplary of IoT devices 101 includes being used for store program codes and data 201 To 203 memory 210 and for configuration processor code and the low power microcontroller of processing data 200.Memory 210 It can be the volatile memory of such as dynamic random access memory (DRAM), or can be the non-of such as flash memories Volatile memory.In one embodiment, nonvolatile memory can be used for permanently storing, and volatile memory can use In operationally configuration processor code and data.In addition, memory 210 can be integrated in low power microcontroller 200, or Low power microcontroller 200 can be connected to via bus or communication structure.The general principle of the present invention is not limited to memory 210 Any specific implementation mode.

As illustrated, described program code can include definition by one group performed by IoT devices 201 specific to using journey The application code 203 of the function group of sequence and one including that can be utilized by the Application developer of IoT devices 101 The bank code 202 of the predefined structure block of group.In one embodiment, bank code 202 includes realizing one group needed for IoT devices Basic function, such as communication protocol stack for making it possible to realize the communication between each IoT devices 101 and IoT centers 110 201.As described above, in one embodiment, communication protocol stack 201 includes bluetooth LE protocol stacks.In this embodiment, it is blue Tooth LE radio devices and antenna 207 can be integrated in low power microcontroller 200.However, the general principle of the present invention It is not limited to any specific communication protocol.

Specific embodiment shown in Fig. 2 also includes being somebody's turn to do to receive user's input and provide to low power microcontroller The multiple input units or sensor 210 of user's input, the low power microcontroller is according to application code 203 and Ku Dai Code 202 handles user input.In one embodiment, each input unit in input unit includes being used to use to final Family provides the LED 209 of feedback.

In addition, illustrated embodiment includes being used for the battery 208 powered to low power microcontroller.In an embodiment In, use non-rechargeabel button cell.However, in an alternative embodiment, integrated chargeable electricity can be used Pond (for example, by the way that IoT devices are connected into AC power (not shown) to charge).

Loudspeaker 205 for producing audio is also provided.In one embodiment, low power microcontroller 299 includes For decoding compressed audio stream (for example, such as MPEG-4/ Advanced Audio Codings (AAC) flow) to produce sound on loudspeaker 205 The audio decoder logic of frequency.Alternatively, low power microcontroller 200 and/or application code/data 203 The audio fragment of digital sample can be included, to provide speech to end user when user inputs via input unit 210 and selected Language feeds back.

In one embodiment, the application-specific of its design is directed to based on IoT devices 101, can be in IoT devices Include on 101 it is one or more other/the I/O devices or sensor 250 that substitute.For example, environmental sensor can be included to survey Amount temperature, pressure, humidity etc..If IoT devices are used as into safety device, security sensor can be included and/or door lock is opened Open device.Certainly, these examples provide just for the sake of the purpose illustrated.The general principle of the present invention is not limited to any Certain types of IoT devices.In fact, the high programmability in view of the low power microcontroller 200 equipped with bank code 202 Matter, Application developer can easily develop new application code 203 and new I/O devices 250 with for several Any kind of IoT application programs connect with low power microcontroller circle.

In one embodiment, low power microcontroller 200 also includes secure key storage device, is used for storage In coded communication and/or the encryption key of generation signature.Alternatively, key can be protected in user's identification mould In block (SIM).

In one embodiment, including receiver 207 is waken up with the ultralow work(by IoT devices from hardly consumption power Waken up in rate state.In one embodiment, receiver 207 is waken up to be configured to respond to exist from configuration as shown in Figure 3 Wake-up signal that wake-up transmitter 307 on IoT centers 110 receives makes IoT devices 101 exit the low power state.Tool Say body, in one embodiment, transmitter 307 and receiver 207 form electric resonance transformer circuit together, such as it is special this Bracing wire circle.In operation, when center 110 needs to wake up IoT devices 101 from extremely low power rating, energy is believed via radio frequency Number it is sent to receiver 207 from transmitter 307.Due to this energy transmission, IoT devices 101 may be configured in low work( Power is hardly consumed during rate state, because it " need not continuously monitor " signal from center (as using permission device The situation for the procotol being waken up by network signal is such).More precisely, the microcontroller 200 of IoT devices 101 can Be configured as by using from transmitter 307 so that electrical way is sent to the energy of receiver 207 and is being effectively powered down It is waken up afterwards.

As shown in figure 3, IoT centers 110 also include memory 317, the Yi Jiyong for store program codes and data 305 In configuration processor code and such as microcontroller of the hardware logic of processing data 301.Wide area network (WAN) interface 302 and antenna 310 IoT centers 110 are connected to cellular service 115.Alternatively, as described above, IoT centers 110 can also include Local network interface (not shown), such as WiFi interfaces (and WiFi antennas) or Ethernet interface, for establishing local area network communication Channel.In one embodiment, hardware logic 301 also includes secure key storage device, logical for encrypting for storage The encryption key of letter and generation/checking signature.Alternatively, key can be protected in subscriber identification module (SIM) in.

Local communication interface 303 and antenna 311 are established to be led to the local of each IoT devices in IoT devices 101 to 105 Believe channel.As described above, in one embodiment, the antenna 311 of local communication interface 303/ implements bluetooth LE standards.However, The general principle of the present invention is not limited to use in any specific agreement established with the local communi-cation channel of IoT devices 101 to 105. Although being shown as single unit in figure 3, wan interface 302 and/or local communication interface 303 can be embedded in firmly In the identical chip of part logic 301.

In one embodiment, program code and data include communication protocol stack 308, and the protocol stack can include separating Storehouse be used to being communicated by local communication interface 303 and wan interface 302.Furthermore, it is possible to by device matcher generation Code and data 306 are stored in memory to allow IoT centers to be matched with new IoT devices.In one embodiment, it is every Individual new IoT devices 101 to 105 distribute unique code, and the unique code is sent into IoT centers 110 during pairing. For example, the unique code can be embedded in the bar code on IoT devices, and can be read by barcode reader 106, or Person can be transmitted by local communi-cation channel 130.In an alternative embodiment, the unique ID code is magnetically embedded in On IoT devices, and IoT centers have Magnetic Sensor such as Radio Frequency ID (RFID) or near-field communication (NFC) sensor, with IoT devices 101 detect the code when being moved in more than 110 inches of distance IoT centers.

In one embodiment, once communicated unique ID, the can of IoT centers 110 are come in the following manner Verify unique ID：Inquiry local data base (not shown), perform hash verify the code it is whether acceptable and/or Communicated with IoT services 120, user's set 135 and/or website 130 to verify the ID codes.In one embodiment, once Through verification, IoT centers 110 just and IoT devices 101 match and paired data is stored in memory 317 (as described above, The memory can include nonvolatile memory).Once pairing is completed, the can of IoT centers 110 is connected with IoT devices 101 To perform various IoT functions as described herein.

In one embodiment, IoT centers 110 and basic hardware/soft can be provided by running the tissue of IoT services 120 Part platform, serviced with allowing developer easily to design new IoT.Specifically, can be with addition to IoT centers 110 SDK (SDK) is provided for developer to update the program code performed in center 110 and data 305.Separately Outside, can include for IoT devices 101, SDK for basic IoT hardware (for example, the low power microcontroller 200 shown in Fig. 2 And other assemblies) design one group of extensive bank code 202 to be advantageous to design various types of application program 101. In one embodiment, SDK, which includes developer, only to be needed to specify graphic designs circle of input and output for IoT devices wherein Face.It is developer's all set all networking codes, including allow IoT devices 101 to be connected to center 110 and service 120 communication stack 201.In addition, in one embodiment, SDK is also included for promoting to be mobile device (for example, iPhone With Android devices) the bank code base of design application.

In one embodiment, IoT centers 110 manage continuous between IoT devices 101 to 105 and IoT services 120 Bidirectional traffic.In the case where needing real-time update to IoT devices 101 to 105/ from the renewal of these IoT devices (for example, In the case that user needs to check the current state of safety device or environmental readings), the TCP sets that IoT centers can stay open Word is connect to provide regularly updating to user's set 135 and/or external website 130.For providing the specific networking protocol of renewal It can be adjusted according to the demand of bottom layer application program.For example, in some cases, if continuous bidirectional flow may not anticipate Justice, then information can be collected when needed using simple request/response protocol.

In one embodiment, IoT centers 110 and IoT devices 101 to 105 can be upgraded automatically by network.Tool Say, when IoT centers 110 have new renewal can use, it can automatically download from IoT services 120 and install this renewal body. It can run first by the Code copying of renewal into local storage and verify this renewal, then replace older program Code.Similarly, when each in IoT devices 101 to 105 has renewal available, can initially be downloaded by IoT centers 110 These each devices for updating and pushing it in IoT devices 101 to 105.Then, each IoT devices 101 to 105 can be with It is used for using similar to above-mentioned by the way of IoT centers using renewal, and the result of renewal is reported back into IoT centers 110.If more New success, then IoT centers 110 can delete this renewal from its memory, and record newest on each IoT devices Code release (such as so that it can continue checking for whether each IoT devices have new renewal).

In one embodiment, IoT centers 110 are powered by AC power.Specifically, IoT centers 110 can wrap The power supply unit 390 with transformer is included, wherein transformer is used to be converted to the alternating voltage provided by AC power cord Relatively low DC voltage.

Fig. 4 A show that the present invention performs an embodiment of Universal Remote control operation using IoT systems.Specifically Say, in this embodiment, one group of IoT devices 101-103 is respectively equipped with infrared (IR) and/or radio frequency (RF) transmitter 401- 403, for sending remote-control code to control various types of electronic equipment, including air-conditioning/heater 430, illumination System 431 and audio-visual equipment 432 (naming just a few).In the embodiment shown in Fig. 4 A, IoT devices 101-103 also matches somebody with somebody respectively Sensor 404-406 is had, for detecting the operation of the device of their controls, as described below.

For example, the sensor 404 in IoT devices 101 can be temperature for sensing Current Temperatures/humidity and/or wet Sensor is spent, and air-conditioning/heater 430 is responsively controlled based on current desired temperature.In this embodiment, it is empty It (is typically itself to have the temperature sensor that is embedded that tune/heater 430, which is designed to via remote control, Remote control) come air-conditioning/heater for controlling.In one embodiment, user is via the application on user's set 135 Program and browser provide required temperature to IoT centers 110.The control logic 412 performed on IoT centers 110, which receives, to be come From Current Temperatures/humidity data of sensor 404, and responsively send and order to IoT devices 101, with according to required temperature Degree/humidity controls IR/RF transmitters 401.For example, if temperature is less than required temperature, control logic 412 can be via IR/RF transmitters 401 send order to raise temperature (for example, being heated by closing air-conditioning or opening to air-conditioning/heater Device).The order can include the necessary remote-control code being stored in the database 413 on IoT centers 110.As in addition A kind of additionally or alternatively IoT services 421 can implement control logic 421, based on specified user preference and to be stored Control routine 422 carry out control electronics 430-432.

IoT devices 102 in example shown are used for control illumination 431.Specifically, the sensor in IoT devices 102 405 can be photoelectric sensor or photoelectric detector, and it is configured as detection caused by light fixture 431 (or other lighting apparatus) The present intensity of light.User can via user's set 135 to IoT centers 110 specify required illumination level (including on or off Instruction).As response, control logic 412 will send order to control the present intensity water of lamp 431 to IR/RF transmitters 402 It is flat (for example, increasing illumination if present intensity is too low, or illumination to be reduced if present intensity is too high；Or simply beat Turn on light or close lamp).

IoT devices 103 in example shown be configured as control audio-visual equipment 432 (for example, television set, A/V receivers, Wired/satellite receiver, AppleTV^TMEtc.).Sensor 406 in IoT devices 103 can be used to detect current environment sound Measure horizontal audio sensor (for example, microphone and associated logic) and/or electricity is detected based on light caused by television set Depending on the photoelectric sensor (for example, by measuring the light in special spectrum) of the open and close situation of machine.Alternatively, Sensor 406 may include the temperature sensor for being connected to audio-visual equipment, to detect audio frequency apparatus based on the temperature detected Open and close situation.Again, in response to user's input via user's set 135, control logic 412 can be via IoT devices 103 IR transmitters 403 send to audio-visual equipment and ordered.

It should be noted that it the above is only the exemplary example of one embodiment of the invention.The present invention's is substantially former Reason is not limited to any certain types of sensor or the equipment controlled by IoT devices.

It is couple in IoT devices 101-103 via bluetooth LE connections in the embodiment at IoT centers 110, sensor number Sent according to order by bluetooth LE channels.However, the general principle of the present invention is not limited to bluetooth LE or any other communication mark It is accurate.

In one embodiment, the control routine needed for each electronic equipment is controlled to be stored on IoT centers 110 In database 422 in database 413 and/or in IoT services 120.As shown in Figure 4 B, control routine can take from for IoT The primary database of the control routine 422 for the distinct device safeguarded in business 120 is provided to IoT centers 110.End user can be with Specify the class of electronics (or other) equipment that will be by the application program that is performed on user's set 135 and browser to control Type, and as response, the supercentral remote-control code study modules 491 of IoT can be retrieved in IoT services 120 The required IR/Rf codes (for example, each electronic equipment is identified with unique ID) of remote-control code database 492.

In addition, in one embodiment, IoT centers 110 are equipped with IR/RF interfaces 490, to allow remote-control code Study module 491 is directly from the new remote-control code of the original remote controllers 495 " study " provided together with electronic equipment. If for example, the control generation of the original remote controllers for being provided together with air-conditioning 430 is not included in remote control data storehouse Code, then user can interact via application program/browser on user's set 135 with IoT centers 110, to instruct IoT The various control routines (for example, increase temperature, reduction temperature etc.) as caused by original remote controllers of center 110.Once know Remote-control code, they are stored in the control routine database 413 on IoT centers 110, and/or are sent out IoT services 120 are sent back to, to be included in central-remote control routine database 492 (and then by with identical air-conditioning The other users use of unit 430).

In one embodiment, each IoT devices 101-103 has very small profile, and can use two-sided Adhesive tape, small nail, magnetic attachment etc. are attached on or near their own electronic equipment 430-432.In order to control certain part to set Standby (such as air-conditioning 430), need to place IoT devices 101 enough to far enable sensor 404 to accurately measure in family (if for example, IoT devices are directly placed on air-conditioning, when operation of air conditioner, measured temperature can be too low, and works as environment temperature Measured temperature can be too high when heater is run).By contrast, the IoT devices 102 for controlling illumination can be placed on sensing On the ligthing paraphernalia 431 of device 405 or near it, to detect current illumination level.

In addition to the overall control function is provided, an embodiment of IoT centers 110 and/or IoT services 120 The notice related to the current state of each electronic equipment is sent to end user.The notice can be text message and/or spy Due to the notice of application program, it can be then displayed on the display of mobile device 135 of user.If for example, with The air-conditioning at family has had already turned on one section of long period but temperature does not change, then IoT centers 110 and/or IoT services 120 can send the notice of the non-normal work of air-conditioning to user.If user stays out, (this can be examined by motion sensor Survey, or detected based on currently detected customer location), and sensor 406 indicates that audio-visual equipment 430 is opened or sensed The indicator lamp of device 405 is opened, then can send and notify to user, asks the user whether to want to close audio-visual equipment 432 and/or lamp 431. The notice of same type can be sent for any device type.

Once user receives notice, his/her can is by the application program on user's set 135 or browser come remote Journey ground control electronics 430-432.In one embodiment, user's set 135 is touch panel device, and application program The remote controllers image with the optional button of user for control device 430-432 is shown with browser.User receives After notice, graphic remote controller can be opened, closes or adjust a variety of equipment.If connected by IoT services 120 Connect, then the selection of user can service 120 from IoT and be forwarded to IoT centers 110, then will be set by control logic 412 to control It is standby.Alternatively, user's input can be sent directly to IoT centers 110 from user's set 135.

In one embodiment, user can be programmed to the control logic 412 on IoT centers 110, with to electronics Equipment 430-432 performs various automatic control functions.Except keeping required temperature, luminance level and audio volume level as described above Outside, if detecting some conditions, control logic 412 can close electronic equipment automatically.If for example, control logic 412 detect that user stays out and air-conditioning does not work, then can close air-conditioning automatically.Similarly, if user stays out, and And sensor 406 indicates that audio-visual equipment 430 is opened or the indicator lamp of sensor 405 is opened, then control logic 412 can be via IR/RF transmitters 403 and 402 are automatic respectively to send order, to close audio-visual equipment and lamp.

Fig. 5 shows the IoT devices 104-105 equipped with the sensor 503-504 for monitoring electronic equipment 530-531 Other embodiments.Specifically, the IoT devices 104 of the present embodiment include temperature sensor 503, and it can be placed On cooking stove 530 or near cooking stove, to detect when cooking stove remains on.In one embodiment, IoT devices 104 will be by The Current Temperatures that temperature sensor 503 measures are sent to IoT centers 110 and/or IoT services 120.If detect that cooking stove is opened More than threshold time period (for example, based on measured temperature), then control logic 512 can be sent out to the device 135 of end user Notice is sent, informs that user's stove 530 is in opening.In addition, in one embodiment, IoT devices 104 can include control Module 501, to close cooking stove from the instruction of user or automatically (if control logic 512 is by user in response to receiving It is programmed for so doing) close cooking stove.In one embodiment, control logic 501 includes the electric power or supply of cut-out cooking stove 530 Switch.However, in other embodiments, control logic 501 can be incorporated in cooking stove.

Fig. 5 also show the IoT devices 105 with motion sensor 504, for detecting certain form of electronic equipment The motion of (such as, washing machine and/or dryer).Available another sensor is the sound for detecting ambient volume level Video sensor (for example, microphone and logic).As other above-mentioned embodiments, if meeting some conditions specified If (for example, detect that motion has been carried out one section of long period, instruction washing/drying machine is not turned off), then the embodiment It can send and notify to end user.Although not shown in FIG. 5, IoT devices 105 may be fitted with control module, with certainly Dynamic ground and/or close washing/drying machine 531 (for example, by turning off electricity/gas) in response to user's input.

In one embodiment, there is the first IoT devices of control logic and switch can be configured as closing user All electric power in family, and the 2nd IoT devices with control logic and switch can be configured as the institute closed in user family There is supply.Then the IoT devices with sensor can be arranged on power supply unit or air feed equipment in user family or Near.If user is notified and specific equipment (for example, cooking stove 530) be present and be not turned off, user can then send shut-off The order of all electric power or supply in family, to prevent major structure into damage.Alternatively, IoT centers 110 and/or IoT clothes Control logic 512 in business 120 can be configured as automatically shutting down electric power or supply in this case.

In one embodiment, IoT centers 110 and IoT services 120 are communicated with periodic interval.If IoT Service 120 detects has lost (for example, failing to connect from IoT centers within the specified duration with the connection at IoT centers 110 Receive request or response), then it sends that information to the equipment 135 of end user (such as by sending text message or spy Due to the notice of application program).

For transmitting the apparatus and method of data by middle device

As described above, because being typically short-range technologies for the wireless technology (such as bluetooth LE) for interconnecting IoT devices, If be in for the center for implementing IoT outside the scope of IoT devices, IoT devices will be unable to transfer data to IoT centers (vice versa).

In order to overcome this defect, one embodiment of the invention provides a kind of mechanism for IoT devices, at it Outside the wireless range at IoT centers, so as to when one or more mobile devices are in the range of periodically with it is one Or multiple mobile device connections.Once establishing connection, IoT devices can passes any data for being provided to IoT centers Defeated to arrive mobile device, then mobile device forwards the data to IoT centers.

As shown in fig. 6, embodiment include IoT centers 110, beyond IoT centers 110 scope IoT devices 601, and mobile device 611.Off-limits IoT devices 601 can include collecting and transmitting any type of of data IoT devices.For example, IoT devices 601 can include transacter of the configuration in refrigerator, to monitor edible in refrigerator Food, eat these food user and Current Temperatures.Certainly, general principle of the invention is not limited to any particular type IoT devices.The techniques described herein can be implemented using any kind of IoT devices, including those are used to collect and pass The device of the defeated data for following household electrical appliances：Intelligence instrument, cooking stove, washing machine, dryer, illuminator, HVAC system and regard Listen equipment (naming just a few).

In addition, the IoT devices 611 shown in mobile device in operation, Fig. 6 can transmit data and storage number According to any type of mobile device.For example, in one embodiment, mobile device 611 is to be provided with application program thereon Smart mobile phone, to be advantageous to the techniques described herein.In another embodiment, mobile device 611 includes wearable set Communicated tokens, intelligent watch or body-building device standby, be such as attached on necklace or bracelet.Wearable token for old user or The other users for not possessing smart-phone device may be particularly useful.

In operation, off-limits IoT devices 601 can be checked occurs either periodically or continuously and mobile device 611 It is connective.When setting up connection (for example, the result moved about as user in refrigerator), collected by IoT devices 601 Any data 605 are automatically sent to the ephemeral data repository 615 in mobile device 611.In one embodiment, IoT Device 601 and mobile device 611 establish local wireless communication channel using low-power wireless standard (such as BTLE).So In the case of, initially known matching technology can be used to match mobile device 611 and IoT devices 601.

Once having transferred data to ephemeral data repository, mobile device 611 will just be set up with IoT centers 110 (for example, when user walks about in the range of IoT centers 110) transmits data during communication.Then IoT centers can deposit data Storage in central data repository 413, and/or by internet transmit data to one or more services and/or its His user's set.In one embodiment, mobile device 611 can be provided data using different types of communication channel Give IoT centers 110 (being probably the communication channel of more power, such as WiFi).

Off-limits IoT devices 601, mobile device 611 and IoT centers can with program code and/or logic come Configuration, to implement the techniques described herein.As shown in fig. 7, for example, IoT devices 601 can be configured with middle connection logic And/or application program, mobile device 611 can be configured with middle connection logic/application program, and IoT centers 110 can be with Middle connection logic/application program 721 is configured with, to perform operations described herein.Connection is patrolled among on each device Volume/application program can realize with hardware, software or its any combinations.In one embodiment, in IoT devices 601 Between connection logic/application program 701 search for and establish with mobile device among be connected logic/application program 711 (it can be with Be implemented as device application program) connection, to transfer data to ephemeral data repository 615.In in mobile device 611 Between connect logic/application program 701 then forward the data to IoT it is supercentral among connection logic/application program, the latter will Data storage is in central data repository 413.

As shown in fig. 7, middle connection logic/application program 701,711,721 on each device can be based on currently should Configured with program.For example, for refrigerator, connection logic/application program 701 may only need periodically to send several Packet.For other applications (for example, temperature sensor), connection logic/application program 701 may need to transmit more frequency Numerous renewal.

In one embodiment, IoT devices 601 (and nonmobile device 611) can be configured as establishing and be located at IoT The wireless connection of IoT devices among one or more in the range of center 110.In this embodiment, IoT center ranges it Outer any IoT devices 601 can form " chain " by using other IoT devices and be linked to the center.

In addition, although for simplicity, Fig. 6 to Fig. 7 illustrate only single mobile device 611, but in an implementation In scheme, multiple such mobile devices of different user can be configured as being communicated with IoT devices 601.It is furthermore, it is possible to right Other multiple IoT devices implement identical technology, so as to form middle device data gathering system in whole family.

In addition, in one embodiment, the techniques described herein can be used for collecting various types of dependency number According to.For example, in one embodiment, when mobile device 611 is connected with IoT devices 601, collected data 605 are just It may include the identity of user.So, IoT systems can be used to track the behavior of different user in family.If for example, The system is used in refrigerator, then collected data 605 may include the identity of each user by refrigerator, open the every of refrigerator The identity of individual user, and the specific food that each user eats.Different type can be collected from other kinds of IoT devices Data.By using the data, system can determine that such as which user has washed clothes, which user sees on the given date TV, each user are fallen asleep and time for waking up etc..All these data from crowd then can be at IoT centers Data storage bank 413 in compiled and/or be forwarded to external service or user.

Another advantageous application program of the techniques described herein is for monitoring the old user that may be wanted help.For The application program, mobile device 611 can be the very small tokens worn by old user, not had sexual intercourse with collecting in user family Between in information.For example, whenever user open refrigerator when, the data by with collected data 605 can together with included, and And it is transferred to IoT centers 110 via token.Then, IoT centers can serve data to one or more external user (examples Such as, the children or other people of old user are looked after).If (such as 12 hours) are not collected into number within the specified period According to, then this means old user does not move and/or be not turned at home refrigerator.Then, IoT centers 110 or connection External service to IoT centers can send alert notification to these other people, notify them to check old user's Situation.In addition, collected data 605 can include other relevant informations, food that such as user is eating and whether Need whether a grocery store, old user are seeing that TV and old user see that the frequency of TV, the elderly user are washed Frequency of clothes etc..

In another specific implementation, if the electronic equipment such as washing machine, refrigerator, HVAC system has problem, received The data of collection can include the instruction for the part changed to needs.Notified in this case, it is possible to can be sent to technical staff, Request solves the problems, such as.Technical staff then with required replacing part go to this family other.

Method according to one embodiment of the invention is shown in Fig. 8.This method can be real in the environment of above-mentioned framework Apply, but be not limited to any specific framework.

At 801, data are periodically collected at the IoT devices of the scope beyond IoT centers (for example, opening refrigerator Door, edible food etc.).At 802, IoT devices are periodically or continuously checked with the connectedness of mobile device (for example, making Connection, such as connection specified by BTLE standards are established with standard local wireless technology).If establish and mobile device Connection, then determine the connection, then by collected data transfer to mobile device at 803 at 802.It is mobile at 804 Device transfers data to IoT centers, external service and/or user.If as described above, mobile device connected (for example, Via WiFi links), then data can be transmitted immediately.

In addition to collecting the data from IoT devices, in one embodiment, the techniques described herein can be used for Renewal otherwise provides data to IoT devices.One example is shown in Fig. 9 A, and it illustrates be arranged on needs The IoT centers 110 of program code renewal 901 on IoT devices 601 (or IoT devices as one group).Program code renewal can To need to carry out operating any other required data by user including system update, patch, configuration data and IoT devices. In one embodiment, user can be the specified configuration option of IoT devices 601 via mobile device or computer, then will These config options are stored on IoT centers 110, and are supplied to IoT devices using the techniques described herein.Specifically, exist In one embodiment, middle connection logic/application program 721 on IoT centers 110 connects with the centre in mobile device 611 Connect logic/application program 711 to be communicated, program code renewal is stored in temporary storage 615.Work as mobile device During the scope of 611 entrance IoT devices 601, middle connection logic/application program 711 and IoT devices 601 in mobile device 611 On among connection logic/application program 701 be connected, by program code renewal be supplied to device.In an embodiment In, then IoT devices 601 can enter automatically updates process, to install new program code renewal and/or data.

The method of renewal IoT devices is shown in Fig. 9 B.This method can be implemented in the environment of said system framework, but unlimited In any specific system architecture.

At 900, provided on IoT centers and/or external service (for example, being connected to mobile device by internet) new Program code or data renewal.At 901, mobile device represents IoT devices and receives simultaneously store program codes or data renewal. At 902, IoT devices and/or mobile device are periodically checked, to determine whether to have built up connection.If 903 Place's determination establishes connection, then at 904, renewal is transferred into IoT devices and installed.

The embodiment for improving security

In one embodiment, the low power microcontroller 200 of each IoT devices 101 and the low work(at IoT centers 110 Rate logic/microcontroller 301 includes secure key storage, for storing the encryption key used by following embodiments (see, e.g. Figure 10 to Figure 15 and related text).Alternatively, key can be protected in use as described below In family identification module (SIM).

Figure 10 shows a kind of high level architecture, is handed over using Public Key Infrastructure (PKI) technology and/or symmetric key Change/encryption technology encrypts IoT services 120, the communication between IoT centers 110 and IoT devices 101-102.

Now the embodiment by description first using public keys/private cipher key pair, then description are handed over using symmetric key Change/the embodiment of encryption technology.Specifically, in the embodiment using PKI, unique public keys/private cipher key It is pair 120 associated with each IoT devices 101-102, each IoT centers 110 and IoT service.In one embodiment, when building When standing new IoT centers 110, its public keys is provided to IoT services 120, and when establishing new IoT devices 101, its Public keys is provided to IoT centers 110 and IoT services 120.It is described below public for safely exchanging between the devices The various technologies of key.In one embodiment, all public keys master key as known to all reception devices is signed (that is, a kind of form of certificate) so that any reception device can verify the validity of public keys by verifying signature. Therefore, these certificates will be exchanged, rather than just exchange original common secret key.

As illustrated, in one embodiment, each IoT devices 101,102 include secure key storage respectively 1001st, 1003, for storing the private cipher key of each equipment safely.Then security logic 1002,1304 is stored using safety Private cipher key perform encryption/decryption described herein.Similarly, IoT centers 110 include safe storage 1011, For storage IoT center private cipher keys and the public keys of IoT devices 101-102 and IoT service 120；And security logic 1012, for performing encryption/decryption using key.Finally, IoT service 120 can include safety storage 1021, with Its own private cipher key, various IoT devices and the public keys at IoT centers are stored in safety；With security logic 1013, with In the communication using key encryption/decryption and IoT centers and equipment.In one embodiment, when IoT centers 110 receive During public-key certificate from IoT devices, IoT centers can verify the certificate (for example, by using master key as described above Checking signature), public keys is then extracts from, and public keys is stored in its secure key storage 1011.

For example, in one embodiment, when IoT services 120 need to transmit order or data to IoT devices 101 When (for example, solution lock a door order, read the request of sensor, IoT devices it is pending/data of display etc.), security logic 1013 the data-/ command are encrypted using the public keys of IoT devices 101 to generate the IoT device packets of encryption. In one embodiment, then IoT device packets are encrypted using the public keys at IoT centers 110 for the security logic To generate IoT centre data bags, and IoT centre data bags are transferred to IoT centers 110.In one embodiment, service 120 sign the encryption message with above-mentioned private cipher key or master key so that whether device 101 can verify it just from credible next Source receives the message do not changed.Then device 101 can be tested using the public keys corresponding to private cipher key and/or master key Demonstrate,prove the signature.As described above, symmetric key exchange/encryption technology can be used to replace public private key to encrypt.In these realities Apply in scheme, the copy of identical symmetric key can be provided for each device for signature is encrypted and verified, and Be not secret store key and to other devices provide corresponding to public keys.One example of symmetric key algorithm is high Level encryption standard (AES), but the general principle of the present invention is not limited to any certain types of symmetric key.

Using symmetric key implementation, each device 101 enters security key exchange agreement to be handed over IoT centers 110 Change symmetric key.The preset agreement of safe key (such as dynamic symmetry Key predistribution agreement (DSKPP)) can be used for logical by safety Believe channel switch secret key (for example, seeing that opinion solicits original text (RFC) 6063).However, the general principle of the present invention is not limited to any spy Determine Key predistribution agreement.

Once symmetric key is exchanged, they can be used for adding communication by each device 101 and IoT centers 110 It is close.Similarly, IoT centers 110 and IoT services 120 can perform safe symmetric key and exchange, then symmetrical close using what is exchanged Communication is encrypted key.In one embodiment, between device 101 and center 110 and center 110 and IoT service New symmetric key is periodically exchanged between 120.In one embodiment, new symmetric key is with device 101, center 110 and service 120 between each new communication session and exchange (for example, for each communication session generate and safely exchange New key).In one embodiment, if the security module 1012 in IoT centers is believable, service 120 can be with With the consulting session key of Central Security module 1312, then security module 1012 will be with each consulting session key of device 120.So Afterwards before being re-encrypted for transmission to device 101, the message from service 120 will be solved in Central Security module 1012 Close and checking.

In one embodiment, can be when mounted in device in order to prevent divulging a secret in Central Security module 1012 Consult disposable (permanent) installation key between 101 and service 120.When sending message to device 101, service 120 can be first / MAC first is encrypted with the device installation key, then using the session key/MAC at the center.Then center 110 will be tested Demonstrate,prove and extract encrypted device litura and send it to device.

In one embodiment of the invention, Replay Attack is prevented using counter mechanism.For example, can be from dress Put 101 Counter Values continued to increase to each continuous communiction distribution of center 110 (or vice versa as the same).Center 110 and device Whether 101 will all track the value and verify correct in each continuous communiction of the value between the devices.At center 110 and service Identical technology can be realized between 120.It will be made it more difficult to using counter by this way to cheat between each device Communication (because Counter Value will be incorrect).But even if the not no counter mechanism, it is shared between service and device Installation key also will prevent the network (center) to all devices from widely attacking.

In one embodiment, when being encrypted using public private key, IoT centers 110 use its private cipher key pair IoT centre data bags are decrypted and generate the IoT device packets of encryption, are then transmitted to associated IoT dresses Put 101.Then IoT devices 101 are decrypted using its private cipher key pair IoT device packets is derived from IoT services 120 to generate Command/data.Then it can handle the data and/or perform the order.Using symmetric cryptography, each device will use altogether The symmetric key enjoyed is encrypted and decrypted.In either case, each transmitting device can also use its private cipher key label Affix one's name to message so that reception device can verify its authenticity.

Different groups of key can be used to being carried out from IoT devices 101 to the communication at IoT centers 110 and IoT services 120 Encryption.For example, in one embodiment, using public private cipher key arrangement, the security logic 1002 on IoT devices 101 makes The packet for being sent to IoT centers 110 is encrypted with the public keys at IoT centers 110.Then the peace on IoT centers 110 Full logic 1012 can use the private cipher key pair packet at IoT centers to be decrypted.Similarly, the safety on IoT devices 101 Security logic 1012 in logic 1002 and/or IoT centers 110 can use the public keys of IoT services 120 to being sent to IoT service 120 packet be encrypted (and then its can by IoT service 120 on security logic 1013 using service it is privately owned Key is decrypted).Using symmetric key, device 101 and center 110 can share symmetric key, and center and service 120 can With shared different symmetric key.

Although set forth some details in the above description above, it should be noted that the general principle of the present invention can To be realized using a variety of encryption technologies.For example, although some above-mentioned embodiments are close using asymmetric public private Key pair, but alternative embodiment can be used between various IoT devices 101-102, IoT centers 110 and IoT services 120 The symmetric key of secure exchange.In addition, in some embodiments, data-/ command is not encrypted in itself, but existed using key Signature is generated on the data-/ command (or other data structures).Then reciever can check signature using its key.

As shown in figure 11, in one embodiment, it is each to realize using programmable user identification module (SIM) 1101 Secure key storage on IoT devices 101.In this embodiment, can initially be connect by the SIM being placed on IoT devices 101 IoT devices 101 are supplied to end user by the unprogrammed SIM card 1101 in mouth 1100.In order to be added with one group of one or more Key is programmed to SIM, and programmable SIM card 1101 is taken out and inserts it into IoT centers by user from SIM interface 500 In SIM DLLs 1102 on 110.Then the supercentral programmed logics 1125 of IoT are safely programmed to SIM card 1101 So that IoT devices 101 and IoT centers 110 and IoT services 120 register/match.In one embodiment, can be by compiling Journey logic 1125 is randomly generated public private key pair, and then the public keys of the cipher key pair can be stored in IoT In the safe storage device 411 of the heart, and the private cipher key of the cipher key pair is stored in programmable SIM 1101.In addition, compile The public keys at IoT centers 110, IoT services 120 and/or any other IoT device 101 can be stored in by journey logic 525 (treat by the security logic 1302 on IoT devices 101 to be used for that outgoi8ng data is encrypted) in SIM card 1401.Once SIM 1101 are programmed, new using SIM as secure identifier (for example, using the prior art being used for using SIM register devices) IoT devices 101 can preset IoT services 120.After preset, IoT centers 110 and IoT services 120 will be deposited safely Store up the copy of the public keys for the IoT devices to be used when pair communication with IoT devices 101 is encrypted.

Above in association with the technology described in Figure 11 huge flexibility is provided to provide new IoT devices to end user. SIM card can be transferred safely to IoT clothes by end user by the result of the Direct Programming of IoT centers 110 and programming Business 120, specific service provider is directly registered with (as currently done without user in sale/purchase by each SIM As).Therefore, new IoT devices 101 can be sold to end user by online or local retailers, and then be pacified IoT services 120 are preset entirely.

Although registration and encryption technology are described in the specific context of SIM (subscriber identification module) above, this The general principle of invention is not limited to " SIM " device.On the contrary, any kind of peace for being used to store a group encryption keys can be used Full storage device realizes the general principle of the present invention.Moreover, although the embodiment above includes removable SIM devices, but It is that in one embodiment, SIM devices are non-removable, but IoT devices are inserted into the programming at IoT centers 110 in itself In interface 1102.

In one embodiment, SIM is pre-programmed into IoT devices 101 being distributed to before end user, rather than It is required that user is programmed to SIM (or other devices).In this embodiment, can be with when user sets IoT devices 101 Adding between IoT centers 110/IoT services 120 and new IoT devices 101 is safely exchanged using various techniques described herein Key.

For example, as illustrated in fig. 12, each IoT devices 101 or SIM 401 can with unique identification IoT devices 101 and/or SIM 1001 bar code or QR codes 1501 is packaged together.In one embodiment, bar code or QR codes 1201 include using In the coded representation of IoT devices 101 or SIM 1001 public keys.Alternatively, bar code or QR codes 1201 Public keys can be used for identifying or generating by IoT centers 110 and/or IoT services 120 (for example, being stored in peace as pointing to Public keys in full storage device).Bar code or QR codes 601 can print on single card (as illustrated in fig. 12) or can It is directly printed on IoT device sheets.No matter bar code printing wherein, in one embodiment, IoT centers 110 are equipped with There is barcode reader 206, for reading bar code and result data being supplied into the security logic on IoT centers 110 Security logic 1013 in 1012 and/or IoT services 120.Then the security logic 1012 on IoT centers 110 can fill IoT The public keys put is stored in its secure key storage device 1011, and the security logic 1013 in IoT services 120 can be with Public keys is stored in its safe storage device 1021 (for subsequent coded communication).

In one embodiment, the data included in bar code or QR codes 1201 can also be by being provided with IoT clothes The user's set 135 of the IoT application programs of provider's design of being engaged in or small routine based on browser (for example, such as iPhone or Android devices) catch.Once being captured, bar code data can be by secure connection (for example, such as safe socket character Layer (SSL) connection) it is transferred safely to IoT services 120.Bar code data can also by the locality connection of safety (for example, By local WiFi or bluetooth LE connections) from client terminal device 135 it is supplied to IoT centers 110.

The security logic 1012 on security logic 1002 and IoT centers 110 on IoT devices 101 can use hardware, soft Part, firmware or its any combinations are realized.For example, in one embodiment, security logic 1002,1012, which is implemented in, to be used for Established between IoT devices 101 and IoT centers 110 in the chip of local communi-cation channel 130 (for example, bluetooth LE chips, if Local channel 130 is bluetooth LE).Particular location regardless of security logic 1002,1012, in one embodiment, peace Full logic 1002,1012 is designed to establish the secure execution environments for being used for performing certain form of program code.For example, this can With by using TrustZone technologies (on some arm processors can with) and/or credible execution technology (being designed by Intel) To realize.Certainly, general principle of the invention is not limited to any certain types of safe execution technology.

In one embodiment, bar code or QR codes 1501 can be used for matching somebody with somebody at each IoT devices 101 and IoT centers 110 It is right.For example, the pair code that can be will be embedded in bar code or QR codes 1501 is supplied to IoT centers 110, by IoT centers Matched with corresponding IoT devices, rather than use the standard radio pairing process for being currently used in pairing bluetooth LE devices.

The barcode reader 206 that Figure 12 B are shown in which on IoT centers 110 catches associated with IoT devices 101 One embodiment of bar code/QR codes 1201.As described above, bar code/QR codes 1201 can be directly printed on IoT devices On 101, or it can be printed on the single card for being provided with IoT devices 101.In either case, barcode reader 206 read pair code from bar code/QR codes 1201, and pair code is supplied into Local Communication Module 1280.At one In embodiment, Local Communication Module 1280 is bluetooth LE chips and associated software, but the general principle of the present invention is not It is limited to any specific consensus standard.Once receiving pair code, then the safety for including paired data 1285 is stored it in In storage device, and IoT devices 101 and IoT centers 110 are by automatic matching.Whenever IoT centers by this way with it is new When IoT devices match, the paired data for the pairing is stored in safe storage device 685.In an embodiment In, once the Local Communication Module 1280 at IoT centers 110 receives pair code, then it can use the code as key Communication on the local wireless channel of IoT devices 101 is encrypted.

Similarly, paired data is stored in instruction and IoT centers in the aspect of IoT devices 101, Local Communication Module 1590 In the local secure storage device 1595 of pairing.Paired data 1295 can be included in bar code/QR codes 1201 identify it is pre- The pair code of programming.Paired data 1295 can also include establish needed for secure local communication channel from IoT centers 110 Local Communication Module 1280 receive paired data (for example, for pair communication with IoT centers 110 be encrypted add Key).

Because pair code is not by being wirelessly transferred, therefore bar code/QR codes 1201 can be used for than current wireless pairing The safer mode of agreement performs local pairing.In addition, in one embodiment, the identical bar for matching can be used Shape code/QR codes 1201 come identify encryption key with establish from IoT devices 101 to IoT centers 110 and from IoT centers 110 to The secure connection of IoT services 120.

Figure 13 shows the method for programming SIM card according to one embodiment of the invention.This method can be upper Implement in the system architecture stated, but be not limited to any particular system framework.

At 1301, user receives the new IoT devices with blank SIM card, and at 1602, user is by blank SIM Card is inserted into IoT centers.At 1303, user is programmed with one group of one or more encryption key to blank SIM card.Example Such as, as described above, in one embodiment, IoT centers can generate public private key pair at random, and will be privately owned close Key is stored on the sim card, and public keys is stored in its local secure storage device.In addition, at 1304, it is at least public Key is transferred to IoT services so that it can be used for identifying IoT devices and establishes the coded communication with IoT devices.As above It is described, in one embodiment, it can be used the programmable device in addition to " SIM " blocks to hold in the method shown in Figure 13 Row and SIM card identical function.

Figure 14 shows the method for being integrated into new IoT devices in network.This method can be in above-mentioned system tray Implement in structure, but be not limited to any particular system framework.

At 1401, user receives the new IoT devices for having pre-allocated encryption key.At 1402, key is by safety Ground is supplied to IoT centers.As described above, in one embodiment, this be related to read the bar code associated with IoT devices with The public keys of the public private key pair of the device is distributed in identification.Bar code can be directly read by IoT centers, also may be used To be caught by mobile device by application program or browser.In alternative embodiment, can in IoT devices and Secure communication channel such as bluetooth LE channels, near-field communication (NFC) channel or safe WiFi channels are established between IoT centers to hand over Change key.No matter how key transmits, once being received, then stores it in the secure keystore of IoT center fixtures In.As described above, can store and protect key using various safe execution technologies on IoT centers, such as safety zone, Credible execution technology (TXT) and/or Trustzone.In addition, at 803, key is safely transferred to IoT services, the IoT Service is by key storage in the secure keystore of their own.Then it can use the communication of the key pair and IoT devices to enter Row encryption.Again, can be exchanged using the key of certificate/signature to realize.In center 110, modification/addition/removal is prevented The key stored is especially important.

Figure 15 shows the method for command/data to be safely transmitted to IoT devices using public private key. This method can be implemented in above-mentioned system architecture, but be not limited to any particular system framework.

At 1501, IoT services data-/ command are encrypted using IoT devices public keys to create IoT device numbers According to bag.Then the IoT device packets are encrypted using the public keys at IoT centers to create IoT centre data bag (examples Such as, IoT centers packaging is created around IoT device packets).At 1502, IoT centre data bags are transferred to by IoT services IoT centers.At 1503, IoT centers are decrypted to generate IoT using the private cipher key pair IoT centre data bags at IoT centers Device packet.Then at 1504, IoT device packets are transferred to IoT devices by it, private using IoT devices at 1505 There is key that IoT device packets are decrypted to generate data-/ command.At 1506, IoT devices processing data/order.

, can be between each device (for example, each between device and center in the embodiment using symmetric key And between center and service) consult symmetric key exchange.Once completing key to exchange, each transmitting device is by data transfer Transmission every time is encrypted and/or signed using symmetric key before to reception device.

For establishing the apparatus and method of secure communication channel in Internet of Things (IoT) system

In one embodiment of the invention, regardless of the middle device for supporting communication channel (for example, such as The mobile device 611 of user and/or IoT centers 110), it will be serviced in IoT and perform number between 120 and each IoT devices 101 According to encryption and decryption.Figure 16 A show the embodiment to be communicated by IoT centers 110, and Figure 16 B are shown Another embodiment at IoT centers is not needed.

Figure 16 A are tuning firstly to, IoT services 120 include the crypto engine 1660 of one group of " service conversation key " 1650 of management, And each IoT devices 101 include management and are used to the communication between IoT devices 101 and IoT services 120 is encrypted/decrypted One group of " device session key " 1651 crypto engine 1661.When performing secure/encrypted technology as described herein, encryption is drawn Hold up and may rely on different hardware modules, it is close that the hardware module includes being used for generation session public private (among other) Key pair and prevent the hardware security module 1630-1631, Yi Jiyong to be conducted interviews to the private conversation key of the cipher key pair In the key stream generation module 1640-1641 using the password generation key stream drawn.In one embodiment, service conversation Key 1650 includes related public private key pair to device session key 1651.For example, in one embodiment, IoT Device session key 1651 on device 101 includes the public keys of IoT services 120 and the private cipher key of IoT devices 101.Such as It is discussed in detail below, in one embodiment, in order to establish secure communication session, each crypto engine 1660 and 1661 points Identical password is not generated to 1650 and 1651 using public private session key, then the password is by SKGM 1640- 1641 are used for generating key stream so that the communication between IoT 120 and IoT of service devices 101 is encrypted and decrypted.It is provided below According to generation of the one embodiment of the invention with password and use associated additional detail.

In Figure 16 A, once generating password using key 1650-1651, then client will always pass through IoT services 120 send message to IoT devices 101, as removed shown in affairs 1611." removing " used herein means to represent that bottom message does not have Have and be encrypted using encryption technology as described herein.However, as illustrated, in one embodiment, in client terminal device Security socket layer (SSL) channel or other safe lanes are established between 611 and IoT services 120 (for example, Internet protocol is pacified (IPSEC) channel entirely) communicated with protecting.Then the crypto engine 1660 in IoT services 120 uses generated password to message It is encrypted, and the message of encryption is transferred to IoT centers 110 at 1602.In one embodiment, using password and Counter Value is directly entered to generate the key stream for each message packets to be encrypted, rather than using password to message Row encryption.The details of the embodiment is described below in conjunction with Figure 17.

As illustrated, SSL connections or other safe lanes can be established between IoT services 120 and IoT centers 110. IoT centers 110 (it is in one embodiment without the ability that message is decrypted) are at 1603 (for example, passing through indigo plant Tooth low-power consumption (BTLE) communication channel) message of encryption is transferred to IoT devices.Then the crypto engine on IoT devices 101 1661 can be decrypted to message using password and handle message content.The embodiment party of key stream is being generated using password In case, crypto engine 1661 can generate key stream using password and Counter Value, then using key stream to message data Bag is decrypted.

Message can include any type of communication between IoT 120 and IoT of service devices 101 in itself.For example, message The execution specific function of instruction IoT devices 101 can be included such as to measure and result is reported back to the life of client terminal device 611 Packet is made, or the configuration data for being used to configure the operation of IoT devices 101 can be included.

If necessary to respond, then at 1604, crypto engine 1661 on IoT devices 101 is using password or draws Key stream is encrypted to response and encrypted response is transferred into IoT centers 110, and the IoT centers will ring at 1605 IoT services 120 should be forwarded to.Then at 1606 (for example, by SSL or other secure communication channels), in IoT services 120 Crypto engine 1660 response is decrypted using password or the key stream drawn and the response of decryption is transferred to client End device 611.

Figure 16 B show the embodiment for not needing IoT centers.On the contrary, in this embodiment, the He of IoT devices 101 Communication between IoT services 120 is occurred (for example, as explained above with described in Fig. 6 to Fig. 9 B) by client terminal device 611.At this In embodiment, in order to transmit message to IoT devices 101, client terminal device 611 passes the unencryption version of message at 1611 It is defeated to service 120 to IoT.At 1612, message is encrypted using password or the key stream drawn for crypto engine 1660, and The message of encryption is transmitted back to client terminal device 611.Then the message of encryption is forwarded to by client terminal device 611 at 1613 IoT devices 101, and message is decrypted using password or the key stream drawn for crypto engine 1661.Then IoT devices 101 can handle message as described herein.If necessary to respond, then crypto engine 1661 uses password to response at 1614 It is encrypted and encrypted response is transferred to client terminal device 611, the client terminal device will be encrypted at 1615 Response is forwarded to IoT services 120.Then at 1616, crypto engine 1660 is decrypted to the response and by the sound of decryption Client terminal device 611 should be transferred to.

Figure 17, which is shown, initially to service the key exchange performed between 120 and IoT devices 101 in IoT and key stream is given birth to Into.In one embodiment, it can perform the key whenever IoT is serviced when 120 and IoT devices 101 establish new communication session Exchange.Alternatively, key exchange can be performed, and the session key exchanged can use the time specified Section (for example, one day, one week etc.).Although middle device is not shown in Figure 17 for the sake of simplicity, communication can be by IoT The heart 110 and/or client terminal device 611 occur.

In one embodiment, IoT service 120 crypto engine 1660 to HSM 1630 (for example, it can be such as The CloudHSM provided by Amazon) order is sent to generate session public private key pair.Then, HSM 1630 can be to prevent Only the private conversation key in the secret key pair is conducted interviews.Similarly, the crypto engine on IoT devices 101 can be to HSM 1631 (for example, derive from AtmelAtecc508 HSM) transmission order, HSM 1631 generate session it is public/ Private cipher key pair and prevent from conducting interviews to the session private cipher key in the secret key pair.Certainly, general principle of the invention is not It is limited to any certain types of crypto engine or manufacturer.

In one embodiment, at 1701, IoT services the 120 session public keys that will be generated using HSM 1630 It is transferred to IoT devices 101.IoT devices generate the session public private key pair of their own using its HSM 1631, and The public keys in its secret key pair is transferred to IoT services 120 at 1702.In one embodiment, crypto engine 1660- 1661 establish shared password using elliptic curve Diffie-Hellman (ECDH) agreements, the agreement be allow both sides have it is ellipse The Anonymity Key agreement of public-privately owned secret key pair of circular curve.In one embodiment, using these technologies, at 1703, The crypto engine 1660 of IoT services 120 is close using IoT device session public keys and the generation of the session private cipher key of their own Code.Similarly, at 1704, the crypto engine 1661 of IoT devices 101 services 120 session public keys and their own using IoT Session private cipher key be separately generated identical password.More particularly, in one embodiment, in IoT services 120 Crypto engine 1660 generates password according to below equation：Password=IoT device session public keys * IoTIoT service conversations are privately owned Key, wherein ' * ' represents that IoT device session public keys is multiplied by IoT service conversation private cipher keys in a point-to-point fashion.IoT Crypto engine 1661 on device 101 generates password according to below equation：Password=IoT service conversation public keys * IoT devices Session private cipher key, wherein IoT service conversations public keys are multiplied by IoT device session private cipher keys in a point-to-point fashion.Most Afterwards, as described below, IoT 120 and IoT of service devices 101 have generated the identical password for communication to be encrypted. In one embodiment, crypto engine 1660-1661 respectively depends on hardware module such as KSGM 1640-1641 to perform State the operation for generating password.

Once secret has been determined, it can be used for directly data being encrypted reconciliation by crypto engine 1660 and 1661 It is close.Or in one embodiment, crypto engine 1660-1661 is sent to KSGM1640-1641 and generated newly using password The order of key stream (that is, generates new key flow data knot so that each packet is encrypted/decrypted for each packet Structure).Specifically, a key stream generation module 1640-1641 embodiment uses Galois/ counter mode (GCM), Wherein Counter Value is incremented by for each packet, and with cipher key combinations using to generate key stream.Therefore, in order to by data The crypto engine 1661 that bag is transferred to IoT 120, IoT of service devices 101 makes KSGM using password and present counter value 1640-1641 generates new key stream and is incremented by Counter Value to generate next key stream.Then, it is being transferred to IoT Before service 120, newly-generated key stream be used to packet be encrypted.In one embodiment, key stream and number The packet encrypted according to XOR (XOR) is carried out with generation.In one embodiment, IoT devices 101 will have encrypted The Counter Value of packet is transferred to IoT services 120.Then the crypto engine 1660 in IoT services communicates with KSGM 1640, KSGM 1640 uses received Counter Value and password to generate key stream (due to using identical password and counter Value, it should be identical key stream) and packet is decrypted using the key stream generated.

In one embodiment, the packet for being transferred to IoT devices 101 from IoT services 120 is added in an identical manner It is close.Specifically, counter is incremented by for each packet, and is used together with password to generate new key stream.Then The key stream is used to data be encrypted (for example, performing the XOR operation of data and key stream), and encrypted data Bag is transferred to IoT devices 101 together with Counter Value.Then the crypto engine 1661 and KSGM1641 on IoT devices 101 leads to Letter, KSGM 1641 generate the identical key stream for packet to be decrypted using Counter Value and password.Therefore, exist In the embodiment, crypto engine 1660-1661 is generated for data to be encrypted using themselves Counter Value Key stream, and it is close for what data were decrypted to use the Counter Value received together with encrypted packet to generate Key stream.

In one embodiment, each crypto engine 1660-1661 tracks what it was received from another crypto engine Last Counter Value, and including whether receiving or whether repeatedly receiving identical out of order for detection counter value Counter Value sequence logic.If a Counter Value receives out of order, or if repeatedly receives identical counting Device value, this, which may indicate that, is try to Replay Attack.As response, crypto engine 1660-1661 can disconnect from communication channel And/or safety alarm can be generated.

Figure 18 show employed in one embodiment of the invention include 4 byte counter values 1800, it is variable greatly The exemplary encryption packet of the small byte tag 1802 of encryption data field 1801 and 6.In one embodiment, label 1802 include checksum value to check the data of decryption (once the data have been decrypted).

As described above, in one embodiment, the hair of each new communication session can be periodically and/or in response to Generation of getting up services the session public private key exchanged between 120 and IoT devices 101 to 1650-1651 in IoT.

One embodiment of the invention is realized for verifying that IoT services the attached of the session between 120 and IoT devices 101 Add technology.Specifically, in one embodiment, using the hierarchy of public private key pair, including master key to, One group of factory's key pair and one group of IoT service key pair, and one group of IoT device keys pair.In one embodiment, master is close Key is to the root of trust including every other key pair and is maintained at single highly safe position (for example, realizing herein Under the control of the tissue of described IoT systems).Main private cipher key can be used for various other keys to such as factory's key to life Into signature (and thus being verified).Then main public keys can be used to veritify signature.In one embodiment, manufacture Each factory of IoT devices is allocated factory's key pair of their own, then can verify IoT service key and IoT with it Device keys.For example, in one embodiment, generated using factory's private cipher key to IoT service public keys and IoT dresses Put the signature of public keys.Then corresponding factory's public keys can be used to veritify these signatures.It note that these IoT take " session " public keys/private cipher key described in business/device public keys Figure 16 A to Figure 16 B above in conjunction is different.Above-mentioned meeting Words public keys/private cipher key is interim (that is, being generated for service/device session), and IoT services/device keys are to being Permanent (that is, being generated in factory).

In view of the above-mentioned relation between master key, factory's key, service/device keys, one embodiment of the present invention Case performs following operation to provide additional checking and safe floor between IoT 120 and IoT of service devices 101：

A. in one embodiment, IoT services 120 are initially generated the message comprising herein below：

Unique ID of 1.IoT services：

The sequence number of IoT services；

Timestamp；

For the ID for the factory's key for signing this unique ID；

Unique ID classification (that is, servicing)；

The public keys of IoT services

To the signature of unique ID.

2. mill certification includes：

Timestamp

For the ID for the master key for signing the certificate

The public keys of factory

The signature of mill certification

3.IoT service conversations public keys (as explained above with described in Figure 16 A to Figure 16 B)

4.IoT service conversations public key signature (for example, being signed using the private cipher key of IoT services)

B. in one embodiment, message is sent to IoT devices (as described below) in negotiated channel.IoT devices Parse message simultaneously：

1. veritify the signature of mill certification (only when it is present in message payload)

2. unique ID signature is veritified using the key by Unique ID

3. veritify IoT service conversation public key signatures using the public keys of the IoT services from unique ID

4. preserve the public keys of IoT services and the session public keys of IoT services

5. generate IoT device session keys pair

C.IoT devices and then generation include the message of herein below：

Unique ID of 1.IoT devices

IoT device sequence numbers

Timestamp

For the ID for the factory's key for signing this unique ID

Unique ID classification (that is, IoT devices)

The public keys of IoT devices

Unique ID signature

The session public keys of 2.IoT devices

3. the label of the key signature (IoT device session public keys+IoT service conversations public keys) using IoT devices Name

D. the message is sent back to IoT services.IoT service parsings message is simultaneously：

1. unique ID signature is veritified using factory's public keys

2. the signature of session public keys is veritified using the public keys of IoT devices

3. preserve the session public keys of IoT devices

(IoT device session public keys+IoT is serviced comprising being signed with the key of IoT services for E.IoT services and then generation Session public keys) signature message.

F.IoT devices parsing message is simultaneously：

1. veritify the signature of session public keys using the public keys of IoT services

2. key stream is generated by IoT device session private cipher keys and IoT service conversations public keys

3.IoT devices and then transmission " messaging can use " message.

G.IoT services and then the following operation of execution：

1. key stream is generated by the session public keys of IoT device session private cipher keys and IoT devices

2. the new information for including herein below is created in message transfer channel：

Generate and store 2 random byte values

Set a property message with Cyclic dart (boomerang) attribute Id (as described below) and random value

H.IoT devices receive the message simultaneously：

1. attempt to decrypt the message

2. send renewal using identical value on specified attribute Id

Message payload of the I.IoT services identification comprising the renewal of Cyclic dart attribute is simultaneously：

1. its pairing state is arranged to true

2. pairing completion message is sent in negotiated channel

J.IoT devices receive the message and its pairing state are arranged into true

Although describing above-mentioned technology on " IoT services " and " IoT devices ", the general principle of the present invention can be by It is embodied as including establishing secure communication letter between subscription client device, server and any two of Internet service device Road.

Above-mentioned technology be it is highly safe because private cipher key never by wireless sharing (by contrast, current Bluetooth pairing technology in password be transferred to the opposing party from a side).Eavesdrop the attacker that entirely talks with and there was only public keys, and this A little public keys are not enough to generate shared password.These technologies also prevent go-between from attacking by exchanging signed public keys Hit.Further, since all use GCM and single counter on each device, therefore it can prevent that any kind of " playback is attacked Hit " (in this case, go-between catches data and sent again).Some embodiments are also by using asymmetric counter To prevent Replay Attack.

The technology of data and order is exchanged in the case of informal contrast means

GATT is general-purpose attribute configuration file (Generic Attribute Profile) acronym, and GATT defines the mode that two Bluetooth Low Energy (BTLE) devices transmit data back and forth.It utilizes referred to as attribute agreement (ATT) Universal Data Protocol, the agreement is used to service, feature and related data being stored in simple look-up table, in table Each entry uses 16 characteristic IDs.It note that " although feature " is sometimes referred to as " attribute ".

It is the most frequently used to be characterized in device " title " on blue-tooth device (there is characteristic ID 10752 (0 × 2A00)).Example Such as, blue-tooth device can be read by " title " feature of those other blue-tooth devices issue by using GATT to identify near it Other blue-tooth devices.Therefore, blue-tooth device has the capability for exchanging data, without formal pairing/binding device (note Meaning, " pairing " and " binding " is interchangeable sometimes；The remainder of this discussion will use term " pairing ").

One embodiment of the invention is communicated using this ability with having enabled BTLE IoT devices, without Formally matched with these devices.Due to the time quantum required with the pairing of each device, and once only establish a pairing and connect Connect, so will be very poorly efficient with each individually IoT devices pairing.

Figure 19 is shown in which that bluetooth (BT) device 1910 and the BT communication modules 1901 of IoT devices 101 establish network set Connect the abstract particular without the formal BT connections for establishing pairing of word.BT devices 1910 can be included in such as figure In IoT centers 110 and/or client terminal device 611 shown in 16A.As illustrated, BT communication modules 1901, which are safeguarded, includes characteristic ID The data structure of the value of list, the title associated with these characteristic IDs and these characteristic IDs.According to current BT standards, often The value of individual feature is storable in 20 byte buffers by characteristic ID mark.However, the general principle of the present invention is not limited to appoint What specific buffer size.

In Figure 19 example, " title " is characterized in being assigned to " the feature that the BT of the particular value of IoT devices 14 " is defined. One embodiment of the invention specify to be used for BT devices 1910 consult secure communication channel first group of supplementary features and It is used for second group of supplementary features with the coded communication of BT devices 1910.Specifically, by characteristic ID in the example of illustration< 65532>" consulting write-in " feature of mark can be used for transmission outflow negotiation message, and by characteristic ID<65533>" the association of mark Business's reading " feature can be used for receiving incoming negotiation message." negotiation message " may include by BT devices 1910 and BT communication modules 1901 are used for establishing the message of secure communication channel as described herein.For example, in fig. 17, IoT devices 101 can be via " consulting to read " feature<65533>To receive IoT service conversations public keys 1701.Key 1701 can service 120 transmission from IoT To the IoT centers 110 or client terminal device 611 for having enabled BTLE, then GATT can be used to write key 1701 by characteristic ID< 65533>The negotiation reading value buffering area of mark.Then, IoT devices application logic 1902 can be from by characteristic ID<65533> Key 1701 is read in the value buffering area of mark and handles it as described above (for example, generating password using it and using The password generates key stream etc.).

If key 1701 is more than 20 bytes (being maximum buffer size in some current specific implementations), the key It can be write with 20 byte sections.For example, 20 byte write feature ID before being incited somebody to action by BT communication modules 1903<65533>, And read by IoT devices application logic 1902, then the IoT devices application logic can will confirm that message write-in by spy Levy ID<65532>The negotiation write-in value buffering area of mark.Using GATT, BT communication modules 1903 can be from characteristic ID<65532>Read The confirmation is taken, and responsively writes ensuing 20 bytes of key 1701 by characteristic ID<65533>The negotiation of mark Reading value buffering area.By this way, establish by characteristic ID<65532>With<65533>The web socket of definition is abstracted, to hand over Use instead in the negotiation message for establishing secure communication channel.

In one embodiment, once establishing secure communication channel, just characteristic ID is used<65534>(it is used to fill from IoT Put the encrypted packet of 101 transmission) and characteristic ID<65533>(packet for being used to receive encryption by IoT devices) is established Second web socket is abstracted.That is, when BT communication modules 1903 have for the encryption data bag transmitted (for example, all Such as Figure 16 A encryption message 1603) when, its use is by characteristic ID<65533>The message reading value buffering area of mark starts to write Encrypted packet, every time 20 bytes.IoT devices application logic 1902 will then be read from reading value buffering area Encryption data bag, 20 bytes every time, as needed via characteristic ID<65532>The write-in value buffering area identified communicates to BT Module 1903 sends confirmation message.

In one embodiment, GET, SET and UPDATE described below order are used in two BT communication modules 1901 and 1903 swapping data and order.For example, identification characteristics ID can be transmitted in BT communication modules 1903<65533>And wrap The packet of the order containing SET is to write by characteristic ID<65533>Value field/buffering area of mark, the packet then can be by IoT Device application logic 1902 is read.In order to retrieve data from IoT devices 101, BT communication modules 1903 can be transmitted and are pointed at By characteristic ID<65534>The GET command of value field/buffering area of mark.In response to GET command, BT communication modules 1901 can be to Include next free characteristic ID<65534>The BT communication modules 1903 of the data of value field/buffering area of mark transmit UPDATE numbers According to bag.In addition, in response to the change of the particular community on IoT devices 101, UPDATE packets can be transmitted automatically.For example, such as Fruit IoT devices are associated with illuminator and user opens lamp, then can send UPDATE packets and be answered with reflecting and illuminating The change for the ON/OFF attribute being associated with program.

Figure 20 shows the example data bag for GET, SET and UPDATE according to one embodiment of the invention Form.In one embodiment, these packets are write by message after the negotiation<65534>Read with message<65533 >Transmission.In GET packets 2001, the field of first 1 byte includes the package identification being GET packets It is worth (0 × 10).The field of second 1 byte includes request ID, request ID and uniquely identifies current GET command (that is, mark The current transaction that GET command is associated).For example, each example from service or the GET command of device transmission can be allocated Different request ID.This can be completed for example, by count-up counter and using Counter Value as request ID.However, this hair Bright general principle is not limited to set request ID any ad hoc fashion.

The attribute specific to application program pointed by the Property ID identification data packet of 2 bytes.If for example, GET command The IoT devices 101 shown in Figure 19 are just being sent to, then Property ID is requested specifically specific to using journey available for identifying The value of sequence.Above example is returned to, GET command can be pointed at the electric power specific to the Property ID such as illuminator of application program State, it includes the value that mark lamp is on or off (for example, 1=is opened, 0=is closed).If IoT devices 101 be with The associated safety means of door, then value field can identify the current state of door (for example, 1=is opened, 0=is closed).In response to GET Order, the response for including the currency by Property ID mark can be transmitted.

SET packets 2002 as shown in figure 20 and UPDATE packets 2003 also include mark data Packet type (i.e., SET and UPDATE) first 1 byte field, include request ID second 1 byte field and identification application definition category 2 byte attribute id fields of property.In addition, SET packets include the data length that mark is included in n byte Value data fields 2 byte length values.Value data field may include the order that will be performed on IoT devices and/or for configuring IoT in some way The configuration data of the operation (it is expected parameter for example, setting, close IoT devices etc.) of device.For example, if IoT devices 101 control The speed of fan, then value field can reflect current fan speed.

UPDATE packets 2003 can be transmitted to provide the renewal of the result of SET orders.UPDATE packets 2003 wrap 2 byte length value fields are included, the length of the n byte Value data fields of the data relevant with the result of SET orders is may include with mark Degree.In addition, the more new status field of 1 byte can identify the current state of the variable updated.For example, if SET orders try Figure closes the light controlled by IoT devices, then more new status field may indicate that just no be closed successfully.

Figure 21 shows IoT services 120 and the transaction that is related between SET orders and the IoT devices 101 of UPDATE orders Exemplary sequence.The middle device such as mobile device of IoT centers and user is not shown, to avoid the original substantially of the fuzzy present invention Reason.At 2101, SET orders 2101 are received from IoT service transmissions to IoT devices 101 by BT communication modules 1901, should The GATT value buffering areas identified in 2102 renewals by characteristic ID to SET command responses.At 2103, pass through low power microcontroller (MCU) 200 (or the program code by being performed on low-power MCU, all IoT device application programs as shown in Figure 19 Logic 1902) from value buffering area read the SET orders.At 2104, MCU 200 or program code in response to the SET orders and Perform operation.For example, SET orders may include the Property ID for specifying such as new temperature of new configuration parameter, or it may include state value Such as ON/OFF (so that IoT devices enter "ON" or low power state).Therefore, centered at 2104 in IoT dresses new Value, and UPDATE orders are returned at 2105, update actual value in GATT value fields at 2106.In some cases, Actual value will be equal to desired value.In other cases, the possible difference of the value of renewal is (that is, because when IoT devices 101 may need Between update certain form of value).Finally, at 2107, UPDATE orders, which are communicated back to, includes the reality from GATT value fields The IoT services 120 of actual value.

Figure 22 shows the peace for being used to realize between IoT services and IoT devices according to one embodiment of the invention The method of full communication channel.This method can be implemented in the environment of the above-mentioned network architecture, but be not limited to any certain architectures.

At 2201, IoT services are created using elliptic curve digital signature algorithm (ECDSA) certificate to be used for and IoT centers The encryption channel of communication.At 2202, IoT is serviced using the data-/ command in session password encryption IoT device packets to create Build the device packet of encryption.As described above, session password can be independently generated by IoT devices and IoT services.At 2203, IoT The device packet of encryption is transferred to IoT centers by service by encryption channel.At 2204, in the case of non-decrypting, IoT The device packet of encryption is passed to IoT devices by center.At 22-5, IoT devices decrypt encryption using session password Device packet.As described above, in one embodiment, this can be accomplished by the following way：Use password and counter Value (being provided with together with the device packet of encryption) generates key stream, then carrys out decrypted data packet using the key stream. At 2206, then IoT devices extract and handle the data in device packet and/or order.

Therefore, using above-mentioned technology, two-way, safe network socket can be established between two devices for having enabled BT Word is abstracted, without formally matching BT devices using standard matching technology.Although above for what is communicated with IoT services 120 IoT devices 101 describe these technologies, but the general principle of the present invention may be implemented as having enabled BT's in any two Consult between device and establish secure communication channel.

Figure 23 A to Figure 23 C show the method detailed for contrast means according to one embodiment of the invention.Should Method can be implemented in the environment of said system framework, but be not limited to any particular system framework.

At 2301, IoT service-creations include the sequence number of IoT services and the packet of public keys.At 2302, IoT services use factory's private cipher key signature packet.At 2303, IoT services are sent the packet by encryption channel To IoT centers, and at 2304, the data are forwarded a packet to IoT devices by IoT centrally through unencryption channel.At 2305, IoT devices veritify the signature of the packet, and at 2306, sequence number of the IoT devices generation comprising IoT devices and public close The packet of key.At 2307, IoT devices sign the packet using factory's private cipher key, and at 2308, IoT devices The packet is sent to by IoT centers by unencryption channel.

At 2309, the data are forwarded a packet to IoT services by IoT centrally through encryption channel, and at 2310, IoT The signature of the packet is veritified in service.At 2311, IoT service creation session keys pair, and at 2312, IoT waiter Into the packet for including session public keys.Then IoT services sign the data at 2313 using IoT service private cipher keys Bag, and the packet is sent to IoT centers by IoT services by encryption channel at 2314.

Going to Figure 23 B, the data are forwarded a packet to IoT devices by IoT centers at 2315 by unencryption channel, and At 2316, IoT devices veritify the signature of packet.At 2317, IoT devices (for example, using above-mentioned technology) generation session is close Key pair, and at 2318, generation includes the IoT device packets of IoT device session public keys.At 2319, IoT devices IoT device packets are signed using IoT devices private cipher key.At 2320, IoT devices are by unencryption channel by the packet IoT centers are sent to, and at 2321, the data are forwarded a packet to IoT services by IoT centrally through encryption channel.

At 2322, the signature (for example, using IoT devices public keys) of the IoT service veritifications packet, and At 2323, IoT services service private cipher key and IoT devices public keys to generate session password (as institute is detailed above using IoT Description).At 2324, IoT devices generate session password (again using IoT devices private cipher key and IoT service public keys It is secondary as described above), and at 2325, simultaneously it is encrypted using session password for IoT devices generation random digit.2326 Encrypted packet is sent to IoT centers by place, IoT services by encryption channel.At 2327, IoT centrally through not plus Encrypted data are forwarded a packet to IoT devices by secret letter road.At 2328, IoT devices decrypt the packet using session password.

Figure 23 C are gone to, at 2329, IoT devices use the session password re-encrypted packet, and at 2330, Encrypted packet is sent to IoT centers by IoT devices by unencryption channel.At 2331, IoT believes centrally through encryption Encrypted data are forwarded a packet to IoT services by road.At 2332, IoT services decrypt the packet using session password. At 2333, IoT services are veritified to be matched to the random digit with the random digit that it sends.IoT services are then sent at 2334 Completed packet is matched in instruction, and all subsequent messages of session password encryption are used at 2335.

Embodiment of the present invention may include various steps described above.These steps, which can be presented as, can be used for causing to lead to The machine-executable instruction of these steps is performed with processor or application specific processor.Or these steps can be by comprising for holding The specific hardware components of the firmware hardwired logic of these steps of row perform, or the computer module by programming and custom hardware components Any combinations perform.

As described herein, instruction may refer to particular hardware configuration, such as application specific integrated circuit (ASIC), and it is configured as holding The some specific operations of row or with the predetermined function stored in the memory being embodied in non-transitory computer-readable medium or Software instruction.Therefore, it is possible to use store and hold on one or more electronic installations (for example, terminal station, network element etc.) Capable code and data realize the technology shown in accompanying drawing.Such electronic installation using computer machine computer-readable recording medium storage and Transmission (internally and/or with other electronic installations on network) code and data, the computer machine computer-readable recording medium is such as It is non-transient computer machinable medium (for example, disk；CD；Random access memory；Read-only storage；Flash memory Storage device；Phase transition storage) and transient computer machine readable communication medium (for example, electricity, optics, acoustics or other shapes Transmitting signal-carrier wave of formula, infrared signal, data signal etc.).In addition, this kind of electronic installation generally includes to be connected to one The set of the one or more processors of individual or multiple other assemblies, such as one or more storage devices of the other assemblies (non-transient machinable medium), user's input/output device (for example, keyboard, touch-screen and/or display) and Network connection.The coupling of the processor sets and other assemblies generally (is also referred to as by one or more buses and bridger Bus control unit) carry out.Storage device and the signal of the bearer network traffic represent one or more machine readable storages respectively Medium and machine readable communication medium.Therefore, the storage device for giving electronic installation would commonly be used for the code and/or number performed Closed according to the collection for the one or more processors for being stored in the electronic installation.Of course, it is possible to use software, firmware and/or hardware Various combination realize one or more parts of embodiment of the present invention.

In whole embodiment, for illustrative purposes, many specific details are set forth thoroughly to understand this Invention.However, those skilled in the art is readily apparent, can be put into practice in the case of some in these no specific details The present invention.In some cases, to exempt from fuzzy subject of the present invention, well-known 26S Proteasome Structure and Function is not described in detail.Therefore, The scope of the present invention and essence should be determined according to appended claims.

Claims (30)

1. a kind of system, including：

Internet of Things (IoT) services, and the Internet of Things service is used to establish and IoT devices by IoT centers or mobile user devices Communication；

The first crypto engine in the IoT services, first crypto engine include being used to generate service public key kimonos The key generation logic of business private cipher key；

The second crypto engine on the IoT devices, second crypto engine include being used for generating means public keys and dress Put the key generation logic of private cipher key；

First crypto engine is used to transmit the service public key to second crypto engine and described second Transmission engine is used to transmit described device public keys to first crypto engine；

First crypto engine generates password using described device public keys and the service private cipher key；

Second crypto engine generates identical password using the service public key and described device private cipher key；And And

Wherein once generate the password, then first crypto engine and second crypto engine using the password or from The data structure encryption and decryption that the password is drawn are transmitted between first crypto engine and second crypto engine Packet.

2. system according to claim 1, wherein the key generation logic includes hardware security module (HSM).

3. system according to claim 1, wherein the data structure drawn from the password is included by described first The first key stream of crypto engine generation and the second key stream generated by second crypto engine.

4. system according to claim 3, in addition to first counter associated with first crypto engine and with The second associated counter of second crypto engine, first crypto engine draw in response to being transferred to second encryption Each packet for holding up and be incremented by first counter, and second crypto engine in response to be transferred to described first plus Each packet of ciphertext engine and be incremented by second counter.

5. system according to claim 4, wherein first crypto engine uses the current meter of first counter Number device value and the password generate the first key stream, and second crypto engine working as using second counter Preceding Counter Value and the password generate second key stream.

6. system according to claim 5, wherein first crypto engine includes being used to use first counter Value and the password generate elliptic curve method (ECM) module of the first key stream, and the second crypto engine bag Include the ECM modules for generating second key stream using first Counter Value and first password.

7. system according to claim 5, wherein first crypto engine uses the first key stream encryption first Packet is to generate the first encryption data bag, and by the first encryption data bag and the current count of first counter Device value is transferred to second crypto engine together.

8. system according to claim 7, wherein second crypto engine is worked as using the described of first counter Preceding Counter Value and the password generate the first key stream, and the encryption number is decrypted using the first key stream According to bag.

9. system according to claim 7, wherein encrypting first packet is included the first key stream and institute State the first packet and carry out XOR to generate the first encryption data bag.

10. system according to claim 8, wherein the IoT devices include Bluetooth Low Energy (BTLE) communication interface, with For the IoT devices to be communicatively coupled into the IoT centers or the mobile user devices, the IoT centers or described Mobile user devices are couple to the IoT services by internet communication.

11. a kind of method, including：

The communication established by IoT centers or mobile user devices between Internet of Things (IoT) service and IoT devices；

Generate service public key by the key generation logic of the first crypto engine in the IoT services and service privately owned Key；

It is privately owned come generating means public keys and device by the key generation logic of the second crypto engine on the IoT devices Key；

The service public key is transferred to second crypto engine from first crypto engine, and by described device Public keys is transferred to first crypto engine from second crypto engine；

Password is generated using described device public keys and the service private cipher key；

Identical password is generated using the service public key and described device private cipher key；And

Using the password or using the data structure encryption and decryption drawn from the password in first crypto engine and The packet transmitted between second crypto engine.

12. according to the method for claim 11, wherein the key generation logic includes hardware security module (HSM).

13. according to the method for claim 11, wherein the data structure drawn from the password is included by described the The first key stream of one crypto engine generation and the second key stream generated by second crypto engine.

14. according to the method for claim 13, wherein the first counter is associated with first crypto engine and the Two counters are associated with second crypto engine, and first crypto engine is in response to being transferred to second crypto engine Each packet and be incremented by first counter, and second crypto engine in response to be transferred to it is described first encryption Each packet of engine and be incremented by second counter.

15. according to the method for claim 14, wherein first crypto engine uses the current of first counter Counter Value and the password generate the first key stream, and second crypto engine uses second counter Present counter value and the password generate second key stream.

16. according to the method for claim 15, wherein first crypto engine includes being used to count using described first Device value and the password generate elliptic curve method (ECM) module of the first key stream, and second crypto engine Including the ECM modules for generating second key stream using first Counter Value and the first password.

17. according to the method for claim 15, wherein first crypto engine uses the first key stream encryption the One packet is to generate the first encryption data bag, and by the first encryption data bag and the current meter of first counter Number device value is transferred to second crypto engine together.

18. according to the method for claim 17, wherein second crypto engine uses the described of first counter Present counter value and the password generate the first key stream, and decrypt the encryption using the first key stream Packet.

19. according to the method for claim 17, wherein encrypt first packet include by the first key stream with First packet carries out XOR to generate the first encryption data bag.

20. according to the method for claim 18, wherein the IoT devices include Bluetooth Low Energy (BTLE) communication interface, For the IoT devices are communicatively coupled into the IoT centers or the mobile user devices, the IoT centers or institute State mobile user devices and be couple to the IoT services by internet communication.

21. a kind of equipment, including：

First local radio communication module, the first local radio communication module are used to establish and the second local radio communication mould The local wireless communication channel of block；

By the data structure of the first local radio communication module management, the data structure includes one group of feature, Mei Gete Requisition characteristic ID identifies and has the value buffering area associated there for including the data associated with the feature；

First wireless communication module is used to receive and led to by second local wireless using the data structure by definition Believe the fisrt feature of the packet of module transfer and for the second local radio communication module transfer outgoi8ng data bag Second feature forms first network socket；

Wherein incoming data bag will be buffered provisionally in the first value buffering area associated with the fisrt feature, and wherein The outgoi8ng data bag will be buffered provisionally in the second value buffering area associated with the second feature.

22. equipment according to claim 21, wherein the data structure includes being indexed by characteristic ID and including being used for The table of the value field of each value buffering area of mark, described value buffering area include first value associated with the fisrt feature Buffering area and the second value buffering area associated with the second feature.

23. equipment according to claim 21, wherein the first value buffering area and the second value buffering area each have There is the size of N positions.

24. equipment according to claim 23, wherein N=20.

25. equipment according to claim 21, wherein the wireless communication module communicates including Bluetooth Low Energy (BTLE) Module, and wherein described data structure includes general-purpose attribute configuration file (GATT) data structure.

26. equipment according to claim 23, in addition to application logic, for by by the first packet once Write to N positions the second value buffering area associated with the second feature and first packet is transferred to described Two wireless communication modules.

27. equipment according to claim 26, wherein second wireless communication module will from the second feature phase Read first packet to N position of the second value buffering area of association.

28. equipment according to claim 27, wherein in order to read first packet, second radio communication mold Block will include the first order of the characteristic ID of the second feature to first wireless communication module transmission.

29. equipment according to claim 26, wherein the application logic will be by being worth buffering area from described first The second packet is read to N position to receive second packet from second wireless communication module.

30. equipment according to claim 29, wherein in order to which second packet write-in described first is worth into buffering area, Second wireless communication module will transmit the of the characteristic ID for including the fisrt feature to first wireless communication module One order.