CN107846683A - Upstream data control extension method and device of the Internet of Things access point based on type - Google Patents

Upstream data control extension method and device of the Internet of Things access point based on type Download PDF

Info

Publication number
CN107846683A
CN107846683A CN201610834313.6A CN201610834313A CN107846683A CN 107846683 A CN107846683 A CN 107846683A CN 201610834313 A CN201610834313 A CN 201610834313A CN 107846683 A CN107846683 A CN 107846683A
Authority
CN
China
Prior art keywords
internet
things
type
packet
access point
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201610834313.6A
Other languages
Chinese (zh)
Inventor
杜光东
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Shenglu IoT Communication Technology Co Ltd
Original Assignee
Shenzhen Shenglu IoT Communication Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Shenglu IoT Communication Technology Co Ltd filed Critical Shenzhen Shenglu IoT Communication Technology Co Ltd
Priority to CN201610834313.6A priority Critical patent/CN107846683A/en
Priority to PCT/CN2016/103371 priority patent/WO2018053895A1/en
Publication of CN107846683A publication Critical patent/CN107846683A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • H04W12/033Protecting confidentiality, e.g. by encryption of the user plane, e.g. user's traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/041Key generation or derivation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/80Arrangements enabling lawful interception [LI]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W48/00Access restriction; Network selection; Access point selection
    • H04W48/08Access restriction or access information delivery, e.g. discovery data delivery

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Technology Law (AREA)
  • Health & Medical Sciences (AREA)
  • Computing Systems (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

This application discloses a kind of upstream data control extension method of Internet of Things access point based on type, methods described comprises the following steps:The Internet of Things access point receives the packet that internet-of-things terminal is sent;The Internet of Things access point identifies the type of the internet-of-things terminal, according to the type in the type being pre-configured with the first ciphering unit corresponding with inquiring the type in ciphering unit mapping table;The Internet of Things access point calls first ciphering unit that the packet is encrypted;The Internet of Things access point sends the packet after encryption to Radio Access Controller.The application has the advantages of user experience is high.

Description

Upstream data control extension method and device of the Internet of Things access point based on type
Technical field
The application is related to the communications field, more particularly to a kind of upstream data control extension methods of Internet of Things AP based on type And device.
Background technology
Internet of Things is the important component of generation information technology, and the important development stage in " informationization " epoch. Its English name is:“Internet of things(IoT)”.As its name suggests, Internet of Things is exactly the connected internet of thing thing.This There is two layers of meaning:First, the core of Internet of Things and basis are still internet, it is extension and extension on Internet basic Network;Second, its user terminal extends and extend between any article and article, enter row information and exchange and communicate, that is, Thing thing mutually ceases.Internet of Things is widely used in network by the cognition technology that communicates such as Intellisense, identification technology and general fit calculation In fusion, also therefore it is referred to as the third wave that world information industry develops after computer, internet.Internet of Things is mutual The application extension of networking, rather than Internet of Things is network, Internet of Things is business and application.Therefore, application innovation is thing The core of networking development, the innovation 2.0 using Consumer's Experience as core are the souls of Internet of Things development.
What Internet of Things solved is the data exchange between interconnection and thing thing between thing thing, and existing Internet of Things is being networked When be based on Internet of Things access point (English:Access point, AP) access internet, the Information Security of Internet of Things compared with It is low, so user experience is low.
The content of the invention
The application provides a kind of upstream data control extension methods of the Internet of Things AP based on type.Internet of Things netting index can be improved According to security, improve Consumer's Experience.
First aspect, there is provided a kind of upstream data control extension method of Internet of Things access point based on type, methods described Comprise the following steps:
The Internet of Things access point receives the packet that internet-of-things terminal is sent;
The Internet of Things access point identifies the type of the internet-of-things terminal, according to the type in the type being pre-configured with The first ciphering unit corresponding with inquiring the type in ciphering unit mapping table;
The Internet of Things access point calls first ciphering unit that the packet is encrypted;
The Internet of Things access point sends the packet after encryption to Radio Access Controller.
Optionally, the Internet of Things access point identifies that the type of the internet-of-things terminal is specific, including:
The Internet of Things access point identifies the type of internet-of-things terminal by the mark of the internet-of-things terminal.
Optionally, the Internet of Things access point identifies that the type of the internet-of-things terminal is specific, including:
The Internet of Things access point sends internet-of-things terminal type list to internet-of-things terminal,
The Internet of Things access point receive the foundation internet-of-things terminal type list that internet-of-things terminal is sent find out with The internet-of-things terminal type of itself matching.
Optionally, the Internet of Things access point calls first ciphering unit that tool is encrypted to the packet Body, including:
The Internet of Things access point calls first ciphering unit that the packet is encrypted, and is such as encrypted to Work(, subsequent step is carried out, such as encrypt unsuccessful, the spare cryptographic unit pair of the first ciphering unit of the Internet of Things access point calling The packet is encrypted, and the packet header for being added to the packet after encryption using spare cryptographic unit marks is expanded Open up field.
Optionally, methods described also includes:
The Internet of Things access point generates key pair, the key to including:Public key and private key, the Internet of Things access point Packet is encrypted by the first ciphering unit using public key, the packet after encryption is passed through into first path Send, private key is sent by the second path.
Second aspect, there is provided a kind of upstream data enciphered control device of Internet of Things access point based on type, described device Including:
Receiving unit, for receiving the packet of internet-of-things terminal transmission;
Recognition unit, for identifying the type of the internet-of-things terminal;
Searching unit, for described with being inquired in ciphering unit mapping table in the type being pre-configured with according to the type First ciphering unit corresponding to type;
Ciphering unit, for calling first ciphering unit that the packet is encrypted;
Transmitting element, for the packet after encryption to be sent to Radio Access Controller.
Optionally, the recognition unit is specific, and internet-of-things terminal is identified for the mark by the internet-of-things terminal Type.
Optionally, the recognition unit is specific, for sending internet-of-things terminal type list to internet-of-things terminal, receives Internet of Things The foundation internet-of-things terminal type list that network termination is sent finds out the internet-of-things terminal type matched with itself.
Optionally, the ciphering unit is specific, for calling first ciphering unit that the packet is encrypted Processing, such as encrypt successfully, progress subsequent step, such as encrypt it is unsuccessful, calling the first ciphering unit spare cryptographic unit to institute State packet to be encrypted, the packet header for being added to the packet after encryption using spare cryptographic unit marks is extended Field.
Optionally, the ciphering unit is specific, for generating key pair, the key to including:Public key and private key, use Packet is encrypted by the first ciphering unit for public key, the transmitting element, for by the data after encryption Bag is sent by first path, and private key is sent by the second path.
The internet-of-things terminal of technical scheme provided by the invention is sent data packets to after AP, and AP is according to internet-of-things terminal Type queries go out ciphering unit corresponding to the type, data are encrypted by the ciphering unit, for Internet of Things, For internet-of-things terminal without being configured to encryption, all encryptions are set can effectively reduce Internet of Things in AP, this mode The cost of terminal, and for whole Internet of Things, due to numerous internet-of-things terminals can be connected below one AP, only The overall cost of Internet of Things only can also be reduced to AP configurations, in addition, its ability calculated is typically better than Internet of Things for AP Network termination, then the delay to data transmission can be reduced during operation ciphering unit, reduce the time delay of network, improve the body of user Test.
Brief description of the drawings
In order to illustrate more clearly of the technical scheme of the embodiment of the present application, required use in being described below to embodiment Accompanying drawing be briefly described, it should be apparent that, drawings in the following description are some embodiments of the present application, for this area For those of ordinary skill, on the premise of not paying creative work, other accompanying drawings can also be obtained according to these accompanying drawings.
Fig. 1 is a kind of schematic flow sheet of the data routing method based on repeater;
Fig. 2 is the method flow diagram that a kind of internet-of-things terminal sends packet to gateway;
Fig. 3 is Internet of Things AP method for transmitting uplink data flow chart
Fig. 4 is the network architecture schematic diagram that the embodiment of the application one provides;
Fig. 5 is the ciphering unit mapping table schematic diagram of the offer of the embodiment of the application one;
Fig. 6 is that the flow for the method that the internet-of-things terminal that another embodiment of the application provides sends packet to gateway is illustrated Figure;
Fig. 7 is a kind of information exchange schematic flow sheet that the application provides;
Fig. 8 is a kind of structure for upstream data enciphered control device of Internet of Things access point based on type that the application provides Schematic diagram;
Fig. 9 is a kind of hardware architecture diagram for Internet of Things access point that the application provides.
Embodiment
It should be mentioned that some exemplary embodiments are described as before exemplary embodiment is discussed in greater detail The processing described as flow chart or method.Although operations are described as the processing of order by flow chart, therein to be permitted Multioperation can be implemented concurrently, concomitantly or simultaneously.In addition, the order of operations can be rearranged.When it The processing can be terminated when operation is completed, it is also possible to the additional step being not included in accompanying drawing.The processing It can correspond to method, function, code, subroutine, subprogram etc..
Alleged within a context " computer equipment ", also referred to as " computer ", referring to can be by running preset program or referring to Order performs the intelligent electronic device of the predetermined process process such as numerical computations and/or logical calculated, its can include processor with Memory, the survival that is prestored in memory by computing device are instructed to perform predetermined process process, or by ASIC, The hardware such as FPGA, DSP perform predetermined process process, or are realized by said two devices combination.Computer equipment includes but unlimited In server, PC, notebook computer, tablet personal computer, smart mobile phone etc..
Method (some of them are illustrated by flow) discussed hereafter can be by hardware, software, firmware, centre Part, microcode, hardware description language or its any combination are implemented.Implement when with software, firmware, middleware or microcode When, to implement the program code of necessary task or code segment can be stored in machine or computer-readable medium and (for example deposit Storage media) in.(one or more) processor can implement necessary task.
Concrete structure and function detail disclosed herein are only representational, and are for describing showing for the present invention The purpose of example property embodiment.But the present invention can be implemented by many alternative forms, and it is not interpreted as It is limited only by the embodiments set forth herein.
Although it should be appreciated that may have been used term " first ", " second " etc. herein to describe unit, But these units should not be limited by these terms.It is used for the purpose of using these terms by a unit and another unit Make a distinction.For example, in the case of the scope without departing substantially from exemplary embodiment, it is single that first module can be referred to as second Member, and similarly second unit can be referred to as first module.Term "and/or" used herein above include one of them or Any and all combination of more listed associated items.
Term used herein above is not intended to limit exemplary embodiment just for the sake of description specific embodiment.Unless Context clearly refers else, otherwise singulative used herein above "one", " one " also attempt to include plural number.Should also When understanding, term " comprising " and/or "comprising" used herein above provide stated feature, integer, step, operation, The presence of unit and/or component, and do not preclude the presence or addition of other one or more features, integer, step, operation, unit, Component and/or its combination.
It should further be mentioned that in some replaces realization modes, the function/action being previously mentioned can be according to different from attached The order indicated in figure occurs.For example, depending on involved function/action, the two width figures shown in succession actually may be used Substantially simultaneously to perform or can perform in a reverse order sometimes.
The present invention is described in further detail below in conjunction with the accompanying drawings.
A kind of according to an aspect of the invention, there is provided Internet of Things AP method for transmitting uplink data.Wherein, this method Apply in internet of things as shown in Figure 1, as shown in figure 1, the internet of things includes:Internet-of-things terminal 10, Internet of Things access Point AP20 and Radio Access Controller 30, above-mentioned internet-of-things terminal can have different performance shapes according to different situations Formula, such as the internet-of-things terminal are specifically as follows:The equipment such as mobile phone, tablet personal computer, computer, certain its, which can also include, to be carried The other equipment of network savvy, such as intelligent television, intelligent air condition, the smart machine of intelligent kettle or some Internet of Things, it is above-mentioned Internet-of-things terminal 10 is wirelessly connected with AP20, and AP20 passes through another way (connection i.e. different from wireless mode Mode) include but is not limited to the access of gateway 12 internet, above-mentioned wireless mode:The modes such as bluetooth, WIFI, above-mentioned another kind side Formula can be LTE or wired mode.It is example in a wired fashion in Fig. 1, represents for convenience, here only with a solid line table Show.
Above-mentioned Radio Access Controller 30 can be a PC (English according to the size of Internet of Things:Personal Computer, PC), certainly in actual applications or multiple pc or server, the specific embodiment of the invention not office Limit the specific manifestation form of above-mentioned Radio Access Controller.
Refering to Fig. 2, the transfer process figure for the upstream data transmission that Fig. 2 is Internet of Things AP, as shown in Fig. 2 the flow includes:
Step S201, internet-of-things terminal 10 wirelessly sends the packet for needing to send to AP20;
Step S202, the packet is transmitted to Radio Access Controller 30 by AP20;
Step S203, Radio Access Controller 30 transmits packet to internet.
By above-mentioned Fig. 1 and Fig. 2 expression, in the actual transmissions of packet, if AP20 and Radio Access Controller Divulged a secret between 30, then pass through corresponding encryption due to no for the packet of transmission, so easilying lead to , easily there is safety issue in the leakage of data.
Refering to Fig. 3, Fig. 3 is a kind of upstream data control extension methods of the Internet of Things AP provided by the invention based on type, This method is realized under network architecture as shown in Figure 4, as shown in figure 4, multiple internet-of-things terminals can be connected under an AP20, The AP is specifically as follows relay station, can also be that router or others have wireless connection and number in actual applications certainly According to the network equipment of forwarding capability, such as the equipment such as the mobile phone of focus, the PC that wireless connection is provided are opened, this method is such as Shown in Fig. 3, comprise the following steps:
Step S301, internet-of-things terminal sends packet to AP20;
Internet-of-things terminal in above-mentioned steps S301 is specifically as follows:The equipment such as mobile phone, tablet personal computer, computer, certainly It can also include the other equipment with network savvy, such as intelligent television, intelligent air condition, intelligent kettle, intelligent lamp, intelligence The smart machine of switch or some Internet of Things.
The mode of internet-of-things terminal to AP20 transmission packets can be the side by wireless connection in above-mentioned steps S301 Formula sends packet, and the wireless mode includes but is not limited to:Bluetooth, Wireless Fidelity (English:Wireless Fidelity, WIFI) or the wireless mode such as Zigbee, wherein, above-mentioned WIFI needs the standard in accordance with IEEE802.11b.
It should be noted that Internet of Things and AP here be only just for wireless aps, because for Internet of Things, The number of devices that it is accessed is numerous, and for AP, if by wired connection, the access quantity of AP first can limit, And for family, with wired connection, it can not imagine for the wiring of domestic consumer, this is wired in addition Cost is also very high, so the connection between the middle internet-of-things terminal and AP in technical scheme only limits wireless connection.
Step S302, AP20 identifies the type of the internet-of-things terminal, according to the type in the type and encryption being pre-configured with The first ciphering unit corresponding to the type is inquired in unit mapping table.
The each producer of type of internet-of-things terminal in above-mentioned steps S302 can be configured according to situation voluntarily, example Such as, the type of the internet-of-things terminal can specifically include:Intelligent electric lamp, intelligent television, intelligent cleaning equipment, intelligent sleep are set Standby, intelligent monitoring device etc., its form showed can be varied, such as include for intelligent electric lamp, the intelligent electric lamp But it is not limited to:The equipment such as intelligent desk lamp, intelligent ceiling lamp, intelligent wall lamp, such as intelligent television, it can be Samsung Board intelligent television, it can also be Sharp's board intelligent television certainly, such as intelligent cleaning equipment, it can be, intelligence Energy sweeping robot, certain its can also include the equipment such as intellective dust collector, intelligent garbage processor, such as intelligent sleep For equipment, it can be:The equipment such as intelligent mattress, intelligent sofa, such as intelligent monitoring device or, it can be, Intelligent sphygmomanometer, intelligent thermometer etc., the present invention is to the particular type of above-mentioned internet-of-things terminal and the quantity of type or species Do not limit.
Type in above-mentioned steps is with ciphering unit mapping table as shown in figure 5, above-mentioned mapping can be to map one by one, certainly Can also be the modes such as one-to-many mapping.
Ciphering unit in above-mentioned steps S302 is specifically as follows the hardware ciphering unit for being arranged on AP, and it is pre- that it includes producer If the AES set, certainly in actual applications, above-mentioned ciphering unit can also be software cryptography list of the configuration in AP Member, the present invention are not intended to limit the specific manifestation form of above-mentioned ciphering unit.
Above-mentioned AES includes but is not limited to:The AESs such as 3DES, MD5 or RSA, limitation is not specific by the present invention AES.
Step S303, AP20 calls the first ciphering unit that the packet is encrypted;
Above-mentioned steps S303 implementation method is specifically as follows:
For example, the first ciphering unit is 3DES encryption unit, then AP20 calls 3DES encryption unit to carry out packet 3DES encryption processing.Such as first ciphering unit be RAS ciphering units, then AP20 call RAS ciphering units to packet carry out RAS encryptions.Such as first ciphering unit be md5 encryption unit, then AP20 call md5 encryption unit to packet carry out Md5 encryption is handled.
The key that the above-mentioned ciphering unit of calling first is encrypted can be by obtaining AP20 MAC Address, foundation AP20 MAC Address obtains key by set algorithm, and the set algorithm can be the part field for intercepting MAC Address, example Such as, the 20th to the 40th of the MAC Address is intercepted, is then converted into decimal number by the 20th to the 40th, ten is entered with this Key of the number processed as encryption, sectional drawing the 20th to the 40th field is that it is by 48 (6 words because for MAC Address here Section) hexadecimal format numeral composition, wherein 0-23 positions be by producer oneself distribute;24-47 positions, it is called tissue and uniquely marks Will accords with (Organizationally Unique Identifier, OUI), organizes to distribute by IEEE, therefore terminal network interface card is complete Ball MAC Address possesses uniqueness.The repetition of interception can be so avoided, and improves encryption performance.
The concrete mode of above-mentioned encryption may refer to 3DES, RSA and MD5 associated description, repeat no more here.
Above-mentioned steps S303 implementation method is specifically as follows:
AP20 calls the first ciphering unit that the packet is encrypted, and such as encrypts successfully, carries out subsequent step S304, such as encrypts unsuccessful, then calls the spare cryptographic unit of the first ciphering unit that the packet is encrypted, will adopt The packet header extended field of packet after being added to encryption with spare cryptographic unit marks.
Step S304, AP20 sends the packet after the encryption to Radio Access Controller.
Above-mentioned steps S304 implementation method can be:
The packet of encryption is sent to Radio Access Controller by another way, for example, internet-of-things terminal It is connected by WIFI with AP, then AP20 can send data packets to Radio Access Controller by wired mode, exist certainly In practical application, AP20 can also pass through Long Term Evolution (English:Long Term Evolution, LTE) by after encryption Packet is sent to Radio Access Controller.Certain above-mentioned LTE or restricted manner and internet-of-things terminal are connected by WIFI and AP The mode connect is not just to for example, the present invention limits to the concrete mode of above-mentioned connection.
According to the method provided such as Fig. 3, internet-of-things terminal is sent data packets to after AP, and AP is according to internet-of-things terminal Type queries go out ciphering unit corresponding to the type, and data are encrypted by the ciphering unit, for Internet of Things, thing Without being configured to encryption, all encryptions are set in AP networked terminals, and this mode can effectively reduce Internet of Things end The cost at end, and for whole Internet of Things, due to numerous internet-of-things terminals can be connected below one AP, only The overall cost of Internet of Things can also be reduced to AP configurations, in addition, its ability calculated is typically better than Internet of Things for AP Terminal, then the delay to data transmission can be reduced during operation ciphering unit, reduce the time delay of network, improve the body of user Test.
Refering to Fig. 6, Fig. 6 is a kind of upstream data control extension methods of the Internet of Things AP provided by the invention based on type, This method is realized under network architecture as shown in Figure 4, as shown in figure 4, multiple internet-of-things terminals can be connected under an AP20, The AP is specifically as follows relay station, can also be that router or others have wireless connection and number in actual applications certainly According to the network equipment of forwarding capability, such as the equipment such as the mobile phone of focus, the PC that wireless connection is provided are opened, this method is such as Shown in Fig. 6, comprise the following steps:
Step S601, internet-of-things terminal sends packet to AP20;
Internet-of-things terminal in above-mentioned steps S601 is specifically as follows:The equipment such as mobile phone, tablet personal computer, computer, certainly It can also include the other equipment with network savvy, such as intelligent television, intelligent air condition, intelligent kettle, intelligent lamp, intelligence The smart machine of switch or some Internet of Things.
The mode of internet-of-things terminal to AP20 transmission packets can be the side by wireless connection in above-mentioned steps S601 Formula sends packet, and the wireless mode includes but is not limited to:Bluetooth, Wireless Fidelity (English:Wireless Fidelity, WIFI) or the wireless mode such as Zigbee, wherein, above-mentioned WIFI needs the standard in accordance with IEEE802.11b.
It should be noted that Internet of Things and AP here be only just for wireless aps, because for Internet of Things, The number of devices that it is accessed is numerous, and for AP, if by wired connection, the access quantity of AP first can limit, And for family, with wired connection, it can not imagine for the wiring of domestic consumer, this is wired in addition Cost is also very high, so the connection between the middle internet-of-things terminal and AP in technical scheme only limits wireless connection.
Step S602, AP20 identifies the type of the internet-of-things terminal, according to the type in the type and encryption being pre-configured with The first ciphering unit corresponding to the type is inquired in unit mapping table;
The each producer of type of internet-of-things terminal in above-mentioned steps S602 can be configured according to situation voluntarily, example Such as, the type of the internet-of-things terminal can specifically include:Intelligent electric lamp, intelligent television, intelligent cleaning equipment, intelligent sleep are set Standby, intelligent monitoring device etc., its form showed can be varied, such as include for intelligent electric lamp, the intelligent electric lamp But it is not limited to:The equipment such as intelligent desk lamp, intelligent ceiling lamp, intelligent wall lamp, such as intelligent television, it can be Samsung Board intelligent television, it can also be Sharp's board intelligent television certainly, such as intelligent cleaning equipment, it can be, intelligence Energy sweeping robot, certain its can also include the equipment such as intellective dust collector, intelligent garbage processor, such as intelligent sleep For equipment, it can be:The equipment such as intelligent mattress, intelligent sofa, such as intelligent monitoring device or, it can be, Intelligent sphygmomanometer, intelligent thermometer etc., the present invention is to the particular type of above-mentioned internet-of-things terminal and the quantity of type or species Do not limit.
AP20 identifies that the concrete methods of realizing of the type of the internet-of-things terminal can be in above-mentioned steps S602:
AP20 identifies the type of internet-of-things terminal by the mark of internet-of-things terminal, and the mark includes but is not limited to:Thing Media access address (the English of networked terminals:Media Access Control, MAC), the name of IP address or internet-of-things terminal Claim etc., certainly in actual applications, above-mentioned Internet of Things can also be determined between AP20 and internet-of-things terminal by information exchange The type of network termination, as shown in fig. 7, the flow of the information exchange is specifically as follows:
Step S701, internet-of-things terminal sends connection request to AP20,
Step S702, AP20 returns to connection response to internet-of-things terminal, establishes the wireless connection with internet-of-things terminal;
Step S703, the internet-of-things terminal type list in AP20 is handed down to Internet of Things end by AP20 by the wireless connection End;
Step S704, internet-of-things terminal finds out the internet-of-things terminal matched with itself from the internet-of-things terminal type list Type;
Step S705, the internet-of-things terminal type is reported AP20 by internet-of-things terminal.
Type in above-mentioned steps is with ciphering unit mapping table as shown in figure 5, above-mentioned mapping can be to map one by one, certainly Can also be the modes such as one-to-many mapping.
Ciphering unit in above-mentioned steps S602 is specifically as follows the hardware ciphering unit for being arranged on AP, and it is pre- that it includes producer If the AES set, certainly in actual applications, above-mentioned ciphering unit can also be software cryptography list of the configuration in AP Member, the present invention are not intended to limit the specific manifestation form of above-mentioned ciphering unit.
Above-mentioned AES includes but is not limited to:The AESs such as 3DES, MD5 or RSA, limitation is not specific by the present invention AES.
Step S603, AP20 generates key pair, and the secret key pair includes private key and public key, and AP20 is added using public key according to first The packet is encrypted close unit;
Above-mentioned steps S603 implementation method is specifically as follows:
For example, the first ciphering unit is 3DES encryption unit, then AP20 calls 3DES encryption unit to carry out packet 3DES encryption processing.Such as first ciphering unit be RAS ciphering units, then AP20 call RAS ciphering units to packet carry out RAS encryptions.Such as first ciphering unit be md5 encryption unit, then AP20 call md5 encryption unit to packet carry out Md5 encryption is handled.
The concrete mode of above-mentioned encryption may refer to 3DES, RSA and MD5 associated description, repeat no more here.
Step S604, AP20 sends the packet after the encryption to Radio Access Controller by first path, AP20 sends private key to Radio Access Controller by the second path.
Above-mentioned steps S604 implementation method can be:
The packet of encryption is sent to Radio Access Controller by another way, for example, internet-of-things terminal It is connected by WIFI with AP, then AP20 can send data packets to Radio Access Controller by wired mode, exist certainly In practical application, AP20 can also pass through Long Term Evolution (English:Long Term Evolution, LTE) by after encryption Packet is sent to Radio Access Controller.Certain above-mentioned LTE or restricted manner and internet-of-things terminal are connected by WIFI and AP The mode connect is not just to for example, the present invention limits to the concrete mode of above-mentioned connection.
Above-mentioned first path and the second path are different paths, and above-mentioned first path can pass through different routing algorithms Calculate, the routing algorithm includes but is not limited to:Shortest-path first algorithm or most short time-delay priority algorithm, certainly above-mentioned the One path and the second path can also be handled by different routing algorithm calculating, for example, first path can use it is most short Path-first algorithm is calculated, and the second path can be calculated by most short time-delay priority algorithm.
According to the method provided such as Fig. 6, internet-of-things terminal is sent data packets to after AP, and AP is according to internet-of-things terminal Type queries go out ciphering unit corresponding to the type, and data are encrypted by the ciphering unit, for Internet of Things, thing Without being configured to encryption, all encryptions are set in AP networked terminals, and this mode can effectively reduce Internet of Things end The cost at end, and for whole Internet of Things, due to numerous internet-of-things terminals can be connected below one AP, only The overall cost of Internet of Things can also be reduced to AP configurations, in addition, its ability calculated is typically better than Internet of Things for AP Terminal, then the delay to data transmission can be reduced during operation ciphering unit, reduce the time delay of network, improve the body of user Test.Method as shown in Figure 6 is sent when sending encryption data bag and private key using different paths, is so added information and is blocked The difficulty cut, it so can further improve the security of data.
Refering to Fig. 8, Fig. 8 is a kind of upstream data control extension dress of the Internet of Things access point provided by the invention based on type 800 are put, described device includes:
Receiving unit 801, for receiving the packet of internet-of-things terminal transmission;
Recognition unit 802, for identifying the type of the internet-of-things terminal;
Searching unit 803, for according to the type in the type being pre-configured with being inquired in ciphering unit mapping table First ciphering unit corresponding to the type;
Ciphering unit 804, for calling first ciphering unit that the packet is encrypted;
Transmitting element 805, for the packet after encryption to be sent to Radio Access Controller.
Optionally, recognition unit 802 is specific, for identifying internet-of-things terminal by the mark of the internet-of-things terminal Type.
Optionally, recognition unit 805 is specific, for sending internet-of-things terminal type list to internet-of-things terminal, receives Internet of Things The foundation internet-of-things terminal type list that network termination is sent finds out the internet-of-things terminal type matched with itself.
Optionally, ciphering unit 804 is specific, for calling first ciphering unit that place is encrypted to the packet Reason, such as encrypt successfully, progress subsequent step, such as encrypt it is unsuccessful, calling the first ciphering unit spare cryptographic unit to described Packet is encrypted, and the packet header for being added to the packet after encryption using spare cryptographic unit marks is extended into word Section.
Optionally, ciphering unit 804 is specific, for generating key pair, the key to including:Public key and private key, use Packet is encrypted by the first ciphering unit for public key, the transmitting element, for by the data after encryption Bag is sent by first path, and private key is sent by the second path.
Refering to Fig. 9, Fig. 9 is a kind of Internet of Things access point 900 provided by the invention, and the Internet of Things access point can be deployment A node in internet system, internet system can also include:Internet-of-things terminal and Radio Access Controller, the thing Networking access point 900 includes but is not limited to:The equipment such as computer, server, as shown in figure 9, the Internet of Things access point 900 wraps Include:Processor 901, memory 902, transceiver 903 and bus 904.Transceiver 903 be used for external equipment (such as mutually contact Other equipment in system, include but is not limited to:Repeater, equipment of the core network etc.) between transceiving data.Internet of Things access point 900 In the quantity of processor 901 can be one or more.In some embodiments of the present application, processor 901, memory 902 It can be connected with transceiver 903 by bus system or other modes.The implication for the term being related on the present embodiment and citing, Embodiment corresponding to Fig. 3 or Fig. 6 is may be referred to, here is omitted.
Wherein, can be with store program codes in memory 902.Processor 901 is used to call the journey stored in memory 902 Sequence code, for performing following operation:
Transceiver 903, for receiving the packet of internet-of-things terminal transmission;
Processor 901, for identifying the type of the internet-of-things terminal, according to the type the type that is pre-configured with The first ciphering unit corresponding to the type is inquired in ciphering unit mapping table, calls first ciphering unit to the number It is encrypted according to bag.
Transceiver 903, it is additionally operable to send the packet after encryption to Radio Access Controller.
Optionally, processor 901, transceiver 903, can be also used for performing the step as in Fig. 3 or as shown in Figure 6 embodiments Rapid and step refinement scheme and alternative.
It should be noted that processor 901 here can be a treatment element or multiple treatment elements It is referred to as.For example, the treatment element can be central processing unit (Central Processing Unit, CPU) or spy Determine integrated circuit (Application Specific Integrated Circuit, ASIC), or be arranged to implement this Apply for one or more integrated circuits of embodiment, such as:One or more microprocessors (digital singnal Processor, DSP), or, one or more field programmable gate array (Field Programmable Gate Array, FPGA)。
Memory 903 can be the general designation of a storage device or multiple memory elements, and for storing and can hold Parameter, data etc. required for line program code or the operation of application program running gear.And memory 903 can include random storage Device (RAM), nonvolatile memory (non-volatile memory), such as magnetic disk storage, flash memory can also be included (Flash) etc..
Bus 904 can be that industry standard architecture (Industry Standard Architecture, ISA) is total Line, external equipment interconnection (Peripheral Component, PCI) bus or extended industry-standard architecture (Extended Industry Standard Architecture, EISA) bus etc..The bus can be divided into address bus, data/address bus, control Bus processed etc..For ease of representing, only represented in Fig. 9 with a thick line, it is not intended that an only bus or a type of Bus.
The user equipment can also include input/output unit, be connected to bus 904, to pass through bus and processor 901 Connected etc. other parts.The input/output unit can provide an inputting interface for operating personnel, so that operating personnel pass through this Inputting interface selects item of deploying to ensure effective monitoring and control of illegal activities, and can also be other interfaces, can pass through the external miscellaneous equipment of the interface.
It should be noted that for foregoing each embodiment of the method, in order to be briefly described, therefore it is all expressed as to a system The combination of actions of row, but those skilled in the art should know, the application is not limited by described sequence of movement, because For according to the application, certain some step can use other orders or carry out simultaneously.Secondly, those skilled in the art also should Know, embodiment described in this description belongs to preferred embodiment, involved action and module not necessarily this Shen Please be necessary.
In the above-described embodiments, the description to each embodiment all emphasizes particularly on different fields, and is not described in some embodiment Part, may refer to the associated description of other embodiment.
One of ordinary skill in the art will appreciate that all or part of step in the various methods of above-described embodiment is can To instruct the hardware of correlation to complete by program, the program can be stored in a computer-readable recording medium, storage Medium can include:Flash disk, read-only storage (English:Read-Only Memory, referred to as:ROM), random access device (English Text:Random Access Memory, referred to as:RAM), disk or CD etc..
The content download method and relevant device that are there is provided above the embodiment of the present application, system are described in detail, Specific case used herein is set forth to the principle and embodiment of the application, and the explanation of above example is simply used Understand the present processes and its core concept in help;Meanwhile for those of ordinary skill in the art, according to the application's Thought, there will be changes in specific embodiments and applications, in summary, this specification content should not be construed as Limitation to the application.

Claims (1)

1. a kind of upstream data control extension method of Internet of Things access point based on type, methods described comprise the following steps:
The Internet of Things access point receives the packet that internet-of-things terminal is sent;
The Internet of Things access point identifies the type of the internet-of-things terminal, according to the type in the type being pre-configured with adding The first ciphering unit corresponding to the type is inquired in close unit mapping table;
The Internet of Things access point calls first ciphering unit that the packet is encrypted;
The Internet of Things access point sends the packet after encryption to Radio Access Controller.
The Internet of Things access point identifies that the type of the internet-of-things terminal is specific, including:
The Internet of Things access point identifies the type of internet-of-things terminal by the mark of the internet-of-things terminal.
The Internet of Things access point identifies that the type of the internet-of-things terminal is specific, including:
The Internet of Things access point sends internet-of-things terminal type list to internet-of-things terminal,
The foundation internet-of-things terminal type list that the Internet of Things access point reception internet-of-things terminal is sent is found out and itself The internet-of-things terminal type of matching.
The Internet of Things access point calls first ciphering unit that the packet is encrypted specifically, including:
The Internet of Things access point calls first ciphering unit that the packet is encrypted, and such as encrypts successfully, Subsequent step is carried out, such as encrypts unsuccessful, the Internet of Things access point calls the spare cryptographic unit of the first ciphering unit to institute State packet to be encrypted, the packet header for being added to the packet after encryption using spare cryptographic unit marks is extended Field.
The Internet of Things access point generates key pair, the key to including:Public key and private key, the Internet of Things access point use Packet is encrypted by the first ciphering unit for public key, and the packet after encryption is sent out by first path Send, private key is sent by the second path.
A kind of upstream data enciphered control device of Internet of Things access point based on type, described device include:
Receiving unit, for receiving the packet of internet-of-things terminal transmission;
Recognition unit, for identifying the type of the internet-of-things terminal;
Searching unit, for inquiring the type in the type and ciphering unit mapping table being pre-configured with according to the type Corresponding first ciphering unit;
Ciphering unit, for calling first ciphering unit that the packet is encrypted;
Transmitting element, for the packet after encryption to be sent to Radio Access Controller.
The recognition unit is specific, for identifying the type of internet-of-things terminal by the mark of the internet-of-things terminal.
The recognition unit is specific, for sending internet-of-things terminal type list to internet-of-things terminal, receives internet-of-things terminal and sends The foundation internet-of-things terminal type list find out the internet-of-things terminal type matched with itself.
The ciphering unit is specific, for calling first ciphering unit that the packet is encrypted, such as encrypts Success, carry out subsequent step, such as encrypt it is unsuccessful, call the first ciphering unit spare cryptographic unit to the packet carry out Encryption, the packet header extended field of the packet after encryption will be added to using spare cryptographic unit marks.
The ciphering unit is specific, for generating key pair, the key to including:Public key and private key, pass through using public key Packet is encrypted one ciphering unit, the transmitting element, for the packet after encryption to be passed through into first Path is sent, and private key is sent by the second path.
CN201610834313.6A 2016-09-20 2016-09-20 Upstream data control extension method and device of the Internet of Things access point based on type Pending CN107846683A (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201610834313.6A CN107846683A (en) 2016-09-20 2016-09-20 Upstream data control extension method and device of the Internet of Things access point based on type
PCT/CN2016/103371 WO2018053895A1 (en) 2016-09-20 2016-10-26 Type-based uplink data encryption control method and device for internet-of-things access point

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610834313.6A CN107846683A (en) 2016-09-20 2016-09-20 Upstream data control extension method and device of the Internet of Things access point based on type

Publications (1)

Publication Number Publication Date
CN107846683A true CN107846683A (en) 2018-03-27

Family

ID=61657323

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610834313.6A Pending CN107846683A (en) 2016-09-20 2016-09-20 Upstream data control extension method and device of the Internet of Things access point based on type

Country Status (2)

Country Link
CN (1) CN107846683A (en)
WO (1) WO2018053895A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111800498A (en) * 2020-06-30 2020-10-20 联想(北京)有限公司 Data transmission method and device

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113448744B (en) * 2020-03-26 2023-08-01 大唐移动通信设备有限公司 Application program selection method and device
CN114666173B (en) * 2022-05-26 2022-10-18 广州万协通信息技术有限公司 Internet of things information transmission method and device based on intermediate equipment

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2701360A1 (en) * 2012-08-21 2014-02-26 BSH Bosch und Siemens Hausgeräte GmbH Communication module for a domestic appliance
CN103647762A (en) * 2013-11-27 2014-03-19 清华大学 IPv6 internet of things node identity authentication method based on access path
CN104394143A (en) * 2014-11-24 2015-03-04 青岛海尔软件有限公司 Internet of Things equipment and Internet of Things server communicating method and device

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP4594969B2 (en) * 2007-08-28 2010-12-08 株式会社バッファロー Wireless LAN access point, program and recording medium
CN104579627B (en) * 2014-12-06 2018-06-05 上海移远通信技术股份有限公司 A kind of data ciphering method and system

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2701360A1 (en) * 2012-08-21 2014-02-26 BSH Bosch und Siemens Hausgeräte GmbH Communication module for a domestic appliance
CN103647762A (en) * 2013-11-27 2014-03-19 清华大学 IPv6 internet of things node identity authentication method based on access path
CN104394143A (en) * 2014-11-24 2015-03-04 青岛海尔软件有限公司 Internet of Things equipment and Internet of Things server communicating method and device

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
KENNETH C.LAUDON,(美)CAROL GUERCIO TRAVER;劳帼龄等译: "《电子商务商业、技术和社会》", 30 June 2004 *
张文,夏戈明,周翱隆,万山川: "一种安全加固的 NFC 无线通信连接认证加速系统", 《技术研究》 *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111800498A (en) * 2020-06-30 2020-10-20 联想(北京)有限公司 Data transmission method and device

Also Published As

Publication number Publication date
WO2018053895A1 (en) 2018-03-29

Similar Documents

Publication Publication Date Title
JP6817174B2 (en) Propagation of data frames across communication networks using incompatible network routing protocols
CN108886685B (en) Terminal matching method and device
CN104469660B (en) Network-building method based on bluetooth
CN107736047A (en) Safe Architecture For eNet for honeycomb Internet of Things
CN107852600A (en) The network architecture and safety with simplified mobile process
CN103841626A (en) Internet of Things wireless terminal, configuration method thereof and mobile terminal
CN104919766A (en) Path switching procedure for device-to-device communication
CN108347420A (en) A kind of method, relevant device and the system of netkey processing
CN107846715A (en) Access point switching method and device of the Internet of Things based on transmission rate
CN104244272A (en) Method and system for reinforcing strength of wireless signals
CN104378299A (en) Flow table entry processing method and device
CN107801187A (en) Encipher-decipher method, apparatus and system
CN104540180B (en) A kind of Android multihop routing implementation method without root authority
CN107846683A (en) Upstream data control extension method and device of the Internet of Things access point based on type
CN107113608A (en) By user equipment and base station generate multiple shared keys using cipher key spreading multiplier
CN109791590A (en) Security processes
CN107770087A (en) Router switching method and device of the Internet of Things based on connection quantity
CN109996229A (en) Data transmission method, device, electronic equipment and storage medium based on DHT network
CN104620617A (en) Methods and apparatus for authentication
CN107483203A (en) Internet of Things access point receives the encryption method at times and device of data
WO2019019282A1 (en) Method for internet of things terminal to sequentially encrypt data, and apparatus
WO2019019280A1 (en) Method for internet of things terminal to encrypt data according to time periods, and apparatus
CN107370735A (en) The encryption method at times and device of a kind of Internet of Things REPEATER DATA
CN107493571A (en) Upstream data control extension method and device of the Internet of Things repeater based on type
CN107302538A (en) Internet of Things AP receives the subset encryption method and device of data

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20180327