CN107846683A - Upstream data control extension method and device of the Internet of Things access point based on type - Google Patents
Upstream data control extension method and device of the Internet of Things access point based on type Download PDFInfo
- Publication number
- CN107846683A CN107846683A CN201610834313.6A CN201610834313A CN107846683A CN 107846683 A CN107846683 A CN 107846683A CN 201610834313 A CN201610834313 A CN 201610834313A CN 107846683 A CN107846683 A CN 107846683A
- Authority
- CN
- China
- Prior art keywords
- internet
- things
- type
- packet
- access point
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 46
- 238000011144 upstream manufacturing Methods 0.000 title claims abstract description 14
- 238000013507 mapping Methods 0.000 claims abstract description 16
- 230000005540 biological transmission Effects 0.000 claims description 12
- 238000012545 processing Methods 0.000 description 9
- 230000008569 process Effects 0.000 description 8
- 238000010586 diagram Methods 0.000 description 5
- 230000009471 action Effects 0.000 description 4
- 238000004140 cleaning Methods 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 4
- 230000006870 function Effects 0.000 description 4
- 230000007774 longterm Effects 0.000 description 4
- 238000012806 monitoring device Methods 0.000 description 4
- 238000011161 development Methods 0.000 description 3
- 230000006855 networking Effects 0.000 description 3
- 238000012360 testing method Methods 0.000 description 3
- 239000000428 dust Substances 0.000 description 2
- 238000000682 scanning probe acoustic microscopy Methods 0.000 description 2
- 238000010408 sweeping Methods 0.000 description 2
- 238000004364 calculation method Methods 0.000 description 1
- 230000019771 cognition Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000000802 evaporation-induced self-assembly Methods 0.000 description 1
- 230000004927 fusion Effects 0.000 description 1
- 239000000203 mixture Substances 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000002093 peripheral effect Effects 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 230000004083 survival effect Effects 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/03—Protecting confidentiality, e.g. by encryption
- H04W12/033—Protecting confidentiality, e.g. by encryption of the user plane, e.g. user's traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/02—Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
- H04W12/041—Key generation or derivation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/80—Arrangements enabling lawful interception [LI]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W48/00—Access restriction; Network selection; Access point selection
- H04W48/08—Access restriction or access information delivery, e.g. discovery data delivery
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Technology Law (AREA)
- Health & Medical Sciences (AREA)
- Computing Systems (AREA)
- General Health & Medical Sciences (AREA)
- Medical Informatics (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
This application discloses a kind of upstream data control extension method of Internet of Things access point based on type, methods described comprises the following steps:The Internet of Things access point receives the packet that internet-of-things terminal is sent;The Internet of Things access point identifies the type of the internet-of-things terminal, according to the type in the type being pre-configured with the first ciphering unit corresponding with inquiring the type in ciphering unit mapping table;The Internet of Things access point calls first ciphering unit that the packet is encrypted;The Internet of Things access point sends the packet after encryption to Radio Access Controller.The application has the advantages of user experience is high.
Description
Technical field
The application is related to the communications field, more particularly to a kind of upstream data control extension methods of Internet of Things AP based on type
And device.
Background technology
Internet of Things is the important component of generation information technology, and the important development stage in " informationization " epoch.
Its English name is:“Internet of things(IoT)”.As its name suggests, Internet of Things is exactly the connected internet of thing thing.This
There is two layers of meaning:First, the core of Internet of Things and basis are still internet, it is extension and extension on Internet basic
Network;Second, its user terminal extends and extend between any article and article, enter row information and exchange and communicate, that is,
Thing thing mutually ceases.Internet of Things is widely used in network by the cognition technology that communicates such as Intellisense, identification technology and general fit calculation
In fusion, also therefore it is referred to as the third wave that world information industry develops after computer, internet.Internet of Things is mutual
The application extension of networking, rather than Internet of Things is network, Internet of Things is business and application.Therefore, application innovation is thing
The core of networking development, the innovation 2.0 using Consumer's Experience as core are the souls of Internet of Things development.
What Internet of Things solved is the data exchange between interconnection and thing thing between thing thing, and existing Internet of Things is being networked
When be based on Internet of Things access point (English:Access point, AP) access internet, the Information Security of Internet of Things compared with
It is low, so user experience is low.
The content of the invention
The application provides a kind of upstream data control extension methods of the Internet of Things AP based on type.Internet of Things netting index can be improved
According to security, improve Consumer's Experience.
First aspect, there is provided a kind of upstream data control extension method of Internet of Things access point based on type, methods described
Comprise the following steps:
The Internet of Things access point receives the packet that internet-of-things terminal is sent;
The Internet of Things access point identifies the type of the internet-of-things terminal, according to the type in the type being pre-configured with
The first ciphering unit corresponding with inquiring the type in ciphering unit mapping table;
The Internet of Things access point calls first ciphering unit that the packet is encrypted;
The Internet of Things access point sends the packet after encryption to Radio Access Controller.
Optionally, the Internet of Things access point identifies that the type of the internet-of-things terminal is specific, including:
The Internet of Things access point identifies the type of internet-of-things terminal by the mark of the internet-of-things terminal.
Optionally, the Internet of Things access point identifies that the type of the internet-of-things terminal is specific, including:
The Internet of Things access point sends internet-of-things terminal type list to internet-of-things terminal,
The Internet of Things access point receive the foundation internet-of-things terminal type list that internet-of-things terminal is sent find out with
The internet-of-things terminal type of itself matching.
Optionally, the Internet of Things access point calls first ciphering unit that tool is encrypted to the packet
Body, including:
The Internet of Things access point calls first ciphering unit that the packet is encrypted, and is such as encrypted to
Work(, subsequent step is carried out, such as encrypt unsuccessful, the spare cryptographic unit pair of the first ciphering unit of the Internet of Things access point calling
The packet is encrypted, and the packet header for being added to the packet after encryption using spare cryptographic unit marks is expanded
Open up field.
Optionally, methods described also includes:
The Internet of Things access point generates key pair, the key to including:Public key and private key, the Internet of Things access point
Packet is encrypted by the first ciphering unit using public key, the packet after encryption is passed through into first path
Send, private key is sent by the second path.
Second aspect, there is provided a kind of upstream data enciphered control device of Internet of Things access point based on type, described device
Including:
Receiving unit, for receiving the packet of internet-of-things terminal transmission;
Recognition unit, for identifying the type of the internet-of-things terminal;
Searching unit, for described with being inquired in ciphering unit mapping table in the type being pre-configured with according to the type
First ciphering unit corresponding to type;
Ciphering unit, for calling first ciphering unit that the packet is encrypted;
Transmitting element, for the packet after encryption to be sent to Radio Access Controller.
Optionally, the recognition unit is specific, and internet-of-things terminal is identified for the mark by the internet-of-things terminal
Type.
Optionally, the recognition unit is specific, for sending internet-of-things terminal type list to internet-of-things terminal, receives Internet of Things
The foundation internet-of-things terminal type list that network termination is sent finds out the internet-of-things terminal type matched with itself.
Optionally, the ciphering unit is specific, for calling first ciphering unit that the packet is encrypted
Processing, such as encrypt successfully, progress subsequent step, such as encrypt it is unsuccessful, calling the first ciphering unit spare cryptographic unit to institute
State packet to be encrypted, the packet header for being added to the packet after encryption using spare cryptographic unit marks is extended
Field.
Optionally, the ciphering unit is specific, for generating key pair, the key to including:Public key and private key, use
Packet is encrypted by the first ciphering unit for public key, the transmitting element, for by the data after encryption
Bag is sent by first path, and private key is sent by the second path.
The internet-of-things terminal of technical scheme provided by the invention is sent data packets to after AP, and AP is according to internet-of-things terminal
Type queries go out ciphering unit corresponding to the type, data are encrypted by the ciphering unit, for Internet of Things,
For internet-of-things terminal without being configured to encryption, all encryptions are set can effectively reduce Internet of Things in AP, this mode
The cost of terminal, and for whole Internet of Things, due to numerous internet-of-things terminals can be connected below one AP, only
The overall cost of Internet of Things only can also be reduced to AP configurations, in addition, its ability calculated is typically better than Internet of Things for AP
Network termination, then the delay to data transmission can be reduced during operation ciphering unit, reduce the time delay of network, improve the body of user
Test.
Brief description of the drawings
In order to illustrate more clearly of the technical scheme of the embodiment of the present application, required use in being described below to embodiment
Accompanying drawing be briefly described, it should be apparent that, drawings in the following description are some embodiments of the present application, for this area
For those of ordinary skill, on the premise of not paying creative work, other accompanying drawings can also be obtained according to these accompanying drawings.
Fig. 1 is a kind of schematic flow sheet of the data routing method based on repeater;
Fig. 2 is the method flow diagram that a kind of internet-of-things terminal sends packet to gateway;
Fig. 3 is Internet of Things AP method for transmitting uplink data flow chart
Fig. 4 is the network architecture schematic diagram that the embodiment of the application one provides;
Fig. 5 is the ciphering unit mapping table schematic diagram of the offer of the embodiment of the application one;
Fig. 6 is that the flow for the method that the internet-of-things terminal that another embodiment of the application provides sends packet to gateway is illustrated
Figure;
Fig. 7 is a kind of information exchange schematic flow sheet that the application provides;
Fig. 8 is a kind of structure for upstream data enciphered control device of Internet of Things access point based on type that the application provides
Schematic diagram;
Fig. 9 is a kind of hardware architecture diagram for Internet of Things access point that the application provides.
Embodiment
It should be mentioned that some exemplary embodiments are described as before exemplary embodiment is discussed in greater detail
The processing described as flow chart or method.Although operations are described as the processing of order by flow chart, therein to be permitted
Multioperation can be implemented concurrently, concomitantly or simultaneously.In addition, the order of operations can be rearranged.When it
The processing can be terminated when operation is completed, it is also possible to the additional step being not included in accompanying drawing.The processing
It can correspond to method, function, code, subroutine, subprogram etc..
Alleged within a context " computer equipment ", also referred to as " computer ", referring to can be by running preset program or referring to
Order performs the intelligent electronic device of the predetermined process process such as numerical computations and/or logical calculated, its can include processor with
Memory, the survival that is prestored in memory by computing device are instructed to perform predetermined process process, or by ASIC,
The hardware such as FPGA, DSP perform predetermined process process, or are realized by said two devices combination.Computer equipment includes but unlimited
In server, PC, notebook computer, tablet personal computer, smart mobile phone etc..
Method (some of them are illustrated by flow) discussed hereafter can be by hardware, software, firmware, centre
Part, microcode, hardware description language or its any combination are implemented.Implement when with software, firmware, middleware or microcode
When, to implement the program code of necessary task or code segment can be stored in machine or computer-readable medium and (for example deposit
Storage media) in.(one or more) processor can implement necessary task.
Concrete structure and function detail disclosed herein are only representational, and are for describing showing for the present invention
The purpose of example property embodiment.But the present invention can be implemented by many alternative forms, and it is not interpreted as
It is limited only by the embodiments set forth herein.
Although it should be appreciated that may have been used term " first ", " second " etc. herein to describe unit,
But these units should not be limited by these terms.It is used for the purpose of using these terms by a unit and another unit
Make a distinction.For example, in the case of the scope without departing substantially from exemplary embodiment, it is single that first module can be referred to as second
Member, and similarly second unit can be referred to as first module.Term "and/or" used herein above include one of them or
Any and all combination of more listed associated items.
Term used herein above is not intended to limit exemplary embodiment just for the sake of description specific embodiment.Unless
Context clearly refers else, otherwise singulative used herein above "one", " one " also attempt to include plural number.Should also
When understanding, term " comprising " and/or "comprising" used herein above provide stated feature, integer, step, operation,
The presence of unit and/or component, and do not preclude the presence or addition of other one or more features, integer, step, operation, unit,
Component and/or its combination.
It should further be mentioned that in some replaces realization modes, the function/action being previously mentioned can be according to different from attached
The order indicated in figure occurs.For example, depending on involved function/action, the two width figures shown in succession actually may be used
Substantially simultaneously to perform or can perform in a reverse order sometimes.
The present invention is described in further detail below in conjunction with the accompanying drawings.
A kind of according to an aspect of the invention, there is provided Internet of Things AP method for transmitting uplink data.Wherein, this method
Apply in internet of things as shown in Figure 1, as shown in figure 1, the internet of things includes:Internet-of-things terminal 10, Internet of Things access
Point AP20 and Radio Access Controller 30, above-mentioned internet-of-things terminal can have different performance shapes according to different situations
Formula, such as the internet-of-things terminal are specifically as follows:The equipment such as mobile phone, tablet personal computer, computer, certain its, which can also include, to be carried
The other equipment of network savvy, such as intelligent television, intelligent air condition, the smart machine of intelligent kettle or some Internet of Things, it is above-mentioned
Internet-of-things terminal 10 is wirelessly connected with AP20, and AP20 passes through another way (connection i.e. different from wireless mode
Mode) include but is not limited to the access of gateway 12 internet, above-mentioned wireless mode:The modes such as bluetooth, WIFI, above-mentioned another kind side
Formula can be LTE or wired mode.It is example in a wired fashion in Fig. 1, represents for convenience, here only with a solid line table
Show.
Above-mentioned Radio Access Controller 30 can be a PC (English according to the size of Internet of Things:Personal
Computer, PC), certainly in actual applications or multiple pc or server, the specific embodiment of the invention not office
Limit the specific manifestation form of above-mentioned Radio Access Controller.
Refering to Fig. 2, the transfer process figure for the upstream data transmission that Fig. 2 is Internet of Things AP, as shown in Fig. 2 the flow includes:
Step S201, internet-of-things terminal 10 wirelessly sends the packet for needing to send to AP20;
Step S202, the packet is transmitted to Radio Access Controller 30 by AP20;
Step S203, Radio Access Controller 30 transmits packet to internet.
By above-mentioned Fig. 1 and Fig. 2 expression, in the actual transmissions of packet, if AP20 and Radio Access Controller
Divulged a secret between 30, then pass through corresponding encryption due to no for the packet of transmission, so easilying lead to
, easily there is safety issue in the leakage of data.
Refering to Fig. 3, Fig. 3 is a kind of upstream data control extension methods of the Internet of Things AP provided by the invention based on type,
This method is realized under network architecture as shown in Figure 4, as shown in figure 4, multiple internet-of-things terminals can be connected under an AP20,
The AP is specifically as follows relay station, can also be that router or others have wireless connection and number in actual applications certainly
According to the network equipment of forwarding capability, such as the equipment such as the mobile phone of focus, the PC that wireless connection is provided are opened, this method is such as
Shown in Fig. 3, comprise the following steps:
Step S301, internet-of-things terminal sends packet to AP20;
Internet-of-things terminal in above-mentioned steps S301 is specifically as follows:The equipment such as mobile phone, tablet personal computer, computer, certainly
It can also include the other equipment with network savvy, such as intelligent television, intelligent air condition, intelligent kettle, intelligent lamp, intelligence
The smart machine of switch or some Internet of Things.
The mode of internet-of-things terminal to AP20 transmission packets can be the side by wireless connection in above-mentioned steps S301
Formula sends packet, and the wireless mode includes but is not limited to:Bluetooth, Wireless Fidelity (English:Wireless Fidelity,
WIFI) or the wireless mode such as Zigbee, wherein, above-mentioned WIFI needs the standard in accordance with IEEE802.11b.
It should be noted that Internet of Things and AP here be only just for wireless aps, because for Internet of Things,
The number of devices that it is accessed is numerous, and for AP, if by wired connection, the access quantity of AP first can limit,
And for family, with wired connection, it can not imagine for the wiring of domestic consumer, this is wired in addition
Cost is also very high, so the connection between the middle internet-of-things terminal and AP in technical scheme only limits wireless connection.
Step S302, AP20 identifies the type of the internet-of-things terminal, according to the type in the type and encryption being pre-configured with
The first ciphering unit corresponding to the type is inquired in unit mapping table.
The each producer of type of internet-of-things terminal in above-mentioned steps S302 can be configured according to situation voluntarily, example
Such as, the type of the internet-of-things terminal can specifically include:Intelligent electric lamp, intelligent television, intelligent cleaning equipment, intelligent sleep are set
Standby, intelligent monitoring device etc., its form showed can be varied, such as include for intelligent electric lamp, the intelligent electric lamp
But it is not limited to:The equipment such as intelligent desk lamp, intelligent ceiling lamp, intelligent wall lamp, such as intelligent television, it can be Samsung
Board intelligent television, it can also be Sharp's board intelligent television certainly, such as intelligent cleaning equipment, it can be, intelligence
Energy sweeping robot, certain its can also include the equipment such as intellective dust collector, intelligent garbage processor, such as intelligent sleep
For equipment, it can be:The equipment such as intelligent mattress, intelligent sofa, such as intelligent monitoring device or, it can be,
Intelligent sphygmomanometer, intelligent thermometer etc., the present invention is to the particular type of above-mentioned internet-of-things terminal and the quantity of type or species
Do not limit.
Type in above-mentioned steps is with ciphering unit mapping table as shown in figure 5, above-mentioned mapping can be to map one by one, certainly
Can also be the modes such as one-to-many mapping.
Ciphering unit in above-mentioned steps S302 is specifically as follows the hardware ciphering unit for being arranged on AP, and it is pre- that it includes producer
If the AES set, certainly in actual applications, above-mentioned ciphering unit can also be software cryptography list of the configuration in AP
Member, the present invention are not intended to limit the specific manifestation form of above-mentioned ciphering unit.
Above-mentioned AES includes but is not limited to:The AESs such as 3DES, MD5 or RSA, limitation is not specific by the present invention
AES.
Step S303, AP20 calls the first ciphering unit that the packet is encrypted;
Above-mentioned steps S303 implementation method is specifically as follows:
For example, the first ciphering unit is 3DES encryption unit, then AP20 calls 3DES encryption unit to carry out packet
3DES encryption processing.Such as first ciphering unit be RAS ciphering units, then AP20 call RAS ciphering units to packet carry out
RAS encryptions.Such as first ciphering unit be md5 encryption unit, then AP20 call md5 encryption unit to packet carry out
Md5 encryption is handled.
The key that the above-mentioned ciphering unit of calling first is encrypted can be by obtaining AP20 MAC Address, foundation
AP20 MAC Address obtains key by set algorithm, and the set algorithm can be the part field for intercepting MAC Address, example
Such as, the 20th to the 40th of the MAC Address is intercepted, is then converted into decimal number by the 20th to the 40th, ten is entered with this
Key of the number processed as encryption, sectional drawing the 20th to the 40th field is that it is by 48 (6 words because for MAC Address here
Section) hexadecimal format numeral composition, wherein 0-23 positions be by producer oneself distribute;24-47 positions, it is called tissue and uniquely marks
Will accords with (Organizationally Unique Identifier, OUI), organizes to distribute by IEEE, therefore terminal network interface card is complete
Ball MAC Address possesses uniqueness.The repetition of interception can be so avoided, and improves encryption performance.
The concrete mode of above-mentioned encryption may refer to 3DES, RSA and MD5 associated description, repeat no more here.
Above-mentioned steps S303 implementation method is specifically as follows:
AP20 calls the first ciphering unit that the packet is encrypted, and such as encrypts successfully, carries out subsequent step
S304, such as encrypts unsuccessful, then calls the spare cryptographic unit of the first ciphering unit that the packet is encrypted, will adopt
The packet header extended field of packet after being added to encryption with spare cryptographic unit marks.
Step S304, AP20 sends the packet after the encryption to Radio Access Controller.
Above-mentioned steps S304 implementation method can be:
The packet of encryption is sent to Radio Access Controller by another way, for example, internet-of-things terminal
It is connected by WIFI with AP, then AP20 can send data packets to Radio Access Controller by wired mode, exist certainly
In practical application, AP20 can also pass through Long Term Evolution (English:Long Term Evolution, LTE) by after encryption
Packet is sent to Radio Access Controller.Certain above-mentioned LTE or restricted manner and internet-of-things terminal are connected by WIFI and AP
The mode connect is not just to for example, the present invention limits to the concrete mode of above-mentioned connection.
According to the method provided such as Fig. 3, internet-of-things terminal is sent data packets to after AP, and AP is according to internet-of-things terminal
Type queries go out ciphering unit corresponding to the type, and data are encrypted by the ciphering unit, for Internet of Things, thing
Without being configured to encryption, all encryptions are set in AP networked terminals, and this mode can effectively reduce Internet of Things end
The cost at end, and for whole Internet of Things, due to numerous internet-of-things terminals can be connected below one AP, only
The overall cost of Internet of Things can also be reduced to AP configurations, in addition, its ability calculated is typically better than Internet of Things for AP
Terminal, then the delay to data transmission can be reduced during operation ciphering unit, reduce the time delay of network, improve the body of user
Test.
Refering to Fig. 6, Fig. 6 is a kind of upstream data control extension methods of the Internet of Things AP provided by the invention based on type,
This method is realized under network architecture as shown in Figure 4, as shown in figure 4, multiple internet-of-things terminals can be connected under an AP20,
The AP is specifically as follows relay station, can also be that router or others have wireless connection and number in actual applications certainly
According to the network equipment of forwarding capability, such as the equipment such as the mobile phone of focus, the PC that wireless connection is provided are opened, this method is such as
Shown in Fig. 6, comprise the following steps:
Step S601, internet-of-things terminal sends packet to AP20;
Internet-of-things terminal in above-mentioned steps S601 is specifically as follows:The equipment such as mobile phone, tablet personal computer, computer, certainly
It can also include the other equipment with network savvy, such as intelligent television, intelligent air condition, intelligent kettle, intelligent lamp, intelligence
The smart machine of switch or some Internet of Things.
The mode of internet-of-things terminal to AP20 transmission packets can be the side by wireless connection in above-mentioned steps S601
Formula sends packet, and the wireless mode includes but is not limited to:Bluetooth, Wireless Fidelity (English:Wireless Fidelity,
WIFI) or the wireless mode such as Zigbee, wherein, above-mentioned WIFI needs the standard in accordance with IEEE802.11b.
It should be noted that Internet of Things and AP here be only just for wireless aps, because for Internet of Things,
The number of devices that it is accessed is numerous, and for AP, if by wired connection, the access quantity of AP first can limit,
And for family, with wired connection, it can not imagine for the wiring of domestic consumer, this is wired in addition
Cost is also very high, so the connection between the middle internet-of-things terminal and AP in technical scheme only limits wireless connection.
Step S602, AP20 identifies the type of the internet-of-things terminal, according to the type in the type and encryption being pre-configured with
The first ciphering unit corresponding to the type is inquired in unit mapping table;
The each producer of type of internet-of-things terminal in above-mentioned steps S602 can be configured according to situation voluntarily, example
Such as, the type of the internet-of-things terminal can specifically include:Intelligent electric lamp, intelligent television, intelligent cleaning equipment, intelligent sleep are set
Standby, intelligent monitoring device etc., its form showed can be varied, such as include for intelligent electric lamp, the intelligent electric lamp
But it is not limited to:The equipment such as intelligent desk lamp, intelligent ceiling lamp, intelligent wall lamp, such as intelligent television, it can be Samsung
Board intelligent television, it can also be Sharp's board intelligent television certainly, such as intelligent cleaning equipment, it can be, intelligence
Energy sweeping robot, certain its can also include the equipment such as intellective dust collector, intelligent garbage processor, such as intelligent sleep
For equipment, it can be:The equipment such as intelligent mattress, intelligent sofa, such as intelligent monitoring device or, it can be,
Intelligent sphygmomanometer, intelligent thermometer etc., the present invention is to the particular type of above-mentioned internet-of-things terminal and the quantity of type or species
Do not limit.
AP20 identifies that the concrete methods of realizing of the type of the internet-of-things terminal can be in above-mentioned steps S602:
AP20 identifies the type of internet-of-things terminal by the mark of internet-of-things terminal, and the mark includes but is not limited to:Thing
Media access address (the English of networked terminals:Media Access Control, MAC), the name of IP address or internet-of-things terminal
Claim etc., certainly in actual applications, above-mentioned Internet of Things can also be determined between AP20 and internet-of-things terminal by information exchange
The type of network termination, as shown in fig. 7, the flow of the information exchange is specifically as follows:
Step S701, internet-of-things terminal sends connection request to AP20,
Step S702, AP20 returns to connection response to internet-of-things terminal, establishes the wireless connection with internet-of-things terminal;
Step S703, the internet-of-things terminal type list in AP20 is handed down to Internet of Things end by AP20 by the wireless connection
End;
Step S704, internet-of-things terminal finds out the internet-of-things terminal matched with itself from the internet-of-things terminal type list
Type;
Step S705, the internet-of-things terminal type is reported AP20 by internet-of-things terminal.
Type in above-mentioned steps is with ciphering unit mapping table as shown in figure 5, above-mentioned mapping can be to map one by one, certainly
Can also be the modes such as one-to-many mapping.
Ciphering unit in above-mentioned steps S602 is specifically as follows the hardware ciphering unit for being arranged on AP, and it is pre- that it includes producer
If the AES set, certainly in actual applications, above-mentioned ciphering unit can also be software cryptography list of the configuration in AP
Member, the present invention are not intended to limit the specific manifestation form of above-mentioned ciphering unit.
Above-mentioned AES includes but is not limited to:The AESs such as 3DES, MD5 or RSA, limitation is not specific by the present invention
AES.
Step S603, AP20 generates key pair, and the secret key pair includes private key and public key, and AP20 is added using public key according to first
The packet is encrypted close unit;
Above-mentioned steps S603 implementation method is specifically as follows:
For example, the first ciphering unit is 3DES encryption unit, then AP20 calls 3DES encryption unit to carry out packet
3DES encryption processing.Such as first ciphering unit be RAS ciphering units, then AP20 call RAS ciphering units to packet carry out
RAS encryptions.Such as first ciphering unit be md5 encryption unit, then AP20 call md5 encryption unit to packet carry out
Md5 encryption is handled.
The concrete mode of above-mentioned encryption may refer to 3DES, RSA and MD5 associated description, repeat no more here.
Step S604, AP20 sends the packet after the encryption to Radio Access Controller by first path,
AP20 sends private key to Radio Access Controller by the second path.
Above-mentioned steps S604 implementation method can be:
The packet of encryption is sent to Radio Access Controller by another way, for example, internet-of-things terminal
It is connected by WIFI with AP, then AP20 can send data packets to Radio Access Controller by wired mode, exist certainly
In practical application, AP20 can also pass through Long Term Evolution (English:Long Term Evolution, LTE) by after encryption
Packet is sent to Radio Access Controller.Certain above-mentioned LTE or restricted manner and internet-of-things terminal are connected by WIFI and AP
The mode connect is not just to for example, the present invention limits to the concrete mode of above-mentioned connection.
Above-mentioned first path and the second path are different paths, and above-mentioned first path can pass through different routing algorithms
Calculate, the routing algorithm includes but is not limited to:Shortest-path first algorithm or most short time-delay priority algorithm, certainly above-mentioned the
One path and the second path can also be handled by different routing algorithm calculating, for example, first path can use it is most short
Path-first algorithm is calculated, and the second path can be calculated by most short time-delay priority algorithm.
According to the method provided such as Fig. 6, internet-of-things terminal is sent data packets to after AP, and AP is according to internet-of-things terminal
Type queries go out ciphering unit corresponding to the type, and data are encrypted by the ciphering unit, for Internet of Things, thing
Without being configured to encryption, all encryptions are set in AP networked terminals, and this mode can effectively reduce Internet of Things end
The cost at end, and for whole Internet of Things, due to numerous internet-of-things terminals can be connected below one AP, only
The overall cost of Internet of Things can also be reduced to AP configurations, in addition, its ability calculated is typically better than Internet of Things for AP
Terminal, then the delay to data transmission can be reduced during operation ciphering unit, reduce the time delay of network, improve the body of user
Test.Method as shown in Figure 6 is sent when sending encryption data bag and private key using different paths, is so added information and is blocked
The difficulty cut, it so can further improve the security of data.
Refering to Fig. 8, Fig. 8 is a kind of upstream data control extension dress of the Internet of Things access point provided by the invention based on type
800 are put, described device includes:
Receiving unit 801, for receiving the packet of internet-of-things terminal transmission;
Recognition unit 802, for identifying the type of the internet-of-things terminal;
Searching unit 803, for according to the type in the type being pre-configured with being inquired in ciphering unit mapping table
First ciphering unit corresponding to the type;
Ciphering unit 804, for calling first ciphering unit that the packet is encrypted;
Transmitting element 805, for the packet after encryption to be sent to Radio Access Controller.
Optionally, recognition unit 802 is specific, for identifying internet-of-things terminal by the mark of the internet-of-things terminal
Type.
Optionally, recognition unit 805 is specific, for sending internet-of-things terminal type list to internet-of-things terminal, receives Internet of Things
The foundation internet-of-things terminal type list that network termination is sent finds out the internet-of-things terminal type matched with itself.
Optionally, ciphering unit 804 is specific, for calling first ciphering unit that place is encrypted to the packet
Reason, such as encrypt successfully, progress subsequent step, such as encrypt it is unsuccessful, calling the first ciphering unit spare cryptographic unit to described
Packet is encrypted, and the packet header for being added to the packet after encryption using spare cryptographic unit marks is extended into word
Section.
Optionally, ciphering unit 804 is specific, for generating key pair, the key to including:Public key and private key, use
Packet is encrypted by the first ciphering unit for public key, the transmitting element, for by the data after encryption
Bag is sent by first path, and private key is sent by the second path.
Refering to Fig. 9, Fig. 9 is a kind of Internet of Things access point 900 provided by the invention, and the Internet of Things access point can be deployment
A node in internet system, internet system can also include:Internet-of-things terminal and Radio Access Controller, the thing
Networking access point 900 includes but is not limited to:The equipment such as computer, server, as shown in figure 9, the Internet of Things access point 900 wraps
Include:Processor 901, memory 902, transceiver 903 and bus 904.Transceiver 903 be used for external equipment (such as mutually contact
Other equipment in system, include but is not limited to:Repeater, equipment of the core network etc.) between transceiving data.Internet of Things access point 900
In the quantity of processor 901 can be one or more.In some embodiments of the present application, processor 901, memory 902
It can be connected with transceiver 903 by bus system or other modes.The implication for the term being related on the present embodiment and citing,
Embodiment corresponding to Fig. 3 or Fig. 6 is may be referred to, here is omitted.
Wherein, can be with store program codes in memory 902.Processor 901 is used to call the journey stored in memory 902
Sequence code, for performing following operation:
Transceiver 903, for receiving the packet of internet-of-things terminal transmission;
Processor 901, for identifying the type of the internet-of-things terminal, according to the type the type that is pre-configured with
The first ciphering unit corresponding to the type is inquired in ciphering unit mapping table, calls first ciphering unit to the number
It is encrypted according to bag.
Transceiver 903, it is additionally operable to send the packet after encryption to Radio Access Controller.
Optionally, processor 901, transceiver 903, can be also used for performing the step as in Fig. 3 or as shown in Figure 6 embodiments
Rapid and step refinement scheme and alternative.
It should be noted that processor 901 here can be a treatment element or multiple treatment elements
It is referred to as.For example, the treatment element can be central processing unit (Central Processing Unit, CPU) or spy
Determine integrated circuit (Application Specific Integrated Circuit, ASIC), or be arranged to implement this
Apply for one or more integrated circuits of embodiment, such as:One or more microprocessors (digital singnal
Processor, DSP), or, one or more field programmable gate array (Field Programmable Gate Array,
FPGA)。
Memory 903 can be the general designation of a storage device or multiple memory elements, and for storing and can hold
Parameter, data etc. required for line program code or the operation of application program running gear.And memory 903 can include random storage
Device (RAM), nonvolatile memory (non-volatile memory), such as magnetic disk storage, flash memory can also be included
(Flash) etc..
Bus 904 can be that industry standard architecture (Industry Standard Architecture, ISA) is total
Line, external equipment interconnection (Peripheral Component, PCI) bus or extended industry-standard architecture (Extended
Industry Standard Architecture, EISA) bus etc..The bus can be divided into address bus, data/address bus, control
Bus processed etc..For ease of representing, only represented in Fig. 9 with a thick line, it is not intended that an only bus or a type of
Bus.
The user equipment can also include input/output unit, be connected to bus 904, to pass through bus and processor 901
Connected etc. other parts.The input/output unit can provide an inputting interface for operating personnel, so that operating personnel pass through this
Inputting interface selects item of deploying to ensure effective monitoring and control of illegal activities, and can also be other interfaces, can pass through the external miscellaneous equipment of the interface.
It should be noted that for foregoing each embodiment of the method, in order to be briefly described, therefore it is all expressed as to a system
The combination of actions of row, but those skilled in the art should know, the application is not limited by described sequence of movement, because
For according to the application, certain some step can use other orders or carry out simultaneously.Secondly, those skilled in the art also should
Know, embodiment described in this description belongs to preferred embodiment, involved action and module not necessarily this Shen
Please be necessary.
In the above-described embodiments, the description to each embodiment all emphasizes particularly on different fields, and is not described in some embodiment
Part, may refer to the associated description of other embodiment.
One of ordinary skill in the art will appreciate that all or part of step in the various methods of above-described embodiment is can
To instruct the hardware of correlation to complete by program, the program can be stored in a computer-readable recording medium, storage
Medium can include:Flash disk, read-only storage (English:Read-Only Memory, referred to as:ROM), random access device (English
Text:Random Access Memory, referred to as:RAM), disk or CD etc..
The content download method and relevant device that are there is provided above the embodiment of the present application, system are described in detail,
Specific case used herein is set forth to the principle and embodiment of the application, and the explanation of above example is simply used
Understand the present processes and its core concept in help;Meanwhile for those of ordinary skill in the art, according to the application's
Thought, there will be changes in specific embodiments and applications, in summary, this specification content should not be construed as
Limitation to the application.
Claims (1)
1. a kind of upstream data control extension method of Internet of Things access point based on type, methods described comprise the following steps:
The Internet of Things access point receives the packet that internet-of-things terminal is sent;
The Internet of Things access point identifies the type of the internet-of-things terminal, according to the type in the type being pre-configured with adding
The first ciphering unit corresponding to the type is inquired in close unit mapping table;
The Internet of Things access point calls first ciphering unit that the packet is encrypted;
The Internet of Things access point sends the packet after encryption to Radio Access Controller.
The Internet of Things access point identifies that the type of the internet-of-things terminal is specific, including:
The Internet of Things access point identifies the type of internet-of-things terminal by the mark of the internet-of-things terminal.
The Internet of Things access point identifies that the type of the internet-of-things terminal is specific, including:
The Internet of Things access point sends internet-of-things terminal type list to internet-of-things terminal,
The foundation internet-of-things terminal type list that the Internet of Things access point reception internet-of-things terminal is sent is found out and itself
The internet-of-things terminal type of matching.
The Internet of Things access point calls first ciphering unit that the packet is encrypted specifically, including:
The Internet of Things access point calls first ciphering unit that the packet is encrypted, and such as encrypts successfully,
Subsequent step is carried out, such as encrypts unsuccessful, the Internet of Things access point calls the spare cryptographic unit of the first ciphering unit to institute
State packet to be encrypted, the packet header for being added to the packet after encryption using spare cryptographic unit marks is extended
Field.
The Internet of Things access point generates key pair, the key to including:Public key and private key, the Internet of Things access point use
Packet is encrypted by the first ciphering unit for public key, and the packet after encryption is sent out by first path
Send, private key is sent by the second path.
A kind of upstream data enciphered control device of Internet of Things access point based on type, described device include:
Receiving unit, for receiving the packet of internet-of-things terminal transmission;
Recognition unit, for identifying the type of the internet-of-things terminal;
Searching unit, for inquiring the type in the type and ciphering unit mapping table being pre-configured with according to the type
Corresponding first ciphering unit;
Ciphering unit, for calling first ciphering unit that the packet is encrypted;
Transmitting element, for the packet after encryption to be sent to Radio Access Controller.
The recognition unit is specific, for identifying the type of internet-of-things terminal by the mark of the internet-of-things terminal.
The recognition unit is specific, for sending internet-of-things terminal type list to internet-of-things terminal, receives internet-of-things terminal and sends
The foundation internet-of-things terminal type list find out the internet-of-things terminal type matched with itself.
The ciphering unit is specific, for calling first ciphering unit that the packet is encrypted, such as encrypts
Success, carry out subsequent step, such as encrypt it is unsuccessful, call the first ciphering unit spare cryptographic unit to the packet carry out
Encryption, the packet header extended field of the packet after encryption will be added to using spare cryptographic unit marks.
The ciphering unit is specific, for generating key pair, the key to including:Public key and private key, pass through using public key
Packet is encrypted one ciphering unit, the transmitting element, for the packet after encryption to be passed through into first
Path is sent, and private key is sent by the second path.
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610834313.6A CN107846683A (en) | 2016-09-20 | 2016-09-20 | Upstream data control extension method and device of the Internet of Things access point based on type |
PCT/CN2016/103371 WO2018053895A1 (en) | 2016-09-20 | 2016-10-26 | Type-based uplink data encryption control method and device for internet-of-things access point |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610834313.6A CN107846683A (en) | 2016-09-20 | 2016-09-20 | Upstream data control extension method and device of the Internet of Things access point based on type |
Publications (1)
Publication Number | Publication Date |
---|---|
CN107846683A true CN107846683A (en) | 2018-03-27 |
Family
ID=61657323
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610834313.6A Pending CN107846683A (en) | 2016-09-20 | 2016-09-20 | Upstream data control extension method and device of the Internet of Things access point based on type |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN107846683A (en) |
WO (1) | WO2018053895A1 (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111800498A (en) * | 2020-06-30 | 2020-10-20 | 联想(北京)有限公司 | Data transmission method and device |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113448744B (en) * | 2020-03-26 | 2023-08-01 | 大唐移动通信设备有限公司 | Application program selection method and device |
CN114666173B (en) * | 2022-05-26 | 2022-10-18 | 广州万协通信息技术有限公司 | Internet of things information transmission method and device based on intermediate equipment |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP2701360A1 (en) * | 2012-08-21 | 2014-02-26 | BSH Bosch und Siemens Hausgeräte GmbH | Communication module for a domestic appliance |
CN103647762A (en) * | 2013-11-27 | 2014-03-19 | 清华大学 | IPv6 internet of things node identity authentication method based on access path |
CN104394143A (en) * | 2014-11-24 | 2015-03-04 | 青岛海尔软件有限公司 | Internet of Things equipment and Internet of Things server communicating method and device |
Family Cites Families (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP4594969B2 (en) * | 2007-08-28 | 2010-12-08 | 株式会社バッファロー | Wireless LAN access point, program and recording medium |
CN104579627B (en) * | 2014-12-06 | 2018-06-05 | 上海移远通信技术股份有限公司 | A kind of data ciphering method and system |
-
2016
- 2016-09-20 CN CN201610834313.6A patent/CN107846683A/en active Pending
- 2016-10-26 WO PCT/CN2016/103371 patent/WO2018053895A1/en active Application Filing
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP2701360A1 (en) * | 2012-08-21 | 2014-02-26 | BSH Bosch und Siemens Hausgeräte GmbH | Communication module for a domestic appliance |
CN103647762A (en) * | 2013-11-27 | 2014-03-19 | 清华大学 | IPv6 internet of things node identity authentication method based on access path |
CN104394143A (en) * | 2014-11-24 | 2015-03-04 | 青岛海尔软件有限公司 | Internet of Things equipment and Internet of Things server communicating method and device |
Non-Patent Citations (2)
Title |
---|
KENNETH C.LAUDON,(美)CAROL GUERCIO TRAVER;劳帼龄等译: "《电子商务商业、技术和社会》", 30 June 2004 * |
张文,夏戈明,周翱隆,万山川: "一种安全加固的 NFC 无线通信连接认证加速系统", 《技术研究》 * |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111800498A (en) * | 2020-06-30 | 2020-10-20 | 联想(北京)有限公司 | Data transmission method and device |
Also Published As
Publication number | Publication date |
---|---|
WO2018053895A1 (en) | 2018-03-29 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP6817174B2 (en) | Propagation of data frames across communication networks using incompatible network routing protocols | |
CN108886685B (en) | Terminal matching method and device | |
CN104469660B (en) | Network-building method based on bluetooth | |
CN107736047A (en) | Safe Architecture For eNet for honeycomb Internet of Things | |
CN107852600A (en) | The network architecture and safety with simplified mobile process | |
CN103841626A (en) | Internet of Things wireless terminal, configuration method thereof and mobile terminal | |
CN104919766A (en) | Path switching procedure for device-to-device communication | |
CN108347420A (en) | A kind of method, relevant device and the system of netkey processing | |
CN107846715A (en) | Access point switching method and device of the Internet of Things based on transmission rate | |
CN104244272A (en) | Method and system for reinforcing strength of wireless signals | |
CN104378299A (en) | Flow table entry processing method and device | |
CN107801187A (en) | Encipher-decipher method, apparatus and system | |
CN104540180B (en) | A kind of Android multihop routing implementation method without root authority | |
CN107846683A (en) | Upstream data control extension method and device of the Internet of Things access point based on type | |
CN107113608A (en) | By user equipment and base station generate multiple shared keys using cipher key spreading multiplier | |
CN109791590A (en) | Security processes | |
CN107770087A (en) | Router switching method and device of the Internet of Things based on connection quantity | |
CN109996229A (en) | Data transmission method, device, electronic equipment and storage medium based on DHT network | |
CN104620617A (en) | Methods and apparatus for authentication | |
CN107483203A (en) | Internet of Things access point receives the encryption method at times and device of data | |
WO2019019282A1 (en) | Method for internet of things terminal to sequentially encrypt data, and apparatus | |
WO2019019280A1 (en) | Method for internet of things terminal to encrypt data according to time periods, and apparatus | |
CN107370735A (en) | The encryption method at times and device of a kind of Internet of Things REPEATER DATA | |
CN107493571A (en) | Upstream data control extension method and device of the Internet of Things repeater based on type | |
CN107302538A (en) | Internet of Things AP receives the subset encryption method and device of data |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20180327 |