CN109379403B - Control method and device of Internet of things equipment, server and terminal equipment - Google Patents

Abstract

The application provides a control method and device of Internet of things equipment and computer equipment, wherein the control method of the Internet of things equipment comprises the following steps: receiving an authorization request which is sent by terminal equipment and corresponds to the created order, wherein the authorization request is used for requesting to control the specified Internet of things equipment; calculating to obtain a token corresponding to the order according to the secret key of the Internet of things equipment and the order identifier of the order; and sending the token to the terminal equipment, so that after the terminal equipment generates a control instruction according to the token, the order identification of the order and the operation instruction on the Internet of things equipment, the terminal equipment sends the control instruction to the Internet of things equipment so as to control the Internet of things equipment. The method and the device can realize that different terminal devices use different tokens to control the same Internet of things device, still ensure the usability under the condition of poor communication conditions, and improve the flexibility and the safety of the control of the Internet of things device.

Description

Control method and device of Internet of things equipment, server and terminal equipment

Technical Field

The application relates to the technical field of communication, in particular to a control method and device of internet of things equipment, a server and terminal equipment.

Background

The advent of shared automobiles makes starting and stopping of automobiles less dependent on previous physical keys, and more desirable is control by means of remote control. In general, a shared vehicle system may include: cloud server, thing networking equipment and authentication equipment.

In recent years, with the popularization of smart phones, sharing of authentication devices in automobile systems can be realized by smart terminal devices such as smart phones besides common radio frequency identification devices. Because the radio frequency identification device is generally physically connected with the Internet of things device, the communication is safer. The intelligent terminal device is physically separated from the internet of things device, so that many challenges and potential safety hazards are introduced when the intelligent terminal device is required to control the internet of things device.

The common method is that all control instructions of the intelligent terminal device are authenticated by the cloud server and issued to the internet of things device through the network, but for shared automobile services, the automobile is likely to be parked in places with poor network signals, such as an underground parking lot, and the instructions cannot be forwarded. At this time, the intelligent terminal device is required to use a short-range communication protocol, such as: bluetooth, etc., directly control the Internet of things equipment. The common method is that the intelligent terminal device obtains the token for controlling the internet of things device in some way, the process of obtaining the token is called authorization, and the process of verifying the token is called authentication. Thus, sharing the car system requires a reasonable method for authorization and authentication.

However, in the prior art, in the authorization and authentication scheme in which the intelligent terminal device controls the internet of things device, the security of the token is poor, the timeliness is not easy to control, in addition, a remote communication channel between the internet of things device and the cloud server is required to be smooth, otherwise, the token information cannot be synchronized, the internet of things device cannot be controlled, the service logic cannot be executed, and the usability is poor.

Disclosure of Invention

The present application is directed to solving, at least to some extent, one of the technical problems in the related art.

Therefore, a first objective of the present application is to provide a method for controlling an internet of things device, so as to implement that different terminal devices use different tokens to control the same internet of things device, and still ensure usability under the condition of poor communication conditions, thereby improving flexibility and security of controlling the internet of things device.

A second objective of the present application is to provide a control device for an internet of things device.

A third object of the present application is to provide a server.

A fourth object of the present application is to provide a terminal device.

A fifth objective of the present application is to provide an internet of things device.

A sixth object of the present application is to propose a non-transitory computer-readable storage medium.

In order to achieve the above object, an embodiment of a first aspect of the present application provides a method for controlling an internet of things device, including: receiving an authorization request which is sent by terminal equipment and corresponds to the created order, wherein the authorization request is used for requesting to control the specified Internet of things equipment; calculating to obtain a token corresponding to the order according to the secret key of the Internet of things equipment and the order identifier of the order; and sending the token to the terminal equipment, so that after the terminal equipment generates a control instruction according to the token, the order identification of the order and the operation instruction on the Internet of things equipment, the terminal equipment sends the control instruction to the Internet of things equipment so as to control the Internet of things equipment.

In the control method of the internet of things equipment in the embodiment of the application, after an authorization request which is sent by terminal equipment and corresponds to a created order is received, a token corresponding to the order is obtained through calculation according to a secret key of the internet of things equipment and an order identifier of the order, and then the token is sent to the terminal equipment, so that the terminal equipment generates a control instruction according to the token, the order identifier of the order and an operation instruction for the internet of things equipment, sends the control instruction to the internet of things equipment, and controls the internet of things equipment, thereby realizing that different terminal equipment use different tokens to control the same internet of things equipment, ensuring usability under the condition of poor communication conditions, and improving the flexibility and safety of the control of the internet of things equipment; different tokens can be generated by different order identifications, the leakage of a single token does not affect the overall security of the system, different tokens can be generated by combining different order identifications with the same secret key, and the tokens can be used for controlling the same Internet of things device.

In order to achieve the above object, an embodiment of a second aspect of the present application provides a control device for an internet of things device, including: sending an authorization request corresponding to the created order to a cloud server, wherein the authorization request is used for requesting to control the specified Internet of things equipment; receiving a token sent by the cloud server, wherein the token is calculated by the cloud server according to a secret key of the Internet of things equipment and an order mark of the order; generating a control instruction according to the token, the order identification of the order and the operation instruction of the Internet of things equipment; and sending the control instruction to the Internet of things equipment, so that the Internet of things equipment authenticates the token in the control instruction after receiving the control instruction, and executes the operation instruction in the control instruction after the token passes the authentication.

In the control method of the internet of things equipment in the embodiment of the application, after an authorization request corresponding to a created current order is sent to a cloud server, a token sent by the cloud server is received, then a control instruction is generated according to the token, an order identifier of the current order and an operation instruction of the internet of things equipment, and finally the control instruction is sent to the internet of things equipment, so that after the internet of things equipment receives the control instruction, the token in the control instruction is authenticated, and after the authentication is passed, the operation instruction in the control instruction is executed, so that different terminal equipment can control the same internet of things equipment by using different tokens, the usability can be still ensured under the condition of poor communication conditions, and the flexibility and the safety of the control of the internet of things equipment are improved; in addition, the introduction of token authentication enables only receiving terminal equipment (such as a mobile phone) with a legal token to control corresponding Internet of things equipment; on the other hand, the issuer of the token is a cloud server, and others cannot forge the token, so that the security of the method controlled by the token is high.

In order to achieve the above object, an embodiment of a third aspect of the present application provides a method for controlling an internet of things device, including: receiving a control instruction sent by terminal equipment, wherein the control instruction is generated by the terminal equipment according to a token sent by a cloud server, an order identification of a current order created by the terminal equipment and an operation instruction for the Internet of things equipment; authenticating the token in the control instruction; and after the authentication is passed, executing an operation instruction in the control instruction.

According to the control method of the Internet of things equipment, after the control instruction sent by the terminal equipment is received, the token in the control instruction is authenticated, and after the authentication is passed, the operation instruction in the control instruction is executed, so that different terminal equipment can control the same Internet of things equipment by using different tokens, usability can be still guaranteed under the condition that communication conditions are poor, and flexibility and safety of control of the Internet of things equipment are improved.

In order to achieve the above object, an embodiment of a fourth aspect of the present application provides a control device for an internet of things device, including: the receiving module is used for receiving an authorization request which is sent by the terminal equipment and corresponds to the created order, and the authorization request is used for requesting to control the specified Internet of things equipment; the computing module is used for computing and obtaining a token corresponding to the order according to the secret key of the Internet of things equipment and the order identifier of the order; and the sending module is used for sending the token to the terminal equipment so that the terminal equipment generates a control instruction according to the token, the order identification of the order and the operation instruction of the Internet of things equipment, and then sends the control instruction to the Internet of things equipment so as to control the Internet of things equipment.

In the control apparatus of an internet of things device in the embodiment of the application, after the receiving module receives the authorization request corresponding to the created current order sent by the terminal device, the calculation module calculates and obtains a token corresponding to the order according to the secret key of the Internet of things equipment and the order identifier of the order, then the sending module sends the token to the terminal equipment so that the terminal equipment generates a control instruction according to the token, the order identification of the order and the operation instruction of the internet of things equipment, then sends the control instruction to the internet of things equipment, the Internet of things equipment is controlled, so that different terminal equipment can control the same Internet of things equipment by using different tokens, and the usability is still ensured under the condition of poor communication conditions, and the flexibility and the safety of the control of the equipment of the Internet of things are improved.

In order to achieve the above object, an embodiment of a fifth aspect of the present application provides a control device for an internet of things device, including: the sending module is used for sending an authorization request corresponding to the created order to the cloud server, and the authorization request is used for requesting to control the specified Internet of things equipment; the receiving module is used for receiving a token sent by the cloud server, wherein the token is calculated by the cloud server according to a secret key of the Internet of things equipment and the order mark of the order; the generating module is used for generating a control instruction according to the token, the order identification of the order and the operation instruction of the Internet of things equipment; the sending module is further configured to send the control instruction to the internet of things device, so that the internet of things device authenticates the token in the control instruction after receiving the control instruction, and executes the operation instruction in the control instruction after the token passes the authentication.

In the control device of an internet of things device according to the embodiment of the application, after the sending module sends the authorization request corresponding to the created current order to the cloud server, the receiving module receives the token sent by the cloud server, then the generation module generates a control instruction according to the token, the order identification of the order and the operation instruction of the Internet of things equipment, and finally the transmission module transmits the control instruction to the Internet of things equipment so that after the Internet of things equipment receives the control instruction, authenticating the token in the control instruction, and executing the operation instruction in the control instruction after the authentication is passed, therefore, different terminal devices can use different tokens to control the same Internet of things device, the usability is still ensured under the condition of poor communication conditions, and the flexibility and the safety of the control of the Internet of things device are improved.

In order to achieve the above object, an embodiment of a sixth aspect of the present application provides a control device for an internet of things device, including: the receiving module is used for receiving a control instruction sent by terminal equipment, wherein the control instruction is generated by the terminal equipment according to a token sent by a cloud server, an order identification of the order created by the terminal equipment and an operation instruction for the Internet of things equipment; the authentication module is used for authenticating the token in the control instruction; and the execution module is used for executing the operation instruction in the control instruction after the authentication is passed.

In the control device of the internet of things device in the embodiment of the application, after the receiving module receives the control command sent by the terminal device, the authentication module authenticates the token in the control command, and after the authentication is passed, the execution module executes the operation command in the control command, so that different terminal devices can use different tokens to control the same internet of things device, usability can be still ensured under the condition of poor communication conditions, and the flexibility and the safety of the control of the internet of things device are improved.

To achieve the above object, an embodiment of a seventh aspect of the present application provides a server, including a memory, a processor, and a computer program stored on the memory and executable on the processor, where the processor executes the computer program to implement the method provided by the first aspect.

To achieve the above object, an eighth aspect of the present application proposes a non-transitory computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, implements the method provided by the first aspect.

To achieve the above object, a ninth aspect of the present application provides a terminal device, which includes a memory, a processor, and a computer program stored in the memory and executable on the processor, and when the processor executes the computer program, the method provided by the second aspect is implemented.

To achieve the above object, a tenth aspect of the present application proposes a non-transitory computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, implements the method provided by the second aspect.

To achieve the above object, an embodiment of an eleventh aspect of the present application provides an internet of things device, which is characterized by comprising a memory, a processor, and a computer program stored on the memory and executable on the processor, and when the processor executes the computer program, the method provided by the third aspect is implemented.

To achieve the above object, a twelfth aspect of the present application proposes a non-transitory computer-readable storage medium, on which a computer program is stored, wherein the computer program, when executed by a processor, implements the method provided by the third aspect.

Additional aspects and advantages of the present application will be set forth in part in the description which follows and, in part, will be obvious from the description, or may be learned by practice of the present application.

Drawings

The foregoing and/or additional aspects and advantages of the present application will become apparent and readily appreciated from the following description of the embodiments, taken in conjunction with the accompanying drawings of which:

fig. 1 is a flowchart of an embodiment of a control method for an internet of things device according to the present application;

fig. 2 is a flowchart of another embodiment of a control method for an internet of things device according to the present application;

fig. 3 is a flowchart of a control method of an internet of things device according to still another embodiment of the present application;

fig. 4 is a flowchart of a control method of an internet of things device according to still another embodiment of the present application;

fig. 5 is a flowchart of a control method of an internet of things device according to still another embodiment of the present application;

fig. 6 is a flowchart of a control method of an internet of things device according to still another embodiment of the present application;

fig. 7 is a flowchart of a control method of an internet of things device according to still another embodiment of the present application;

fig. 8 is a flowchart of a control method of an internet of things device according to still another embodiment of the present application;

fig. 9 is a flowchart of a control method of an internet of things device according to still another embodiment of the present application;

fig. 10 is a flowchart of a control method of an internet of things device according to still another embodiment of the present application;

fig. 11 is a flowchart of a control method of an internet of things device according to still another embodiment of the present application;

fig. 12 is a schematic structural diagram of an embodiment of a control device of an internet of things device according to the present application;

fig. 13 is a schematic structural diagram of another embodiment of a control device of an internet of things device according to the present application;

fig. 14 is a schematic structural diagram of a control device of an internet of things device according to still another embodiment of the present application;

fig. 15 is a schematic structural diagram of a control device of an internet of things device according to still another embodiment of the present application;

fig. 16 is a schematic structural diagram of a control device of an internet of things device according to still another embodiment of the present application;

fig. 17 is a schematic structural diagram of an embodiment of a server according to the present application.

Detailed Description

Reference will now be made in detail to embodiments of the present application, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to the same or similar elements or elements having the same or similar function throughout. The embodiments described below with reference to the drawings are exemplary and intended to be used for explaining the present application and should not be construed as limiting the present application.

Fig. 1 is a flowchart of an embodiment of a control method for an internet of things device according to the present application, and as shown in fig. 1, the control method for the internet of things device may include:

step 101, receiving an authorization request which is sent by a terminal device and corresponds to the created order, wherein the authorization request is used for requesting to control the specified internet of things device.

In this embodiment, the terminal device may be an intelligent terminal device such as a smart phone, a smart watch, a tablet Computer, a notebook Computer, or a Personal Computer (PC), and the form of the terminal device is not limited in this embodiment.

And step 102, calculating to obtain a token corresponding to the current order according to the secret key of the internet of things equipment and the order identifier of the current order.

Specifically, the cloud server may calculate, according to the secret key of the internet of things device and the order identifier of the order, the token corresponding to the order by using a signature algorithm, so that the plurality of terminal devices may control the same internet of things device by using their respective tokens, and when the plurality of terminal devices control the same internet of things device, the order identifiers of the terminal devices are different, so the tokens are also different. The tokens are effective in the same secret key period and can control the equipment of the Internet of things. And moreover, the cloud server can accurately revoke a certain distributed token, the cloud server can issue tokens for controlling the same Internet of things device according to orders of a plurality of terminal devices, when a certain order fails, only the token corresponding to the order fails, and the tokens distributed to other orders can still be continuously used.

And 103, sending the token to a terminal device, so that after the terminal device generates a control instruction according to the token, the order identifier of the order and the operation instruction for the internet of things device, the terminal device sends the control instruction to the internet of things device to control the internet of things device.

In the control method of the internet of things equipment, after an authorization request which is sent by terminal equipment and corresponds to a created current order is received, a token corresponding to the current order is obtained through calculation according to a secret key of the internet of things equipment and an order identification of the current order, and then the token is sent to the terminal equipment, so that the terminal equipment generates a control instruction according to the token, the order identification of the current order and an operation instruction for the internet of things equipment, sends the control instruction to the internet of things equipment, and controls the internet of things equipment, thereby realizing that different terminal equipment use different tokens to control the same internet of things equipment, ensuring usability under the condition of poor communication conditions, and improving the flexibility and safety of the control of the internet of things equipment; different tokens can be generated by different order identifications, the leakage of a single token does not affect the overall security of the system, different tokens can be generated by combining different order identifications with the same secret key, and the tokens can be used for controlling the same Internet of things device.

Fig. 2 is a flowchart of another embodiment of a control method of an internet of things device in the present application, as shown in fig. 2, in the embodiment shown in fig. 1, after step 103, the method may further include:

step 201, checking whether the internet of things equipment has an associated order.

Step 202, if the internet of things device has no associated order, negotiating with the internet of things device to update a key, and storing the updated key.

And if the Internet of things equipment has an associated order, the secret key is not updated.

In this embodiment, before the order is created, the cloud server negotiates with the internet of things device to update the key, and stores the key separately.

After the token is sent to the terminal equipment by the cloud server, checking whether the Internet of things equipment has an associated order or not, if not, negotiating to update a secret key by the cloud server and the Internet of things equipment, and storing the updated secret key; and if the Internet of things equipment has an associated order, the secret key is not updated.

In the control method of the internet of things device provided by this embodiment, the internet of things device and the cloud server only need to use the remote communication channel when the key is updated, and the dependence on the remote communication channel is low. In extreme cases, if the key update fails due to the unavailability of the telecommunication channel, the method can still operate normally. And the validity period of the token is controlled accurately, in this embodiment, the validity period of the token starts from the time when the terminal device passes the authorization verification, and ends when the cloud server updates the key of the internet of things device, and the control accuracy depends on the success rate of the key update.

In addition, in this embodiment, all the assigned tokens of the corresponding internet of things devices can be revoked by updating the key, and the cloud server can issue tokens for controlling the same internet of things device according to the orders of the plurality of terminal devices. And once the key updating operation is performed, the tokens are simultaneously invalidated.

Fig. 3 is a flowchart of a control method of an internet of things device according to still another embodiment of the present application, as shown in fig. 3, in the embodiment shown in fig. 1 of the present application, after step 103, the method may further include:

step 301, receiving an inquiry request sent by the internet of things device, where the inquiry request is used to inquire whether an order corresponding to the order identifier in the control instruction is legal or not.

Step 302, sending a query result to the internet of things device, so that the internet of things device executes an operation instruction in the control instruction when the query result indicates that the order corresponding to the order identifier in the control instruction is legal.

The above process is called order validity query, which is called order query for short, and is generally only used to verify critical instructions (such as unlocking). And if the query result is that the order corresponding to the order identifier in the control instruction is illegal, the Internet of things equipment refuses to execute any instruction of the order identifier and the associated token thereof. If the inquiry is not initiated or cannot be initiated due to the condition that the inquiry is not allowed (a remote communication channel is not available), the equipment of the Internet of things should treat the current order identification as legal.

The control method of the internet of things equipment provided by the embodiment has low dependence on the remote communication channel, and the internet of things equipment and the cloud server only need to use the remote communication channel when the order is inquired. In extreme cases, the method can still operate normally if the order query cannot be initiated because the remote communication channel is unavailable. In this embodiment, the token validity period starts from the time when the terminal device creates an order and passes authorization to the time when the order is destroyed. The accuracy of the validity period control depends on the initiating frequency and success rate of the order inquiry.

In addition, in this embodiment, a plurality of terminal devices are allowed to use respective tokens to control the same internet of things device, and when a plurality of terminal devices control the same internet of things device, the order identifications of the terminal devices are different from each other, so the tokens are also different from each other. The tokens are effective in the same order cycle and can control the Internet of things equipment. And a certain distributed token can be accurately hoisted, the cloud server can issue tokens for controlling the same Internet of things device aiming at a plurality of terminal devices, when a certain order is invalid, only the token corresponding to the order is invalid, and the tokens distributed to other orders can still be continuously used.

Fig. 4 is a flowchart of a control method of an internet of things device according to still another embodiment of the present application, as shown in fig. 4, in the embodiment shown in fig. 1 of the present application, after step 101, the method may further include:

step 401, checking the validity of the authorization request.

After determining that the authorization request is legitimate, step 102 is performed.

Specifically, the checking the validity of the authorization request may be: checking whether the balance of the login account in the terminal device is greater than or equal to a predetermined threshold and/or whether the login account passes real-name authentication, and the like, where the predetermined threshold may be set according to system performance and/or implementation requirements, and the size of the predetermined threshold is not limited in this embodiment.

Thus, determining that the authorization request is legitimate may be: and determining that the balance of the login account in the terminal equipment is greater than or equal to a preset threshold value and/or that the login account passes real-name authentication.

Fig. 5 is a flowchart of a control method of an internet of things device according to still another embodiment of the present application, and as shown in fig. 5, the control method of the internet of things device may include:

step 501, sending an authorization request corresponding to the created order to a cloud server, where the authorization request is used to request control over a specified internet of things device.

Specifically, when the terminal device needs to control the internet of things device, authorization needs to be requested from the cloud server, at this time, the terminal device creates an order, and then sends an authorization request corresponding to the created order to the cloud server.

In this embodiment, the terminal device may be an intelligent terminal device such as a smart phone, a smart watch, a tablet computer, a notebook computer, or a PC, and the form of the terminal device is not limited in this embodiment.

Step 502, receiving a token sent by the cloud server, where the token is calculated by the cloud server according to the secret key of the internet of things device and the order identifier of the order.

Specifically, the cloud server may calculate, according to the secret key of the internet of things device and the order identifier of the order, the token corresponding to the order by using a signature algorithm, so that the plurality of terminal devices may control the same internet of things device by using their respective tokens, and when the plurality of terminal devices control the same internet of things device, the order identifiers of the terminal devices are different, so the tokens are also different. The tokens are effective in the same secret key period and can control the equipment of the Internet of things. And moreover, the cloud server can accurately revoke a certain distributed token, the cloud server can issue tokens for controlling the same Internet of things device according to orders of a plurality of terminal devices, when a certain order fails, only the token corresponding to the order fails, and the tokens distributed to other orders can still be continuously used.

Step 503, generating a control instruction according to the token, the order identifier of the order and the operation instruction for the internet of things device.

Step 504, sending the control instruction to the internet of things device, so that the internet of things device authenticates the token in the control instruction after receiving the control instruction, and executes the operation instruction in the control instruction after the token passes the authentication.

In the control method of the internet of things equipment, after an authorization request corresponding to the created order is sent to a cloud server, a token sent by the cloud server is received, then a control instruction is generated according to the token, the order identification of the order and an operation instruction for the internet of things equipment, and finally the control instruction is sent to the internet of things equipment, so that after the internet of things equipment receives the control instruction, the token in the control instruction is authenticated, and after the authentication is passed, the operation instruction in the control instruction is executed, so that different terminal equipment can control the same internet of things equipment by using different tokens, the usability is still ensured under the condition of poor communication conditions, and the flexibility and the safety of the control of the internet of things equipment are improved; different tokens can be generated by different order identifications, the leakage of a single token does not affect the overall security of the system, different tokens can be generated by combining different order identifications with the same secret key, and the tokens can be used for controlling the same Internet of things device.

Fig. 6 is a flowchart of a control method of an internet of things device according to still another embodiment of the present application, and as shown in fig. 6, the control method of the internet of things device may include:

step 601, receiving a control instruction sent by a terminal device, where the control instruction is generated by the terminal device according to a token sent by a cloud server, an order identifier of the order created by the terminal device and an operation instruction for the internet of things device.

In this embodiment, the terminal device may be an intelligent terminal device such as a smart phone, a smart watch, a tablet computer, a notebook computer, or a PC, and the form of the terminal device is not limited in this embodiment.

Step 602, authenticating the token in the control command.

Step 603, after the authentication is passed, executing the operation instruction in the control instruction.

In this embodiment, after receiving the control instruction sent by the terminal device, the internet of things device firstly authenticates the token in the control instruction, and only after the authentication is passed, the internet of things device executes the operation instruction in the control instruction.

The internet of things equipment can be equipment capable of communicating between objects, such as an automobile or an electric vehicle, and the form of the internet of things equipment is not limited by the embodiment.

Specifically, the authenticating the token in the control instruction may be: calculating to obtain a token according to the own secret key and the order identification in the control instruction; comparing the token obtained by calculation with the token in the control instruction; if the calculated token is the same as the token in the control instruction, determining that the authentication is passed; and if the calculated token is not the same as the token in the control instruction, determining that the authentication is not passed.

According to the control method of the Internet of things equipment, after the control instruction sent by the terminal equipment is received, the token in the control instruction is authenticated, and after the authentication is passed, the operation instruction in the control instruction is executed, so that different terminal equipment can use different tokens to control the same Internet of things equipment, the usability is still ensured under the condition of poor communication conditions, and the flexibility and the safety of the control of the Internet of things equipment are improved.

Fig. 7 is a flowchart of a control method of an internet of things device according to still another embodiment of the present application, as shown in fig. 7, in the embodiment shown in fig. 6 of the present application, after step 603, the method may further include:

step 701, receiving a key agreement request sent by a cloud server, where the key agreement request is sent by the cloud server after determining that the internet of things device has no associated order.

Step 702, negotiating with the cloud server to update the key, and storing the updated key.

In this embodiment, before the order is created, the cloud server negotiates with the internet of things device to update the key, and stores the key separately.

After the internet of things equipment executes the operation instruction in the control instruction, the cloud server checks whether the internet of things equipment has an associated order or not, if not, the cloud server negotiates with the internet of things equipment to update a secret key, and stores the updated secret key; and if the Internet of things equipment has an associated order, the secret key is not updated.

In the control method of the internet of things device provided by this embodiment, the internet of things device and the cloud server only need to use the remote communication channel when the key is updated, and the dependence on the remote communication channel is low. In extreme cases, if the key update fails due to the unavailability of the telecommunication channel, the method can still operate normally. And the validity period of the token is controlled accurately, in this embodiment, the validity period of the token starts from the time when the terminal device passes the authorization verification, and ends when the cloud server updates the key of the internet of things device, and the control accuracy depends on the success rate of the key update.

In addition, in this embodiment, all the assigned tokens of the corresponding internet of things devices can be revoked by updating the key, and the cloud server can issue tokens for controlling the same internet of things device according to the orders of the plurality of terminal devices. And once the key updating operation is performed, the tokens are simultaneously invalidated.

Fig. 8 is a flowchart of a control method of an internet of things device according to still another embodiment of the present application, as shown in fig. 8, in the embodiment shown in fig. 6 of the present application, after step 601, the method may further include:

step 801, sending an inquiry request to the cloud server, where the inquiry request is used to inquire whether an order corresponding to the order identifier in the control instruction is legal or not.

Step 802, receiving the query result sent by the cloud server.

Step 803, when the query result indicates that the order corresponding to the order identifier in the control instruction is legal, executing the operation instruction in the control instruction.

The above process is called order validity inquiry, called order inquiry for short, and is a supplement to the token authentication in step 602, and is generally only used to verify critical instructions (e.g., unlocking, etc.). And if the query result is that the order corresponding to the order identifier in the control instruction is illegal, the Internet of things equipment refuses to execute any instruction of the order identifier and the associated token thereof. If the inquiry is not initiated or cannot be initiated due to the condition that the inquiry is not allowed (a remote communication channel is not available), the equipment of the Internet of things should treat the current order identification as legal.

The control method of the internet of things equipment provided by the embodiment has low dependence on the remote communication channel, and the internet of things equipment and the cloud server only need to use the remote communication channel when the order is inquired. In extreme cases, the method can still operate normally if the order query cannot be initiated because the remote communication channel is unavailable. In this embodiment, the token validity period starts from the time when the terminal device creates an order and passes authorization to the time when the order is destroyed. The accuracy of the validity period control depends on the initiating frequency and success rate of the order inquiry.

In addition, in this embodiment, a plurality of terminal devices are allowed to use respective tokens to control the same internet of things device, and when a plurality of terminal devices control the same internet of things device, the order identifications of the terminal devices are different from each other, so the tokens are also different from each other. The tokens are effective in the same order cycle and can control the Internet of things equipment. And a certain distributed token can be accurately hoisted, the cloud server can issue tokens for controlling the same Internet of things device aiming at a plurality of terminal devices, when a certain order is invalid, only the token corresponding to the order is invalid, and the tokens distributed to other orders can still be continuously used.

The control method of the internet of things equipment can be applied to a system comprising a cloud server, the internet of things equipment and terminal equipment, and is explained by combining system architecture diagrams of the cloud server, the internet of things equipment and the terminal equipment.

Fig. 9 is a flowchart of a control method of an internet of things device according to still another embodiment of the present application, and as shown in fig. 9, the control method of the internet of things device may include:

step 901, the cloud server negotiates with the internet of things device to update a secret key, and stores the secret key separately.

In this embodiment, each internet of things device has its own secret key, and has a record on the cloud server.

Step 902, the terminal device sends an authorization request corresponding to the created current order to the cloud server, where the authorization request is used to request to control the specified internet of things device.

Specifically, when the terminal device needs to control the internet of things device, authorization needs to be requested from the cloud server, at this time, the terminal device creates an order, and then sends an authorization request corresponding to the created order to the cloud server.

In this embodiment, the terminal device may be an intelligent terminal device such as a smart phone, a smart watch, a tablet computer, a notebook computer, or a PC, and the form of the terminal device is not limited in this embodiment.

Step 903, after receiving the authorization request, the cloud server calculates and obtains a token corresponding to the current order according to the secret key of the internet of things device and the order identifier of the current order, and sends the token to the terminal device.

Specifically, the cloud server needs to determine whether the authorization request is legal or not, and after the authorization request is legal, the cloud server can calculate and obtain a token corresponding to the order according to the secret key of the internet of things device and the order identifier of the order, so that multiple terminal devices can control the same internet of things device by using respective tokens. The tokens are effective in the same secret key period and can control the equipment of the Internet of things. And moreover, the cloud server can accurately revoke a certain distributed token, the cloud server can issue tokens for controlling the same Internet of things device according to orders of a plurality of terminal devices, when a certain order fails, only the token corresponding to the order fails, and the tokens distributed to other orders can still be continuously used.

And 904, after receiving the token, the terminal device generates a control instruction according to the token, the order identifier of the order and the operation instruction for the internet of things device, and sends the control instruction to the internet of things device so as to control the internet of things device.

Step 905, after the internet of things equipment receives the control instruction, the token in the control instruction is authenticated, and after the authentication is passed, the operation instruction in the control instruction is executed.

In this embodiment, after receiving the control instruction sent by the terminal device, the internet of things device firstly authenticates the token in the control instruction, and only after the authentication is passed, the internet of things device executes the operation instruction in the control instruction.

Specifically, the authenticating the token in the control instruction may be: calculating to obtain a token according to the own secret key and the order identification in the control instruction; comparing the token obtained by calculation with the token in the control instruction; if the calculated token is the same as the token in the control instruction, determining that the authentication is passed; and if the calculated token is not the same as the token in the control instruction, determining that the authentication is not passed.

After the order is finished, the cloud server checks whether the Internet of things equipment has an associated order, and if so, the secret key does not need to be updated; if not, the key of the internet of things device is updated, i.e. the step 901 is returned to.

In the embodiment, the dependence on the remote communication channel is low, and the Internet of things equipment and the cloud server only need to use the remote communication channel when the secret key is updated. In an extreme case, if the remote communication channel is unavailable, which results in a failure of updating the key, the embodiment may use the previous key and still operate normally.

The token validity period is controlled accurately, the token validity period starts from the time when the terminal device passes the authorization verification, and ends when the cloud server updates the secret key of the internet of things device, and the control accuracy depends on the success rate of secret key updating. In addition, a plurality of terminal devices are allowed to use respective tokens to control the same Internet of things device, and when the plurality of terminal devices control the same Internet of things device, order identifications of the terminal devices are different, so the tokens are also different. The tokens are effective in the same secret key period and can control the equipment of the Internet of things.

And updating the secret key to revoke all the distributed tokens corresponding to the Internet of things equipment, and the cloud server can issue tokens for controlling the same Internet of things equipment according to orders of a plurality of terminal equipment. And once the key updating operation is performed, the tokens are simultaneously invalidated.

Fig. 10 is a flowchart of a control method of an internet of things device according to still another embodiment of the present application, and as shown in fig. 10, the control method of the internet of things device may include:

step 1001, the terminal device sends an authorization request corresponding to the created current order to the cloud server, where the authorization request is used to request control over a specified internet of things device.

Specifically, when the terminal device needs to control the internet of things device, authorization needs to be requested from the cloud server, at this time, the terminal device creates an order, and then sends an authorization request corresponding to the created order to the cloud server.

In this embodiment, the terminal device may be an intelligent terminal device such as a smart phone, a smart watch, a tablet computer, a notebook computer, or a PC, and the form of the terminal device is not limited in this embodiment.

In this embodiment, each internet of things device has its own secret key, and has a record on the cloud server.

Step 1002, after receiving the authorization request, the cloud server calculates and obtains a token corresponding to the current order according to the secret key of the internet of things device and the order identifier of the current order, and sends the token to the terminal device.

Specifically, the cloud server needs to determine whether the authorization request is legal or not, and after the authorization request is legal, the cloud server can calculate and obtain a token corresponding to the order according to the secret key of the internet of things device and the order identifier of the order, so that multiple terminal devices can control the same internet of things device by using respective tokens. The tokens are effective in the same secret key period and can control the equipment of the Internet of things. And moreover, the cloud server can accurately revoke a certain distributed token, the cloud server can issue tokens for controlling the same Internet of things device according to orders of a plurality of terminal devices, when a certain order fails, only the token corresponding to the order fails, and the tokens distributed to other orders can still be continuously used.

In step 1003, after receiving the token, the terminal device generates a control instruction according to the token, the order identifier of the order and the operation instruction for the internet of things device, and sends the control instruction to the internet of things device to control the internet of things device.

And 1004, after the internet of things equipment receives the control command, authenticating the token in the control command.

In this embodiment, after receiving the control instruction sent by the terminal device, the internet of things device first authenticates the token in the control instruction.

Specifically, the authenticating the token in the control instruction may be: calculating to obtain a token according to the own secret key and the order identification in the control instruction; comparing the token obtained by calculation with the token in the control instruction; if the calculated token is the same as the token in the control instruction, determining that the authentication is passed; and if the calculated token is not the same as the token in the control instruction, determining that the authentication is not passed.

Step 1005, the internet of things device sends an inquiry request to the cloud server, where the inquiry request is used to inquire whether an order corresponding to the order identifier in the control instruction is legal or not.

Step 1006, the internet of things device receives the query result sent by the cloud server.

Step 1007, when the query result indicates that the order corresponding to the order identifier in the control command is legal and the authentication is passed, executing the operation command in the control command.

The process described in steps 1005-1007 is called order validity query, abbreviated as order query, which is a supplement to token authentication in step 1004 and is generally only used to verify critical instructions (such as unlocking). And if the query result is that the order corresponding to the order identifier in the control instruction is illegal, the Internet of things equipment refuses to execute any instruction of the order identifier and the associated token thereof. If the inquiry is not initiated or cannot be initiated due to the condition that the inquiry is not allowed (a remote communication channel is not available), the equipment of the Internet of things should treat the current order identification as legal.

In this embodiment, step 1004 and steps 1005 to 1006 may be executed in parallel or sequentially, which is not limited in this embodiment.

The dependence on the remote communication channel is low, and the Internet of things equipment and the cloud server only need to use the remote communication channel when the order is inquired. Under extreme conditions, if the order query cannot be initiated due to the fact that the remote communication channel is unavailable, the method can still run normally; the token validity period control is relatively weak, the token validity period starts from the time when the terminal device creates an order and passes authorization until the time when the order is destroyed, and the validity period control accuracy depends on the initiating frequency and the success rate of order inquiry.

This embodiment allows multiple terminal devices to use their respective tokens to control the same internet of things device: when a plurality of terminal devices control the same Internet of things device, the order identifications of the terminal devices are different, so the tokens are also different. The tokens are effective in the same order cycle and can control the Internet of things equipment; certain distributed token can be precisely hoisted, and the cloud server can issue the token for controlling the same Internet of things device according to orders of a plurality of terminal devices. When a certain order is invalid, only the token corresponding to the order is invalid, and the tokens allocated to other orders can still be used continuously.

Fig. 11 is a flowchart of a control method of an internet of things device according to still another embodiment of the present application, and as shown in fig. 11, the control method of the internet of things device may include:

step 1101, the cloud server negotiates with the internet of things device to update the secret key, and stores the secret key respectively.

In this embodiment, each internet of things device has its own secret key, and has a record on the cloud server.

Step 1102, the terminal device sends an authorization request corresponding to the created current order to the cloud server, where the authorization request is used for requesting control over the specified internet of things device.

Specifically, when the terminal device needs to control the internet of things device, authorization needs to be requested from the cloud server, at this time, the terminal device creates an order, and then sends an authorization request corresponding to the created order to the cloud server.

In this embodiment, the terminal device may be an intelligent terminal device such as a smart phone, a smart watch, a tablet computer, a notebook computer, or a PC, and the form of the terminal device is not limited in this embodiment.

Step 1103, after receiving the authorization request, the cloud server calculates to obtain a token corresponding to the current order according to the key of the internet of things device and the order identifier of the current order, and sends the token to the terminal device.

Specifically, the cloud server needs to determine whether the authorization request is legal or not, and after the authorization request is legal, the cloud server can calculate and obtain a token corresponding to the order according to the secret key of the internet of things device and the order identifier of the order, so that multiple terminal devices can control the same internet of things device by using respective tokens. The tokens are effective in the same secret key period and can control the equipment of the Internet of things. And moreover, the cloud server can accurately revoke a certain distributed token, the cloud server can issue tokens for controlling the same Internet of things device according to orders of a plurality of terminal devices, when a certain order fails, only the token corresponding to the order fails, and the tokens distributed to other orders can still be continuously used.

And 1104, after receiving the token, the terminal device generates a control instruction according to the token, the order identifier of the order and the operation instruction for the internet of things device, and sends the control instruction to the internet of things device so as to control the internet of things device.

Step 1105, after the internet of things device receives the control instruction, the token in the control instruction is authenticated.

In this embodiment, after receiving the control instruction sent by the terminal device, the internet of things device first authenticates the token in the control instruction.

Specifically, the authenticating the token in the control instruction may be: calculating to obtain a token according to the own secret key and the order identification in the control instruction; comparing the token obtained by calculation with the token in the control instruction; if the calculated token is the same as the token in the control instruction, determining that the authentication is passed; and if the calculated token is not the same as the token in the control instruction, determining that the authentication is not passed.

Step 1106, the internet of things device sends an inquiry request to the cloud server, where the inquiry request is used to inquire whether an order corresponding to the order identifier in the control instruction is legal or not.

Step 1107, the internet of things device receives the query result sent by the cloud server.

Step 1108, when the query result indicates that the order corresponding to the order identifier in the control instruction is legal and the authentication is passed, executing the operation instruction in the control instruction.

The process described in steps 1106-1108 is called order validity query, abbreviated as order query, which is a supplement to the token authentication in step 1105 and is generally used only to verify critical instructions (e.g., unlock, etc.). And if the query result is that the order corresponding to the order identifier in the control instruction is illegal, the Internet of things equipment refuses to execute any instruction of the order identifier and the associated token thereof. If the inquiry is not initiated or cannot be initiated due to the condition that the inquiry is not allowed (a remote communication channel is not available), the equipment of the Internet of things should treat the current order identification as legal.

In this embodiment, step 1105 and steps 1106 to 1107 may be executed in parallel or sequentially, which is not limited in this embodiment.

After the order is finished, the cloud server checks whether the Internet of things equipment has an associated order, and if so, the secret key does not need to be updated; if not, the key of the internet of things device is updated, i.e. the process returns to step 1101.

In the embodiment, the dependence on the remote communication channel is low, and the Internet of things equipment and the cloud server only need to use the remote communication channel when the secret key is updated and the order is inquired. In extreme cases, if the remote communication channel is unavailable, the system can still normally operate if the secret key updating and the order query fail; the token validity period control is accurate: the token validity period is from the time the terminal device creates the order and starts with authorization to the time the order is destroyed. The control accuracy depends on the success rate of the key update and the initiation frequency and success rate of the order inquiry.

The multiple terminal devices are allowed to use respective tokens to control the same Internet of things device, and when the multiple terminal devices control the same Internet of things device, order identifications of the terminal devices are different, so the tokens are also different. The tokens are effective in the same order cycle and can control the Internet of things equipment.

In addition, a certain allocated token can be accurately revoked, and the cloud server can issue tokens for controlling the same internet of things device according to orders of a plurality of terminal devices. When a certain order is invalid, only the token corresponding to the order is invalid, and the tokens distributed to other orders can still be continuously used; all the distributed tokens corresponding to the Internet of things equipment can be revoked by updating the secret key: the cloud server can issue tokens for controlling the same Internet of things device according to orders of the plurality of terminal devices. And once the key updating operation is performed, the tokens are simultaneously invalidated.

The control method of the Internet of things equipment can improve the difficulty of an attacker in counterfeiting an instruction of the Internet of things equipment and reduce the dependence of the Internet of things equipment on a remote communication network. Compared with the scheme that the internet of things equipment instruction needs to be transferred by the cloud server, the internet of things equipment can be directly controlled through the short-range communication protocol by the authorization terminal equipment. On the other hand, in the embodiment, the communication between the internet of things device and the cloud server is not mandatory, and the system can still be normally used when the network environment is not good.

In addition, the method provided by the embodiment can effectively prevent the token collection attack. If the attacker is located between the cloud server and the terminal device, or between the terminal device and the internet of things device, or the attacker is the terminal device itself, the terminal device may intercept the control token used in the communication. In different internet of things devices in this embodiment, tokens used in different order periods are different. Therefore, even if a single token is leaked, other internet of things devices cannot be damaged in the embodiment.

According to the above embodiments, the present invention provides two methods of accurately controlling the validity period of a token and a hybrid control method. The method specifically comprises the following steps: in the first method, the validity period of the secret key is controlled. And the second method is to control the validity period of the order. The hybrid control method comprises the following steps: and meanwhile, the validity period of the secret key and the validity period of the order are controlled. Meanwhile, the implementation is beneficial to enhancing the validity period of the control token and ensuring the use safety of the equipment of the Internet of things.

The embodiment of the application provides two methods for actively hoisting the token, and the two methods for actively hoisting the token can also be used in combination. One way to actively revoke a token is to update the key (revoke all tokens associated with this key), and the other is to revoke an order (revoke a token associated with an order). The two methods are different in that for the case that the cloud service allocates a plurality of tokens to one or more terminal devices (for example, two tokens are allocated to one terminal, four tokens are allocated to two terminals, etc.), updating the secret key will invalidate all the old tokens of the internet of things device; and the suspension order only disables the token of a certain terminal device corresponding to the order. The appropriate overhead token method may be selected in conjunction with a particular business scenario.

Specifically, for example, two terminal devices simultaneously request a control right for one internet of things device. In the service scenario, each terminal device generates an independent order and an independent token. If the cloud server executes the updating of the key to revoke the token, since one piece of internet of things equipment only corresponds to one key, the updating of the key can cause orders and tokens of two users to be cancelled at the same time, namely, both users cannot obtain the control right of the internet of things equipment. And if the cloud server executes the order for revoking so as to revoke the token corresponding to the order, the terminal equipment creating the order is cancelled from the control right of the Internet of things equipment.

It should be noted that, in some application scenarios, the two methods for revoking the token can also be used simultaneously, so that the implementation of the revoking token service is ensured, and the use safety of the internet of things equipment is ensured.

The communication encryption based on the embodiment is more significant, the security of the system depends on a perfect authorization authentication process, and the security of the system can be further improved by adding the communication encryption on the basis of the control method of the internet of things equipment provided by the embodiment.

The control method of the Internet of things equipment is suitable for an application scene that the terminal equipment obtains the control right of the Internet of things equipment within a certain period of time, and is beneficial to the safety control of a terminal equipment holder on the Internet of things equipment. Such application scenarios include, but are not limited to, shared cars and/or shared bicycles, etc. Specifically, by using the method, the shared automobile leasing user can acquire the control right of the shared automobile in the order time period, and the shared automobile owner can conveniently and effectively control the shared automobile safely.

The control method of the internet of things equipment provided by the embodiment of the application still ensures the usability under the condition of poor communication conditions, because the secret key cannot be updated under the condition of poor communication conditions, and the order inquiry fails under the condition of poor communication conditions, and the internet of things equipment considers that the current order is still effective; therefore, the control method of the internet of things equipment provided by the embodiment of the application can still ensure the usability under the condition of poor communication conditions.

The control method of the internet of things equipment provided by the embodiment of the application can still ensure the usability of the shared automobile and/or the shared bicycle when the shared automobile and/or the shared bicycle is parked in places with poor signals such as an underground parking lot, and the like, so that a customer cannot use the shared automobile and/or the shared bicycle in places such as the underground parking lot due to poor communication signals.

Fig. 12 is a schematic structural diagram of an embodiment of a control device of an internet of things device in the present application, where the control device of the internet of things device in the embodiment of the present application may be used as a cloud server to implement the control method of the internet of things device provided in the embodiments shown in fig. 1 to 4 of the present application. As shown in fig. 12, the control device of the internet of things device may include: a receiving module 1201, a calculating module 1202 and a sending module 1203;

the receiving module 1201 is configured to receive an authorization request sent by a terminal device and corresponding to the created order, where the authorization request is used to request to control a specified internet of things device;

in this embodiment, the terminal device may be an intelligent terminal device such as a smart phone, a smart watch, a tablet Computer, a notebook Computer, or a Personal Computer (PC), and the form of the terminal device is not limited in this embodiment.

The calculating module 1202 is configured to calculate and obtain a token corresponding to the current order according to the secret key of the internet of things device and the order identifier of the current order;

specifically, the calculating module 1202 may calculate, according to the secret key of the internet of things device and the order identifier of the order, the token corresponding to the order by using a signature algorithm, so that a plurality of terminal devices may use their own tokens to control the same internet of things device. The tokens are effective in the same secret key period and can control the equipment of the Internet of things. And the control device of the internet of things equipment can accurately revoke a certain allocated token, the control device of the internet of things equipment can issue tokens for controlling the same internet of things equipment according to orders of a plurality of terminal equipment, when a certain order fails, only the token corresponding to the order fails, and the tokens allocated to other orders can still be continuously used.

A sending module 1203, configured to send the token to the terminal device, so that after the terminal device generates a control instruction according to the token, the order identifier of the current order, and the operation instruction for the internet of things device, the terminal device sends the control instruction to the internet of things device, so as to control the internet of things device.

In the control device of the internet of things device, after the receiving module 1201 receives the authorization request corresponding to the created order from the terminal device, the calculating module 1202 calculates and obtains a token corresponding to the current order according to the secret key of the internet of things device and the order identifier of the current order, then, the sending module 1203 sends the token to the terminal device, so that the terminal device generates a control instruction according to the token, the order identifier of the current order and the operation instruction for the internet of things device, sends the control instruction to the internet of things device, the Internet of things equipment is controlled, so that different terminal equipment can control the same Internet of things equipment by using different tokens, the usability is still ensured under the condition of poor communication conditions, and the flexibility and the safety of the control of the equipment of the Internet of things are improved; different tokens can be generated by different order identifications, the leakage of a single token does not affect the overall security of the system, different tokens can be generated by combining different order identifications with the same secret key, and the tokens can be used for controlling the same Internet of things device.

Fig. 13 is a schematic structural diagram of another embodiment of a control device of an internet of things device according to the present application, and compared with the control device of the internet of things device shown in fig. 12, the difference is that the control device of the internet of things device shown in fig. 13 may further include: checking module 1204 and updating module 1205

A checking module 1204, configured to check whether the internet of things device has an associated order after the order is completed;

an updating module 1205, configured to negotiate with the internet of things device to update the key when the checking module 1204 determines that the internet of things device has no associated order, and store the updated key.

In this embodiment, before the order is created, the control device of the internet of things device negotiates with the internet of things device to update the key, and stores the key separately.

After the sending module 1203 sends the token to the terminal device, the checking module 1204 checks whether the internet of things device has an associated order, and if not, the updating module 1205 negotiates with the internet of things device to update the key and stores the updated key; if the internet of things device has an associated order, the updating module 1205 does not update the key.

In the controlling means of thing networking device that this embodiment provided, thing networking device and the controlling means of above-mentioned thing networking device only need use the remote communication passageway when the key is updated, and the dependence to the remote communication passageway is low. In an extreme case, if the key fails to be updated due to the unavailability of the remote communication channel, the control device of the internet of things device can still operate normally. And the validity period of the token is controlled accurately, in this embodiment, the validity period of the token starts from the time when the terminal device passes the authorization verification, and ends when the updating module 1205 updates the key of the internet of things device, and the control accuracy depends on the success rate of updating the key.

In addition, in this embodiment, the update module 1205 can revoke all the allocated tokens of the corresponding internet of things device by updating the keys, and the control device of the internet of things device can issue the tokens for controlling the same internet of things device according to the orders of the plurality of terminal devices. And once the key updating operation is performed, the tokens are simultaneously invalidated.

Further, the receiving module 1201 is further configured to receive, after the sending module 1203 sends the token to the terminal device, an inquiry request sent by the internet of things device, where the inquiry request is used to inquire whether an order corresponding to the order identifier in the control instruction is legal or not;

the sending module 1203 is further configured to send a query result to the internet of things device, so that the internet of things device executes an operation instruction in the control instruction when the query result indicates that the order corresponding to the order identifier in the control instruction is legal.

The above process is called order validity query, which is called order query for short, and is generally only used to verify critical instructions (such as unlocking). And if the query result is that the order corresponding to the order identifier in the control instruction is illegal, the Internet of things equipment refuses to execute any instruction of the order identifier and the associated token thereof. If the inquiry is not initiated or cannot be initiated due to the condition that the inquiry is not allowed (a remote communication channel is not available), the equipment of the Internet of things should treat the current order identification as legal.

The control device of the internet of things equipment provided by the embodiment has low dependence on a remote communication channel, and the internet of things equipment and the control device of the internet of things equipment only need to use the remote communication channel when an order is inquired. In an extreme case, if the remote communication channel is unavailable, the order query cannot be initiated, and the control device of the internet of things equipment can still normally operate. In this embodiment, the token validity period starts from the time when the terminal device creates an order and passes authorization to the time when the order is destroyed. The accuracy of the validity period control depends on the initiating frequency and success rate of the order inquiry.

In addition, in this embodiment, a plurality of terminal devices are allowed to use respective tokens to control the same internet of things device, and when a plurality of terminal devices control the same internet of things device, the order identifications of the terminal devices are different from each other, so the tokens are also different from each other. The tokens are effective in the same order cycle and can control the Internet of things equipment. And a certain distributed token can be accurately hoisted and sold, the control device of the internet of things equipment can issue tokens for controlling the same internet of things equipment aiming at a plurality of terminal equipment, and when a certain order fails, only the token corresponding to the order fails, and the tokens distributed to other orders can still be continuously used.

Further, the control device of the internet of things device may further include:

a checking module 1206, configured to check validity of the authorization request after the receiving module 1201 receives the authorization request sent by the terminal device that creates the order; specifically, the checking module 1206 may check the validity of the authorization request by: the checking module 1206 checks whether the balance of the login account in the terminal device is greater than or equal to a predetermined threshold and/or whether the login account passes real-name authentication, and the like, where the predetermined threshold may be set by itself according to system performance and/or implementation requirements, and the size of the predetermined threshold is not limited in this embodiment.

Thus, the verification module 1206 may determine that the authorization request is legitimate by: the verification module 1206 determines that the balance of the login account in the terminal device is greater than or equal to a predetermined threshold and/or that the login account is authenticated by real name.

The calculating module 1202 is specifically configured to, after the verifying module 1206 determines that the authorization request is legal, calculate and obtain a token corresponding to the current order according to the key of the internet of things device and the order identifier of the current order.

Fig. 14 is a schematic structural diagram of another embodiment of a control device of an internet of things device according to the present application, where the control device of the internet of things device in the embodiment of the present application may be used as a terminal device to implement the control method of the internet of things device according to the embodiment shown in fig. 5 of the present application.

In this embodiment, the terminal device may be an intelligent terminal device such as a smart phone, a smart watch, a tablet computer, a notebook computer, or a PC, and the form of the terminal device is not limited in this embodiment.

As shown in fig. 14, the control device of the internet of things device may include: a transmission module 1401, a reception module 1402, and a generation module 1403;

the sending module 1401 is configured to send an authorization request corresponding to the created current order to the cloud server, where the authorization request is used to request to control a specified internet of things device; specifically, when the control device of the internet of things device needs to control the internet of things device, authorization needs to be requested from the cloud server, at this time, the control device of the internet of things device creates an order, and then the sending module 1401 sends an authorization request corresponding to the created order to the cloud server.

A receiving module 1402, configured to receive a token sent by the cloud server, where the token is calculated by the cloud server according to a key of the internet of things device and an order identifier of the order; specifically, the cloud server may calculate, according to the secret key of the internet of things device and the order identifier of the order, the token corresponding to the order by using a signature algorithm, so that the plurality of terminal devices may control the same internet of things device by using their respective tokens, and when the plurality of terminal devices control the same internet of things device, the order identifiers of the terminal devices are different, so the tokens are also different. The tokens are effective in the same secret key period and can control the equipment of the Internet of things. And moreover, the cloud server can accurately revoke a certain distributed token, the cloud server can issue tokens for controlling the same Internet of things device according to orders of a plurality of terminal devices, when a certain order fails, only the token corresponding to the order fails, and the tokens distributed to other orders can still be continuously used.

A generating module 1403, configured to generate a control instruction according to the token, the order identifier of the order and the operation instruction for the internet of things device.

The sending module 1401 is further configured to send the control instruction to the internet of things device, so that after the internet of things device receives the control instruction, the token in the control instruction is authenticated, and after the token passes the authentication, the operation instruction in the control instruction is executed.

In the control apparatus of the internet of things device, after the sending module 1401 sends the authorization request corresponding to the created current order to the cloud server, the receiving module 1402 receives the token sent by the cloud server, then, the generating module 1403 generates a control instruction according to the token, the order identifier of the order and the operation instruction for the internet of things device, and finally, the sending module 1401 sends the control instruction to the internet of things device, so that after the internet of things device receives the control instruction, authenticating the token in the control instruction, and executing the operation instruction in the control instruction after the authentication is passed, therefore, different terminal devices can control the same Internet of things device by using different tokens, the usability is still ensured under the condition of poor communication conditions, and the flexibility and the safety of the control of the Internet of things device are improved; different tokens can be generated by different order identifications, the leakage of a single token does not affect the overall security of the system, different tokens can be generated by combining different order identifications with the same secret key, and the tokens can be used for controlling the same Internet of things device.

Fig. 15 is a schematic structural diagram of another embodiment of a control device of an internet of things device according to the present application, where the control device of the internet of things device in the embodiment of the present application may be used as an internet of things device to implement the control method of the internet of things device according to the embodiments shown in fig. 6 to 8 of the present application. As shown in fig. 15, the control device of the internet of things device may include: a receiving module 1501, an authentication module 1502, and an execution module 1503;

the receiving module 1501 is configured to receive a control instruction sent by a terminal device, where the control instruction is generated by the terminal device according to a token sent by a cloud server, an order identifier of a current order created by the terminal device, and an operation instruction for an internet of things device; in this embodiment, the terminal device may be an intelligent terminal device such as a smart phone, a smart watch, a tablet computer, a notebook computer, or a PC, and the form of the terminal device is not limited in this embodiment.

An authentication module 1502 is configured to authenticate the token in the control instruction.

And the execution module 1503 is configured to execute the operation instruction in the control instruction after the authentication is passed.

In this embodiment, after the receiving module 1501 receives the control instruction sent by the terminal device, the authentication module 1502 authenticates the token in the control instruction, and after the authentication is passed, the executing module 1503 executes the operation instruction in the control instruction.

The internet of things equipment can be equipment capable of communicating between objects, such as an automobile or an electric vehicle, and the form of the internet of things equipment is not limited by the embodiment.

In the control apparatus of the internet of things device, after the receiving module 1501 receives the control instruction sent by the terminal device, the authentication module 1502 authenticates the token in the control instruction, and after the authentication is passed, the execution module 1503 executes the operation instruction in the control instruction, so that different terminal devices can use different tokens to control the same internet of things device, usability can be still ensured under the condition of poor communication conditions, and flexibility and safety of control of the internet of things device are improved.

Fig. 16 is a schematic structural diagram of a further embodiment of a control device of an internet of things device according to the present application, and compared with the control device of the internet of things device shown in fig. 15, a difference is that in the control device of the internet of things device shown in fig. 16, an authentication module 1502 may include: a token computation sub-module 15021, a comparison sub-module 15022 and a determination sub-module 15023;

the token calculation sub-module 15021 is configured to calculate and obtain a token according to the own secret key and the order identifier in the control instruction;

a comparison sub-module 15022 for comparing the token obtained by the token calculation sub-module 15021 with the token in the control command;

a determining submodule 15023 configured to determine that the authentication is passed when the calculated token is the same as the token in the control command; and when the calculated token is not the same as the token in the control instruction, determining that the authentication is not passed.

Further, the control device of the internet of things device may further include: an update module 1504;

the receiving module 1501 is further configured to receive a key agreement request sent by the cloud server after the executing module 1503 executes the operation instruction in the control instruction, where the key agreement request is sent after the cloud server determines that the internet of things device has no associated order;

the updating module 1504 is configured to negotiate with the cloud server to update the key, and store the updated key.

In this embodiment, before the current order is created, the cloud server and the updating module 1504 negotiate to update the key, and each of the cloud server and the updating module stores the key.

After the execution module 1503 executes the operation instruction in the control instruction, the cloud server checks whether the internet of things device has an associated order, and if not, the cloud server negotiates with the update module 1504 to update the key and stores the updated key; and if the Internet of things equipment has an associated order, the secret key is not updated.

In this embodiment, the control device and the cloud server of the internet of things device only need to use the remote communication channel when the secret key is updated, and the dependence on the remote communication channel is low. In an extreme case, if the key fails to be updated due to the unavailability of the remote communication channel, the control device of the internet of things device can still operate normally. And the validity period of the token is controlled accurately, in this embodiment, the validity period of the token starts from the time when the terminal device passes the authorization verification, and ends when the cloud server updates the key of the internet of things device, and the control accuracy depends on the success rate of the key update.

In addition, in this embodiment, all the assigned tokens of the corresponding internet of things devices can be revoked by updating the key, and the cloud server can issue tokens for controlling the same internet of things device according to the orders of the plurality of terminal devices. And once the key updating operation is performed, the tokens are simultaneously invalidated.

Further, the control device of the internet of things device may further include: a sending module 1505;

a sending module 1505, configured to send, after the receiving module 1501 receives the control instruction sent by the terminal device, an inquiry request to the cloud server, where the inquiry request is used to inquire whether an order corresponding to an order identifier in the control instruction is legal or not;

a receiving module 1501, configured to receive a query result sent by the cloud server;

the execution module 1503 is specifically configured to execute the operation instruction in the control instruction when the query result indicates that the order corresponding to the order identifier in the control instruction is legal.

The above process is called order validity query, which is called order query for short, and is a supplement to token authentication of the authentication module 1502, and is generally only used to verify critical instructions (such as unlocking, etc.). If the query result is that the order corresponding to the order identifier in the control instruction is illegal, the execution module 1503 rejects to execute any instruction of the order identifier and the associated token thereof. If no inquiry is initiated or cannot be initiated because conditions are not allowed (the telecommunications channel is not available), the execution module 1503 should consider the current order identification as legitimate.

The control device of the internet of things equipment provided by the embodiment has low dependence on a remote communication channel, and the control device and the cloud server of the internet of things equipment only need to use the remote communication channel when an order is inquired. In an extreme case, if the remote communication channel is unavailable, the order query cannot be initiated, and the control device of the internet of things equipment can still normally operate. In this embodiment, the token validity period starts from the time when the terminal device creates an order and passes authorization to the time when the order is destroyed. The accuracy of the validity period control depends on the initiating frequency and success rate of the order inquiry.

In addition, in this embodiment, a plurality of terminal devices are allowed to use respective tokens to control the same internet of things device, and when a plurality of terminal devices control the same internet of things device, the order identifications of the terminal devices are different from each other, so the tokens are also different from each other. The tokens are effective in the same order cycle and can control the Internet of things equipment. And a certain distributed token can be accurately hoisted, the cloud server can issue tokens for controlling the same Internet of things device aiming at a plurality of terminal devices, when a certain order is invalid, only the token corresponding to the order is invalid, and the tokens distributed to other orders can still be continuously used.

Fig. 17 is a schematic structural diagram of an embodiment of a server in the present application, where the server may include a memory, a processor, and a computer program stored in the memory and executable on the processor, and when the processor executes the computer program, the method for controlling an internet of things device according to the embodiments shown in fig. 1 to 4 in the present application may be implemented.

The server may be a cloud server, or may be another type of server, and the specific form of the server is not limited in this embodiment.

FIG. 17 illustrates a block diagram of an exemplary computer device 12 suitable for use in implementing embodiments of the present application. The computer device 12 shown in fig. 17 is only an example, and should not bring any limitation to the function and the scope of use of the embodiments of the present application.

As shown in FIG. 17, computer device 12 is embodied in the form of a general purpose computing device. The components of computer device 12 may include, but are not limited to: one or more processors or processing units 16, a system memory 28, and a bus 18 that couples various system components including the system memory 28 and the processing unit 16.

Bus 18 represents one or more of any of several types of bus structures, including a memory bus or memory controller, a peripheral bus, an accelerated graphics port, and a processor or local bus using any of a variety of bus architectures. These architectures include, but are not limited to, Industry Standard Architecture (ISA) bus, Micro Channel Architecture (MAC) bus, enhanced ISA bus, Video Electronics Standards Association (VESA) local bus, and Peripheral Component Interconnect (PCI) bus, to name a few.

Computer device 12 typically includes a variety of computer system readable media. Such media may be any available media that is accessible by computer device 12 and includes both volatile and nonvolatile media, removable and non-removable media.

The system Memory 28 may include computer system readable media in the form of volatile Memory, such as Random Access Memory (RAM) 30 and/or cache Memory 32. Computer device 12 may further include other removable/non-removable, volatile/nonvolatile computer system storage media. By way of example only, storage system 34 may be used to read from and write to non-removable, nonvolatile magnetic media (not shown in FIG. 17, commonly referred to as a "hard drive"). Although not shown in FIG. 17, a disk drive for reading from and writing to a removable, nonvolatile magnetic disk (e.g., a "floppy disk") and an optical disk drive for reading from or writing to a removable, nonvolatile optical disk (e.g., a Compact disk Read Only Memory (CD-ROM), a Digital versatile disk Read Only Memory (DVD-ROM), or other optical media) may be provided. In these cases, each drive may be connected to bus 18 by one or more data media interfaces. Memory 28 may include at least one program product having a set (e.g., at least one) of program modules that are configured to carry out the functions of embodiments of the application.

A program/utility 40 having a set (at least one) of program modules 42 may be stored, for example, in memory 28, such program modules 42 including, but not limited to, an operating system, one or more application programs, other program modules, and program data, each of which examples or some combination thereof may comprise an implementation of a network environment. Program modules 42 generally perform the functions and/or methodologies of the embodiments described herein.

Computer device 12 may also communicate with one or more external devices 14 (e.g., keyboard, pointing device, display 24, etc.), with one or more devices that enable a user to interact with computer device 12, and/or with any devices (e.g., network card, modem, etc.) that enable computer device 12 to communicate with one or more other computing devices. Such communication may be through an input/output (I/O) interface 22. Moreover, computer device 12 may also communicate with one or more networks (e.g., a Local Area Network (LAN), a Wide Area Network (WAN), and/or a public Network such as the Internet) via Network adapter 20. As shown in FIG. 17, the network adapter 20 communicates with the other modules of the computer device 12 via the bus 18. It should be understood that although not shown in FIG. 17, other hardware and/or software modules may be used in conjunction with computer device 12, including but not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAID systems, tape drives, and data backup storage systems, among others.

The processing unit 16 executes various functional applications and data processing by running programs stored in the system memory 28, for example, implementing the control method of the internet of things device provided in the embodiments shown in fig. 1 to 4 of the present application.

An embodiment of the present application further provides a non-transitory computer-readable storage medium, on which a computer program is stored, and when the computer program is executed by a processor, the method for controlling an internet of things device according to the embodiments shown in fig. 1 to 4 of the present application may be implemented.

The non-transitory computer readable storage medium described above may take any combination of one or more computer readable media. The computer readable medium may be a computer readable signal medium or a computer readable storage medium. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples (a non-exhaustive list) of the computer readable storage medium would include the following: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a Read Only Memory (ROM), an Erasable Programmable Read Only Memory (EPROM), a flash Memory, an optical fiber, a portable compact disc Read Only Memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the context of this document, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.

A computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take any of a variety of forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device.

Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.

Computer program code for carrying out operations for aspects of the present application may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, Smalltalk, C + +, and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any type of Network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet service provider).

The embodiment of the present application further provides a terminal device, where the terminal device may include a memory, a processor, and a computer program stored in the memory and capable of running on the processor, and when the processor executes the computer program, the method for controlling an internet of things device according to the embodiment shown in fig. 5 of the present application may be implemented.

In this embodiment, the terminal device may be an intelligent terminal device such as a smart phone, a smart watch, a tablet computer, a notebook computer, or a PC, and the form of the terminal device is not limited in this embodiment. Specifically, the terminal device may be implemented by using a structure the same as or similar to that of fig. 17, which is not limited in this embodiment.

An embodiment of the present application further provides a non-transitory computer-readable storage medium, on which a computer program is stored, where the computer program, when executed by a processor, may implement the method for controlling an internet of things device according to the embodiment shown in fig. 5 in the present application.

An embodiment of the present application further provides an internet of things device, where the internet of things device may include a memory, a processor, and a computer program stored in the memory and executable on the processor, and when the processor executes the computer program, the control method of the internet of things device provided in the embodiments shown in fig. 6 to 8 of the present application may be implemented.

In this embodiment, the internet of things device may be a device capable of performing communication between objects, such as a shared automobile and/or a shared bicycle, and the form of the internet of things device is not limited in this embodiment. Specifically, the internet of things device may be implemented by using a structure the same as or similar to that shown in fig. 17, which is not limited in this embodiment.

An embodiment of the present application further provides a non-transitory computer-readable storage medium, on which a computer program is stored, and when the computer program is executed by a processor, the method for controlling an internet of things device according to the embodiments shown in fig. 6 to 8 of the present application may be implemented.

In the description herein, reference to the description of the term "one embodiment," "some embodiments," "an example," "a specific example," or "some examples," etc., means that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the application. In this specification, the schematic representations of the terms used above are not necessarily intended to refer to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples. Furthermore, various embodiments or examples and features of different embodiments or examples described in this specification can be combined and combined by one skilled in the art without contradiction.

Furthermore, the terms "first", "second" and "first" are used for descriptive purposes only and are not to be construed as indicating or implying relative importance or implicitly indicating the number of technical features indicated. Thus, a feature defined as "first" or "second" may explicitly or implicitly include at least one such feature. In the description of the present application, "plurality" means at least two, e.g., two, three, etc., unless specifically limited otherwise.

Any process or method descriptions in flow charts or otherwise described herein may be understood as representing modules, segments, or portions of code which include one or more executable instructions for implementing steps of a custom logic function or process, and alternate implementations are included within the scope of the preferred embodiment of the present application in which functions may be executed out of order from that shown or discussed, including substantially concurrently or in reverse order, depending on the functionality involved, as would be understood by those reasonably skilled in the art of the present application.

The logic and/or steps represented in the flowcharts or otherwise described herein, e.g., an ordered listing of executable instructions that can be considered to implement logical functions, can be embodied in any computer-readable medium for use by or in connection with an instruction execution system, apparatus, or device, such as a computer-based system, processor-containing system, or other system that can fetch the instructions from the instruction execution system, apparatus, or device and execute the instructions. For the purposes of this description, a "computer-readable medium" can be any means that can contain, store, communicate, propagate, or transport the program for use by or in connection with the instruction execution system, apparatus, or device. More specific examples (a non-exhaustive list) of the computer-readable medium would include the following: an electrical connection portion (electronic device) having one or more wires, a portable computer cartridge (magnetic device), a Random Access Memory (RAM), a Read Only Memory (ROM), an Erasable Programmable Read Only Memory (EPROM) or a flash Memory, an optical fiber device, and a portable Compact Disc Read Only Memory (CD-ROM). Additionally, the computer-readable medium could even be paper or another suitable medium upon which the program is printed, as the program can be electronically captured, via for instance optical scanning of the paper or other medium, then compiled, interpreted or otherwise processed in a suitable manner if necessary, and then stored in a computer memory.

It should be understood that portions of the present application may be implemented in hardware, software, firmware, or a combination thereof. In the above embodiments, the various steps or methods may be implemented in software or firmware stored in memory and executed by a suitable instruction execution system. If implemented in hardware, as in another embodiment, any one or combination of the following techniques, which are known in the art, may be used: a discrete logic circuit having a logic Gate circuit for implementing a logic function on a data signal, an asic having an appropriate combinational logic Gate circuit, a Programmable Gate Array (PGA), a Field Programmable Gate Array (FPGA), and the like.

It will be understood by those skilled in the art that all or part of the steps carried by the method for implementing the above embodiments may be implemented by hardware related to instructions of a program, which may be stored in a computer readable storage medium, and when the program is executed, the program includes one or a combination of the steps of the method embodiments.

In addition, functional units in the embodiments of the present application may be integrated into one processing module, or each unit may exist alone physically, or two or more units are integrated into one module. The integrated module can be realized in a hardware mode, and can also be realized in a software functional module mode. The integrated module, if implemented in the form of a software functional module and sold or used as a stand-alone product, may also be stored in a computer readable storage medium.

The storage medium mentioned above may be a read-only memory, a magnetic or optical disk, etc. Although embodiments of the present application have been shown and described above, it is understood that the above embodiments are exemplary and should not be construed as limiting the present application, and that variations, modifications, substitutions and alterations may be made to the above embodiments by those of ordinary skill in the art within the scope of the present application.

Claims (11)

1. A control method of Internet of things equipment is characterized by comprising the following steps:

receiving an authorization request which is sent by terminal equipment and corresponds to the created order, wherein the authorization request is used for requesting to control the specified Internet of things equipment;

calculating to obtain a token corresponding to the order according to the secret key of the Internet of things equipment and the order identifier of the order;

sending the token to the terminal equipment, so that after the terminal equipment generates a control instruction according to the token, the order identification of the order and an operation instruction for the Internet of things equipment, the terminal equipment sends the control instruction to the Internet of things equipment to control the Internet of things equipment;

further comprising: after the order is finished, checking whether the Internet of things equipment has an associated order or not;

and if not, negotiating with the Internet of things equipment to update the secret key, and storing the updated secret key.

2. The method of claim 1, wherein after sending the token to the terminal device, further comprising:

receiving an inquiry request sent by the Internet of things equipment, wherein the inquiry request is used for inquiring whether an order corresponding to an order identification in the control instruction is legal or not;

and sending a query result to the Internet of things equipment so that the Internet of things equipment executes an operation instruction in the control instruction when the query result indicates that the order corresponding to the order identification in the control instruction is legal.

3. The method according to claim 1 or 2, wherein after receiving the authorization request sent by the terminal device creating the order, the method further comprises:

checking the validity of the authorization request;

and after the authorization request is determined to be legal, executing the step of calculating and obtaining the token corresponding to the order according to the secret key of the Internet of things equipment and the order identifier of the order.

4. A control method of Internet of things equipment is characterized by comprising the following steps:

sending an authorization request corresponding to the created order to a cloud server, wherein the authorization request is used for requesting to control the specified Internet of things equipment;

receiving a token sent by the cloud server, wherein the token is calculated by the cloud server according to the key of the internet of things device and the order identifier of the order, and the key of the internet of things device is updated after the order is finished;

generating a control instruction according to the token, the order identification of the order and the operation instruction of the Internet of things equipment;

and sending the control instruction to the Internet of things equipment, so that the Internet of things equipment authenticates the token in the control instruction after receiving the control instruction, and executes the operation instruction in the control instruction after the token passes the authentication.

5. A control method of Internet of things equipment is characterized by comprising the following steps:

receiving a control instruction sent by terminal equipment, wherein the control instruction is generated by the terminal equipment according to a token sent by a cloud server, an order identifier of a current order created by the terminal equipment and an operation instruction for the Internet of things equipment, the token is calculated by the cloud server according to a secret key of the Internet of things equipment and the order identifier of the current order, and the secret key of the Internet of things equipment is updated after an order is finished;

authenticating the token in the control instruction;

after the authentication is passed, executing an operation instruction in the control instruction;

receiving a key negotiation request sent by the cloud server, wherein the key negotiation request is sent after the cloud server determines that the Internet of things equipment has no associated order;

and negotiating with the cloud server to update the secret key, and storing the updated secret key.

6. The method of claim 5, wherein authenticating the token in the control instruction comprises:

calculating to obtain a token according to a private key of the user and an order mark in the control instruction;

comparing the token obtained by calculation with the token in the control instruction;

if the calculated token is the same as the token in the control instruction, determining that the authentication is passed;

and if the calculated token is not the same as the token in the control instruction, determining that the authentication is not passed.

7. The method according to claim 5 or 6, wherein after receiving the control instruction sent by the terminal device, the method further comprises:

sending an inquiry request to the cloud server, wherein the inquiry request is used for inquiring whether an order corresponding to the order identification in the control instruction is legal or not;

receiving a query result sent by the cloud server;

and when the query result indicates that the order corresponding to the order identification in the control instruction is legal, executing the operation instruction in the control instruction.

8. The utility model provides a controlling means of thing networking device which characterized in that includes:

the receiving module is used for receiving an authorization request which is sent by the terminal equipment and corresponds to the created order, and the authorization request is used for requesting to control the specified Internet of things equipment;

the computing module is used for computing and obtaining a token corresponding to the order according to the secret key of the Internet of things equipment and the order identifier of the order;

the sending module is used for sending the token to the terminal equipment so that the terminal equipment generates a control instruction according to the token, the order identification of the order and the operation instruction of the Internet of things equipment, and then sends the control instruction to the Internet of things equipment so as to control the Internet of things equipment;

the checking module is used for checking whether the Internet of things equipment has related orders or not after the order is finished;

and the updating module is used for negotiating with the Internet of things equipment to update the secret key and storing the updated secret key when the checking module determines that the Internet of things equipment does not have the associated order.

9. The utility model provides a controlling means of thing networking device which characterized in that includes:

the sending module is used for sending an authorization request corresponding to the created order to the cloud server, and the authorization request is used for requesting to control the specified Internet of things equipment;

the receiving module is used for receiving a token sent by the cloud server, wherein the token is calculated by the cloud server according to a secret key of the Internet of things equipment and the order mark of the order; wherein the secret key of the Internet of things equipment is updated after the order is finished

The generating module is used for generating a control instruction according to the token, the order identification of the order and the operation instruction of the Internet of things equipment;

the sending module is further configured to send the control instruction to the internet of things device, so that the internet of things device authenticates the token in the control instruction after receiving the control instruction, and executes the operation instruction in the control instruction after the token passes the authentication.

10. The utility model provides a controlling means of thing networking device which characterized in that includes:

the system comprises a receiving module and a processing module, wherein the receiving module is used for receiving a control instruction sent by terminal equipment, the control instruction is generated by the terminal equipment according to a token sent by a cloud server, an order identifier of a current order created by the terminal equipment and an operation instruction of the internet of things equipment, the token is calculated by the cloud server according to a secret key of the internet of things equipment and the order identifier of the current order, and the secret key of the internet of things equipment is updated after an order is finished;

the authentication module is used for authenticating the token in the control instruction;

the execution module is used for executing the operation instruction in the control instruction after the authentication is passed;

further comprising: an update module;

the receiving module is further configured to receive a key negotiation request sent by the cloud server after the executing module executes an operation instruction in the control instruction, where the key negotiation request is sent by the cloud server after the cloud server determines that the internet of things device has no associated order;

and the updating module is used for negotiating with the cloud server to update the secret key and storing the updated secret key.

11. The apparatus of claim 10, wherein the authentication module comprises:

the token calculation submodule is used for calculating and obtaining a token according to a private key of the token calculation submodule and an order mark in the control instruction;

the comparison submodule is used for comparing the token obtained by the token calculation submodule through calculation with the token in the control instruction;

the determining submodule is used for determining that the authentication is passed when the calculated token is the same as the token in the control instruction; and when the calculated token is not the same as the token in the control instruction, determining that the authentication is not passed.

Images