CN109672683B - Binding method and binding device of Internet of things equipment and terminal equipment - Google Patents
Binding method and binding device of Internet of things equipment and terminal equipment Download PDFInfo
- Publication number
- CN109672683B CN109672683B CN201811589950.7A CN201811589950A CN109672683B CN 109672683 B CN109672683 B CN 109672683B CN 201811589950 A CN201811589950 A CN 201811589950A CN 109672683 B CN109672683 B CN 109672683B
- Authority
- CN
- China
- Prior art keywords
- equipment
- authentication
- terminal
- user terminal
- identification code
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
Abstract
The application is applicable to the technical field of communication, and provides a binding method and a binding device for Internet of things equipment and terminal equipment, and the binding method and the binding device comprise the following steps: receiving a binding request sent by a user terminal, wherein the binding request comprises a device identification code of the user terminal and a device identification code of a device terminal to be bound; authenticating the user terminal and the equipment terminal respectively according to the binding request; and if the authentication of the user terminal and the authentication of the equipment terminal are both passed, binding the equipment identification code of the user terminal with the equipment identification code of the equipment terminal. By the method, when the Internet of things equipment is bound, the safety of the equipment can be effectively guaranteed.
Description
Technical Field
The application relates to the technical field of communication, in particular to a binding method and a binding device for Internet of things equipment and terminal equipment.
Background
The internet of things is the internet with the object connected, the core and the foundation of the internet of things are still the internet, and the internet of things is an extended and expanded network on the basis of the internet, so that information exchange and communication between the objects are realized. With the development of internet technology, the internet of things gradually becomes an important component of a new generation of information technology and permeates into various industries.
Before communication is carried out between devices in the internet of things, related devices need to be bound firstly. The existing method for binding the equipment of the Internet of things cannot ensure the safety of the equipment identity, so that the Internet of things has greater potential safety hazard.
Disclosure of Invention
In view of this, embodiments of the present application provide a binding method and a binding device for internet of things devices, and a terminal device, so as to solve the problem that security of devices cannot be guaranteed when the internet of things devices are bound in the prior art.
A first aspect of an embodiment of the present application provides a method for binding internet of things devices, including:
receiving a binding request sent by a user terminal, wherein the binding request comprises a device identification code of the user terminal and a device identification code of a device terminal to be bound;
authenticating the user terminal and the equipment terminal respectively according to the binding request;
and if the authentication of the user terminal and the authentication of the equipment terminal are both passed, binding the equipment identification code of the user terminal with the equipment identification code of the equipment terminal.
A second aspect of the embodiments of the present application provides a binding apparatus for internet of things devices, including:
the device comprises a receiving unit, a binding unit and a processing unit, wherein the receiving unit is used for receiving a binding request sent by a user terminal, and the binding request comprises a device identification code of the user terminal and a device identification code of a device terminal to be bound;
the authentication unit is used for authenticating the user terminal and the equipment terminal respectively according to the binding request;
and the binding unit is used for binding the equipment identification code of the user terminal with the equipment identification code of the equipment terminal if the user terminal and the equipment terminal are authenticated.
A third aspect of an embodiment of the present application provides a terminal device, including a memory, a processor, and a computer program stored in the memory and executable on the processor, where the processor implements the steps of the method provided in the first aspect of the embodiment of the present application when executing the computer program.
A fourth aspect of embodiments of the present application provides a computer-readable storage medium storing a computer program which, when executed by one or more processors, performs the steps of the method provided by the first aspect of embodiments of the present application.
Compared with the prior art, the embodiment of the application has the advantages that:
the method comprises the steps that a binding request sent by a user terminal is received, and the user terminal and the equipment terminal are authenticated according to an equipment identification code of the user terminal and an equipment identification code of the equipment terminal to be bound in the binding request; and if the authentication of the user terminal and the authentication of the equipment terminal are both passed, binding the user terminal and the equipment terminal. By the method, the user terminal and the equipment terminal are subjected to double authentication, and the safety of the Internet of things equipment is effectively guaranteed.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings needed to be used in the embodiments or the prior art descriptions will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without inventive exercise.
Fig. 1 is a schematic implementation flow diagram of a binding method for internet of things devices provided in an embodiment of the present application;
fig. 2 is a schematic diagram of a binding apparatus of an internet of things device provided in an embodiment of the present application;
fig. 3 is a schematic diagram of a terminal device provided in an embodiment of the present application.
Detailed Description
In the following description, for purposes of explanation and not limitation, specific details are set forth, such as particular system structures, techniques, etc. in order to provide a thorough understanding of the embodiments of the present application. It will be apparent, however, to one skilled in the art that the present application may be practiced in other embodiments that depart from these specific details. In other instances, detailed descriptions of well-known systems, devices, circuits, and methods are omitted so as not to obscure the description of the present application with unnecessary detail.
It will be understood that the terms "comprises" and/or "comprising," when used in this specification and the appended claims, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof.
It is also to be understood that the terminology used in the description of the present application herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the application. As used in the specification of the present application and the appended claims, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise.
It should be further understood that the term "and/or" as used in this specification and the appended claims refers to and includes any and all possible combinations of one or more of the associated listed items.
As used in this specification and the appended claims, the term "if" may be interpreted contextually as "when", "upon" or "in response to a determination" or "in response to a detection". Similarly, the phrase "if it is determined" or "if a [ described condition or event ] is detected" may be interpreted contextually to mean "upon determining" or "in response to determining" or "upon detecting [ described condition or event ]" or "in response to detecting [ described condition or event ]".
In order to explain the technical solution described in the present application, the following description will be given by way of specific examples.
Fig. 1 is a schematic implementation flow diagram of a binding method for internet of things devices provided in an embodiment of the present application, and as shown in the figure, the method may include the following steps:
step S101, receiving a binding request sent by a user terminal, wherein the binding request comprises a device identification code of the user terminal and a device identification code of a device terminal to be bound.
In the embodiment of the present application, the description is made in terms of an internet of things association platform. In practice, the user terminal sends a binding request to the internet of things association platform, the internet of things association platform authenticates the user terminal and the equipment terminal according to the binding request, and after the double authentication is passed, the internet of things association platform binds the user terminal and the equipment terminal.
The internet of things may include a user terminal and an equipment terminal, for example, the user terminal may be a mobile phone, a pad, a notebook computer, etc. of a user; the device terminal may be a controlled terminal, such as a home appliance (air conditioner, electric cooker, water heater, etc.), an outdoor device (automobile, aircraft, etc.), a home device (door lock, safe, etc.), and so on.
And step S102, authenticating the user terminal and the equipment terminal respectively according to the binding request.
In one embodiment, the authenticating the user terminal and the device terminal according to the binding request respectively includes:
and S11, sending an identity authentication request and the equipment identification code of the user terminal in the binding request to a preset identity authentication server, wherein the identity authentication request is used for instructing the identity authentication server to send a signature instruction to an SIM card corresponding to the user terminal, performing identity authentication according to a signature value returned by the SIM card and corresponding to the signature instruction, and returning a first authentication result corresponding to the identity authentication request after the identity authentication is passed, and the signature instruction is used for instructing the SIM card to acquire an identity authentication password input by the user in the user terminal, perform signature according to the identity authentication password to obtain a signature value, and returning the signature value to the identity authentication server.
In one embodiment, the SIM card corresponding to the user terminal is a SIM card installed with a network identity of a user. The network identity may be a trusted identity based on CTID (identity certificate applied to the internet, which is proposed by the first institute of public security ministry, and is a national legal certificate and identity certificate approved by the public security ministry based on identity card making data), or a network identity based on EID (network identity signed by the network identity recognition system of the public security ministry to the citizen). The user can transact the SIM with the network identity in advance, install the SIM in the user terminal and activate the trusted identity authentication function in the SIM card.
In practical applications, the preset identity authentication server may be a third party authentication server for authenticating the identity of the user. After receiving an identity authentication request sent by an Internet of things association platform, an identity authentication server sends a signature instruction to an SIM card in a user terminal, the SIM card prompts a user to input an identity authentication password (the identity authentication password can be an SIM password obtained when a network identity is opened) through the user terminal, and the SIM card signs the password after acquiring the identity authentication password input by the user to obtain a signature value and returns the signature value to the identity authentication server; and the identity authentication server verifies the signature value and returns a first authentication result to the Internet of things association platform after the verification is passed.
S12, after receiving the first authentication result corresponding to the identity authentication request returned by the identity authentication server, determining whether the first authentication result is that the identity authentication is passed.
And S13, if the first authentication result is that identity authentication is passed, sending an equipment authentication request and the equipment identification code of the equipment terminal in the binding request to a preset equipment authentication server, wherein the equipment authentication request is used for indicating the equipment authentication server to perform security authentication on the Internet of things equipment corresponding to the equipment identification code of the equipment terminal, and returning a second authentication result corresponding to the equipment authentication request after the security authentication is passed.
In practical applications, the preset device authentication server may be a third party authentication server for authenticating the device security. And the Internet of things association platform sends the equipment authentication request to the equipment authentication server, and the equipment authentication server performs security authentication on the equipment terminal according to the equipment identification code of the equipment terminal and returns a second authentication result after the authentication is passed.
S14, after receiving a second authentication result corresponding to the device authentication request returned by the device authentication server, determines whether the second authentication result is a security authentication pass.
And S15, if the second authentication result is that the security authentication is passed, determining that the authentication on the user identity and the Internet of things equipment is passed.
In the embodiment of the application, the user identity needs to be authenticated, the equipment needs to be authenticated, and the user terminal and the equipment terminal can be bound after the double authentication is passed, so that the safety of the equipment of the internet of things is effectively guaranteed.
In one embodiment, before authenticating the user terminal and the device terminal respectively according to the binding request, the method further includes:
and judging whether the equipment identification code of the user terminal and the equipment identification code of the equipment terminal are bound or not.
If the equipment identification code of the user terminal is bound with the equipment identification code of the equipment terminal, sending a prompt instruction to the user terminal, wherein the prompt instruction is used for indicating the user terminal to display preset prompt information to a user, and the prompt information is used for indicating that the equipment identification code of the user terminal is bound with the equipment identification code of the equipment terminal.
And if the equipment identification code of the user terminal is not bound with the equipment identification code of the equipment terminal, respectively authenticating the user terminal and the equipment terminal according to the binding request.
Step S103, if the authentication of the user terminal and the authentication of the equipment terminal are both passed, the equipment identification code of the user terminal and the equipment identification code of the equipment terminal are bound.
The method comprises the steps that a binding request sent by a user terminal is received, and the user terminal and the equipment terminal are authenticated according to an equipment identification code of the user terminal and an equipment identification code of the equipment terminal to be bound in the binding request; and if the authentication of the user terminal and the authentication of the equipment terminal are both passed, binding the user terminal and the equipment terminal. By the method, the user terminal and the equipment terminal are subjected to double authentication, and the safety of the Internet of things equipment is effectively guaranteed.
It should be understood that, the sequence numbers of the steps in the foregoing embodiments do not imply an execution sequence, and the execution sequence of each process should be determined by its function and inherent logic, and should not constitute any limitation to the implementation process of the embodiments of the present application.
Fig. 2 is a schematic diagram of a binding apparatus of an internet of things device provided in an embodiment of the present application, and for convenience of description, only a part related to the embodiment of the present application is shown.
The binding device of the internet of things device shown in fig. 2 may be a software unit, a hardware unit, or a combination of software and hardware unit built in the existing terminal device, may also be integrated into the terminal device as an independent pendant, and may also exist as an independent terminal device.
The binding device 2 of the internet of things equipment comprises:
a receiving unit 21, configured to receive a binding request sent by a user terminal, where the binding request includes a device identifier of the user terminal and a device identifier of a device terminal to be bound.
And an authentication unit 22, configured to authenticate the user terminal and the device terminal respectively according to the binding request.
A binding unit 23, configured to bind the device identification code of the user terminal with the device identification code of the device terminal if the user terminal and the device terminal are authenticated.
Optionally, the authentication unit 22 includes:
the first sending module is used for sending an identity authentication request and an equipment identification code of the user terminal in the binding request to a preset identity authentication server, wherein the identity authentication request is used for indicating the identity authentication server to send a signature instruction to an SIM card corresponding to the user terminal, performing identity authentication according to a signature value returned by the SIM card and corresponding to the signature instruction, and returning a first authentication result corresponding to the identity authentication request after the identity authentication is passed, and the signature instruction is used for indicating the SIM card to acquire an identity authentication password input by a user in the user terminal, perform signature according to the identity authentication password to obtain a signature value, and return the signature value to the identity authentication server.
And the first judgment module is used for judging whether the first authentication result is passed after receiving the first authentication result corresponding to the identity authentication request returned by the identity authentication server.
And the second sending module is used for sending the equipment identification code of the equipment terminal in the equipment authentication request and the binding request to a preset equipment authentication server if the first authentication result is that the identity authentication is passed, wherein the equipment authentication request is used for indicating the equipment authentication server to perform security authentication on the internet of things equipment corresponding to the equipment identification code of the equipment terminal, and returning a second authentication result corresponding to the equipment authentication request after the security authentication is passed.
And the second judgment module is used for judging whether the second authentication result is passed by the security authentication after receiving a second authentication result corresponding to the equipment authentication request returned by the equipment authentication server.
And the pass module is used for judging that the identity of the user and the Internet of things equipment are authenticated if the second authentication result is that the security authentication passes.
Optionally, the apparatus 2 further includes:
a determining unit, configured to determine whether the device identifier of the user terminal and the device identifier of the device terminal are bound before the user terminal and the device terminal are respectively authenticated according to the binding request;
a sending unit, configured to send a prompt instruction to the user terminal if the device identification code of the user terminal is bound to the device identification code of the device terminal, where the prompt instruction is used to instruct the user terminal to display preset prompt information to a user, and the prompt information is used to indicate that the device identification code of the user terminal is bound to the device identification code of the device terminal;
and the authentication unit is further used for authenticating the user terminal and the equipment terminal according to the binding request if the equipment identification code of the user terminal is not bound with the equipment identification code of the equipment terminal.
Optionally, the SIM card corresponding to the user terminal is an SIM card installed with a network identity of the user.
It will be apparent to those skilled in the art that, for convenience and brevity of description, only the above-mentioned division of the functional units and modules is illustrated, and in practical applications, the above-mentioned function distribution may be performed by different functional units and modules according to needs, that is, the internal structure of the apparatus is divided into different functional units or modules to perform all or part of the above-mentioned functions. Each functional unit and module in the embodiments may be integrated in one processing unit, or each unit may exist alone physically, or two or more units are integrated in one unit, and the integrated unit may be implemented in a form of hardware, or in a form of software functional unit. In addition, specific names of the functional units and modules are only for convenience of distinguishing from each other, and are not used for limiting the protection scope of the present application. The specific working processes of the units and modules in the system may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
Fig. 3 is a schematic diagram of a terminal device provided in an embodiment of the present application. As shown in fig. 3, the terminal device 3 of this embodiment includes: a processor 30, a memory 31 and a computer program 32 stored in said memory 31 and executable on said processor 30. The processor 30, when executing the computer program 32, implements the steps in the binding method embodiments of the internet of things devices, such as the steps S101 to S103 shown in fig. 1. Alternatively, the processor 30, when executing the computer program 32, implements the functions of the modules/units in the above-mentioned device embodiments, such as the functions of the modules 21 to 23 shown in fig. 2.
Illustratively, the computer program 32 may be partitioned into one or more modules/units that are stored in the memory 31 and executed by the processor 30 to accomplish the present application. The one or more modules/units may be a series of computer program instruction segments capable of performing specific functions, which are used to describe the execution process of the computer program 32 in the terminal device 3. For example, the computer program 32 may be divided into a receiving unit, an authentication unit, and a binding unit, and the specific functions of each unit are as follows:
the device comprises a receiving unit and a binding unit, wherein the receiving unit is used for receiving a binding request sent by a user terminal, and the binding request comprises a device identification code of the user terminal and a device identification code of a device terminal to be bound.
And the authentication unit is used for authenticating the user terminal and the equipment terminal respectively according to the binding request.
And the binding unit is used for binding the equipment identification code of the user terminal with the equipment identification code of the equipment terminal if the user terminal and the equipment terminal are authenticated.
Optionally, the authentication unit includes:
the first sending module is used for sending an identity authentication request and an equipment identification code of the user terminal in the binding request to a preset identity authentication server, wherein the identity authentication request is used for indicating the identity authentication server to send a signature instruction to an SIM card corresponding to the user terminal, performing identity authentication according to a signature value returned by the SIM card and corresponding to the signature instruction, and returning a first authentication result corresponding to the identity authentication request after the identity authentication is passed, and the signature instruction is used for indicating the SIM card to acquire an identity authentication password input by a user in the user terminal, perform signature according to the identity authentication password to obtain a signature value, and return the signature value to the identity authentication server.
And the first judgment module is used for judging whether the first authentication result is passed after receiving the first authentication result corresponding to the identity authentication request returned by the identity authentication server.
And the second sending module is used for sending the equipment identification code of the equipment terminal in the equipment authentication request and the binding request to a preset equipment authentication server if the first authentication result is that the identity authentication is passed, wherein the equipment authentication request is used for indicating the equipment authentication server to perform security authentication on the internet of things equipment corresponding to the equipment identification code of the equipment terminal, and returning a second authentication result corresponding to the equipment authentication request after the security authentication is passed.
And the second judgment module is used for judging whether the second authentication result is passed by the security authentication after receiving a second authentication result corresponding to the equipment authentication request returned by the equipment authentication server.
And the pass module is used for judging that the identity of the user and the Internet of things equipment are authenticated if the second authentication result is that the security authentication passes.
Optionally, the computer program further comprises:
a determining unit, configured to determine whether the device identifier of the user terminal and the device identifier of the device terminal are bound before the user terminal and the device terminal are respectively authenticated according to the binding request;
a sending unit, configured to send a prompt instruction to the user terminal if the device identification code of the user terminal is bound to the device identification code of the device terminal, where the prompt instruction is used to instruct the user terminal to display preset prompt information to a user, and the prompt information is used to indicate that the device identification code of the user terminal is bound to the device identification code of the device terminal;
and the authentication unit is further used for authenticating the user terminal and the equipment terminal according to the binding request if the equipment identification code of the user terminal is not bound with the equipment identification code of the equipment terminal.
Optionally, the SIM card corresponding to the user terminal is an SIM card installed with a network identity of the user.
The terminal device 3 may be a desktop computer, a notebook, a palm computer, a cloud server, or other computing devices. The terminal device may include, but is not limited to, a processor 30, a memory 31. It will be understood by those skilled in the art that fig. 3 is only an example of the terminal device 3, and does not constitute a limitation to the terminal device 3, and may include more or less components than those shown, or combine some components, or different components, for example, the terminal device may also include an input-output device, a network access device, a bus, etc.
The Processor 30 may be a Central Processing Unit (CPU), other general purpose Processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), an off-the-shelf Programmable Gate Array (FPGA) or other Programmable logic device, discrete Gate or transistor logic, discrete hardware components, etc. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
The memory 31 may be an internal storage unit of the terminal device 3, such as a hard disk or a memory of the terminal device 3. The memory 31 may also be an external storage device of the terminal device 3, such as a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), and the like, which are provided on the terminal device 3. Further, the memory 31 may also include both an internal storage unit and an external storage device of the terminal device 3. The memory 31 is used for storing the computer program and other programs and data required by the terminal device. The memory 31 may also be used to temporarily store data that has been output or is to be output.
In the above embodiments, the descriptions of the respective embodiments have respective emphasis, and reference may be made to the related descriptions of other embodiments for parts that are not described or illustrated in a certain embodiment.
Those of ordinary skill in the art will appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
In the embodiments provided in the present application, it should be understood that the disclosed apparatus/terminal device and method may be implemented in other ways. For example, the above-described embodiments of the apparatus/terminal device are merely illustrative, and for example, the division of the modules or units is only one logical division, and there may be other divisions when actually implemented, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The integrated modules/units, if implemented in the form of software functional units and sold or used as separate products, may be stored in a computer readable storage medium. Based on such understanding, all or part of the flow in the method of the embodiments described above can be realized by a computer program, which can be stored in a computer-readable storage medium and can realize the steps of the embodiments of the methods described above when the computer program is executed by a processor. Wherein the computer program comprises computer program code, which may be in the form of source code, object code, an executable file or some intermediate form, etc. The computer-readable medium may include: any entity or device capable of carrying the computer program code, recording medium, usb disk, removable hard disk, magnetic disk, optical disk, computer Memory, Read-Only Memory (ROM), Random Access Memory (RAM), electrical carrier wave signals, telecommunications signals, software distribution medium, and the like. It should be noted that the computer readable medium may contain other components which may be suitably increased or decreased as required by legislation and patent practice in jurisdictions, for example, in some jurisdictions, computer readable media which may not include electrical carrier signals and telecommunications signals in accordance with legislation and patent practice.
The above-mentioned embodiments are only used for illustrating the technical solutions of the present application, and not for limiting the same; although the present application has been described in detail with reference to the foregoing embodiments, it should be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; such modifications and substitutions do not substantially depart from the spirit and scope of the embodiments of the present application and are intended to be included within the scope of the present application.
Claims (8)
1. A binding method of Internet of things equipment is used for an Internet of things association platform, and is characterized by comprising the following steps:
receiving a binding request sent by a user terminal, wherein the binding request comprises a device identification code of the user terminal and a device identification code of a device terminal to be bound;
authenticating the user terminal and the equipment terminal respectively according to the binding request;
if the authentication of the user terminal and the authentication of the equipment terminal are both passed, binding the equipment identification code of the user terminal with the equipment identification code of the equipment terminal;
the respectively authenticating the user terminal and the equipment terminal according to the binding request comprises:
sending an identity authentication request and an equipment identification code of a user terminal in the binding request to a preset identity authentication server, wherein the identity authentication request is used for indicating the identity authentication server to send a signature instruction to an SIM card corresponding to the user terminal, performing identity authentication according to a signature value returned by the SIM card and corresponding to the signature instruction, and returning a first authentication result corresponding to the identity authentication request after the identity authentication is passed, and the signature instruction is used for indicating the SIM card to acquire an identity authentication password input by a user in the user terminal, perform signature according to the identity authentication password to obtain a signature value, and return the signature value to the identity authentication server;
after receiving a first authentication result corresponding to the identity authentication request returned by the identity authentication server, judging whether the first authentication result is passed through identity authentication;
if the first authentication result is that identity authentication is passed, sending an equipment authentication request and an equipment identification code of the equipment terminal in the binding request to a preset equipment authentication server, wherein the equipment authentication request is used for indicating the equipment authentication server to perform security authentication on the Internet of things equipment corresponding to the equipment identification code of the equipment terminal, and returning a second authentication result corresponding to the equipment authentication request after the security authentication is passed;
after receiving a second authentication result corresponding to the equipment authentication request returned by the equipment authentication server, judging whether the second authentication result is passed through safety authentication;
and if the second authentication result is that the security authentication is passed, judging that the authentication on the user identity and the authentication on the Internet of things equipment are both passed.
2. The method for binding internet of things devices according to claim 1, further comprising, before authenticating the user terminal and the device terminal respectively according to the binding request:
judging whether the equipment identification code of the user terminal and the equipment identification code of the equipment terminal are bound or not;
if the equipment identification code of the user terminal is bound with the equipment identification code of the equipment terminal, sending a prompt instruction to the user terminal, wherein the prompt instruction is used for indicating the user terminal to display preset prompt information to a user, and the prompt information is used for indicating that the equipment identification code of the user terminal is bound with the equipment identification code of the equipment terminal;
and if the equipment identification code of the user terminal is not bound with the equipment identification code of the equipment terminal, respectively authenticating the user terminal and the equipment terminal according to the binding request.
3. The method for binding internet of things devices as claimed in any one of claims 1 or 2, wherein the SIM card corresponding to the user terminal is a SIM card installed with a network identity of a user.
4. A binding device of Internet of things equipment is used for an Internet of things association platform and is characterized by comprising:
the device comprises a receiving unit, a binding unit and a processing unit, wherein the receiving unit is used for receiving a binding request sent by a user terminal, and the binding request comprises a device identification code of the user terminal and a device identification code of a device terminal to be bound;
the authentication unit is used for authenticating the user terminal and the equipment terminal respectively according to the binding request;
a binding unit, configured to bind the device identification code of the user terminal with the device identification code of the device terminal if the user terminal and the device terminal are authenticated;
the authentication unit includes:
a first sending module, configured to send an identity authentication request and an equipment identity of a user terminal in the binding request to a preset identity authentication server, where the identity authentication request is used to instruct the identity authentication server to send a signature instruction to an SIM card corresponding to the user terminal, perform identity authentication according to a signature value returned by the SIM card and corresponding to the signature instruction, and return a first authentication result corresponding to the identity authentication request after the identity authentication passes, where the signature instruction is used to instruct the SIM card to obtain an identity authentication password input by a user in the user terminal, perform a signature according to the identity authentication password to obtain a signature value, and return the signature value to the identity authentication server;
the first judgment module is used for judging whether a first authentication result corresponding to the identity authentication request returned by the identity authentication server passes the identity authentication or not after receiving the first authentication result;
a second sending module, configured to send, if the first authentication result is that identity authentication passes, an equipment identification code of the equipment terminal in an equipment authentication request and the binding request to a preset equipment authentication server, where the equipment authentication request is used to instruct the equipment authentication server to perform security authentication on the internet of things equipment corresponding to the equipment identification code of the equipment terminal, and return a second authentication result corresponding to the equipment authentication request after the security authentication passes;
the second judgment module is used for judging whether a second authentication result corresponding to the equipment authentication request returned by the equipment authentication server passes the safety authentication or not after receiving the second authentication result;
and the pass module is used for judging that the identity of the user and the Internet of things equipment are authenticated if the second authentication result is that the security authentication passes.
5. The internet-of-things device binding apparatus of claim 4, wherein the apparatus further comprises:
a determining unit, configured to determine whether the device identifier of the user terminal and the device identifier of the device terminal are bound before the user terminal and the device terminal are respectively authenticated according to the binding request;
a sending unit, configured to send a prompt instruction to the user terminal if the device identification code of the user terminal is bound to the device identification code of the device terminal, where the prompt instruction is used to instruct the user terminal to display preset prompt information to a user, and the prompt information is used to indicate that the device identification code of the user terminal is bound to the device identification code of the device terminal;
and the authentication unit is further used for authenticating the user terminal and the equipment terminal according to the binding request if the equipment identification code of the user terminal is not bound with the equipment identification code of the equipment terminal.
6. The binding apparatus of the internet of things device of any one of claims 4 or 5, wherein the SIM card corresponding to the user terminal is a SIM card installed with a network identity of a user.
7. A terminal device comprising a memory, a processor and a computer program stored in the memory and executable on the processor, characterized in that the processor implements the steps of the method according to any of claims 1 to 3 when executing the computer program.
8. A computer-readable storage medium, in which a computer program is stored which, when being executed by a processor, carries out the steps of the method according to any one of claims 1 to 3.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811589950.7A CN109672683B (en) | 2018-12-25 | 2018-12-25 | Binding method and binding device of Internet of things equipment and terminal equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811589950.7A CN109672683B (en) | 2018-12-25 | 2018-12-25 | Binding method and binding device of Internet of things equipment and terminal equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109672683A CN109672683A (en) | 2019-04-23 |
| CN109672683B true CN109672683B (en) | 2021-07-20 |
Family
ID=66146085
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811589950.7A Active CN109672683B (en) | 2018-12-25 | 2018-12-25 | Binding method and binding device of Internet of things equipment and terminal equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109672683B (en) |
Families Citing this family (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110233820A (en) * | 2019-04-25 | 2019-09-13 | 深圳市元征科技股份有限公司 | A kind of right management method of vehicle diagnostics, system and server, terminal |
| CN110176091B (en) * | 2019-05-15 | 2022-03-25 | 广东好太太智能家居有限公司 | Method for improving security of intelligent lock through mobile terminal equipment code |
| CN110225003B (en) * | 2019-05-24 | 2022-12-06 | 青岛海尔科技有限公司 | Equipment authorization and authentication method, system and server |
| CN110636062B (en) * | 2019-09-20 | 2022-02-08 | 百度在线网络技术(北京)有限公司 | Method and device for controlling secure interaction of equipment, electronic equipment and storage medium |
| CN111478774B (en) * | 2020-04-09 | 2022-07-22 | 确信信息股份有限公司 | Secret key authorization method and system based on voice authentication |
| CN112804102B (en) * | 2021-01-12 | 2023-05-16 | 北京嘀嘀无限科技发展有限公司 | Equipment binding method, device and terminal |
| CN112469042B (en) * | 2021-01-28 | 2021-05-25 | 北京树米网络科技有限公司 | System for locking bound equipment, module and subscriber identity module |
| CN113329056B (en) * | 2021-04-30 | 2023-12-01 | 河海大学 | Binding method, binding device and binding system for Internet of things equipment and user terminal |
| CN113490207B (en) * | 2021-06-29 | 2024-02-06 | 深圳Tcl新技术有限公司 | Internet of things equipment binding method and device, computer equipment and storage medium |
| CN113904847B (en) * | 2021-10-09 | 2022-07-15 | 天翼物联科技有限公司 | Cloud platform binding method, system, equipment and medium of Internet of things card |
| CN115208916A (en) * | 2022-06-27 | 2022-10-18 | 广州广日电梯工业有限公司 | Method, system and device for binding Internet of things terminal and elevator and storage medium |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101778380A (en) * | 2009-12-31 | 2010-07-14 | 卓望数码技术(深圳)有限公司 | Identity authentication method, device and system |
| CN104468577A (en) * | 2014-12-09 | 2015-03-25 | 广东美的制冷设备有限公司 | Binding method and system for mobile terminal and household appliance terminal |
| CN104580549A (en) * | 2014-12-26 | 2015-04-29 | 广东美的制冷设备有限公司 | Controlled terminal and control terminal correlation method and system |
| CN105871864A (en) * | 2016-04-20 | 2016-08-17 | 中国联合网络通信集团有限公司 | Mobile terminal identity authentication method and device |
| CN108122112A (en) * | 2017-12-14 | 2018-06-05 | 杨宪国 | Electronic ID card based on authentication device signs and issues certification and safety payment system |
| CN108234385A (en) * | 2016-12-12 | 2018-06-29 | 中国移动通信集团公司 | A kind of method for authenticating user identity and device |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20140143451A1 (en) * | 2012-11-16 | 2014-05-22 | Microsoft Corporation | Binding control devices to a computing system |
-
2018
- 2018-12-25 CN CN201811589950.7A patent/CN109672683B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101778380A (en) * | 2009-12-31 | 2010-07-14 | 卓望数码技术(深圳)有限公司 | Identity authentication method, device and system |
| CN104468577A (en) * | 2014-12-09 | 2015-03-25 | 广东美的制冷设备有限公司 | Binding method and system for mobile terminal and household appliance terminal |
| CN104580549A (en) * | 2014-12-26 | 2015-04-29 | 广东美的制冷设备有限公司 | Controlled terminal and control terminal correlation method and system |
| CN105871864A (en) * | 2016-04-20 | 2016-08-17 | 中国联合网络通信集团有限公司 | Mobile terminal identity authentication method and device |
| CN108234385A (en) * | 2016-12-12 | 2018-06-29 | 中国移动通信集团公司 | A kind of method for authenticating user identity and device |
| CN108122112A (en) * | 2017-12-14 | 2018-06-05 | 杨宪国 | Electronic ID card based on authentication device signs and issues certification and safety payment system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109672683A (en) | 2019-04-23 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109672683B (en) | Binding method and binding device of Internet of things equipment and terminal equipment | |
| CN109361697B (en) | Method for realizing credible identity authentication based on SIM card loading PKI | |
| US20120167194A1 (en) | Client hardware authenticated transactions | |
| CN110784450A (en) | Single sign-on method and device based on browser | |
| CN111161056A (en) | Method, system and equipment for improving transaction security of digital assets | |
| CN105868970A (en) | Authentication method and electronic device | |
| CN113239397A (en) | Information access method, device, computer equipment and medium | |
| CN115310056A (en) | Block chain-based digital collection issuing supervision method and device and storage medium | |
| CN109040088B (en) | Authentication information transmission method, key management client and computer equipment | |
| CN111104653B (en) | User operation processing method and device, electronic equipment and readable storage medium | |
| CN109858235B (en) | Portable equipment and password obtaining method and device thereof | |
| CN116707758A (en) | Authentication method, equipment and server of trusted computing equipment | |
| CN113935008B (en) | User authentication method, device, electronic equipment and computer readable storage medium | |
| CN105871840A (en) | Certificate management method and system | |
| CN107977564B (en) | Transaction authentication processing method, authentication server, terminal and transaction equipment | |
| CN111935716B (en) | Authentication method, authentication system and computing device | |
| CN109067551A (en) | A kind of real name identification method, computer readable storage medium and terminal device | |
| CN108322558B (en) | Method, device and system for associating address information | |
| CN114139121A (en) | Identity verification method and device, electronic equipment and computer readable storage medium | |
| CN111369246A (en) | Calling authentication method and device of intelligent contract, electronic equipment and storage medium | |
| CN110502963B (en) | Fingerprint authentication method, fingerprint authentication device and terminal | |
| WO2017101706A1 (en) | Method and apparatus for preventing human-machine interaction interface from being hijacked | |
| TW202018626A (en) | System for verifying user identity when processing digital signature and method thereof | |
| CN110912704A (en) | Certificate loading method and related product | |
| US20230388310A1 (en) | System and method for biometrically binding verifiable credentials to identity |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |