CN110035069B - Internet of things information security protection method - Google Patents
Internet of things information security protection method Download PDFInfo
- Publication number
- CN110035069B CN110035069B CN201910197334.5A CN201910197334A CN110035069B CN 110035069 B CN110035069 B CN 110035069B CN 201910197334 A CN201910197334 A CN 201910197334A CN 110035069 B CN110035069 B CN 110035069B
- Authority
- CN
- China
- Prior art keywords
- data
- segment
- encryption
- head
- tail
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0478—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload applying multiple layers of encryption, e.g. nested tunnels or encrypting the content with a first key and then with at least a second key
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses an information security protection method for the Internet of things, which comprises the following steps: the data sending end generates data, reads the model number of the access end, the identification serial number, the encryption head and tail table and the current time, corresponds to the current time and the encryption head and tail table, generates primary encryption data, and encrypts the primary encryption data again through an SCB2 algorithm to obtain re-encrypted data. This thing networking information security protection method, through the application of encryption head and the tail table, current time and SCB2 algorithm, the security of data has further been increased, the protective effect has been strengthened, adopt the mode of segmentation to send the data after segmenting, and to each section data check respectively and report errors respectively, thereby need not to carry out retransmission with data whole when taking place data error, work efficiency has been improved, in time record is in order this fine to malicious data analysis after receiving the tentative nature detection data that the third party sent.
Description
Technical Field
The invention relates to the technical field of Internet of things, in particular to an Internet of things information security protection method.
Background
The internet of things is an important component of a new generation of information technology and an important development stage of the information era, as the name suggests, the internet of things is the internet connected with objects, application innovation is the core of the development of the internet of things, and in the application of the internet of things, an internet of things information security protection method is needed to be used for protecting data transmission.
According to the traditional internet of things information safety protection method, an encryption algorithm is too simple, the protection effect is poor, meanwhile, if errors exist in data, the data needs to be transmitted again integrally, the working efficiency is low, malicious data cannot be recorded and analyzed well, and inconvenience is brought to a user when the working efficiency is reduced.
Disclosure of Invention
Technical problem to be solved
Aiming at the defects of the prior art, the invention provides an information security protection method of the Internet of things, and solves the problems that the encryption algorithm of the information security protection method of the Internet of things is too simple, the protection effect is poor, meanwhile, if data has errors, the data needs to be integrally retransmitted, the working efficiency is low, and malicious data are difficult to record and analyze well.
(II) technical scheme
In order to achieve the purpose, the invention is realized by the following technical scheme: an Internet of things information security protection method is characterized by comprising the following steps:
s1, data generation: the data sending end generates data and reads the model of the access end, the identification serial number, the encryption head and tail table and the current time;
s2, data primary encryption: corresponding to the current time and the encryption head-tail table, and generating primary encryption data;
s3, data re-encryption: encrypting the primary encrypted data again through SCB2 algorithm to obtain re-encrypted data;
s4, data segmentation: equally dividing the re-encrypted data into three segments, namely a front segment, a middle segment and a rear segment;
s5, preparing by segmentation processing: reading a segment head-tail table, randomly selecting a certain cell in the segment head-tail table, and reading a corresponding final value, a segment head numerical value and a segment tail numerical value;
s6, segmented processing: respectively generating front segmentation data, middle segmentation data and rear segmentation data;
s7, data transmission: sequentially sending the front segmentation data, the middle segmentation data and the rear segmentation data to a receiving end;
s8, segmented inspection: sequentially extracting segment head data, segment tail data and final values of the front segment data, the middle segment data and the rear segment data, checking whether the segment head data, the segment tail data and the final values are correct or not according to a corresponding segment head-tail table, if the segment head data, the segment tail data and the final values are correct, performing step S9, if the segment head data and the final values are incorrect, sending a retransmission signal, retransmitting the corresponding segment data according to a corresponding segment sequence number after the data sending end receives the retransmission signal, and performing step S8 again after the data receiving end receives new corresponding segment data;
s9, algorithm decryption: after the data obtained in the step S8 is taken out of the corresponding segments, the three segments are integrated and decrypted into primary encrypted data through the SCB2 algorithm;
s10, removing an encryption head and an encryption tail: and verifying whether the encryption head and the encryption tail of the primary encrypted data are correct according to the current time and the encryption head and tail table, if so, taking out the transmitted data, controlling a corresponding mechanism to perform corresponding operation according to the transmitted data, if not, not responding, and recording the non-responding data and the receiving time thereof.
Preferably, in S1, the encryption header and trailer table format is as follows: line: an hour value for the current time; the method comprises the following steps: a minute value for the current time; cell: the value of the encryption header and the value of the encryption tail.
Preferably, in S2, the format of the primary encrypted data is: encrypting a header, transmitting data and encrypting a tail; the encryption header format is: the type of the access end, the identification serial number, the encryption head value and the current time; the encryption tail format is: the access terminal model + the identification serial number + the encryption mantissa value + the current time.
Preferably, in S4, the length of the re-encrypted data is a fixed value, and thus the lengths of the three segments are fixed values.
Preferably, in S5, the segment head-to-tail table is as follows: line: a segment header value; the method comprises the following steps: segmenting mantissa values; cell: and (4) final value.
Preferably, in S6, the pre-segmentation data format is: segment head value + front segment + segment tail value + final value + corresponding segment sequence number; the segmented data format is: segment head value + middle segment + segment mantissa value + final value + corresponding segment serial number; the post-segmentation data format is: segment head value + back segment + segment tail value + final value + corresponding segment sequence number; wherein the corresponding segment sequence number is a specific sequence number for distinguishing the front segment data, the middle segment data and the rear segment data.
Preferably, in S8, the format of the retransmission signal is: corresponding to the segment sequence number + error code.
(III) advantageous effects
The invention provides an information security protection method for the Internet of things. The method has the following beneficial effects:
this thing networking information security protection method, through encrypting the head and the tail table, current time and SCB2 algorithm's application, the security of data has further been increased, the protective effect has been strengthened, adopt the mode of segmentation to send the data after segmenting, and examine respectively and report the error respectively to every section of data, thereby need not to carry out retransmission with data whole when taking place the data error, work efficiency has been improved, in time record after the tentative nature detection data that receive the third party and send analyzes malicious data with this fine (because the data of record pass through segmentation inspection, consequently other signals of differentiation and malicious signal that can be fine).
Detailed Description
The described embodiments are only some embodiments of the invention, not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
An Internet of things information security protection method is characterized by comprising the following steps:
s1, data generation: the data sending end generates data and reads the model number of the access end, the identification serial number, the encryption head-tail table and the current time (the encryption head-tail table is as follows, the row is the hour numerical value of the current time, the column is the minute numerical value of the current time, the cell is the numerical value of the encryption head and the numerical value of the encryption tail), wherein the lengths of the model number of the access end and the identification serial number are binary series of three bytes (twenty-four bits), and the hour numerical value of the current time and the minute numerical value of the current time are binary series of five bytes (forty bits);
s2, data primary encryption: corresponding to the current time and an encryption head and tail table, and generating primary encryption data (the format of the primary encryption data is encryption head + transmission data + encryption tail; the format of the encryption head is access end model number + identification serial number + encryption head numerical value + current time; the format of the encryption tail is access end model number + identification serial number + encryption tail numerical value + current time), wherein the encryption head and the encryption tail are binary number columns of five bytes (forty bits);
s3, data re-encryption: encrypting the primary encrypted data again through SCB2 algorithm to obtain re-encrypted data;
s4, data segmentation: equally dividing the re-encrypted data into three segments, namely a front segment, a middle segment and a rear segment (the length of the re-encrypted data is a fixed value, so the lengths of the three segments are fixed values);
s5, preparing by segmentation processing: reading a segment head-tail table, randomly selecting a certain cell in the segment head-tail table, and reading a corresponding final value, a segment head numerical value and a segment tail numerical value (the segment head-tail table is as follows, the row is the segment head numerical value, the column is the segment tail numerical value, the cell is the final value), wherein the final value is a binary number column of three bytes (twenty-four bits);
s6, segmented processing: respectively generating front segmentation data, middle segmentation data and rear segmentation data (the format of the front segmentation data is that a segmentation head value + a front segmentation + a segmentation tail value + a final value + a corresponding segment serial number, the format of the middle segmentation data is that the segmentation head value + the middle segmentation + the segmentation tail value + the final value + the corresponding segment serial number, and the format of the rear segmentation data is that the segmentation head value + the rear segmentation + the segmentation tail value + the final value + the corresponding segment serial number, wherein the corresponding segment serial number is a specific serial number used for distinguishing the front segmentation data, the middle segmentation data and the rear segmentation data, and the segmentation head value, the segmentation tail value and the corresponding segment serial number are binary numbers of four bytes (thirty-two bits);
s7, data transmission: sequentially sending the front segmentation data, the middle segmentation data and the rear segmentation data to a receiving end;
s8, segmented inspection: taking out the segment head data, the segment tail data and the final value of the front segment data, the middle segment data and the rear segment data in sequence, checking whether the data are correct or not according to a corresponding segment head-tail table, if the data are correct, carrying out step S9, if the data are incorrect, sending a retransmission signal, retransmitting the corresponding segment data according to a corresponding segment sequence number after the data sending end receives the retransmission signal, and carrying out step S8 again after the data receiving end receives the new corresponding segment data (the format of the retransmission signal is: the corresponding segment sequence number + an error code), wherein the error code is a fixed binary number sequence of three bytes (twenty-four bits);
s9, algorithm decryption: after the data obtained in the step S8 is taken out of the corresponding segments, the three segments are integrated and decrypted into primary encrypted data through the SCB2 algorithm;
s10, removing an encryption head and an encryption tail: and verifying whether the encryption head and the encryption tail of the primary encrypted data are correct according to the current time and the encryption head and tail table, if so, taking out the transmitted data, controlling a corresponding mechanism to perform corresponding operation according to the transmitted data, if not, not responding, and recording the non-responding data and the receiving time thereof.
In conclusion, the internet-of-things information security protection method further increases the security of data and strengthens the protection effect by the application of the encryption head-tail table, the current time and the SCB2 algorithm, the data are segmented and then sent in a segmentation mode, and each segment of data is respectively checked and respectively reported with errors, so that the whole data does not need to be retransmitted when the data are in errors, the working efficiency is improved, and the malicious data are well analyzed by timely recording after the data are subjected to tentative detection data sent by a third party (because the recorded data are subjected to segmented inspection, other signals and malicious signals can be well distinguished).
Although embodiments of the present invention have been shown and described, it will be appreciated by those skilled in the art that changes, modifications, substitutions and alterations can be made in these embodiments without departing from the principles and spirit of the invention, the scope of which is defined in the appended claims and their equivalents.
Claims (5)
1. An Internet of things information security protection method is characterized by comprising the following steps:
s1, data generation: the data sending end generates data and reads the model of the access end, the identification serial number, the encryption head and tail table and the current time;
the format of the encryption head and tail table is as follows: line: an hour value for the current time; the method comprises the following steps: a minute value for the current time; cell: the numerical value of the encryption head and the numerical value of the encryption tail;
s2, data primary encryption: corresponding to the current time and the encryption head-tail table, and generating primary encryption data;
s3, data re-encryption: encrypting the primary encrypted data again through SCB2 algorithm to obtain re-encrypted data;
s4, data segmentation: equally dividing the re-encrypted data into three segments, namely a front segment, a middle segment and a rear segment;
s5, preparing by segmentation processing: reading a segment head-tail table, randomly selecting a certain cell in the segment head-tail table, and reading a corresponding final value, a segment head numerical value and a segment tail numerical value;
the segment head-tail table is as follows: line: a segment header value; the method comprises the following steps: segmenting mantissa values; cell: a final value;
s6, segmented processing: respectively generating front segmentation data, middle segmentation data and rear segmentation data;
s7, data transmission: sequentially sending the front segmentation data, the middle segmentation data and the rear segmentation data to a receiving end;
s8, segmented inspection: sequentially extracting segment head data, segment tail data and final values of the front segment data, the middle segment data and the rear segment data, checking whether the segment head data, the segment tail data and the final values are correct or not according to a corresponding segment head-tail table, if the segment head data, the segment tail data and the final values are correct, performing step S9, if the segment head data and the final values are incorrect, sending a retransmission signal, retransmitting the corresponding segment data according to a corresponding segment sequence number after the data sending end receives the retransmission signal, and performing step S8 again after the data receiving end receives new corresponding segment data;
s9, algorithm decryption: after the data obtained in the step S8 is taken out of the corresponding segments, the three segments are integrated and decrypted into primary encrypted data through the SCB2 algorithm;
s10, removing an encryption head and an encryption tail: and verifying whether the encryption head and the encryption tail of the primary encrypted data are correct according to the current time and the encryption head and tail table, if so, taking out the transmitted data, controlling a corresponding mechanism to perform corresponding operation according to the transmitted data, if not, not responding, and recording the non-responding data and the receiving time thereof.
2. The internet of things information security protection method according to claim 1, characterized in that: in S2, the format of the primary encrypted data is: encrypting a header, transmitting data and encrypting a tail; the encryption header format is: the type of the access end, the identification serial number, the encryption head value and the current time; the encryption tail format is: the access terminal model + the identification serial number + the encryption mantissa value + the current time.
3. The internet of things information security protection method according to claim 1, characterized in that: in S4, the length of the re-encrypted data is a fixed value, and therefore the lengths of the three segments are fixed values.
4. The internet of things information security protection method according to claim 1, characterized in that: in S6, the pre-segment data format is: segment head value + front segment + segment tail value + final value + corresponding segment sequence number; the segmented data format is: segment head value + middle segment + segment mantissa value + final value + corresponding segment serial number; the post-segmentation data format is: segment head value + back segment + segment tail value + final value + corresponding segment sequence number; wherein the corresponding segment sequence number is a specific sequence number for distinguishing the front segment data, the middle segment data and the rear segment data.
5. The internet of things information security protection method according to claim 1, characterized in that: at S8, the format of the retransmission signal is: corresponding to the segment sequence number + error code.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910197334.5A CN110035069B (en) | 2019-03-15 | 2019-03-15 | Internet of things information security protection method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910197334.5A CN110035069B (en) | 2019-03-15 | 2019-03-15 | Internet of things information security protection method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110035069A CN110035069A (en) | 2019-07-19 |
| CN110035069B true CN110035069B (en) | 2021-08-27 |
Family
ID=67236047
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910197334.5A Expired - Fee Related CN110035069B (en) | 2019-03-15 | 2019-03-15 | Internet of things information security protection method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110035069B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110650150A (en) * | 2019-10-10 | 2020-01-03 | 上海久誉软件系统有限公司 | Computer wireless propagation neural network method based on 5G network |
| CN112910606B (en) * | 2020-05-22 | 2022-08-02 | 湖北省成套招标股份有限公司 | Data sending system adopting sectional type data structure |
| CN112888003B (en) * | 2021-02-01 | 2023-06-06 | 安徽马钢张庄矿业有限责任公司 | Mine equipment communication signal processing method based on 5G industrial Internet |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP0676876A1 (en) * | 1994-04-05 | 1995-10-11 | International Business Machines Corporation | Encryption method and system |
| CN101345866A (en) * | 2008-08-15 | 2009-01-14 | 四川长虹电器股份有限公司 | Encryption and decryption method for static audio/video document |
| CN102752102A (en) * | 2012-07-02 | 2012-10-24 | 珠海全志科技股份有限公司 | Data package segmented encryption and transmission processing method and device |
| CN105763315A (en) * | 2014-12-16 | 2016-07-13 | 展讯通信(深圳)有限公司 | Data encryption and decryption method and apparatus thereof, and communication system |
| CN106067878A (en) * | 2016-05-31 | 2016-11-02 | 国网山东省电力公司寿光市供电公司 | A kind of network data encryption transmission method |
| CN106452728A (en) * | 2016-08-30 | 2017-02-22 | 上海卓易科技股份有限公司 | Data encryption method |
| CN107135062A (en) * | 2017-05-08 | 2017-09-05 | 桂林电子科技大学 | A kind of encryption method of improved big file |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8751807B2 (en) * | 2011-06-23 | 2014-06-10 | Azuki Systems Inc. | Method and system for secure over-the-top live video delivery |
-
2019
- 2019-03-15 CN CN201910197334.5A patent/CN110035069B/en not_active Expired - Fee Related
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP0676876A1 (en) * | 1994-04-05 | 1995-10-11 | International Business Machines Corporation | Encryption method and system |
| CN101345866A (en) * | 2008-08-15 | 2009-01-14 | 四川长虹电器股份有限公司 | Encryption and decryption method for static audio/video document |
| CN102752102A (en) * | 2012-07-02 | 2012-10-24 | 珠海全志科技股份有限公司 | Data package segmented encryption and transmission processing method and device |
| CN105763315A (en) * | 2014-12-16 | 2016-07-13 | 展讯通信(深圳)有限公司 | Data encryption and decryption method and apparatus thereof, and communication system |
| CN106067878A (en) * | 2016-05-31 | 2016-11-02 | 国网山东省电力公司寿光市供电公司 | A kind of network data encryption transmission method |
| CN106452728A (en) * | 2016-08-30 | 2017-02-22 | 上海卓易科技股份有限公司 | Data encryption method |
| CN107135062A (en) * | 2017-05-08 | 2017-09-05 | 桂林电子科技大学 | A kind of encryption method of improved big file |
Also Published As
| Publication number | Publication date |
|---|---|
| CN110035069A (en) | 2019-07-19 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110035069B (en) | Internet of things information security protection method | |
| CN106709853B (en) | Image retrieval method and system | |
| CN114285562B (en) | Data encryption method and device | |
| RU2407216C1 (en) | Method for message integration into digital image | |
| CN110210270B (en) | Two-dimensional code information security reinforcement method and system and two-dimensional code image analysis method and system | |
| CN114253484B (en) | Big data cloud storage server | |
| CN104281815A (en) | Method and system for encrypting and decrypting file | |
| JPH05122282A (en) | Data transmission system | |
| CN117094022B (en) | Encryption system based on computer software development | |
| CN102971984B (en) | Method for authenticating a storage device and host device | |
| CN116566677B (en) | Short message receiving and transmitting system of serial server | |
| CN102111401B (en) | Protocol recognition method and device as well as equipment | |
| CN115695024A (en) | Redundancy detection method and system for PLC signals | |
| CN108962289B (en) | Method and device for appending hidden identification data based on optical disc synchronous frame | |
| CN107832623B (en) | Method and system for encrypting and decrypting coordinate track | |
| CN1665182B (en) | Coding and decoding method for quick response code | |
| CN111740817A (en) | Code tampering detection method and system for concentrator in electric power data acquisition system | |
| CN113095042A (en) | Character string encryption method, system, device and storage medium | |
| CN112687318B (en) | Fuse reading method, controller and chip for resisting data tampering and template attack | |
| CN114422219B (en) | Data encryption transmission method based on dimension-reducing polynomial | |
| CN110046134B (en) | Database log recording method and system and database log recording detection method | |
| CN112242970A (en) | Data segmentation encryption security reinforcing method and device | |
| CN109981291A (en) | A kind of mixing packet signature method | |
| CN112423150B (en) | Working method of remote video transmission device with frame check function | |
| CN115374462B (en) | Storage management system based on financial service data |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB03 | Change of inventor or designer information | ||
| CB03 | Change of inventor or designer information |
Inventor after: Zhan Yue Inventor after: Yang Huan Inventor after: Zhang Yulei Inventor after: Liu Pengfei Inventor before: Yang Huan Inventor before: Zhang Yulei Inventor before: Liu Pengfei |
|
| TA01 | Transfer of patent application right | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20210806 Address after: 572011 Yuya road Greenland Yuelan Bay phase III Central Park 8b701, Jiyang District, Sanya City, Hainan Province Applicant after: Sanya tal investment partnership (L.P.) Address before: 450000 building 3, No.57, science Avenue, development zone, high tech Industrial Park, Zhongyuan District, Zhengzhou City, Henan Province 2007 Applicant before: HENAN GT IOT Co.,Ltd. |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20210827 |