CN110768842A - Intelligent home communication safety management and control method, system and storage medium - Google Patents
Intelligent home communication safety management and control method, system and storage medium Download PDFInfo
- Publication number
- CN110768842A CN110768842A CN201911047588.5A CN201911047588A CN110768842A CN 110768842 A CN110768842 A CN 110768842A CN 201911047588 A CN201911047588 A CN 201911047588A CN 110768842 A CN110768842 A CN 110768842A
- Authority
- CN
- China
- Prior art keywords
- node
- equipment
- library
- equipment node
- communication
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/2803—Home automation networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/04—Network management architectures or arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Automation & Control Theory (AREA)
- Mobile Radio Communication Systems (AREA)
- Selective Calling Equipment (AREA)
- Telephonic Communication Services (AREA)
Abstract
The invention relates to the technical field of communication safety, and discloses an intelligent home communication safety management and control method, a system and a storage medium.
Description
Technical Field
The invention relates to the field of data security, in particular to a method, a system and a storage medium for intelligent home communication security control.
Background
The intelligent home is embodied in an internet of things manner under the influence of the internet of things. The intelligent home is characterized in that various devices (such as audio and video devices, lighting systems, curtain control, air conditioner control, security systems, digital cinema systems, network home appliances, three-meter reading and the like) in the home are connected together through the Internet of things technology, and multiple functions and means such as home appliance control, lighting control, curtain control, telephone remote control, indoor and outdoor remote control, anti-theft alarm, environment monitoring, heating and ventilation control, infrared forwarding, programmable timing control and the like are provided. Compared with the common home, the intelligent home has the traditional living function, has building, network communication, information household appliances and equipment automation, integrates system, structure, service and management into a whole, is efficient, comfortable, safe, convenient and environment-friendly, provides an all-around information interaction function, helps the family to keep smooth information communication with the outside, optimizes the life style of people, helps people to effectively schedule time, enhances the safety of home life, and even saves funds for various energy expenses.
When each equipment terminal of the smart home is accessed to the network through a mobile communication network, the air interception and eavesdropping may seriously threaten the transmitted sensitive information, and meanwhile, an illegal user can impersonate a legal internal terminal at any place capable of receiving a wireless mobile signal to initiate network attack, thereby causing security threat.
Disclosure of Invention
Aiming at the defects of the prior art, the invention provides an intelligent home communication safety control method, which is used for solving the problems in the background technology.
The technical scheme adopted by the invention for solving the technical problems is as follows:
the invention provides an intelligent home communication safety control method, which comprises the following steps:
classifying and building a library for each equipment node which constructs a home network, comprising the following steps:
establishing a data acquisition node library, a communication node library, a control node library and a controlled node library;
the matching recording of the networking associated data of the device nodes included in each node library specifically includes:
basic data, credit value, initial access time, identification identifier, last access network time, real-time access state, total access duration and behavior data;
managing and controlling networking equipment nodes, including equipment node joining, equipment node awakening, equipment node fault positioning and emergency communication:
the device node joining comprises:
receiving a connection request of a wireless access point sent by a node of equipment to be accessed;
sending the nearest equipment node address with a node access interface to the equipment node to be accessed;
receiving verification information sent by the equipment node to be accessed, and generating a verification result based on the verification information;
if the verification result indicates that the verification is passed, the node of the equipment to be accessed is granted the connection authority;
reading the identity identifier of the equipment node, inquiring each node library, reading the original data of the equipment node if the equipment node data exists, and updating the relevant data of the equipment node in real time, or reading the basic data of the equipment node, and establishing the equipment node record in the matched node library according to the contents of the basic data;
distributing the sub-keys to each equipment node by using a DH key exchange algorithm through the core equipment nodes in the control node library;
the device node waking up comprises:
the method comprises the steps that an equipment node receives a wake-up instruction, judges the attribute of the equipment node receiving the wake-up instruction, forwards the wake-up instruction to a communication node at the upper stage or a communication node at the lower stage in a home network if the equipment node belongs to a communication node library or a control node library, and feeds back a wake-up response instruction to the original path in the home network if the equipment node belongs to a controlled node library or a data acquisition node library;
the device node fault locating comprises:
broadcasting according to a preset time interval, if the equipment node does not feed back in the specified time, independently carrying out repeated connection request on the equipment node, if the preset time is exceeded, bringing the equipment node into a fault node, and broadcasting the fault information to each equipment node;
the emergency communication includes:
when a communication equipment node connected with the external network in the communication node library fails, a standby external network connection channel arranged in the control node library is started, and is broadcasted to other equipment nodes in the home network, and reconnection and networking are realized.
Preferably, the equipment nodes in the data acquisition node library comprise an electric meter, a water meter, a temperature sensor, a humidity sensor, a brightness sensor, a pressure sensor, an image sensor, a smoke alarm and a gas leakage sensor;
the equipment nodes in the communication node library comprise telephones, fax machines, routers and radio frequency communication adapters;
the control node library comprises a computer, a mobile phone, an intelligent bracelet and a tablet computer;
the controlled nodes comprise a television, a washing machine, an air conditioner, a purifier, a refrigerator, a water heater, a sweeping robot and an intelligent curtain.
Preferably, the basic data includes a device type, a device brand, a device model, a device ID number, communication protocols supported by the device, and electrical and operational parameters of the device.
Preferably, the ID identifier is a Hash value obtained by using a Hash function after the device ID number is spliced with the initial access time.
Preferably, an initial value Z is set for the reputation value0And setting a credit value threshold value Z, and performing credibility division on the equipment nodes by continuously communicating with each other and updating the credit value:
when the credit value is higher than the credit value threshold value Z, the equipment node is a normal node and can normally transmit or externally send information;
when the credit value is [ lambda Z, Z ], 0 & ltlambda & lt 1, the equipment node is a suspicious node, the equipment node can only be used as an intermediate node to transmit information to other nodes, the node can not be used as a source node to send information to the outside, and meanwhile, a sub-secret key of the equipment node cannot be selected when a sub-secret key reconstruction key is collected;
when the comprehensive credit value is [0, lambda Z ], and lambda is more than 0 and less than 1, the equipment node is a dangerous node, the equipment node is isolated from the network, punishment is carried out on the equipment node, punishment time is set, punishment times are recorded, and when the punishment times exceed a preset value, the equipment node is completely forbidden to access the network.
Preferably, the reputation value updating specifically includes:
setting and reading corresponding total access duration T weight lambda1Number of messages N weight lambda2Average signal strength Sweight λ3Average size of packet H weight lambda4Behavior data F weight λ5;
Substitution into
Obtaining a pre-evaluation value ZS;
Re-substitution into
Obtaining real-time credit degree Z of equipment nodeRWherein Z isiA pre-evaluation value Z calculated for the node according to a preset time interval tS。
Preferably, the generating a verification result based on the verification information includes:
verifying the verification information to obtain a first verification result;
if the first verification result indicates that the verification is passed, the verification information is broadcasted to other equipment nodes in the home network;
receiving confirmation information sent by at least part of other equipment nodes in the home network;
and generating a verification result according to the number of the received confirmation information, wherein if the number of the received confirmation information exceeds a preset number, the verification result indicates that the verification is passed, and if the number of the received confirmation information does not exceed the preset number, the verification result indicates that the verification is not passed.
The invention also provides an intelligent home communication safety management and control method, which comprises the following steps:
equipment node module for constructing intelligent household network
The database module is used for classifying and establishing the database for each equipment node constructing the home network, and comprises the following components:
establishing a data acquisition node library, a communication node library, a control node library and a controlled node library;
the data acquisition, processing and updating module is used for matching and recording networking associated data of the equipment nodes recorded in each node library, and specifically comprises the following steps:
basic data, credit value, initial access time, identification identifier, last access network time, real-time access state, total access duration and behavior data;
the management and control module is used for managing and controlling the networking equipment nodes, and comprises equipment node adding, equipment node awakening, equipment node fault positioning and emergency communication:
the device node joining comprises:
receiving a connection request of a wireless access point sent by a node of equipment to be accessed;
sending the nearest equipment node address with a node access interface to the equipment node to be accessed;
receiving verification information sent by the equipment node to be accessed, and generating a verification result based on the verification information;
if the verification result indicates that the verification is passed, the node of the equipment to be accessed is granted the connection authority;
reading the identity identifier of the equipment node, inquiring each node library, reading the original data of the equipment node if the equipment node data exists, and updating the relevant data of the equipment node in real time, or reading the basic data of the equipment node, and establishing the equipment node record in the matched node library according to the contents of the basic data;
distributing the sub-keys to each equipment node by using a DH key exchange algorithm through the core equipment nodes in the control node library;
the device node waking up comprises:
the method comprises the steps that an equipment node receives a wake-up instruction, judges the attribute of the equipment node receiving the wake-up instruction, forwards the wake-up instruction to a communication node at the upper stage or a communication node at the lower stage in a home network if the equipment node belongs to a communication node library or a control node library, and feeds back a wake-up response instruction to the original path in the home network if the equipment node belongs to a controlled node library or a data acquisition node library;
the device node fault locating comprises:
broadcasting according to a preset time interval, if the equipment node does not feed back in the specified time, independently carrying out repeated connection request on the equipment node, if the preset time is exceeded, bringing the equipment node into a fault node, and broadcasting the fault information to each equipment node;
the emergency communication includes:
when a communication equipment node connected with the external network in the communication node library fails, a standby external network connection channel arranged in the control node library is started, and is broadcasted to other equipment nodes in the home network, and reconnection and networking are realized.
The present invention also provides a terminal device, including:
one or more processors;
storage means for storing one or more programs;
when executed by the one or more processors, cause the one or more processors to implement a method as previously described.
The invention also provides a computer-readable storage medium, on which a computer program is stored, which computer program, when being executed by a processor, carries out the method as set forth in the foregoing.
Compared with the prior art, the invention has the following beneficial effects:
the invention can carry out whole-course control on each equipment node for constructing the intelligent home network, judges the access of the equipment node and the action behavior of the equipment node in the communication process, prevents the access of malicious equipment nodes and the possible malicious attack received by the accessed node, and adopts a classification punishment measure to promote the node to be actively added into the network. Through continuous detection and excitation of the nodes, network communication can be more smooth;
the invention can effectively improve the security of the home network, provides an effective access strategy, enables the network communication to be more smooth, and has stronger anti-risk property and wide practicability.
Further salient features and significant advances with respect to the present invention over the prior art are described in further detail in the examples section.
Drawings
Other features, objects and advantages of the invention will become more apparent upon reading of the detailed description of non-limiting embodiments with reference to the following drawings:
fig. 1 is a schematic structural diagram of an intelligent home communication security management and control system according to the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
It should be noted that certain names are used throughout the specification and claims to refer to particular components. It will be understood that one of ordinary skill in the art may refer to the same component by different names. The present specification and claims do not intend to distinguish between components that differ in name but not function. As used in the specification and claims of this application, the terms "comprises" and "comprising" are intended to be open-ended terms that should be interpreted as "including, but not limited to," or "including, but not limited to. The embodiments described in the detailed description are preferred embodiments of the present invention and are not intended to limit the scope of the present invention.
Moreover, those skilled in the art will appreciate that aspects of the present invention may be embodied as a system, method or computer program product. Accordingly, various aspects of the present invention may be embodied in a combination of hardware and software, which may be referred to herein generally as a "circuit," module "or" system. Furthermore, in some embodiments, various aspects of the invention may also be embodied in the form of a computer program product in one or more microcontroller-readable media having microcontroller-readable program code embodied therein.
Example 1
The intelligent home communication safety control method of the embodiment comprises the following steps:
classifying and building a library for each equipment node which constructs a home network, comprising the following steps:
establishing a data acquisition node library, a communication node library, a control node library and a controlled node library;
the matching recording of the networking associated data of the device nodes included in each node library specifically includes:
basic data, credit value, initial access time, identification identifier, last access network time, real-time access state, total access duration and behavior data;
managing and controlling networking equipment nodes, including equipment node joining, equipment node awakening, equipment node fault positioning and emergency communication:
the device node joining comprises:
receiving a connection request of a wireless access point sent by a node of equipment to be accessed;
sending the nearest equipment node address with a node access interface to the equipment node to be accessed;
receiving verification information sent by the equipment node to be accessed, and generating a verification result based on the verification information;
if the verification result indicates that the verification is passed, the node of the equipment to be accessed is granted the connection authority;
reading the identity identifier of the equipment node, inquiring each node library, reading the original data of the equipment node if the equipment node data exists, and updating the relevant data of the equipment node in real time, or reading the basic data of the equipment node, and establishing the equipment node record in the matched node library according to the contents of the basic data;
distributing the sub-keys to each equipment node by using a DH key exchange algorithm through the core equipment nodes in the control node library;
the device node waking up comprises:
the method comprises the steps that an equipment node receives a wake-up instruction, judges the attribute of the equipment node receiving the wake-up instruction, forwards the wake-up instruction to a communication node at the upper stage or a communication node at the lower stage in a home network if the equipment node belongs to a communication node library or a control node library, and feeds back a wake-up response instruction to the original path in the home network if the equipment node belongs to a controlled node library or a data acquisition node library;
the device node fault locating comprises:
broadcasting according to a preset time interval, if the equipment node does not feed back in the specified time, independently carrying out repeated connection request on the equipment node, if the preset time is exceeded, bringing the equipment node into a fault node, and broadcasting the fault information to each equipment node;
the emergency communication includes:
when a communication equipment node connected with the external network in the communication node library fails, a standby external network connection channel arranged in the control node library is started, and is broadcasted to other equipment nodes in the home network, and reconnection and networking are realized.
In this embodiment, the equipment nodes in the data acquisition node library include an ammeter, a water meter, a temperature sensor, a humidity sensor, a brightness sensor, a pressure sensor, an image sensor, a smoke alarm and a gas leakage sensor;
the equipment nodes in the communication node library comprise telephones, fax machines, routers and radio frequency communication adapters;
the control node library comprises a computer, a mobile phone, an intelligent bracelet and a tablet computer;
the controlled nodes comprise a television, a washing machine, an air conditioner, a purifier, a refrigerator, a water heater, a sweeping robot and an intelligent curtain.
The basic data in this embodiment includes a device type, a device brand, a device model, a device ID number, a communication protocol supported by the device, and electrical and operational parameters of the device.
In this embodiment, the ID identifier is a Hash value obtained by using a Hash function after the device ID number is spliced with the initial access time.
In this embodiment, an initial value Z is set for the reputation value0And setting a credit value threshold value Z, and performing credibility division on the equipment nodes by continuously communicating with each other and updating the credit value:
when the credit value is higher than the credit value threshold value Z, the equipment node is a normal node and can normally transmit or externally send information;
when the credit value is [ lambda Z, Z ], 0 & ltlambda & lt 1, the equipment node is a suspicious node, the equipment node can only be used as an intermediate node to transmit information to other nodes, the node can not be used as a source node to send information to the outside, and meanwhile, a sub-secret key of the equipment node cannot be selected when a sub-secret key reconstruction key is collected;
when the comprehensive credit value is [0, lambda Z ], and lambda is more than 0 and less than 1, the equipment node is a dangerous node, the equipment node is isolated from the network, punishment is carried out on the equipment node, punishment time is set, punishment times are recorded, and when the punishment times exceed a preset value, the equipment node is completely forbidden to access the network.
The reputation value updating in this embodiment specifically includes:
setting and reading corresponding total access duration T weight lambda1Number of messages N weight lambda2Average signal strength Sweight λ3Average size of packet H weight lambda4Behavior data F weight λ5;
Substitution into
Obtaining a pre-evaluation value ZS;
Re-substitution into
Obtaining real-time credit degree Z of equipment nodeRWherein Z isiA pre-evaluation value Z calculated for the node according to a preset time interval tS,Is a rounding function.
In this embodiment, generating a verification result based on the verification information includes:
verifying the verification information to obtain a first verification result;
if the first verification result indicates that the verification is passed, the verification information is broadcasted to other equipment nodes in the home network;
receiving confirmation information sent by at least part of other equipment nodes in the home network;
and generating a verification result according to the number of the received confirmation information, wherein if the number of the received confirmation information exceeds a preset number, the verification result indicates that the verification is passed, and if the number of the received confirmation information does not exceed the preset number, the verification result indicates that the verification is not passed.
Example 2
Referring to fig. 1, the present embodiment provides a data encryption secure storage system based on a cloud platform, including:
equipment node module for constructing intelligent household network
The database module is used for classifying and establishing the database for each equipment node constructing the home network, and comprises the following components:
establishing a data acquisition node library, a communication node library, a control node library and a controlled node library;
the data acquisition, processing and updating module is used for matching and recording networking associated data of the equipment nodes recorded in each node library, and specifically comprises the following steps:
basic data, credit value, initial access time, identification identifier, last access network time, real-time access state, total access duration and behavior data;
the management and control module is used for managing and controlling the networking equipment nodes, and comprises equipment node adding, equipment node awakening, equipment node fault positioning and emergency communication:
the device node joining comprises:
receiving a connection request of a wireless access point sent by a node of equipment to be accessed;
sending the nearest equipment node address with a node access interface to the equipment node to be accessed;
receiving verification information sent by the equipment node to be accessed, and generating a verification result based on the verification information;
if the verification result indicates that the verification is passed, the node of the equipment to be accessed is granted the connection authority;
reading the identity identifier of the equipment node, inquiring each node library, reading the original data of the equipment node if the equipment node data exists, and updating the relevant data of the equipment node in real time, or reading the basic data of the equipment node, and establishing the equipment node record in the matched node library according to the contents of the basic data;
distributing the sub-keys to each equipment node by using a DH key exchange algorithm through the core equipment nodes in the control node library;
the device node waking up comprises:
the method comprises the steps that an equipment node receives a wake-up instruction, judges the attribute of the equipment node receiving the wake-up instruction, forwards the wake-up instruction to a communication node at the upper stage or a communication node at the lower stage in a home network if the equipment node belongs to a communication node library or a control node library, and feeds back a wake-up response instruction to the original path in the home network if the equipment node belongs to a controlled node library or a data acquisition node library;
the device node fault locating comprises:
broadcasting according to a preset time interval, if the equipment node does not feed back in the specified time, independently carrying out repeated connection request on the equipment node, if the preset time is exceeded, bringing the equipment node into a fault node, and broadcasting the fault information to each equipment node;
the emergency communication includes:
when a communication equipment node connected with the external network in the communication node library fails, a standby external network connection channel arranged in the control node library is started, and is broadcasted to other equipment nodes in the home network, and reconnection and networking are realized.
Example 3
A terminal device, comprising:
one or more processors;
storage means for storing one or more programs;
when executed by the one or more processors, cause the one or more processors to implement the method of embodiment 1.
Example 4
The present embodiment provides a storage medium, on which a computer program is stored, where the computer program is executed by a processor to perform the steps of the smart home communication security management and control method according to embodiment 1.
As another aspect, the present application also provides a computer-readable medium, which may be contained in the apparatus described in the above embodiments; or may be present separately and not assembled into the device. The computer readable medium carries one or more programs which, when executed by the apparatus, cause the apparatus to: in response to receiving a playing parameter adjusting request, acquiring scene information of a current playing scene; determining whether historical playing parameters corresponding to historical scene information matched with the scene information of the current playing scene exist in a historical playing parameter set, wherein the historical playing parameter set comprises at least one group of historical playing parameters corresponding to the historical scene information; in response to the fact that the historical playing parameters corresponding to the historical scene information matched with the scene information of the current playing scene exist in the historical playing parameter set, obtaining the historical playing parameters corresponding to the historical scene information matched with the scene information of the current playing scene from the historical playing parameter set; and determining the target playing parameters of the current playing scene based on the acquired historical playing parameters.
Those of ordinary skill in the art will appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.
It is clear to those skilled in the art that, for convenience and brevity of description, the specific working processes of the above-described systems, apparatuses and units may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
In the several embodiments provided in the present application, it should be understood that the disclosed system, apparatus and method may be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the units is only one logical division, and other divisions may be realized in practice, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, that is, may be located in one place. Or may be distributed over multiple network elements. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit.
The functions, if implemented in the form of software functional units and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention.
And the aforementioned storage medium includes: a U disk, a mobile hard disk, and a Read-only memory (ROM). Various media capable of storing program check codes, such as Random Access Memory (RAM), magnetic disk, or optical disk.
The above description is only for the specific embodiments of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present invention, and all the changes or substitutions should be covered within the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.
It will be evident to those skilled in the art that the invention is not limited to the details of the foregoing illustrative embodiments, and that the present invention may be embodied in other specific forms without departing from the spirit or essential attributes thereof. The present embodiments are therefore to be considered in all respects as illustrative and not restrictive, the scope of the invention being indicated by the appended claims rather than by the foregoing description, and all changes which come within the meaning and range of equivalency of the claims are therefore intended to be embraced therein. Any reference sign in a claim should not be construed as limiting the claim concerned.
Furthermore, it should be understood that although the present description refers to embodiments, not every embodiment may contain only a single embodiment, and such description is for clarity only, and those skilled in the art should integrate the description, and the embodiments may be combined as appropriate to form other embodiments understood by those skilled in the art.
Claims (10)
1. The intelligent home communication safety management and control method is characterized by comprising the following steps:
classifying and building a library for each equipment node which constructs a home network, comprising the following steps:
establishing a data acquisition node library, a communication node library, a control node library and a controlled node library;
the matching recording of the networking associated data of the device nodes included in each node library specifically includes:
basic data, credit value, initial access time, identification identifier, last access network time, real-time access state, total access duration and behavior data;
managing and controlling networking equipment nodes, including equipment node joining, equipment node awakening, equipment node fault positioning and emergency communication:
the device node joining comprises:
receiving a connection request of a wireless access point sent by a node of equipment to be accessed;
sending the nearest equipment node address with a node access interface to the equipment node to be accessed;
receiving verification information sent by the equipment node to be accessed, and generating a verification result based on the verification information;
if the verification result indicates that the verification is passed, the node of the equipment to be accessed is granted the connection authority;
reading the identity identifier of the equipment node, inquiring each node library, reading the original data of the equipment node if the equipment node data exists, and updating the relevant data of the equipment node in real time, or reading the basic data of the equipment node, and establishing the equipment node record in the matched node library according to the contents of the basic data;
distributing the sub-keys to each equipment node by using a DH key exchange algorithm through the core equipment nodes in the control node library;
the device node waking up comprises:
the method comprises the steps that an equipment node receives a wake-up instruction, judges the attribute of the equipment node receiving the wake-up instruction, forwards the wake-up instruction to a communication node at the upper stage or a communication node at the lower stage in a home network if the equipment node belongs to a communication node library or a control node library, and feeds back a wake-up response instruction to the original path in the home network if the equipment node belongs to a controlled node library or a data acquisition node library;
the device node fault locating comprises:
broadcasting according to a preset time interval, if the equipment node does not feed back in the specified time, independently carrying out repeated connection request on the equipment node, if the preset time is exceeded, bringing the equipment node into a fault node, and broadcasting the fault information to each equipment node;
the emergency communication includes:
when a communication equipment node connected with the external network in the communication node library fails, a standby external network connection channel arranged in the control node library is started, and is broadcasted to other equipment nodes in the home network, and reconnection and networking are realized.
2. The intelligent home communication safety management and control method according to claim 1, wherein the equipment nodes in the data acquisition node library comprise an electric meter, a water meter, a temperature sensor, a humidity sensor, a brightness sensor, a pressure sensor, an image sensor, a smoke alarm and a gas leakage sensor;
the equipment nodes in the communication node library comprise telephones, fax machines, routers and radio frequency communication adapters;
the control node library comprises a computer, a mobile phone, an intelligent bracelet and a tablet computer;
the controlled nodes comprise a television, a washing machine, an air conditioner, a purifier, a refrigerator, a water heater, a sweeping robot and an intelligent curtain.
3. The intelligent home communication security management and control method according to claim 1, wherein the basic data includes device type, device brand, device model, device ID number, communication protocol supported by the device, and electrical and operational parameters of the device.
4. The intelligent home communication security management and control method according to claim 3, wherein the identification identifier is a Hash value obtained by using a Hash function after splicing the device ID number and the initial access time.
5. The intelligent home communication security control method according to claim 1, wherein an initial value Z is set for the reputation value0And setting a credit value threshold value Z, and performing credibility division on the equipment nodes by continuously communicating with each other and updating the credit value:
when the credit value is higher than the credit value threshold value Z, the equipment node is a normal node and can normally transmit or externally send information;
when the credit value is [ lambda Z, Z ], 0 & ltlambda & lt 1, the equipment node is a suspicious node, the equipment node can only be used as an intermediate node to transmit information to other nodes, the node can not be used as a source node to send information to the outside, and meanwhile, a sub-secret key of the equipment node cannot be selected when a sub-secret key reconstruction key is collected;
when the comprehensive credit value is [0, lambda Z ], and lambda is more than 0 and less than 1, the equipment node is a dangerous node, the equipment node is isolated from the network, punishment is carried out on the equipment node, punishment time is set, punishment times are recorded, and when the punishment times exceed a preset value, the equipment node is completely forbidden to access the network.
6. The intelligent home communication security management and control method according to claim 5, wherein the updating of the reputation value specifically comprises:
setting and reading corresponding total access duration T weight lambda1Number of messages N weight lambda2Average signal strength Sweight λ3Average size of packet H weight lambda4Behavior data F weight λ5;
Substitution into
Obtaining a pre-evaluation value ZS;
Re-substitution into
Obtaining real-time credit degree Z of equipment nodeRWherein Z isiA pre-evaluation value Z calculated for the node according to a preset time interval tS。
7. The smart home communication security management and control method according to claim 1, wherein generating a verification result based on the verification information comprises:
verifying the verification information to obtain a first verification result;
if the first verification result indicates that the verification is passed, the verification information is broadcasted to other equipment nodes in the home network;
receiving confirmation information sent by at least part of other equipment nodes in the home network;
and generating a verification result according to the number of the received confirmation information, wherein if the number of the received confirmation information exceeds a preset number, the verification result indicates that the verification is passed, and if the number of the received confirmation information does not exceed the preset number, the verification result indicates that the verification is not passed.
8. The utility model provides an intelligence house communication safety management and control which characterized in that includes:
equipment node module for constructing intelligent household network
The database module is used for classifying and establishing the database for each equipment node constructing the home network, and comprises the following components:
establishing a data acquisition node library, a communication node library, a control node library and a controlled node library;
the data acquisition, processing and updating module is used for matching and recording networking associated data of the equipment nodes recorded in each node library, and specifically comprises the following steps:
basic data, credit value, initial access time, identification identifier, last access network time, real-time access state, total access duration and behavior data;
the management and control module is used for managing and controlling the networking equipment nodes, and comprises equipment node adding, equipment node awakening, equipment node fault positioning and emergency communication:
the device node joining comprises:
receiving a connection request of a wireless access point sent by a node of equipment to be accessed;
sending the nearest equipment node address with a node access interface to the equipment node to be accessed;
receiving verification information sent by the equipment node to be accessed, and generating a verification result based on the verification information;
if the verification result indicates that the verification is passed, the node of the equipment to be accessed is granted the connection authority;
reading the identity identifier of the equipment node, inquiring each node library, reading the original data of the equipment node if the equipment node data exists, and updating the relevant data of the equipment node in real time, or reading the basic data of the equipment node, and establishing the equipment node record in the matched node library according to the contents of the basic data;
distributing the sub-keys to each equipment node by using a DH key exchange algorithm through the core equipment nodes in the control node library;
the device node waking up comprises:
the method comprises the steps that an equipment node receives a wake-up instruction, judges the attribute of the equipment node receiving the wake-up instruction, forwards the wake-up instruction to a communication node at the upper stage or a communication node at the lower stage in a home network if the equipment node belongs to a communication node library or a control node library, and feeds back a wake-up response instruction to the original path in the home network if the equipment node belongs to a controlled node library or a data acquisition node library;
the device node fault locating comprises:
broadcasting according to a preset time interval, if the equipment node does not feed back in the specified time, independently carrying out repeated connection request on the equipment node, if the preset time is exceeded, bringing the equipment node into a fault node, and broadcasting the fault information to each equipment node;
the emergency communication includes:
when a communication equipment node connected with the external network in the communication node library fails, a standby external network connection channel arranged in the control node library is started, and is broadcasted to other equipment nodes in the home network, and reconnection and networking are realized.
9. A terminal device, comprising:
one or more processors;
storage means for storing one or more programs;
when executed by the one or more processors, cause the one or more processors to implement the method of any one of claims 1-7.
10. A computer-readable storage medium, on which a computer program is stored which, when being executed by a processor, carries out the method according to any one of claims 1-7.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201911047588.5A CN110768842B (en) | 2019-10-30 | 2019-10-30 | Intelligent home communication safety management and control method, system and storage medium |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201911047588.5A CN110768842B (en) | 2019-10-30 | 2019-10-30 | Intelligent home communication safety management and control method, system and storage medium |
Publications (2)
Publication Number | Publication Date |
---|---|
CN110768842A true CN110768842A (en) | 2020-02-07 |
CN110768842B CN110768842B (en) | 2022-10-21 |
Family
ID=69334508
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201911047588.5A Active CN110768842B (en) | 2019-10-30 | 2019-10-30 | Intelligent home communication safety management and control method, system and storage medium |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110768842B (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111505957A (en) * | 2020-05-12 | 2020-08-07 | 深圳市汇智通咨询有限公司 | Automatic control system for optimizing regulating capacity |
CN112738783A (en) * | 2020-12-29 | 2021-04-30 | 锐迪科微电子科技(上海)有限公司 | Equipment networking method and device and electronic equipment |
CN113542265A (en) * | 2021-07-13 | 2021-10-22 | 深圳南方德尔汽车电子有限公司 | Local network security management, device, computer equipment and storage medium |
CN116099147A (en) * | 2023-03-09 | 2023-05-12 | 重新定义(杭州)科技发展有限公司 | Intelligent fire control management system |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20130173616A1 (en) * | 2011-07-08 | 2013-07-04 | Georgia Tech Research Corporation | Systems and methods for providing reputation management |
CN103596294A (en) * | 2013-11-25 | 2014-02-19 | 吉林大学 | Smart home wireless sensor network based on ZigBee |
CN106950847A (en) * | 2017-05-09 | 2017-07-14 | 青岛理工大学 | A kind of intelligent home control system based on ZigBee and cloud computing |
CN107104863A (en) * | 2017-05-26 | 2017-08-29 | 环球智达科技(北京)有限公司 | The control method of intelligent home device |
CN107395470A (en) * | 2017-07-18 | 2017-11-24 | 梧州井儿铺贸易有限公司 | A kind of smart home managing and control system |
CN108650655A (en) * | 2018-05-10 | 2018-10-12 | 西安理工大学 | A kind of routing protocol algorithm based on vehicle node detection and penalty mechanism |
CN109857769A (en) * | 2019-01-09 | 2019-06-07 | 平安科技(深圳)有限公司 | Drive slip control method, system, equipment and storage medium based on block chain |
-
2019
- 2019-10-30 CN CN201911047588.5A patent/CN110768842B/en active Active
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20130173616A1 (en) * | 2011-07-08 | 2013-07-04 | Georgia Tech Research Corporation | Systems and methods for providing reputation management |
CN103596294A (en) * | 2013-11-25 | 2014-02-19 | 吉林大学 | Smart home wireless sensor network based on ZigBee |
CN106950847A (en) * | 2017-05-09 | 2017-07-14 | 青岛理工大学 | A kind of intelligent home control system based on ZigBee and cloud computing |
CN107104863A (en) * | 2017-05-26 | 2017-08-29 | 环球智达科技(北京)有限公司 | The control method of intelligent home device |
CN107395470A (en) * | 2017-07-18 | 2017-11-24 | 梧州井儿铺贸易有限公司 | A kind of smart home managing and control system |
CN108650655A (en) * | 2018-05-10 | 2018-10-12 | 西安理工大学 | A kind of routing protocol algorithm based on vehicle node detection and penalty mechanism |
CN109857769A (en) * | 2019-01-09 | 2019-06-07 | 平安科技(深圳)有限公司 | Drive slip control method, system, equipment and storage medium based on block chain |
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111505957A (en) * | 2020-05-12 | 2020-08-07 | 深圳市汇智通咨询有限公司 | Automatic control system for optimizing regulating capacity |
CN111505957B (en) * | 2020-05-12 | 2020-11-20 | 深圳市汇智通咨询有限公司 | Automatic control system for optimizing regulating capacity |
CN112738783A (en) * | 2020-12-29 | 2021-04-30 | 锐迪科微电子科技(上海)有限公司 | Equipment networking method and device and electronic equipment |
CN112738783B (en) * | 2020-12-29 | 2023-09-15 | 锐迪科微电子科技(上海)有限公司 | Equipment networking method and device and electronic equipment |
CN113542265A (en) * | 2021-07-13 | 2021-10-22 | 深圳南方德尔汽车电子有限公司 | Local network security management, device, computer equipment and storage medium |
CN113542265B (en) * | 2021-07-13 | 2023-11-07 | 深圳南方德尔汽车电子有限公司 | Local network security management, device, computer equipment and storage medium |
CN116099147A (en) * | 2023-03-09 | 2023-05-12 | 重新定义(杭州)科技发展有限公司 | Intelligent fire control management system |
CN116099147B (en) * | 2023-03-09 | 2024-04-16 | 重新定义(杭州)科技发展有限公司 | Intelligent fire control management system |
Also Published As
Publication number | Publication date |
---|---|
CN110768842B (en) | 2022-10-21 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN110768842B (en) | Intelligent home communication safety management and control method, system and storage medium | |
US11665524B2 (en) | Apparatus and method for registering and associating internet of things (IoT) devices with anonymous IoT device accounts | |
US10178579B2 (en) | Internet of things (IoT) system and method for selecting a secondary communication channel | |
US10873634B2 (en) | Apparatus and method for temporarily loaning internet of things (IOT) devices | |
CN106301785B (en) | Method and system for binding intelligent household equipment and intelligent terminal | |
CN108475317A (en) | System and method for protecting Internet of Things (IoT) device preset | |
CN110554616B (en) | Intelligent home data chaining method and system of Internet of things on block chain | |
US10924920B2 (en) | System and method for internet of things (IoT) device validation | |
CN101741898A (en) | Monitoring method in video-type safety-protection system | |
CN110072236A (en) | Equipment connection method, equipment and system | |
JP2003309883A (en) | Control system and method | |
CN113630727B (en) | Intelligent household network distribution method, device and system, electronic equipment and storage medium | |
CN106453427A (en) | Smart home center control server | |
CN106535187A (en) | Smart home equipment access method and system based on wireless router terminal | |
CN109407530A (en) | A kind of smart home system based on block chain | |
CN105429960A (en) | Method and device for intelligent household terminal authentication | |
CN106453329A (en) | Wireless encryption smart home remote monitoring method and system | |
CN108234257A (en) | Matching method, home appliance and the mobile terminal of home appliance | |
CN106657048A (en) | Improved smart home center control server | |
CN206656471U (en) | Air-conditioning and the monitoring system based on air-conditioning | |
CN106936841B (en) | Safety protecting method and system in smart home | |
CN113542242A (en) | Device management method and device management apparatus | |
Desamsetti | Internet of Things (IoT) Technology for Use as Part of the Development of Smart Home Systems | |
WO2018233044A1 (en) | Filter gateway based internet of things data filtering method and system | |
CN211429438U (en) | Gateway, application equipment and intelligent system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
TA01 | Transfer of patent application right | ||
TA01 | Transfer of patent application right |
Effective date of registration: 20220926 Address after: Room 209, Entrepreneurship Incubation Base, Hi-tech College, Xi'an University of Science and Technology, No. 39, Middle Section of Ziwu Avenue, Chang'an District, Xi'an, Shaanxi Province, 710100 Applicant after: Xi'an Dashu Network Technology Co.,Ltd. Address before: Room 703, Building 19, Zhenhuiyuan Community, Binhu Century City, Ziyun Road, Baohe District, Hefei City, Anhui Province, 230000 Applicant before: Wu Xinsheng |
|
GR01 | Patent grant | ||
GR01 | Patent grant |